Archive for Tips ‘n Tricks

Restart Ubuntu’s Unity Without Logging Out

by Chris Jean
February 13th, 2013

Sometimes when you change a configuration in Unity that is based on configuration files, you need to force Unity to reload. In most guides that I’ve found, the recommendation is to simply log out and log in again. While this works, losing everything that you have open just to force a reloading of configuration files is a bit much. Fortunately, there is a very easy way to force Unity to reload.

These details are specific to Unity running in Ubuntu 12.10, but should work as long as your system is running Unity.

  1. Load a run dialog by pressing Alt+F2
  2. Type unity --replace
  3. Press the Enter key

The screen will flicker and things will start to look normal again in a few seconds. This is due to the entire desktop reloading. The end result is that the configuration files will have reloaded. The only side effects are that your windows may be reordered in the alt-tab listing and some windows may switch their desktop (typically, I have at least one window from my second desktop switch over to my first desktop).

Categories Linux, Tips 'n Tricks
Comments (0)

Fix: Minitube Doesn’t Play Videos in Ubuntu

by Chris Jean
January 10th, 2012

I’ve been a huge fan of Minitube. I use it nearly every work day to run interesting videos to give me a nice sound backdrop to work by. Mostly, I find myself playing AMVs, but I also enjoy just typing in random stuff to see what it starts playing.

However, a few weeks ago, it just suddenly stopped working. I was sad, but there was a lot of stuff going on, so I just left it broken. Today, I found the fix.

On Minitube’s install page, Flavio mentions removing the phonon-backend-xine package as a possible solution. I tried it, and it worked. Given that I don’t know what other software may rely on this, I tried reinstalling the package, and Minitube still worked. After rebooting, I found that it no longer worked again, so it seems that the package does need to stay removed. I’ve updated the following to only show removing the package.

Here’s how you can do what I did.

[gaarai@tenshi ~/src]$ sudo apt-get purge phonon-backend-xine

Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages will be REMOVED:
  phonon-backend-xine*
0 upgraded, 0 newly installed, 1 to remove and 1 not upgraded.
After this operation, 651kB disk space will be freed.
Do you want to continue [Y/n]? 
(Reading database ... 285104 files and directories currently installed.)
Removing phonon-backend-xine ...
[gaarai@tenshi ~/src]$

Hopefully, you’ll be fast on your way to enjoying a fully-functional Minitube once again. If this doesn’t fix your issue, Minitube now has a forum that could help you out.

Good luck and happy Minitubing.

Categories Tips 'n Tricks
Comments (0)

Upgrade PHP 5.1/5.2 to 5.3 on CentOS

by Chris Jean
June 24th, 2011

I’m finding that more and more software developers are being quite inconsiderate and are making code that requires PHP 5.3. Since many server-based and long-term support distros are still on PHP 5.2, this can make things difficult quickly.

I’ll share how I upgraded one of my servers, but I do need to let you know about some specifics about my setup as your setup may be different and require different steps to upgrade.

When I started, my system ran CentOS 5.5 and PHP 5.2.16. Now it is running CentOS 5.6 and PHP 5.3.3.

You won’t be able to follow these steps without root access, so that is definitely a requirement. I’m also running Apache. You may be using a different web server, but if you don’t know what I’m talking about, you are running Apache. I assume that if you run a different server, you will know what to change in my steps.

Read More→

Categories Linux, Tips 'n Tricks
Comments (85)

PHP 5.3 and “It is not safe to rely on the system’s timezone settings”

by Chris Jean
June 24th, 2011

I just updated one of my CentOS systems to PHP 5.3 (a chore best reserved for another blog post), and started to see the following warning popping up:

PHP Notice: in file index.php on line 15: date(): It is not safe to rely on the system’s timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected ‘America/Chicago’ for ‘CDT/-5.0/DST’ instead

Annoying to say the least. The fix is much easier than the message makes it seem.

PHP 5.3 now requires that you either have a timezone set in your php.ini file or that you pass the desired timezone via the date_default_timezone_set() function before calling the date() function.

I opened my server’s /etc/php.ini file and searched for timezone. My ini file had a section like the following:

[Date]
; Defines the default timezone used by the date functions
; http://www.php.net/manual/en/datetime.configuration.php#ini.date.timezone
; date.timezone =

I uncommented the date.timezone line and added the timezone I wanted.

[Date]
; Defines the default timezone used by the date functions
; http://www.php.net/manual/en/datetime.configuration.php#ini.date.timezone
date.timezone = 'America/Chicago'

There are two very important things to do in order for this to work properly for you:

  1. Use a timezone that is appropriate for your needs. Use PHP’s List of Supported Timezones to find the timezone that works for you.
  2. Since your server is likely to cache the PHP configuration, you will want to restart your web server process in order for the change to be recognized. The command to execute varies by system, but for most systems, the following will work: 
    [user@server /etc]$ sudo service httpd restart

[sudo] password for user: 
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]
[user@server /etc]$

    Of course, if you are already root, you won’t need to use sudo:

    [root@server /etc]# service httpd restart

Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]
[root@server /etc]#
Categories Linux, Tips 'n Tricks
Comments (5)

View CSV Data from the Command Line

by Chris Jean
June 17th, 2011

I recently wrote a script to dump data into CSV files. The CSV files work well for using in other scripts, but they are a bit difficult to read in order to verify that the data looks good. Sure, I could transfer the files to my local system and open them up in OpenOffice Spreadsheet or a similar program, but I want to do quick checks of the generated data and constantly copying the data and opening it up again in a program would just slow me down. Fortunately, there is a better way.

Using a combination of the cat, column, and less commands that are available from most *nix shells, the CSV data can be rendered into a nice table and quickly navigated. Here is an example:

[chris@host data]$ cat file.csv | sed -e 's/,,/, ,/g' | column -s, -t | less -#5 -N -S

      1 number_of_tests  execution_time min  execution_time max  execution_time avg  execution_time std_dev  peak_memory_usage min  peak_memory_usage max  peak_memory_usage avg  peak_memory_usage std_dev  real_memory_usage min
      2 449              0.2421700954        0.2522599697        0.24422667392717    0.0013405194115834      22062656               22067696               22062951.732739        552.24028841091            22282240
      3 416              0.2449610233        0.2619900703        0.24721734340337    0.0015257664849685      21295528               21300888               21295541.019231        262.48728836508            21495808
      4 446              0.2286360264        0.2422661781        0.23043336515404    0.001174508347353       20895976               20900800               20895987.03139         228.20177111936            20971520
      5 428              0.1955471039        0.2902140617        0.1981168762521     0.0046106433816399      18045464               18048784               18045487.271028        276.98063531264            18087936
      6 436              0.2208828926        0.2558329105        0.22297720351353    0.0021463518368546      18717960               18723192               18718020.238532        557.06025400191            18874368

The output is easy to navigate with the cursor keys and is perfect for quickly verifying the generated data.

To use for your files, simply replace file.csv in the above example with your file’s name. The -#5 determines how many columns to scroll when using the left and right arrow keys. You can increase or decrease this as needed to make navigating easier.

For those interested, I’ve tested this on Debian-based (Ubuntu, Mint, etc) and Redhat-based (CentOS) systems, and it works on all of them.

I updated the command to fix a problem with handling empty entries, such as “…,data,,data,…”. The sed command takes care of changing those empty values to a space.

Categories Linux, Tips 'n Tricks
Comments (0)

Fix “Insecure $ENV{PATH} while running setuid”

by Chris Jean
June 6th, 2011

Yet another tale from trying to run a Perl script with the setuid bit turned on. See my earlier post on fixing “Can’t do setuid (cannot exec sperl)” for details about why running perl scripts with setuid bits is a special case.

I tried to run my script and I got the following message:

[user@server ~]$ run-script

Insecure $ENV{PATH} while running setuid at ~/run-script line 4.

The basic idea that this message is trying to get across is that an environment variable that is being used may contain data that could open up an attack vector. The way to fix this is by setting the variable to a set of defaults that don’t come from the user and thus are less susceptible to being manipulated by someone in order to break the security of the system.

In this case, my script executed a program on the shell. Since shell interpretation comes into play, the $PATH variable is looked at to decide where the program could be located. This is an attack vector as someone could just change that variable to cause their own code to be called, thus escalating their code’s privileges without your knowledge.

In order to avoid this, I set the $PATH variable to a restricted set for use in the script by adding the following in the script before my shell call:

$ENV{"PATH"} = "/usr/bin";

This may need to be modified to meet your specific needs. In addition to making this change, I went ahead and changed the call to the shell program to be an absolute reference to the program in order to further mitigate any potential issue, such as aliases.

Categories Linux, Tips 'n Tricks
Comments (1)

Fix “Can’t do setuid (cannot exec sperl)”

by Chris Jean
June 6th, 2011

I recently needed to run a perl script with setuid bit set. This allows the script to run as the user the script’s file is owned by. In this case, I needed the script to run as root.

Since doing this can be very dangerous, Perl does something very nice by default: If you have the setuid bit set on the script, it forces the script to run in Taint Mode which helps to ensure proper sanitation of the environment and inputs. By doing this, Perl can help lock down possible attack vectors that can compromise the security of your script. This isn’t perfect however, so I do recommend that you read up on Perl’s security measures.

So now down to the main point of this post. I tried to run the script with the setuid bit set, and I got the following error message:

[user@server ~]$ run-script

Can't do setuid (cannot exec sperl)

Well that certainly puts a damper on things. Fortunately, the solution is easy. There is simply an additional package that needs to be installed to provide the wrapper program that puts this Perl security in place.

For Debian (Ubuntu, Mint, etc as well), run the following:

[user@server ~]$ sudo apt-get install perl-suid

For CentOS, run the following:

[user@server ~]$ sudo yum install perl-suidperl
Categories Linux, Tips 'n Tricks
Comments (1)

Fix aMember “MYSQL ERROR: MySQL server has gone away in query: INSERT INTO amember_access_log”

by Chris Jean
January 21st, 2011

I recently encountered a very frustrating problem with aMember (as if I haven’t encountered enough annoying problems with it already).

A customer said that they couldn’t log in. Each time they tried to log in, they would get the following error message in their browser:

MYSQL ERROR:<br />MySQL server has gone away<br />in query:<br />INSERT INTO amember_access_log (member_id, remote_addr, url, referrer) VALUES (ID, 'IP_ADDRESS', '/member/member.php', 'URL')

After scratching my head a bit, I delved into the aMember code and found the problem in the plugins/db/mysql/mysql.inc.php file which is where the log_access and log_remote_access functions are located. Both of these functions make use of the gethostbyaddr PHP function. While this is a handy function, it should never be used in time-sensitive code (such as code that is run as part of a website; such as exactly how aMember uses this function).

The reason is that this function provides no reasonable timeout control, so if the function takes forever to return something, your code has halted until it finishes. In this instance, the visitor had a remote IP that just could not be reversed. This caused the gethostbyaddr function to halt the aMember code for 20 seconds until it finally failed and returned the original IP address. While waiting for this function to return, the MySQL server naturally got tired of waiting and did other things, so when the code finally tried to keep running, everything quickly fell apart.

So ends the theory, time for a fix.

The lines of code that have the gethostbyaddr calls aren’t necessary by any means, so they can be commented out completely. The lines to be commented out are 1605, 1606, 1617, and 1618. Such as the following:

1605 and 1606:

//        if (preg_match('/proxy\.aol\.com$/', gethostbyaddr($REMOTE_ADDR)))
//            return;

1617 and 1618:

//        if (preg_match('/proxy\.aol\.com$/', gethostbyaddr($ip)))
//            return;

I would show more code to give better context, but since aMember has a proprietary license, I won’t.

Note that there are more instances of gethostbyaddr in aMember. The aMember devs are kind enough to put the other gethostbyaddr calls in the PaySbuy, NETbilling, ccbill, and WorldPay payment processing plugins. No worries, this problem can only be found in the payment processing code, what could possibly go wrong?

The specific files that have these calls are:

  • plugins/payment/paysbuy/ipn.php
  • plugins/payment/netbilling_cc/netbilling_cc.inc.php
  • plugins/payment/ccbill/ipn.php
  • plugins/payment/worldpay/ipn.php
Categories Tips 'n Tricks
Comments (0)

Fix “WordPress database error Table … is marked as crashed and should be repaired”

by Chris Jean
August 30th, 2010

All the content on my site was gone. When I went to investigate, I found my error log was filled with the following error:

WordPress database error Table ‘./database_name/prefix_posts’ is marked as crashed and should be repaired for query SELECT YEAR(post_date) AS `year`, MONTH(post_date) AS `month`, count(ID) as posts FROM prefix_posts  WHERE post_type = ‘post’ AND post_status = ‘publish’ GROUP BY YEAR(post_date), MONTH(post_date) ORDER BY post_date DESC  made by require, require_once, include, do_action, call_user_func_array, flexx_after_content, get_sidebar, locate_template, load_template, require_once, dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, WP_Widget_Archives->widget, wp_get_archives

A very scary looking error, but it was easy to fix.

My Preferred Repair Method

[user@server ~/public_html]$ mysql -u user -p

Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1120449
Server version: 5.1.48 MySQL Community Server (GPL)

Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL v2 license

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> connect database

Connection id:    1120477
Current database: database

mysql> select * from prefix_posts limit 1;

ERROR 2006 (HY000): MySQL server has gone away

No connection. Trying to reconnect...

Connection id:    1120568

Current database: database



ERROR 145 (HY000): Table './database/prefix_posts' is marked as crashed and should be repaired

mysql> repair table prefix_posts;

+-----------------------+--------+----------+----------+

| Table                 | Op     | Msg_type | Msg_text |

+-----------------------+--------+----------+----------+

| database.prefix_posts | repair | status   | OK       |

+-----------------------+--------+----------+----------+

1 row in set (3.56 sec)



mysql> select * from prefix_posts limit 1;

+----+-------------+---------------------+---------------------+--------------+------------+---------------+--------------+-------------+----------------+-------------+---------------+-----------+---------+--------+---------------------+---------------------+-----------------------+-------------+------------------------------------------------------------+------------+------------+----------------+---------------+

| ID | post_author | post_date           | post_date_gmt       | post_content | post_title | post_category | post_excerpt | post_status | comment_status | ping_status | post_password | post_name | to_ping | pinged | post_modified       | post_modified_gmt   | post_content_filtered | post_parent | guid                                                       | menu_order | post_type  | post_mime_type | comment_count |

+----+-------------+---------------------+---------------------+--------------+------------+---------------+--------------+-------------+----------------+-------------+---------------+-----------+---------+--------+---------------------+---------------------+-----------------------+-------------+------------------------------------------------------------+------------+------------+----------------+---------------+

| 12 |           8 | 2008-05-20 10:09:49 | 2008-05-20 15:09:49 |              | 308image1  |             0 |              | inherit     | open           | open        |               | 308image1 |         |        | 2008-05-20 10:09:49 | 2008-05-20 15:09:49 |                       |           0 | http://gaarai.com/wp-content/uploads/2008/05/308image1.gif |          0 | attachment | image/gif      |             0 |

+----+-------------+---------------------+---------------------+--------------+------------+---------------+--------------+-------------+----------------+-------------+---------------+-----------+---------+--------+---------------------+---------------------+-----------------------+-------------+------------------------------------------------------------+------------+------------+----------------+---------------+

1 row in set (0.00 sec)



mysql> exit

Bye

[user@server ~/public_html]$

For me, this was the easiest and quickest way to repair the table.

Repairing Tables with phpMyAdmin

For you, you might prefer to use phpMyAdmin. Fortunately, repairing a table with phpMyAdmin is easy.

  1. Log in to your phpMyAdmin or connect to it via your cPanel back-end.
  2. Select the database with the crashed table.
  3. Put a checkmark next to each crashed table.
  4. Select “Repair table” from the “With selected:” drop down at the bottom of the list.
  5. Let phpMyAdmin do its thing.
Categories Linux, Tips 'n Tricks, WordPress
Comments (2)

MySQL ERROR 1018: Unable to Follow Symlink in Ubuntu

by Chris Jean
May 21st, 2010

I recently had a issue getting MySQL to read a specific database. Each time I tried to manually query a table in the database, I received the following error message:

ERROR 1018 (HY000): Can't read dir of './default/' (errno: 13)

I’ve seen this message before as it means that there is a permissions issue. I checked the ownerships and permissions, and everything seemed to be in order.

The only thing special about this database is that I have it symlinked to another partition. This has always worked in the past, so I was stumped.

The problem turned out to be that Ubuntu has AppArmor. This software sets up rules that prevent software from gaining access to different areas of the file system. In my case, AppArmor was preventing read and write access to the actual location of my database files.

The solution was quite easy: First, I added the path that I wanted MySQL to have access to in the AppArmor configuration file for MySQL. Second, I restarted the apparmor service. Here’s the technical details:

  1. On my system, the configuration file that controls MySQL permissions through AppArmor are located at /etc/apparmor.d/usr.sbin.mysqld. The following shows the contents of the file as it now exists: 
    # vim:syntax=apparmor
# Last Modified: Tue Jun 19 17:37:30 2007
#include 

/usr/sbin/mysqld {
  #include
  #include
  #include
  #include
  #include 

  capability dac_override,
  capability sys_resource,
  capability setgid,
  capability setuid,

  network tcp,

  /etc/hosts.allow r,
  /etc/hosts.deny r,

  /etc/mysql/*.pem r,
  /etc/mysql/conf.d/ r,
  /etc/mysql/conf.d/* r,
  /etc/mysql/my.cnf r,
  /usr/sbin/mysqld mr,
  /usr/share/mysql/** r,
  /var/log/mysql.log rw,
  /var/log/mysql.err rw,
  /var/lib/mysql/ r,
  /var/lib/mysql/** rwk,
  /var/log/mysql/ r,
  /var/log/mysql/* rw,
  /var/run/mysqld/mysqld.pid w,
  /var/run/mysqld/mysqld.sock w,
  /home/sites/default/mysql/ rw,
  /home/sites/default/mysql/* rw,

  /sys/devices/system/cpu/ r,
}

    The two lines in bold show what I added to the configuation. The first line gives read and write access to the directory itself while the second gives read and write access to the files contained in the directory.

  2. After saving the configuration changes, I simply needed to restart the AppArmor daemon. I did this with the following command: 
    [chris@rommie ~]$ sudo service apparmor restart

 * Reloading AppArmor profiles
Skipping profile in /etc/apparmor.d/disable: usr.bin.firefox
Categories Development, Linux, Tips 'n Tricks
Comments (6)
Next Page »

I believe that the free flow of information and ideas is key to the past and future development of mankind. Unless the content declares otherwise, the post content on this site is declared public domain (CC0 1.0 Universal) and can be used in any manner with or without attribution or permission. Of course, if you wish to give attribution back to me, that would be very nice. :)

This site is running WordPress with the iThemes Builder theme by iThemes.