password-free ubuntu login with facebrowser

If you trust everyone who has physical access to a pc (if not then you are encrypting your files, right?) then there seems little point in having to type a password just because more than one user uses the pc.

So here's how to log in from the gdm "face browser" with a single click.
Instructions tested with Ubuntu 8.04 Hardy Heron and 8.10 Intrepid Ibex.


as root, create a new file containing the usernames of all the users you want be able to log in through gdm without entering a password:

sudo -i
echo 'username' >> /etc/gdm/nopassusers

now still as root modify the pam settings for gdm to check this file and allow this user in based on being in the list:
vi  /etc/pam.d/gdm

vi /etc/pam.d/gdm

and modify to contain the new listfile item

#%PAM-1.0
auth requisite pam_nologin.so
auth required pam_env.so readenv=1
auth required pam_env.so readenv=1 envfile=/etc/default/locale
auth sufficient pam_listfile.so item=user sense=allow file=/etc/gdm/nopassusers onerr=fail #add this line
@include common-auth
auth optional pam_gnome_keyring.so
@include common-account
session required pam_limits.so
@include common-session
session optional pam_gnome_keyring.so auto_start
@include common-password

now simply restart gdm (or the whole machine) and try your new one-click login

/etc/init.d/gdm restart



Notes:
This means the keyring isn't unlocked, so you may have to type in your password anyway before your wireless connects.


references:
http://mirror.hamakor.org.il/archives/linux-il/05-2004/10149.html
http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/sag-pam_listfile.html

error "Not a valid object name" filtering an ex-svn git repo with renames

Under git version 1.5.4.3, which as of writing is the current in ubuntu 8.04 hardy heron, trying to split out a folder from a git repo where the repo was an import from subversion (svn), and the folder was renamed in the past causes a failure as show below:

#!/bin/bash -v
rm -rf test-case
mkdir test-case
cd test-case/
svnadmin create svnrepo
export repo="`pwd`/svnrepo"
mkdir -p import/a
echo '1' >> import/a/file.txt
svn import -m 'initial import' import file://$repo/trunk/
svn co file://$repo/trunk/ checkout
echo '2' >> checkout/a/file.txt
svn ci -m "file modified" checkout
svn mv -m "moving file" file://$repo/trunk/a file://$repo/trunk/b
svn up checkout
echo '3' >> checkout/b/file.txt
svn ci -m "modified again" checkout
svn log -v checkout
mkdir -p gitcopy/a
git svn clone file://$repo/trunk/ gitcopy/a
cd gitcopy/a
git filter-branch --subdirectory-filter a #fails [1]
cd ../../
mkdir gitcopy/b
git svn clone file://$repo/trunk/ gitcopy/b
cd gitcopy/b
git filter-branch --subdirectory-filter b

The marked line above fails with the following error:
[1] Rewrite bcfe73ef303832b6112a2419dc1da5f782672c14 (3/3)fatal: Not a valid object name bcfe73ef303832b6112a2419dc1da5f782672c14:a

This has been fixed in the latest build of git: version 1.6.0.1.294.gda06a and no longer fails.

The "fatal: Not a git repository" error message that filter branch produces doesn't seem to matter.

reseting home folder permissions in ubuntu linux

If you are like me and my coworkers, you often end up running stuff as root in your home folder and end up not able to access your own files.

For the record, here's the commands to reset the permissions (leaving all execute flags off, which may not be what you want).

Warning, this could have undesired side effects. If you have executable files in your home folder that you actually want to be executable, you will have to manually mark them as executable again.

# Become root (as you don't currently have permissions to modify your own files)
sudo -i

# Reset ownership & group to yourself
chown -R tim:tim /home/tim

# give yourself the default read-write permissions, set group and other to read only
chmod -R 644 /home/tim

# re-apply excecute permissions on all the directories
find /home/tim -type d -print0 | xargs -0 -II chmod 755 'I'

# Don't leave your private keys showing:
chmod -R 700 /home/tim/.ssh

My latest use for this was after extracting files from my p910i with p3nfs, which as with so many desktop/device tasks needed root to work.

You could do this slightly more neatly if you know what permissions you have ended up with by using chmod u+w etc so you don't have to re-apply directory permissions, but I wanted to easily guarantee permissions are right regardless of what state they have ended up in.

It occurs to me it might be sensible to set the sticky bit on the home folders so that anything added by root stays owned by the user. (chmod u+s g+s /home/tim)

Don't trust audible.com, it's drm infected and they don't tell you

If there's one thing I hate (there isn't, there's lots, but this is today's) it's companies being economical with the truth to get you to part with your money, only to have you disappointed when you find out the whole truth.

I just bought an audio book on audible.co.uk. And now I can't even listen to it. I thought I was buying an mp3, or maybe even an ogg file. It is only on actually attempting to download the thing I have just paid for that I discover to my utter disgust that all the download links are for some kind of evil drm type program (I presume here, but there sure as hell was no mp3 in sight).



As you can see from the screenshot above, they clearly imply an mp3 download. I haven't seen such a clear use of weasel sales words for some time.

Next time I'll read the god damn small print, but I still think this is totally out of order not warning that they are providing crippled versions of what you think you are buying.

Thank fsm for people like the FSF. Their logo really sums up how I feel about being treated in this way.

Protect your freedom!

---

Update: credit where due. 24th July 2008.
My complaint about the website still stands, and my aversion to drm has not diminished, however the responses I have received from their customer service (by email), have been prompt, courteous and have totally resolved my outstanding problem. I have been given a full refund. I've been especially impressed given the hot blooded content of my initial contact. A lot of companies could learn lessons in good customer relations from these people.

work at emapsite

The company I work for, emapsite is hiring a developer.
Interviews are starting so you'll have to be quick.

More details available on their news item.

New wiki, mostly for car pc

I've created a wiki at wikispaces.com, to document things that are less transient than a blog entry.

Take a look at http://timwise.wikispaces.com/

I've started adding information about the car pc, and won't make any promises about what else I'll be adding (personal motto: under promise, over deliver).

I've made it open to all editors, and licensed under the GNU Free documentation licence to ensure the maximum value, reach and participation.

Nightly Shutdown, a new product from Proven Works

Congratulations to Joel Mansford, a good friend of mine, and his company Proven Works on getting the first release of Nightly Shutdown out of the door.

This looks to be a great product and hopefully will make system administrators' lives easier and greener. It's a utility for ensuring that the computers are off when you want them to be, and can be deployed through active directory making the sys admin's life easier. There's a 10 PC free trial available, so check it out at the download page.

Without even looking I know this will be a good product and fantastically well supported. Best of luck to all at Proven Works, and to all the potential users and buyers out there, don't forget to check it out and provide any feedback you can.