Author Archives: tar

Update: The PG (porch grass) project

This is just an update for the gardening project that me and wife June started about 2 years ago. Last 2018, we attended EdCon in Tagaytay and we grabbed the chance to buy some plants:

Screen Shot 2019-07-23 at 6.49.58 AM

It’s safe to say that my wife got carried away a bit… We had those transplanted to the porch. Some of them died but most of them thrived.

This is our porch now:



The PG (porch grass) project

One of the things that I love to do is doing “small” projects together with my wife June. Our latest project is the extension of our porch and converting it into a small garden.

The original plan was to make this a concrete floor. I’m blissful that we changed it into a mini garden — It’s a lot cooler.

After the masonry works, it looked like this:


The next step is to get some garden soil and grass. We looked for a garden supply store within our area and we found Halina’s Garden.

I sent them a message in FB and SMS to inquire and they’re very responsive. We ended up getting the following:

  • 10 sacks of Bermuda grass (P120 / sack)
  • 6 sacks of garden soil (P90 / sack)

We originally ordered Bluegrass but we’re surprised that in our local jargon, Bluegrass is also defined as Bermuda grass. Oh well, it’s OK. It’s grass 🙂

We had to wait for a few days since they have to complete a minimum order of 20 sacks of grass before they order it from their supplier. We ordered it last Saturday and we picked it up the following Wednesday.


So, the work of replanting begins. My wife and I started around 4:30PM and we finished around 8PM – this could have been done half the time if our kids didn’t “help” 🙂

But we figured that this is the only way our kids will develop interests in gardening  so we welcomed the “help”. June and I just had to stretch our patience a little bit more… 😀

Picture this: Try replanting grass with toy trucks and dozers zooming around you… 🙂

The next morning, it looked like this:


It’s all worth it. It’s such a blessing for a view.


Every good thing given and every perfect gift is from above, coming down from the Father of lights, with whom there is no variation or shifting shadow.

James 1:17 (NASB)


Can’t locate Perl module File/ in Opsview

I’ve been seeing these errors in our Opsview installation:

Can't locate File/ in @INC (@INC contains: /usr/local/nagios/bin/../lib /usr/local/nagios/bin/../etc /usr/local/nagios/bin/../perl/lib /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /usr/local/nagios/bin/../lib/Opsview/ line 23.

These errors were generated by one particular crontab job:


I was able to install File::Slurp module through yum…

yum install -y perl-File-Slurp.noarch

Then, it’s asking for another module… “IPC::Run”

yum install -y perl-IPC-Run.noarch

Then, it’s asking for another module… “IPC::Run::SafeHandles”. But since there are no RPM packages for this, I am forced to do this the perl way… CPAN.

yum install -y perl-CPAN.x86_64

And then installed cpanm right after (as recommended here)

cpan App::cpanminus

Retrying the installation of “IPC::Run::SafeHandles”

cpanm IPC::Run::SafeHandles

Then, I’m stuck… The module IPC::Run::SafeHandles won’t install because it requires “List::MoreUtils::XS”. Which I cannot install because of an error with this unhelpful message:
Screen Shot 2017-08-23 at 1.41.54 PM

I did a few a google search about the module and I stumbled on this exciting discussion.

Hmmmm…. PUREPERL… maybe I need to invoke this via cpanm. Browsing through cpanm’s manual, it has a a –pp option for pure Perl.

cpanm --pp IPC::Run::SafeHandles

It installed without a hitch! 🙂

But as for the Opsview script, it still required 2 more modules:

yum install perl-Proc-Simple
yum install perl-Log-Log4perl

Now I have to find out what caused these Perl modules to be gone missing in the first place…

[Puppet] fixing mod_passenger: Cannot connect to Unix socket – Permission denied in a hardened AWS Linux 2014.09

As I’ve shared in my previous post, I was working on hardening AWS Linux 2014.09 using Puppet. I got that finished and I’ll probably improve the class in the future to make it easier to manage.

The first thing you’ll realize when you harden a system is this: it will break stuff… No, I’m not talking about the small stuffs, I’m talking about major applications that you rely on.

The first to break that I noticed was running a Puppet master with httpd + mod_passenger in AWS Linux 2014.09. It won’t work properly anymore… Ugh!

Since I was in hurry when I first discovered this, I just reverted back to the default Puppet master using Ruby webrick. Performance was really not an issue since this is only for our environment where we write/test our Puppet classes…

But when I decided to separate the CA server of our Puppet master for scalability — I can’t use the default Ruby webrick anymore. I have to allot the time and investigate if what’s the root cause of the problem

passenger error

snapshot of the error

Clearly… it has something to do with permissions. The web server (httpd) cannot access the Unix socket created by mod_passenger.


version information

Reviewing the CIS guidelines for AWS Linux 2014.09 pointed me to “3.1 Set Daemon umask” which states:

CIS 3.1

This is enforced by this Puppet class via this sysconfig configuration. CIS 3.1 guideline clearly says that “The daemon process can manually override these settings if these files need additional permission.”  — which gave me an idea to override this in the httpd level.

So… override we go…

I opened /etc/init.d/httpd in vim and added a less strict umask: umask 0022


Restarted httpd and then… FIXED! 🙂

[Puppet] The pesky error “`require’: no such file to load — json (LoadError)” when running puppet in AWS Linux

I encountered this error again when running puppet version 3.8.2 … I know I encountered this error before but I it took me a few minutes to remember how I solved it… so that I won’t forget in the future, I’m posting this here.

The error looks like this:

Screen Shot 2015-09-02 at 2.44.24 PM

To solve it, just run: yum install rubygem18-json.x86_64

Somebody forgot to include json gem as a dependency… 🙂

[Puppet] Hardening AWS Linux 2014.09 based on CIS benchmark

Update [2015-07-07]: Puppet module is practically done for hardening AWS Linux 2014.09, you can check it out here:

It’s been almost a year since I posted here. Work is very challenging nowadays…

The latest project that I’m part of is now dealing with financial services. Yup, this means a lot of security exercises that need to be done to comply with PCI-DSS (Payment Card Industry Data Security Standards). I find these exercises challenging, a new lens that let’s you understand a lot of things and even makes you paranoid sometimes. IT Security is core – I learned a lot in this area for the past few months.

Anyway, right now I’m working with OS hardening based on the benchmark provided by Center for Internet Security. They provide guidelines on how to do this. Just download the document for your OS here:

I’m working mostly in AWS nowadays – It’s a good thing that CIS released a benchmark for AWS Linux 2014.09 version.

We’re a Puppet shop so the first thing I did was to check if there are modules for AWS Linux. the closest one that I’ve found is for RHEL:

Close but not close enough… but definitely better than nothing 🙂

The beauty of OSS is you can always fork a project and Github is a wonder-tool! So fork I went… I’m already done with CIS Scored guidelines 1.x.x to 3.x.x — a few more to go. Once done, I’m hoping that I can merge this back to master if the original author will allow 🙂

If you’re interested in this project, just drop me a message here:

[Waze] Canili and Diayo Dam

Screen Shot 2014-08-24 at 5.47.18 AM

A few weeks back, when I was planning and checking our route to Baler in Waze, I saw these high density of URs (update requests) in one area which sparked my interest. After driving to Baler, I know what it is now – It’s the Canili and Diayo Dam. Fortunately, SMART has data on this location, so I fired up URs to mark the start and end points of the dam so I can add it.

Please note that this stretch is one-way, depending on which side has incoming traffic first.

Sabang Beach coastline

We stayed in one of the places in Baler along Sabang beach. So yes, route suggestions via Waze to Baler is working flawlessly now 🙂