File locking in python
... or how to prevent (periodic) processes overlap
So, let's keep up with the practical techie posts.
If you do software development, almost any kind of it, at one point you will
find this scenario where you are running some code in a process in a cron
job (or any kind of periodic scheduler). Now, the crontab entry sets that this
process has to be run, for example, each 5 minutes. One day 5 minutes is not
enough for that process (that usually takes less than a minute) to finish... and
there it goes the next call to run that code.
"What could go wrong?" (TM)
Well, depending on the code, maybe nothing happens, maybe an ugly mess will turn
a nice day into a nightmare or maybe you will get a call in the middle of the
night urging you to fix it ASAP.
Continue reading "File locking in python"
Django, SQLite, GLOB, CAST and sorting
... or how to sort (properly) by a char field containing number values
Some days ago I found an interesting dilemma while working on a django based
application. The application has a model similar to this one:
code = models.CharField(_('Customer code'), max_length=10)
joined = models.DateField(_('Joined date'), auto_now_add=True)
first_name = models.CharField(_('First name'), max_length=255)
last_name = models.CharField(_('First name'), max_length=255)
email = models.EmailField(_('Email address'))
That code attribute is a CharField where alphanumeric customer codes are
stored. Those codes are mostly numbers (1,2,3...N) but then there are also
codes like 2a, 3-groupB, etc.
At one point, it became useful to sort such users based on that code. If that
would be an IntegerField, it would be as easy as using order_by:
from .models import Customer
customers = Customer.objects.all().order_by('code')
Or, if you want the results sorted in descending order:
customers = Customer.objects.all().order_by('-code')
But then, this was not an IntegerField, but a CharField, which means that
using order_by would return something like:
And so on. Not exactly what was needed.
The following is the write-up covering the little adventure that was the work to
Continue reading "Django, SQLite, GLOB, CAST and sorting"
sometimes it is really hard to handle; really, really hard
Anxiety, you probably know the feeling too.
That moment when you suddently stop, trying to realize about all the things
that are happening around you, but you can't. ETOOMUCH info, too many TODOs
and everything spinning so damned fast.
Control?. You loose it already, you can't decide, you can't think clearly. Always rushing, doing things you don't want to do, things you swear in the past you would not do ever, things you don't like.
Then your mind starts playing tricks with you. It is like if it teletransports
you to a different reality, a reality where you picture yourself doing exactly
what you really want, desire, to do.
And then it is like hitting a wall, when you find yourself again in your world,
no chance to be in that other world, too many things to do, too much running
here and there, ending in a sensation that you are loosing your time, like if
you had done nothing for the last N months|weeks|days|hours.
But you did, of course you did. Hundreds of thousands of things. But there is
your mind again, playing with you, tricking you into thinking all those do not
matter a s***, because there is only a very narrow list of things that are,
or should be, important.
That's exactly the point where you start to become anxious, the point where
you have to be strong-willed, you have to keep cool... dammit, travelling
My personal review of the Kona Jake 2014
... short story: I love it!
So, now that I've officially announced my new bicycle, which I've been riding
for almost a year now, it is time already to give a more detailed review of it.
The specs for the 2014 model of the Kona Jake can be found here:
I'm not an expert, in fact I'm pretty clueless about techie stuff regarding
bicycles, so take your time going through them and getting your own
My Jake's size is 53cm. I can't tell you exactly the measures/distances
of the seat post, reach, etc (I didn't measure them, I just tried until I
got to something that fits me and feels comfortable). What I can do is show
you a pic of what the bike looks like now:
Continue reading "My personal review of the Kona Jake 2014"
Got a new bike (II)
Well, actually I got it one year ago O:)
What can I say? I guess the cycling bug bit me already and now there is
nothing we can do to stop it.
Since I got the Giant Argento two years ago, I started to go on slightly
longer rides. That bike felt (and still feels) great, it was a good choice
back then but, at one point, I started to feel like if I'd need something
more road oriented. The Argento is a really nice bike for moving around
town and for some relaxing offroad rides (specially when we talk about
mud/sand/dirt slippery paths) but as soon as you try to go on a road for
more than 20-30 kms, and specially if you want to go a bit faster, it is
not the best choice.
And so my search for a new bike began.
Continue reading "Got a new bike (II)"
Unexpected https connections coming out of my laptop
or why you have to be careful with default setups
Today, while debugging some local network connections with netstat in my laptop
(running OSX 10.8.5) I noticed a very weird thing:
tcp4 0 0 192.168.43.201.56227 184.108.40.206.443 ESTABLISHED
"A connection to https somewhere, while all I'm doing is debug some local stuff
in a shell and edit some files in emacs?" - I thought. Something smell badly.
I did a whois on the ip address:
And I saw there to whom the address belong:
OrgName: Apple Inc.
Address: 20400 Stevens Creek Blvd., City Center Bldg 3
"Ok, this has to be one of those services running by default on the background
by OSx then, let's find out which one" - I told myself.
At first thought I decided to use netstat itself to find out which process
was sending such a long-term request (the connection did stay open for quite
some time). Too bad OSX's netstat does not have a -p flag to show the
processes (or at least not in this OSx version). OSx's fuser cannot be used
for that purpose neither, and it does not have FreeBSD's sockstat or
It has lsof though, which is good enough for the job:
sudo lsof -n -i 4 -a|grep 56227
There it was:
apsd 317 root 10u IPv4 0xf041bb92eb553d51 0t0 TCP 192.168.43.201:56227->220.127.116.11:https (ESTABLISHED)
"apsd? wtf is apsd?" - Question popped in my mind, and all of a sudden the
name become familiar - "I'd say we have met before... let's look at the man
APSD(8) BSD System Manager's Manual APSD(8)
apsd -- Apple Push Notification service daemon
apsd ApplePushService daemon for Apple Push Notification service. This
is part of the ApplePushService framework.
There are no configuration options to apsd. Users should not run apsd
Mac OS X Feb 10, 2009 Mac OS X
HA!, I loved this part: "Users should not run apsd manually", which we
could translate into "Hey you!, do not mess with this stuff that could be
sending some data back to us here!".
The man page did not return too much info, but a bit of searching through the
Internet for Apple Push Notification service daemon returned a couple of
Good enough for me (specially the second one). A quick read through the
documentation told me that this probably is used by Apple to send me upgrade
notifications and things like that, which I don't care about, specially when
I'm working from a remote location, connected through my mobile phone and a
limited bandwidth line.
So, I did shut it down:
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.apsd.plist
(turn it back on is easy, just replace unload with load there).
Finally, I added this alias to my ~./profile, so I could list processes
listening on tcp4 ports quickly:
alias tcp4_procs='sudo lsof -n -i 4 -a'
(sudo is needed in order to see process my user does not own).
Juniper NetworkConnect for OSx
nice to know if you need to quickly connect to a Juniper VPN
Some days ago I got this support request from a customer, asking me if I could take a look at some servers in trouble (someone got in and they wanted to see if any backdoor was left behind, even if they already cleaned the server).
"Sure" - I replied - "just gimme access over SSH and I'll take a look"
All I got instead was an email with an https address, user, password and the words it is a Juniper VPN.
"Ok" - I thought - "let's get a client to connect to that vpn"
It wasn't that easy though. I went to Juniper's downloads website, but in order to download anything, it seemed that first I should know which kind of Juniper product they had installed there.
Reading a bit more, it seems those VPNs over https work directly from the browser. You only had to open that url and identify yourself, and a plugin should run some kind of Java application and open the connection to the VPN.
Well, that did not work for me. For some reason it kept telling me I had a missing plugin and when trying to find out which plugin that was, it was sending me to the Java download page (even if I've Java installed already).
This being a momentary access to a server I won't be accesing anymore, the least thing I wanted was to start installing stuff on my laptop "a lo loco". So I was in kind of a dead end, and I could not connect to the server.
Searching a bit further down Internet Lane, I found this post here: Manually download the Juniper VPN client for mac, which probed to be quite useful.
It seems you can get the proper version of NetworkConnect for OSx directly from the VPN service itself. All you have to do is open the VPN url in your browser, log in, and then access this url:
For example, if the address of the VPN is https://my-juniper-vpn, it should be something like:
Download that and proceed with the install. After opening it for the first time, you will have to provide the https url for the vpn, then the login credentials. Done.
Finally I had access to the server and I was able to confirm there were some backdoors in there, time for some clean up!
Also, a ver interesting link for the time you are done with the Juniper VPN, if you don't need it anymore, how to uninstall/remove it completely: