Sunday, December 18, 2011
I love my computer again - Linux Mint
Monday, October 10, 2011
Delete un-approved comments in Drupal7
The story is like this, while managing the drupal7 instance for fedoraproject.ro I kinda saw 900+ un-approved comments that where most likely spam. Not wanting to scroll thru all the pages and select/delete each comment I found the below very convenient solution :
1. Backup the drupal7 db table used for comments :
mysqldump -u -p drupal_database comment > comment_table1.sql
or the entire database
mysqldump -u -p drupal_database > drupal_database.sql
2. Remove all of the un-approved ones :
- additional step here is to check the exact status of what you are deleting :
select * from comment where status=0 limit =10;
delete from comment where status=0;
3. Check the website, and probably enable/install captcha, or have some notifications setup for each comment added.
1. Backup the drupal7 db table used for comments :
mysqldump -u -p drupal_database comment > comment_table1.sql
or the entire database
mysqldump -u -p drupal_database > drupal_database.sql
2. Remove all of the un-approved ones :
- additional step here is to check the exact status of what you are deleting :
select * from comment where status=0 limit =10;
delete from comment where status=0;
3. Check the website, and probably enable/install captcha, or have some notifications setup for each comment added.
Monday, October 3, 2011
Removing comments from configuration files with sed
Using the below one liner I do what the $subject of the post says:
sed -e '/^;/d' -e '/^$/d' /etc/php.ini > /tmp/php.ini-stripped
-e '/^;/d' -- deletes the lines starting with ; and this can be changed to # of course;
-e '/^$/d' / -- deletes the white lines resulted after the above command;
sed -e '/^;/d' -e '/^$/d' /etc/php.ini > /tmp/php.ini-stripped
-e '/^;/d' -- deletes the lines starting with ; and this can be changed to # of course;
-e '/^$/d' / -- deletes the white lines resulted after the above command;
Tuesday, July 19, 2011
Apache Chrootdir
This week I was thing to write about the Apache web server, and things you can do with the version supplied by the rpm package in Centos or Fedora latest.
The feature of the today is Chrootdir available from Apache version 2.2.10 and as the manual says you will need to do some work to get PHP and CGI functional. This directive helps along with mod_evasive, mod_security or mod_selinux (why is this not packaged in Centos ?) in boosting your web services directly exposed to the internet.
First thing check your apache version:
[root@node1 conf]# httpd -v
Server version: Apache/2.2.15 (Unix)
Server built: Jul 7 2011 11:30:37
Second thing edit the apache configuration file and add the directive Chrootdir and pick a directory like so:
Chrootdir /srv
Now my httpd.conf file is the basic one so DocumentRoot is /var/www/html thus I would need to create that inside of my /srv directory to get things serving. As root create it:
mkdir -p /srv/var/www/html
To see some php in action with this setup just do the classic index.php with the phpinfo(); inside and place that under /srv/var/www/htm. Ok this would be enough to run php, but after some googeling I found some advices about modifying php.ini moreover session.save_path. So it might worth looking into more php config customizations before going productive.
The last thing is the SELinux config, as just disabling it would defeat my point, now what I recommend is either to run it in permissive mode or disable it temporarily do the config and enable it. To run SELinux in permissive mode just edit the /etc/selinux/config and reboot, or disable it TEMPORARILY for httpd by setsebool -P httpd_disable_trans 1, or disable it TEMPORARILY altogether with setenforce 0 (not f*** advisable). To get the current status of your SELinux settings just use one of the commands getenforce or sestatus, again I do not understand why we need more than one command to do our SELinux thingies ?
Now as the Fedora wiki page says the label we should apply to our web content is httpd_sys_content_t, this is done by one or more commands:
chcon -v --type=httpd_sys_content_t /srv/
Is the one that makes more sense for me as is similar to the other chmod and chown commands.
The output will be something similar to the one below and sealert/audit log (/var/log/audit/audit.log) should not bitch anymore about any context errors.
changing security context of `/srv/var/www/html/index.php'
changing security context of `/srv/var/www/html'
changing security context of `/srv/var/www'
changing security context of `/srv/var'
changing security context of `/srv/'
The feature of the today is Chrootdir available from Apache version 2.2.10 and as the manual says you will need to do some work to get PHP and CGI functional. This directive helps along with mod_evasive, mod_security or mod_selinux (why is this not packaged in Centos ?) in boosting your web services directly exposed to the internet.
First thing check your apache version:
[root@node1 conf]# httpd -v
Server version: Apache/2.2.15 (Unix)
Server built: Jul 7 2011 11:30:37
Second thing edit the apache configuration file and add the directive Chrootdir and pick a directory like so:
Chrootdir /srv
Now my httpd.conf file is the basic one so DocumentRoot is /var/www/html thus I would need to create that inside of my /srv directory to get things serving. As root create it:
mkdir -p /srv/var/www/html
To see some php in action with this setup just do the classic index.php with the phpinfo(); inside and place that under /srv/var/www/htm. Ok this would be enough to run php, but after some googeling I found some advices about modifying php.ini moreover session.save_path. So it might worth looking into more php config customizations before going productive.
The last thing is the SELinux config, as just disabling it would defeat my point, now what I recommend is either to run it in permissive mode or disable it temporarily do the config and enable it. To run SELinux in permissive mode just edit the /etc/selinux/config and reboot, or disable it TEMPORARILY for httpd by setsebool -P httpd_disable_trans 1, or disable it TEMPORARILY altogether with setenforce 0 (not f*** advisable). To get the current status of your SELinux settings just use one of the commands getenforce or sestatus, again I do not understand why we need more than one command to do our SELinux thingies ?
Now as the Fedora wiki page says the label we should apply to our web content is httpd_sys_content_t, this is done by one or more commands:
chcon -v --type=httpd_sys_content_t /srv/
Is the one that makes more sense for me as is similar to the other chmod and chown commands.
The output will be something similar to the one below and sealert/audit log (/var/log/audit/audit.log) should not bitch anymore about any context errors.
changing security context of `/srv/var/www/html/index.php'
changing security context of `/srv/var/www/html'
changing security context of `/srv/var/www'
changing security context of `/srv/var'
changing security context of `/srv/'
Sunday, July 17, 2011
More then basic Centos 6 install
If anyone is still installing Centos 6 boxes in a manual fashion using the dvd or the netinstall isos this article will help with some of the menus of what to select.
1.While booting from your dvd/usb stick the first screen is the following. Just pick the "Install or upgrade an existing system". I do not know why they say upgrade as upgrades from 5 to 6 is not officially supported as far as I know.
Kernel loading screen:
2. Skip the media test dialog screen by choosing "Skip":
3. In my case the media is a dvd iso thus the following screen:
4. Initial menu after everything is loaded, just hit "Next" (doooh):
5. Select the language used for the install process, I normally pick the default here:
6. The keyboard layout, again the default for me:
7. I'm using an internal local disk so "Basic Storage Devices":
8. Confirm the hard drive initialization :
9. In the following screen two very important things can be setup the hostname of the server and the why the network will behave after install. I really hate it that eth0 is not used as default after install both for servers and desktops, the next following screens will detail how to fix that.
Here select "Connect automatically" and "Available to all users"
10. Select your time zone either by using the drop down list or using the map:
11. Type in your root passwords (make it as secure as possible or you will see an warning) :
12. Now the fun part about setting up the partitions:
13. From the full disk space first we will create a /boot partition as grub can only boot your os from standard partitions.
14. Let's make it primary (by default the first four are, but I like to tick that box anyway), ext4 for a filesystem and a fixed size of 250 MB, next two slides:
15. Now if this is going to be a server the real important data will reside on some data storage box (isci, nfs comes to mind here), or even on a spare disk/raid and will get attached later on. The next slide will partition the reaming of the internal OS disk using LVM.
16. Allocate the the maximum amount of availible space to the physical volume.
17. Now normally I create a volume group for the OS and a volume group for the data, this is the first one:
18. As a naming convention is use vg_os or something similar and for the partitions LogVolRoot/Tmp/Swap/Home/Var and so on:
19. The partition sizes here would reflect a normal medium size web server and are just representative and this depends so much on what the server will "serve".
20. This warning is because my disk was really blank:
21. If nothing else comes to mind you can commit the changes made:
22. One interesting setting in the menu below is the grub password you can setup:
23. Here it comes, the packages that are going to be installed on your system determining your why of using the server:
24. You can customize the package selection:
25. In the "Web Services" group select "PHP Support" and "Web Server":
26. From the "Databases" group pick the mysql client and server:
27. Packages dependencies are checked in the picture below:
28. The install process:
29. Reboot the server into your newly installed OS:
30. Choosing the "Minimal" installation will save us the first boot menu:
31. Before doing anything else update your system:
This is the first draft of this article, I will update it with some more comments on the installation process.
1.While booting from your dvd/usb stick the first screen is the following. Just pick the "Install or upgrade an existing system". I do not know why they say upgrade as upgrades from 5 to 6 is not officially supported as far as I know.
Kernel loading screen:
2. Skip the media test dialog screen by choosing "Skip":
3. In my case the media is a dvd iso thus the following screen:
4. Initial menu after everything is loaded, just hit "Next" (doooh):
5. Select the language used for the install process, I normally pick the default here:
6. The keyboard layout, again the default for me:
7. I'm using an internal local disk so "Basic Storage Devices":
8. Confirm the hard drive initialization :
9. In the following screen two very important things can be setup the hostname of the server and the why the network will behave after install. I really hate it that eth0 is not used as default after install both for servers and desktops, the next following screens will detail how to fix that.
Here select "Connect automatically" and "Available to all users"
10. Select your time zone either by using the drop down list or using the map:
11. Type in your root passwords (make it as secure as possible or you will see an warning) :
12. Now the fun part about setting up the partitions:
14. Let's make it primary (by default the first four are, but I like to tick that box anyway), ext4 for a filesystem and a fixed size of 250 MB, next two slides:
15. Now if this is going to be a server the real important data will reside on some data storage box (isci, nfs comes to mind here), or even on a spare disk/raid and will get attached later on. The next slide will partition the reaming of the internal OS disk using LVM.
16. Allocate the the maximum amount of availible space to the physical volume.
17. Now normally I create a volume group for the OS and a volume group for the data, this is the first one:
18. As a naming convention is use vg_os or something similar and for the partitions LogVolRoot/Tmp/Swap/Home/Var and so on:
19. The partition sizes here would reflect a normal medium size web server and are just representative and this depends so much on what the server will "serve".
20. This warning is because my disk was really blank:
21. If nothing else comes to mind you can commit the changes made:
22. One interesting setting in the menu below is the grub password you can setup:
23. Here it comes, the packages that are going to be installed on your system determining your why of using the server:
24. You can customize the package selection:
25. In the "Web Services" group select "PHP Support" and "Web Server":
26. From the "Databases" group pick the mysql client and server:
27. Packages dependencies are checked in the picture below:
28. The install process:
29. Reboot the server into your newly installed OS:
30. Choosing the "Minimal" installation will save us the first boot menu:
31. Before doing anything else update your system:
This is the first draft of this article, I will update it with some more comments on the installation process.
Thursday, July 14, 2011
Funky terminals
Answering Nicu's meme about more fun terminal windows - this one is mine :
This is a ubuntu server that is using the getquote.php script to update the motd.
---
require_once 'rss_php.php';
$rss = new rss_php;
$rss->load('http://www.quotedb.com/quote/quote.php?action=random_quote_rss');
$rssitems = $rss->getItems();
if ($rssitems) {
// print_r($rssitems);
echo $rssitems[0]['description'].' :: '.$rssitems[0]['title']."\n";
}
?>;
And the rss_php.v1.zip.
Later edit after Nicu's comment :
This is a ubuntu server that is using the getquote.php script to update the motd.
---
require_once 'rss_php.php';
$rss = new rss_php;
$rss->load('http://www.quotedb.com/quote/quote.php?action=random_quote_rss');
$rssitems = $rss->getItems();
if ($rssitems) {
// print_r($rssitems);
echo $rssitems[0]['description'].' :: '.$rssitems[0]['title']."\n";
}
?>;
And the rss_php.v1.zip.
Later edit after Nicu's comment :
Wednesday, July 13, 2011
Multimedia stack Centos 6
Continuing my Centos 6 trip, (as Fedora 15 is un-usable by my standards) tonight I'm following a tip to use elrepo for hardware support and rpmforge for video codecs and my favorite media player - vlc.
Well to install rpmforge and elrepo is rather easy just do a :
rpm -Uvh http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm more details can be found here
rpm -Uvh http://elrepo.org/elrepo-release-6-4.el6.elrepo.noarch.rpm or here
Now to get codecs working just try to play any of your video media with "Totem Movie Player" and because somewhere in Fedora we had packagekit with gstreamer support (good call about that one) you will see a search box like the one below. Supply the root password to install them and magic you'll be able to play your videos.
Well if you feel that this is not enough you can take the experts advice and yum install everything, this way you will not miss anything :
yum install compat-libstdc++-33 libdvdcss libdvdread libdvdplay libdvdnav lsdvd libquicktime --skip-broken
yum install flash-plugin mplayerplug-in mplayer mplayer-gui gstreamer-ffmpeg gstreamer-plugins-bad gstreamer-plugins-ugly
Moving to the hardware bit, last night I managed to get my funky wireless going, but thru an ugly compile hack. I got a tip today about elrepo and looking at the driver version that they offer you can find support for ati, nvidia and ntfs.
Broadcom BCM4313 the wireless driver that i needed is not by default offered by them (i guess legal issues) but they are explaining how to use the src.rpm to compile it yourself, with a bit more elegance then the way I've done it. You can read all about it here.
Well to install rpmforge and elrepo is rather easy just do a :
rpm -Uvh http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm more details can be found here
rpm -Uvh http://elrepo.org/elrepo-release-6-4.el6.elrepo.noarch.rpm or here
Now to get codecs working just try to play any of your video media with "Totem Movie Player" and because somewhere in Fedora we had packagekit with gstreamer support (good call about that one) you will see a search box like the one below. Supply the root password to install them and magic you'll be able to play your videos.
Well if you feel that this is not enough you can take the experts advice and yum install everything, this way you will not miss anything :
yum install compat-libstdc++-33 libdvdcss libdvdread libdvdplay libdvdnav lsdvd libquicktime --skip-broken
yum install flash-plugin mplayerplug-in mplayer mplayer-gui gstreamer-ffmpeg gstreamer-plugins-bad gstreamer-plugins-ugly
Moving to the hardware bit, last night I managed to get my funky wireless going, but thru an ugly compile hack. I got a tip today about elrepo and looking at the driver version that they offer you can find support for ati, nvidia and ntfs.
Broadcom BCM4313 the wireless driver that i needed is not by default offered by them (i guess legal issues) but they are explaining how to use the src.rpm to compile it yourself, with a bit more elegance then the way I've done it. You can read all about it here.
Fstab and bind mounts
Problem : you want to put in fstab a mount that uses bind
Answer : /var/ftp/pub/ /home/vftp/pubftp/download/ bind defaults,bind 0 0
Answer : /var/ftp/pub/ /home/vftp/pubftp/download/ bind defaults,bind 0 0
Control interface link speed
The problem : some one needs the speed autonegotiation off and the 1GB full duplex on one interface.
Solution : found here , edit ifcfg-eth1 and add the line below and restart the network service :
ETHTOOL_OPTS="speed 1000 duplex full autoneg off"
Solution : found here , edit ifcfg-eth1 and add the line below and restart the network service :
ETHTOOL_OPTS="speed 1000 duplex full autoneg off"
Subscribe to:
Posts (Atom)