By default, we do not upgrade customer's Rails applications to newer releases of Rails.  We have noticed that a large number of customers haven't been upgrading, and just want to make sure that customers know how to do so!

Simply edit your application's config/environment.rb as such to specify the version you would like to upgrade to:
-RAILS_GEM_VERSION = '1.1.6'

+RAILS_GEM_VERSION = '2.1.1'

Then, run 'rake rails:update' from with in your application's directory.


Notable upgrades for you would be:
 1.2.0
 1.2.6
 2.0.0
 2.0.4
 2.1.0
 2.1.1

Other versions can be available as well, but these are the earliest and latest point-releases available within each major release at the time of this writing.

We've been updating our webpages to become more "2.0". The GrokThis.net webpage now has keyword-based navigation, and the VPS Village pages are entirely AJAX-enabled. Quite simply, we're using Scriptalicious and Prototype for most of it. There is very little new backend code. Its quite simply a matter of removing the templates from the code. Out backend layout something like:

comp_root/
|
|- autohandler - site template
|- subdir/ - subdirectory
    |
    |- autohandler
    |- index.html
    |- index_plain.html

Assume comp_root/autohandler contains:

 <html><body>
  <h1>GrokThis</h1>
  <% $m->call_next %>
  <div id="footer">Copyright notice</div>
 </body></html>

Then comp_root/subdir/autohandler contains:

 <h2>Sub-Directory content</h2>
 <div id="content">
  <% $m->call_next %>
 </div>

Now, if comp_root/subdir/index.html contains:

 <h1>hello world</h1>

Loading http://example.net/subdir/ will render:

GrokThis
Sub-Directory content

hello world

Copyright notice

Now, here is the AJAX rub... we create index_plain.html which contains:

 <!-- Might want to add %ARGS here, or modify arguments as needed -->
 <& index.html &>
 <%flags>
 inherit=>undef
 </%flags>

When you load http://example.net/subdir/index_plain.html, you will see simply:

hello world

We will now copy the subdir directory to subdir2: cp -R subdir subdir2 Then, modify subdir2/index.html:

 <p>this is the subdir2 directory!</p>

All one needs to do then, is modify comp_root/autohandler:

 <html>
 <head><script language="javascript" src="prototype.js"></script></head>
 <body>
 <script>
 function update(contentvar, dirvar) {
  new Ajax.Updater(contentvar, dirvar, { method: 'get' });
 }
 </script>
  <h1>GrokThis</h1>
  <a href="/subdir" onclick="update('content','/subdir1'); return false;">
   Sub-Dir #1
  </a>
  <a href="/subdir1" onclick="update('content','/subdir1'); return false;">
   Sub-Dir #2
  </a>
  <% $m->call_next %>
  <div id="footer">Copyright notice</div>
 </body></html>

The content div will now update automatically, and it will fail-over for older browsers! Mason's idea of components really works well with the AJAX concept and there are all kinds of things you can do with it, and in much prettier ways than this. This example is meant to be short and easy... and very important, simple for retrofitting an existing site. Have fun, and take care!

Problem:

You want to give multiple physical users access to an SSH account but do not want to give each of the users full access to your account. More importantly, you want to restrict shell access, only allowing scp/sftp/rsync.

Answer:

Note, this procedure is only possible for users with root access to the machine such as with a VPS or Dedicated Server. This is not possible with shared hosting accounts. (such as the GrokThis.net Advanced or Traditional accounts)

1. First, install scprsynconly or scponly. My examples below use scprsynconly.
   
2. Install fakechroot, a dynamically linked busybox and a statically linked busybox.
   
3. Create a chroot containing the scp, sftp-server, and rsync binaries. (or any combination thereof if you wish to restrict access to one of these). I used "makejail" with the following configuration (for rsync only)

   chroot="/home/myuser/rsync-chroot"
   testCommandsInsideJail=["rsync","scprsynconly","busybox-dynamic"]
   processNames=["rsync","scprsynconly","busybox-dynamic"]
   

4. Edit /etc/ssh/sshd_config, adding "PermitUserEnvironment yes".
   

   WARNING: This can be a security risk. This procedure should limit that risk when using our custom shell, but this could be an issue if you have other SSH users on the machine.

5. For each user you wish to grant access, collect from them a public SSH key, placing their keys into /home/myuser/.ssh/authorized_keys. Each key should specify the directory to which they will be jailed: envrionment="SAFE_CHROOTDIR=/home/myuser/my_friends/johndoe". Example: (actual key abbreviated)
   

   environment="SAFE_CHROOTDIR=/home/myuser/my_friends/eric" ssh-rsa AAAAB3NzaC1k0= eric.windisch

6. Inside each "SAFE_CHROOTDIR", mount-bind the chroot directory readonly as '.chroot'. You can do this as root with 'mount --bind', or as I have, with FUSE's bindfs which allowed me to do this directly as user 'myuser'.
7. Create the following script as "scprsynconly-wrapper", and set this as the shell for user "myuser".
   

    #!/bin/busybox-static sh
   /bin/busybox-static env - \
           PATH="/.chroot/bin:/.chroot/usr/bin:/usr/bin:/bin" \
           /usr/bin/fakechroot -s /usr/sbin/chroot "$SAFE_CHROOTDIR" \
           "$SAFE_CHROOTDIR/.chroot/usr/bin/scprsynconly" "$@"
   

8. To preven downloads of the .chroot directory, move /home/myuser/rsync-chroot/usr/bin/rsync to rsync.real and create a shell script called 'rsync' (mode 755):
   

   #!/.chroot/bin/busybox-dynamic sh
   .chroot/usr/bin/rsync.real --exclude /.chroot $@

9. Now, simply do from your client machine:
   

   rsync -e ssh -a myuser@myhost:/ dest_dir/