Planet ALDIL
août 12, 2010
Plutôt que de faire une revue des deux ouvrages paru cet été sur Plone je vais vous présenter l’état des lieux des publications autour de Plone. Du développement à la documentation En quelques années la communauté Plone a évolué, s’est structurée.Il n’y a pas plus de contributeurs mais des contributeurs plus réguliers qui se concentre [...]
jeudi 12 août 2010 03:35
juillet 27, 2010
L'impact de la vidéosurveillance est de l'ordre de 1% - BUG BROTHER - Blog LeMonde.fr
A Lyon, les caméras de vidéosurveillance permettent, en moyenne, une arrestation par caméra et par année. 200 arrestations, pour 219 caméras, comparées aux 20 604 actes de délinquance dits de voie publique ...
mardi 27 juillet 2010 22:00
juillet 21, 2010
Certains le savent peut-être, je travaille depuis quelques mois sur mon projet personnel Nodecast. Pour résumer, ce projet a l’ambition de proposer un outil de monitoring simple à mettre en œuvre mais aussi un outil de recensement façon Linux counter. Il n’a cependant pas pour objectif de concurrencer un logiciel de type Nagios. Outre le [...]
mercredi 21 juillet 2010 15:20
juin 15, 2010
After some time spent on Google to find a solution, somebody in #mutt told me to have a look at the status_format option in which we can call an external script ...
The relevant part of the ~/.ratpoisonrc :
set status_format="/usr/local/bin/notify.sh '%r %f (%L) [Msgs:%?M?%M/?%m%?n? New:%n?%?d? Del:%d?%?F? Flag:%F?%?t? Tag:%t?%?p? Post:%p?%?b? Inc:%b?]'|"
/usr/local/bin/notify.sh (quick 'n dirty but it works!) :
#!/bin/bash
#
# Small script which display a message in ratpoison
# when new incoming mail
#
echo "$1" | grep -q "New" > /dev/null 2>&1
if [ $? -eq 0 ];
then
ratpoison -c "echo Unread mail in Inbox"
fi
echo "$1"
mardi 15 juin 2010 20:04
juin 14, 2010
Some times ago I've described a quick solution to setup two-factor authentication with OpenSSH & Yubikey. I've made a clean Perl rewrite of the script with new features.
Working features :
- Config file in INI format
- Multiple Yubikeys support for each user
- "Whitelist" : you can define IP (or networks using CIDR notation) for clients which doesn't need to provide OTP.
- HMAC verification
- Error logging
Planned features :
- Integration of PreludeEasy to report authentication failures to your Prelude SIEM manager.
Available from my Git repository.
lundi 14 juin 2010 20:30
Here is a solution based on a custom perl script to improve the integration of your web browser inside Ratpoison.
Ratpoison is a keyboard driven window manager.
I've written a small perl script designed to be called via standard Ratpoison bind functions to interact with Midori (can be easily used with other web browsers). Here are the default binds :
- :gg <terms> : search for <terms> in google.com
- :dp <package_name> : load packages.debian.org page of <package_name>
- :db <package_name> : load bugs.debian.org page of <package_name>
- :wi <terms> : search for <terms> in Wikipedia
There is also a shortcut (actually bind to escape-g) which send the current selection to the browser, if the selection is an URL, load it into the browser, otherwise search for string in Google.
Relevant part of my ~/.ratpoisonrc :
# Browser Wrapper
bind g exec ~/bin/browser_wrapper.pl selection `$RATPOISON -c getsel`
alias gg exec ~/bin/browser_wrapper.pl gg
alias dp exec ~/bin/browser_wrapper.pl dp
alias db exec ~/bin/browser_wrapper.pl db
alias wi exec ~/bin/browser_wrapper.pl wi
~/bin/browser_wrapper.pl :
#!/usr/bin/perl
{
my $shortcut = $ARGV[0] || 'gg';
my $browser = "/usr/bin/midori";
my $request = undef;
my $url = undef;
foreach $argnum ( 1 .. $#ARGV ) {
$request .= $ARGV[$argnum].'%20';
}
$request =~ s/\%20$//;
my $shortcuts_table = {
'gg' => sub {
$url = "http://www.google.fr/search?q=" . $request;
system( $browser . " " . $url );
},
'dp' => sub {
$url = "http://packages.debian.org/" . $request;
system( $browser . " " . $url );
},
'db' => sub {
$url = "http://bugs.debian.org/" . $request;
system( $browser . " " . $url );
},
'wi' => sub {
$url = "http://en.wikipedia.org/wiki/" . $request;
system( $browser . " " . $url );
},
'selection' => sub {
if ( $request =~ m/^http:\/\/.*/ ) {
$url = $request;
} else {
$url = "http://www.google.fr/search?q=" . $request;
}
system( $browser . " " . $url );
}
};
$shortcuts_table->{$shortcut} ? $shortcuts_table->{$shortcut}->() : $shortcuts_table->{'gg'}->();
}
0;
lundi 14 juin 2010 18:57
juin 08, 2010
More a reminder than a real post, here's how to display HTML emails inside Mutt using w3m.
Put the following line into ~/.mailcap :
text/html; w3m -I %{charset} -T text/html -dump; copiousoutput
And just append :
auto_view text/html
in ~/.mutt/muttrc
mardi 08 juin 2010 18:45
mai 28, 2010
This package provides a perl module to interact with Akamai CCUAPI to handle multiple purge requests.
Package : http://packages.debian.org/sid/libnet-akamai-perl
Bugs : http://packages.debian.org/libnet-akamai.perl
vendredi 28 mai 2010 18:43
mai 26, 2010
La sagesse des Shadock... - Ma petite parcelle d'Internet... Le blog de Cédric "Sid" Blancher
Il vaut mieux mobiliser son intelligence sur des conneries que de mobiliser sa connerie sur des choses intelligentes
...
Six mois presque jour pour jour après avoir été questionné sur les mesures de sécurisation à déployer pour ne pas tomber dans la fameuse négligence caractérisée mentionnée à l'article L. 335-7-1 du code de la propriété intellectuelle, la réponse du ministère de la culture est enfin publiée. Les plus cyniques avaient prédit une réponse de normand, et ils ne sont, j'en suis sûr, pas déçu par le résultat. Par exemple, on n'apprendra rien de plus sur la caractérisation de la négligence puisque "les éléments constitutifs de cette contravention seront définis par un décret qui est en cours d'examen au Conseil d'État". Super...
En ce qui concerne les moyens de protection à déployer, ce n'est guère mieux. On apprendra qu'il faut s'intéresser d'une part à la sécurisation de son poste de travail et d'autre part à celle de son boîtier de connexion. Le premier point serait à gérer avec des solutions de contrôle parental, pour empêcher les marmots d'aller faire des conneries sur Internet je suppose, et des "solutions de type pare-feu ou antivirus". Je ne sais pas ce que vous en pensez, mais le refrain "installe un pare-feu et un antivirus" sonne à mes oreilles comme une rengaine qui a depuis longtemps démontré ses limites. Mais bon, puisqu'on nous le dit...
En fait, c'est sur la sécurisation de la box que ça devient très drôle... Ou pas... C'est selon le point de vue. Ça rappelle aussi un peu un jugement rendu récemment outre-Rhin... On nous explique en effet qu'il faut les protéger "au moyen de clés et de protocoles cryptographiques" et de fournir en exemple les "clés WEP et WPA". Protection qui pourrait être "complétée par une restriction d'accès aux seuls périphériques préalablement déclarés par l'utilisateur", c'est à dire du "filtrage MAC". Vous êtes sur le cul ? Moi aussi...
On doit être sacrément occupé au ministère de la culture. Parce que franchement... Six mois pour pondre une réponse de cet acabit, c'est un peu du foutage de gueule... Car non content d'aligner les lieux communs que sont le pare-feu, l'antivirus et le chiffrement du lien Wi-Fi, on y parvient tout de même à les accompagner de la préconisation d'un protocole connu pour être totalement inefficace depuis près de dix ans d'une part, et d'un mécanisme de contrôle d'accès aisément contournable qui demande des efforts de configuration et de maintenance loin d'être négligeables d'autre part. Genre, on va filer un protection de merde à Mme Michu, et histoire d'en rajouter une couche, on va lui demander de lister des adresses MAC...
La loi HADOPI poursuit, nous a-t-on longuement expliqué dans l'hémicycle, un but pédagogique. Mais avant de vouloir se montrer pédagogue, encore faudrait-il maîtriser les sujets qu'on veut enseigner. Or, force est de constater que certains ont cruellement besoin de cours de rattrapage en ce qui concerne les moyens de sécurité...
mercredi 26 mai 2010 18:31
mai 24, 2010
mai 23, 2010
mai 22, 2010
mai 21, 2010
ReclaimPrivacy.org, Facebook Privacy Scanner
This website provides an independent and open tool for scanning your Facebook privacy settings.
vendredi 21 mai 2010 13:32
mai 11, 2010
L'après Facebook : Diaspora - Standblog
Wired, pose le problème de façon très claire en titrant Facebook est devenu malhonnête, le temps est venu d'une alternative ouverte "Il faut que le reste de l'écosystème du Web le remplace par une alternative ouverte et distribuée".
Justement, On apprend la création du Diaspora Project, une alternative à Facebook, mais décentralisée, respectueux de la vie privée, contrôlé par les utilisateurs (et bien sûr sur du code Libre).
mardi 11 mai 2010 22:00
Les 11e Journées Du Logiciel Libre : c'est fini ! Satisfaction générale des participants. Noter la 12e édition sur l'agenda 2010...
mardi 11 mai 2010 06:39
avril 16, 2010
7.500 acheteurs sur internet ont involontairement vendu leur âme - Yahoo! Actualités
Les dirigeants de GameStation ont toutefois précisé qu'ils ne feraient pas valoir leurs droits concernant l'âme de leurs clients.
vendredi 16 avril 2010 08:37
mars 19, 2010
In a previous article, I've described a way to setup an OpenID provider using SimpleID. Its only major drawback was the lack of support for any strong authentication ... since today. I've patched and released a version with Yubikey One-Time Password support.
This version is based on the latest released version available on the official SimpleID website: 0.7.1 and also include patches to work correctly with PHP 5.3.1.
I will contact the author to see if he's interested in this feature and if he wants these patches to be included in the official SimpleID tree, but if for any reason they would not be accepted, i'll keep my git repository up-to-date with any future release.
More interesting than a long blahblah here is the git repository : http://github.com/adedommelin/simpleid-yubikey
Please take 2 minutes to read the small README as it explains how to associate your key to your OpenID Identity.
vendredi 19 mars 2010 22:59
mars 17, 2010
Thanks to the Geneva Application Security Forum, I'm now a proud owner of a Yubikey. This small USB token acts as an OTP (One-Time Password) generator. I'll present you a quick solution to use it within OpenSSH for Two-Factor (T-FA) authentication.
What is Two-Factor authentication ?
An authentication factor is a piece of information and process used to authenticate or verify the identity of a person or other entity requesting access under security constraints. Two-factor authentication (T-FA) or (2FA) is a system wherein two different factors are used in conjunction to authenticate. Using two factors as opposed to one factor generally delivers a higher level of authentication assurance. Two-factor authentication typically is a signing-on process where a person proves his or her identity with two of the three methods: "something you know" (e.g., password or PIN), "something you have" (e.g.,smartcard or token), or "something you are" (e.g., fingerprint or iris scan).
How does the Yubikey work ?
A Yubikey is a small USB HID device which is seen as a generic keyboard (no driver needed) with a small button. Each time the button is pressed it generates a one-time password secured using AES-128 encryption and ModHex encoding. For more details, you can have a look at this detailed article.
How to integrate a Yubikey in the SSH login process ?
There is various solutions available, one of them is to use the a PAM module, but it's still in development and users reports some crashes, so it doesn't sound a very good solution to me at this time.
The other solution (the one I'll present in this article) was to develop a script which will be invoked at each login, before giving a shell to the user, which will check the OTP.
Ok ... ok ! But how can I use it with my OpenSSH server ?
Here is the way my solution works : I've added a group called "yubikey" on the system. The SSH server will execute the authentication script for all the members of this group on each login (this is done using the sshd_config Match directive). The script will ask the user to generate an OTP using his Yubikey, check if this key is authorized for this user, parsing ~/.ssh/trusted_yubikeys then proceed to the validation of the password. If everything is fine the script gives the user his shell.
Here are all the steps in detail :
Create the group :
$ groupadd yubikey
Add your user inside the group :
$ adduser mon_user yubikey
Specify the trusted keys for this user :
$ cd /home/mon_user/.ssh
$ echo "yubikeyid" >> trusted_yubikeys
Create the script in /usr/local/bin/yubikey.sh :
#!/bin/bash
#
# (c) 2010 Alexandre De Dommelin
#
# This program is free software. It comes without any warranty, to
# the extent permitted by applicable law. You can redistribute it
# and/or modify it under the terms of the Do What The Fuck You Want
# To Public License, Version 2, as published by Sam Hocevar. See
# http://sam.zoy.org/wtfpl/COPYING for more details.
#
YUBICO_API_ID="XXXX"
TRUSTED_KEYS_FILE="$HOME/.ssh/trusted_yubikeys"
STD="\\033[0;39m"
OK="\\033[1;32m[i]$STD"
ERR="\\033[1;31m[e]$STD"
##################################################
## Disconnect clients trying to exit the script ##
##################################################
trap disconnect INT
disconnect() {
sleep 1
kill -9 $PPID
exit 1
}
echo ""
echo "** One-Time Password Validation Step **"
echo ""
echo -n "Please provide Yubi OTP then enter Ctrl-d: "
OTP=`tr -c -d a-z < /dev/tty`
KEY_ID=${OTP:0:12}
####################################
## Get user-trusted yubikeys list ##
####################################
if [ ! -f $TRUSTED_KEYS_FILE ]
then
echo -e "$ERR Unable to find trusted keys list"
disconnect
else
TRUSTED_KEYS=`cat $TRUSTED_KEYS_FILE`
fi
#######################################
## Iterate through trusted keys list ##
#######################################
for trusted in ${TRUSTED_KEYS[@]}
do
if [ $KEY_ID = $trusted ]
then
echo -e "$OK Found key in $TRUSTED_KEYS_FILE - validating OTP now ..."
if wget "https://api.yubico.com/wsapi/verify?id=$YUBICO_API_ID&otp=$OTP" -O - 2> /dev/null | grep "status=OK" > /dev/null
then
echo -e "$OK OTP validated"
exec `grep "^$(whoami)" /etc/passwd | cut -d ":" -f 7`
else
echo -e "$ERR Unable to validate generated OTP" > /dev/stderr
sleep 1
disconnect
fi
fi
done
echo -e "$ERR Key not trusted" > /dev/stderr
disconnectGive it the right permissions :
$ chmod 755 /usr/local/bin/yubikey.sh
Configure /etc/ssh/sshd_config with this parameters :
Match group yubikey
ForceCommand /usr/local/bin/yubikey.sh
Then restart SSH server :
$ /etc/init.d/ssh restart
Important notes
- Keep an active SSH session during your tests :-)
- You have to put your API ID in YUBICO_API_ID inside the script. API ID can be obtained at api.yubico.com
- Make sure that ~/.ssh/trusted_keys is readable by the matching user
- Of course, you can use your own validation server, just adapt the script accordingly
- I'm not responsible of what you do, this script works for me, but it comes with no warranty, if your dog die tomorrow or anything else like that don't blame me
- Updated versions will be commited to my Github repository
mercredi 17 mars 2010 19:58
février 06, 2010
As my RFID reader works now, i've written "Medor" a small solution to protect my desktop session.
The idea is quite simple, at work I often leave my computer for meetings ... and don't want to have to xlock / unlock my session.
On login, I start ssh-agent with all my different keys (Work & Personnal), so leaving a terminal open with them loaded looks dangerous to me. Medor checks every 5 seconds if my keys with my RFID tag are present, if they aren't the screen is locked to prevent somebody to use my session. When my keys are back, the session is unlocked.
There's another protection, if Medor detects that the RFID reader is no longer available (somebody tried to unplug it), the screen is locked, all keys in my ssh-agent are removed and a XMPP message is sent to my cell phone.
Medor use the RFIDIOT library to access the RFID reader, have a look at my previous article to know how to use it on Debian GNU/Linux.
Here are the 2 main scripts (up-to-date release will be available on my github under dotfiles/openbox/bin/Medor)
Medor.sh
#!/bin/bash
#
# Medor v0.1
# Alex "laotseu" DE DOMMELIN - http://blog.tuxz.net
#
# This program is free software. It comes without any warranty, to
# the extent permitted by applicable law. You can redistribute it
# and/or modify it under the terms of the Do What The Fuck You Want
# To Public License, Version 2, as published by Sam Hocevar. See
# http://sam.zoy.org/wtfpl/COPYING for more details.
#
RFID_ID="MYTAGID"
CHECK_TAG_SCRIPT="/home/laotseu/.config/openbox/bin/Medor/python-rfid/checkTag.py"
SCREENLOCK="xlock"
SCREENLOCK_OPTS="-mode blank"
XMPP_ALERT="/home/laotseu/.config/openbox/bin/Medor/xmpp_alert.py"
function protect() {
(ssh-agent -k > /dev/null 2>&1)
($XMPP_ALERT "$(date) Security Alert : RFID reader unplugged" > /dev/null 2>&1)
lock;
}
function lock() {
($SCREENLOCK $SCREENLOCK_OPTS &)
}
function unlock() {
(/usr/bin/killall -9 $SCREENLOCK)
}
## Main Loop ##
ALERT_SENT=0
while [ 42 ];
do
TAG=`$CHECK_TAG_SCRIPT 2>/dev/null`
case $? in
############################
## Reader not present :-( ##
############################
1 )
if [ $ALERT_SENT -eq 0 ];
then
protect;
ALERT_SENT=1
fi;
;;
#################################
## No tag present, lock screen ##
#################################
255 )
(/bin/pidof $SCREENLOCK > /dev/null 2>&1)
if [ $? -eq 1 ];
then
lock;
fi;
;;
#############################################
## Tag present, check if allowed to unlock ##
#############################################
0 )
if [ "$TAG" == "$RFID_ID" ];
then
(/bin/pidof $SCREENLOCK > /dev/null 2>&1)
if [ $? -eq 0 ];
then
unlock;
ALERT_SENT=0
fi;
else
(/bin/pidof $SCREENLOCK > /dev/null 2>&1)
if [ $? -eq 1 ];
then
lock;
fi;
fi;
;;
esac
sleep 3
done;
checkTag.py
#!/usr/bin/python
import RFIDIOtconfig
import os
try:
card = RFIDIOtconfig.card
except:
os._exit(1)
if card.select():
print "%s" % card.uid
else:
os._exit(-1)
samedi 06 février 2010 09:55
février 05, 2010
I've bougth a few month ago a Touchatag RFID reader, a cheap USB device. It's reported to work on Windows / MacOS but not GNU/Linux. Here's a solution to use it on Debian.
You need to install some packages :
apt-get install python-pyscard pcscd pcsc-tools python-pycryptopp python-serial python-crypto
Then download the latest release of RFIDIOT (RFID IO Tools) here and simply extract it.
Plug-in the reader and start pcsc_scan, you should see something like that :
found one
Scanning present readers
0: ACS ACR 38U-CCID 00 00
The "0:" is the reader id, so ctrl+c out of pcsc_scan, edit RFIDIOtconfig.py, jump down to the readernum= directive, and change that to the correct id given by pcsc_scan.
You should now be able to test your reader using one of the contributed script such as multiselect.py.
vendredi 05 février 2010 23:29
janvier 21, 2010
Working on various web projects, there's a very well known problem : find a good regular expression (regexp) to check the validity of user submitted email addresses.
This website has compiled various regular expressions which try to resolve this problem. The editor's idea is great, using a set of valid/invalid emails, and a simple unit test, he can provide a good comparison of some of the most used regexps.
His philosophy is great : "It's better to accept a few invalid addresses than reject any valid ones, so I'm looking for 0 false-positives and as few false-negatives as possible."
But I've noticed 2 problems :
- His "best" regexp doesn't work in JavaScript (JS doesn't support advanced features like negative lookbehind ...)
- The method used to validate IP addresses is not correct (doesn't take care of 0-255 range)
So i've decided to improve an existant one, adding an other test criteria : also check the "real" validity of the IP address. The following work is based on the G. Arluison's improved version of Warren Gaebel's regex.
Here are my solutions :
/^[-a-z0-9~!$%^&*_=+}{\'?]+(\.[-a-z0-9~!$%^&*_=+}{\'?]+)*@([a-z0-9]([-a-z0-9_]?[a-z0-9])*(\.[-a-z0-9_]+)*\.(aero|arpa|biz|com|coop|edu|gov|info|int|mil|museum|name|net|org|pro|travel|mobi|[a-z]{2})|([1]?\d{1,2}|2[0-4]{1}\d{1}|25[0-5]{1})(\.([1]?\d{1,2}|2[0-4]{1}\d{1}|25[0-5]{1})){3})(:[0-9]{1,5})?$/iThis one works very well (found 18/18 valid mails + deep IP address check, and found 19/20 invalid mails - there is a problem checking global length)
There's just a small problem, each time a new TLD > 2 chars will be added, you'll need to append it to the list in the regex, if you want a more generic solution, you can use this variant (note that this version will not check if the TLD really exists) :
/^[-a-z0-9~!$%^&*_=+}{\'?]+(\.[-a-z0-9~!$%^&*_=+}{\'?]+)*@([a-z0-9]([-a-z0-9_]?[a-z0-9])*(\.[-a-z0-9_]+)*\.([a-z]{2,6})|([1]?\d{1,2}|2[0-4]{1}\d{1}|25[0-5]{1})(\.([1]?\d{1,2}|2[0-4]{1}\d{1}|25[0-5]{1})){3})(:[0-9]{1,5})?$/i
Those 2 solutions should be usable in all languages providing PCRE (Perl Compatible Regular Expressions), on server & client side (such as Javascript, PHP, Perl, Python, Ruby etc...)
jeudi 21 janvier 2010 20:41
janvier 16, 2010
OpenID is a way to provide a single digital identity across the Internet. Instead of creating multiple accounts, remember the login/password couples on all the website you visit, you can use a single OpenID identity if this type of authentication is supported by the target website.
An OpenID is in the form of a unique URL, and is authenticated by the user's 'OpenID provider' (that is, the entity hosting their OpenID URL).The OpenID protocol does not rely on a central authority to authenticate a user's identity. Since neither the OpenID protocol nor Web sites requiring identification may mandate a specific type of authentication, non-standard forms of authentication can be used, such as smart cards, biometrics, or ordinary passwords.
While you can create an identity on various providers websites (it's possible you already have one see Get an Openid) you may want to host your own identity server.
There are a lot of identities servers, in various languages (PHP, Ruby, Python, Java...) i've decided to use SimpleID a lightweight PHP-based solution which doesn't rely on any database. Here is an overview of these features :
- Support for OpenID 1.1 and 2.0
- Support for Simple Registration Extension 1.0 and 1.1 draft
- Multiple identities support
Installation
Start by downloading the archive at Sourceforge, extract it then move the cache, identities, www folders to your webserver.
Configure your Web Server (apache, lighttpd...) by adding a new virtualhost pointing to the "www" folder. For standard use, you don't need to setup any rewrite rule or anything else.
Rename config.default.inc to config.inc, then edit this file to put correct paths for the different needed folders
Add an Identity
Create an identity file called "yournickname.identity" in the identities folder, your apache/lighttpd user must have read access to this file.
identity=http://vhost.yourdomain.tld
pass=3408cad97ec7f9c09775da84048ecc0
[sreg]
nickname=your_nickname
email=yourmail@domain.tld
administrator=1
fullname=John Doe
dob=1957-01-02
gender=M
postcode=1234
country=ch
language=en
timezone=Europe/Zurich
As for the "pass" line, you have to put the MD5 Hash of your password.
That's all, you can now login to SimpleID using your new identity, and use this identity to login in various websites.
samedi 16 janvier 2010 15:38
janvier 12, 2010
Python snippet to send XMPP messages using talk.google.com
#!/usr/bin/python
import xmpp
user = 'your_login'
pwd = 'your_password'
cnx = xmpp.Client('gmail.com')
cnx.connect( server=('talk.google.com',5223) )
cnx.auth( user,pwd,'python xmpp bot' )
cnx.send( xmpp.Message( "contact@domain.tld" ,"message" ) )
mardi 12 janvier 2010 20:57
Voici une solution pour afficher des notifications locales lors de la réception de messages dans votre irssi distant (sans X forwarding)...
Ne souhaitant pas mettre en place une solution nécessitant l'installation de paquets relatifs à X sur mon serveur, je me suis tourné vers une solution utilisant un script perl intégré à irssi et d'un autre script sur le poste client qui se chargera d'afficher les notifications sur le bureau en les récupérant via SSH
Configuration coté serveur
use strict;
use Irssi;
sub priv_msg {
my ($server,$msg,$nick,$address,$target) = @_;
filewrite($nick." " .$msg );
}
sub hilight {
my ($dest, $text, $stripped) = @_;
if ($dest->{level} & MSGLEVEL_HILIGHT) {
filewrite($dest->{target}. " " .$stripped );
}
}
sub filewrite {
my ($text) = @_;
open(FILE,">>$ENV{HOME}/.irssi/notifications_log");
print FILE $text . "\n";
close (FILE);
}
Irssi::signal_add_last("message private", "priv_msg");
Irssi::signal_add_last("print text", "hilight");
Ce bout de code logguera vos messages privés dans le fichier ~/.irssi/notifications_log
C'est fini pour le serveur, passons à la suite.
Configuration côté client
Tout d'abord, commencez par installer le paquet libnotify-bin (en tout cas il s'appelle comme ca sous debian, il fournit le binaire notify-send) Copiez/collez le code ci-dessous dans un fichier que vous placerez dans votre repertoire de scripts persos favoris (~/bin dans mon cas)
#!/bin/sh
ssh user@host.tld tail -F -n1 ~/.irssi/notifications_log | while read heading message
do notify-send -i gtk-dialog-info -t 300000 -- "${heading}" "${message}"
done
Pensez à mettre votre login / adresse serveur à la place de "user@host.tld", le bit d'execution sur le script, puis rajoutez une ligne dans votre ~/.xinitrc pour qu'il soit lancé automatiquement lors de votre connexion.
mardi 12 janvier 2010 19:12
novembre 14, 2009
Bonjour
Pour noël avec François on désire un récepteur TNT pour satellite.
Mais sinon j'ai mis à jour ma liste chez amazon.
A savoir que j'ai une préférence pour les deux DVD mais en version collector ;o)
Voici l'url : liste de Karine
samedi 14 novembre 2009 12:53
octobre 24, 2009
octobre 19, 2009
octobre 18, 2009
octobre 14, 2009
octobre 11, 2009
L'association ViVé, école de vidéo participative de Grigny, a enregistré des conférences des JDLL 2008.
dimanche 11 octobre 2009 17:28
