Jonas Genannt - debian

Playing with nginx

nospam@example.com (Jonas Genannt) — Fri, 11 Sep 2009 23:51:32 +0200

Playing with nginx. Here are some random hints:

1.) nginx with php:

/usr/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -u www-data -g www-data -f "/usr/bin/php-cgi -c /etc/php5/cgi/php-nginx.ini" -P /var/run/fcgi-php.pid

2.) Deny access to .svn directories:

location ~ \.svn { deny all; }

3.) rewrite urls

if ( !-f $request_filename ) {
rewrite ^/images/([A-Za-z]+)\/(.*)$ /images/default/$2 break;
}

The rewrite rule will redirect /images/bar/foo.png if it does not exists to /images/default/foo.png

spwan-fcgi is included in the lighttpd package if you are using lenny. On squeeze and sid spawn-fcgi is an standalone package!

Updated CLI packages from 3Ware

nospam@example.com (Jonas Genannt) — Sat, 06 Jun 2009 16:10:39 +0200

I have updated my 3Ware CLI debian packages.

Now version 9.5.2 is available on jonas.genannt.name.

converting filenames from ISO-8859-15 to UTF-8

nospam@example.com (Jonas Genannt) — Mon, 01 Jun 2009 15:32:18 +0200

Useful links for converting filenames from one encoding to another:

http://www.j3e.de/linux/convmv/

http://hektor.umcs.lublin.pl/~mikosmul/computing/articles/linux-unicode.html

convmv is also available at debian. But I suggest you to use alway the newest version of convmv.

convmv, recursively converting filenames from ISO-8859-15 to UTF-8:

convmv -r --notest -f ISO-8859-15 -t UTF-8 /home

Updated user_mgmt script - Passwd::Unix

nospam@example.com (Jonas Genannt) — Sat, 25 Apr 2009 00:53:34 +0200

I have uploaded an new version of my linux user management script. This new version fixes an Passwd:Unix bug - The library has got an problem with the umask. You can download it on jonas.genannt.name.

You may have noticed that the perl library Passwd::Unix is not available at debian lenny. I have created an ITP #525340 to upload Passwd::Unix into debian.

If my packages passes the NEW-Queue I will create an backport for lenny and upload it to backports.org.

Debian Lenny - libnss-ldap udev

nospam@example.com (Jonas Genannt) — Tue, 14 Apr 2009 21:29:26 +0200

If you are using libnss-ldap to connect to your LDAP server it's possible that you get the following message on startup

Can't contact LDAP server udevd[374]: nss_ldap: failed to bind to LDAP server ldaps://foo.bar:
Can't contact LDAP server udevd[374]: nss_ldap: could not connect to any LDAP server as (null) -
Can't contact LDAP server udevd[374]: nss_ldap: failed to bind to LDAP server ldaps://foo.bar:
Can't contact LDAP server

This is an known problem, please have a look at the debian BTS: #375215, #375077, #375215

To get it working, you have to add bind_policy soft to /etc/libnss-ldap.conf.

RCS version control number in Cfengine

nospam@example.com (Jonas Genannt) — Tue, 03 Feb 2009 19:31:03 +0100

If you are using Cfengine and use RCS to store your cfagent.conf file, you could use your RCS version control number inside Cfengine.

Example on editfiles:

{ /etc/screenrc
Append "#CFEngine: $(RCSRev)"
Append "vbell off"
}

The $(RCSRev) will hold the current RCS version number. So you will distribute the version of cfagent.conf in your files.

I had some problems to get this working, therefore an little guide for other guys around the net:

Precondition: cfagent.conf is controlled via SVN

Add the following code to your control selection:

RCSRev = ( ExecShellResult("/bin/echo \"$Id: $\" | /usr/bin/cut -f3 -d \" \" " ) )

Save your cfagent.conf and run svn propset svn:keywords "Id" cfagent.conf && svn -m "RCS" commit cfagent.conf.

This command tells subversion that svn should replace $Id: $ with the current RCS version and commit it.

If you open your cfagent.conf again, you will notice that the line above changed to:

RCSRev = ( ExecShellResult("/bin/echo \"$Id: cfagent.conf 20 2009-02-03 18:21:33Z jonas $\" | /usr/bin/cut -f3 -d \" \" " ) )

That's all - you can now use $(RCSRev) inside your cfagent.conf.

Updated 3dm2 packages from 3Ware

nospam@example.com (Jonas Genannt) — Thu, 06 Nov 2008 22:34:16 +0100

I have updated my 3Ware 3dm2 debian packages.

Please have a look at: jonas.genannt.name.

Packaging these 3DM2 software was the same shit like the versions before - I was not able to install the 32bit Java package from 3ware.com to an normal debian lenny system.

I have informed 3Ware three times about this problem - they are always telling me 'Thanks, We will have a look at this problem'. I have received my last email from 3Ware on 25 Sep 2008 with the body 'Will check', after this email nothing! But the installer bug is included into the newest version again.

So - have fun with my packages

webalizer IPv6 addresses

nospam@example.com (Jonas Genannt) — Sun, 21 Sep 2008 14:27:50 +0200

If you are using IPv6, you know that webalizer truncates IPv6 addresses, this is very bad for the statistics.

The IPv6 patch is available at #452259.

I have included the patch and rebuild the package for etch. You can download the debian package at jonas.genannt.name.

Debian Repository for 3Ware packages

nospam@example.com (Jonas Genannt) — Sat, 13 Sep 2008 13:48:46 +0200

I have set up an Debian Repository for my 3Ware packages. You can now install your 3dm2 and cli packages via apt.

Add the following line to your sources.list:

deb http://jonas.genannt.name/debian etch restricted

For testing aka Lenny you have to replace etch with lenny.

This repository is signed with my GPG key (0xB616FFFA), you should add my key in your apt-keyring:

wget -O - http://jonas.genannt.name/debian/jonas_genannt.pub | apt-key add -

Updated 3dm2 packages from 3Ware

nospam@example.com (Jonas Genannt) — Mon, 08 Sep 2008 19:24:55 +0200

I have updated my 3Ware 3dm2 debian packages.

Now version 9.5.1 is available on jonas.genannt.name.

Updated CLI packages from 3Ware

nospam@example.com (Jonas Genannt) — Thu, 04 Sep 2008 19:54:42 +0200

I have updated my 3Ware CLI debian packages.

Now version 9.5.1 is available on jonas.genannt.name.

IPMI - Dell BMC isol with ipmitool

nospam@example.com (Jonas Genannt) — Fri, 29 Aug 2008 23:06:01 +0200

If you want to use isol with debian etch ipmitool and your Dell BMC card, please have a look at #412816.

You have to use ipmitool from lenny or sid to get isol working...

Updated 3dm2 packages from 3Ware

nospam@example.com (Jonas Genannt) — Fri, 29 Aug 2008 22:47:09 +0200

I have updated my 3Ware 3dm2 debian packages.

Now version 9.5.0.1 is available on jonas.genannt.name.

Debian - Dell OMSA SNMP

nospam@example.com (Jonas Genannt) — Wed, 14 May 2008 14:20:44 +0200

If you would like to use SNMP to monitor your dell server with OMSA (server administrator) installed, you have to configure your local SNMPd.

First you have to enable SNMP on OMSA:

/etc/init.d/dataeng enablesnmp

Than restart your Data Engine System from OMSA:

/etc/init.d/dataeng restart

You can now install the snmp daemon from debian:

apt-get install snmpd

SNMPd should listen to all interfaces. You can configure this at /etc/default/snmpd

Please note, that you have to remove the entry -I -smux, because OMSA uses snmp smux for communicating with the SNMP daemon.

The following snmpd.conf is tested to work with OMSA:

com2sec local localhost public
com2sec watchdog 192.168.168.0/24 public
smuxsocket 127.0.0.1
smuxpeer .1.3.6.1.4.1.674.10892.1
group MyRoGroup v2c local
group MyRoGroup v2c watchdog
view all included .1
access MyRoGroup "" any noauth exact all none none

Now restart the snmpd and install also the dell mibs. You can find the mibs in /opt/dell/.

After the restart you can walk throw your SNMP tables:

snmpwalk -v2c -c public localhost 1.3.6.1.4.1.674.10893

If you want to monitor the health of your server I can suggest you the following nagios plugin:

check_omsa_snmp.pl - this plugin checks temperature,voltage, Power Supply and Cooling Devices

Clamav daemon on etch - long startup time

nospam@example.com (Jonas Genannt) — Thu, 15 Nov 2007 21:51:13 +0100

If you are running clamav daemon on debian etch, and your clamav daemon takes up to 3-4 minutes to create the unix socket and the pid file, don't despair it's an clamav bug.

While you are running clamav with amavis this bug can be very annoying:

amavis[22480]: (21470-02) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket

If you strace your clamv on the startup time you get many of these messages:

read(10, "n.Downloader-14249\n29184:5d2a569"..., 4096) = 4096
read(10, "15872:15a82a8cbbb437f9249c944391"..., 4096) = 4096
read(10, "a6288c61679d87f00:Trojan.Bancos-"..., 4096) = 4096
read(10, "db2a:Trojan.IRCBot-1189\n24576:5e"..., 4096) = 4096

The clamav version is debian etch is 0.90.1.
The bug is fixed in version 0.91rc2. So you could use the backports.org packages (0.91.2).