Archive for the ‘security’ Category

Google API’s and Mac

July 7, 2008

I have an old iMac that I’ve been using as a server. Because I like Linux, and because it was easier to configure LAMP (Linux, Apache, MySql, PHP) than the similar components in OS X, I installed Kubuntu 6.06 on it (I’ve always liked the KDE desktop better than the Gnome desktop, which is the default for Ubuntu). Everything was fine until I decided I wanted to try out a Google API.

Google APIs require PHP 5.1.4 or higher (actually it was needed for the Zend engine, which is required for the Google API). But Ubuntu 6.06 (and Kubuntu 6.06) didn’t have upgrades to PHP 5.1.4. After a lot of trials and failures, I decided to fall back on Apple’s OS X and install MAMP (Mac, Apache, MySql, PHP). This particular machine could only take OS 10.3.* on it, which limited the MAMP I could use. But it included PHP 5.1.6, so I was happy. For a while.

I got everything up and running again, and even figured out how to get local network access working. Then I got back to the Google API. The first step, with MAMP, however, was to secure it, since the default install is with user “root” and password “root.” So far, that wasn’t a problem since MAMP on this computer was only accessible on the local network, firewalled from the Internet. But using a Google API requires access to and from the web.

The MAMP application has a FAQ page, accessible from the start page, that looks really helpful, but isn’t. You can get there by clicking in the FAQ button at the start page:

MAMP start page

Of course, the part about which versions of the included programs are installed is helpful. But I had already checked that before I downloaded MAMP. It’s the part right below that, under the “How can I change the password for the MySQL database?” that is unhelpful.

MAMP FAQ page

First of all, mysqladmin is not in that location (/Applications/MAMP/bin/mysql4/bin/mysqladmin). It’s in /Applications/MAMP/Library/bin. The php config file location is closer to what’s listed: /Applications/MAMP/bin/phpMyAdmin/config.inc.php

Second, trying to run the suggested command in tcsh got me nowhere. It turns out the default shell was changed to bash in OS 10.3, but upgrades (which this is) keep tcsh as the default. Fortunately, bash is available, but the default has to be changed in the terminal preferences.

So, just to make sure bash is really there, go to the /bin directory in the terminal (using the Finder will just show the documentation):

bash in the Finder

Change the directory to root level by typing “cd /.” Then type “cd /bin” to get to the /bin directory. Then type “ls” to list everything in that directory (see bash listed in the screenshot):

While the terminal is open, go to the Terminal preferences:

Preferences

Notice the path listed is for tcsh:

tcsh set

Change it to /bin/bash:

bash path

Close the Preferences window, quit the Terminal application, and relaunch it. bash will be at the top of the Terminal window instead of tcsh now.

Now running the command listed in the FAQ page (with the path modification) will change the password in MySQL.  But before you actually press the Enter key to run the command, highlight the new password and copy it using the edit menu at the top of the screen.

/Applications/MAMP/Library/bin/mysqladmin -u root -p password NEWPASSWORD

(where NEWPASSWORD is the password it is to be changed to). The php config file will also need to be edited. I have eMacs on this machine, which worked nicely.  Don’t try to do it in Text Edit.  That will not work nicely at all.  Open the config.inc.php file (in MAMP’s phpmyadmin folder) in a code editor like bbedit or emacs. Find the lines

$cfg['Servers'][$i]['user']           =   'root';          //MySQL user
$cfg['Servers'][$i]['password']       =   'root';         //MySQL password

Replace ‘root’ in the password line with the one you copied. Save the file and close it.

Now, according to the MAMP faq page, it’s finished. Not.

It turns out there’s also a couple scripts to change in MAMP, documented over on network0.  There’s also a handy section on securing MAMP itself by password protecting the htaccess folder using an online .htaccess password tool (http://www.tools.dynamicdrive.com/password/).  So now that I’ve got it locked down it’s time to figure out how to open it up for Gdata on that Google API.  🙂

Advertisements