sudo: must be setuid root

I bought a TonidoPlug, which is a wall-wart with an embedded Linux server (running Ubuntu 9.04 Jaunty).  Out of the box, sudo gave the error:

sudo: must be setuid root

This message means exactly what it says -- the sudo command is not setuid and it must be setuid (and owned by root).

chown root:root /usr/bin/sudo
chmod u+s /usr/bin/sudo

will correct the 'problem.' (I put quotes around 'problem' because there are some who will say that this is a security feature.)

sudo: gem: command not found

There are hundreds of reports on the net about "sudo: gem: command not found".  Out of the dozen or so I looked at, the suggested resolution amounted to "ensure that ‘gem’ is in your PATH."



Yep.  It is in my path.  That is to say, the following works: ­


gem –help
but the following fails:


sudo gem –help

Further confusing matters, gem is in the path shown by:


sudo echo $PATH

The trick is that sudo doesn’t use $PATH for its path on some editions of Linux.  This behavior is considered "more secure."  (See http://stackoverflow.com/questions/257616/sudo-changes-path-why ).



Bah!  It is still a pain to work around.  You have to get ‘gem’ into the path (not simply the $PATH!)  You’ll read about options you can pass to sudo, and that is fine and dandy when you type the command-line yourself.  When someone’s script invokes sudo for you, you’re stuck with the command line that it uses.



The hack, reproduced from the stackoverflow article:


­ 

mv /usr/bin/sudo /usr/bin/sudo.orig
cat > /usr/bin/sudo <<EOF
#!/bin/bash
/usr/bin/sudo.orig env PATH=$PATH "$@"
EOF

­ then your regular sudo works just like the non secure-path sudo.

Bort and Suspenders

Here is a side-by-side of Bort and Suspenders.  Both are Rails starter applications.

September 10, 2009

Opinion  Bort  Suspenders­
 pagination  mislav-will_paginate mislav-will_paginate
 non-HTML mark-up
RedCloth 4
 mocking
 mocha­
 unit test  rspec, rspec_rails  shoulda
 unit test "noise suppression"
 quietbacktrace
 Error notification  exception notifier  hoptoad_notifier
 forms handler Fudge Form  formtastic
 file attachment attachment fu OR Paperclip  paperclip


 helper_test
 fixtures­
 factory_girl
 deployment  capistrano  ­capistrano
 web server
 mongrel cluster
 VCS
 git
 time mocking
 Timecop
 login  Restful Authentication (includes OpenID)  Clearance
integration testing

 Cucumber
 Browser simulator
 Webrat
 Extra rake tasks bort:install (installs optional add-ons)  Limerick Rake
 Javascript smoosher  asset packager OR bundle fu*
 roles  Role Requirement *

tagging acts_as_taggable_on_steroids *
alternative to RHTML HAML *

Note that in the above table, more opinions is neither good nor bad -- unless they match/don't-match your opinions.

* = optional via "rake bort:install"

For myself, I like the Thoughtbot (Suspenders) stack with the following exceptions:

  • git - I'm using Subversion for other projects.  This is easy enough to address.  After I pull suspenders, I'll just "rm -rf .git".
  • mongrel cluster - I'm not ready to make this commitment at the beginning of the project.  Easy enough to ignore for now, because "script/server" still works.
  • Redcloth - I don't need an alternative mark-up syntax, so I'll have to rm the gem.
  • shoulda - I'm using rspec, so I'll have to rm this gem and install rspec and rspec-rails.

Bundling in Cucumber, Webrat, and Clearance is nice.  They fit well together.



So here’s my current rails project start-up:


  • cd ~/dev
  • git clone git://github.com/thoughtbot/suspenders.git
  • cd suspenders
  • ./script/create_project projectname
  • At this point, I get an error  "config.gem: Unpacked gem thoughtbot-clearance-0.8.2 in vendor/gems has no specification file. Run 'rake gems:refresh_specs' to fix this."
    • Running refresh_specs all day isn't going to help, because the .gemspec file isn't there on github (with the Clearance that is part of Suspenders -- it IS there on the "real" Clearance).
  • cd ../projectname/vendor/gems
  • rm -rf thoughtbot-clearance-0.8.2
  • git clone git://github.com/thoughtbot/clearance.git thoughtbot-clearance-0.8.2
  • cd ~/dev/projectname
  • rake gems:refresh_specs
  • Comment-out the Redcloth entry in config/environment.rb
  • Comment-out the shoulda entry in config/environments/test.rb
  • Install rspec and rspec-rails:
    • ruby script/plugin install git://github.com/dchelimsky/rspec.git -r 'refs/tags/1.2.7'
    • ruby script/plugin install git://github.com/dchelimsky/rspec-rails.git -r 'refs/tags/1.2.7.1'
    • ruby script/generate rspec

So I created the attached shell script to automate this. ­

UPDATE (9/16/2009): I’ve abandoned this approach.  Too often I work from inside a restrictive firewall, and the gyrations necessary to pull-in all of the pieces are simply too idiosyncratic to automate reliably.

Anonymous modules have no name to be referenced by

If you get 

Anonymous modules have no name to be referenced by

when you’re using a Rails template, it can be caused by referencing an undefined variable.  You can pretend that message means that the [nothing.] in [nothing.]VARIABLE_NAME is an anonymous module.

Subversion - Import a Directory While Ignoring Some of Its Content

I wanted to add a project to Subversion, but I wanted to ignore some of the directories in the project directory.  The standard way to do this would be to add the whole project directory and then set the svn:ignore property to ignore the directories, and then delete them from the repository.  But that adds the directories to svn, and delete doesn’t really delete, so I wanted better.

First, my assumptions:
  • Your repository URL is file:///tmp/foo-repo
  • Your project directory is project1.
  • Your current working directory is project1.
Here's how:
  • svn mkdir -m "Adding just the project1 directory."   file:///tmp/foo-repo/project1
  • svn co file:///tmp/foo-repo/project1 .
    • Don't miss that trailing period!
  • Here you have two choices.  
    • If you want to ignore the directories completely:
      • Add the directory names to "svnignores.txt"
      • svn propset svn:ignore -F svnignores.txt .
    • If you want to ignore the CONTENT of the directories (i.e. to check-in the directories and keep the directory empty in the repository):
      • svn propset svn:ignore '*' directoryName1
      • svn propset svn:ignore '*' directoryName2
  • svn add *
  • svn commit -m "Adding the contents of the project1 directory."

can't activate , already activated nokogiri-1.3.3

I was getting "can’t activate , already activated nokogiri-1.3.3" for some environments, but not others.  In particular, I got it when I ran:


rake environment RAILS_ENV=test db:migrate


I’m using Suspenders, and config/test.rb and config/cucumber.rb specify version 1.3.2.  Solution: Remove the version specification from these files.



Webrat (Cucumber) Can't Find the Field to Fill-in

Webrat is a lovely testing tool, particularly when used with Cucumber.  But every time I put it aside for a few weeks, when I come back to it, I forget about this…


And I fill in "name" with "John Doe"   
Could not find field: "name" (Webrat::NotFoundError)



but when I go to the .html.erb file, I see the field, plainly defined:


<%= f.text_field :name %>



So why doesn’t webrat find the field?  Because the field is NOT named "name".  It is named "user_name".  This is because it is wrapped inside


<% form_for :user, :url => users_path do |f| -%>



Because of the form_for, all field names get prefixed with the form name.


­

Google Desktop Redirecting Firefox

I had a strange problem with Firefox 3.5.2 and Google Desktop.  Searching GDS via double-control, would send Firefox to an URL resembling:

http://127.0.0.1:4664/search?s=1234567894&q=searchterm&aq=t

which would redirect to my external IP address, and then fail (because I’m not running a web server).

When I switched from Firefox as my default browser to Internet Explorer, double-control search worked.  Furthermore, Firefox would work (i.e. not redirect) if I pasted

http://localhost:4664/search?s=1234567894&q=searchterm&aq=t

into the address bar manually.

I tried disabling add-ons, turning off my proxy.pac file, and starting in safe mode.  No joy.  However, clearing the cache did fix the problem.

Quicken and QIF Files

From time to time you may read that Intuit needlessly dropped QIF import from Quicken.  Intuit has stated that QIF was dropped because it wasn’t robust enough.  I won’t speak to the strengths or weaknesses of QIF as a format, but I can tell you that Quicken 2006’s support for QIF is lame.

Others have documented that, despite Quicken’s claims to the contrary, you can import QIF files, so long as they have a "!Account" header added.  This is true – to a limited extent.

I’ve got a Quicken file with over 22,000 transactions in it.  Pretty much my entire financial history for about 30 years.  (At one point, I went back and entered data from before Quicken existed.  I had waaay too much time on my hands.)  Because I had reason to suspect that there was some corruption in the data file that super-validating wasn’t fixing, I decided to "clean up" my data by exporting the entire file to QIF, creating a new Quicken data file, and importing the QIF back in.

After exporting, I checked the QIF file, and it looked good.  After importing the first time, the results were terrible.  One of the problems I had was incomplete import of split transactions, and another was that import had somehow renamed all my utility bills to "My Bank Home Mortgage".  So I created a new file, and turned off transaction renaming, and I imported my accounts with many "split" transactions first.

This worked better, for some small value of better.  Instead of being off by a million dollars over 30 years, I was off by only $100,000. 

I spent some time comparing the before-export and the after-import files, and comparing them to the QIF file.  When the QIF file has a transaction with many split items, and some of the later splits are transfers to other accounts, they aren’t imported.

Ouch!

©2024 Kevin P. Kleinfelter.