Jan 8th 2017
Revisiting Laravel Homestead MySQL Password Expiration

After putting the solution in my previous post through its paces for a few weeks, I realized the less intrusive approach is to patch Homestead v2's scripts/create-mysql.sh with the following snippet:

1
2
3
4
5
6
7
8
9
10
11
12
#!/usr/bin/env bash
cat > /etc/mysql/conf.d/password_expiration.cnf << EOF
[mysqld]
default_password_lifetime = 0
EOF
service mysql restart
DB=$1;
mysql -e "CREATE DATABASE IF NOT EXISTS \`$DB\` DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_unicode_ci";

This change pipes the default_password_lifetime setting into the file /etc/mysql/conf.d/password_expiration.cnf and restarts the mysql service. The provisioning process then can proceed as normal.

This approach requires no updated vagrant virtualbox image or other similar adjustments and allows us to keep using version 0.3.3 indefinitely.

I'm likely going to abandon my settler and homestead forks as I couldn't adequately maintain them moving forward. I'll work to push this upstream as I feel it should be implemented there.

Jan 7th 2017
Addressing Laravel Homestead MySQL Password Expiration

On November 7th 2016, I was hit with a peculiar issue I've never seen before working in a provisioned Homestead box. The exception:

1
2
PDOException in Connector.php line 55:
SQLSTATE[HY000] [1862] Your password has expired. To log in you must change it using a client that supports expired passwords.

Firing up a different vagrant machine, I was greeted with the same problem. This seemed to affect all of the vagrant boxes using version laravel/homestead (virtualbox, 0.3.3).

On the machine, the MySQL version displayed by mysql --version is

1
mysql Ver 14.14 Distrib 5.7.9, for Linux (x86_64) using EditLine wrapper

MySQL 5.7's password expiration policy seemed to point to the culprit.

1
2
3
From MySQL 5.7.4 to 5.7.10, the default default_password_lifetime value is 360 (passwords must be changed approximately once per year). For
those versions, be aware that, if you make no changes to the default_password_lifetime variable or to individual user accounts, all user
passwords will expire after 360 days, and all user accounts will start running in restricted mode when this happens.

Looking at the list of users with relevant columns shown that the password for the user homestead was set on 2015-11-13 03:50:18.

1
2
3
4
5
6
7
8
9
10
11
mysql> select host, user, authentication_string, password_expired, password_last_changed, password_lifetime from mysql.user;
+-----------+-----------+-------------------------------------------+------------------+-----------------------+-------------------+
| host | user | authentication_string | password_expired | password_last_changed | password_lifetime |
+-----------+-----------+-------------------------------------------+------------------+-----------------------+-------------------+
| localhost | root | *14E65567ABDB5135D0CFD9A70B3032C179A49EE7 | N | 2016-11-08 22:28:11 | NULL |
| localhost | mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | N | 2015-11-13 03:50:10 | NULL |
| 0.0.0.0 | root | *14E65567ABDB5135D0CFD9A70B3032C179A49EE7 | N | 2015-11-13 03:50:15 | NULL |
| 0.0.0.0 | homestead | *14E65567ABDB5135D0CFD9A70B3032C179A49EE7 | N | 2015-11-13 03:50:18 | NULL |
| % | homestead | *14E65567ABDB5135D0CFD9A70B3032C179A49EE7 | N | 2015-11-13 03:50:18 | NULL |
+-----------+-----------+-------------------------------------------+------------------+-----------------------+-------------------+
5 rows in set (0.00 sec)

Date manipulation in PHP showed that 360 days from 2015-11-13 03:50:18 is 2016-11-07 03:50:18, about the time this started occurring.

It was later that I discovered this pull request didn't make it into branch revert-56-master used to build the 0.3.3 box. It succinctly described the problem at hand.

I saw 4 possible choices for a permanent solution:

  1. Set default_password_lifetime=0 explicitly in /etc/mysql/my.cnf.
  2. Upgrade MySQL to 5.7.11 or higher as the default was changed from 360 to 0.
  3. Create the homestead user with the keywords PASSWORD EXPIRE NEVER to disable password expiration for that user.
  4. All of the above.

Solution

In looking to correct upstream, the pull request was denied with very good reason. It was a ton of work to seemingly get the 5.6 branch up to master and I have absolutely no guarantee that something wasn't broken in the process.

Not being content with abandoning that work, I pushed a vagrant virtualbox image that should continue the 5.6 branch forward for the foreseeable future. There is one major caveat, it requires a patch to Homestead v2 to accommodate the changes introduced.

Steps required to use the image:

  1. Add the new vagrant image: vagrant box add w0rd-driven/homestead.
  2. Add the line box: "w0rd-driven/homestead" in Homestead.yaml to specify a different vagrant box than the default of laravel/homestead.
  3. Add the line "laravel/homestead": "2.0.x-dev" to the require-dev section of composer.json.
  4. Add or update the repositories section of composer.json:

    1
    2
    3
    4
    5
    6
    "repositories": [
    {
    "type": "git",
    "url": "https://github.com/w0rd-driven/homestead.git"
    }
    ],
  5. Run composer update to change to the new composer package.

  6. Rebuild your box using vagrant destroy -f then vagrant up.
  7. Test everything.

I've enabled issues on both forks of settler and homestead. Unfortunately, I don't have VMWare Fusion to build the vmware provider image. If anyone has the capabilities, I would gladly grant the access to push the image.

Apr 17th 2016
Windows 10 Mobile ~14295 Downgrade

In the event this causes grief in the future I wanted to point out the steps to downgrade Windows 10 Mobile build 14295 back to 8.1. The Windows Device Recovery Tool fails to detect the phone without the steps outlined in BrunoTrivellato's response on page 2.

To make this easier, I thought I would repurpose the steps as I can't seem to find an independent or direct link:

  1. Unplug the phone from the PC
  2. Click on "My device was not detected"
  3. Select your model and you will enter the "Searching Screen"
  4. Reboot your phone (pressing volume down + home button for some seconds until it vibrates) and immediately plug it back in the PC
    • If you take too long to plug it in the PC you will have to reboot it again (the Recovery Tool will show a message to you)
  5. The tool will recognize your model, but not the OS or Firmware
  6. Click in "Download Software" and wait the process to complete.
  7. When finished, click next and check your Battery as the screen says
  8. The next screen will try to install the software BUT IT WILL FAIL, don't worry it is normal. Wait (3-4 minutes) until it fails and click Finish.
  9. Repeat steps 1-5.
  10. Now you will see that the screen will not show "Download" but "Install", click it.
  11. You will see the installation progress both in the Tool and in your Phone. Wait until it finishes (2-3 minutes).

Apr 17th 2016
JSON Resume

I wanted to mark what feels like an oasis in the desert of a long journey. During my last job search over 2 years ago, I tired of what had become a disjointed resume update routine. Accomplish a task, go to the Word-document-as-one-true-source, update, print to PDF, go to LinkedIn, update, go to careers.stackoverflow.com, update, rinse & repeat.

I yearned for one interchangeable format that allowed me to generate HTML, Word and PDF at the very least. JSON Resume combined with resume-linkedin seemed like a great fit. Unfortunately, due to recent LinkedIn API changes resume-linkedin was all but useless. My first contribution was born out of the realization that if you could get the LinkedIn data through the API console, the process still worked, albeit extremely cumbersome.

As I worked on migrating this site to my personal fork of a theme in Hexo, I thought a custom JSON Resume theme would also be a good fit. These changes to my resume can be found here or here.

Jan 12th 2016
Newness

I said in my previous post that a lot can happen in 2 years.

In that time span I've:

  • Moved to using a MacBook and OSX.
    • OSX being very BSD-like makes it an prime target for web development. It isn't the second class citizen Windows is in the Ruby or Node.js communities.
  • Transitioned away from .NET and don't really miss it. I do randomly play around with .NET core when possible but I haven't actually built anything with it.
    • This was honestly very huge at the time but I still feel I made the right decision. Though Windows 10 is the platform Windows 8 should have been and likely would've kept me on board.
  • Transitioned to PHP and web technologies full bore. I'm no fan of the PHP language but in the era of Visual Studio 2012, a dynamic language that only required refreshing my browser was much faster than waiting on the compile cycle.
  • Drank the vagrant koolaid via PuPHPet.
    • Recreating production hardware isn't too difficult with my ancient DevOps experience.
    • Waiting on the painful commit/push/wait for deployment/refresh cycle to see a change was a huge productivity destroyer.
    • Even developing locally when production PHP versions aren't consistent can be a nightmare. Something like rvm in Ruby comes close but it isn't perfect.
  • Immediately took to PHPStorm as my IDE of choice. JetBrains have done an amazing job and if you've used ReSharper you've only had a taste. I'm no fan of Java but I'll make a concession for tools this good.
  • Wrote a very crude front-end only CMS. When working in only HTML, CSS, and Javascript you really see the separation of client and server very clearly.
  • I jumped in the deep end with tools like gulp, bower and yeoman.
    • This has fueled my desire to be a lot more fluent in Node.js.
    • Frontend development becomes insanely fun because a lot of the tedium melts away if you do it right.
    • This gulp template was extended from this blog post and it's subsequent repository to streamline working on the custom CMS.
    • This yeoman gulp generator looks a little more promising as it seems to serve a similar purpose but feels like less work.
  • I have a Microsoft Lumia 640 and the Windows 10 Mobile OS is one of the best mobile experiences I've used to date. I know I'm biased but it has shaped up really well.
  • My personal laptop is running Windows 10 as well so I haven't abandoned the Windows ecosystem by a long shot, I've just become more of a consumer rather than a developer.

That's really only scratching the surface. It would've been helpful to have blog posts as I moved along but as with most things, life got in the way.

My main goal for the early part of 2016 is to revamp this site and make it the playground I was looking for in 2013. Octopress is really nice but if I upgrade to v3 it's not much more work to migrating away to something like Hexo, Metalsmith, or DocPad.