…this and that.
I updated Postie for the first time in many years, and it seems my fix for ImageMagick is now obsolete, but another fix may be necessary.
It may be that Postie just doesn’t like the FreeBSD environment. The ImageMagick fix was mostly to point Postie’s hard-coded targets to BSD standard locations. This time through I haven’t found the right code yet as postie-functions.php has been completely rewritten.
26c3 was a blast, as was Berlin. It’s a good conference in the olde school hacker style: mostly younger people, mostly wearing black. There weren’t a lot of women, but Carolyn, Isabella, and Meredith tried to even out the ratio a bit.
Some of the best lectures included one by some German engineers working on the lunar x-prize. They had their prototype rover with them and gave a great talk about the various challenges.
Another great one was Dan Kaminski’s talk on PKI. I don’t agree with the premise that SSL should be a reliable method for identifying the owners of websites as people just can’t tell the difference between bankofamerica.com and bancomerica.com and so it doesn’t make anyone safer if the bankofamerica site is super green if bancomerica.com is also super green, and so the complexities of getting an accepted certificate simply reduce the use of secure connections and the overall security of the internet. But he had some pretty great attacks on the security of SSL that causes problems no matter what.
We enjoyed fuzzing the phone as well. It was a very entertaining talk on attacking phones with crafted SMSes. The method of creating the attacks was very clever – rooting the phone, redirecting the radio to a wifi link to a CPU so they could try zillions of SMS and see what would happen. In the process they discovered they could remotely root the communications manager (which runs as root). And %n to specific windows phones and they’ll crash and fail to reboot until the SMS is cleared out of the inbox.
Berlin is a great city and it was fun working in the shadow of the TV tower.
We made reservations for lunch but we could tell it wasn’t going to be a great day. In the end it was a very intimate lunch with pretty clouds pressing against the glass.
The fog lifted but was replaced by snow, which is a lot of fun in a city when you don’t have to drive.
Map It
I just installed AWstats on a freebsd system from ports, version 6.95 and ran into some issues with the installer.
First, awstats_configure.pl has a mistake that leads to:
Error: Failed to open ‘(your awstats.model.conf’) for read.
This is because $AWSTATS_PATH is prepended to “/wwwroot/” instead of “/” throughout the script. Search and replace config.pl to fix or try this one awstats_configure.pl (no warranties).
Second, there’s an error in the httpd.conf configuration that fails to provide sufficient permissions. Add
Options FollowSymLinks
inside the <directory> directive to get the pages to load right.
Third, the icons dont display (or display as broken images) due to a small typo in the icons directory specification. At line 222 in the yoursite.conf file that awstats_configure.pl generates, use
DirIcons=”/awstatsicons”
and make sure the httpd.conf directive reads
Alias /awstatsicons “/usr/local/www/awstats/icons/”
(not …/icon/”) . I use setup an awstats.conf file in /apache22/Includes (see below) and take the directives out of httpd.conf myself.
#
# Directives to allow use of AWStats as a CGI
#
Alias /awstatsclasses “/usr/local/www/awstats/classes/”
Alias /awstatscss “/usr/local/www/awstats/css/”
Alias /awstatsicons “/usr/local/www/awstats/icons/”
ScriptAlias /awstats “/usr/local/www/awstats/cgi-bin/”
#
# This is to permit URL access to scripts/files in AWStats directory.
#
<Directory “/usr/local/www/awstats/”>
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
I just installed Ecoli Hub’s TableEdit into MediaWiki.
It went moderately smoothly, except the update_schema.php script failed to prefix the tables, which meant that MediaWiki couldn’t find them. It took me a little poking around to figure out what was happening, but I got an error that brtext_TableEdit_box couldn’t be found. Now an unfortunate prefix choice in that it looked to me a bit like br text… as opposed to brtExt, but once I figured that out I was on the way to a little editing with phpMyAdmin and everything worked.
TableEdit is a step in the right direction for interactive table editing, what I’d consider the biggest weakness of wiki’s at this point. It seems most of the information I’d put in a wiki would be more efficiently formatted as tables, and as a result I have lots of non-interactive spreadsheets; something that gets confusing on frequently updated, collaboratively edited text. WebDAV might be a solution for that, and maybe OpenOffice will get “open via sFTP” as an option soon, but until then EcoliHub’s solution is a step forward, though what I still really want is a viably speedy version of Dan Bricklin’s wikicalc.
There are a number of ways to end up with a lot of duplicate messages in an IMAP folder, and while IMAP tends to handle very large stores gracefully, it is possible to hose things. On my 32 bit server and with Mulberry as a client things get weird after about 15,000 messages in a single folder.
Google does some odd things and at one point a periodic check of my gMail account resulted in about 70,000 messages in a single folder, which definitely caused some chaos.
I thought that was pretty impressive, but my girlfriend just managed to get 144,000 messages in a single folder. Woo Hoo!!! High Score.
Anyway, things like the dedup plugins for Thunderbird can just make things worse at that point as they seem to fail gracelessly on very large message counts.
I found that Rick Sander’s perl scripts are the best way out of this difficult situation. delIMAPdups.pl solves the problem without running out of memory or munging files. I haven’t had any lost data and just tested by clearing about 1400 dups out of a directory of 15,000 messages (my 2009 store to date).
/.delIMAPdups.pl -S example.com:993/user/pass -m INBOX.2009 -p
-m is the mailbox to expunge
-p is purge
-S means use SSL
I got an error doing Buildworld in s_fma.c which caused an error code 1 stop on an AMD64 build on a quad EM64T Xeon Cranford-based IBM x366.
The compile flags I used were: CFLAGS= -O2 -fno-strict-aliasing -pipe -funroll-loops -ffast-math
/usr/src/lib/msun/src/s_fma.c:187: error: unrecognizable insn:
(insn 439 438 440 54 (parallel [
(set (reg:SI 168)
(fix:SI (reg:XF 171)))
(clobber (reg:CC 17 flags))
]) -1 (nil)
(nil))
Change the flags to: CFLAGS= -O2 -fno-strict-aliasing -pipe -funroll-loops -Wall
Build world runs to completion. -O2 sets most of the go-fast options anyway and AMD64 builds turn on more by default. The x366 runs nice and fast.
Today I’m updating an IBM 366-8863 to be a new home server because not having a quad 64 bit Xeon box with 24G of RAM and 6 x 72G SAS RAID 10 in your house would be like watching tv on a black and white CRT or something… and it was $350 on eBay so who could resist? It will replace the old 5500 M20 and save 3U in the rack and probably a lot of power for a decent NAS box.
Unlike the 335, the 366 does not have a floppy drive. There’s actually room in the cas right behind the IBM logo, next to the lightpath diagnostics and above the optical drive… maybe I should get out my dremel and start looking for a 266Mhz 64bit PCI-X floppy controller.
The 366 is supported by the IBM Bootable Media Creator, which is a new thing for me. This tool gathers all of the most recent firmware updates for the servers you specify (or all supported ones) and creates a single bootable disk (the 335 is not supported). The tool found 23 updates for the 8863, though the versions are not all the same as you get doing the one-by-one download (there’s an option to select manually, but the integrated one-click approach is much easier).
All you do is download the creator tool for the OS of your choice, execute it, specify the systems you want to support, let it gather the updates and build the disk and it will even burn the disk for you. Once the update disk is burned, you simply boot with it into a GUI (which supports normal mouse keyboard) and a few restarts later you have a fully patched machine.
The only thing left is to use the latest ServeRAID disk to update your ServeRAID configuration.
Nice job IBM! This sort of thing is why I like IBM machines. Plus they’re black. And they have the built in KVM/console controller over IP (remote supervisor II).
I’m bringing up an old IBM 335 for use as a pfSense Firewall. It is a fine computer, with almost everything you’d want except dual power supplies (the 336 has those plus 64 bit hardware).
The first step is updating the machine:
UPDATE 8830This gets the core hardware up to date. You might also want to flash the firmware in the disks, though I did not as my box is loaded with unsupported disks. Plus 36GB SCSI disks aren’t exactly going through a lot of teething pains these days.
Then I installed pfSense from the LiveCD (verify the hash). This is pretty effortless. The only important bit of data is to set up the NICs: in the 335 under FreeBSD bge0 is the lower port and bge1 is the upper port.
At a later date I will install a 73P9265 Remote Supervisor II adapater, but the cable I have (73P9312) is for newer boxes. The 335 needs the 02R1661: oddly it is cheaper to buy the cable with a card than just the cable. This will probably need flashing of the firmware, but is a nice tool with remote KVM and a lot of other slick features.
I recently ran some updates on my FreeBSD server and ran into a problem that resulted in the following error in /var/log/maillog
warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
The update process tends to kill saslauthd which will generally restart itself properly on reboot, but if you’re in the middle of a long rebuild and need to restore mail service quickly some or all of the following may help:
/etc/rc.d/inetd restart
/usr/local/libexec/courier-imap/imapd-ssl.rc stop
/usr/local/libexec/courier-imap/imapd-ssl.rc start
/usr/local/etc/rc.d/saslauthd stop
/usr/local/etc/rc.d/saslauthd start
I noticed that postie was doing a terrible job at resizing images.
It turns out that the default GD library isn’t super good at resizing – it does a simple subsample and the result is quite jaggy (see the GD version of this image in this post)
I think the version above looks a lot better. It should have been as easy as just turning on the “use ImageMagick” function in the postie config, but it wasn’t that simple. Two files were not where they were expected to be. The easy one is “convert” which postie expects to find at /usr/bin/convert, but under BSD is actually at /usr/local/bin/convert. This isn’t a big deal as there’s a config option to point postie in the right direction. A bit harder is ImageMagick identify which postie expects to find at /usr/bin/identify, but for which there is no config entry.
The fix for BSD is to edit around line 1768 of postie-functions.php and change /usr/bin/identify to /usr/local/bin/identify before the first run or by resetting postie to defaults. If you’ve already installed postie and don’t want to reset the defaults you may need to edit the postie config database (I did) using, for example, PHPMyAdmin and set the value of IMAGEMAGICK_IDENTIFY to /usr/local/bin/identify.
And thus one gets nice, pretty postie thumbnails.
Powered by WordPress
