To any readers who might friends or family who haven’t heard yet, Kelly had the baby on Friday. I’ve posted some details on my other blog.
Category: General (Page 9 of 26)
Do you have users who need access to web-based applications on multiple servers? Managing those users can be a pain when dealing with normal htpasswd-based permissions. Adding or removing users means editing each htpasswd file and remembering where all of them are.
Mod_auth_mysql is a good way to centralize that user database so that you can avoid having all of the separate htpasswd files. The apache module is available from any modern Linux distribution, so installing and configuring it takes less than 5 minutes. I started using it almost 2 years ago, and over that time have made a simple web application for managing the users and granting them permission to each application.
I’ve released the program as WebPasswd for anybody else who wants to use it. Now adding users and granting them access to application can be don with just a few clicks. Granting and revoking access to an application takes just seconds and is applied immediately. Configuring a new application takes a couple clicks, and then you just copy/paste the Apache configuration into the appropriate place on your web server. Try it out with this demo.
I think this will be useful to people. I have not seen another application that does something similar. Let me know if it works for you.
I’ve done this several times on several distro’s now. My last post was about setting this up on CentOS 5. Setting it up on Ubuntu is mostly similar, but requires a couple of significant changes.
Again, Falco’s HowToForge article does a good job of explaining the process. I followed the guide for Debian Etch with the following changes:
I don’t think that Step 2 (installinginitramfs-tools and mdadm) is required.
Prior to Step 3, when editing /etc/fstab, you need to know the UUID’s of your new volumes. You can use the ‘vol_id’ command to get those
root@host:~# vol_id /dev/sda1|grep UUID= ID_FS_UUID=97b2e1f2-2f16-47be-8fac-8091a4d5817f
Instead of replacing /dev/sdX with /dev/mdX, you need to replace to UUID’s for those with the UUID’s from the new /dev/mdX devices. Also, when editing /boot/grub/menu.lst, you’ll need to replace the UUID for /dev/sda3 with the UUID for /dev/md2
The rest of the process should work as documented.
I like to store IP addresses in a database as unsigned 32-bit integers. It is efficient and elegant and is just fun to work with.
I recently had somebody scraping a site using a range of IP addresses from the same subnet to get around our bot-detection which worked at an individual IP level. It was a pretty simple change to summarize that at the network level. Just do a bitwise AND with 4294967040 to mask out the last octet
The number ‘4294967040’ came by calculating 2^32 – 2^8 so the binary number has all ones in the first 24 bits and all zeros in the last 8 bits.
SELECT ip, INET_NTOA(ip&4294967040) AS ipaddr, FROM some_table GROUP BY ipaddr
Now those poor fools at 208.86.255.0/24 will be getting cached data from who-knows-when and they won’t even know it.
I’m seeing this problem more and more frequently when running apt-get or apt-cache commands. It seems to get most of the way through updating itself and then dies with this error:
E: Dynamic MMap ran out of room E: Error occured while processing rapidsvn (NewVersion1) E: Problem with MergeList /var/state/apt/lists/something_repodata_primary.xml E: The package lists or status file could not be parsed or opened.
My understanding is that apt is running of some cache space and quits. I think this is referring to some memory limit, but am not sure (if anybody has a better explanation of the actual problem, please comment).
The fix is easy enough. Just create a file named /etc/apt/apt.conf.d/local.conf with this line:
APT::Cache-Limit 50000000;
That raises the limit from the default (I believe 8Mb) to 50Mb and has worked well for me.
I frequently need to generate a quick report generated from a quick database query. I have been doing this by creating a simple PHP script that queries the database and then displays the results as a CSV. However, I just found a way to do it directly from the MySQL command line, which makes it possible to skip the steps of creating the PHP script.
Simply run the command like this:
mysql>SELECT * FROM sometable INTO OUTFILE '/tmp/output.csv' FIELDS TERMINATED BY ',';
That will save the results to the file specified in a simple CSV format. There are also options for enclosing fields in quotes, the line terminators, and several other options.
It went by without much fanfare:
[root@dev ~]# date +%s 1234567890
I usually avoid putting mailto links on websites because they are easily scraped by spammers and fed into spam lists. But sometimes it is just necessary to have one. There are ways of encoding email addresses using javascript or special HTML characters that make it more difficult for spammers to see the email addresses.
I’ve done the encoding on my own for a while, but just found this Email Obfuscator that does a good job of it, so I’ll be using that form now on.
I ran across this cryptic error message in an SSH log file today:
Feb 7 03:33:21 hostname sshd[19439]: error: buffer_get_ret: trying to get more bytes 4 than in buffer 0 Feb 7 03:33:21 hostname sshd[19439]: fatal: buffer_get_int: buffer error
The problem is actually a corrupt line in a users ~/.ssh/authorized_keys file. This user had copy/pasted a new key into his authorized_keys file and it had a newline after the ssh-rsa. Strangely enough, people were still able to authenticate if their key was above the corrupted line. Users whose key was listed below the corrupt line were not able to log in.
According to the PHP documentation for timezone_identifiers_list(), that function should be included in PHP 5.1.x. The note on DateTime installation mentions, however, that it was only experimental support, and had to be compiled specifically to support it.
The fix, then, is to recompile PHP 5.1.x with
CFLAGS=-DEXPERIMENTAL_DATE_SUPPORT=1
or to upgrade to PHP 5.2 where it is enabled by default.
My particular problem surfaced with some Drupal code that required the function.