Category Archives: Operating Systems

Running WebDriver Selenium tests on your Jenkins build server

So you have setup Jenkins as your build server and you test your project automated with Selenium WebDriver. Now you want to run the automated tests in a Jenkins job, but you get the following error:


. Caused by: org.openqa.selenium.firefox.NotConnectedException: Unable to connect to host 127.0.0.1 on port 7055 after 45000 ms. Firefox console output:
.
. (process:26912): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
. Error: cannot open display: :1

This post explains how to fix this. The reason is that the user that runs your Jenkins service does not have a display. Therefore there is no possibility to open a browser like Firefox.

In order the facilitate this, we will use xvfb. This is a display server that performs all graphical user interface [GUI] operations in memory and without showing any screen output.

1. Install FireFox on the machine that runs Jenkins
In /etc/apt/sources.list add the following line.

ppa:mozillateam/firefox-stable

Run the following commands to upgrade or install latest version of Firefox to work with Selenium.

sudo apt-get update
sudo apt-get install firefox

2. Install Xvfb on your server
Run the following command to install Xvfb on your server

apt-get install xvfb x11-xkb-utils xfonts-100dpi xfonts-75dpi xfonts-scalable xfonts-cyrillic x11-apps

3. Install Xvfb in Jenkins
Install the Xvfb plugin https://wiki.jenkins-ci.org/display/JENKINS/Xvfb+Plugin
Schermafbeelding 2015-06-21 om 19.28.28

Configure the plugin via Manage Jenkins / Configure System
Schermafbeelding 2015-06-21 om 20.45.31

4. Configure Xvfb in your Jenkins job
Schermafbeelding 2015-06-21 om 20.45.54

Run shell scripts on Jenkins as super user [sudo] without given too much privileges

You have a Jenkins build server and want to run a script which requires super user rights. But you do not want do make your jenkins user a super user.

With the following you give your jenkins user only sudo rights for a specific script.

In the /etc/sudoers file you can give sudo rights for a specific file to the user with which you run jenkins.
Schermafbeelding 2014-12-02 om 19.48.27

Then in your Jenkins job, you can sudo this script
Schermafbeelding 2014-12-02 om 19.48.46

Galaxy Tab 2 Android 4.0.4 apps not updating and play store crashing

Just had some issues updating apps on my Galaxy Tab 2 [Android version 4.0.4].

There where more then 20 apps which required updating, but the Play store simply kept crashing.

Solution was to clear caches and buffer of the “Downloadmanager” and “Downloads” apps. Follow the following steps to do this:

1: Open settings (instelling in dutch)
2: Select “applications” (applicaties in dutch)
3: Select “all” / “alles”
4: Scroll down to “Downloadmanager” and “Downloads” (as in below screenshot)
Screenshot_2013-10-20-12-01-49
5: Select “clear caches” (buffer leegmaken) and “clear data” (gegevens wissen) for both apps
Screenshot_2013-10-20-12-02-08

After this updates got installed again as proven by these screenshots.

MAC OS X && [ERROR] Failed to execute goal org.apache.maven.plugins:maven-javadoc-plugin:2.9:jar (attach-javadocs) on project sonar-enforcer-rules-repository: MavenReportException: Error while creating archive: Unable to find javadoc command: The environment variable JAVA_HOME is not correctly set. -> [Help 1]

I just had this error while trying to perform maven release:

“[ERROR] Failed to execute goal org.apache.maven.plugins:maven-javadoc-plugin:2.9:jar (attach-javadocs) on project sonar-enforcer-rules-repository: MavenReportException: Error while creating archive: Unable to find javadoc command: The environment variable JAVA_HOME is not correctly set. -> [Help 1]”

How to fix? Simply:

1) Verify if the JAVA_HOME is really empty
MacBook-Pro-van-Geert:sonar-enforcer-rules-repository GJDB$ echo $JAVA_HOME

2) If empty: set it with the following command
MacBook-Pro-van-Geert:sonar-enforcer-rules-repository GJDB$ export JAVA_HOME=$(/usr/libexec/java_home)

3) Verify it has been set
MacBook-Pro-van-Geert:sonar-enforcer-rules-repository GJDB$ echo $JAVA_HOME
/Library/Java/JavaVirtualMachines/jdk1.7.0_40.jdk/Contents/Home

javadoc-java-home-macosx

Webkit’s XSS Auditor explained and current exploits

Webkit is a open source browser engine used by Safari and Chrome. To prevent cross site scripting attacks (number 3 in this years in the security vulnerabilities list of OWASP), Webkit filters all the web traffic with a auditor.

This auditor, called the XSS auditor, can be looked up online: https://github.com/WebKit/webkit/blob/master/Source/WebCore/html/parser/XSSAuditor.cpp

What does it do?
It prevents cross site scripting (XSS) by replacing malicious scripts with an empty script, so ” <script> </script> “.

As an example, we have our insecure web application.
Schermafbeelding 2013-06-16 om 19.29.15

Which has a simple input value:
Schermafbeelding 2013-06-16 om 19.29.23

When inserted a malicious XSS value into a input field, like ” /><script>pay /* test */ &;lt/script></br ”
Schermafbeelding 2013-06-16 om 19.29.40

Then we see that after submitting the page, the malicious script has been removed.
Schermafbeelding 2013-06-16 om 19.29.59

But wait! There are exploits.
It is good to know that the auditor doesn’t reflect all possible output contexts, like in JSP:

<script type="text/javascript">
    var a = "<%= request.getParameter("a") %>";
    document.write("<text>Welcome "+ a + "</text>");
</script>

When this code is called as follows in our insecure web application

http://localhost:8081/insecure-web/noHtmlEscaping?a=2%22;%20alert(document.cookie);%20var%20a=%221

Then we get to see our session cookie!
Schermafbeelding 2013-06-16 om 19.41.02