Protip: Don’t accidentally delete the Apache config file for a site. It took me 90 seconds to fix and 24 hours to notice. Oops… :-[

I was just pretty stumped by the following Apache error, in /var/log/httpd/error_log:

[Thu Dec 08 21:53:28 2011] [error] [client 192.168.1.2] (13)Permission denied: file permissions deny server access: /var/www/html/aml/i
ndex.html

The error implies it’s a filesystem permissions issue, and the Apache site explains that it’s almost always related to filesystem permissions, not Apache configuration. But this was exasperating, because the file ownership was apache.apache, and index.html was chmod 755. Apache could absolutely access it. But then the Apache docs made a passing mention that sometimes it was related to SELinux errors.

Sure enough, that’s exactly my problem:

[matt@bos aml]$ ls -alZ 
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 .
drwxr-xr-x. root   root   system_u:object_r:httpd_sys_content_t:s0 ..
-rw-r--r--. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 .htaccess
drwxr-xr-x. apache apache unconfined_u:object_r:user_home_t:s0 images
-rw-r--r--. apache apache unconfined_u:object_r:user_home_t:s0 index.html
drwxr-xr-x. apache apache unconfined_u:object_r:user_home_t:s0 stylesheets

Note that the directory, and the .htaccess file I touched, have the httpd_sys_content label, which is appropriate here. But the other files show user_home_t. This apparently precludes Apache from being able to see them.

Where this went wrong is that, to get them onto the server, I scp’ed them from my desktop to my home directory on the webserver, and then cp’ed them to /var/www/html. In doing so, they picked up the user_home_t label since they were in my home directory.

A quick sudo restorecon -r . got everything sorted out. There may be a more elegant way, but this worked for me.

I just happened across something nifty: you can use the VerifyHostKeyDNS option in your SSH configuration to fetch the host’s public key fingerprint over DNSSEC-secured DNS (with a “SSHFP” record type).

This is defined in RFC 4255, Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints if you’re looking for some light reading.

We’re now running on a faster virtual machine hosted in Boston, which seems to have excellent uptime. I’ve also taken this opportunity to upgrade to the latest WordPress. The main page is gone for now, but it avoids the total lunacy of a Ruby on Rails application running for the main page, with PHP for the rest of the (WordPress) site with about 100 lines of mod_rewrite insanity to glue it all together. It’s nice and simple now, like it should be.

Don’t ask why I was spending my Friday night this way, but I was just reading about Juno, the ISP that I assumed went out of business a decade ago. It turns out that they merged with NetZero (another ISP I forgot all about), and formed United Online. (The interesting thing about their merger is that they were in a ferocious legal battle, and somehow decided that, rather than continuing to sue each other, they were better of merging into one company. That seems like the least likely outcome.) Wikipedia mentioned that United Online also holds a third Internet service — Kmart’s BlueLight ISP. This “WTF” sentence led to me reading a lot about Kmart.

So first things first, Kmart is still in business. I was surprised to learn this. I asked my roommate and he was too. We both just kind of assumed that, like Juno and NetZero, they had gone out of business when their names faded from our memory years ago. It turns out that Kmart has about 1,300 stores in the United States.

I glossed over the company’s history, but it’s interesting to note that the company was started by Sebastian Kresge — then working as a traveling salesman selling to Woolworth’s — in 1897. In 1912 he incorporated S.S. Kresge Corporation. In 1918, the corporation was listed on the NYSE. In 1924, Kresge’s personal net worth was estimated at $325 million. (In 1924 dollars.) It wasn’t until 1977 that S.S. Kresge Corporation was renamed to Kmart.

But back to random facts about Kmart. It turns out that, between 2004 and 2005, Kmart bought Sears. I apparently failed to notice this at any point in the past 6 years. The purchase was a mere $11 billion. The name was changed to Sears Holdings Corporation. (So it’s interesting to note that Kmart bought Sears, but Kmart is now a brand of “Sears Holdings Corporation,” which gives a confusing sense of who bought who.)

It also turns out that Sears Holding Corporation owns a lot more than I was aware of.

For example, Kmart bought Waldenbooks in 1984, and in 1994, Borders and Waldenbooks merged.

The Kmart-OfficeMax lineage hurts my head, but Kmart more or less bought OfficeMax in 1990 before taking it public in 1995 and then selling off its remaining shares.

Also in 1990, Kmart bought Sports Authority. Like with OfficeMax, Sports Authority was spun off from Kmart proper in 1995.

And as for Kmart’s ISP? It, too, has a confusing history. They started it as a dialup ISP in 1999, as a free service supported by in-browser ads. The company was later spun off from Kmart. In 2001, after becoming a paid service, Kmart bought BlueLight back. In 2002, Kmart filed for bankruptcy, and that’s when United Online stepped in to purchase BlueLight. (It seems that Kmart filed for bankruptcy protection in 2002. It emerged from bankruptcy in 2003, and in 2004 it purchased Sears.)

Okay, so maybe I’m a little weird… But I found this moderately fascinating.

I think most geeks get a ton of email. I’ve been rather selective in what lists I join (and what mail I just auto-delete at the server level), so I only get perhaps a couple hundred emails a day now.

For various ridiculous reasons, searching a mailbox is hard. Most of my mail clients will do it, but sometimes I really want to do it myself because I want to be more exacting. Lately I’ve been tinkering more and more with using IMAP from the command line. Partially it’s that IMAP is really just a little bit unusual and kind of intriguing. But mostly, it’s just that, from time to time, it’s easier for me to just send some manual IMAP commands if I know what I’m doing. (For example, I have absolutely no idea how to subscribe to a particular folder in any of the mail clients I have available. I could wade through the menus and maybe find it, but it’s easier for me to just use Net::IMAP to subscribe to the folder.)

Like most implementations, Ruby’s Net::IMAP library provides a search method. And, like most implementations, it does a very poor job of documenting what is supported. At the risk of sounding like I’ve lost my mind, I actually found the IMAP RFC (3501) to be the easiest bit of documentation to understand. Below are some examples:

You can chain keys, so the following is a valid search command:

FROM "matt" SUBJECT "bacon"

But what isn’t abundantly clear is that search terms are combined with a logical AND, so the above will only match mail from Matt with “bacon” in the subject line.

This appears to be the way to get a logical OR instead:

(FROM "matt") OR (SUBJECT "bacon")

After spending a while trying to get all possible keys for a text search — e.g., (FROM "foo") OR (SUBJECT "foo") OR (CC "foo")... — I realized that there’s an easier way: the TEXT key, which searches headers and the body. So for my generic search method, the search simply became TEXT "foo".

You may also find some of the other keys interesting, like the ability to search for RECENT or FLAGGED. I don’t intend to provide an exhaustive list here, however.

There are a lot of things in politics that I believe but don’t feel too strongly about. But one thing that makes absolutely no sense to me is trying to ban gay marriage. North Carolina has become the latest state to put forth a constitutional amendment banning gay marriage.

So first of all, the concept of amending the constitution to take away a right is unfathomably misguided. Even if gay people were actually some sort of menace to society, the constitution is what gives rights.

But here’s what’s always bugged me. I’m a Christian. I went to Catholic school. But this is one of the reasons I don’t go to church anymore. What the church teaches and does are so wildly incongruous from what the Bible says. True, you can find verses that reference homosexuality being a sin. But alongside them, you’ll find verses that use equally-harsh language against fish “that do not have fins or scales.” No one argues that we should amend the Constitution to ban eating shellfish.

What I took away from the Bible wasn’t a handful of verses. But I can sum it up in a couple.

First, “Love your neighbor as yourself.” Unlike most of the Bible, this is actually a quote from Jesus. (And, in fact, in Mark 12:31, Jesus states that, between this and that there is only one God and Savior, “There is none other commandment greater than these.”) Besides the fact that Jesus appears to make a rather big deal of this point, it seems to me like it’s also one of the over-arching concepts that Jesus tried to get us to understand.

Second, when Jesus happened across an adulterous woman — a sin punishable by death in the Bible — Jesus left us with some more pretty clear guidance: “He that is without sin among you, let him first cast a stone at her.” Elsewhere, there’s further indication that we should leave the castigation and judgment of others to God, and focus on trying to lead righteous lives ourselves.

If I were to attempt to summarize the Bible in a paragraph, I think both of these verses would make their way in. These are perhaps the most well-known verses on the two subjects, but there are countless other times the same concepts are expressed in the Bible. To me, they’re fundamental to what Jesus taught.

So it boggles my mind that someone who read the same book as me could come away and say, “This book is all about how we should amend our constitution to take rights away from gay people.” Maybe the version I read was a misprint?

On Aeolus Conductor, we’re using Rails 3. Although I’ve been using Rails for years, some part of Rails 3—namely, Bundler—are still relatively new to me.

The problem I ran into is that we have a :development, :test group defined, but it’s being installed in all environments. This is as described, but inconvenient when you’re trying to ship two separate RPMs—one package for end-users, and a -devel version for developers that depends on the gems in the :development and :test groups.

It turns out that, by design, bundle install will install all gems in all groups, but Rails will only load those in the relevant environments. They have a good reason for doing this, but for certain use cases, this is inconvenient. It’s easy enough to skip this: bundle install --without=development test does the trick.

But what trips me up is that it’s a “remembered setting,” something which is poorly-documented as far as I can tell. (But maybe I’m looking in the wrong places.) The problem is that there’s no apparent way to un-remember these flags, which is the subject of #867. Right now, you’re left manually editing .bundle/config to remove them. This works, but is really annoying. (#1006 argues that the whole “remembered options” feature is counter-intuitive and should be excised.)

Dear Microsoft,

I’ll admit that, as a Mac user who develops software for Linux at an open-source shop, I’m not exactly predisposed to being your biggest fan. But I think you’re mostly okay. You’re like Scott Brown — I wouldn’t vote for you, but I’m surprisingly okay with you.

There’s just one little thing… Outlook Web Access 2003. What happened there?

Did you ever realize that you’d leave people finding this as their best option for searching their email?

$ irb
>> require 'net/imap'
=> true

>> imap = Net::IMAP.new('mail.example.com')
> # snipped...

>> imap.login('user', 'password')
=> #

>> imap.select('INBOX')
=> #, raw_data="RUBY0004 OK [READ-WRITE] SELECT completed.rn">

>> imap.search('SUBJECT "top 25"')
=> [1160, 1161, 2755, 2834, 2857]

>> imap.fetch(1160, "BODY[HEADER]")
...

Yeah. That really wasn’t cool. And the thing is, search is a server capability (that Exchange supports!), so it’s not like it was something that webmail couldn’t support. (In your defense, though, Outlook Web Access 2003, every IMAP mail client I’ve ever tried wants to index gigs and gigs of email in that mailbox before I can use it, so you’re only a part of the problem. The fact that no one has ever made a good email client isn’t your fault.)