Business Machine

Technology, business
and innovation.

And, not least, about
the Mac.

Weblog Archive Cutedge

by: Bernard Teo

Creative Commons License

Copyright © 2003-2012
Bernard Teo
Some Rights Reserved.

Thu 02 Feb 2006

Luca and MySQL

Category : Technology/LucaMySQL.txt

Hai Hwee's been pretty busy herself these last two weeks. She's got a Universal Binary version of her SQLite Cocoa framework, as well as one now for MySQL. With these, she's able to build a Universal Binary version of Luca Accounting, that will support both MySQL and SQLite databases.

What we're trying to do is this : the user starts off using Luca, and entering his accounting data, with the built-in SQLite database. Then when he needs a faster, more scaleable database, with multi-user, concurrent access capabilities, he can go to Luca Preferences, point Luca towards MySQL, wherever he has installed it, and give Luca the rights to create the accounting database, populating it from the SQLite database.

Hai Hwee's got the hard part done - building Universal versions of the database access frameworks, as well as an architecture that will allow us to plug in support for other databases, like PostgreSQL, when we learn how to do them.

The next thing to do is build the user interface for switching between the databases.

If we're still working with 4th Dimension, we would now be able to build our own database plug-ins for 4D. We used to pay a lot of money for things like 4D for Oracle. We've learnt a lot since moving to OS X.

Posted at 8:57AM UTC | permalink

About Authorisation Services and the Security Framework

Category : Technology/securityFramework.txt

Over the long Chinese New Year weekend just past, I've also built an experimental version of MailServe that uses Authorisation Services which, together with the Keychain, is part of Cocoa's Security Framework.

I was trying to avoid having to use sudo to change things at the system level but, instead, use a shell tool that has its uid set to root to do all the privileged operations. But a setuid root tool is a dangerous thing. And that's where Authorisation Services come in - to make sure that the user is authorised to perform each privileged operation, and to authenticate that the user is who he says he is. With the Cocoa API's, you get to do all these in an orderly way.

And there are few other benefits to doing things "the right way". If the user is using a Mac that allows him to authenticate using smart cards, finger print or retinal scanning, in place of passwords, my applications will still work without my having to do a thing.

But what I was trying to do now was to avoid holding on to the user's password, which I have to do as long as I have to pass it on to sudo.

I almost got there. It turns out that the postfix command needs to be performed by a superuser. But somehow a setuid root process, which should be considered as executing with the privileges of a superuser, is not considered privileged enough by the postfix command. I still need sudo to run the postfix command in the setuid process, and there's something I'm missing here. I'm so close to getting it done. The code's a lot neater, and I may be able to kill the occasional problems I have with people's passwords not working, once and for all, since I'm using the same authentication services that you use when you log in to your system or change network settings.

When you meet these Security Framework API's the first time, they look very daunting. But there's a way to understand Cocoa if you learn how to skim off the key concepts quickly. Once the concepts are clear, then the more API's you find, and the thicker the documentation, the better it is, because it just means that there are a lot more variations to exploit the power of the tool. I'm just scratching the surface of what Cocoa can do. This is one journey that I'm happy to take one step at a time.

Posted at 8:57AM UTC | permalink

MailServe Universal Binary Released

Category : Technology/MailServeUniversalReleased.txt

Here's a first Universal Binary version of MailServe (version 2.0.6). Nothing else has changed (besides fixing the user interface bug for the Mailbox Size Limit field, which didn't get anchored properly during resize). If you're using it on an Intel Mac, please let me know how it went for you.

I've left the previous PowerPC-only version (2.0.5) available for download, just in case.

PS : I'm working on an update to DNS Enabler, to put in a couple of feature requests. When this gets done, it'll be a Universal Binary, too.

Posted at 3:09AM UTC | permalink

Put your Mac to Work Now how would you do something like that?

Weblogs. Download and start a weblog of your own.

A Mac Business Toolbox
A survey of the possibilities

A Business Scenario
How we could use Macs in businesses

VPN Enabler for Mavericks

MailServe for Mavericks

DNS Enabler for Mavericks

DNS Agent for Mavericks

WebMon for Mavericks

Luca for Mavericks

Liya for Mountain Lion & Mavericks

Postfix Enabler for Tiger and Panther

Sendmail Enabler for Jaguar

Services running on this server, a Mac Mini running Mac OS X 10.9.2 Mavericks:

  • Apache 2 Web Server
  • Postfix Mail Server
  • Dovecot IMAP Server
  • Fetchmail
  • SpamBayes Spam Filter
  • Procmail
  • BIND DNS Server
  • DNS Agent
  • WebDAV Server
  • VPN Server
  • PHP-based weblog
  • MySQL database
  • PostgreSQL database

all set up using MailServe, WebMon, DNS Enabler, DNS Agent, VPN Enabler, Liya and our SQL installers, all on Mavericks.