July 1, 2016

Python Naming Conventions

Python Naming Conventions

This really helped me out a lot when pylint would output ambiguous error messages that wouldn't really help me to solve the "riddle". For instance incorrect function name, what the heck does that mean to someone who has never used python or at least not that often? Everything that I could find in Google, the forums and even pylint's web page, wouldn't really give me the answers to my syntax naming convention woes. Hope this helps someone else.

Many thanks to the people over at CodingConvention on GitHub

1. General

  • Avoid using names that are too general or too wordy. Strike a good balance between the two.
  • Bad: data_structure, my_list, info_map, dictionary_for_the_purpose_of_storing_data_representing_word_definitions
  • Good: user_profile, menu_options, word_definitions
  • Don’t be a jackass and name things “O”, “l”, or “I”
  • When using CamelCase names, capitalize all letters of an abbreviation (e.g. HTTPServer)

2. Packages

  • Package names should be all lower case
  • When multiple words are needed, an underscore should separate them
  • It is usually preferable to stick to 1 word names

3. Modules

  • Module names should be all lower case
  • When multiple words are needed, an underscore should separate them
  • It is usually preferable to stick to 1 word names

4. Classes

  • Class names should follow the UpperCaseCamelCase convention
  • Python’s built-in classes, however are typically lowercase words
  • Exception classes should end in “Error”

5. Global (module-level) Variables

  • Global variables should be all lowercase
  • Words in a global variable name should be separated by an underscore

6. Instance Variables

  • Instance variable names should be all lower case
  • Words in an instance variable name should be separated by an underscore
  • Non-public instance variables should begin with a single underscore
  • If an instance name needs to be mangled, two underscores may begin its name

7. Methods

  • Method names should be all lower case
  • Words in an method name should be separated by an underscore
  • Non-public method should begin with a single underscore
  • If a method name needs to be mangled, two underscores may begin its name

8. Method Arguments

  • Instance methods should have their first argument named ‘self’.
  • Class methods should have their first argument named ‘cls’

9. Functions

  • Function names should be all lower case
  • Words in a function name should be separated by an underscore

10. Constants

  • Constant names must be fully capitalized
  • Words in a constant name should be separated by an underscore


CodingConvention on GitHub

June 7, 2016

Installing Arch Linux & Gnome 3 Desktop


The following steps are what I did to install Arch linux on my Asus laptop and many other devices. The Beginners Install Guide is much more in-depth and explains some other features like MBR installs, full and partial disk encryption, and the GRUB boot loader.


Bootable Arch Media:

You can grab the latest ISO from here. I always grab one from one of the US mirrors, but they have a Torrent file as well.

Now lets create the install media:

# sudo dd bs=512 if=/location/of/your/iso_file of=/dev/sdx && sync
  • This will take about 5 minutes to complete, but it will depend on the quality of the flash media.

Install Arch:

Boot to the USB drive that you just created, and select the first boot option.

After the OS environment boots, take a look at the connected devices and determine where you will be installing Arch. If you know how large your target drive is, determining which device to use should be fairly straight forward.

# lsblk

Network Setup:

If you are connect to your network via Ethernet, then downloading packages shouldn't be a problem, but if you need to connect to a wifi network, here are the commands to get you going:

Run ip addr to get the name of the wireless interface. It will be something like "wlp2s0"

# ip addr

Next, use the following command to list the available wifi networks:

# wifi-menu -o <wireless_nic_id>

Update the System Clock:

Update the system clock to ensure that it is up-to-date:

# timedatectl set-ntp true

Partition Setup:

Recall the device name that you found from the lsblk command from earlier. We are now going to partition the hard drive to get it ready for the file system that we will be creating. I will be creating a GPT partition table with 2 partitions. One for boot drive that will be formatted with FAT32 for UEFI BIOS setup and another larger drive that will be formatted with ext4. The larger partition will be used to create 3 Logical volumes or LVMs. One for Root, one for swap, and the last for the home directory.

# parted /dev/sdx

    (parted) mklabel gpt
    (parted) mkpart ESP fat32 1MiB 512MiB
    (parted) set 1 boot on
    (parted) mkpart primary ext4 513MiB 100%
    (parted) print
    (parted) quit

LVM Setup:

Run the lsblk command again to see your newly created partitions, and take note of the drive lettering now that you have created two partitions.

Create the Physical Volume using the following command:

# pvcreate /dev/sdax

Create the Volume Group with the following command:

# vgcreate <VolumeName_of_your_choice> /dev/sdax

Create the logical volumes that we mentioned earlier (root, swap, and home):

# lvcreate -L 30G examplevg -n rootlv
# lvcreate -L 4G examplevg -n swaplv
# lvcreate -l +100%FREE examplevg -n homelv

If you want to display the different volumes that you just created:

# pvdisplay
# vgdisplay
# lvdisplay

Create the File System & Enable Swap:

Use lsblk again to see how the LVMs are named.

Now lets create the file system:

# mkfs.ext4 /dev/mapper/examplevg-rootlv
# mkfs.ext4 /dev/mapper/examplevg-homelv
# mkfs.fat -F32 /dev/sda1
# mkswap /dev/mapper/examplevg-swaplv
# swapon /dev/mapper/examplevg-swaplv

# mount /dev/mapper/examplevg-rootlv /mnt

# mkdir /mnt/boot
# mount /dev/sda1 /mnt/boot

# mkdir /mnt/home
# mount /dev/mapper/examplevg-homelv /mnt/home


Edit the Mirror List:

The mirror list is how Arch knows where to look for packages and updates to install.

# vim /etc/pacman.d/mirrorlist

Uncomment (remove the #) from the lines relevant to our country.
If the mirrors are already uncommented, move the one(s) that 
you want to use to the top of the list. You technically don't 
have to edit anything if you don't want to.

Save the file and exit

Install the Base Packages:

Now we get to install the base system packages to the root filesystem that we created:

# pacstrap -i /mnt base base-devel (Yes, there is a space between base and base-devel)

Just press enter when prompted to install packages.

Configuring Arch:

Generate fstab

Generate the fstab (file system table) file. This is how Arch knows how to mount devices to your filesystem. The -U flag tells the command to UUIDs to identify partitions and devices.

# genfstab -U /mnt >> /mnt/etc/fstab    

You can verify that the fstab file was generated by viewing the following file:

# vim /mnt/etc/fstab

Change to root of your Arch install:

# arch-chroot /mnt /bin/bash

Generating locale

Use the following command to append your locale to the end of the file */etc/locale.gen

# echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen

This will tell your system which language it should use among other things.

Now generate the locale

# locale-gen

Now create the locale.conf file in /ect

# echo LANG=en_US.UTF-8 > /etc/locale.conf

I didn't use quotes this time because the line that I echoed into the file didn't have any spaces for line breaks in it.

Time Zone:

Follow the prompts

# tzselect

Create the symbolic link to /etc/localtime

# ln -s /usr/share/zoneifo/America/New_York /etc/localtime

Set the time standard to UTC

# hwclock --systohc --utc


Make sure to edit /etc/mkinitcpio.conf with the following information before generate the Initial RAM File System. You can use nano or any other text terminal text editor that you prefer. I chose vim here because it is what I am use to.

# vim /etc/mkinitcpio.conf

Add find the line that starts with "HOOKS". It should be near the bottom.
Add "lvm2" right before the word "filesystem"

<esc> :x

Save the file and exit

Run the following command to build the initial RAM filesystem:

# mkinitcpio -p linux

Install the Boot Loader


Install systemd-boot to the EFI system partition

# bootctl install

Create the boot entry

For LVM installations, create the following file:

# vim /boot/loader/entries/arch-lvm.conf

    title        <Your_Choice>
    linux        /vmlinuz-linux
    initrd       /initramfs-linux.img
    options      root=/dev/mapper/<VolumeGroup-RootLogicalVolume> rw

Save the file and exit. If you used the LTS linux image then replace vmlinuz-linux & initramfs-linux.img vmlinuz-linux-lts & initramfs-linux-lts.img. If anything goes wrong(at least in my experience) with the boot process, it will be in this file.

Other boot entry schemes can be found Here

Network Configuration

Wired (Ethernet)

# systemctl enable dhcpd@<interface_name>.service


Install iw, wpa_supplicant, and dialog

# pacman -S iw wpa_supplicant dialog

If you setup the Wifi network with wifi-menu, repeat the same steps

Generate the Root Password

# passwd

Create your user

# useradd -m -g wheel -d /home/captam3rica -s /bin/bash -n captam3rica 
(replace my username with one of your own)
# passwd captam3rica 
(it is best to make this password something other than the root password)

Sudoers File

Edit the /etc/sudorers file so that you will be able to use the sudo command to install packages and edit other files as necessary.

Find the line looks like this "# %wheel" and uncomment it.

After you save the file, you will be able to use your user to perform commands as root.

Desktop Environment


I am installing Gnome3 as my desktop environment, but there are many others to choose from. I recommend playing around with a few until you find one that you like. Other Desktops

# pacman gnome gdm gome-tweak-tool 

Here are some extra packages that I like to install along with gnome3

# exfat-utils util-linux fuse-expat (for creating and mont exfat file system types)
# gedit (A really nice text editor)
# gnome-remote-desktop (I think it's obvious)
# gnome-documents (Document and ebook reader for Gnome)
# aspell-en (Spell checker for LibreOffice)

Enabe the gdm service

After the Gnome installation completes, enable the desktop manager service

# systemctl enable gdm

Start the NetworkManager service

ip link set <your NIC> up
systemctl enable NetworkManager
systemctl start NetworkManager

Enabling these services will allow them to startup automatically each time you have to reboot or power off your system.

Final Steps

Exit from the chroot environment

# exit

Unmount the partitions

# umount -R /mnt

Reboot the system

# reboot

Once the system comes backup (as long as everything was configured correctly), you should boot to the Gnome3 login screen. Login with the user credentials that you created and enjoy!


June 5, 2016

Emby Media Server | Arch Linux


I have tried to install Emby directly from the Arch package repositories, but for whatever reason, permissions for the emby service user were not allowing emby to access the media file locations. Now that I have used it a little bit, Docker seems to be the best, and easiest way, to get Emby up and running reliably. Below is my experience running through the emby installation process. Most of it comes from the GitHub tutorial, but I've added my take and what I've done to resolve certain issues.

Note: The following install was done on an Arch Linux box, running the most recent kernel, which at the time was 4.3.3.-2-ARCH.

You can get he full GitHub installation guide from here


First, make sure that you have a working Docker instance:

sudo pacman -S docker

Now, start the docker service:

sudo systemctl enable docker
sudo systemctl start docker

Your docker container should now be running, and it should startup after each reboot of your system. To Check that the service is running, use the following command

sudo systemctl status docker 

If docker is running, your should see something like:

$ sudo docker info
Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 0
Server Version: 1.11.2
Storage Driver: devicemapper
 Pool Name: docker-254:0-1183049-pool
 Pool Blocksize: 65.54 kB
 Base Device Size: 10.74 GB
 Backing Filesystem: xfs
 Data file: /dev/loop0
 Metadata file: /dev/loop1
 Data Space Used: 11.8 MB
 Data Space Total: 107.4 GB
 Data Space Available: 26.73 GB
 Metadata Space Used: 581.6 kB
 Metadata Space Total: 2.147 GB
 Metadata Space Available: 2.147 GB
 Udev Sync Supported: true
 Deferred Removal Enabled: false
 Deferred Deletion Enabled: false
 Deferred Deleted Device Count: 0
 Data loop file: /var/lib/docker/devicemapper/devicemapper/data
 WARNING: Usage of loopback devices is strongly discouraged for production use. Either use `--storage-opt dm.thinpooldev` or use `--storage-opt dm.no_warn_on_loop_devices=true` to suppress this warning.
 Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
 Library Version: 1.02.125 (2016-05-14)
Logging Driver: json-file
Cgroup Driver: cgroupfs
 Volume: local
 Network: host bridge null
Kernel Version: 4.5.4-1-ARCH
Operating System: Arch Linux
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 7.694 GiB
Name: localhost
Docker Root Dir: /var/lib/docker
Debug mode (client): false
Debug mode (server): false
Registry: https://index.docker.io/v1/

If you have trouble starting the docker service, try rebooting your system and then try starting the service again.

Lastly, make sure that the user that will be installing the emby Docker package is also able to run the docker command.

Emby Docker Hub Installation:

Start the installation

sudo docker run -it --rm -v /usr/local/bin:/target emby/embyserver instl

Install the Emby service

sudo docker run -it --rm -v /usr/local/bin:/target emby/embyserver instl service

Enable the Emby service

sudo systemctl enable embay-server

Emby Server Setup

Run the following command into your terminal window:


The first time your run the above command, you will be prompted to input the locations where Emby can find your media. For example: /home/username/Music or /home/username/MediaStorageDevice.

Once Emby is able to access your media files, it will be able to handle the rest.

Accessing the Server

Now that the backend is all set, all you have to do is open a browser and enter localhost:8096 into the address bar. It should bring you to the setup page for Emby, and the prompts should be easy enough to follow.

Updating Emby

Emby can be updated by restarting the emby service

sudo systemctl restart emby-server

Or by

sudo docker exec emby-server update

February 10, 2015

Top 1000 Passwords

![Passwords](/Volumes/DOCS/blog-images/FImcPiG.png) I can across a photo on the hacker I can across a photo on the hacker news today that I found to be very amusing. In the photo, we see the top 1000 most used passwords, and as expected, 123456 appears to be the overwhelming leader. Followed by the usual suspects 123456789, password, qwerty, and 12345678 just to name a few. How are we going to easily get the idea across that this is not ok in a way that is not harsh or off-putting? We can try to force users to use more complex, or longer passwords, but we see what that does in the end. Users start writing them down or using the same password across multiple systems and accounts. Using password lockers, or vaults, such as LastPass, PassKey, or OneKey could be some options. A user only needs to remember one stronger password to gain access to the rest of their passwords. They would just to need to make sure that they commit the phrase to memory so that they do not have to write it down. I personally like LastPass. It was really easy to set up and get use to. I also added two-factor authentication to the account as well.
With computers and technology and the Internet becoming more and more ingrained as a necessity for everyday tasks, it is going to be even more important that we find an easier and better way to protect our online assets.
Source: https://news.ycombinator.com/item?id=9024751

February 9, 2015

Anthem Hack - The Monday After

Anthem Inc. is the second largest insurance group in the United States. They service nearly Anthem Inc. is the second largest insurance group in the United States. They service nearly 67 million people through their affiliate programs including 37 million enrolled in it family health plans. On February 4, 2015 Anthem released that it had been impacted by a recent data breach affecting a large number of its members and affiliate groups. A statement from CEO Joseph Swedish (http://www.anthemfacts.com/) regarding the data breach and a FAQ page answering some of the outstanding questions that everyone has can be found here (http://www.anthemfacts.com/faq).

What do we know so far ...
  • We know that Personally Identifiable Information (PII) of over 80 million healthcare members has been accessed . This includes: Social Security Numbers (SSN), addresses, emails, salary information, birthdays, phone numbers, and other such data.
  • According to Anthem’s statement, the impacted (plan/brands) include Anthem Blue Cross, Anthem Blue Cross and Blue Shield, Blue Cross and Blue Shield of Georgia, Empire Blue Cross and Blue Shield, Amerigroup, Caremore, Unicare, Healthlink, and DeCare. http://krebsonsecurity.com/2015/02/data-breach-at-health-insurer-anthem-could-impact-millions/
  • The FBI believes, with High Certainty, that these attacks are state-sponsored in nature, and it appears that they are originating from Chinese IP spaces. http://krebsonsecurity.com/2015/02/china-to-blame-in-anthem-hack/
  • The attacks could have started as early as April 2014.
  • Deep Panda is the hacking group that is being blamed for some, if not all, of these attacks. CrowdStrike is the information security firm that has given the group this name and has been monitoring Deep Panda's movements over the past year. http://www.crowdstrike.com
  • According to a memo received by Steve Ragan, a writer for the CSO Online blog Salted Hash, Anthem database administrator credentials where used to run queries on their systems. The memo also states that the attackers had a good understanding of the database infrastructure. Read more at http://www.csoonline.com/article/2881532/business-continuity/anthem-how-does-a-breach-like-this-happen.html
  • Anthem says that they will be notifying the affected via postal services. This will most likely be something along the lines of free credit and ID monitoring for a years. Nothing we have not heard from past data breach victims.
What do we not know ...
  • How were the attackers able to get in?
  • When did the attack actually begin?
  • How long did Anthem know about the breach before notify authorities and the public?
  • Why did they not see so much data leaving their network?
  • What can other organizations and other domains learn from this attack?
  • What are they going to do about further mitigation?
What should we do for now ...
  • Watch out for phishing scams relating or referencing to the Anthem data breach.
    • DON'T click on any links within unknown emails.
    • DON'T respond to suspicious emails or try to contact the sender of such emails.
    • DON'T give out any of your personal information such as credit card numbers, usernames, passwords, etc ...
    • DON'T open or view any attachments from emails that you were not expecting, and even if you were expecting any email from someone, it is best to contact the individual before opening the document.
  • Be on the lookout for phony phone calls from individuals claiming to be associated with Anthem or the like.
  • Be sure to keep an eye on your credit reports and transaction history. Possibly consider requesting a credit freeze. This will stop anyone from opening new lines of credit under your name unless a 4-digit PIN is provided. (The PIN will be issued to you by one of the 3 credit clearing houses) http://www.equifax.com/help/credit-freeze/en_cp
  • Be on the lookout for Anthem's notification via mail.
I am interested to know more about this breach. Especially sense it affects such large group. I wonder what the credentials consisted of and what kind of awareness programs where happening within Anthem. Even the best security programs can be cracked if the human element is compromised.

More information to come as it is released.