Delete mailman archieves
If required take backup of the archives
$ cp -a /var/lib/mailman/archives/private/<listname>/* <backup_directory>
Remove the archives
$ rm -rf <listname>/*
Once it is removed recreate the html archive files
$ mailman/bin/arch <listname>
./arun
Detected bug in an extension! Hook FCKeditor_MediaWiki
Detected bug in an extension! Hook FCKeditor_MediaWiki::onCustomEditor failed to return a value; should return true to continue hook processing or false to abort.
Backtrace:
#0 mediawiki/includes/Wiki.php(497): wfRunHooks('CustomEditor', Array)
#1 mediawiki/includes/Wiki.php(63): MediaWiki->performAction(Object(OutputPage), Object(Article),
Object(Title), Object(User), Object(WebRequest))
#2 mediawiki/index.php(114): MediaWiki->initialize(Object(Title), Object(Article), Object(OutputPage),
Object(User), Object(WebRequest))
#3 {main}
Edit the following file to fix this issue:
"FCKeditor/FCKeditor.body.php"
-- public function onCustomEditor(&$article, &$user) {
++ public function onCustomEditor($article, $user) {
reference: http://dev.ckeditor.com/ticket/3530
./arun
svn: Can’t convert string from ‘UTF-8′ to native encoding:
"svn: Can't convert string from 'UTF-8' to native encoding:"
This usually happens with special characters in the file name, which the client cannot understand.
Just set proper locale in the client to fix this issues,
$ export LC_CTYPE=en_US.UTF-8 // make sure the locale is properly set. $ locale LC_CTYPE=en_US.UTF-8
./arun
Categories: Linux, MAC OS X Tags: locale, subversion, svn
Fix categories and tags in wordpress custom post_type
By default word press does not look in to custom post_types for categories and tags, even though the category names are visible you get a NOT FOUND page when you click on the category.
A work around found for this issue is :
Edit : functions.php
add_filter('pre_get_posts', 'query_post_type');
function query_post_type($query) {
if(is_category() || is_tag()) {
$post_type = get_query_var('post_type');
if($post_type)
$post_type = $post_type;
else
$post_type = array('post','custom_post_type_name','nav_menu_item'); // replace custom_post_type_name with your post_type, and keep nav_menu_item to display menu in category page.
$query->set('post_type',$post_type);
return $query;
}
}
Reference: http://wordpress.org/support/topic/custom-post-type-tagscategories-archive-page
Thanks to paranoid for guiding to the fix . 
./arun
Categories: CMS, Linux, Wordpress Tags: category issue, custom post_type wordpress
Replace broken hard drive in software RAID1
This scenario assumes that you have two hard disk with RAID1 setup and one of them is broken (say sdb).
To check the status of RAID:
$ cat /proc/mdstat
Personalities : [raid0] [raid1] [raid6] [raid5] [raid4] [raid10]
md2 : active raid1 sda3[1]
730202368 blocks [2/1] [U_]
md1 : active raid1 sda2[1]
264960 blocks [2/1] [U_]
md0 : active (auto-read-only) raid1 sda1[1]
2102464 blocks [2/1] [U_]
you will see [_U] or [U_] if there is a broken RAID.
If required remove the broken hardrive from RAID from all md devices.
# mdadm --manage /dev/md0 --fail /dev/sdb1
# mdadm --manage /dev/md1 --fail /dev/sdb2
# mdadm --manage /dev/md2 --fail /dev/sdb3
Shutdown the machine and replace the hard drive.
Once the server is booted, you will see the new device (either sda or sdb depends on what drive is broken)
# ls -l /dev/sd*
Now we need to replicate the partition schema on the new drive.
sfdisk -d /dev/sda | sfdisk /dev/sdb
// -d Dump the partitions of a device
We can add the partition to the RAID now, you could verify the partitions with fdisk -l.
# mdadm --manage /dev/md0 --add /dev/sdb1
# mdadm --manage /dev/md1 --add /dev/sdb2
# mdadm --manage /dev/md2 --add /dev/sdb3
It will start sync the data and will be ready once completed.
You may verify the mdstat
# cat /proc/mdstat
Personalities : [raid0] [raid1] [raid6] [raid5] [raid4] [raid10]
md2 : active raid1 sda3[0] sdb3[1]
7302023 blocks [2/2] [UU]
md1 : active raid1 sda2[0] sdb2[1]
2649 blocks [2/2] [UU]
md0 : active (auto-read-only) raid1 sda1[0] sdb1[1]
21024 blocks [2/2] [UU]
./arun
Categories: Linux Tags: Hard disk broken, RAID1, recover broken hard disk
Enable IPv6 on Direct Admin
It was rather easy to get IPv6 working with DA if you have the IPv6 subnet allocated for your server.
Make sure that you have IPv6 enabled on your DA.
# grep ipv6 /usr/local/directadmin/conf/directadmin.conf
ipv6=1
Add the IPv6 Addresses to your direct admin, through IP Management (This will add IPv6 address to the interface).
Enter the IPv6 Address in IP field and keep the Netmask as 255.255.255.0
Add IPv6 address for your name servers,
go to DNS administration –> Select your name server domain –> Add AAAA records for your Name Servers. Make sure you have added the IPv6 addresses already to DA.
Check your name server is resolving/reachable via IPv6.
Now to add IPv6 Address to hosted domains, select the domain –> Modify user –> select the IPv6 address in “Add Additional IP”. If the IPv6 address is not visible, make sure it is added to DA and to the reseller account you are editing the domain.
Add the IPv6 address(AAAA) to the corresponding domains DNS configuration.
Here we go, ping666666
./arun
Categories: Debian, IPv6, Linux Tags: IPv6 Direct admin, IPv6 DNS configuration for DA
Extending LVM disk space
Add the new disk drive to the system, you need to reboot the machine and configure the hardware RAID if required.
Add the new disk to Volume group
For e.g.: if the disk is HP with Smart array
# pvcreate /dev/cciss/c0d1
# vgextend <volume_group_name> /dev/cciss/c0d1
Extend the Logical volume:
# lvextend -L<+mention_the_size> /dev/<volume_group>/<logical_volume>
eg: # lvextend -L+25G /dev/localhost/var
# lvextend -L+10G /dev/localhost/home
Resize the file system:
# resizefs <file_system>
eg:
# resizefs /dev/mapper/localhost-var
# resizefs /dev/mapper/localhost-home
./arun
Categories: Linux Tags: Extending disk space, lvextend, LVM, vgextend
Install and configure rsnapshot for central backup (without root privilege)
Download and install RsnapShot
Download the latest package from: http://rsnapshot.org/downloads.html
# wget http://rsnapshot.org/downloads/rsnapshot-1.3.1-1.noarch.rpm
# rpm -Uvh rsnapshot-1.3.1-1.noarch.rpm
Configure public key authentication
- Enable public key authentication with remote hosts with normal user privilege
local# ssh-keygen -t rsa
local# scp id_rsa.pub ssh-remote-server:id_rsa.pubremote# useradd -c “Backup user” -d /data/home/backup/ backup
remote# su – backupremote# vi .ssh/authorized_keys
remote# chmod 600 .ssh/authorized_keys
remote# cat id_rsa.pub >> authorized_keys ; rm id_rsa.pub
Add the command allowed to execute in the authorized_keys
command=”/home/backup/validate-rsync.sh”
Create the /home/backup/validate-rsync.sh script with following contents
#!/bin/sh
case “$SSH_ORIGINAL_COMMAND” in
*\&*)
echo “Rejected 1″
;;
*\;*)
echo “Rejected 2″
;;
rsync*)
$SSH_ORIGINAL_COMMAND
;;
*true*)
echo $SSH_ORIGINAL_COMMAND
;;
*)
echo “Rejected 3″
;;
esac$ chmod 700 validate-rsync.sh
Create the rsync wrapper script
$ cat > /usr/local/bin/rsync_wrapper.sh
#!/bin/sh
/usr/bin/sudo /usr/bin/rsync “$@”;# chmod 755 /usr/local/bin/rsync_wrapper.sh
This steps will basically force the ssh connection to execute the rsync as sudo
Grant user to execute rsync as root
backup ALL=(root) NOPASSWD: /usr/bin/rsync
Configure Rsnapshot
master# cp /etc/rsnapshot.conf.default /etc/rsnapshot.conf
Configure path for cp, rsync, ssh, logger, du etc
set link_dest = 1
change rsync_long_args like
rsync_long_args –rsync-path=rsync_wrapper.sh –delete –numeric-ids –relative –delete-excluded
If you require daily backup for a week,
interval daily 7
More details are on the how to section for rsnapshot website
http://rsnapshot.org/howto/1.2/rsnapshot-HOWTO.en.html
Configure the hosts and file system to backup
backup backup@remotehost:/etc/ remotehost/
./arun
Upgrading php to 5.2 or 5.3 in Redhat EL 5
Unfortunately RHEL 5 does not have php.5.2 package, which is required by most of the applications including latest wordpress and drupal.
First thought of compiling php from source, but hard to keep it uptodate. So decided to make the life easier with EPEL/IUS repositories.
Remove all existing php related packages:
# rpm -e php php-mysql php-cli php-pdo php-common
Download and install the EPEL/IUS RPMs
# wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/i386/epel-release-1-1.ius.el5.noarch.rpm
# wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/i386/ius-release-1.0-8.ius.el5.noarch.rpm
incase if the list not working just browse and find the rpm.
Install the RPMs
# rpm -Uvh *-release-*.rpm
Now you can install php 5.2 or 5.3 like:
# yum install php52 php52-mysql
./arun
Categories: Linux, php Tags: PHP 5.2 in Redhat Enterprise Linux 5
svn over ssh tunnel
It is very often required that you need to commit/update to the svn repository which is only indirectly accessible through a gateway (user can ssh to gateway and gateway can ssh to internal svn server)
Suppose you have a working copy (locally on your machine) setup with the real svn url (eg : svn+ssh://svn.example.com)
- Make ssh connection with local port forwarding to the gateway server
# sudo ssh gateway.example.com -L 22:svn.example.com:22
Change the repository url to localhost, since the local host connection forward to remote svn server through the gateway.
#cd <local_svn_path>
# svn switch –relocate svn+ssh://svn.example.com/trunk svn+ssh://localhost/trunk
Now you should be able to update, commit, etc to/from your repository.
You can switch it back to the original url when you have direct access to repository.
./arun
Categories: Linux, MAC OS X Tags: svn commit, svn ssh tunnel, svn update
Install directadmin on Debian 6
Install the basic debian server without any server components
Install the dependency packages:
# sudo apt-get install gcc g++ make flex bison openssl libssl-dev perl perl-base perl-modules libperl-dev libaio1 libaio-dev bind9
Purchase and register the server ip at directadmin.com
Once the license is activated, login to the server:
$ wget http://www.directadmin.com/setup.sh
$ chmod 755 setup.sh
# sudo ./setup.sh
// enter the client id, license id, FQDN etc, and follow the instructions.
Once the installation completed the direct admin interface will be accessible at https://< server_ip >: 2222/
./arun
Categories: Debian Tags: debian 6, Direct admin
Racktable, Apache+LDAP authentication
Login to the Rack tables as admin:
Add the following line under configuration–> permission
allow {$tab_default}
* This is for read only account, assign extra permissions if required
Configure Apache + LDAP
< Directory /var/www/racktables >
Options +Indexes FollowSymLinks MultiViews
DirectoryIndex index.php
AuthName "Rack Tables"
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPURL "ldaps://ldaphost.com/dc=company,dc=com?uid?sub?(objectClass=< depends_on_ldap >)"
# Bind if required
AuthLDAPBindDN "uid=userid,ou=people,dc=company,dc=com"
AuthLDAPBindPassword "xxxxxx"
AuthLDAPGroupAttribute uniqueMember
AuthLDAPGroupAttributeIsDN on
require ldap-group cn=group_name,dc=company,dc=com
require ldap-attribute cn=group-name-allowed
< /Directory >
* Most of LDAP configs based on your setup
Configure Rack Tables:
Edit the inc/secret.php
Set :
$user_auth_src = 'httpd';
$require_local_account = FALSE;
NOTE: to get the logout working properly make sure the Apache AuthName matches with the one configured for Rack tables authentication.
Referene : http://sourceforge.net/apps/mediawiki/racktables/index.php?title=RackTablesAdminGuide
Reference
./arun
Categories: apache, Linux Tags: apache, LDAP, Racktables
Rsnapshot Lchown
# rsnapshot du localhost
require Lchown
Lchown module not found
Install the Lchown module:
# wget http://www.rsnapshot.org/downloads/extras/Lchown-1.00.tar.gz
# tar xvzf Lchown-1.00.tar.gz
# cd Lchown-1.00
# perl Makefile.PL
Checking if your kit is complete…
Looks good# make install
# rsnapshot du localhost
require Lchown
Lchown module loaded successfully
You can also try installing the module from Perl CPAN
# perl -MCPAN -e ‘install qw(Lchown)’
./arun
Install Cpanel on FreeBSD 8.2
- Install FreeBSD with proper network and file system configuration (Ref: http://docs.cpanel.net/twiki/bin/view/AllDocumentation/InstallationGuide/Quick-StartInstallationGuide)
- Install dependency packages:
# pkg_add -r wget
# pkg_add -r perl
# pkg_add -r rsync (required later for ports sync)
# pkg_add -r gmake
To Fix:
creating glibconfig.h
config.status: executing default commands
gmake: not found
child exited with value 127
Died at /usr/local/cpanel/bin/rrdtoolinstall line 109.
# pkg_add -r png // To fix the following error
To Fix : configure: error: requested PNG backend could not be enabled
- Create the following symlinks
# ln -s /usr/local/bin/wget /usr/bin/wget
# ln -s /lib/libcrypt.so.5 /lib/libcrypt.so.2 // To Fix: Shared object “libcrypt.so.2″ not found,
# ln -s /lib/libc.so.7 /lib/libc.so.5 // To Fix: Shared object “libc.so.5″ not found
ln -s /lib/libm.so.5 /lib/libm.so.3 // To Fix: “libm.so.3″ not found
- Install Cpanel
cd /home
wget -N http://httpupdate.cpanel.net/latest
sh latest
- Once installation successful activate the license (make sure the ip is licensed - http://www.cpanel.net/apps/verify/) :
# /usr/local/cpanel/cpkeyclt
- Start Cpanel
- Touch the following file
# touch /etc/rc.d/init.d/function // To fix: Could not find functions file, your system may be broken
# /etc/init.d/cpanel start
Now you should be able to access Cpanel at https://< yourip >:2087/
Try to upgrade
Exim: /scripts/eximup –force (this will get the free bsd ports as well)
Cpanel : # /scripts/upcp
./arun
Categories: FreeBSD, Linux Tags: Install Cpanel on Free BSD, pkg_add
Drupal 7 issue with SQL Mode TRADITIONAL
PDOException: SQLSTATE[42000]: Syntax error or access violation: 1231 Variable ‘sql_mode’ can’t be set to the value of ‘TRADITIONAL’ in lock_may_be_available() (line 165 of /includes/lock.inc).
This was the case when I installed Drupal 7 with Cpanel/Fantastico, the drupal site was displaying the above error.
This issue is discussed at drupal issues . try to patch it as mentioned in the url.
But for me it works with the following change, just removed the TRADITIONAL mode, not sure it is the correct way to fix it. You can verify the sql modes at http://dev.mysql.com/doc/refman/5.0/en/server-sql-mode.html , Anyway now there is no errors in drupal site and I am able to login.
(includes/database/mysql/database.inc) Line: 65
New file
< $this->exec(“SET sql_mode=’ANSI,ONLY_FULL_GROUP_BY’”);
—
Old file
> $this->exec(“SET sql_mode=’ANSI,TRADITIONAL’”);
Also setting up the sql connection mode to SET SESSION sql_mode = "ANSI,TRADITIONAL"; is an option instead of above change.
./arun
Categories: Linux, Mysql Tags: 1231 Variable 'sql_mode' can't be set to the value of 'TRADITIONAL', Cpanel, Drupal 7 issue, Sql Mode
Install and configure RSA web agent with Redhat EL5 and Apache
Login to RSA interface:
- Create the apache server as agent host with type web agent
- Generate the config file (zip file containing sdconf.rec) from RSA interface, and download to your local machine
Login to the web server
- Download the RSA web agent installation files from RSA website.
# mkdir -p /var/ace
- Copy and extract (sdconf.rec) the downloaded config file
# chmod 755 sdconf.rec
- Create the sdopts.rec file with the ip address of the machine, if you have multiple ip address assigned to the server or if the RSA we agent is a virtual machine. Otherwise the authentication might break with following kind of errors
“100: Access denied. The RSA ACE/Server rejected the Passcode. Please try again.” , “attempted to authenticate using authenticator “SecurID_Native”. The user belongs to security domain “SystemDomain””
# echo "CLIENT_IP=" > sdopts.rec
# chown -R webuser:webuser /var/ace
- Now install the RSA web agent
# tar xvf WebAgent_70_Apache_RHEL5_32_379_08201024.tar
# cd CD/
# chmod u+x install
# ./install
- Enter the location of sdconf.rec
- Configure the apache virtual host
It was found that web agent breaks if apache starts multiple server thread, so would be better to limit the thread.
< IfModule prefork.c >
StartServers 1
MinSpareServers 1
MaxSpareServers 1
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000
< /IfModule >
- Now start apache and you will be able to access the RSA web interface.
Once authenticated, the RSA server will create a node secret for the agent host and will be copied automatically to the web server.
This web interface is mainly useful for the token users to reset or enable to token assigned to him.
./arun
Categories: Linux, RSA Tags: Linux RSA web interface, RSA web interface for Redhat, The user belongs to security domain “SystemDomain”
Configure IPv6 squid
Squid 3.1+ support IPv6
- Compile and install 3.1.x version of squid.
# useradd -d /opt/squid squid
# wget http://www.squid-cache.org/Versions/v3/3.1/squid-3.1.11-20110228.tar.gz
# tar xvzf squid-3.1.11-20110228.tar.gz
# cd squid-3.1.11-20110228; ./configure –prefix=/opt/squid/
# make; make install
# /opt/squid/sbin/squid -z
Configure squid
edit /opt/squid/etc/squid.conf
cache_effective_user squid
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1acl to_ipv6 dst ipv6
http_access allow to_ipv6 !all
tcp_outgoing_address 2001:: to_ipv6
tcp_outgoing_address 12.34.56.78 !to_ipv6
And add necessary acls to allow access for your network to squid.
Testing:
$ telnet <v6_address> 3128
Trying 2001::…
Connected to 2001::..
Escape character is ‘^]’.
get http://ipv6.google.com/
HTTP/1.0 200 OK
Check the access.log to make sure
1298965141.719 477 2001:: TCP_MISS/200 25918 GET http://ipv6.google.com/ – DIRECT/2a00:1450:8002::6a text/html
Categories: IPv6, Squid Tags: configure squid with ipv6, ipv6 proxy, ipv6 squid
Performance issues with KVM – Redhat
The general performance issue with KVM is due to DISK I/O
- by default the Redhat KVM guest are created with x86_64 architecuture, if you installed 32 bit operating system change this to i686.
<os>
<type arch=’i686′ machine=’rhel5.6.0′>hvm</type>
<boot dev=’hd’/>
- Make sure the hypervisor used is correct in the configuration , either qemu or kvm
<domain type=’kvm’>
or
<domain type=’kvm’>
- Use virtio drivers if the guest is paravirtulized (http://www.ibm.com/developerworks/linux/library/l-virtio/index.html?ca=dgr-lnxw97Viriodth-LX&S_TACT=105AGX59&S_CMP=grlnxw97 , http://publib.boulder.ibm.com/infocenter/lnxinfo/v3r0m0/index.jsp?topic=/liaat/liaatbpparavirt.htm)
./arun
Categories: Linux, Virtualization Tags: KVM, KVM Disk I/O slow, Redhat performance issue
yum update, IndexError: tuple index out of range
If you happen to get this error while updating server with yum update
–
.
.
.
File “/usr/lib/python2.4/site-packages/M2Crypto/m2urllib2.py”, line 82, in https_open
h.request(req.get_method(), req.get_selector(), req.data, headers)
File “/usr/lib/python2.4/httplib.py”, line 813, in request
if v[0] != 32 or not self.auto_open:
IndexError: tuple index out of range
–
disable the location aware access from rhn.
Ref:
http://kbase.redhat.com/faq/docs/DOC-16881
./arun
Categories: Linux Tags:
Public key authentication with bluecoat proxy
- Create a key with length maximum 1024 on your machine
$ ssh-keygen -t rsa -b 1024 -f filename
- ssh to the bluecoat proxy
> en
# configure terminal
#(config) ssh-console
#(config ssh-console) inline client-key admin ...
< paste the key after those three dots >
...
./arun
