This is me, Wu!
November 2015
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30          
This site is an effort to share some of the base knowledge I have gathered through all this years working with Linux, FreeBSD, OpenBSD, Python or Zope, among others. So, take a look around and I hope you will find the contents useful.
Recent Entries
Recent Comments
Recent Trackbacks
OpenBSD (8 items)
BSD (0 items)
FreeBSD (19 items)
Linux (3 items)
Security (3 items)
Python (19 items)
Zope (13 items)
Daily (140 items)
e-shell (9 items)
Hacks (14 items)
PostgreSQL (3 items)
OSX (8 items)
Nintendo DS (0 items)
enlightenment (0 items)
Apache (3 items)
Nintendo Wii (1 items)
Django (24 items)
Music (12 items)
Plone (7 items)
Varnish (0 items)
Lugo (2 items)
Sendmail (0 items)
europython (7 items)
Cherokee (1 items)
self (1 items)
Nature (1 items)
Hiking (0 items)
uwsgi (0 items)
nginx (0 items)
cycling (2 items)
Networking (1 items)
DNS (0 items)

Syndicate this site (XML)

RSS/RDF 0.91

29 octubre

File locking in python

... or how to prevent (periodic) processes overlap

So, let's keep up with the practical techie posts.

If you do software development, almost any kind of it, at one point you will find this scenario where you are running some code in a process in a cron job (or any kind of periodic scheduler). Now, the crontab entry sets that this process has to be run, for example, each 5 minutes. One day 5 minutes is not enough for that process (that usually takes less than a minute) to finish... and there it goes the next call to run that code.

"What could go wrong?" (TM)

Well, depending on the code, maybe nothing happens, maybe an ugly mess will turn a nice day into a nightmare or maybe you will get a call in the middle of the night urging you to fix it ASAP.

Continue reading "File locking in python"
Posted by wu at 09:35 | Comments (1) | Trackbacks (0)
26 octubre

Django, SQLite, GLOB, CAST and sorting

... or how to sort (properly) by a char field containing number values

Some days ago I found an interesting dilemma while working on a django based application. The application has a model similar to this one:

class Customer(models.Model):
    code = models.CharField(_('Customer code'), max_length=10)
    joined = models.DateField(_('Joined date'), auto_now_add=True)
    first_name = models.CharField(_('First name'), max_length=255)
    last_name = models.CharField(_('First name'), max_length=255)
    email = models.EmailField(_('Email address'))


That code attribute is a CharField where alphanumeric customer codes are stored. Those codes are mostly numbers (1,2,3...N) but then there are also codes like 2a, 3-groupB, etc.

At one point, it became useful to sort such users based on that code. If that would be an IntegerField, it would be as easy as using order_by:

from .models import Customer
customers = Customer.objects.all().order_by('code')

Or, if you want the results sorted in descending order:

customers = Customer.objects.all().order_by('-code')

But then, this was not an IntegerField, but a CharField, which means that using order_by would return something like:


And so on. Not exactly what was needed.

The following is the write-up covering the little adventure that was the work to fix it.

Continue reading "Django, SQLite, GLOB, CAST and sorting"
Posted by wu at 10:07 | Comments (2) | Trackbacks (0)
18 septiembre


sometimes it is really hard to handle; really, really hard

Anxiety, you probably know the feeling too.

That moment when you suddently stop, trying to realize about all the things that are happening around you, but you can't. ETOOMUCH info, too many TODOs and everything spinning so damned fast.

Control?. You loose it already, you can't decide, you can't think clearly. Always rushing, doing things you don't want to do, things you swear in the past you would not do ever, things you don't like.

Then your mind starts playing tricks with you. It is like if it teletransports you to a different reality, a reality where you picture yourself doing exactly what you really want, desire, to do.

And then it is like hitting a wall, when you find yourself again in your world, no chance to be in that other world, too many things to do, too much running here and there, ending in a sensation that you are loosing your time, like if you had done nothing for the last N months|weeks|days|hours.

But you did, of course you did. Hundreds of thousands of things. But there is your mind again, playing with you, tricking you into thinking all those do not matter a s***, because there is only a very narrow list of things that are, or should be, important.

That's exactly the point where you start to become anxious, the point where you have to be strong-willed, you have to keep cool... dammit, travelling again...

Posted by wu at 08:45 | Comments (2) | Trackbacks (0)
23 agosto

My personal review of the Kona Jake 2014

... short story: I love it!

So, now that I've officially announced my new bicycle, which I've been riding for almost a year now, it is time already to give a more detailed review of it.

The specs for the 2014 model of the Kona Jake can be found here:

I'm not an expert, in fact I'm pretty clueless about techie stuff regarding bicycles, so take your time going through them and getting your own conclusions.

My Jake's size is 53cm. I can't tell you exactly the measures/distances of the seat post, reach, etc (I didn't measure them, I just tried until I got to something that fits me and feels comfortable). What I can do is show you a pic of what the bike looks like now:

Me and the Jake, so you can get an idea of the height/distances

Continue reading "My personal review of the Kona Jake 2014"
Posted by wu at 13:12 | Comments (0) | Trackbacks (0)
15 agosto

Got a new bike (II)

Well, actually I got it one year ago O:)

My new Kona Jake 2014

What can I say? I guess the cycling bug bit me already and now there is nothing we can do to stop it.

Since I got the Giant Argento two years ago, I started to go on slightly longer rides. That bike felt (and still feels) great, it was a good choice back then but, at one point, I started to feel like if I'd need something more road oriented. The Argento is a really nice bike for moving around town and for some relaxing offroad rides (specially when we talk about mud/sand/dirt slippery paths) but as soon as you try to go on a road for more than 20-30 kms, and specially if you want to go a bit faster, it is not the best choice.

And so my search for a new bike began.

Continue reading "Got a new bike (II)"
Posted by wu at 11:08 | Comments (0) | Trackbacks (0)
08 agosto

Unexpected https connections coming out of my laptop

or why you have to be careful with default setups

Today, while debugging some local network connections with netstat in my laptop (running OSX 10.8.5) I noticed a very weird thing:

tcp4       0      0     ESTABLISHED

"A connection to https somewhere, while all I'm doing is debug some local stuff in a shell and edit some files in emacs?" - I thought. Something smell badly.

I did a whois on the ip address:


And I saw there to whom the address belong:

OrgName:        Apple Inc.
OrgId:          APPLEC-1-Z
Address:        20400 Stevens Creek Blvd., City Center Bldg 3
City:           Cupertino
StateProv:      CA
PostalCode:     95014
Country:        US
RegDate:        2009-12-14
Updated:        2011-03-08

"Ok, this has to be one of those services running by default on the background by OSx then, let's find out which one" - I told myself.

At first thought I decided to use netstat itself to find out which process was sending such a long-term request (the connection did stay open for quite some time). Too bad OSX's netstat does not have a -p flag to show the processes (or at least not in this OSx version). OSx's fuser cannot be used for that purpose neither, and it does not have FreeBSD's sockstat or fstat tools.

It has lsof though, which is good enough for the job:

sudo lsof -n -i 4 -a|grep 56227

There it was:

apsd        317           root   10u  IPv4 0xf041bb92eb553d51      0t0  TCP> (ESTABLISHED)

"apsd? wtf is apsd?" - Question popped in my mind, and all of a sudden the name become familiar - "I'd say we have met before... let's look at the man page":

APSD(8)                   BSD System Manager's Manual                  APSD(8)

     apsd -- Apple Push Notification service daemon


     apsd ApplePushService daemon for Apple Push Notification service.  This
     is part of the ApplePushService framework.

     There are no configuration options to apsd.  Users should not run apsd

Mac OS X                         Feb 10, 2009                         Mac OS X

HA!, I loved this part: "Users should not run apsd manually", which we could translate into "Hey you!, do not mess with this stuff that could be sending some data back to us here!".

The man page did not return too much info, but a bit of searching through the Internet for Apple Push Notification service daemon returned a couple of helpful links:

Good enough for me (specially the second one). A quick read through the documentation told me that this probably is used by Apple to send me upgrade notifications and things like that, which I don't care about, specially when I'm working from a remote location, connected through my mobile phone and a limited bandwidth line.

So, I did shut it down:

sudo launchctl unload -w /System/Library/LaunchDaemons/

(turn it back on is easy, just replace unload with load there).

Finally, I added this alias to my ~./profile, so I could list processes listening on tcp4 ports quickly:

alias tcp4_procs='sudo lsof -n -i 4 -a'

(sudo is needed in order to see process my user does not own).

Posted by wu at 08:23 | Comments (0) | Trackbacks (0)
14 julio

Juniper NetworkConnect for OSx

nice to know if you need to quickly connect to a Juniper VPN

Some days ago I got this support request from a customer, asking me if I could take a look at some servers in trouble (someone got in and they wanted to see if any backdoor was left behind, even if they already cleaned the server).

"Sure" - I replied - "just gimme access over SSH and I'll take a look"

All I got instead was an email with an https address, user, password and the words it is a Juniper VPN.

"Ok" - I thought - "let's get a client to connect to that vpn"

It wasn't that easy though. I went to Juniper's downloads website, but in order to download anything, it seemed that first I should know which kind of Juniper product they had installed there.

Reading a bit more, it seems those VPNs over https work directly from the browser. You only had to open that url and identify yourself, and a plugin should run some kind of Java application and open the connection to the VPN.

Well, that did not work for me. For some reason it kept telling me I had a missing plugin and when trying to find out which plugin that was, it was sending me to the Java download page (even if I've Java installed already).

This being a momentary access to a server I won't be accesing anymore, the least thing I wanted was to start installing stuff on my laptop "a lo loco". So I was in kind of a dead end, and I could not connect to the server.

Searching a bit further down Internet Lane, I found this post here: Manually download the Juniper VPN client for mac, which probed to be quite useful.

It seems you can get the proper version of NetworkConnect for OSx directly from the VPN service itself. All you have to do is open the VPN url in your browser, log in, and then access this url:


For example, if the address of the VPN is https://my-juniper-vpn, it should be something like:


Download that and proceed with the install. After opening it for the first time, you will have to provide the https url for the vpn, then the login credentials. Done.

Finally I had access to the server and I was able to confirm there were some backdoors in there, time for some clean up!

Also, a ver interesting link for the time you are done with the Juniper VPN, if you don't need it anymore, how to uninstall/remove it completely:

Posted by wu at 06:26 | Comments (1) | Trackbacks (0)