Entries Tagged 'Linux' ↓
February 6th, 2010 — Linux, Plesk
Starting with January many I had many complaints from customers regarding legitimate mail marked as SPAM hosted on Plesk/SpamGuardian machines.
After a small investigation I’ve found the problems were from SpamAssassin’s FH_DATE_PAST_20XX rule bug that caused mails to receive a high score if date is past 2010-01-01.
http://wiki.apache.org/spamassassin/Rules/FH_DATE_PAST_20XX
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5852
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6269
I didn’t wanted to run sa-update, so I’ve created a config file to ignore this rule (I do love stability, so I’m more conservative 
) :
[root@apollo ~]# cat /etc/mail/spamassassin/fh_date_past_20xx_fix.cf
# https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6269
score FH_DATE_PAST_20XX 0.0
January 21st, 2010 — Linux
Webpagetest.org is a great tool to learn how you can improve your website loading time (you should use it if you aren’t using it already).
Today after running a report I’ve seen that we had a large image on the home page that can be compressed to minimize loading time.
Smaller images means faster pages, faster pages means happy users . To compress images on Linux there are at least 2 alternatives:
OptiPNG: Advanced PNG Optimizer
OptiPNG is a PNG optimizer that recompresses image files to a smaller size, without losing any information. This program also converts external formats (BMP, GIF, PNM and TIFF) to optimized PNG, and performs PNG integrity checks and corrections.
Install optipng package from EPEL repository:
[root@silver ~]# yum install optipng
[...]
[root@silver ~]# optipng
OptiPNG 0.6.2: Advanced PNG optimizer.
Copyright (C) 2001-2008 Cosmin Truta.
Type "optipng -h" for advanced help.
Synopsis:
optipng [options] files ...
Files:
Image files of type: PNG, BMP, GIF, PNM or TIFF
Basic options:
-h, -help show the advanced help
-v verbose mode / show copyright, version and build info
-o <level> optimization level (0-7) default 2
-i <type> interlace type (0-1) default <input>
-k, -keep keep a backup of the modified files
-q, -quiet quiet mode
Examples:
optipng file.png (default speed)
optipng -o5 file.png (moderately slow)
optipng -o7 file.png (very slow)Pngcrush
Pngcrush is an optimizer for PNG (Portable Network Graphics) files. It can be run from a commandline in an MSDOS window, or from a UNIX or LINUX commandline.
Its main purpose is to reduce the size of the PNG IDAT datastream by trying various compression levels an PNG filter methods. It also can be used to remove unwanted ancillary chunks, or to add certain chunks including gAMA, tRNS, iCCP, and textual chunks.
Install pngcrush from DAG’s repository:
[root@silver ~]# yum install pngcrush
[...]
[root@silver ~]# pngcrush --help
| pngcrush 1.7.3
| Copyright (C) 1998-2002,2006-2009 Glenn Randers-Pehrson
| Copyright (C) 2005 Greg Roelofs
| This is a free, open-source program. Permission is irrevocably
| granted to everyone to use this version of pngcrush without
| payment of any fee.
| Executable name is pngcrush
| It was built with libpng version 1.2.40, and is
| running with libpng version 1.2.40 - September 10, 2009
| Copyright (C) 1998-2004,2006-2009 Glenn Randers-Pehrson,
| Copyright (C) 1996, 1997 Andreas Dilger,
| Copyright (C) 1995, Guy Eric Schalnat, Group 42 Inc.,
| and zlib version 1.2.3.3, Copyright (C) 1998-2002 (or later),
| Jean-loup Gailly and Mark Adler.
| It was compiled with gcc version 4.1.2 20080704 (Red Hat 4.1.2-46).
[...]
usage: pngcrush [options] infile.png outfile.png
pngcrush -e ext [other options] files.png ...
pngcrush -d dir [other options] files.png ...
options:
[...]Now you can compress PNG images to reduce its size using command line:
[vitalie@silver ~]$ optipng -o7 example.png
[vitalie@silver ~]$ pngcrush -brute -e ".compressed.png" *png
I’ve achieved 20% – 24% file size reduction after compression.
More on the subject:
Indopedia
Raymond.cc
December 18th, 2009 — Linux, MySQL
Somehow my Lua rpm package missed the /usr/lib/pkgconfig/lua.pc file and MysqlProxy couldn’t detect Lua install:
[vitalie@silver tmp]$ rpmbuild -ta --define 'with_lua 1' mysql-proxy-0.6.0.tar.gz
[...]
checking for LUA... checking for LUA... configure: error: Package requirements (lua5.1 >= 5.1) were not met:
No package 'lua5.1' found
Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.
Alternatively, you may set the environment variables LUA_CFLAGS
and LUA_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.
The solution was to specify LUA_CFLAGS and LUA_LIBS variables:
[vitalie@silver tmp]$ LUA_CFLAGS="-I/usr/include" LUA_LIBS="-llua -lm -ldl" rpmbuild -ta --define 'with_lua 1' mysql-proxy-0.6.0.tar.gz
[...]
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Requires: libc.so.6()(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.3)(64bit) libc.so.6(GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.4)(64bit) libdl.so.2()(64bit) libdl.so.2(GLIBC_2.2.5)(64bit) libevent-1.1a.so.1()(64bit) libglib-2.0.so.0()(64bit) libm.so.6()(64bit) libm.so.6(GLIBC_2.2.5)(64bit) rtld(GNU_HASH)
Processing files: mysql-proxy-debuginfo-0.6.0-0
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Checking for unpackaged file(s): /usr/lib/rpm/check-files /home/vitalie/rpmbuild/tmp/mysql-proxy-0.6.0-0-root
Wrote: /home/vitalie/rpmbuild/SRPMS/mysql-proxy-0.6.0-0.src.rpm
Wrote: /home/vitalie/rpmbuild/RPMS/x86_64/mysql-proxy-0.6.0-0.x86_64.rpm
Wrote: /home/vitalie/rpmbuild/RPMS/x86_64/mysql-proxy-debuginfo-0.6.0-0.x86_64.rpm
Executing(%clean): /bin/sh -e /home/vitalie/rpmbuild/tmp/rpm-tmp.9187
[...]
References:
November 24th, 2009 — Linux
Doing a lots of db import/export/migration tasks on my Linux notebook on large DB tables, I’ve seen slow responsiveness from the system. After a small investigation I’ve seen that my OS is swapping out too much causing performance degradation and making my system unusable.
By default Linux kernel is configured for server environments. One important parameter that should be considered when using Linux as desktop is vm.swappines, by default it’s value is 60.
That’s fine for a server as it swaps out memory to disk aggressively to release it for active processes, but on desktops this value is to high, the recommended value is 10 to allow the system to be more responsive.
[root@silver ~]# tail -2 /etc/sysctl.conf
# desktop settings
vm.swappiness = 10
More details:
Ubuntu Swap Faq
Optimizing Desktop Performance, Part I
Optimizing Desktop Performance, Part II
Optimizing Desktop Performance, Part III
October 24th, 2009 — Linux, Rails, Ruby
Installing RMagick 2 on CentOS/RHEL 5 it’s not that hard, you just need to install ImageMagick newer than 6.3.5 (CentOS/RHEL 5 is shipping ImageMagick 6.2.8) and that’s the hardest part of the job.
[root@silver ~]# gem install rmagick
Building native extensions. This could take a while...
ERROR: Error installing rmagick:
ERROR: Failed to build gem native extension.
/usr/local/bin/ruby extconf.rb
checking for Ruby version >= 1.8.5... yes
checking for gcc... yes
checking for Magick-config... yes
checking for ImageMagick version >= 6.3.5... no
Can't install RMagick 2.12.2. You must have ImageMagick 6.3.5 or later.I’ve tried to avoid ImageMagick upgrade and to install RMagick 1, but RMagick 1 failed to install with a strange compile error, probably because the gcc compliler shipped with CentOS/RHEL 5 is too new for version 1.
I didn’t wanted to patch RMagick 1, neither to install from sources (I do prefer RPM packages). So, I’ve decided to upgrade ImageMagick library to satisfy RMagick 2 requirements.
Subscribe your system to the following repositories:
Install the following packages:
[root@silver ~]# yum --enablerepo=epel --enablerepo=rpmforge --enablerepo=centosplus install djvulibre-devel libwmf-devel jasper-devel libtool-ltdl-devel librsvg2-devel openexr-devel graphviz-devel gcc gcc-c++ ghostscript freetype-devel libjpeg-devel libpng-devel giflib-devel libwmf-devel libexif-devel libtiff-devel
Add “–noplugins” if you are using “yum-priorities”, or it will fail to install packages.
Download ImageMagick.spec to your SPECS directory and ImageMagick-6.5.7-0.tar.bz2 to SOURCES directory and then rebuild the rpm using rpmbuild:
[root@silver SPECS]# rpmbuild -ba ImageMagick.spec
[...]
Or just grab the source RPM from here:
http://red.penguin.ro/SRPMS/ImageMagick-6.5.7-0.src.rpm
and build it:
[root@silver ~]# rpmbuild --rebuild ImageMagick-6.5.7-0.src.rpm
Installing ImageMagick-6.5.7-0.src.rpm
warning: user vitalie does not exist - using root
warning: group vitalie does not exist - using root
warning: user vitalie does not exist - using root
warning: group vitalie does not exist - using root
Executing(%prep): /bin/sh -e /home/worf/rpmbuild/tmp/rpm-tmp.11936
+ umask 022
+ cd /home/worf/rpmbuild/BUILD
+ LANG=C
+ export LANG
+ unset DISPLAY
+ cd /home/worf/rpmbuild/BUILD
+ rm -rf ImageMagick-6.5.7-0
+ /usr/bin/bzip2 -dc /home/worf/rpmbuild/SOURCES/ImageMagick-6.5.7-0.tar.bz2
+ tar -xf -
[...]
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Requires: /bin/sh ImageMagick-c++ = 6.5.7-0 ImageMagick-devel = 6.5.7-0 libMagick++.so.2()(64bit)
Processing files: ImageMagick-debuginfo-6.5.7-0
Provides: Magick.so.debug()(64bit) analyze.so.debug()(64bit) art.so.debug()(64bit) avi.so.debug()(64bit) avs.so.debug()(64bit) bmp.so.debug()(64bit) braille.so.debug()(64bit) cals.so.debug()(64bit) caption.so.debug()(64bit) cin.so.debug()(64bit) cip.so.debug()(64bit) clip.so.debug()(64bit) cmyk.so.debug()(64bit) cut.so.debug()(64bit) dcm.so.debug()(64bit) dds.so.debug()(64bit) dib.so.debug()(64bit) djvu.so.debug()(64bit) dng.so.debug()(64bit) dot.so.debug()(64bit) dpx.so.debug()(64bit) ept.so.debug()(64bit) fax.so.debug()(64bit) fits.so.debug()(64bit) gif.so.debug()(64bit) gradient.so.debug()(64bit) gray.so.debug()(64bit) hald.so.debug()(64bit) histogram.so.debug()(64bit) hrz.so.debug()(64bit) html.so.debug()(64bit) icon.so.debug()(64bit) info.so.debug()(64bit) inline.so.debug()(64bit) ipl.so.debug()(64bit) jp2.so.debug()(64bit) jpeg.so.debug()(64bit) label.so.debug()(64bit) libMagick++.so.2.0.0.debug()(64bit) libMagickCore.so.2.0.0.debug()(64bit) libMagickWand.so.2.0.0.debug()(64bit) magick.so.debug()(64bit) map.so.debug()(64bit) mat.so.debug()(64bit) matte.so.debug()(64bit) meta.so.debug()(64bit) miff.so.debug()(64bit) mono.so.debug()(64bit) mpc.so.debug()(64bit) mpeg.so.debug()(64bit) mpr.so.debug()(64bit) msl.so.debug()(64bit) mtv.so.debug()(64bit) mvg.so.debug()(64bit) null.so.debug()(64bit) otb.so.debug()(64bit) palm.so.debug()(64bit) pattern.so.debug()(64bit) pcd.so.debug()(64bit) pcl.so.debug()(64bit) pcx.so.debug()(64bit) pdb.so.debug()(64bit) pdf.so.debug()(64bit) pict.so.debug()(64bit) pix.so.debug()(64bit) plasma.so.debug()(64bit) png.so.debug()(64bit) pnm.so.debug()(64bit) preview.so.debug()(64bit) ps.so.debug()(64bit) ps2.so.debug()(64bit) ps3.so.debug()(64bit) psd.so.debug()(64bit) pwp.so.debug()(64bit) raw.so.debug()(64bit) rgb.so.debug()(64bit) rla.so.debug()(64bit) rle.so.debug()(64bit) scr.so.debug()(64bit) sct.so.debug()(64bit) sfw.so.debug()(64bit) sgi.so.debug()(64bit) stegano.so.debug()(64bit) sun.so.debug()(64bit) svg.so.debug()(64bit) tga.so.debug()(64bit) thumbnail.so.debug()(64bit) tiff.so.debug()(64bit) tile.so.debug()(64bit) tim.so.debug()(64bit) ttf.so.debug()(64bit) txt.so.debug()(64bit) uil.so.debug()(64bit) url.so.debug()(64bit) uyvy.so.debug()(64bit) vicar.so.debug()(64bit) vid.so.debug()(64bit) viff.so.debug()(64bit) wbmp.so.debug()(64bit) wmf.so.debug()(64bit) wpg.so.debug()(64bit) x.so.debug()(64bit) xbm.so.debug()(64bit) xc.so.debug()(64bit) xcf.so.debug()(64bit) xpm.so.debug()(64bit) xps.so.debug()(64bit) xwd.so.debug()(64bit) ycbcr.so.debug()(64bit) yuv.so.debug()(64bit)
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Checking for unpackaged file(s): /usr/lib/rpm/check-files /home/worf/rpmbuild/tmp/ImageMagick-6.5.7-0-root-root
Wrote: /home/worf/rpmbuild/RPMS/x86_64/ImageMagick-6.5.7-0.x86_64.rpm
Wrote: /home/worf/rpmbuild/RPMS/x86_64/ImageMagick-devel-6.5.7-0.x86_64.rpm
Wrote: /home/worf/rpmbuild/RPMS/x86_64/ImageMagick-doc-6.5.7-0.x86_64.rpm
Wrote: /home/worf/rpmbuild/RPMS/x86_64/ImageMagick-perl-6.5.7-0.x86_64.rpm
Wrote: /home/worf/rpmbuild/RPMS/x86_64/ImageMagick-c++-6.5.7-0.x86_64.rpm
Wrote: /home/worf/rpmbuild/RPMS/x86_64/ImageMagick-c++-devel-6.5.7-0.x86_64.rpm
Wrote: /home/worf/rpmbuild/RPMS/x86_64/ImageMagick-debuginfo-6.5.7-0.x86_64.rpm
Executing(%clean): /bin/sh -e /home/worf/rpmbuild/tmp/rpm-tmp.25482
+ umask 022
+ cd /home/worf/rpmbuild/BUILD
+ cd ImageMagick-6.5.7-0
+ rm -rf /home/worf/rpmbuild/tmp/ImageMagick-6.5.7-0-root-root
+ exit 0
Executing(--clean): /bin/sh -e /home/worf/rpmbuild/tmp/rpm-tmp.25482
+ umask 022
+ cd /home/worf/rpmbuild/BUILD
+ rm -rf ImageMagick-6.5.7-0
+ exit 0
Uninstall i386 ImageMagick libraries if you are on x86_64 system:
[root@silver ~]# rpm -qa | grep ImageMagick | grep -i i386 | xargs rpm -e
Install the new RPMs compiled in the previous steps:
[root@silver x86_64]# rpm -Uvh ImageMagick-6.5.7-0.x86_64.rpm ImageMagick-c++-6.5.7-0.x86_64.rpm ImageMagick-c++-devel-6.5.7-0.x86_64.rpm ImageMagick-devel-6.5.7-0.x86_64.rpm
Finally, install the RMagick 2 plugin:
[root@silver ~]# gem install rmagick --no-rdoc --no-ri
Building native extensions. This could take a while...
Successfully installed rmagick-2.12.2
1 gem installed
October 15th, 2009 — Linux, Rails
Keeping a separate file for each virtual host in /etc/httpd/vhosts.d it’s clean and cool, but when you have many virtual hosts with same settings it’s a pain to keep them updated. We need a template system for Apache configurations and mod_macro module it’s a handy tool for this job.
Download module version suited for your Apache from:
http://www.cri.ensmp.fr/~coelho/mod_macro/
Ensure that you have httpd-devel package installed then untar archive and compile mod_macro module with apxs:
[root@silver tmp]# wget http://www.cri.ensmp.fr/~coelho/mod_macro/mod_macro-1.1.10.tar.bz2
[...]
[root@silver tmp]# tar xvfjp mod_macro-1.1.10.tar.bz2
[...]
[root@silver tmp]# cd mod_macro-1.1.10
[root@silver mod_macro-1.1.10]# apxs -cia mod_macro.c
/usr/lib64/apr-1/build/libtool --silent --mode=compile gcc -prefer-pic -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -fno-strict-aliasing -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -pthread -I/usr/include/httpd -I/usr/include/apr-1 -I/usr/include/apr-1 -c -o mod_macro.lo mod_macro.c && touch mod_macro.slo
mod_macro.c: In function 'looks_like_an_argument':
mod_macro.c:316: warning: cast from pointer to integer of different size
mod_macro.c: In function 'say_it':
mod_macro.c:929: warning: cast from pointer to integer of different size
/usr/lib64/apr-1/build/libtool --silent --mode=link gcc -o mod_macro.la -rpath /usr/lib64/httpd/modules -module -avoid-version mod_macro.lo
/usr/lib64/httpd/build/instdso.sh SH_LIBTOOL='/usr/lib64/apr-1/build/libtool' mod_macro.la /usr/lib64/httpd/modules
/usr/lib64/apr-1/build/libtool --mode=install cp mod_macro.la /usr/lib64/httpd/modules/
cp .libs/mod_macro.so /usr/lib64/httpd/modules/mod_macro.so
cp .libs/mod_macro.lai /usr/lib64/httpd/modules/mod_macro.la
cp .libs/mod_macro.a /usr/lib64/httpd/modules/mod_macro.a
chmod 644 /usr/lib64/httpd/modules/mod_macro.a
ranlib /usr/lib64/httpd/modules/mod_macro.a
PATH="$PATH:/sbin" ldconfig -n /usr/lib64/httpd/modules
----------------------------------------------------------------------
Libraries have been installed in:
/usr/lib64/httpd/modules
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,--rpath -Wl,LIBDIR' linker flag
- have your system administrator add LIBDIR to `/etc/ld.so.conf'
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
chmod 755 /usr/lib64/httpd/modules/mod_macro.so
[activating module `macro' in /etc/httpd/conf/httpd.conf]Create a file that will keep your macros in Apache’s conf.d directory (example: _mod_macro.conf), conf.d files are executed after modules are loaded:
# /etc/httpd/conf.d/_mod_macro.conf
# RailsHost macro
<Macro RailsHost $host $dir>
<VirtualHost *:80>
ServerName www.$host
ServerAlias $host
DocumentRoot $dir/current/public
CustomLog "logs/$host_access.log" combined
ErrorLog "logs/$host_error.log"
# Passenger settings
RailsBaseURI /
RailsMaxPoolSize 1
RailsPoolIdleTime 3600
RailsEnv production
# Redirect example.com -> www.example.com
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www.$host
RewriteRule ^/(.*) http://www.$host/$1 [R=301,L]
# Check for maintenance file and redirect all requests
RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
RewriteCond %{SCRIPT_FILENAME} !maintenance.html
RewriteCond %{SCRIPT_FILENAME} !^/images
RewriteCond %{SCRIPT_FILENAME} !^/stylesheets
RewriteCond %{SCRIPT_FILENAME} !^/javascripts
RewriteRule ^.*$ /system/maintenance.html [L]
ErrorDocument 404 $dir/current/public/404.html
ErrorDocument 422 $dir/current/public/422.html
ErrorDocument 500 $dir/current/public/500.html
Use ModDeflate
Use ModExpires
<Directory $dir/current/public>
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
</Macro>
# ModDeflate macro
<Macro ModDeflate>
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
</IfModule>
</Macro>
# ModExpires macro
<Macro ModExpires>
<IfModule mod_expires.c>
ExpiresActive On
<LocationMatch "^/(images|javascripts|stylesheets)">
ExpiresDefault "access plus 1 year"
</LocationMatch>
</IfModule>
</Macro>Append RailsHost macro calls to your httpd.conf to define your virtual hosts :
# /etc/httpd/conf/httpd.conf
[...]
Use RailsHost vhost1.com /data/virtualhosts/vhost1.com
Use RailsHost vhost2.com /data/virtualhosts/vhost2.com
Now, your Apache configuration looks much better and when it comes make changes to your configurations you’ll need to change just one macro.
October 12th, 2009 — Linux, Security
I would not talk about how important is to secure your ssh server. One of the tools that helps us to secure ssh server is DenyHosts. From the DenyHosts home page:
DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).
Sending accidentally wrong password to server will block your access. You can avoid it by using public key authentication or when it’s not possible you can configure DenyHosts to ignore IP addresses from your network:
How can I prevent a legitimate IP address from being blocked by DenyHosts?
Since it is quite possible for a user to mistype their password repeatedly it may be desirable to have DenyHosts prevent specific IP addresses from being added to /etc/hosts.deny. To address this issue, create a file named allowed-hosts in the WORK_DIR. Simply add an IP address, one per line. Any IP address that appears in this file will not be blocked.
[...]
more
I do prefer the TCP wrappers way, I’ll just bypass DenyHosts for local networks.
Configure DenyHosts to write blocked IPs to /etc/denyhosts/blocked:
# /etc/denyhosts/denyhosts.cfg
HOSTS_DENY = /etc/denyhosts/blocked
BLOCK_SERVICE =
Allow ssh connection if listed in /etc/denyhosts/ignored, and then the last rule is to allow ssh access unless listed in /etc/denyhosts/blocked:
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
# ssh access
sshd: /etc/denyhosts/ignored : allow
sshd: ALL EXCEPT /etc/denyhosts/blocked
Add IPs/networks to ignore:
# /etc/denyhosts/ignored
# hosts allowed to connect bypassing DenyHosts
192.168.10.0/255.255.255.0
More on the file format:
October 9th, 2009 — Linux
Firstly I thought it’s that my hard drive it’s faulty, because while writing a few large files it failed with the following messages:
sd 3:0:0:0: Device not ready: <6>: Current: sense key: Not Ready
Add. Sense: Logical unit not ready, initializing command required
end_request: I/O error, dev sdb, sector 794703
EXT3-fs error (device sdb1): read_inode_bitmap: Cannot read inode bitmap - block_group = 3, inode_bitmap = 99330
Aborting journal on device sdb1.
sd 3:0:0:0: Device not ready: <6>: Current: sense key: Not Ready
Add. Sense: Logical unit not ready, initializing command required
end_request: I/O error, dev sdb, sector 12423
Buffer I/O error on device sdb1, logical block 1545
lost page write due to I/O error on sdb1
sd 3:0:0:0: Device not ready: <6>: Current: sense key: Not Ready
Add. Sense: Logical unit not ready, initializing command required
end_request: I/O error, dev sdb, sector 63
Buffer I/O error on device sdb1, logical block 0
lost page write due to I/O error on sdb1
EXT3-fs error (device sdb1) in ext3_new_inode: IO failure
EXT3-fs error (device sdb1) in ext3_create: IO failure
ext3_abort called.
EXT3-fs error (device sdb1): ext3_journal_start_sb: Detected aborted journal
Remounting filesystem read-onlyAfter googling around I’ve found this thread:
http://ubuntuforums.org/showthread.php?t=494673
Thanks to trolav, I’ve solved my problem.
[root@silver ~]# cat /etc/udev/rules.d/85-usb-hd-fix.rules
BUS=="scsi", KERNEL=="sd?", SYSFS{vendor}=="Seagate", SYSFS{model}=="FreeAgent Go", RUN+="/scripts/usbhdfix %k"[root@silver ~]# cat /scripts/usbhdfix
#!/bin/bash
# USB FIX:
# http://ubuntuforums.org/showthread.php?t=494673
echo 1024 > /sys/block/$1/device/max_sectors
echo 1 > /sys/block/$1/device/scsi_disk:*/allow_restart
June 25th, 2009 — Linux, Ruby
Installing latest Hpricot on ruby 1.8.5 fails due missing macro RARRAYPTR:
[root@silver ~]# gem install hpricot
Building native extensions. This could take a while...
ERROR: Error installing hpricot:
ERROR: Failed to build gem native extension.
/usr/bin/ruby extconf.rb
checking for main() in -lc... yes
creating Makefile
make
gcc -I. -I. -I/usr/lib64/ruby/1.8/x86_64-linux -I. -fPIC -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wall -fno-strict-aliasing -fPIC -c hpricot_css.c
hpricot_css.rl: In function ‘hpricot_css’:
hpricot_css.rl:106: warning: implicit declaration of function ‘RSTRING_PTR’
hpricot_css.rl:106: warning: assignment makes pointer from integer without a cast
hpricot_css.rl:107: warning: implicit declaration of function ‘RSTRING_LEN’
hpricot_css.rl:82: warning: field precision should have type ‘int’, but argument 5 has type ‘long int’
hpricot_css.c:295: warning: comparison is always true due to limited range of data type
[...]
hpricot_css.c:3403: warning: comparison between pointer and integer
hpricot_css.c:3403: warning: ‘eof’ is used uninitialized in this function
hpricot_css.rl:92: warning: ‘aps’ may be used uninitialized in this function
gcc -I. -I. -I/usr/lib64/ruby/1.8/x86_64-linux -I. -fPIC -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wall -fno-strict-aliasing -fPIC -c hpricot_scan.c
hpricot_scan.rl: In function ‘our_rb_hash_lookup’:
hpricot_scan.rl:169: warning: implicit declaration of function ‘st_lookup’
hpricot_scan.rl: In function ‘make_hpricot_struct’:
hpricot_scan.rl:693: warning: implicit declaration of function ‘RARRAYPTR’
hpricot_scan.rl:693: error: subscripted value is neither array nor pointer
make: *** [hpricot_scan.o] Error 1
Gem files will remain installed in /usr/lib64/ruby/gems/1.8/gems/hpricot-0.8.1 for inspection.
Results logged to /usr/lib64/ruby/gems/1.8/gems/hpricot-0.8.1/ext/hpricot_scan/gem_make.outSearching with google I’ve found this post that explains equivalence of the RARRAYPTR(v) is RARRAY(v)->ptr . We’ll need to define RARRAYPTR macro.
We’ll replace occurences of #include <ruby.h> with #include “ruby_macros.h” and create an include file ruby_macros.h with the following content:
#ifndef __RUBY_MACROS__
#define __RUBY_MACROS__
#include <ruby.h>
#ifndef RARRAYPTR
# define RARRAYPTR(v) RARRAY(v)->ptr
#endif
#endif
[root@silver ~]# cd /usr/lib64/ruby/gems/1.8/gems/hpricot-0.8.1/ext/hpricot_scan
[root@silver hpricot_scan]# sed -i 's,#include <ruby.h>,#include "ruby_macros.h",g' *.h *.c *.rl
[root@silver hpricot_scan]# touch ruby_macros.h
[root@silver hpricot_scan]# vi ruby_macros.h
The next step is to recreate the gem and install it:
[root@silver ~]# cd /usr/lib64/ruby/gems/1.8/gems/hpricot-0.8.1
[root@silver hpricot-0.8.1]# rake package
(in /usr/lib64/ruby/gems/1.8/gems/hpricot-0.8.1)
fatal: Not a git repository
rm -r ext/fast_xs/Makefile
rm -r ext/hpricot_scan/Makefile
rm -r .config
rm -r pkg
rm -r hpricot-0.8.1-mswin32
rm -r hpricot-0.8.1-jruby
Using ragel version: 6.3, location: /usr/bin/ragel
cd ext/hpricot_scan ; ragel hpricot_scan.rl -G2 -o hpricot_scan.c && ragel hpricot_css.rl -G2 -o hpricot_css.c
mkdir -p pkg
mkdir -p pkg/hpricot-0.8.1
rm -f pkg/hpricot-0.8.1/CHANGELOG
[...]
cd pkg
tar zcvf hpricot-0.8.1.tgz hpricot-0.8.1
hpricot-0.8.1/
hpricot-0.8.1/Rakefile
[...]
hpricot-0.8.1/ext/fast_xs/fast_xs.c
cd -
WARNING: description and summary are identical
Successfully built RubyGem
Name: hpricot
Version: 0.8.1
File: hpricot-0.8.1.gem
mv hpricot-0.8.1.gem pkg/hpricot-0.8.1.gem
[root@silver hpricot-0.8.1]# gem install pkg/hpricot-0.8.1.gem
Building native extensions. This could take a while...
Successfully installed hpricot-0.8.1
1 gem installed
Installing ri documentation for hpricot-0.8.1...
Installing RDoc documentation for hpricot-0.8.1...
[root@silver hpricot_scan]# gem list -l | grep hpricot
hpricot (0.8.1, 0.7, 0.6.164, 0.6.161, 0.6)
April 8th, 2009 — Linux, Plesk
After Plesk upgrade we had to upgrade SpamGuardian too, but the scripts from the rpm contains syntax errors and the package can’t be installed:
[root@andromeda tmp]# rpm -Uvh --force 4psa-sguardian-psa9-3.5.0-090305.01.rhel5.i386.rpm
Preparing... ########################################### [100%]
1:4psa-sguardian-psa9 ########################################### [100%]
/var/tmp/rpm-tmp.42581: line 315: syntax error near unexpected token `>>'
/var/tmp/rpm-tmp.42581: line 315: ` echo >> >> /etc/sguardian/sguardian.conf'
The solution is to install the rpm without running PRE/POST install scripts:
[root@andromeda tmp]# rpm -Uvh --force --noscripts 4psa-sguardian-psa9-3.5.0-090305.01.rhel5.i386.rpm
Then we can extract scripts with mc (midnight commander), or rpm -qp –scripts
and run them separately after correcting the syntax errors (comment lines containing “>> >>” string):
[root@andromeda scripts]# sh PREIN
[...]
[root@andromeda scripts]# sh POSTIN
===> Installing 4PSA Spam Guardian
===> Regenerating Mail files
==> Checking for: mailsrv_conf_init... ok
==> Checking for: mail_mailbox_restore... ok
==> Checking for: mailsrv_entities_dump... ok
==> Checking for: mail_auth_dump... ok
==> Checking for: mailman_lists_dump... ok
==> Checking for: mail_responder_restore... ok
==> Checking for: mail_drweb_restore... ok
==> Checking for: mail_kav_restore... not exsists
==> Checking for: mail_spf_restore... ok
==> Checking for: mail_dk_restore... ok
Success
[...]