Blog posts by Geekyboy – Adam Culp

Well once again I performed my updates via Redhat up2date, and once again I lost all name services on a server.  This time I thought I would post my fix, since it was the same as last time.

There was an update issued by RHN this evening which updated the bind-chroot rpm. As part of it’s post install script it will attempt to relocate any zone files that may be located outside of the chroot into a chrooted directory in /var/named/chroot.

Since PSA implements a chroot for named outside of this package the nameserver files will be relocated to a path like…

/var/named/chroot/var/named/run-root/var/named/

This will of course break named’s ability to startup.

simply remove the bind-chroot rpm and re-link the /etc/named.conf file to the right location.

rpm -e bind-chroot
ln -sf /var/named/run-root/etc/named.conf /etc/named.conf
/sbin/service named restart

You should be good to go at that point.

I was playing with a new virtual server that had CentOS installed on it recently, and wanted to get SSL working for Apache.  Since I was only setting up a development server I really didn’t need to purchase a certificate and decided to use a self-signed certificate.  Here is what I did:

First I needed to get ‘make’ and ‘mod_ssl’ running to allow for this. (I use sudo but you could login as su)

sudo yum install make

sudo yum install mod_ssl

Next I did the following steps:

1. Go to /etc/pki/tls/certs
2. Run the command sudo make mycert.pem
3. Enter the information you are prompted for about country, state, city, host name etc, your certificate and key has been created
4. Now edit /etc/httpd/conf.d/ssl.conf and update the following items:
• SSLCACertificateFile /etc/pki/tls/certs/mycert.pem
• SSLCACertificateKeyFile /etc/pki/tls/mycert.pem
5. I was forced to create a symbolic link for the SSLCACertificateKeyFile as follows: (I think this was supposed to happen automagically.)
• I went to /etc/pki/tls and created the symbolic link using the next line.
• sudo ln -s certs/mycert.pem mycert.pem
6. Restart Apache (/etc/init.d/httpd restart)

There, now you have a self-signed certificate for your apache virtualhosts.

TinyMCE has a habit of rewriting the URL for images, etc.  However, this becomes broken when using TinyMCE to edit things like emails.  The relative path is totally useless in an email because the email is not being viewed from the server like a webpage would be.

To fix this I searched the tiny_mcs.js and found that TinyMCE had two settings in the tiny_mce.js file that are boolean flags (true,false or 0,1) dealing with URL’s. The variables are relative_urls and convert_urls, and by default they are set to true, or 1.

After changing these setting to false (or zero) I have not had any further problems with using TinyMCE to edit email content.

From the command line I have found many great tools for system management, but really needed to dig into ways of tracking hard disk usage on Linux without the aid of GUI tools. Google to the rescue! I found a few places with great tips and hints on how to do this, but one article on Linux.com came in very handy. Here were my findings:

The df utility displays the disk space usage on all mounted filesystems. The -T option prints the filesystem type as well. By default, df measures the size in 1K blocks, which could be a little difficult for a desktop user to decipher. Use the -h option to get more understandable output:

$ df -h -T
Filesystem    Type    Size  Used Avail Use% Mounted on
/dev/hda6     ext3     20G  9.3G  9.1G  51% /
/dev/hda7 reiserfs     13G  2.1G   11G  17% /mnt/suse
/dev/sda1     vfat    241M  152M   90M  63% /media/usbdisk

You can use the du command to determine which files or directories need to be deleted — or at least trimmed. A simple du will print usage for the present working directory and its subdirectories, along with the size of each directory.

If you want the size of an particular directory, specify it with du directoryname. For instance, du -h /home/bodhi/podcasts will print the size of the podcasts directory in a more readable format than the kilobytes used by default. The -c option prints the grand total size of the directory at the end. The -a option also displays the file names along with directories and can be of use when you want to see a list of files in a particular directory. The -s option will display a summary, without showing all of the subdirectories.

Running du -ch | grep total prints just one line with the total size of the directory. If there’s a particular type of file that you would like to be excluded while calculating a directory’s usage, specify it with the --exclude=type option. Here we’ll check the disk usage of the current directory, and display all file names with their disk usage, and then sort them numerically using the sort utility:

$ du -ah | sort -n
4.2M    ./eweek.10.28.05.mp3
4.5M    ./LQ-Podcast-101105.mp3
4.8M    ./LQ-Podcast-110905.mp3
19M     ./LQRadio-Episode3.mp3
20M     ./LQRadio-Searls.mp3
36M     ./LQRadio-HiserAndAdelstein.mp3
197M    .

After Ian posted this on his blog I thougth I would follow suit. (He always seems to find the cool stuff.)

This very nifty site allows you to create tiled background images for use wherever you may need them. At first I thought “yuck, I stopped using backgrounds long ago”. But after playing with rotation, colors, and opacity I found that a pretty nice tiled background can be useful when applied right.

It is very difficult to do a good job on tiled backgrounds, but this site makes it easy.
www.BgPatterns.com

Recently I started receiving errors when I tried to connect to MySQL using command line or PHPMyAdmin. In command line I would get “ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/tmp/mysql.sock’ (2)”, and with PHPMyAdmin I would get “#2002 – The server is not responding (or the local MySQL server’s socket is not correctly configured)”.

The system in question is my Dell Inspiron 1720 running Hardy Heron Ubuntu. I knew of a few changes to my system, but none of them seemed to have caused the problem. So I hunted for a few days trying to figure it out. I performed multiple searches on the net, and each led me to a dead end. Many said, “Set this … in your php.ini” or “Set that … in your my.cnf”, and some even said Apache was to blame. However, I found the solution to be very simple.

MySQL was expecting the mysql.sock to be located in ‘/tmp/mysql.sock’. However, for some reason it had moved or the symbolic link to it’s actual location was deleted by some update or install I did recently.

I fixed the problem by adding a symbolic link to the actual home of mysqld.sock, which was /var/run/mysqld/mysqld.sock. Here is how I created the symbolic link: (at the command line)

sudo ln -s /var/run/mysqld/mysqld.sock /tmp/mysql.sock

sudo puts us in super user mode, “ln -s” creates a symbolic link followed by the target the links sould point to and last by the location of the link.

Edited on Sep. 26th with update below:

The fix above did not work as a permanent fix. I found that whenever I rebooted the OS it forced me to recreate the symbolic link. MySQL was failing to recreate the symbolic link on it’s own. To permanently fix the issue I needed to add the creation of the symbolic link to my SESSION startup. Here is how I did that:

By going to the System->Preferences->Sessions to edit the Startup Programs. I added an item that automatically issues the command above, but without the “sudo”.

Mission accomplished…permanently.

Recently I was having a consistent problem with the sound on my Dell Inspiron 1720, which is running on Ubuntu Hardy Heron. It would consistently stop working all together, and I had a terrible time finding the cause of the problem. If I viewed a flash video on the web, the sound would die afterwards. If I listened to streaming Internet radio, the sound would die. If I received an emial or IM the sound would die.

Finally it dawned on me, and I am not sure why or how. But a few weeks prior I had been toying with a Bluetooth stereo headset and had turned on the Audio service in the Bluetooth manager on the services tab.

Problem fixed: I simply turned off the Audio service in the Bluetooth manager, and all is working normally again. However, if I ever need the Audio service I suppose it will break my sound.

Have you ever wondered why you suddenly started getting tons of spam?

Do you have, or did you recently post your email address on a website?

Then the reason is probably because you did not properly protect the email address, and spammers get most email addresses from robot script that harvest email addresses from websites. It is pretty simple really. The robot script hits the largest search engines for certain key words or phrases, to help the spammer hit the most relevent email addresses, and then systematically follows the links to websites. Once the robot gets to the website it then searches all links on the page. Each link it finds on the page that is a “mailto:” is an email address, and in a matter of minutes a robot script can harvest hundreds of emails.

So now you are asking, “What can be done to protect me from these vile robots?”. Well that answer is also simple. Most robot script are not smart enough, yet, to search Javascript code that scrambles an email address and form it back into a valid email address. So here is how to do it:

First, you need to go into the HTML code and insert the Javascript as follows:

var theuser = "username" // change this to be the username, or portion of the email to the left of the @
var thehost = "your-domain.com" // change this to be your domain name

var themessage = theuser + "@" + thehost;

// Now we tell Javascript to bring the pieces of the email address together visually on the screen as a link
document.write("" + themessage + "")

Note: Be sure to substitute username and your-domain.com with your own information.

Now when you view your webpage in your favorite browser (Firefox) you will see the email as a link like you wanted, and the robots will see a bunch of code that most of them cannot form into a valid email address.

Create an account on the remote MySQL database server.

useradd -s /bin/false remote_user
mkdir /home/remote_user/.ssh
touch /home/remote_user/.ssh/authorized_keys
chown -R remote_user:remote_user /home/remote_user/.ssh
chmod 755 /home/remote_user/.ssh
chmod 600 /home/remote_user/.ssh/authorized_keys

Add MySQL permissions in the remote MySQL database to allow user connections from localhost.

USE mysql;
GRANT ALL ON db.* TO database_user@127.0.0.1 IDENTIFIED BY 'database_pass';
FLUSH PRIVILEGES;

Now, on the local server (as root) create an RSA key pair to avoide the need for passwords for remote_user. (Simply hit enter for each question encountered.)

ssh-keygen -t rsa

Now transfer the public key file to the remote server from your local server.

scp /var/root/.ssh/id_rsa.pub root@remote_server.com:/tmp/local_server.local_rsa.pub
ssh remote_server.com
cat /tmp/local_server.local_rsa.pub >> /home/remote_user/.ssh/authorized_keys

On the local server, create an SSH tunnel to the remote MySQL database server using the following command.

ssh -fNg -L 3306:127.0.0.1:3306 remote_user@remote_server.com sleep 9999

To use this from PHP you would simply do this:

$remote_server_mysql = mysql_connect( "127.0.0.1", "database_user", "database_pass" );
mysql_select_db( "database", $remote_server_mysql ); 

When troubleshooting a problem in Apache it is a pain to open the log file, find an error, close the log file, and then open it again after you perform some action. This is why ‘tail’ is so handy.

Simply use the command below to view the last 100 lines of a log file, and as new entries are added to the file they are automatically displayed on the screen.

tail -f /the/file/name -n -100