All Entries in the "Operating Systems" Category

Ubuntu Remote Desktop – multiple users

When I got my new dedicated server setup with Ubuntu server 12.04 LTS, I wanted to use it both for website hosting and multiple users remote desktop work.
It took me some time to arrange all the steps to have the above completed, and as far as the hosting part was pretty easy, the multiple Ubuntu users desktop setup needed some jugs of coffee before start working as I wanted it.

So, I presume you have logged in to your server with some user already, so we will stat with updating the system:

sudo apt-get update

1	sudo apt-get update

Next, as I want all Gnome desktop features, will install it completely with:

sudo apt-get install ubuntu-desktop

1	sudo apt-get install ubuntu-desktop

Unity looks fancy, but I want the old Gnome panel, and I do not need “compiz”, so:

sudo apt-get remove compix unity

sudo apt-get install gnome-panel

sudo apt-get remove compix unity

sudo apt-get install gnome-panel

Next what we need is a VNC server.

sudo apt-get install vnc4server

1	sudo apt-get install vnc4server

The tricky part here is that you have to create several configuration files for the Ubuntu Remote Desktop user. This is really time consuming if you have to read all the settings and creating the files by yourself.

It is more easy to start the VNC server which will create the files automatically:

vnc4server :2

1	vnc4server :2

You will be asked for a password so enter it, and then kill the server as we have to make some configuration changes:

vnc4server -kill :2

1	vnc4server -kill :2

Edit the xstartup configuration file:

vi .vnc/xstartup

1	vi .vnc/xstartup

And make it looks like this:

#!/bin/sh

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
x-window-manager &
gnome-panel &
gnome-session &

#!/bin/sh

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup

[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources

xsetroot -solid grey

vncconfig -iconic &

x-window-manager &

gnome-panel &

gnome-session &

Now you can start the vnc server with this:

vnc4server :2 -geometry 1024x768 -depth 24

1	vnc4server :2 -geometry 1024x768 -depth 24

Certainly you can change the settings if you want different Remote Desktop geometry.

Now use your preferred VNC client – http://remmina.sourceforge.net/ (Linux) and http://www.tightvnc.com/download.php (Windows) are my suggestions – and connect to the Ubuntu Remote Desktop server using x.x.x.x:2 as (:2) is the number of display used to run for the client. If you have more than one running you should use different number at the end.

As I saying different desktops, I am going to add another user to my Ubuntu Remote Desktop server.
For this I will need to repeat the above steps for creating (and starting) the VNC profile for each user. This one is not yet automatically implemented, but it is not a big deal.
First I will add another user:

sudo adduser newuser

1	sudo adduser newuser

Complete the several steps for creating the user which is including creating the password and user personal information.
(A little trick when you want to add user with administrative privileges is to type the command as : adduser admin
)
Then start the VNC server once to create the VNC password:

sudo su newuser vnc4server :3
sudo su newuser vnc4server -kill :3

1 2	sudo su newuser vnc4server :3 sudo su newuser vnc4server -kill :3

Open VNC startup file for the ‘newuser’

sudo vi /home/newuser/.vnc/xstartup

1	sudo vi /home/newuser/.vnc/xstartup

And paste the same configuration as for the first user:

#!/bin/sh

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
x-window-manager &
gnome-panel &
gnome-session &

#!/bin/sh

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup

[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources

xsetroot -solid grey

vncconfig -iconic &

x-window-manager &

gnome-panel &

gnome-session &

Save the file and start the service

sudo su newuser vnc4server :3 -geometry 1024x768 -depth 24

1	sudo su newuser vnc4server :3 -geometry 1024x768 -depth 24

Now using VNC client you can connect to the new user Desktop as going to x.x.x.x:3 address.

The next step is to automate a little bit the start-up precess for these Ubuntu Remote Desktop users. Otherwise you have to start vnc4server for each user when the server is rebooted.

So, switch to root (it is just more easier) and then create vncserver folder and create file as vncservers.conf:

sudo su -
mkdir -p /etc/vncserver
vi /etc/vncserver/vncservers.conf

sudo su -

mkdir -p /etc/vncserver

vi /etc/vncserver/vncservers.conf

Inside put the following massive:

VNCSERVERS="2:user 3:newuser"
VNCSERVERARGS[2]="-geometry 1024x768 -depth 24"
VNCSERVERARGS[3]="-geometry 1024x768 -depth 24"

VNCSERVERS="2:user 3:newuser"

VNCSERVERARGS[2]="-geometry 1024x768 -depth 24"

VNCSERVERARGS[3]="-geometry 1024x768 -depth 24"

Where ‘user’ is the main user you are dealing with (the one we configured VNC for initially) and ‘newuser’ which is the second user are we have created. If you have more users created and the above steps for settings passwords and vnc4srver start-up completed, add more lines accordingly wit (:4),(:5) etc. screens.

Then create startup script for VNC server as:

vi /etc/init.d/vncserver

1	vi /etc/init.d/vncserver

And put the following lines inside:

#!/bin/bash

unset VNCSERVERARGS
VNCSERVERS=""
[ -f /etc/vncserver/vncservers.conf ] && . /etc/vncserver/vncservers.conf
prog=$"VNC server"

start() {
        . /lib/lsb/init-functions
        REQ_USER=$2
        echo -n $"Starting $prog: "
        ulimit -S -c 0 >/dev/null 2>&1
        RETVAL=0
        for display in ${VNCSERVERS}
        do
                export USER="${display##*:}"
                if test -z "${REQ_USER}" -o "${REQ_USER}" == ${USER} ; then
                        echo -n "${display} "
                        unset BASH_ENV ENV
                        DISP="${display%%:*}"
                        export VNCUSERARGS="${VNCSERVERARGS[${DISP}]}"
                        su ${USER} -c "cd ~${USER} && [ -f .vnc/passwd ] && vnc4server :${DISP} ${VNCUSERARGS}"
                fi
        done
}

stop() {
        . /lib/lsb/init-functions
        REQ_USER=$2
        echo -n $"Shutting down VNCServer: "
        for display in ${VNCSERVERS}
        do
                export USER="${display##*:}"
                if test -z "${REQ_USER}" -o "${REQ_USER}" == ${USER} ; then
                        echo -n "${display} "
                        unset BASH_ENV ENV
                        export USER="${display##*:}"
                        su ${USER} -c "vnc4server -kill :${display%%:*}" >/dev/null 2>&1
                fi
        done
        echo -e "\n"
        echo "VNCServer Stopped"
}

case "$1" in
start)
start $@
;;
stop)
stop $@
;;
restart|reload)
stop $@
sleep 3
start $@
;;
condrestart)
if [ -f /var/lock/subsys/vncserver ]; then
stop $@
sleep 3
start $@
fi
;;
status)
status Xvnc
;;
*)
echo $"Usage: $0 {start|stop|restart|condrestart|status}"
exit 1
esac

#!/bin/bash

unset VNCSERVERARGS

VNCSERVERS=""

[ -f /etc/vncserver/vncservers.conf ] && . /etc/vncserver/vncservers.conf

prog=$"VNC server"

start() {

. /lib/lsb/init-functions

REQ_USER=$2

echo -n $"Starting $prog: "

ulimit -S -c 0 >/dev/null 2>&1

RETVAL=0

for display in ${VNCSERVERS}

export USER="${display##*:}"

if test -z "${REQ_USER}" -o "${REQ_USER}" == ${USER} ; then

echo -n "${display} "

unset BASH_ENV ENV

DISP="${display%%:*}"

export VNCUSERARGS="${VNCSERVERARGS[${DISP}]}"

su ${USER} -c "cd ~${USER} && [ -f .vnc/passwd ] && vnc4server :${DISP} ${VNCUSERARGS}"

done

}

stop() {

. /lib/lsb/init-functions

REQ_USER=$2

echo -n $"Shutting down VNCServer: "

for display in ${VNCSERVERS}

export USER="${display##*:}"

if test -z "${REQ_USER}" -o "${REQ_USER}" == ${USER} ; then

echo -n "${display} "

unset BASH_ENV ENV

export USER="${display##*:}"

su ${USER} -c "vnc4server -kill :${display%%:*}" >/dev/null 2>&1

done

echo -e "\n"

echo "VNCServer Stopped"

}

case "$1" in

start)

start $@

;;

stop)

stop $@

;;

restart|reload)

stop $@

sleep 3

start $@

;;

condrestart)

if [ -f /var/lock/subsys/vncserver ]; then

stop $@

sleep 3

start $@

;;

status)

status Xvnc

;;

echo $"Usage: $0 {start|stop|restart|condrestart|status}"

exit 1

esac

Make the script executable, and add it to the startup scripts:

chmod +x /etc/init.d/vncserver 

update-rc.d vncserver defaults 99

chmod +x /etc/init.d/vncserver

update-rc.d vncserver defaults 99

Now:

service vncserver stop
service vncserver start

1 2	service vncserver stop service vncserver start

And all added users in /etc/vncserver/vncservers.conf will be able to connect via Remote Desktop.

Certainly make sure VNC ports are anebled on the firewall.

Also take in mind that VNC is alsways better to be combined with SSH tunnel as its encryption and vulnerability issues are well known.

Tags

Anthony Gee | Feb 24, 2013 | Comments 3

Free Tutorial

ProFTP – Fatal: error processing configuration file ‘/etc/proftpd.conf’

This is quick one how to fix issue with ProFTPD returning this error:

# ftp localhost
Connected to localhost.localdomain.
 - error: no valid servers configured
 - Fatal: error processing configuration file '/etc/proftpd.conf'
421 Service not available, remote server has closed connection

# ftp localhost

Connected to localhost.localdomain.

- error: no valid servers configured

- Fatal: error processing configuration file '/etc/proftpd.conf'

421 Service not available, remote server has closed connection

Simply run :

hostname yourservername.tld

1	hostname yourservername.tld

And the issue sould be resolved.

Tags

Anthony Gee | Dec 13, 2012 | Comments 0

Free Tutorial

Health check script Linux

Bellow I will present script checking Load Average on a Linux server which will send report if it becomes to high.
It is using Linux command ‘uptime’ which is pulling out server’s uptime as well as its Load Average:

# uptime
21:53:51 up 43 days,  2:19,  3 users,  load average: 1.63, 0.70, 8.29

1 2	# uptime 21:53:51 up 43 days, 2:19, 3 users, load average: 1.63, 0.70, 8.29

In my script bellow I am using not the last minute load average, but the last five minutes (the second) one.
If you are not aware you can interpret a load average of “1.63, 0.70, 7.89” on a single-CPU system as:

– during the last minute, the system was overloaded by 63% on average (1.63 runnable processes, so that 0.73 processes had to wait for a turn for a single CPU system on average).

– during the last 5 minutes, the CPU was idling 30% of the time on average.

– during the last 15 minutes, the system was overloaded 698% on average (7.89 runnable processes, so that 6.98 processes had to wait for a turn for a single CPU system on average).

I have chosen the five minute interval as sending mails every minute is too aggressive in case of a server load. Also it could be something too short and handled by the server without notification.

#! /bin/bash
# Here you set the maximum Load Average you want to be notified on. 
# It depends on the number of processes and the usual server load.
max_loadavge=3  

# In case of load average: 3.63, 5.70, 3.29 - will extract 5.70
loadavg=$(uptime | awk -F'load average:' '{print $2}'|awk '{gsub(",",""); print $2}'

# Prints the load average with current time stamp into log file. 
# It will save according to the 
# You may comment this line on case you do not need it
echo "Load Average:$loadavg on `date`" >> /var/log/load.log 

# Set the e-mail you will be notified here.
EMAIL1="email@domain.com"

Optional secondary e-mail
#EMAIL2="email2@domain.com"

#Checks if the maximum Load Average is smaller then the one from the 'uptime' command
if [[ "$loadavg" > "$max_loadavge" ]]
then

# Creates notification message subject
SUBJECT="`hostname` LOAD AVERAGE ALERT $loadavg(>$max_loadavge)" 

#Both lines bellow will be the body of the message. It will contain the current load average with time stamp as well as list of 
#the current processes running on the server
ETEXT1="Load Average:$loadavg on `date`\n\n" 
ETEXT2="USER     PID %CPU %MEM   VSZ   RSS  TT  STAT STARTED      TIME COMMAND\n`ps aux | sort -rgk3`"

echo -e "$ETEXT1$ETEXT2" | mail -s "$SUBJECT" "$EMAIL1"

# if you are going to send to more than one email the line will be:
# echo -e "$ETEXT1$ETEXT2" | mail -s "$SUBJECT" "$EMAIL1" "$EMAIL2"

##Here also you can execute scripts for restarting particular services e.g. Apache, MySQL

fi

exit

#! /bin/bash

# Here you set the maximum Load Average you want to be notified on.

# It depends on the number of processes and the usual server load.

max_loadavge=3

# In case of load average: 3.63, 5.70, 3.29 - will extract 5.70

loadavg=$(uptime | awk -F'load average:' '{print $2}'|awk '{gsub(",",""); print $2}'

# Prints the load average with current time stamp into log file.

# It will save according to the

# You may comment this line on case you do not need it

echo "Load Average:$loadavg on `date`" >> /var/log/load.log

# Set the e-mail you will be notified here.

EMAIL1="email@domain.com"

Optional secondary e-mail

#EMAIL2="email2@domain.com"

#Checks if the maximum Load Average is smaller then the one from the 'uptime' command

if [[ "$loadavg" > "$max_loadavge" ]]

then

# Creates notification message subject

SUBJECT="`hostname` LOAD AVERAGE ALERT $loadavg(>$max_loadavge)"

#Both lines bellow will be the body of the message. It will contain the current load average with time stamp as well as list of

#the current processes running on the server

ETEXT1="Load Average:$loadavg on `date`\n\n"

ETEXT2="USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND\n`ps aux | sort -rgk3`"

echo -e "$ETEXT1$ETEXT2" | mail -s "$SUBJECT" "$EMAIL1"

# if you are going to send to more than one email the line will be:

# echo -e "$ETEXT1$ETEXT2" | mail -s "$SUBJECT" "$EMAIL1" "$EMAIL2"

##Here also you can execute scripts for restarting particular services e.g. Apache, MySQL

exit

* Note that some settings may need tuning because of changed/different command output

Once the script is ready you can set it as Cron. job Mine is set to check every 5th minute:

# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name  command to be executed
*/5 * * * * /root/scrpts/health.check.sh &> /dev/null

# .---------------- minute (0 - 59)

# | .------------- hour (0 - 23)

# | | .---------- day of month (1 - 31)

# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...

# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat

# | | | | |

# * * * * * user-name command to be executed

*/5 * * * * /root/scrpts/health.check.sh &> /dev/null

Tags

Anthony Gee | Nov 29, 2012 | Comments 5

Free Tutorial

GPG error NO_PUBKEY

This quick tutorial is to show you how to fix bad GPG key or missing(deleted )GPG key on a Debian-like system.
Usually the next error appears when you try to install application or update OS with apt-get update:

GPG error: http://linux.dell.com Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY AS4433E25E3D7775

Simple resolution can be performed with the following two lines:

gpg --keyserver pgpkeys.mit.edu --recv-key AS4433E25E3D7775
gpg -a --export E74433E25E3D7775 | apt-key add -

1 2	gpg --keyserver pgpkeys.mit.edu --recv-key AS4433E25E3D7775 gpg -a --export E74433E25E3D7775 \| apt-key add -

Take in mind to change the key with the one from your error.

Android ‘“ Detecting Internet Connection

Currently I’m working on an application which involves the network access, and one of the steps to be done is to check the internet connection.

Based on conducted researches, I found that the class responsable for querying the state of network connectivity is the ConnectivityManager. The primary responsibilities of this class are to:

Monitor network connections (Wi-Fi, GPRS, UMTS, etc.)
Send broadcast intents when network connectivity changes
Attempt to ‘fail over’ to another network when connectivity to a network is lost
Provide an API that allows applications to query the coarse-grained or fine-grained state of the available networks

We can get an instance of this class by calling Context.getSystemService(Context.CONNECTIVITY_SERVICE);

Important: Before proceeding to check the internet connection, the ACCESS_NETWORK_STATE permission must be set in the AndroidManifest file, otherwise you’ll get a security exception:

1. android.permission.ACCESS_NETWORK_STATE”

Our method of interest from this class is the getActiveNetworkInfo() method which returns an object of type NetworkInfo, through we can check if we are online or not.

The code for checking the internet connection looks like this:

1 ConnectivityManager cm = (ConnectivityManager) getSystemService(CONNECTIVITY_SERVICE);
2 NetworkInfo ni = cm.getActiveNetworkInfo();
3
4 if (ni!=null && ni.isConnected())
5 Log.d(“GREC”, “connected”);
6 else
7 Log.d(“GREC”, “not connected”);

Note that it’s important to check the ni object if it’s not null, otherwise, if the connection is not available an exception is thrown.

And the last thing, in order to properly test the internet connection, disable the internet from the emulator: Settings -> Wireless & Networks -> Mobile Networks -> Data Enabled, not from you computer local area connection. This is because even if you turn off the internet from your computer, but don’t turn it off from emulator, the isConnected() method will return true.

For more information about ConnectivityManager and in general the work with network, consider this link: http://developer.android.com/reference/android/net/ConnectivityManager.html

Can not include OpenSSL headers files.

Today I had question about “..why since I have OpenSSL installed and working fine with other services, I receive such message(the bellow one) when I am trying to compile something..”

[...]
checking openssl/ssl.h usability... no
checking openssl/ssl.h presence... no
checking for openssl/ssl.h... no
configure: error: 
  !!! OpenSSL is not properly installed on your system. !!!
  !!! Can not include OpenSSL headers files.            !!!

[...]

checking openssl/ssl.h usability... no

checking openssl/ssl.h presence... no

checking for openssl/ssl.h... no

configure: error:

!!! OpenSSL is not properly installed on your system. !!!

!!! Can not include OpenSSL headers files. !!!

The answer is because the application you are trying to compile manually requires “openssl-devel.x” package installed. It includes files for development of applications which will use OpenSSL.
So according to your OS you should use either yum, apt-get or gpg to install it.
In my example I am trying to compile on CentOS 32 bit, so I will use yum like that:

yum install openssl-devel.i386
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: centos.skknet.net
 * centosplus: centos.skknet.net
 * extras: centos.skknet.net
 * updates: centos.skknet.net
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package openssl-devel.i386 0:0.9.8e-20.el5 set to be updated
--> Processing Dependency: zlib-devel for package: openssl-devel
--> Processing Dependency: krb5-devel for package: openssl-devel
--> Running transaction check
---> Package krb5-devel.i386 0:1.6.1-62.el5 set to be updated
--> Processing Dependency: libselinux-devel for package: krb5-devel
--> Processing Dependency: e2fsprogs-devel for package: krb5-devel
--> Processing Dependency: keyutils-libs-devel for package: krb5-devel
---> Package zlib-devel.i386 0:1.2.3-4.el5 set to be updated
--> Running transaction check
---> Package e2fsprogs-devel.i386 0:1.39-33.el5 set to be updated
---> Package keyutils-libs-devel.i386 0:1.2-1.el5 set to be updated
---> Package libselinux-devel.i386 0:1.33.4-5.7.el5 set to be updated
--> Processing Dependency: libsepol-devel >= 1.15.2-1 for package: libselinux-devel
--> Running transaction check
---> Package libsepol-devel.i386 0:1.15.2-3.el5 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=====================================================================================================================================================
 Package                                     Arch                         Version                                 Repository                    Size
=====================================================================================================================================================
Installing:
 openssl-devel                               i386                         0.9.8e-20.el5                           base                         1.9 M
Installing for dependencies:
 e2fsprogs-devel                             i386                         1.39-33.el5                             base                         573 k
 keyutils-libs-devel                         i386                         1.2-1.el5                               base                          27 k
 krb5-devel                                  i386                         1.6.1-62.el5                            base                         1.9 M
 libselinux-devel                            i386                         1.33.4-5.7.el5                          base                         144 k
 libsepol-devel                              i386                         1.15.2-3.el5                            base                         187 k
 zlib-devel                                  i386                         1.2.3-4.el5                             base                         101 k

Transaction Summary
=====================================================================================================================================================
Install       7 Package(s)
Upgrade       0 Package(s)

Total download size: 4.7 M
Is this ok [y/N]: y
Downloading Packages:
(1/7): keyutils-libs-devel-1.2-1.el5.i386.rpm                                                                                 |  27 kB     00:00     
(2/7): zlib-devel-1.2.3-4.el5.i386.rpm                                                                                        | 101 kB     00:00     
(3/7): libselinux-devel-1.33.4-5.7.el5.i386.rpm                                                                               | 144 kB     00:00     
(4/7): libsepol-devel-1.15.2-3.el5.i386.rpm                                                                                   | 187 kB     00:00     
(5/7): e2fsprogs-devel-1.39-33.el5.i386.rpm                                                                                   | 573 kB     00:00     
(6/7): krb5-devel-1.6.1-62.el5.i386.rpm                                                                                       | 1.9 MB     00:00     
(7/7): openssl-devel-0.9.8e-20.el5.i386.rpm                                                                                   | 1.9 MB     00:00     
-----------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                3.5 MB/s | 4.7 MB     00:01     
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : keyutils-libs-devel                                                                                                           1/7 
  Installing     : e2fsprogs-devel                                                                                                               2/7 
  Installing     : zlib-devel                                                                                                                    3/7 
  Installing     : libsepol-devel                                                                                                                4/7 
  Installing     : libselinux-devel                                                                                                              5/7 
  Installing     : krb5-devel                                                                                                                    6/7 
  Installing     : openssl-devel                                                                                                                 7/7 

Installed:
  openssl-devel.i386 0:0.9.8e-20.el5                                                                                                                 

Dependency Installed:
  e2fsprogs-devel.i386 0:1.39-33.el5  keyutils-libs-devel.i386 0:1.2-1.el5  krb5-devel.i386 0:1.6.1-62.el5  libselinux-devel.i386 0:1.33.4-5.7.el5 
  libsepol-devel.i386 0:1.15.2-3.el5  zlib-devel.i386 0:1.2.3-4.el5        

Complete!

yum install openssl-devel.i386

Loaded plugins: fastestmirror

Loading mirror speeds from cached hostfile

* base: centos.skknet.net

* centosplus: centos.skknet.net

* extras: centos.skknet.net

* updates: centos.skknet.net

Setting up Install Process

Resolving Dependencies

--> Running transaction check

---> Package openssl-devel.i386 0:0.9.8e-20.el5 set to be updated

--> Processing Dependency: zlib-devel for package: openssl-devel

--> Processing Dependency: krb5-devel for package: openssl-devel

--> Running transaction check

---> Package krb5-devel.i386 0:1.6.1-62.el5 set to be updated

--> Processing Dependency: libselinux-devel for package: krb5-devel

--> Processing Dependency: e2fsprogs-devel for package: krb5-devel

--> Processing Dependency: keyutils-libs-devel for package: krb5-devel

---> Package zlib-devel.i386 0:1.2.3-4.el5 set to be updated

--> Running transaction check

---> Package e2fsprogs-devel.i386 0:1.39-33.el5 set to be updated

---> Package keyutils-libs-devel.i386 0:1.2-1.el5 set to be updated

---> Package libselinux-devel.i386 0:1.33.4-5.7.el5 set to be updated

--> Processing Dependency: libsepol-devel >= 1.15.2-1 for package: libselinux-devel

--> Running transaction check

---> Package libsepol-devel.i386 0:1.15.2-3.el5 set to be updated

--> Finished Dependency Resolution

Dependencies Resolved

=====================================================================================================================================================

Package Arch Version Repository Size

=====================================================================================================================================================

Installing:

openssl-devel i386 0.9.8e-20.el5 base 1.9 M

Installing for dependencies:

e2fsprogs-devel i386 1.39-33.el5 base 573 k

keyutils-libs-devel i386 1.2-1.el5 base 27 k

krb5-devel i386 1.6.1-62.el5 base 1.9 M

libselinux-devel i386 1.33.4-5.7.el5 base 144 k

libsepol-devel i386 1.15.2-3.el5 base 187 k

zlib-devel i386 1.2.3-4.el5 base 101 k

Transaction Summary

=====================================================================================================================================================

Install 7 Package(s)

Upgrade 0 Package(s)

Total download size: 4.7 M

Is this ok [y/N]: y

Downloading Packages:

(1/7): keyutils-libs-devel-1.2-1.el5.i386.rpm | 27 kB 00:00

(2/7): zlib-devel-1.2.3-4.el5.i386.rpm | 101 kB 00:00

(3/7): libselinux-devel-1.33.4-5.7.el5.i386.rpm | 144 kB 00:00

(4/7): libsepol-devel-1.15.2-3.el5.i386.rpm | 187 kB 00:00

(5/7): e2fsprogs-devel-1.39-33.el5.i386.rpm | 573 kB 00:00

(6/7): krb5-devel-1.6.1-62.el5.i386.rpm | 1.9 MB 00:00

(7/7): openssl-devel-0.9.8e-20.el5.i386.rpm | 1.9 MB 00:00

-----------------------------------------------------------------------------------------------------------------------------------------------------

Total 3.5 MB/s | 4.7 MB 00:01

Running rpm_check_debug

Running Transaction Test

Finished Transaction Test

Transaction Test Succeeded

Running Transaction

Installing : keyutils-libs-devel 1/7

Installing : e2fsprogs-devel 2/7

Installing : zlib-devel 3/7

Installing : libsepol-devel 4/7

Installing : libselinux-devel 5/7

Installing : krb5-devel 6/7

Installing : openssl-devel 7/7

Installed:

openssl-devel.i386 0:0.9.8e-20.el5

Dependency Installed:

e2fsprogs-devel.i386 0:1.39-33.el5 keyutils-libs-devel.i386 0:1.2-1.el5 krb5-devel.i386 0:1.6.1-62.el5 libselinux-devel.i386 0:1.33.4-5.7.el5

libsepol-devel.i386 0:1.15.2-3.el5 zlib-devel.i386 0:1.2.3-4.el5

Complete!

So the next time when I try to compile my application, Openssl headers files will be there:

[...]
checking openssl/ssl.h usability... yes
checking openssl/ssl.h presence... yes
checking for openssl/ssl.h... yes
checking openssl/md5.h usability... yes
checking openssl/md5.h presence... yes
checking for openssl/md5.h... yes
checking openssl/err.h usability... yes
checking openssl/err.h presence... yes
[...]

[...]

checking openssl/ssl.h usability... yes

checking openssl/ssl.h presence... yes

checking for openssl/ssl.h... yes

checking openssl/md5.h usability... yes

checking openssl/md5.h presence... yes

checking for openssl/md5.h... yes

checking openssl/err.h usability... yes

checking openssl/err.h presence... yes

[...]

Tags

Anthony Gee | Nov 10, 2011 | Comments 0

Free Tutorial

Windows server passive port range

Really quick one.

To set Windows server passive port range you should use adsutil.vbs which is one of the administration scripts located usually at: ï»¿ï»¿ï»¿C:>\Inetpub\AdminScripts . I am saying usually as the Windows server installation could be on a different drive.

The issue with the Windows passive port range is that the default firewall (firewall.cpl) does not have option or field to open port range, and often when you setup FTP on your Windows server an try to connect with FTP client it may appear with error similar to this one bellow.

As you can see from the log, you can connect to the server using FTP, but when you try to do something like listing directory content or copying files it times our. The reason is because the FTP client is trying to connect trough any opened port above 1024 one. (The usual default range is a big one. For example between 40000 and 45000)

You can add several ports manually, but if you have many FTP users, their FTP clients may exceed the port range number and will face the same issue as above. Try using this for testing purposes only (to make sure the issue is because passive port range is not set).

To set passive FTP port range on a Windows server the command should be executed via the command line. So go to Start -> Run… type cmd and then:

C:\>cd \Inetpub\AdminScripts

C:\Inetpub\AdminScripts>adsutil.vbs set /MSFTPSVC/PassivePortRange "40000-45000"

C:\>cd \Inetpub\AdminScripts

C:\Inetpub\AdminScripts>adsutil.vbs set /MSFTPSVC/PassivePortRange "40000-45000"

The result should be similar to this one:

Once executed you should not have further issues with Passive mode using your FTP client.

Another method to enable Passive Port Range on Windows 2008 is to execute the following command:

netsh advfirewall set global StatefulFtp enable

1	netsh advfirewall set global StatefulFtp enable

It should return one big ‘OK’, and passive FTP access will be possible.

Set scheduled task Windows 2008

This will be basic tutorial about how to set scheduled task in Windows 2008.

First go to the Administrative Tools – Task Schedule.

Once opened, you will see the Task Scheduler window. If it is not something special, you can just create basic task on your Windows 2008. Just click on the link located at right filed under actions.

The very first step will be to set scheduled task description :

The next one will be to choose scheduled task trigger :

Windows 2008 Task Scheduler has the following trigger options you can choose from: Daily, Weekly, Monthly, One time, When the computer starts, When I log on, When a specific event is logged. All of them are self-explainable so pick the one you need. In my case the scheduled task will be on daily basis.

Choose the time-frame you want the task to be executed, and then click Next for the scheduled task action:

I will start simple script which will restart IIS using “iisreset” command.Use the browse button to locate the application or the script you want to be scheduled.

The next will be to finish the task setup.

Here you will see the task summary, and will add the task to the Windows 2008 task schedule .

Tags

Anthony Gee | Oct 05, 2011 | Comments 2

Free Tutorial

PHP relocation error

This will be quick tutorial about how to fix PHP relocation error like this one: php: symbol zlibVersion , version libmysqlclient_16 not defined in in file libmysqlclient.so.16 with link time reference. Instead php: relocation error: php: symbol zlibVersion the error could be php: relocation error: php: symbol crc32.

This is an example and the issue could happen with any shared library not only with libmysqlclient.so .

As per the error message the library version is not matching so we have to check the shared library dependencies. This can be done with tool called ‘ldd’ which prints the shared library dependencies. In this case we will check PHP for “libmysqlclient” so the command should be like this:

ldd /usr/bin/php |grep libmysqlclient

1	ldd /usr/bin/php \|grep libmysqlclient

Or if for some reason the PHP binary is located elsewhere:

ldd `which php` |grep libmysqlclient

1	ldd `which php` \|grep libmysqlclient

The output should be similar to this one:

libmysqlclient.so.16 =&gt; /usr/lib64/mysql/libmysqlclient.so.16 (0x00000034c6000000)

1	libmysqlclient.so.16 => /usr/lib64/mysql/libmysqlclient.so.16 (0x00000034c6000000)

Let’s check the file:

ls -la `/usr/lib64/mysql/libmysqlclient.so.16`

1	ls -la `/usr/lib64/mysql/libmysqlclient.so.16`

In my case this is a symbolic link to the library in the same folder:

lrwxrwxrwx 1 root root 28 Sep 29 17:09 /usr/lib64/mysql/libmysqlclient.so.16 -> libmysqlclient.so.16.0.0*

1	lrwxrwxrwx 1 root root 28 Sep 29 17:09 /usr/lib64/mysql/libmysqlclient.so.16 -> libmysqlclient.so.16.0.0*

Now let’s check if this file exist in another place.

updatedb &amp;&amp; locate libmysqlclient.so.16.0.0

1	updatedb && locate libmysqlclient.so.16.0.0

My output is:

/usr/lib64/libmysqlclient.so.16.0.0
/usr/lib64/mysql/libmysqlclient.so.16.0.0

1 2	/usr/lib64/libmysqlclient.so.16.0.0 /usr/lib64/mysql/libmysqlclient.so.16.0.0

So there are two libraries, and now we have to check where is the missing symbol – for example zlibVersion. For that will use ‘nm’ command lists symbols from object files. Let’s try the current linked file:

nm /usr/lib64/mysql/libmysqlclient.so.16.0.0 | grep zlibVersion

1	nm /usr/lib64/mysql/libmysqlclient.so.16.0.0 \| grep zlibVersion

The output is:

nm: libmysqlclient.so.16.0.0: no symbols

1	nm: libmysqlclient.so.16.0.0: no symbols

So it seams there are no symbols in this library.

With the other file:

nm /usr/lib64/libmysqlclient.so.16.0.0 | grep zlibVersion

1	nm /usr/lib64/libmysqlclient.so.16.0.0 \| grep zlibVersion

The output is:

00000034c60d64b0 T zlibVersion

1	00000034c60d64b0 T zlibVersion

Which seams better.

Now I will just remote the current link:

rm -f /usr/lib64/mysql/libmysqlclient.so.16

1	rm -f /usr/lib64/mysql/libmysqlclient.so.16

And will create a new one with the library that contains the symbol:

ln -s /usr/lib64/libmysqlclient.so.16.0.0 /usr/lib64/mysql/libmysqlclient.so.16

1	ln -s /usr/lib64/libmysqlclient.so.16.0.0 /usr/lib64/mysql/libmysqlclient.so.16

This should resolve the case, and the php: symbol zlibVersion , version libmysqlclient_16 not defined in in file libmysqlclient.so.16 with link time reference error was solved.

Tags

Anthony Gee | Sep 29, 2011 | Comments 13

Free Tutorial

How to disconnect (kick out) other SSH users

In this tutorial I will talk about how to disconnect SSH user from Linux remote server.

This is useful when you have stuck SSH connections or there areÂ suspicious IPs connected to the server. If your case is the second one you may kick out the hacker from the server, but even disconnected he may have setup already backdoor or application that will return theÂ connection to him. Anyway the first step will be to kill sshd processes serving other connection but yours.

First you will have to login to the Linux server via SSH – if you are not aware how just click on the link.

Once logged in list all current users on the server using ‘w’ command – simply type:

[root@yourserver /]#w

1	[root@yourserver /]#w

This will list all users on the Linux box like this:

As you can see there are several usersÂ currently logged in, and to discover which one is yours can be done comparing your IP address, what is currently doing as well as the time – for how long the users is on the server.If you are just logged in your time will be the current one on the server.

To list which user which TTY(pts) is using we have to use the Linux ‘ps’ command with extended output like this:

[root@yourserver /]ps faux |grep sshd

1	[root@yourserver /]ps faux \|grep sshd

The output will show which “sshd” service running for which ‘pts‘ stands:

Now I want to kick off Linux user with pts / 4 marked on the image, and for that I will use Linux ‘kill’ command.

[root@yourserver /]kill -9 6702

1	[root@yourserver /]kill -9 6702

This will send kill signal to process 6702 which is the number for the “sshd” service with pts / 4 running on the server.
After you have executed this command try the ‘w’ command to see if the user is still logged in.