What more could you want?
chuck
This user hasn't shared any biographical information
Homepage: http://www.ozymo.com
Posts by chuck
Building HAL on BLFS
Jul 2nd
While attempting to build HAL on Beyond Linux From Scratch (Currently the SVN version, scheduled to be the 6.4 release), I came across this error:
probe-storage.c: In function ‘main’:
probe-storage.c:462: error: dereferencing pointer to incomplete type
probe-storage.c:462: error: ‘VOLUME_ID_FILESYSTEM’ undeclared (first use in this function)
probe-storage.c:462: error: (Each undeclared identifier is reported only once
probe-storage.c:462: error: for each function it appears in.)
probe-storage.c:463: error: dereferencing pointer to incomplete type
probe-storage.c:463: error: ‘VOLUME_ID_RAID’ undeclared (first use in this function)
probe-storage.c:464: error: dereferencing pointer to incomplete type
probe-storage.c:464: error: ‘VOLUME_ID_OTHER’ undeclared (first use in this function)
probe-storage.c:465: error: dereferencing pointer to incomplete type
probe-storage.c:465: error: ‘VOLUME_ID_CRYPTO’ undeclared (first use in this function)
After some looking around, I had almost given up hope when I decided to take a look at /usr/include/libvolume_id.h where the particular VOLUME_ID structs are created. I also Googled for that file name, and came across koders.com‘s enumeration of header files. The file listed on their site was 116 lines, and the file installed on my LFS box was only 54, and didn’t include the structs for the items listed in the above error.
After making a backup of the original libvolume_id.h file, I copied the file from koders.com (which, incidentally, is from CentOS) and catted it into place on my server. I ran the compile for HAL again, and now enjoy the sweet and slightly spicy flavor of success.
Hoorah.
/cs
Warning: using insecure memory!
Mar 21st
This nearly scared the life out of me:
[chuck@thom ~]$ gpg -v Warning: using insecure memory! gpg: Go ahead and type your message ...
I was on a FreeBSD virtual machine, and had just installed GnuPG. As it turns out, I rtfm’d and found the solution:
In the “BUGS” section of the gpg(1) man page:
On many systems this program should be installed as setuid(root). This is necessary to lock memory pages. Locking memory pages prevents the operating system from writing memory pages (which may contain passphrases or other sensitive material) to disk. If you get no warning message about insecure memory your operating system supports locking without being root. The program drops root privileges as soon as locked memory is allocated.
Here are the steps I took to make the gpg2 binary setuid:
$ which gpg /usr/local/bin/gpg $ ls -lah /usr/local/bin/gpg lrwxr-xr-x 1 root wheel 4B Feb 3 04:36 /usr/local/bin/gpg -> gpg2 $ chmod 4755 /usr/local/bin/gpg2 $ ls -lah /usr/local/bin/gpg2 -rwsr-xr-x 1 root wheel 576K Feb 3 04:36 /usr/local/bin/gpg2
So, sure enough, after setting the gpg2 binary to be setuid, everything worked:
[chuck@thom ~]$ gpg -v gpg: Go ahead and type your message ...
Now I can safely, securely use gpg on FreeBSD.
/cs
Intro to Apache Redirects
Jan 20th
I came across an issue where a customer needed education on using Redirect in the Apache config. Particularly, the redirects were being configured through webmin (which, btw, does an amazing job of mangling the httpd.conf file!). I though somebody may find it useful, and cleaned it up. The names or websites have been changed to protect the innocent or the not-so-innocent.
Here is the syntax that webmin placed into the Apache config on your server for various redirects:
# grep ^Redirect /etc/httpd/conf/httpd.conf
Redirect http://kubrick.fruella.com “https://secure3.paymelater.net/csr/default.asp”
Redirect http://kubrick “https://secure3.paymelater.net/csr/default.asp”
Redirect http://epay.fruella.com “https://secure3.paymelater.net/fruella/”
Redirect http://epay.fruelladev.com “https://secure3.paymelater.net/fruella/”
Redirect http://epay “https://secure3.paymelater.net/fruella/”
Redirect 301 epay “https://secure3.paymelater.net/fruella/”
RedirectPermanent epay “http://www.gooboodle.com”
RedirectPermanent e-pay “http://www.gooboodle.com”
These will not work:
Redirect http://kubrick “https://secure3.paymelater.net/csr/default.asp”
Redirect http://epay “https://secure3.paymelater.net/fruella/”
Redirect 301 epay “https://secure3.paymelater.net/fruella/”
RedirectPermanent epay “http://www.gooboodle.com”
RedirectPermanent e-pay “http://www.gooboodle.com”
The reason that these won’t work is because you aren’t giving them a URL or URI to redirect. A proper 301 redirect (which is the most common type, and properly what you need) is as such:
Redirect 301 / http://www.example.com
This will take the root of the site (“/”) and redirect it to www.example.com. So, if your site is domain.com, and you visit domain.com in a browser, you’ll be redirected to www.example.com. The URL in the browser will change, and a new request to Apache is made for www.example.com.
If you have a particular page that needs to be redirected, the syntax would be similar:
Redirect 301 /store/secure/checkout.php http://www.paymesometime.com/
… or something similar to that.
This will take requests for domain.com/store/secure/checkout.php and redirect them accordingly.
Through webmin, you want to configure these as follows:
The first case:
From: /
Status: 301
To: http://www.example.com
The second case:
From: /store/secure/checkout.php
Status: 301
To: http://www.paymesometime.com/
Alternatively, in the “From:” section, you can specify a full URL, similar to the “To:” section, but I would recommend that it is easier to read them if you differentiate the syntax.
As for the entries in your configuration, here is an outline of what’s incorrect:
Incorrect:
Redirect http://kubrick.fruella.com “https://secure3.paymelater.net/csr/default.asp”
Correction:
Redirect 301 http://kubrick.fruella.com “https://secure3.paymelater.net/csr/default.asp”
You have provided a URL to redirect from (you could substitute with “/” in this case, because it’s the base URI). You have specified a URL to redirect to. You have NOT, however, provided a status. If this rule is updated in webmin with a “Status:” of 301, then it will work.
Incorrect:
Redirect http://kubrick “https://secure3.paymelater.net/csr/default.asp”
Correction:
Redirect 301 http://kubrick.fruella.com “https://secure3.paymelater.net/csr/default.asp”
This is incorrect because there is no status and because http://kubrick is not a fully qualified domain name.
Incorrect:
Redirect 301 epay “https://secure3.paymelater.net/fruella/”
Correction:
Redirect 301 / “https://secure3.paymelater.net/fruella/”
All of the parts including From:, To:, and Status: are here, but “epay” is neither a URI (which begins with a “/” character) nor a fully qualified domain name.
Redirects will be evaluated top to bottom, so if you have more than one that matches (such as two that redirect from “/” to another URL) then only the first will be effective, and the second is unnecessary.
This should be enough to get you started with redirects in Apache.
/cs
whatismyip.org seems to be down…
Dec 12th
. . . so i created myip.ozymo.com which does the same thing:
$ curl myip.ozymo.com
64.39.19.8
Sometimes it’s nice to get just the IP returned without all the fluff.
/cs
Clean out your Postfix Queue
Dec 9th
Hello, all!
I just had to clean out a Postfix queue, and came up with this little
oneliner:
for i in `postqueue -p | grep -B1 ’450\|451\|452\|421\|server dropped connection\|Connection refused\|Connection timed out\|Host not found\| Blacklisted\|DELETED\|PTR\|reverse dns\|refused to talk\|No route to host\|while sending\|timed out\|timeout\|root’ | grep ^[0-9A-G] | cut -d’ ‘ -f1`; do postsuper -d $i; done
It really does the trick. Make sure that if you copy it above, you
check the input. WordPress does some funny things to dashes and
whitespace sometimes.
/cs