assertRaises not detecting exceptions in __getattr__

A friend of mine asked for my help to find the cause of a bug he was seeing in a complex Python class he was writing. The class was supposed to raise an exception when a certain method was called but the unit tests were not picking up that exception. I have to confess I was a little stumped at first but simplifying his code to the bare minimum made the problem more evident. »

Basic rules for software deployment

Every now and then someone asks me what is the best way to deploy code to a server. There’s a lot to be said about this subject, so I usually end up disappointing the inquirer because I rarely have a simple answer for them. Like so many other things in life, the best way to do it really depends on the exact situation - the scale you’re operating at, the type of servers you use, the type of application you’re deploying, the level of security required, the infrastructure being used, etc. »

How to undo a git push --force and undelete things

Today someone asked for my help to undo a git push --force that messed up his production server by overwriting the master branch with something that wasn’t meant to be there. My first advice would be to not deploy to production servers by manually running git pull or git push, but that’s another story. ;) So how would you solve the situation? It’s actually quite simple but if you don’t know some details about how git works, it can seem a bit daunting. »

SSL POODLE vulnerability

The recent SSLv3 POODLE vulnerability is a tricky one, because there’s no patch and you actually have to do the hardwork yourself. Luckily it’s not hard. Here are a few resources I found useful: Disabling SSLv3 For POODLE, on Linode’s documentation. Disabling SSLv3 Support on Servers, by the ZMap folks. POODLE Attack and SSLv3 Deployment, also by the ZMap folks. How do I patch/workaround SSLv3 POODLE vulnerability (CVE­-2014­-3566)?, on Ask Ubuntu. »

Author image Raúl Pedro Fernandes Santos

Like a girl

Today I saw this video on a friend’s Facebook profile (or “wall”, like it’s called nowadays, because “profile” probably isn’t cool enough - yes, I’m probably getting old). I kind of like it. The message is a positive one, the music is good, and it’s not “brainless” like so many other similar campaigns. But I only “kind of” like it. You see, I feel sad when I see things grow to a point when they are blown out of proportion and become so big, they start being the root cause of huge marketing campaigns to counter what was an innocent thing in the first place. »

Author image Raúl Pedro Fernandes Santos

It's a plastic world

A short movie well worth watching. I always wonder why so many people know about these issues, at least minimally, and still insist on maintaining their atrocious consumerism behaviours, throwing things away, not recycling anything. Recycling is not the solution but it’s much better than the alternative. Still, people prefer to turn a blind eye and keep acting like environmental criminals. Instead, they just complain and ask why nobody does something about the rubbish they see everywhere. »

Author image Raúl Pedro Fernandes Santos

Conversas avulso 2 - Rotundas

Hoje aconteceu-me algo que já aconteceu muitas outras vezes: alguém que não sabe o código da estrada quase me arrancar a parte da frente do carro quando se atravessa à minha frente no meio de uma rotunda. A diferença é que hoje decidi fazer algo quanto a isso. Sinal vermelho numa rotunda de duas faixas e por onde passa o elétrico de Almada (sim, aquilo é um eléctrico, não é um “metro”). »

Author image Raúl Pedro Fernandes Santos

Swans feeding fish hoax (or "swans do not feed fish")

A few years ago I saw this video and lately it has been coming back in some social networks. Lots of people seem to think the swans are feeding the fish and if you search for “swans feeding fish” videos, you’ll find quite a few. While swans feeding fish would indeed be interesting and fun to watch, it’s far from what is actually happening. In reality what is happening is that swans and geese are trying to get their food wet, not feed the fish. »

Author image Raúl Pedro Fernandes Santos

How to test if your server is vulnerable to Heartbleed exploit

If you heard of the “heartbleed” vulnerability and are interested in testing your servers, here are a few websites that may come in handy: Heartbleed test - Simple and works. LastPass Heartbleed checker - also simple but I found that it was giving me some false positives. Qualys SSL Labs SSL Server Test - this is serious shit, deep analysis of much more than just the heartbleed vulnerability. Good stuff! OpenSSL TLS Heartbeat Extension - Memory Disclosure - the actual exploit that you can use yourself to test if your servers are vulnerable. »

Author image Raúl Pedro Fernandes Santos

How to add a slave to a MySQL replication setup with no downtime

Recently I had to add a new MySQL slave server to an existing master - slave setup, without causing any downtime. Having done that only a couple of times in the past and never having played the central role in the process, I wanted to make sure I was getting everything right, so I did a lot of research but couldn’t find all the best (or what I consider the best) bits and pieces in one single place, so I am documenting everything here for future reference and hopefully they will also help others. »

Author image Raúl Pedro Fernandes Santos