Now Firefox won’t let me log in. I’m going to have to factory reset the router, configure it all over again, and this time leave it configured for clear text only.
This seems like going backward.
I mean, I get it: it is clear that RC4 is too easily broken, so support for it was removed.
But I’m not so wealthy that I want to just throw away an otherwise fine – old – router. I put the latest version of Tomato on it that still runs on that platform; but, that version of firmware is from 2010.
This is for my Internet of Things network. Nothing on that network is going to be terribly fast, so I certainly don’t need a high powered router. Still, if a lightbulb gets compromised, I’d like there to be at least a tiny bit of work involved in capturing the router’s password. RC4 may be brute forced in minutes with a GPU, but a lightbulb doesn’t have that sort of processing power.
Anyway, I goofed up. I saw an article about how to convert the web admin interface to use https only, so I pushed the button to generate a new certificate. Now I’m locked out and have to wipe the router back to factory reset.
The official error message is: Error code: SSL_ERROR_NO_CYPHER_OVERLAP
Thank you smarter people than me, for not allowing an override, even temporarily. Thank you smarter people than me, for making sure my IoT wireless access point web admin interface password has to remain in clear, plain text, forever.
This was difficult, so I will provide a How-To here. The goal was to put port 8 on my switch on VLAN 4084. This is my Internet of Things (IoT) VLAN.
A prerequisite of course, is that the downlink from the router to the switch has the VLAN 4084 tag in it. For me, that will be port 1 on the switch.
Another PITA is that the Trendnet EdgeSmart switch self configures to 192.168.10.200 – and that is hard-coded. After you get a machine directly connected to it (with a static IP address), then you can configure the switch to use DHCP to put it on your main LAN. But if you find that you want to factory reset to start over, you’re going to have to go back to the static IP config on 192.168.10.x. The MAC address doesn’t show up in the router until after the DHCP inspired reboot, so you have no idea of what the new web admin interface IP address is. After the switch has rebooted, then you can go in to the DHCP leases and find out what the new IP address is. I don’t know that I would have bothered, except that the laptop I was using has a little smaller screen, and the Trendnet web interface is primitive. I could not get decent screen shots on it because of the primitive web page rendering, so I needed to access it from a bigger screen, which meant making it available on my main LAN, which meant DHCP. But I digress.
What I’m trying to get to:
End result is 802.1q VLAN tagging on downlink port 1 and no tagging on port 8
First step: Modify VLAN ID 1
Here is what the web admin page looks like after a factory reset:
After factory reset, you have only VLAN 1 on all ports – but no tagging anywhere
VLAN ID 1 is the default VLAN. But if you never turned on VLANs, it would never have mattered. The default configuration (out of the box) is that if a frame with that VLAN tag were to show up on the switch, all the ports on the switch would strip that tag out (“un” tagging) before putting the frame on the wire of the ports. However, port 8 is a member of VLAN 1. That would cause us trouble later.
On the VLAN ID 1 modify page, we want to set this:
First, on VLAN 1, move port 8 to not-a-member away from static untagged
First, we move VLAN 1 to not-a-member away from static untagged for port 8. Then we apply the change. This will free up port 8 to be assigned a different VLAN later.
What it looks like after:
VLAN ID 1 untagged ports are 1-7 leaving port 8 available
I may be overly sensitive here; but this is a terrible user interface. If I didn’t know better, I would think that the top part (which is really for adding a new VLAN) was telling me the current status of the ports. It is not. But it looks like all the ports are in the not-a-member group. They used a whole bunch of screen real estate to not show me what the actual status is, but what it could be if I were to proceed. I wonder if putting the “Tagged VLAN Table” at the top would be better, and not showing the grid layout of port assignments at all until someone clicked Modify or View.
Second step: adding the new VLAN
Now we can add our VLAN 4084 with port 8 assigned:
On the main web admin screen, create the new VLAN and assign it
So I typed 4084 into the VLAN ID field, added the descriptive name, then clicked in the Static Untagged section on port 8, and then clicked Apply. This gave me the screen below. Note that we are not done yet.
This was the problem: the web interface uses what looks like radio buttons, so the idea that seems to be presented is that clicking on Static Untagged port 8 should move the port from VLAN 1 to VLAN 4084. But attempting to click on port 8: Static Untagged did nothing.
Behind the scene, port 8 was still a member of VLAN 1, so the admin interface would not assign Static Untagged to port 8 in VLAN 4084. It was super frustrating that clicking on port 8 static untagged did nothing: no errors, no warning – just a refusal to work with no response or feedback at all. I could put port 8 in the static tag membership, but those frames would (likely) not be understood by the IoT device. Although the interface showed me the radio button, I could not put port 8 in the Static Untagged membership. A better developed interface would have prompted me with something like “Assigning this port to Untagged will remove VLAN 1”. Okay, do that. Please.
We’re almost there. The configuration will now look like this:
VLAN 4084 is defined and will present on port 8 (once it gets there)
Step 3: add the trunk to the uplink port
Modify VLAN 4084:
Modify VLAN 4084
Make the modification: frames to port 1 should be tagged with VLAN 4084. This is because I chose port 1 as the uplink port. The uplink is the trunk connection to the core of the network. But when the switch presents the frame on port 8, the tags should be stripped off (“un” tagged):
VLAN 4084: port 1 tagged, port 8 untagged
Apply our changes, save the configuration, and reboot the device on port 8.
If our VLAN 4084 is otherwise configured correctly, our IoT device should now be on the IoT VLAN. Enjoy.
As painful as this was, I wish I’d bought something else with a better web admin interface than these Trendnet switches. Ultimately, they worked, but man I wasted a lot of hours trying to get them to work. That was four hours of my life I’m not getting back. I should have spent the extra $15 for a switch with software / documentation that doesn’t suck.
If I have any sort of privacy controls enabled, the Rocket Mortgage web site does not work. They have some sort of cross-site scripting going on where they throw something at https://streaming.split.io/ (which is actually a ably.com )
Even when I tell Firefox to keep everything together in the same container, Rocket Mortgage fails it. My only choice to get it to work is to disable all privacy controls.
Thanks, Rocket Mortgage. I simply love you for pimping out my data to advertising johns. Not.
I’ve got two devices which tell me that the HomePod is on the wrong Wi-Fi network. Yes, I can believe that. Care to help a fellow out and fix it? Apparently that’s not a thing they had to program.
Extra points to Apple that the electric power plug cannot be disconnected at the device; but requires me to crawl under my desk and unplug it from the wall. I have no idea if a hard reboot by unplugging the power will help, but that appears to be the only option.
At least the Amazon Echo devices had particular button sequences for various levels of reset. Also, the power cord detached at the device, too.
But Apple is too cool for buttons and plugs. You dimwits.
Anyone can whine; how about a solution, David? Sure. It’s stupid, but it works:
Switch your iPhone / iPad to the correct Wi-Fi
Why do you even have more than one Wi-Fi network, David? The answer is Three Dumb Routers.
Remember: the S in IoT stands for Security.
Exit the HomePod app on your phone
I don’t know for certain that this step is required. But I do know that when it comes time to reach out to the HomePod, the act of opening the app will trigger an inventory to be taken. Probably there is some sort of polling cycle that tells the app to inventory this IoT device: but why leave that to chance?
Unplug the router providing the wrong Wi-Fi the HomePod is clinging to.
The stupid HomePod won’t be able connect to a Wi-Fi network that is off.
Unplug the HomePod
Leave it off for 15 seconds or more.
Decades ago in electrical engineering class, one of the professors gave us an extra credit math problem to calculate the amount of signal left in circuits as the capacitors drained. The clock crystal is still running; signals are still generated. Generally speaking, for computer circuits, it took about five seconds for the capacitors to drain. Best practice in engineering is to triple anything safety related – so: 15 seconds. This is safety related because you don’t want some weird random signal triggering some logic just because a capacitor wasn’t fully discharged: you could fry something and then the magic smoke escapes.
Plug the HomePod back in
Visit the HomePod in Apple Home app
It will whine that the HomePod is on the wrong network; but this time it will do something about it.
Plug your main router + Wi-Fi back in
Thank goodness the Apple programmers didn’t program the HomePod to have affinity to the previous Wi-Fi just because it returned to existence.
Since it was my secure devices Wi-Fi, I do actually want that network to work.
If I had a family here, I would have needed to blast out prior warning that the network was going away. Good times.
I don’t know. Maybe the people at Apple never thought people ought to secure their home with more than one Wi-Fi network?
I get it: some random guy sets up a new mail server, and you don’t know him from Adam, so you block his email.
They blocked me with a 400 series error. My new Postfix server had the default configuration of waiting five days before giving up. That wasn’t great, because I thought I’d sent an email, but the recipient never got it.
This failure was particularly irritating because my financial advisor needed me to sign an actual piece of paper to change the business relationship. She emailed me a document. It came across in her email that she was concerned about timing, this was rather urgent. I printed the document, signed it, and then emailed her back (on January 4) that I signed the document, but my schedule was such that I wouldn’t be able to bring the document to her office until Friday the 6th. Now I find out that Proofpoint never let my server send her that email; from her point of view I just completely shined her on.
That explains the weird look the receptionist gave me when I showed up on Friday with the signed document. They thought I had ghosted her. I didn’t: Proofpoint had decided to be a bully by stringing my mail server along with a 400 series error, until my mail server gave up and I finally got the 500 series error: blocked.
500 series errors are “it didn’t work, and it’s never going to work, what you are trying failed, we’re done.” 400 series errors on the other hand are “whoops – something went wrong, but it may be on our end rather than yours.”
I think it is a little disingenuous for Proofpoint to reply with a 400 series error “whoops – something went wrong, but it may be on our end rather than yours” when it was never going to get better. They blocked me because my mail server is new, and doesn’t have any reputation with them. That’s not going to get better on it’s own.
The big difference between 400 and 500 series errors is that 500 series errors are known problems. Because they are known problems, the results should be sent back immediately. 400 series errors have traditionally been allowed five days before the sending mail server reports an error. The idea behind 400 series errors was that perhaps you need time to fix a problem: so the sending mail server will try for five days before giving up. Perhaps you are moving to a new data center and you need a whole weekend to migrate. If you start Friday night and are done my Monday morning, the people sending you email will still get their messages to your users. It took several days, but eventually the email got there.
On the other hand, if I am sending an email to not-an-actual-user@some-real-domain.tld then the receiving mail server can immediately give me a 500 series error: not-an-actual-user does not exist. It didn’t work, it’s never going to work, what you are trying failed, we’re done. The sender (me) learns immediately that I mis-typed the email address or something.
I’ve recently gotten some DSN Fails trying to send to @icloud.com users. Same reason: they don’t know my mail server from Adam; but at least Apple was kind enough to let me know immediately that the mail didn’t go. I can at least text the person what I was going to send them in email.
Off-topic but mildly interesting: I had a user at work mis-type an email address by tacking on an extra period at the end. Like they finished a sentence with a period, but this was an email address. DNS has a top level, but to climb the tree means adding a trailing period and doing another DNS query. In other words, my computer could try to look up “mybox” and if that doesn’t resolve, tack a period on the end and look again. That would resolve to “mybox.mydomain”. If that doesn’t resolve, tack a period on the end and look again. That would resolve to “mybox.mydomain.tld” So when the resolution process finally gets to the very top Top Level Domain (TLD), searching stops. Those TLDs are a defined list; which is how DNS knows that there’s no more searching to be done. But whoops if the user asked for mybox.mydomain.tld. <—notice the trailing period. Then DNS is going to keep returning a 400 series error: it looks like there should be an upper level domain, but nothing responded, so maybe that box is just down right now? Try again in a few minutes. Five days later, my user finally got the DSN Fail. He was ticked off: why couldn’t the computer tell him he’d mistyped the email address? Well, because it kept looking for a mail server higher up in the DNS name hierarchy than .com
Today would be a good day to do a quarterly inventory.
How is your personal life going?
How is your work life going?
How is your volunteer service life going?
Personal Life:
Amazon Echo purge
I decided to abandon Amazon Alexa because they insisted on pushing advertising into my morning wake up routine. My morning wake up routine exists because I want to wake up grateful and happy. Playing a wake up song and then violating my peace with your advertising produces anger, not peace and grattitude. so, I’m out. I unplugged all my Amazon Echo devices and sought replacements.
Mycroft was no good.
The Raspberry Pi image they have doesn’t do audio levels right.
They have a terribly overpriced Raspberry Pi which does, so maybe that’s why the community version sucks.
They require a cloud login to use the service. Not a fan.
Apple Homekit is not great.
The microphone on the HomePod mini is super sensitive, which would be good if the software behind it wasn’t weak.
The software behind the HomePod is a low effort undertaking. Way too often I get an idea of something to ask it, and it (essentially) replies with you should do that on your iPhone. Mostly, it successfully controls the smart lightbulbs; and that’s about it. As an example, tomorrow morning I would like a reminder that I’m going to breakfast with my son at 7:00 AM. With the Amazon Echo, this was easy. With the HomePod, I get “your iPhone is not available. Check that it’s powered on and it’s software is up to date.” Both those things are true, so something else is wrong. Or really, the HomePod just isn’t going to store reminders and I should be doing these things on my iPhone. But even if I did a reminder on my iPhone, I’d need to be near it to get it. The Amazon Echo devices were a far better implementation of basic functionality.
I set up Automations on an iPad to light up a Bluetooth -enabled television sound bar. Automations don’t work well with Bluetooth, and putting the question to Reddit /r/Shortcuts got my post deleted by the mod because he doesn’t like the question being asked so often where the answer is “yes, Apple does not do this well”.
Something you can try: if the device (in my case, an iPad) can be put on the Settings –> Bluetooth –> list of possible connections screen, and just sit there, then Shortcut Automations on the iPad can light up the various Bluetooth devices within reach. But if something (like an errant Shortcut Automation) takes screen focus away, then the next Shortcut Automation which tries to light up a Bluetooth sound system, won’t, and you’ll never get the audio you wanted. If you wander over a few hours later to where the iPad is, you’ll see whatever caused your apparently really bad at multitasking iDevice to lose track of Bluetooth connections.
So far it looks like it might work out best. I do have a problem though; I had set up my WiFi using Steve Gibson’s Three Dumb Routers scheme. Yes, it is secure. Whoops: my Home Assistant box needs to be able to talk to the Internet of Things (IoT), so it is on the IoT network (the “S” in IoT stands for “Security”). But I would like to be able to configure it from my main machine here on the secure network. I litterally cannot get there from here (which is a good thing). I’m going to have to put my network training to use for this home project.
The Helm email appliance company business exit
I got an email they are going out of business; I have until December 31 to find a replacement.
I built a replacement Dovecot + Postfix server.
It would have been on Amazon AWS Lightsail, but:
Amazon commits the crime of false advertising with their Lightsail lowest tier boxes. They advertise a 512 MB RAM machine, but deliver a 474 MB RAM machine. Mail-In-A-Box refuses to install on a 474 MB RAM machine, so the easy way to transfer my mail services to be on my own machine was out.
Opening a technical support ticket got me nowhere because the help desk person doesn’t actually know, and his backline support told him lies about kernel memory consuming RAM; that’s why the machine doesn’t have the full amount. I work in an environment with 600+ virtual machines and have spun up almost 70 of them myself, on Xen, KVM, and VMware. I know what virtual machine provisioning does and looks like. Amazon chose to underprovision by 9.25% so they could stuff more VMs on a blade. I’m not nearly as annoyed that they underprovisioned as I am that they lied to me about it.
Fine. You’re going to lie to me about your business practices? I’m out.
Christmas was in Coos Bay, which meants an all-day drive Friday, Christmas with the whole family on Saturday and Sunday, and then an all-day drive back on Monday. The In ‘N Out at Redding California was not, because the place was packed, both times. Costco gasoline up there was almost 10% cheaper than in Visalia, which surprises me. Of course the gasoline in Oregon was cheaper still.
Haven’t played video games, but have been watching television instead. Never had watched the Harry Potter films, so am slowly going through them. On number 3 right now.
Work Life
Exterro has been terrible. It got listed in Gartner’s Magic Quadrant. I can see in global search-and-redact brief moments of shine and wonder. But implementation had been terrible. Even after months of project implementation, the Go Live date came and nothing worked right the first time for several weeks. Product support is out of Calcutta India, which means every support request we make takes 24 hours to turn around. Most often, the front end help cannot help, so they have to take screen shots of what is wrong and submit that to back end support. That’s going to burn another 24 hours.
Lately, they aren’t even acknowledging problems I’m presenting them.
Waterford Technologies MailMeter has been a much better project implementation.
Currently recording Secretary for the local 503(c) corporation; if I don’t get the meetings minutes done quickly, it stresses me out all month.
I have three other service positions going on. One of them means travelling to Sacramento and other places.
Currently going to six meetings a week; sometimes seven if a friend asks for a ride to a meeting.
Sunday morning: central service representative
Sunday evening: technology chair (I bring gear that lets the meeting be online and in-person, beyond just an iPhone. Using a laptop and a PTZ camera, Zoom attendees can be on a monitor in the room, and we have a wireless speakerphone which lets everyone be heard).
Monday Night: no service position
Tuesday Night: treasurer
Thursday night: no service position
Friday night: general service representative
Monthly, as opposed to weekly meetings:
First Wednesday, General Service meeting
Second Tuesday, Central Service meeting and board of directors meeting.
I was also a volunteer at our New Year’s Eve event. My first duty was to be stage manager. Then, I set up coffee, I set up games in a room for game night (although Bill H. came by on purpose, we only had a few people drop in and take a look). I helped with getting the appetizers put out, and then helped in the kitchen with slicing the deep pit barbeque beef and slicing and plating cake and pie. Lastly was cleanup with the take-away of New Year’s Eve balloons glitter: never again. Didn’t get out of there until 1:30 AM.
Irons in the fire:
I owe an article to the newsletter.
TRA web site to replace Mike K’s web site.
Move my volunteer service web site from Amazon to Linode
Also, I need to upgrade PHP and the Bitnami base makes that tough. Worse, the database will need to go from ASCII to UTF, which tripped up the migration tool I was using.
Add input forms to the web site and convert to three pages: newcomers, members, and information for professionals.
Newly elected as Registrar, I need to plan an event which is tentatively scheduled for February 25.
World Ag Expo volunteer service.
What I would really rather play with: Tilt Five Augmented Reality glasses; mine came in. 😀
Do I want to watch television? Or maybe check out YouTube for a Home Assistant tutorial? I decided to try YouTube on the television set. I do the search terms, I find a video with more than 1 million views, and I hit play.
First, Google wants to play an ad. It is so fucking stupid that I’m out.
Back to HBO for me.
I suppose someone thought that being outrageous was clever. Instead, they just confirmed my suspicions that YouTube, on the television, is simply a waste of time.
I chuckled at a recent observation by someone: Google gets paid to put ads on YouTube. Then they put unskippable ads on YouTube. Then they offer to let you pay to skip those ads. “Get paid to create the problem, get paid to solve the problem. Genius.”
As I mentioned before, The Helm email appliance company is calling it quits, which I understand. If the business isn’t going to make it, it is better to pull the plug than just keep letting things linger. Best of luck to them on their next adventure.
So, what did I do?
(there was a detour while Amazon pissed on their customers wanting to run Mail-In-A-Box) (me)
I provisioned the smallest Ubuntu 22.04 LTS machine that Linode has.
Mildly annoyed that it doesn’t really support LVM (Logical Volume Manager); they have a backup service that runs an agent inside their machines, and that agent doesn’t do LVM. Still, I know that I’m going to need to grow disks, so I had to learn how to re-partition the Linode so I could do LVM. LVM done.
I made a mail server on the Linode machine at a domain name I have that I don’t really use. I followed the excellent guide from Christoph Haas at workaround.org: ISPmail guide for Debian 11 “Bullseye”
I got RoundCube webmail working for the domain name; complete with SPF and DKIM.
I got Thunderbird to send and receive from the domain name.
Then I added Nextcloud to the same box. I wanted CalDav for contacts and calendar, when I eventually hook my iPhone to it.
The Nextcloud documentation really needs a lot of work here. If I were retired, I would like to help them with their documentation.
Finally, I have the files.example.tld function of The Helm replaced, although at a different domain name.
Rspamd uses Redis, but so does Nextcloud. But one uses the network stack, and the other, Unix sockets. Get them both set same.
Then I added Duplicati backup. This wasn’t great, as it added a ton of overhead in the form of Mono, just for a graphical user interface.
I realize that I’m going to want to host my WordPress here too. I don’t want to have to wrangle four Let’s Encrypt SSL certificates, one for each domain. What about a single wildcard SSL certificate?
Yes, that can be done, but: my domain names registrar doesn’t support it. Linode does, though. I install the Linode DNS agent on my machine, and spin up Linode DNS servers to do the DNS work. I have to configure my domain names registrar to tell the rest of the world that Linode is where my name servers are.
Somewhere in there I installed the Unbounded DNS resolver. Looks like I need this on my home machine, too, for Home Assistant.io1
I got to the point where I could request the domain name transfer. Turns out the people at The Helm were going through Ghandi.net. Ghandi.net tooks as long as they legally could, before actually doing the DNS transfer.
Ghandi –> registrar, then registrar to point to Linode. Linode DNS needs to be reconfigured for SPF and DKIM. I had gotten some DNS records wrong, too.
Thunderbird to connect to the mail.domain.tld, and though the name hasn’t changed, everything underneath has. Thunderbird is not happy; I lose all my old mail.
Well, I didn’t, but it is in a new folder now, so that I’ve got an old version of my mailbox and a new version of my mailbox, and they are separate. Not ideal. Perhaps I could have done an IMAP to IMAP transfer, if I hadn’t already moved the domain name.
Hey, looky there: one of the volumes filled up (but everything else was unaffected). Time to grow a disk using LVM.
iPhone to connect to CalDAV; phew that was not well documented and had tons of conflicting information.
Not really happy with Duplicati, so I remove it and Mono, and install Restic backup instead.
Okay, so the last thing left to do is to migrate this blog from Amazon to this new Linode machine. The transfer using NS Cloner goes well, as it usually does. But domain names need to be updated via Let’s Encrypt certbot.
Crud. I’m on holiday out of town with family, and have only a Windows laptop with me. Per best practice security protocols, I can only ssh in from home. Logging in via root@ is blocked, and I don’t think I can even do a ssh-copy-id without getting in first and lowering the root login barrier. The certbot to add gerisch.org to the domains list is going to have to wait.
Here I am, at home, and I’m done. Dovecot, Postfix, RoundCube, Nextcloud, and WordPress all on one box.
While I was on holiday, I took the .mp3 files on the Nextcloud, and made Nextcloud Music Player playlists for the different types of files. Then on the 16 hour drive home, my iPhone logged in to the Nextcloud web interface and played playlists.
It’s a bit of nirvana to me, to have a large list of songs (randomized of course) playing absolutely advertising-free because I paid for the songs in the first place.
I ended up not connecting Home Assistant to their cloud ↩︎
My grandfather on my dad’s side was an immigrant from Germany, between World War I and World War 2. His parents put him on a ship and sent him to the USA when he was sixteen years old. Although it sucked for him that he never saw his family again, in many ways his new future was that he lived the American Dream. One of the things he did was buy stocks. In the 1970’s (before there were VCRs) on Sunday nights, there was a television show on PBS named Wall $treet Week with Louis Rukeyser. So we’d visit, and on Sunday nights, Grandpa would tell us kids to settle down; he needed to watch this TV show.
One Sunday, Mr. Rukeyser had a guest on who was going to pitch IBM as a good stock buy. (In 1974-76 that was great advice. Today I wouldn’t touch them). So during the intro, Mr. Rukeyser says “In the movie The Graduate Mr. Maguire tells Benjamin (played by Dustin Hoffman): I want to say one word to you, Benjamin. Plastics, young man: Plastics. If Mr. Maguire were talking to Benjamin today, he’d say Computers, young man: computers.”
And I thought to myself “I’m a young man….”
I did sign up for a computer programming class in High School. It was an IBM System 3 mini-mainframe, with 4 KB of RAM and punched cards. So I programmed my first computer in 1979. Dr. Larry Ray was our instructor, and one of the most insightful lessons he taught us was to calculate a loan payment schedule, with interest. Wow what an eye-opener the intrerest charges are on loans! But I digress.
My dad thought that getting in to computers was a good idea. I had one friend that got an Apple microcomputer, and my best friend got a Commodore 64. I saw a new computer being advertised that not only was the full hardware package, it came with software too: Obsorne 1. I had the later model one with the blue plastic case. But the kicker with this one was a sale that threw in the dBase II database program. It had everything, for the low low price of $2,200. My dad gave me half the money, and I ponied up the other half.
My last year of High School, I started working at Truline Corporation, a manufacturer of printed wiring boards. I started as a driller. But eventually I migrated up to programming the Numerical Control router (profiler) which cut the boards out of the sheet of fiberglass. This was the G-code programming language. Eventually, the factory needed some space, and moved me across the parking lot in with the president of the company. By this time, I was the “engineer” who measured the artwork, compared it against the blueprints, and created the work order the factory would work. I worked up a program in my Osborne to produce work orders on a printer instead of by hand. I showed it to the president, Jack Cederloff, and he told me that if I learned to program their computer, he’d hire me as their programmer. I was thrilled.
I went to night school to learn the language of their mini-mainframe. The computer was an IBM System/34. I learned RPG II. Eventually Truline moved to an IBM System/36, and I became a professional programmer, eight hours a day, five days a week, for two and a half years. I loved it.
The database server could be connected to (which means your username and password is okay) but the database could not be selected.
What is actually wrong is that you don’t have a file wp-config.php
From what I gather, it used to be that wget http://wordpress.org/latest.tar.gz would bring in a .tar.gz file which contained wp-config.php. That file isn’t there any more in the source.
In the old scheme, the installer would modify it with the user name, password, database table name and then proceed with the rest of the installation.
If I had to guess, I’d guess the new scheme is supposed to do cp wp-config-sample.php wp-config.php and then the installation picks up as it did before (modifying it with the user name, password, database table name); then proceeding with the rest of the installation.
Someone got the idea that instead of maintaining two wp-config files, they could maintain and ship one, and then copy it during install. This is a good idea: makes the source a tiny bit smaller, saving storage and transfer bytes. Just one thing though: do the copy, stupid, and check your results. Err out in a rather ugly mess if you didn’t get the copy right – then at least you’d hear about it mightily if you got it wrong.
The solution is to manually copy the file, edit it with the user name, password, and database table name, and then try to install again, twice.
If you simply copy wp-config-sample.php to wp-config.php and then run the install, it’s going to bark at you that wp-config.php already exists. Also, it is not going to ask you for the user name, password, and database table name. Since you already had to fuck around with the wp-config.php file, surely you already took care of the user name, password, and database table name.
So,
start the install from scratch
copy the file wp-config-sample.php to wp-config.php
edit the new file, supplying database table name, user name, and password
start the install from scratch again and let it bark at you that the new file already exists
click the try again link.
Finally the “famous five minute install” is done after you spent thirty minutes in frustration finding this post and not doing what the documentation says.
Personally, I think it is low quality programming to leave this bug in the basic install process. It’s been there for months. So, what? No-one at Automattic tests the installer any more?
