virt-manager on MacOS

Virt-Manager is a graphical user interface for libvirt, a popular toolset for managing virtual machines provided by KVM. Unfortunately, it does not work well on MacOS. The MacOS port did not work for me, as I was not able to connect to the socket on the remote host even after changing adding the socket=/var/run/libvirt/libvirt-sock parameter. The same holds for its command-line pendant virsh. So the idea to let it natively run on Linux inside a Vagrant VM came up. Running Virt-Manager in Vagrant On that path, I had to overcome the following two challenges: to run a window manager inside...…

Heat ASGs with Floating IP per Instance

OpenStack Heat is the orchestration project of OpenStack, which allows to describe and provision OpenStack resources based on Heat templates, similar to Amazon CloudFormation. For a research project, I recently had the requirement to assign a floating IP address to every instance of a Heat autoscaling group (ASG). Given the fact that such setup is contradictory to the common practice having a load balancer in front of an ASG, this costed me some time to figure out. …

TYPO3 at Universities

During the last two days, I had the opportunity to participate in a meeting of a special type of TYPO3 users: German universities. Thanks to RRZN / University of Hannover, around 50 people from allover Germany met for an event called “TYPO3 an Hochschulen” to talk about various topics regaring the use of TYPO3 in universities. Besides a couple of known faces, a lot of people, who where new to me, participated and presented various kinds of topics in two parallel tracks. The type of talk varied, besides introductions to Extbase/Fluid or Git, showcases about Solr/Nutch or Shibboleth integration, also...…

A retrospect of half a year as Server Team member

I am a member of the official TYPO3 Server Administration team since the Developer Days this year. With this article I not only want to look back, but also share some insights in what we are / I am doing in this team. I have not planned this article at all, but there’s the funny thing called Twitter and after Olivier’s tweet last night, I decided to shed some light on our work. The question was: where can i find info about the actual team and its goals, roadmap and actions? So here is a short story of how I...…

Profiling TYPO3 with XHProf

There occur situations when your TYPO3 is awful slow and you have to figure out, why this is the case. Using a PHP profiler is the heavy hammer to gain the insights you need in this case. Xdebug brings a PHP debugger and profiler. While I personally love the debugger together with PHP storm, the profiler output also needs a dedicated tool to browse through its results, e.g. KCachegrind or, again, PhpStorm. So for profiling I learned to love XHProf, a PHP profiler developed by Facebook. Its advantage is that it has a PHP interface to show the results, which...…

Doing Filename Checks Securely (in PHP)

Recently a security issue in TYPO3 has been fixed, where it was possible to circumvent checks, which should ensure file names to match specific patterns (e.g. denying .php file extensions to be uploaded or renamed to). As this problem is heavily caused by PHP’s laxity, this blog entry aims to provide some explanations to you as developer to prevent you from placing similar security holes in your software or TYPO3 extensions. Imagine you are programming a very basic file upload script and use the following piece of code: $filename = $_POST['filename']; $contents = $_POST['contents']; file_put_contents($filename, $contents); It is obvious that...…