Archive for the 'Unix/Linux' Category

I really am. I got an iPhone 3G.

Mitigating factors are that the camera is really awesome, and also that I got root on it, voiding my warranty a mere fifteen minutes after unboxing it.

So, the situation is this. I’m sitting remotely at a client site, and suddendly, due to some sleep-deprived slip-up, ended up erasing part of the configuration for their local server.

Being the kind of guy to plan things through before taking action (usually), I had previously made a test set-up with all the configs in vmware on my local workstation at home, before heading over and installing them. So I pop open my laptop, fire up the Cisco VPN Client, connect over there, leapfrog some routers in between and land on my workstation. Turns out I hadn’t left the vm running, so I can’t access it from the shell by SSH’ing in.

“Hey, no problem!” I thought. “I’ll just mount the disk images with vmware-mount.pl, fetch the configuration files, send them over with a convulted mess of ssh-within-ssh-within-ssh and unix pipes to my laptop! Piece of cake!”

But then something hits me. The Virtual Disk Image (vmdk) file had LVM Volumes as partitions. Which I can’t directly mount from my Ubuntu workstation. Usually, you can get away with issuing the following:

$ sudo /opt/vmware/bin/vmware-mount.pl /path/to/disk-image.vmdk patition_number -t ext3 /mnt/mountpoint

But to much of my dismay, partition 2 on this particular disk image is an LVM Volume, so it can’t be directly mounted. I has to be mapped and a bunch things has to be done before I can get to the data. I’m not even sure I have LVM support on the Ubuntu machine at the moment.

Curses. Unless I fuck around with it to make it work. Which I did. Read on for the details.

Read the rest of this entry »

Hi everyone. Sorry for the lack of updates, I’ve been fairly busy — I’m migrating all of my servers to a single, brand new Dell Poweredge 2900 server. I have a couple of great tutorials regarding Xen coming up soon, I’m sure at least someone will find them useful — I found the Xen documentation to be really scarce.

So, right now, I’m migrating my qmail, vpopmail, courier, clamav and friends set-up from Gentoo to Debian, on a new virtual machine. I followed the basic steps from here:

http://wiki.debian.iuculano.it/quick_howto

This gent was nice enough to provide the required qmail packages and patches. Only problem came when I tried to make courier work with vpopmail — turns out the official debian courier-imap packages don’t support vchkpw, which is the authentication mechanism for vpopmail. Fortunately, I managed to hack it in an almost clean way, that doesn’t involve building it yourself from tarball.

Read on for the jazz.

Read the rest of this entry »

Just to let everyone know I’ve poked my head in the Apache2 hanging on digest generation problem again, and figured out a better solution than relying on rng-utils.

Check it out.

By Sithis, where is my gcc 3 for x86?

/usr/libexec/gcc/darwin/ppc/3.3/cc1plus
/usr/libexec/gcc/darwin/ppc/3.3-fast/cc1plus
/usr/libexec/gcc/i686-apple-darwin8/4.0.1/cc1plus
/usr/libexec/gcc/powerpc-apple-darwin8/4.0.1/cc1plus

That explains why there’s a crapload of things I can’t build on my intel Mac.

C compiler cannot create executables, yeah well, that makes sense. I guess I could possibly cross compile, but that’s too much hassle. I’ll just have to wait for someone to update the ports.

So if you’re wondering why that occurs to you, it’s because there’s no gcc 3.3 for x86 on OS X 10.4. You have to use gcc 4.

The next best thing to getting ran over by an 18th wheeler would be having a gentoo baselayout update breaking havoc over your mail server.

I have no idea why, but Courier, which is the mail server suite I use, in conjunction with DJ Bernstein’s qmail and vpopmail, all this lovely stuff keeps breaking all the time on Gentoo. I’ve had courier hand mask’ed since they kept screwing up.

Now, the lastest baselayout prevents authdaemond from starting, and leaves no evidence in the logs. The Gentoo bugzilla is confusing, they say it’s Courier’s fault, and that they need maintainers, and that uh.. I don’t know, I’m not sure. They sound like they expect the problem to fix itself, or that it will magically occur at some time.

Gentoo is definitely not something you should run on a production server, sometimes.

Update: Well, updating to the lastest courier and removing /etc/init.d/authdaemond seems to have fixed it. The ones who are having problems are actually those who are running the “unstable” courier, with ~x86 flags. I wish you guys luck.

My quad Xeon’s clock keeps drifting. It was now two days in the future.

I ntp’ed it:

nailhead # ntpdate time.apple.com
15 Aug 23:54:57 ntpdate[22961]: step time server 17.254.0.27 offset -131984.081641 sec

131984.081641 seconds in the future, huh? Guess the flux capacitor still has hiccups there. I’m working on a fix, but all I can think of requires a reboot, which I’m not going to do right now. Stay tuned.

I have a machine on my network that is very special. It’s a rather old Quad Xeon, an HP LH4 that I scavenged out of the proverbial dumpster of a buisness that didn’t want it anymore. In fact, they were about to trash six of them.

I decided it was a crime to shitcan such beautiful machines, so with the help of my friend Mike “I mangle french words” Le Blanc, we drove there, armed with a large truck and patience. Carrying them down the three stories with no elevator was an interesting experience. I scavenged lots and lots of interesting hardware there.

But i’m getting ahead of myself here. The point is, lots of screwy things start occuring when you have a Quad SMP machine, such a timers and clock drift. I started having a lot of problems with Apache recently… once in a blue moon, on restart, it would spawn a single process with no PID file, and hang there. Checking out error_log pointed out that apache would apparently hang while generating the Secret seed for Digest authentication (mod_digest). Disabling mod_digest would have worked, but sadly, I use it. This could be found in error_log:

[notice] Digest: generating secret for digest authentication ...
[notice] Digest: done
[notice] Apache configured -- resuming normal operations
[notice] caught SIGTERM, shutting down
[notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec2)
[notice] Digest: generating secret for digest authentication ...

Fortunately, I cobbled up a fix. Updated! Read on for a more elegant fix. Read the rest of this entry »

I have never been so releived to see only simple things like this in my daily “emerge -uvaD world” output on my mail server.

[ebuild  N    ] virtual/perl-Test-Simple-0.62  0 kB
[ebuild  N    ] virtual/perl-MIME-Base64-3.05  0 kB
[ebuild  N    ] virtual/perl-digest-base-1.13  0 kB
[ebuild  N    ] virtual/perl-Storable-2.15  0 kB
[ebuild  N    ] virtual/perl-net-ping-2.31  0 kB
[ebuild  N    ] virtual/perl-Digest-MD5-2.33  0 kB
[ebuild  N    ] virtual/perl-libnet-1.19  0 kB
[ebuild  N    ] virtual/perl-PodParser-1.30  0 kB
[ebuild  N    ] virtual/perl-Test-Harness-2.42  0 kB
[ebuild  N    ] virtual/perl-DB_File-1.814  0 kB
[ebuild  N    ] virtual/perl-Time-Local-1.11  0 kB 

Yeah. Virtuals, which means nothing is emerged at all, my world file is just changed. This is a refreshing change from the many baselayout updates during the past weeks which caused me to overwrite part of my customized /etc/profile on the server out of lazyness, and read diffs until ocular bleeding occured.

Well, I’m at home right now. Took another day off due to the fact that I am ill. Oh, and it’s not the cool “nose dribbling while playing Half-Life” but rather the most detestable “spending most of the day on the toilet” one.

So amidst all of these happenings, I took the time to upgrade my web servers to reflect the recent PHP portage changes happening in Gentoo lately. It all went well, until I had to re-merge the 30 or so PEAR packages. One of them wanted to pull back the old dev-php/php-4* packages, creating a blocker.

Turns out three PEAR packages are now depreciated, according to the php managers for Gentoo.

CHTEKK: just emerge the new PEAR-PEAR, it includes XML_RPC, 
Archive_Tar and Console_Getopt PEAR packages
jakub: we should mention it in the guide
CHTEKK: yeah
mr_daemon: Okay... I have something like 30 PEAR packages... 
how could I find out which are depreciated?
CHTEKK: only those three
CHTEKK: all the others remained, and some (very few) changed category 
and are now in dev-php4/ or dev-php5/

So basically, the guide should be updated to reflect this fact. If you’re having problems, just discards PEAR-XML_RPC, PEAR-Archive_Tar and PEAR-Console_Getopt. They are all included in PEAR-PEAR.

Well, I recently set up a subversion system where I work, on Windows. Clients are using Tortoise SVN, and everything works beautifully. However this morning, I checked out the trunk on my Mac OS X powered Powerbook, and the lawnmower hit a brick the split second svn tried to checkout a folder with accented characters (In french, for instance. Could have been german umlauts).

svn: Can’t recode string

Well, this was a matter of changing the encoding used by my system locale to match the one of the repository, which was done by editing the file .profile in my home directory (I use bash as a default shell, which is the default on OS X 10.3 and above, as opposed to csh) and added the following:

export LC_CTYPE="en_US.UTF-8"
export LANG="en_US.UTF-8"

This basically had the effect of setting up the locale to UTF8, which swallowed the file without problems. I just though I’d post it there because it was useful — I didn’t really google around to check out if that solution was already out there, but I will mirror it on underwares.org anyways.

Hope this helps someone, somehow.

You know the feeling you’d get if you went camping for a weekend? And if, the next morning, you discovered a bloody condom stuffed up your ass while wondering how the hell it got there?

Well, this vaguely describes how I’ve been feeling for the past few days.

Every machine which is sitting on the internet one way or another is bound to be broken in one day or another. Maybe some of you will have heard of the evil awstats exploit that allowed some major sites to be defaced?

Well, when I learned about it, I updated my copy of awstats, but it turns out I did a few days late. Yes, ladies and gentlement, I have been owned.

Two days ago, my quake 3 dedicated server (angeldust.underwares.org, for the interested) started leaking memory and it took me a good 40 minutes to shut it down while starting to get vaguely worried about the “Out Of Memory: Killing (some process)” messages scrolling on the server console.

While scouring the logs for information about what had forced my server Operating System to page all of the memory to disk and then murder innocent processes in order to keep the machine up, I stumbled accross part of a daily cron job which runs chkrootkit. Apparently something suspicious listened on port 4000. My first reaction was to netcat it, to see what the hell it would respond. I saw this:

Can’t fork pty, bye!

Uh-oh.

Read the rest of this entry »