Blog

Blog

squirrelmail / clicking on empty subject

SquirrelMail on Debian/Wheezy (2:1.4.23~svn20120406-2) stopped showing (none) for e-mails that lack a subject. Now I cannot open any subject-less mail because there is nothing to click on. The quick fix: --- /usr/share/squirrelmail/functions/mailbox_display.php.orig 2014-08-15 10:37:37.000000000 +0200 +++ /usr/share/squirrelmail/functions/mailbox_display.php 2014-08-15 10:38:27.000000000 +0200 @@ -268,6 +268,9 @@ function printMessageInfo($imapConnectio $title = str_replace('"', "''", $title); $td_str .= " title=\"$title\""; } + if (!$subject) { + $subject = '(none)'; + } $td_str .= ">$flag$subject$flag_end</a>$bold_end"; echo html_tag( 'td', $td_str, 'left', $hlt_color ); break;

Read more

Import one database instead of all from sql dump

Ever needed to restore only one database on a MySQL server and found out you only had one SQL dump containing all databases? Its quite common to dump all databases in one SQL file (mysqldump –all-databases or -A). But when using multiple databases on one MySQL instance you often need to restore just one of them. The minimal effort solution: mysql --one-database desired_db_name < alldatabases.sql fix!

Read more

compose key / irony punctuation / x11

Transcript follows: [him] did I mention I'll be off from work earlier today because I'm having dinner with friends. I'll be off earlier today because I'm having dinner with friends. [me] where did you say you were going? [him] I'll be having dinner at the Grand Cafe Apparently the irony was lost on him. I should’ve used emoticons. But! Instead of emoticons, one may also use the irony punctuation: ⸮

Read more

apt / cherry-pick upgrades / dependencies

So, doing an apt-get upgrade on a Debian or Ubuntu machine sometimes does more than you want at once. See this upgrade example I encountered just now: # apt-get upgrade ... The following packages will be upgraded: curl dpkg ifupdown iproute libcurl3 libcurl3-gnutls libgnutls26 libmysqlclient18 libsnmp-base libsnmp15 libssl1.0.0 libxml2 linux-firmware linux-generic-lts-quantal mysql-client-5.5 mysql-client-core-5.5 mysql-common mysql-server mysql-server-5.5 mysql-server-core-5.5 openssh-client openssh-server openssl tzdata update-manager-core whoopsie 26 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.

Read more

vim / position markers

Did you ever wonder what the '<,'> characters mean when you CTRL-V visual block select text in vim? For example: you press CTRL-V and select a bit of text. Then type : (colon). Instead of just the colon, you see: :'<,'>. You append s/^/#/ hit enter. As requested, the selected block is now “commented out”. That’s a nice feature, but why the funny characters? In order to understand that, we remind you of the % (percent sign) that we use to select the entire file.

Read more

vim / reformat textwidth 72

My .vimrc usually starts out with this. Syntax highlighting is super, and my terminals always have a black background. The modeline option enables me and others to set certain options for certain files only. Like: {# vim: syntax=htmldjango: #} to mark a .html file as using the django html syntax instead of regular html syntax. See also my Inserting vim modelines tip. syn onset bg=darkset modelineSecond, since I develop a lot in Python, I enable the vim-flake8 python source code checker plugin:

Read more

postgresql / upgrade / ubuntu

I always forget how easy it is to upgrade postgresql on Ubuntu (from 9.1 to 9.3 this time). It seems like a pain to have to manually upgrade the cluster, but when it comes down to it, it’s self-documenting and quick. My shell session basically went like this: $ sudo apt-get install postgresql-9.3 ... The following extra packages will be installed: postgresql-client-9.3 ... $ sudo /etc/init.d/postgresql stop * Stopping PostgreSQL 9.

Read more

openssh / nagle / too much buffering

Recently I tried to open a connection to a remote server over SSH at a new location. The connection opened just fine, but it seemed that a few bytes kept getting buffered. It looked like this first animated gif you see. After a long wait, you realise that the data you’re wating just won’t come. First after pressing a key, you get the data. This isn’t workable… Enumerating the possible culprits, there could really only be the wifi-nat-modem — a Thomson TG789vn, Telia device — doing extra buffering, possibly conflicting with the Nagle algorithm (TCP_NODELAY).

Read more

ubuntu trusty / git diff color

On my recently upgraded Ubuntu Trusty (14.04) machine, git diff started producing colorized output. That’s nice, but it’d be even nicer if it recognised that I’m using a dark background. Put this in your ~/.gitconfig. This colorscheme is the one you’re used to from vim. [color "diff"] meta = green bold frag = yellow bold old = red bold new = cyan bold

Read more

Heart bleed; OpenSSL security issue

Last night an important security vulnerability was made public with corresponding security updates. It risks exposing private keys when vulnerable. OpenSSL was vulnerable starting from their OpenSSL 1.0.1 release on 14th of March 2012 till OpenSSL 1.0.1g released on 7th of April 2014. Two security teams independently reported this issue and it’s safe to assume others did as well. On top of that it’s not possible to trace whether you were successfully exploited.

Read more

Internet connectivity issue. (31/3/2014)

This morning we experienced packet loss on one of our links. After rerouting the traffic the problem was resolved. Only routes over the GN-IX were affected. timeline 12:15 first notification of the packetloss. 12:36 - 12:40 Hickups in the internet connectivity due to rerouting of traffic. after 12:40 No more issues for our customers. Offhour followup re-enable temporary disabled links and rebalance traffic. Background information The issue occurred because GN-IX hit its capacity limit on their links between Groningen and Amsterdam.

Read more

zabbix / counting security updates

When you’re monitoring security update availability using Zabbix or some other monitoring tool, you’ll need a method to discern regular updates from security updates. I’ve seen my collegues do this: $ /usr/lib/update-notifier/apt-check --human-readable | grep security | awk '{print $1}' But that requires an install of the update-notifier-common package. (Note the -common. The main package has tons of requirements you don’t need.) In the quest for less dependencies — less installed packages — I used aptitude to get the info.

Read more

mysql innodb process locks in limbo

After switching a virtual IP around with keepalived we experienced a locking issue. Some client process on the server had some locks which did not get released but we could not see which query caused it. This broke our MySQL replication in this case, it was waiting on the locks to be released while executing the binlogs. We located the locks with mysql> show engine innodb status\G; The specific transaction did not show any query details but did show us a whole list of locks.

Read more

FreeBSD fix/cheat sheet

For me, using FreeBSD is still a bit like eating soup with a fork. Everything seems to make perfect sense but when I get to work I feel crippled and get annoyed by small differences with a GNU/Linux environment. A post to reduce the horror. The examples below work for a clean FreeBSD 10 install. This post is mostly useful for Linux users. I welcome additional tips. software management You can now use pkg which is quite friendly.

Read more

DDoS mitigated; NTP Amplification attack

Today we received a DDoS on our network which caused a service interruption for our customers for about 20 minutes. This blogpost is a short report on the impact and nature of the attack. Impact Impact was network wide and caused degraded service for our customers between 14:45 and 15:08, a little over 20 minutes. The graph shows the impact as seen from our UK monitoring node (off net). Incoming traffic All our uplinks were saturated.

Read more

python parsestring / silently skips entities

The Python xml.dom.minidom parseString silently skips over unknown entities. The only entities it does know, are &lt;, &gt;, &amp;, &apos; and &quot; and of course the numeric entities &#nn; and &#xhh;. That’s obvious, because those are the only ones defined in the XML 1.0 spec. However, if you’re parsing XHTML documents, it’s not nice that the entity references to special characters silently get dropped. Other people have stubled on the same issue, like in parsing xml containing &entities; with minidom and Problem with minidom and special chars in HTML.

Read more

bson / json / converter

A simple script to convert BSON data to JSON data: bson2json.py (view) Example usage: $ bson2json.py /var/backups/mongodb/all-dbs.mon/graylog2/streams.bson --pretty [ { "_id": "506ed227dc1d710c0700000e", "additional_columns": [], "alarm_active": true, "alarm_callbacks": [ "org.graylog2.emailalarmcallback.callback.EmailAlarmCallback", "org.graylog2.execalarmcallback.callback.ExecAlarmCallback" ], "alarm_limit": 80, "alarm_period": 5, "alarm_timespan": 5, "created_at": "2012-10-05T12:27:19Z", ...

Read more

thunderbird / reply / only selected text

Apparently I’m not the only one who randomly selects text as they read. My colleagues complained about this issue too. If you click Reply in Thunderbird Mail, only the text you recently selected is included in the new message. That’s not what I wanted! Luckily the Mozilla developers realised this too. Go to about:config and flip the switch. mailnews.reply_quoting_selection = false

Read more

amavis / tag subject / virus

Today we got a suspiciously good looking e-mail in the inbox. Someone who supposedly got a reminder about an unpaid invoice from us. The mail contained a zip-file with two scans. The first was a PDF, the second was an executable (a virus obviously). So.. where was the Amavis virus/spam scanner in all this? Show headers revealed that something was detected: X-Amavis-Alert: BANNED, message contains .exe,scan2/HP scan scan =?iso-8859-1?Q?HYJKIOPH5600002.=E2=80=AEfdp.exe?= Then why weren’t we informed?

Read more

gnome-calculator / missing menu

After the upgrade of my desktop to Ubuntu Raring (13.04) my gnome-calculator's menu bar had become unreachable. I don’t need the menu, except that it went into default BASIC mode. And I need the PROGRAMMING mode. The configuration seemed to be okay (accessible through gconf-editor): $ gconftool /apps/gcalctool --dump | grep -B1 -A4 mode <entry> <key>mode</key> <value> <string>PROGRAMMING</string> </value> </entry> <entry> <key>modetype</key> <value> <string>PROGRAMMING</string> </value> </entry> But that was apparently the old config.

Read more

teamviewer / without all ia32-libs

A quick rundown on installing TeamViewer without a gazillion ia32-libs. The problem: if you attempt to install teamviewer_linux_x64.deb on your 64-bit machine, the ia32-libs dependency tries to install more than 200 packages. That not only feels like overkill, it takes a hell of a long time too. The solution: alter the dependency list in the .deb and create a small metapackage that references only the required libs. What follows, is the steps how.

Read more

mysql / count occurrences

Voilà, a MySQL function to count occurrences of a character (or a string of characters). DROP FUNCTION IF EXISTS OCCURRENCES; delimiter // CREATE FUNCTION OCCURRENCES (`needle` VARCHAR(255), `hackstack` TEXT) RETURNS INT NOT DETERMINISTIC READS SQL DATA SQL SECURITY INVOKER BEGIN DECLARE `result` INT DEFAULT -1; DECLARE `pos` INT DEFAULT 0; DECLARE `skip` INT DEFAULT LENGTH(`needle`); REPEAT SET `pos` = (SELECT LOCATE(`needle`, `hackstack`, `pos` + `skip`)); SET `result` = `result` + 1; UNTIL `pos` = 0 END REPEAT; RETURN `result`; END; // delimiter ; Now you can do things like this:

Read more

mysql / datetime / indexes

MySQL has many odd quirks. One that bit us recently was this: regression: >=mysql-5.4 utf8 collations are marked as not ascii compatible When using the utf8_unicode_ci collation, datetime column comparisons against strings would ignore any indexes. The lack of working indexes obviously caused huge performance degradation. Our bug report was ignored in Februari. Apparently a new bug was opened in March: Datetime field comparisons do not work properly with utf8_unicode_ci collation

Read more

thunderbird / postfix / dkim / invalid body hash

Mozilla Thunderbird uses an odd max line length of 999 + CRLF: 1001 characters. When using DKIM preprocessing, this can result in DKIM validation failure. To reproduce, we would send a mail that didn’t wrap well with line lengths in excess of 999 characters. Like this mail with 1000 'x' characters: Thunderbird splits that into 999 times 'x', and CRLF and another line with a single 'x'. However, that first line gets split again.

Read more

virtualenv / pil pillow mess

Numerous articles have been written about why you want to install Pillow instead of PIL to get the Python Imaging tools. Like Problems with PIL? Use Pillow instead! (Find more by searching for “IOError: decoder zip not available”.) This note concerns something more insidious: a seemingly broken Pillow installation after the removal of PIL. ~$ mkvirtualenv piltest (piltest)~$ pip install PIL (piltest)~$ pip freeze | grep -i pil PIL==1.1.7 Now this should work:

Read more

Two-node MariaDB-galera-cluster

Caveats arbiter - 10.10.10.1 node1 - 10.10.10.10 node1 - 10.10.10.11 Installing the nodes update /etc/hosts to make sure all the machines are resolvable, perform this on all 3 hosts (2 active mysql nodes and the machine the arbiter resides on). Update the hostnames and addresses accordingly. $ cat << EOF >> /etc/hosts 10.10.10.1 arbiter 10.10.10.10 node1 10.10.10.11 node2 EOF Setup APT to use the MariaDB repositories

Read more

webserver ssl configuration cheatsheet

Just a quick post with the most straight forward way to configure http webservers/proxies in regard to ssl certificate chains. I’m open for improvements if it improves readability or reduces linecount. :-) pound In /etc/pound/pound.cfg you only need one line in the HTTPS listener: ListenHTTPS Cert "/etc/pound/file-with-key-and-cert-chain.pem" apache2 SSLCertificateFile /path/to/file-with-key-and-cert-chain.pem SSLCertificateChainFile /path/to/file-with-key-and-cert-chain.pem

Read more

SSL certificate chains, intermediate certs

Most browser trusted SSL certificates work with intermediate certificates nowadays. The CA only ships the root certificates for inclusion with the browsers and because they do this your certificate can’t be verified if you don’t include the intermediate certificates in your webserver configuration. chain order So you’re in the bottom in a chain of trust. Your certificate is signed by a certificate which is signed by another certificate and so on.

Read more

brief / dbase backup bonanza

Of course you do daily backups of your data. For your databases, you generally need a dump of the data for it to be useful. For your and my reference, here are a few database dump scripts. Make sure /var/backups is backed up daily. Observe that we keep extra backups around. I’ve found that the need to access an old database is far more common than accessing old files (from the backup storage).

Read more

Scan for new hotplug added disks

If you add new disks to a virtual machine you don’t have to reboot to be able to use them. I assume this works the same for normal hotswappable disks as well but that just doesn’t happen too often these days. Didn’t test for all drivers/use cases but the example below is in a VMWARE environment. It has to be handled as scsi by the kernel obviously. check for current disks:

Read more

mysql / show procedure / grant

How to I grant myself permissions to show MySQL FUNCTION and PROCEDURE bodies? It isn’t this: mysql> grant all privileges on procedure *.* to walter; ERROR 1144 (42000): Illegal GRANT/REVOKE command; please consult the manual to see which privileges can be used But it is this: mysql> grant select on mysql.proc to walter; Query OK, 0 rows affected (0.00 sec)

Read more

python / twisted / exec environment

Does Python Twisted pass the parent environment to child processes? By default no, but if you pass env=None then it does. Ergo, default is env={}. Let’s build a quick example. For those unfamiliar with twisted this may provide a quick intro. import os from twisted.internet import protocol, reactor, utils This is what we’re going to “run”: proc = ['/bin/sh', '-c', 'export'] #kwargs = {'env': None} kwargs = {} A quick way to show output and end after the 2 runs.

Read more

python / temporarily blocking signals

There is no way to “block” signals temporarily from critical sections (since this is not supported by all Unix flavors). Says the python signal module manual. But I’m using Linux, where it is possible to block signals, so I don’t think that limitation applies. And it doesn’t. pysigset takes the burden off calling sigprocmask(2) through ctypes and provides a “pythonic” interface to temporarily blocking signals in python. from signal import SIGINT, SIGTERM from pysigset import suspended_signals with suspended_signals(SIGINT, SIGTERM): # Signals are blocked here.

Read more

darwin / sed / limited regular expressions

For someone who is used to using only GNU sed(1) it may come as a surprise that some of the metacharacters don’t work with sed on other OS’es. Specifically: sed on Darwin (BSD) does not grok \+, \| and \? when in basic regular expression mode (the default). Switching to extended (modern) regular expression isn’t a good idea if you’re aiming for compatibility, because the option -E differs from the GNU sed option -r.

Read more

callerid in rpid / opensips / kamailio

For reuse, an OpenSIPS/Kamailio snippet to translate commonly used SIP (VoIP) phone Caller-ID (CLI) headers into a single one (Remote-Party-ID). It tries these headers in order, to do a best guess of what the caller wants: P-Asserted-Identity (with Privacy) P-Preferred-Identity (with Privacy) Remote-Party-ID From Of course you’ll have to run the found CLI against an allow list, but this code expects that to be done on the next hop. route[sub_cli_as_rpid] { $var(tmp_name) = ""; # (nothing) $var(tmp_num) = "Anonymous"; # (unknown) $var(tmp_clir) = 0; # PAI/PPI-privacy if (is_present_hf("Privacy")) { if (!

Read more

more or less useless tips and tricks 2

More or less useless/useful tips and tricks, bundled together. They weren’t worthy of a box div on their own. I gave them only a li each. kill -WINCH $$ — when your terminal is messed up where the row moves up one line before you’ve reached the line-length ($COLUMNS): a SIGWINCH signal to the current shell will make everything alright again. hash -r — you moved applications around in your $PATH and bash claims that some applications don’t exist in your $PATH even though you (and ls) know that they do:

Read more

Upgrading Ubuntu command line

When upgrading Ubuntu command line, many people probably still change the release name in the sources.list and update && dist-upgrade. Although is still works fine, Ubuntu also provides extras on this front. Upgrade the new way: sudo do-release-upgrade Whats the benefit? It provides things like a temporary SSH server and probably does other sanity checks to increase the chances of an successful upgrade and eases the troubleshooting if things go wrong.

Read more

etckeeper

One useful tool we recently started using is etckeeper. It provides version control over your /etc/ directory, which may prove quite useful when you maintain system in co-op way with your customers. Etckeeper also comes with hooks for apt, so even if you use it terribly it does give you an insightful history of when which package was installed. Installation and setup in Ubuntu: apt-get install git etckeeper # change VCS in /etc/etckeeper/etckeeper.

Read more

canon / mf8350 / driver hell

Building Canon MF8350Cdn (and other) CUPS drivers for Linux Debian and/or Ubuntu on amd64 is still a pain in the behind. Problems encountered during the installation, include: Regular make installed stuff in different places but forgot many parts. Solution: use dpkg-buildpackage The libtool copied wasn’t able to build for shared libs. Solution: remove --enable-shared/--disable-shared command line options. amd64 had to be added to the architecture targets. A shell script had to lose a bashism.

Read more

easy / certificate generation / testing

If I’m going to be requesting SSL certificates more often, I’d better automate the process a bit. The result: easycert.sh (view) Possible invocation styles: $ easycert.sh -h Usage: easycert.sh -c NL -l Groningen -o OSSO\ B.V. -e info@osso.nl osso.nl Usage: easycert.sh osso.nl "/C=NL/L=Groningen/O=OSSO B.V./CN=osso.nl/" Usage: easycert.sh -T www.osso.nl 443 Generating a key and certificate: $ easycert.sh -o "My Company" mycompany.com Subject: /C=NL/L=Groningen/O=My Company/CN=mycompany.com/emailAddress=info@osso.nl Enter to proceed... Generating RSA private key, 4096 bit long modulus .

Read more

setuid / seteuid / uid / euid

So, what is the difference between uid and euid and the setuid and seteuid calls? Hao Chen, David Wagner and Drew Dean wrote an excellent paper called Setuid Demystified. It explains all the ins and outs. To answer the question, we need only parts of the article. Let the quoting begin. Each process has three user IDs: the real user ID (real uid, or ruid), the effective user ID (effective uid, or euid), and the saved user ID (saved uid, or suid).

Read more

postfix / submission / smtpd_client_restrictions / sleep

After tweaking my postfix configuration, I apparently broke submission on port 587. Every time I connected, I immediately got: 554 5.7.1 <my.host.name[1.2.3.4]>: Client host rejected: Access denied That’s strange. Postfix is supposed to reject unauthenticated clients only in master.cf: submission inet n - n - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_tls_auth_only=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject But if it rejects me at connect time, I don’t have a chance to identify myself.

Read more

new ipython / old django

IPython after version 0.10 is not friends with older Django (e.g. 1.1.x) versions anymore. shell = IPython.Shell.IPShell(argv=[]) AttributeError: 'module' object has no attribute 'Shell' This is fixed in newer Django’s, but this isn’t backported. Here, a patch. (Nothing more than a diff between the old and the new Django version.) --- django/core/management/commands/shell.py 2012-03-28 16:10:28.000000000 +0200 +++ django/core/management/commands/shell.py 2012-01-24 10:27:50.405338739 +0100 @@ -8,9 +8,38 @@ help='Tells Django to use plain Python, not IPython.

Read more

serialize json date / microsoft extension

Bertrand Le Roy describes how Microsoft added a Date object extension to JSON in a compatible fashion to implement serialization and serialization of timezone agnostic datetimes. Our current approach is using a small loophole in the JSON specs. In a JSON string literal, you may (or may not) escape some characters. Among those characters, weirdly enough, there is the slash character ('/'). This is weird because there actually is no reason that I can think of why you’d want to do that.

Read more

gigaset n300a / respect srv

Does the Siemens Gigaset N300A handle SRV records? Yes it does.. but.. Let’s look at a bit of Gigaset DNS traffic: 09:24:26.059850 IP gigaset.local.32978 > nameserver.local.53: 50512+ NAPTR? gigaset.voip.example.com. (28) 09:24:26.061552 IP nameserver.local.53 > gigaset.local.32978: 50512 0/1/0 (87) 09:24:26.063894 IP gigaset.local.32978 > nameserver.local.53: 25738+ SRV? _sip._udp.gigaset.voip.example.com. (38) 09:24:26.064445 IP nameserver.local.53 > gigaset.local.32978: 25738 2/3/2 SRV proxy1.voip.example.com.:5060 10 0, SRV proxy2.voip.example.com.:5060 20 0 (231) 09:24:26.066939 IP gigaset.local.32978 > nameserver.local.53: 22676+ SRV? _sip.

Read more

thunderbird / mailing list / reply

How do you reply to a mailing list post when you do not have the mail in your INBOX? With Thunderbird it is easy enough, as long as you know how. How it works Mail threads are matched by comparing the In-Reply-To header with the Message-ID. Here’s an example from an Asterisk project reviewboard mailing: Date: Fri, 08 Jun 2012 08:08:42 -0000 Message-ID: <20120608080842.8103.32910@hotblack.digium.com> In-Reply-To: <20120607143847.27705.11556@hotblack.digium.com> References: <20120607143847.27705.11556@hotblack.digium.com> Subject: Re: [asterisk-dev] [Code Review] Fix issue of unrecognized inbound ACK when Asterisk responds to an INVITE with a 481 Every e-mail message has a globally unique message identifier.

Read more

python / base85 / ascii85

So python’s base64 does not have a b85decode function? Adobe uses it the ASCII-85 encoding in PDF and PostScript files. Here is a quick and dirty one hacked together. See the wikipedia article for the ASCII-85 (base85) specs. Prologue; we only need sys to print a warning. # vim: set ts=8 sw=4 sts=4 et ai: # Example base85 decoder, Walter Doekes 2012 import sys Split the data up into 5-character chunks; 5 characters encode 4 octets.

Read more

libreoffice / spreadsheet l10n / date format

For LibreOffice’s oocalc on latest Ubuntu (libreoffice-base 1:3.5.2-2ubuntu1 to take the locale settings into account for the date types, the LC_CTYPE needs to be set. $ LC_CTYPE=en_US.UTF-8 oocalc This causes a date input of 31-01-2012 to not get parsed as a date. $ LC_CTYPE=nl_NL.UTF-8 oocalc This causes the same input of 31-01-2012 to get properly understood as the DD-MM-YYYY format. That does not make sense. LC_CTYPE should be used for character classification, collation and case conversion.

Read more

ubuntu / sip video / softphone

So, I wanted to test video support with Asterisk. That was easier said than done, because the SIP softphones that ship with Ubuntu don’t all do what they promise. This was done on a setup that works for numerous hardphones and PBXs out there. Looking through the registration list at any given time reveals at least 40+ different user agents and a large multiple of that if you take the different versions into account.

Read more

django / mark_safe / translatables

Look at this snippet of Django code in models.py, and in particular the help_text bit: from django.db import models from django.utils.translation import ugettext_lazy as _ from django.utils.safestring import mark_safe class MyModel(models.Model): my_field = models.CharField(max_length=123, help_text=mark_safe(_('Some <b>help</b> text.'))) For those unfamiliar with Django. A quick run-down: The definition of MyModel creates a mapping between the MyModel class and a underlying app_mymodel table in a database. That table will consist of two columns: id, an automatic integer as primary key (created by default), and my_field, a varchar/text field of at most 123 characters.

Read more