Monday 17 November 2008

Firefox 3 sesson restore

Not sure why but firefox seemed to lose it's session restore feature for me. Maybe something to do with having tab mix plus installed prior to the 2 -> 3 upgrade.

Anyhow here is how to restore session saving.

Enter about:config in the address bar and say yes to the behave yourself warning!

Search down for "browser.sessionstore.resume_session_once" and change the setting to true.

and restart ...

That's it.

Wednesday 4 June 2008

Monday 2 June 2008

WEBSITES DOWN DUE TO FIRE AT SERVER HOST

Unfortunately there has been an fire at the main data center where our servers are hosted and hence the websites and email are down.

The server company are expecting to starting bringing servers back online this evening, but it may be tomorrow morning before the network is fully restored.

Thank you for your patience.

Sunday 17 February 2008

A Script to do the plesk directory permisson setup

I have previously posted about changes to the plesk httpdocs directory to get it to work well with Joomla. This is a little bash script I knocked up to do the job. Just pass the username as param 1


#!/bin/bash

# First check that this is a valid username
grep "^${1}:" /etc/passwd > /dev/null 2>&1
if [ "$?" -ne "0" ]; then
echo "Sorry, cannot find user ${1} in /etc/passwd or you didn't supply a username"
echo "Usage: ${0} "

exit 1
fi

userdir=`grep "^${1}:" /etc/passwd | cut -d: -f6`

if [ -d ${userdir} ] ; then
echo "Changing to directory ${userdir}"
cd ${userdir} && chown -R ${1}:psacln httpdocs && chmod -R g+w httpdocs && find httpdocs -type d -exec chmod g+s {} \; && /etc/init.d/httpd reload
fi

Saturday 16 February 2008

Monitoring all apache virtual hosts on plesk with logwatch

The standard Plesk install has logwatch setup to just monitor the default httpd log, i.e /var/www/httpd/*

This is miss most things as the log file output of all the virtual hosts are not parsed. So I made a little bash script to create a load of new logwatch conf files to parse all my virtual host logfiles too. You will need to run this script each time a new domain is created. A know there is a Plesk way to run custom scripts on events, but I'll leave that for another day.


#!/bin/bash

##
## Script to create conf files and script links on a Plesk
## server that monitor all the apache log files
##
## Visit blog.surgeons.org.uk for updates

## Location of the virtual hosts directories
vhost_root=/var/www/vhosts/

## Various logwatch directories
dir_services="/etc/logwatch/conf/services"
dir_logfiles="/etc/logwatch/conf/logfiles"
dir_scripts="/etc/logwatch/scripts/services"
http_script="/usr/share/logwatch/scripts/services/http"

## Now iter over each directory
for domain in $( ls -Ichroot -Idefault $vhost_root ); do
if [ -d "${vhost_root}${domain}" ]
then
echo "Making services logwatch enteries for ${domain}"
domain_us=`echo $domain | tr . _`
(
cat <<-END_OF_SERVICES_CONF

###########################################################################
# Configuration file for $domain http filter
# See blog.surgeons.org.uk for updates ###########################################################################
Title = "httpd - $domain"

# Which logfile group...
LogFile = http_$domain_us
END_OF_SERVICES_CONF ) > ${dir_services}/http_${domain_us}.conf


echo "Making logfiles logwatch entries for ${domain}"
(
cat <<-END_OF_LOGFILES_CONF
########################################################
# Define log file group for http_$domain_us
# See blog.surgeons.org.uk for updates
#######################################################
LogFile = /var/www/vhosts/$domain/statistics/logs/access_log
LogFile = /var/www/vhosts/$domain/statistics/logs/access_log.processed
LogFile = /var/www/vhosts/$domain/statistics/logs/access_ssl_log
LogFile = /var/www/vhosts/$domain/statistics/logs/access_ssl_log.processed

# If the archives are searched, here is one or more line
# (optionally containing wildcards) that tell where they are...
# If you use a "-" in naming add that as well -mgt

Archive = /var/www/vhosts/$domain/statistics/logs/access_log.processed.?.gz
Archive = /var/www/vhosts/$domain/statistics/logs/access_ssl__log.processed.?.gz

# Expand the repeats (actually just removes them now)
*ExpandRepeats

# Keep only the lines in the proper date range...
*ApplyhttpDate
END_OF_LOGFILES_CONF ) > ${dir_logfiles}/http_${domain_us}.conf


## Make the script links
echo "Creating script link for ${domain}"
ln -s ${http_script} ${dir_scripts}/http_${domain_us}

fi

done

Friday 15 February 2008

Wednesday 13 February 2008

Disabling mod_security 2 for individual directories

I ran into some trouble with mod_security falsely blocking my joomla administrator pages.

The old method of disabling mod_security by placing a SecFilterEngine Off SecFilterScanPOST Off in a .htaccess doesn't work anymore. This doesn't seem to be clear in the docs and I only found this info in a mod-sec mailing post.

So the rules now need to go directly into the apache conf files.

I have most sites hosted on a plesk server. In plesk you can add to the virtual host config inside a vhost.conf file found in "/var/www/vhosts/<domain.com>/conf/vhost.conf".
Create or edit this file and enter:

<location "/" >
SecRuleEngine Off
</location>


Apply the vhost changes if a new vhost file with:
/usr/local/psa/admin/bin/websrvmng -v -a

And reload the httpd server with:
service httpd restart

Better still disable specific rules with
SecRuleRemoveById _rule_id_

Instead of the sledgehammer SecRuleEngine Off

Tuesday 12 February 2008

Joomla installation on Plesk server, getting permissions right

Installing Joomla on a Plesk server has it's problems with permissions. I think this gives a nice solution. The original inspiration comes from the rackerhacker article.



The steps are:



  1. Add the ‘apache’ user to the ‘psacln’ group by editing /etc/group

    i.e. psacln:x:_hidden(dont actually change this field!)_:apache


  2. Change the current directory permissions with:

    cd /home/httpd/vhosts/[domain.com]
    chown -R [username]:psacln httpdocs
    chmod -R g+w httpdocs
    find httpdocs -type d -exec chmod g+s {} \;

    This set the setuid bit on each of the directories


  3. Reload the apache settings with /etc/init.d/httpd reload


  4. If you are using proftp to upload files or the new joomla 1.5 ftp layer then change the umask for proftpd by editing ‘/etc/proftpd.conf’ to read Umask 002


  5. Otherwise change the umask that php uses. The easiest, but I guess least elegant way is to add the line <?php umask (0002); ?> to the top of the administrator template index.php file. In Joomla 1.5 this is "administrator/templates/khepri/index.php"

Monday 4 February 2008

Three cheers for vodafone, 3G on linux


I have to say three cheers to vodafone. I have previously posted about not being able to use my 3G USB modem with Ubuntu. Well vodafone do offer a GUI that works under linux for connecting using their 3G USB modem.

The file can be downloaded from vodafone's open source development site
Choose the .deb package for Ubuntu and it works like a dream!! The USB modem is automatically detected and all that is needed is the connection settings for the UK. So enter username=web, password=web and apn=internet

Well done to vodafone.

Thursday 24 January 2008

Starting VM tools automatically and hiding to systray

This is nothing to do with surgery, but rather acting as an aide memoir for me:

After installing vmware tools in a linux guest it is nice for the tool box to start automatically. The way to do this is to add vmware-toolbox to the start-up application list usually found under Program->Settings->Sessions.

The command line is:
/usr/bin/vmware-toolbox --iconify
or /usr/bin/vmware-toolbox --minimize

Note that the usage string for vmware-toolbox lists --inconify as the option which is spelt wrong and doesn't work.

Better still the application can be minimized to the system tray using a little app called alltray. Alltray is in the universe repo for gutsy ubuntu and is installed with 'sudo apt-get install alltray' or go to http://alltray.sourceforge.net/

Then modify the above to:
alltray /usr/bin/vmware-toolbox --iconify
to get vmware-toolbox auto started and minimised to the systray.

Tuesday 8 January 2008

Ubuntu disappointment

Maybe the title is a bit strong, but the day count to requiring a windows boot is only 3. I use my laptop extensively away from home and so have one of those USB 3G modem things. I happen to be with vodafone but of course none of the mobile companies support linux for their 3G cards.

There are a number of pages suggesting ways to get the modem to work using pppd as basically the USB modem is recognised as a serial modem once plugged in. But none of them seemed to work for me and it messed up my normal networking. So it's back to windows when out and about ...

Saturday 5 January 2008

My Ubuntu Experiment

Over the years I have attempted to move from a windows based system to a linux based. I have always used linux based servers, which gave fantastic reliability and one had an uptime of over 400 days. You try keeping a windows system up for that length of time without a reboot! But, and here is the big but, linux desktops have never been as easy to use or as reliable. I think that is until now.

Ubuntu claims to bring linux to the masses. I am not shy of compiling my own kernel / drivers or apps, but on my desktop system I would like things to just work. So when I buy a new printer and plug it in I don't need to spend hours searching for a driver and then spend hours installing it. I have tried Ubuntu in the past but the latest version has an impressive hardware compatibility list. So here goes ...

I am trying Ubuntu out on my sony vaio VGN-SZ1HP laptop. It has a 80GB drive and I have upgraded to 1.5Gb RAM. I am using a 7Gb partition to install Ubuntu on to. Yeap you read that right. On my XP drive the c:\Windows folder alone takes up 9.2Gb. The install is pretty straight forward and most of my hardware is recognised straight out of the box. This includes my wireless card which manged to find my home network without trouble. Ubuntu >7.04 includes the ipw3945 wireless card driver and so auto configures for this card. Hotkeys such as brightness / volume and mute work.

The webcam requires an additional driver which at present I can't find.

It comes with openoffice installed as standard. Which is a free to use office suite from Sun Microsystems. This allows me to open all my old word / excel and powerpoint files. And having installed the NTFS drivers I can access my windows data drive partition from Ubuntu. So no problems there.

Printer was the next thing. I have a HPC6180 All-in-one. CUPS comes with the "HP PhotoSmart C6100 Foomatic/hpijs (recommended)" printer driver which works just fine with this printer. Tried printing from OpenOffice Writer and printing a full colour photo from GIMP - no problems.

Scanner from the printer required installation of Xsane and this scans just fine too.

So far so good...

At this point I thought I would play a DVD in the background whilst doing mundane tasks like securing the install and tweaking the firewall. I suppose all the good stuff had to end somewhere. Unfortunately, DVDs are scrambled and in theory only authorised persons can descramble them. This means Ubuntu can not include the drivers to decode commercial DVDs. A quick google search suggests that it is not necessarily an easy fix, so I'll leave that one for the mo.

At present I can't get hibernate to work either, so you'll hear about those when I have them figured out.

I am starting a count of the days until I have to boot up the windows partition again and I'll keep you posted ...