Help me, there is a zombie process!

Here is a good explanation for zombie processes.


If you have zombie processes it means those zombies have not been waited for by their parent (look at PPID displayed by ps -l). 
You have three choices: Fix the parent process (make it wait); kill the parent; or live with it.
Remember that living with it is not so hard because zombies take up little more than one extra line in the output of ps.

On a server I want to get informed if there are zombie processes and track them wi…

Rails: Send links in emails with the right protocol

ActionMailer per default uses http as protocol, which enables SSL-stripping. When a logged-in user follows an http link to your application, it sends the cookies along with it. Although the application redirects the user to https and from that point has a secure connection to the user, an attacker may overhear that first unsafe request and hijack your session.

Teach ActionMailer to use the right protocol

If your application is behind SSL, turn on using https application-wide. In your environment file (either global or per environ…

Pimp my IRB

Put the attached files into your home directory and enjoy.


  • defines interesting_methods, which is essentially all methods without top-level methods inherited from Object/Module
  • requires awesome_print, if present
  • requires interactive_editor, if present (basically makes vim available)
  • loads .irbrc_rails if in Rails (e.g. for the Rails console)


  • defines efind(email), which is a shortcut to find users by email …

Ubuntu: Restart sound services

Sometimes sound breaks for me and speaker output is completely broken. This helped:

pulseaudio -k && sudo alsa force-reload

Clean up application servers when deploying

Our development process makes us deploy very often. As the number of releases grows, junk clogs up the hard drive of our application servers:

  • Old release code
  • Old tmp folders with compiled view templates etc.
  • Precompiled assets (Javascripts, images…) that no longer exist. When using the asset pipeline, Capistrano will symlink the public/assets directory to shared/assets. This is cool since we can still serve previous assets after a new release, in the window where browser caches might still have references to old assets. But i…

Launch Gnome disk utility from command line

No chance you would have ever guessed it…

sudo palimpsest
External content

asciidisco/Backbone.Mutators · GitHub

Backbone plugin to override getters and setters with logic.

New Gem safe_cookies: Have your cookies as secure and HttpOnly as possible

Cookies have two important flags: secure and HttpOnly. The first instructs the browser to only send the cookie to the server when talking over SSL. This is to prevent session hijacking, where an attacker would pretend to be the server, thereby fooling your browser into giving him your cookies and then using that data to authenticate in your place with the real server. The latter protects the cookie from being read in [XSS attacks](…

Virtus: Coercing boolean attributes


Do it like this:

attribute :active, Virtus::Attribute::Boolean

Long story

In Virtus you define attribute with their type like this:

attribute :name, String
attribute :birthday, Date

When defining a boolean attributes, you will probably write it like this:

attribute :active, Boolean

The problem is, there is not actually a Boolean class in Ruby (there's only TrueClass and FalseClass), so use Virtus::Attribute::Boolean instead.

The reason whil…

External content

marcandre/backports · GitHub

Essential backports that enable many of the nice features of Ruby 1.8.7 up to 2.0.0 for earlier versions.

External content

How to remap keys in Ubuntu

Good article that tells you how to change behavior of certain keys via xmodmap (with the help of exv if you need to find out the keycode).

Ruby Scripts: Select the Ruby version in the shebang

As Bill Dueber has on his blog, you can call rvm in the shebang to select a Ruby version like this:

 #!/usr/bin/env rvm 1.9 do ruby

Standard arguments to do apply, see $> rvm help do.

Rails: Have different session secrets for all environments

The Rails secret_token must be unique for each application and any instance of it. If not, someone could exploit this by creating a user with ID = 1 (e.g. on staging), sign in and then use that cookie to authenticate on another site (e.g. on production, where the user with ID = 1 probably is the admin).

Here is a one-for-all solution that does not affect current production users, leaving the production token unchanged: prefix the existing secret_token with #{Rails.env unless Rails.env.production?}.

Note: There may be tokens in …

git: How to always pull with rebase

In order to have more human readable git branches, do

  git pull --rebase

To always pull like this, write these lines to your ~/.gitconfig: [pull] rebase = true

Note that this will break if you pull from other upstream branches like

git pull origin other-branch

If you keep rebasing by default, you can get "merge pulls" like this:

git pull --no-rebase origin other-branch

Bundle capistrano

Capistrano recently had some API changes that can results in deploys not working when running with old deploy.rb files.

So let's bundle it. Put capistrano into your Gemfile, like this:

# Gemfile

group :deploy do
  gem 'capistrano'
  gem 'capistrano_colors'

It's possible you need to do a bundle update net-ssh to get things running.

Now double check that all your custom hooks are actually still called. One candidate might be an after deploy:symlink hook that has been renamed into `after deploy:creat…

Subscribe to Rails security mailing list without Google account

The Ruby on Rails security list archive can be found here:

You can subscribe to this mailing list without a Google account by pasting this URL into your browser (after replacing the email address obviously).
                                                                       ^^^^^^^^^^^^^^^^^^^^^ <- Change this
External content

Redactor WYSIWYG html editor

New WYSIWYG editor that claims to be lighter and prettier than TinyMCE and CKEditor. Has some Rails integration, too.

News flash: Absolute CSS positioning on opposite sides is not a problem

Back in the old days, we couldn't do something like that:

.foo {
  position: absolute;
  bottom: 0;
  /* This was bad: */
  left: 10px;
  right: 10px;

Why? Because IE5 and IE6 (which a majority of people used back then) failed horribly trying to render it.

I've now checked if this is still an issue with any browser that's not from the stone age. \
Turns out all is well – except if you have to support IE6 and below, but then you're in some other kinds of trouble.

It works in all sane browsers, and Internet Explorer 7, 8…

3390 cards