pebkac thoughts : ID=10T ERROR (tagline not found)

using schemaSpy with mysql

Perhaps you’ve inherited a database from a previous admin? Perhaps you have some database-backed software and you need a better understanding of the schema? You’re in luck! There’s a free Java-based tool called schemaSpy. You can grab schemaSpy from sourceforge. As of this writing the latest is 4.1.1. I’ll wait while you fetch it.

…

Great! Now that you have done so, please also grab the MySQL JDBC connector. You can find that here. As of this writing the latest is 5.1.7. Grab that, too.

I used that earlier today, pointing it at the database for Documenting the American South, but I’m not at liberty to share those pretty results. Instead let’s point schemaSpy at this very blog. First let’s make a directory for the output:

mkdir ~/blogschema

Now we can run schemaSpy and have it put some pretty diagrams and html there. That would look like this:

java -jar schemaSpy_4.1.1.jar -t mysql \
-dp mysql-connector-java-5.1.7/mysql-connector-java-5.1.7-bin.jar \
-hq -o ~/blogschema -host localhost -db WORDPRESSDB \
-u WORDPRESSUSER -p DBPASSWORD

Note that the stuff in caps would match what’s in the wp-config.php for the WordPress instance. Let’s unpack the rest of that a bit. The -t mysql tells schemaSpy we’re looking at a MySQL database, and will fail if you don’t have the matching -dp pointing to the .jar of the connector I had you download. The -hq means “high quality” output from graphviz (which schemaSpy uses to produce the diagrams). You really don’t want the default. Trust me; it’s ugly. After that we specify the output directory, the host that’s running the MySQL database, and the login info. NOTA BENE: you should NOT run this with the password on the command line like this on a shared system where you don’t trust the users or programs, since the password could be seen in the output of ps.

But what if (like me) your database is remote? SSH to the rescue! Open two terminal windows, and in the first, issue the following:

ssh -T -L 3306:localhost:3306 youruser@mysql.example.com

Where yourusername is your username and mysql.example.com is the host running the MySQL database. What if your login shell and the database are on different hosts? That would look like this instead:

ssh -T -L 3306:mysql.example.com:3306 youruser@login.example.com

The -T suppresses tty allocation and the -L says that the next part is the tunnel. The first 3306 means that the local port (local to you) entering the tunnel is 3306, and the second 3306 means that the remote port (the one connecting to mysql.example.com from login.example.com) of the tunnel is also 3306. Great! now this means that we can run the java -jar schemaSpy_4.1.1.jar blob as above on our local host in the other window you opened. Now let’s see what the results look like. Have a look here for that. It would be much more fun to show off the docsouth schema since it has foreign keys that make for pretty diagrams. Hopefully you have such a database you can diagram yourself.

Happy schemaSpy-ing! Leave a comment if anything is problematic or unclear.

2008 12 05 tarheelcoxn work/web Comments Off Permalink

Googlyness

Because I’m home sick and apparently have nothing better to do, I have added a Google Friend Connect “gadget” in the sidebar. So you can “sign up” on my blog via Google, I guess? This does nothing for my site and all sorts of lovely things for the Goog in terms of having people explicitly articulate their social graph…. or something. Not clear exactly.

Anyway, you can now comment on my blog after you’ve commented on my blog. Or instead. With Google!

Anybody know if there’s something genuinely useful (for me) that can be done with GFC?

Tagged Google useless gadget widget

2008 12 04 tarheelcoxn work/web Comments Off Permalink

scoring my electoral map prediction

I was off by one state (MO). Looks like the Kos map is really slow to load right now, so give it time.

2008 11 19 tarheelcoxn work/web Comments (1) Permalink

support wikimedia

After using wikipedia for the umpteenth time this week (and it’s only Tuesday), I gave them some money. Even in a recession, you can spare $15.

2008 11 11 tarheelcoxn work/web Comments Off Permalink

TriLUG call-outs: quit being paranoid about Obama

I just wanted to take a moment to express my disappointment in two fellow TriLUG members, Phillip Rhodes and Warren Myers. I have read plenty of intelligent posts from both of them, so their recent anti-Obama posts (posted after the election and syndicated on planet.trilug.org) have been a bit of a surprise.

Phil decried Obama’s call for expanded community service programs for middle and high school students and a tax incentive for college students who do community service. Phil reads the word “mandatory” into text that simply doesn’t support it. I understand you don’t want mandatory service requirements, Phil. Now please understand that Obama is not pushing for mandatory service requirements.

Warren has a 404′d link to change.gov that he claims proves Obama lied about gun control. Here’s a tip: if you want to make an argument, please make a real argument instead of repeating an outlandish NRA talking point. Oh, and it helps to cite something that’s not 404′d. I read the entire NRA post, Warren: it in no way provides evidence that Obama was anything less than forthright and honest.

I know both of these TriLUG folks are not mean or unintelligent people, which is why it makes me sad to see them buying into the paranoia about Obama. If you really want to have an impact on his administration, construct honest and full arguments for reasonable and rational positions. Believe me: his administration will actually listen. If you decide to spend his administration tilting at windmills, I’m fairly confident you’ll do more damage to your own credibility than his.

You don’t want to end up being the enactment of this comedy:

2008 11 10 tarheelcoxn work/web Comments (3) Permalink

my timing was off

Nate Silver called it at 8:46, but I think my saying 9pm was a bit ambitious. I’m still amazed at how close NC is.

2008 11 04 tarheelcoxn work/web Comments (1) Permalink

prediction the 2nd

We’ll know the winner by 9pm Eastern. See the poll closing times map:

EDIT: The map (http://i481.photobucket.com/albums/rr174/sspenight/map590ek2.gif) was dead as of Mon Oct 12 17:00:23 EDT 2009.

2008 11 04 tarheelcoxn work/web Comments Off Permalink

prediction map for tonight

~~Map courtesy Daily Kos~~ Map (object built using http://img-orig.dailykos.com/map/electionEmbed.swf) was dead as of Mon Oct 12 17:09:19 EDT 2009. One-line summary prediction: O wins with 372 electoral votes.

2008 11 04 tarheelcoxn work/web Comments (1) Permalink

encrypted backups with encfs and rsync

I have whole-disk encryption on my laptop, so I’ve been frustrated that my backups were going to an unencrypted disk that sits in a shared office. The chance of that disk wandering off is low, but still: I wanted encryption. My first strategy was to make an 11GB .img file with dd and losetup, but mounting and unmounting were a pain and there’s not an elegant way to grow the image if need be. Next I tried using ecryptfs, but I twice ended up with processes I couldn’t kill -9 as root. Not fun. Additionally, that approach only encrypts the contents of files. Your filenames and directory structure are still plain to see, which would be too much of a disclosure for some people.

I was glad I found this howto, then, since it accomplishes everything I need:

userspace: no root/sudo needed after initial setup
nested in existing filesystem & directory structure
grows dynamically
simple

So let’s walk through how this worked for me. My laptop is named kant, the machine I’m backing up to garp (both running Ubuntu), and my username in all this is cmp. Substitute to meet your needs. Let’s start by setting up on garp:

sudo apt-get install encfs fuse-utils
sudo modprobe fuse
sudo adduser cmp fuse
sudo sh -c "echo fuse >> /etc/modules"

So what we’ve done so far is install encfs and fuse, load the fuse module, add my user to the fuse group, and set things up so that fuse will be loaded automatically at boot time. You should now reboot your machine or the rest of this howto won’t work.

We’re going to make two directories. One will hold the encrypted filesystem and the data, and the other is the mount point. Since in my case I’m backing up kant, I’m going to call the mount point kant.

mkdir ~/encrypted
mkdir ~/kant

The first time we use encfs to mount our encrypted directory, it will walk us through the setup process. That looks like this:

cmp@garp:~$ encfs /home/cmp/encrypted /home/cmp/kant
Creating new encrypted volume.
Please choose from one of the following options:
 enter "x" for expert configuration mode,
 enter "p" for pre-configured paranoia mode,
 anything else, or an empty line will select standard mode.
?>

Please note that I used full paths for the the two directories because encfs isn’t happy otherwise. If you ignored my suggestion to reboot above, you’ll get a fuse error at the end of this setup process. Once you have picked your settings and passphrase, you’ll be dumped back at a prompt with your ~/encrypted mounted to ~/kant. You can now put things in ~/kant as you would any normal directory, but when you unmount they will be nice gobbledygook over in ~/encrypted. I made a cmp/ directory and did a bit of syncing by hand to see if stuff works. I was satisfied so then I unmounted. Unmounting is done thusly:

fusermount -u /home/cmp/kant

Perusing ~/encrypted showed gobbledygook as expected. Huzzah! Now on to the backups. I decided I’m lazy enough that I made two one-line shell scripts to mount and unmount my backup directory. I put those in ~/bin on garp. Here is ‘backupmounter’:

#!/bin/bash
encfs /home/cmp/encrypted /home/cmp/kant

And then ‘unmountbackupdir’:

#!/bin/bash
fusermount -u /home/cmp/kant

Again, those are in ~/bin on garp. Now let’s head over to kant, where I put ‘backuptogarp’ in my ~/bin:

#!/bin/bash

# mount the encrypted directory
# note that we use -t to allocate a tty
# so that the password for the encfs directory won't echo
ssh -t cmp@garp.metalab.unc.edu /home/cmp/bin/backupmounter

# back up homedir
rsync -a --exclude="evil" \
        --exclude="plots" \
        /home/cmp/ cmp@garp.metalab.unc.edu:~/kant/cmp/

# unmount the encrypted directory
ssh cmp@garp.metalab.unc.edu /home/cmp/bin/unmountbackupdir

After saving backuptogarp to my ~/bin on kant, I can open a new shell and simply type ‘backuptogarp’. I get prompted for an encfs password and then the sync is off and running. Huzzah! Please note that I have an ssh key that gets me from kant to garp, and I have set up my gnome session to prompt me for my ssh key passphrase at login:

So that the script above only prompts me for the encfs passphrase. If you don’t want to use ssh keys, my approach probably isn’t terribly convenient for you.

Tagged backups, encfs, rsync, ubuntu

2008 10 19 tarheelcoxn Linux
ubuntu Comments Off Permalink