Stop Spam from Google Groups

I’ve been receiving spam for a while that somehow my email provider’s spam filters wouldn’t or couldn’t filter. I had noticed they were somehow send through Google Groups, but couldn’t quite figure out how. Well it turns out that anyone is apparently free to start a group for their own use and then “invite” anyone without their consent. Seriously Google, WTF? Anyway, after figuring this out the solution was clear: unsubscribe and change my settings to obviously not allow just anyone to invite me in their spammy groups.

One slight hurdle I had to overcome was that the email addresses I was getting the spam on were rarely used email aliases of some sites I own and for which all email is directed into my primary email account. This meant that those email aliases were not associated with my Google account and I wasn’t planning on signing up a separate Google account for each alias. Fortunately you can simply add multiple email addresses to your Google account by going to https://www.google.com/settings/account and adding them there. The Google Groups “memberships” are then also associated with your account.

To unsubscribe from the Google Groups “memberships” you never signed up for, simply go to Google Groups, select “My Groups” , click on each group and select “manage membership” for the “leave group” link. My condolances if you seem to have been added to a lot of groups, because I’m not sure if there is a faster way to simply unsubscribe from all groups. Also don’t forget to click the gear button and change your settings to not allow anyone to invite you (using any of the email addresses associated with your Google account) anymore.

Further reading: Act Now to Stop Being Spammed Via Google Groups

Mac OS X Time Machine backup on a Debian server

December 2015: I just wanted to note that the solution below stopped working for me after a while. However I recently purchased a Synology NAS and configuring as a Time Machine backup destination is fairly easy.

I just got a MacBook Air and had already read about how you can setup your own network based Time Machine backup on a Linux server. The problem is that there is some outdated information floating around, which caused me some headaches getting it to work with errors such as “The network backup disk does not support the required AFP features” and “backup failed with error 45” (in Console).

First: you need version 2.2.x of the “netatalk” package. Debian 6.0 (Squeeze) comes with 2.1 by default, which won’t work (with Mac OS X 10.8 “Mountain Lion” at least). Second, lots of how-to information includes instructions on creating a /etc/avahi/services/afpd.service file. With netatalk 2.2, this file is redundant: you do not need to create it.

Back to netatalk. Really old information will talk about needing to compile it from source to have it support the required authentication protocol. That is no longer relevant with the most recent version. If you are still running Debian 6.0 (still the stable version at time of writing) you can get netatalk 2.2 from Debian 7.0 (Wheezy) by doing the following (all as root): first add the following line to /etc/apt/sources.list

deb-src http://http.debian.net/debian wheezy main contrib non-free

Then run the following commands:

aptitude update
apt-get build-dep netatalk
apt-get -b source netatalk
dpkg -i netatalk_2.2.2-1_amd64.deb

Change the filename accordingly if the version number has slightly changed. With netatalk 2.2 installed, follow other guides on the net (such as this one or this one) to configure a Time Machine AFP share on your Debian server.

Two factor authentication: just do it!

This post on Wired editor’s Mat Honan’s blog had me worried. While there are plenty of things you could blame him from doing wrong (mainly not having backups even though the OS he was using makes this extremely easy) the thought of somebody being able to just wipe everything is frightening.

While to my knowledge Apple has not implemented two factor authentication (which, seeing this, they probably should!) a lot of us also have an Google account which is very important to us. Access to a Google account could not only give somebody access to your mail (Gmail) but Docs, Drive and lots of other services as well.

Therefore just don’t hesitate and setup 2-step authentication on your Google account today. Once setup it is actually quite easy to use, especially if you also install the Google Authenticator on your smartphone. To make sure you don’t lock yourself out, print the backup codes Google provides and setup a backup phone (for example of a family member).

Should you ever have to use a backup code or phone, here is how. Also if (like Google suggests) you keep the backup codes in your wallet and your wallet is stolen or lost, you can disable to those backup codes by creating new ones (through Account > Security > “edit” button on 2-step verification > Show backup codes > Generate new backup codes), which as you can see mention specifically “Only the latest set of backup codes will work.

If you use Lastpass to manage your passwords, you can configure Lastpass to use two factor authentication too using Google Authenticator by following these instructions. While editing your account settings you might also want to increase Password Iterations to 1000 on the General tab. If you signed up a while ago it might still be set to a lower (and less secure) value. You can also restrict access to one country only if you know for sure you are never going to login to Lastpass from abroad.

Finally as backup solution (but not necessarily your only backup solution, as it could in theory be wiped remotely) I recommend Backblaze, which is just $50/year for automatic unlimited backups (works on both Windows and Mac).

Edit: a detailed report has been published on Wired and is also featured in episode 365 of TWiT (This Week in Tech).

Hiding MySQL/PostgreSQL password from the “ps” command

If you want to run a database tool for MySQL from the command line it would seem you cannot avoid including the password using a –password argument. The problem is that the whole command line while the command is being run will be visible to any other user of the same server using the “ps” command.

The solution is to specify the password in a “option” file (as MySQL calls it). This is a file named .my.cnf (note the dot at the beginning) in your account’s root folder (ie: /home/myname/ or /root/ for the root user) with the following contents:

[client]
password=password

Of course replace the “password” with your real password. You should als make this file only readable by yourself with the following command:

chmod 600 .my.cnf

That ensures that nobody else can open the file (well except root if you are not an admin, but the root user would have access to everything anyway).

Now whenever you run a MySQL tool (mysql, mysqldump, etc) the password from the option file will be automatically used. If your username matches the MySQL username you also don’t need to specify a username. This can be very useful especially as root, when you need to do daily backups using mysqldump for example.

This tricks works in a similar way for PostgreSQL: put a file named .pgpass with the following contents:

hostname:port:database:username:password

You can use an asterisk (*) to match “any” value (wildcard), for example for port or database.

Arrays in Linux shell scripting

For a script I want to build for maintaining WordPress themes & plugins a bit easier I wanted to basically loop through a list of locations of WordPress installations on a single server. This basically means I need to be able to create an “array”.

I knew that you could use arrays in a shell script as I was using it in another script to automatically make a backup of all databases in a MySQL or PostgreSQL database, however that script gets the list from the output of an application: how do you define them yourself?

First thing to know is that array support differs by which shell you use. I prefer simply “/bin/sh”, but that only has extremely basic array support. Bash (and others) have better support. Fortunately the array support in “/bin/sh” is sufficient in my case.

Anyway, on to the solution. In “/bin/sh” you define an array as a list of strings separated by spaces (as such, I’m not sure if you can include strings with spaces) and use a very simple “for” loop to iterate through them:

#!/bin/sh

ARRAY="Hello World"

for WORD in $ARRAY
do
  echo $WORD
done

This script will display each word from the array on a different line. Note that there is no way to refer to a specific member of the array (you can’t use an index).

In Bash you can use arrays in a more advanced way:

#!/bin/bash

ARRAY=("Hello" "World")
ARRAY[2]="In Bash"
LENGTH=${#ARRAY[@]}

for ((i = 0; i < $LENGTH; i++))
do
  echo ${ARRAY[i]}
done

Now as you can see you can easily define a list of strings (with spaces if you want), refer to specific members of the array using an index and get the length of the array.

Go to Top