Install and configure firewall on CentOS

First one have to install

yum install system-config-securitylevel

Now start this little tool

/usr/bin/system-config-securitylevel

and adapt settings as needed.

The configuration is saved in

/etc/sysconfig/iptables-config

and

/etc/sysconfig/iptables-config

To test new rules restart the service

service iptables restart ; sleep 20 ; service iptables stop

Take a look, we wait for 20 seconds and stop the service automatically.

Just in case one of the rule fails and system access is blocked.

Did it work for you. Just drop a comment.

PHP xdebug Problem Ubuntu 10.4 Lucid Lynx

Once you've a running php installation on your Ubuntu 10.4 you may want to add xdebug to it.

It's simple as pie with one pitfall in it.

Just type

apt-get install php5-xdebug

After that you have to add these lines to your php.ini

display_error = On
html_errors = On

xdebug.profiler_enable = 1
xdebug.profiler_output_name = cachegrind.out.%R
xdebug.profiler_output_dir = "/tmp/"


to get it work. Restart your HTTP-daemon to make changes take effect.

e.g.

/etc/init.d/apache2 restart

And check out

apt-get install kcachegrind

to handle the xdebug logs in /tmp

Did it work for you? Just drop a comment.

Monitor DRBD state with bash shell script

I do monitor the state of my drbd discs with a simple shell script. If the state is not up to date i'll get informed by email. This is a good idea - the network connection can come down (i'd this issue several times in the last years).

Here is the output of my DRBD kernel module:

root@server:~# cat /proc/drbd
version: 8.2.6 (api:88/proto:86-88)
0: cs:Connected st:Primary/Secondary ds:UpToDate/UpToDate C r---
ns:30607944 nr:0 dw:29555272 dr:16521929 al:29175 bm:274 lo:0 pe:0 ua:0 ap:0 oos:0
1: cs:Connected st:Secondary/Primary ds:UpToDate/UpToDate C r---
ns:0 nr:60660364 dw:60660364 dr:0 al:0 bm:160 lo:0 pe:0 ua:0 ap:0 oos:0

It's simple to grep out the state of the 2 discs and send a email. Run this as cronjob.

#!/bin/bash

status=$(egrep "(Primary\/Secondary|Secondary\/Primary)" /proc/drbd | egrep -o UpToDate/UpToDate | wc -l)

if [ ! $status -eq 2 ] ; then
mutt -s "DRBD-state wrong - Cluster Node $(hostname)" info@domain.tld </dev/null
fi

SpamAssassin 3.3.0 on Ubuntu Karmic 9.10

I did an update for my Spamassassin installation to version 3.3.0 here on my Ubuntu Karmic Kaola 9.10 driven mail server.

Spamassassin and spamd were already installed via aptitude. Here is what the version query shows:

spamassassin -V
SpamAssassin version 3.2.5
running on Perl version 5.10.0

spamd -V
SpamAssassin Server version 3.2.5
running on Perl 5.10.0
with zlib support (Compress::Zlib 2.011)

A short check shows the location of both files.

which spamassassin spamd
/usr/bin/spamassassin
/usr/sbin/spamd

So i had to do these steps:

Enable perl to compile the new version of the spamassassin filter

aptitude install build-essential

Now wget the tarball, untar it, change to the extracted directory and do

perl Makefile.PL
make
make install

Remove orginal spamassassin

apt-get remove spamassassin

and link the newly created files

ln /usr/local/bin/spamd /usr/sbin/spamd
ln /usr/local/bin/spamc /usr/bin/spamc
ln /usr/local/bin/spamassassin /usr/bin/spamassassin

Finally fetch the new rule set

sa-update -D

and restart the daemon if enabled in /etc/default/spamassassin

/etc/init.d/spamassassin restart

Final checks:

spamassassin --lint

Ok - no messages. Now call it directly - type some text and finish with "Ctrl-D"

spamassassin

type some text

Ctrl-D

You should see a typical spamassassin log.

And a version check:
spamassassin --version
SpamAssassin version 3.3.0
running on Perl version 5.10.0

spamd --version

SpamAssassin Server version 3.3.0
running on Perl 5.10.0
with zlib support (Compress::Zlib 2.011)

And check for the hard link create above - the "2" in the 2nd colon of the directory listing
indicates a hard link.

ls -la /usr/bin/
spamassassin
-r-xr-xr-x 2 root root 29620 2010-01-28 19:27 /usr/bin/spamassassin

ls -la /usr/sbin/spamd

-r-xr-xr-x 2 root root 105334 2010-01-28 19:27 /usr/sbin/spamd

Is spamd up and running?

pgrep spamd
15192
15193
15194

Did it work for you - any comments? Drop them here!


vnstat on OpenBSD self compiled

To compile vnstat for my OpenBSD i did following simple steps:

Define the server were pkg_add gets it packages from. As the line indicates it is for OpenBSD 4.5.

export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/4.5/packages/i386/

Install the wget package to be able to download the vnstat sources.

pkg_add wget

Retrieve the source tar ball.

wget http://humdi.net/vnstat/vnstat-1.10.tar.gz

Unpack the tar ball verbosely.

tar xvfz vnstat-1.10.tar.gz

Now change to the extracted directory.

cd vnstat-1.10

Install package gmake to be able to compile the stuff.

pkg_add gmake

Compile the sources - binary is created in subdirectory "src".

gmake -C src vnstat

Copy the generated binary to a place found in $PATH.

cp src/vnstat /usr/bin/.

Create the directory for vnstats collected data

mkdir /var/db/vnstat

Initialize the interface vnstat has to collect for

vnstat -u -i


And add a line to your crontab:

*/5 * * * * /usr/bin/vnstat -u

Don't forget restart/SIGHUP the cron daemon.

Wait a few minutes to give vnstat the chance to collect data and try

vnstat -i -h

That's all - did it work for you? Just drop your comments here.

ClassNotFoundException XPrintable - GroupLayout

A Java software did not start with following error message in the console window

Caused by: java.lang.ClassNotFoundException:com.sun.star.view.XPrintable

I fixed that with

sudo apt-get install openoffice.org-dev

The next start produced a different error

Caused by: java.lang.ClassNotFoundException: javax.swing.GroupLayout

The way to fix this is

sudo update-alternatives --config java

and to choose the correct java path - for me worked

/usr/lib/jvm/java-6-sun/jre/bin/java

That's all. Comments on this? Please drop them here...

Windows 7 "copy to" user profile button disabled

I had to join Windows 7 clients to a Samba domain. After joining the domain i wanted to copy users old local profile to the roaming profile share on the file server using the "copy button" in the user profile management. But this button was grayed out/disabled for all profiles but the standard profile.

There is a piece of software that will enable this button again.


Simply download
"Windows enabler" und start it as system administrator (right click on programs symbol) on the box where you want to copy the local user profile to the roaming profile. Go to the system tray and activate the "windows enabler". Now the "copy to" button gets enabled once you click on it.

Hint: You need to copy the user profile to the corresponding directory on the file server with a ".V2" extension, e.g. "\\server\profiles\username.V2" or where your roaming profiles are configured to point to.

Have fun! Did it work for you? Drop your comment...