Archive for the linux Category

MySQL stoped accepting connections.

Thursday, August 7th, 2008 | Permalink

Strange things are going on.

Actually, today one of my most frequented servers, running lighttpd, stopped serving php files after working for months.
After searching for a while in the lighttpd logs and php logs we figured out, that lighttpd still serves plain html files. So the problem seemed to come from the fast-cgi php. After swichting to apache for about 30 minutes, apache stopped too.
So we figured out that there must be something with the db server, which is an external machine.
Connection local worked fine. Connecting via socket didn’t!
We looked at the processes with:

mysql>show processlist;

The result was a lot of these:

| 108160 | unauthenticated user | 10.0.0.1:3449 | NULL | Connect | NULL | login | NULL

So we figured out that there is a problem with the authentification. First we thougt it is a switch or some kind of hardware problem. Nothing.
After looking around, we found out that MySQL is using reverse lookup at socket connections.
We added the machines in /etc/hosts and everything works fine for now.

What happend?
We are not using our own DNS for lookups. So what I think is that there was actually an entry for 10.0.0.1 in the dns server we use. This dns server served some domain name. Definitly not for our server, but it was a dns record. Mysql just checks and says yes or no. Someone must have updated the dns server and deleted this record so our system stopped.
Strange thing!
I think there is no good reason why mysql should do a reverse lookup. Do you have one?

Hey Novell, SuSE SLES 10 sucks!

Tuesday, April 8th, 2008 | Permalink

Normally I’m a total Debian guy, but for one of my projects I needed a certified linux os to the bought hardware.
So I decided to look at the market and there are just two systems I can use.
Redhat & SuSE SLES10
As this makes no different for me, I decided to give SuSE another shot.
The last version I worked with, was 7.1 or something like that.
I thought SuSE / Novell decided to change their update service and configuration tool YAST.
But what a surprise. NOTHING CHANGED.
It’s the same crap then 5 years ago. Big shot guys!

The update service costs a lot of money per year. Money YOU pay for opensource software packages!!! In times where datatransfer costs only cents, this could not be the reason.
Then I tried to install some basic packages.
And guess what, there are only basic-basic packages in yast.

One example is subversion. subversion is MISSING.
They don’t have to subversion in SUSE SLES 10 as RPM Package.
There is this old big brother cvs, but no svn.
Hello, good morning at SUSE. Every normal software development company is using svn. This is more than a standard package.
But, hey there is something good. You can download the package from Novell. Guess how you can get it? With svn!

Howto set the correct server time

Wednesday, January 16th, 2008 | Permalink

In the last years, I often had the problem that the system time of a linux server was not correct.
There’s a simple way the sync your internal clock with some of these ultra-correct clocks over the internet.
Just use ntpdate.

#ntpdate SERVERADDRESS

Here is a list with public timservers.

How to fix “transfer aborted. disk quota exceeded” –

Friday, January 11th, 2008 | Permalink

If you try to upload something you get “transfer aborted. disk quota exceeded”.

If you bought a webhosting package somewhere, the answer is simple: “You don’t have anymore space left”.
If this happens before the quota is exceeded and you have a root access to that machine, simple use this:

quotacheck -v -c -F vfsold -m /

and restart the quota daemon

/etc/init.d/quota restart

Howto install djbdns with autoaxfr

Saturday, January 5th, 2008 | Permalink

If you like to setup autoaxfr with djbdns, maybe this howto will help you.

First of all, I assume that you have already installed ucspi-tcp and daemontools. If not, look at D.J. Bernsteins Webseite
http://cr.yp.to and install it.

After that, you will have to download autoaxfr and the djbdns Package.
What I’m doing is a basic installation. If you need IPv6 support, watch out, there will be a patch somewhere for djbdns.

Now, add the necessary users:

groupadd dns
useradd -g dns -s /bin/false dnscache
useradd -g dns -s /bin/false tinydns
useradd -g dns -s /bin/false dnslog
useradd -g dns -s /bin/false axfrdns
useradd -g dns -s /bin/false autoaxfr


dnscache

First of all, we install dnscache to 127.0.0.1

dnscache-conf dnscache dnslog /etc/dnscache 127.0.0.1
If you like to distribute dns service to other machines in your network, add a real ip address.
WARNING: You can only use dnscache or tinydns on ONE ip address.

If you need dnscache to resolv domain names for other machines in your network, add the network or every machine by doing this.
touch /etc/dnscache/root/ip/192.168.0

Now it’s time to activate your dnscache.
ln -s /etc/dnscache /service

tinydns

You will need tinydns if you like to play dns server for domains.
First of all, configure it:
tinydns-conf tinydns dnslog /etc/tinydns 212.89.98.32
Use the external ip address, the server should be reachable at.

Now it’s time to setup autoaxfr.
autoaxfr-conf autoaxfr dnslog /etc/autoaxfr

You will now have to edit the file /etc/tinydns/root/Makefile
Replace everything with this:
data.cdb: data
/usr/local/bin/tinydns-data

data: mydata axfrdata
cat $^ > $@

axfrdata: /service/autoaxfr/root/zones/*
sort -u $^ > $@

Don’t forget to add the file mydata & axfrdata:

touch /etc/tinydns/root/axfrdata
touch /etc/tinydns/root/mydata

After every change of data, a secondary dns or whatever, you’ll have to type make in /etc/tinydns/root/
Just automate this with a cronjob.

*/10 * * * * cd /etc/tinydns/root && make > /dev/null 2>&1

Let’s start tinydns and autoaxfr.

ln -s /etc/tinydns /service
ln -s /etc/autoaxfr /service

Goto /etc/autoaxfr/root/slaves.
Add every domain you would like to distribute as secondary dns by adding the domain name as filename and the ip address of the primary dns controller as content in the file.

Example:
vi test.com
123.123.123.133

DONE! That’s the basic.

If you like to play primary dns server you’ll have to install axfrdns.
axfrdns-conf axfrdns dnslog /etc/axfrdns /etc/tinydns 212.89.98.32
Use the same ip address as for tinydns.

Set the servers that are allowed to be secondary dns servers.
cd /etc/axfrdns
vi /etc/axfrdns/tcp


insert to following.

122.22.22.22:allow
:deny


You can restrict that to networks, domains and so on. For that, see the axfrdns manuel from djb.

After you have changed the file, type make.

Start axfrdns.

ln -s /etc/axfrdns /service

Comments, questions, whatever are welcome.

VSFTPD cap_set_proc ERROR easy solution

Wednesday, October 10th, 2007 | Permalink

Sometimes, mostly after updating vsftpd ignores to make good connections.
The logfile often looks like this:

[14:21:47] 220 Welcome to BLA FTP service.
[14:21:47] USER foo.com
[14:21:47] 331 Please specify the password.
[14:21:47] PASS
[14:21:47] 230 Login successful.
[14:21:47] SYST
[14:21:47] 500 OOPS: cap_set_proc
[14:21:47] FEAT
[14:21:47] 215 UNIX Type: L8

There’s a simple solution for that just type in: modprobe capability


Hope that’s help!

Kernel panic – /dev/console

Friday, July 13th, 2007 | Permalink

After a reboot of one of my systems I got the following error:

pivot_root: No such file or directory
/sbin/init: 426:cannot open /dev/console: No such file
Kernel panic - not syncing: Attempted to kill init!

After an upgrade of the kernel via apt-get on debian, the menu.lst entry in grub for the new kernel is pointed to /dev/hda1 by default. If the kernel is on a different partition this error will appear.