PHP not working in Apache virtual hosts

I just had the situation where PHP worked fine from the default/main site configured in Apache, but not in a virtual host. Instead of parsing/executing the PHP script, Apache would rather send its source code back to the browser, which would propose to download it.

I found various potentials solutions online, like:

  • Checking if the PHP module was enabled (it was)
  • Setting “php_admin_flag engine” or “php_admin_value”  to “on” (it didn’t help)

What helped was to enable explicitly the PHP handlers in the Directory section of the corresponding vhosts. On OpenSUSE Leap, the file /etc/apache2/conf.d/php7.conf does exactly that, so I could just include it:

<VirtualHost ...>
        DocumentRoot /some/path
        <Directory /some/path>
                Include /etc/apache2/conf.d/php7.conf
                Options ...
                AllowOverride ...
                Require all granted
Posted in Uncategorized | Leave a comment

Uploading a file with HTTP PUT in Groovy with Basic Auth


dependencies {
   compile 'org.codehaus.groovy.modules.http-builder:http-builder:0.7.1'
   compile 'org.apache.httpcomponents:httpmime:4.5'


import org.apache.http.client.entity.EntityBuilder
import org.apache.http.util.EntityUtils

class HttpPut {
   File inputFile
   String url
   String username
   String password

   HttpPut withFile(File inputFile) {
       this.inputFile = inputFile
       return this

   HttpPut withUrl(String url) {
       this.url = url
       return this

   HttpPut withCredentials(String username, String password) {
       this.username  = username
       this.password = password
       return this

   void put() {
       def http = new HTTPBuilder(url)

       http.auth.basic(username, password)

       http.request(Method.PUT) { request ->
           request.entity = EntityBuilder.create().setBinary(inputFile.bytes).build()

Posted in Uncategorized | Leave a comment

Gerrit: robust regular expression to create links from text automatically (commentlink)

When there is a link to a bug tracking ticket in a commit message, and Gerrit is already be configured to make automatically links out of ticket numbers, it results in a mess. There is a bug report about this since quite a while already, but no progress yet.

A workaround is to use a lookbehind regular expression, to ignore ticket numbers that are followed by a double quote or


, because they are most likely part of a generated URL.

[commentlink "bugtracking"]
       match = \\b([A-Z]+-\\d+)(?!(\"|<\\/a>))
       link = https://bugtracker/tickets/$1

If you need to troubleshoot this kind of issue: it is very cumbersome to test the regex directly in Gerrit, because you have to modify the config file, stop Gerrit, flush the caches and restart it. Since the regex syntax is the onf of Javascript, you can use a tool like Just enter as test string a set of lines you want to match, another set that you don’t want to match, enable the “g” option, and experiment with the regular expression until it works as expected. Then you need only to escape the \ and the ” and put it in the Gerrit config file.

Posted in Uncategorized | Leave a comment

Notepad++: automatic configuration of tabs vs. spaces

Notepad++ is a great text editor with lots of features out of the box, but I miss particularly one: the ability to use automatically tabs or spaces for indentation according to the content of an existing file when opening it.

Luckily enough, it’s easy to add this feature using the Python scripting plugin.

  • Install the Python scripting add on for Notepad++ with the plugin manager
  • Open C:\Program Files (x86)\Notepad++\plugins\PythonScript\scripts\
  • Append the code below at the bottom of the file
  • Save the file
  • Open Notepad++
  • Choose Plugins -> Python Script -> Configuration
  • Ensure Initialisation is set to ATSTARTUP and save
  • Restart Notepad++
from Npp import *

def indent_auto_detect(arg):
    for i in range(editor.getLineCount()):
        pos = editor.positionFromLine(i)
        indent = editor.getLineIndentPosition(i)-pos
        if indent > 0:
            if ord('\t') == editor.getCharAt(pos):
                console.write("Indentation: Tabs\n")
            elif indent in [2, 3, 4, 8]:
                console.write("Indentation: %d spaces\n" % indent)

notepad.callback(indent_auto_detect, [NOTIFICATION.BUFFERACTIVATED])
notepad.callback(indent_auto_detect, [NOTIFICATION.READY])
console.write("Automatic indentation detection started\n")

The code comes from:

Posted in Uncategorized | 1 Comment

Configuring Apache to serve multiple domains with a single SSL certificate

Here are some notes on how to configure Apache to server multiple domains with a single SSL certificate. If using a single certificate is not an option, you will have to use SNI, which is not covered in this howto.

# Create root CA
openssl genrsa -out rootCA.key 2048
# Self sign the CA cert
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem

Create the configuration file of the certificate request for all domains (multi.conf):

distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no
countryName = XY
stateOrProvinceName = XY
localityName = City
organizationName = My organization
organizationalUnitName = My unit
commonName =
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
DNS.1 =
DNS.2 =

Be aware that the semantic of the fields in the configuration file changes depending on the value of “prompt”. With “prompt = no”, countryName is the value for the country. Without “prompt”, it set the label that will be displayed when the user is prompted, and a default value can be provided in “countryName_default”. Very confusing…

One of the aliases has to be specified as commonName and again as alternate name, because in some cases only alternate names will be considered.

Now you can create the server key and the corresponding certificate:

openssl genrsa -out multi.key 2048
openssl req -new -out multi.csr -key multi.key -config multi.conf
openssl x509 -req -in multi.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out multi.crt -days 500 -sha256 -extensions v3_req -extfile multi.conf

Note: the multi.conf file has to be used twice, once to create the request (2nd line), and again to create the certificate (3rd line).

And finally, use it in Apache:

NameVirtualHost *:443
SSLCertificateFile /root/ca/multi.crt
SSLCertificateKeyFile /root/ca/multi.key
<VirtualHost *:443>

<VirtualHost *:443>

Posted in Linux | Leave a comment

Msys2/pacman: list dependencies with versions

Here is a one-liner to list all the dependencies for an Msys2 package, or for any pacman based system for that matter:

$ pactree -u mingw-w64-x86_64-gcc | xargs -r pacman -Si | gawk '/^Name *:/ {name=$3} /^Version *:/ {version=$3; printf "%s-%s\n",name,version}'

Note: on my system, it works only for installed packages, even using the “-s” option:

$ pacman -Si mingw-w64-i686-qtwebkit
Repository      : mingw32
Name            : mingw-w64-i686-qtwebkit

$ pactree -s mingw-w64-i686-qtwebkit
error: package 'mingw-w64-i686-qtwebkit' not found

I don’t know why.

Posted in Uncategorized | Leave a comment

Getting BLN to work with CyanogenMod / LineageOS

“Backlight Notification” is a great feature of some Android Linux kernels, that allows to use the backlight of the “Menu” and “Back” buttons to signal pending notifications for phones that don’t have a dedicated notification LED.

There is an app called BLN control in the play store from the developer “neldar”, that allows to control this feature. However, if you try to use it on a recent version of CyanogenMod or LineageOS, it will report “This kernel does not support BLN”. This may not be true, the kernel might support it, like in many recent custom ROMs, but the app cannot configure it due to the SELinux (Security-Enhanced Linux). It’s a module that increases the security of Android, but prevents BLN control to work.

One option (that I do not recommend) is to disable SELinux by settings its mode to permissive (“setenforce permissive” as root).

A better option, that doesn’t compromise the security of the phone, is to enable BLN at each boot. For that, enable “adb” in the developer options of the phone, also enable “root” access for adb, then connect to the phone with ADB:

Computer$ adb shell
Phone$ su -
Phone# cat > /data/local/
echo 1 > /sys/devices/virtual/misc/backlightnotification/enabled
[Press CTRL-D]

Now reboot the phone, and call or text your phone. The “menu” and “back” buttons should glow until you dismiss the notifications.

Don’t forget to disable the root access and adb in the developer options!

And if the directory “/sys/devices/virtual/misc/backlightnotification” is missing, then the kernel really doesn’t support BLN, sorry for you.

Please let me know in the comments if this worked for you (or not).

Posted in Android | 9 Comments

Groovy: StreamException: Cannot create XmlPullParser

If you get this error message, you might want to remove “xmlpull-” and “xstream-1.4.7.jar” from GROOVY_HOME/lib as a workaround. These libraries provided with Groovy seem to conflict with the ones used by the application.

I didn’t notice any side effect so far.

Posted in Uncategorized | Leave a comment

Perl’s “quote word” in Groovy

When it comes to embedding a long list of simple text strings in the code, Perl’s “quote word” is very handy:

my @l = qw(a b c d e f g h);

This is the closest equivalent I could find in Groovy:

def l = "a b c d e f g h".split("\\s+").findAll { it.length() > 0 }

You can also use a multiline string :

def l = """
h""".split("\\s+").findAll { it.length() > 0 }

The “findAll” avoid to get empty strings at the beginning of the end of the list in case of empty lines or leading and trailing spaces.

Posted in Uncategorized | Leave a comment

Linux serial TTY hanging

Today, I had the problem that my serial TTY (/dev/ttyACM0, serial over USB) was apparently hanging when receiving data.

However, when more data was sent by the other side, the communication would eventually resume. So at first, I though some kind of receive buffering was involved, but I was wrong. The reason was that the “icanon” option of the TTY was set. In this mode, the bytes are interpreted in some way I don’t (want to) understand, that caused the delays in the data transmission. Disabling it fixed the issue.

# stty -F /dev/ttyACM0 -a
speed 9600 baud; rows 0; columns 0; line = 0;

intr = ^C; quit = ^\; erase = ^?; kill = ^U; eof = ^A; eol = ; eol2 = ; swtch = ; start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R;

werase = ^W; lnext = ^V; flush = ^O; min = 1; time = 0;

-parenb -parodd -cmspar cs8 hupcl -cstopb cread clocal -crtscts
-ignbrk -brkint ignpar -parmrk -inpck -istrip -inlcr -igncr -icrnl -ixon ixoff -iuclc ixany -imaxbel -iutf8
-opost -olcuc -ocrnl -onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0
isig icanon iexten echo echoe echok -echonl -noflsh -xcase -tostop -echoprt echoctl echoke

Disable icanon:

# stty -F /dev/ttyACM0 -icanon

Check again:

# stty -F /dev/ttyACM0 -a

speed 9600 baud; rows 0; columns 0; line = 0;

intr = ^C; quit = ^\; erase = ^?; kill = ^U; eof = ^A; eol = ; eol2 = ; swtch = ; start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R;

werase = ^W; lnext = ^V; flush = ^O; min = 1; time = 0;

-parenb -parodd -cmspar cs8 hupcl -cstopb cread clocal -crtscts
-ignbrk -brkint ignpar -parmrk -inpck -istrip -inlcr -igncr -icrnl -ixon ixoff -iuclc ixany -imaxbel -iutf8
-opost -olcuc -ocrnl -onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0
isig -icanon iexten echo echoe echok -echonl -noflsh -xcase -tostop -echoprt echoctl echoke

Posted in Linux | Leave a comment