PostgreSQL 8.3 adding uuid-ossp on Debian

Posted on 2010 October 3 by jontas

UUID is a nice way to generate (almost) unique id’s.

However on PostgreSQL 8.3 the data type exists, but if you wish to be able to generate UUID’s you need to get a module (in this case uuid-ossp).

On Debian this module is in the contrib package, so if you have not installed this before do it now

user@server:~$ sudo apt-get install postgresql-contrib

Then you need to “load” the module into PostgreSQL; or more accurately you tell PostgreSQL about the new functions this module has, how to reach them etc.
Depending on you security settings (in pg_hba.conf) you may need to log in as the postgres user on your system.

postgres@sever:~$ psql -d MYDB -U postgres -f /usr/share/postgresql/8.3/contrib/uuid-ossp.sql

apt-get WARNING: The following packages cannot be authenticated!

Posted on 2010 June 8 by jontas

apt-get is verifying the packages before installing them.
If the keys are not up to date, then apt-get upgrade will issue a warning.

WARNING: The following packages cannot be authenticated!
  ure uno-libs3
Install these packages without verification [y/N]?

The way to solve this is rather simple, just run apt-get update and it should download the keys automatically.

apt-key handles keys, using apt-key list will show you the keys that are on the computer.

Limit the download speed of apt-get

Posted on 2010 May 27 by jontas

Sometimes it is nice to limit the download speed of apt-get.

The way I do this is to create a file “/etc/apt/apt.conf.d/76download” and enter the following to it

Acquire{Queue-mode "access";http{Dl-Limit "50";};};

This will limit apt-get to at most 50 kb/s for apt-get.
Some other how to’s suggest the use of dl-limit but be adviced, dl-limit is per each connection apt-get does (normally it does 2 at a time); the one used above caps apt-get in total.

What program is using port x?

Posted on 2010 February 18 by jontas

netstat can be used to figure out what program is using a port.

$ netstat -nlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1096/sshd
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1733/apache2
tcp6       0      0 :::22                   :::*                    LISTEN      1096/sshd
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING     6338     1071/gdm-simple-sla @/tmp/gdm-greeter-LvjLQPzT
unix  2      [ ACC ]     STREAM     LISTENING     5165     1072/X              /tmp/.X11-unix/X0

If you have a lot open then grep can be used to only find what you are looking for

netstat -nlp|grep :22
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1096/sshd
tcp6       0      0 :::22                   :::*                    LISTEN      1096/sshd

For windows, simply start with

netstat -n

apt-get update gives the error “E: Could not get lock /var/lib/apt/lists/lock – open (11: Resource temporarily unavailable)”

Posted on 2010 February 16 by jontas

If running apt-get (or aptitude) and you get the following error:

$ apt-get update
E: Could not get lock /var/lib/apt/lists/lock - open (11: Resource temporarily unavailable)
E: Unable to lock the list directory

Then (most likely) explenation is that one of the sources have gotten a timeout and that a (cron) sheduled update task have gotten locked.
A simple solution for this is to find the cron process is locked, and kill it.

$ ps -a |grep apt
Warning: bad ps syntax, perhaps a bogus '-'? See http://procps.sf.net/faq.html
 3737 ?        SN     0:00 /bin/sh /etc/cron.daily/apt
 3833 ?        SN     0:00 apt-get -qq -y update -o APT::Update::Auth-Failure::=cp /usr/share/apt/apt-auth-failure.note /var/lib/update-notifier/user.d/
 3835 ?        SN     0:00 /usr/lib/apt/methods/http
 3838 ?        SN     0:00 /usr/lib/apt/methods/http
 3842 ?        SN     0:00 /usr/lib/apt/methods/http
 3869 ?        SN     0:00 /usr/lib/apt/methods/http
 4223 pts/0    R+     0:00 grep apt
$ kill -9 3833

If this happens often, then perhaps you should try to debug the sources and remove (or exchange) the source that is causing the problems.

sudo without password

Posted on 2010 February 11 by jontas

Use visudo to edit /etc/sudoers

user host = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm

user, host and or the list of commands to be run can be swapped with the keyword ALL.
However that is probably not a good idea in most cases.

more info on this is in the manpages sudoers(5)

apt-get update The following packages have been kept back

Posted on 2010 February 9 by jontas

 apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages have been kept back:
  bind9-host dnsutils libbind9-50 libdns50 libisc50 libisccc50 libisccfg50 liblwres50 linux-generic linux-generic-pae linux-image-generic
  linux-image-generic-pae
0 upgraded, 0 newly installed, 0 to remove and 12 not upgraded.

The message has been kept back most often means that the upgrade was kept back due to dependencies that are not met.

Some possible solutions

A simple way is to invoke dselect to help out with the update. dselect performs the actions necessary to realize that state (for instance, the removal of old and the installation of new packages).
apt-get dselect-upgrade
apt-get dselect-upgrade
While apt-get and aptitude are basically the same, aptitude is sometimes better at handling dependencies than apt-get
aptitude upgrade
aptitude upgrade
Another solution is to install the package using apt-get install to install the upgraded package and let apt-get install the missing dependencies
apt-get install dnsutils
apt-get install dnsutils

debian: Reconfigure exim4

Posted on 2010 February 5 by jontas

To re-configure exim4 on a Debian system just run
“$ dpkg-reconfigure exim4-config”
This will start the configuration process and you will be guided trough the configuration process.

Quickly configure shorewall on Debian

Posted on 2010 February 5 by jontas

By definition shorewall is not a firewall, it is a way to (more) easily configure iptables to work as a firewall.

First install shorewall “$ apt-get intall shorewall”
Enter /etc/shorewall
Copy the example files from /usr/share/doc/shorewall-common/default-config/ (might also be located in /usr/share/doc/shorewall/default-config/) “$ cp /usr/share/doc/shorewall-common/default-config/* .”

Edit the files and enter the data that your system has

First create zones “$ nano zones”
#ZONE TYPE OPTIONS IN OPTIONS OUT OPTIONS fw firewall net ipv4 vpn ipv4
#ZONE TYPE OPTIONS IN OPTIONS OUT OPTIONS fw firewall net ipv4 vpn ipv4
Connect zones with interfaces”$ nano interfaces”
#ZONE INTERFACE BROADCAST OPTIONS net eth0 detect tcpflags,blacklist,dhcp vpn tun0 -
#ZONE INTERFACE BROADCAST OPTIONS net eth0 detect tcpflags,blacklist,dhcp vpn tun0 -

Create policies “$ nano policy”

 #SOURCE         DEST            POLICY          LOG LEVEL       LIMIT:BURST
fw              net             ACCEPT
vpn             net             ACCEPT
vpn             fw              ACCEPT
fw              vpn             ACCEPT
net             all             DROP            info
all             all             DROP            info

Create rules “$ nano rules”

 #ACTION SOURCE          DEST            PROTO   DEST    SOURCE          ORIGINAL        RATE            USER/
#                                               PORT(S) PORT(S)         DEST            LIMIT           GROUP
ACCEPT          net             fw             tcp     22 # ssh
ACCEPT          net             fw             tcp     80 # web

Verify that the rules are fine “$ shorewall check”
Edit /etc/default/shorewall and set startup to 1
# prevent startup with default configuration # set the following varible to 1 in order to allow Shorewall to start startup=1
# prevent startup with default configuration # set the following varible to 1 in order to allow Shorewall to start startup=1
Start the firewall “$ /etc/init.d/shorewall start”

If you later decide to update rules, zones etc run “$ /etc/init.d/shorewall restart” to load the changes.

Magento: Installing on a debian server

Posted on 2010 January 26 by jontas

To install magento on a fresh server use the following.

Install apache, mysql and PHP5 “$ apt-get install apache2 mysql-server php5 php5-mysql php-soap php5-mcrypt php5-curl php5-gd”
Edit the vhost config for the apache site [/etc/apache2/sites-enabled/000-default]
- Verify that “AllowOverride” is set to All for the magento directory
Make sure that mof_rewrite is loaded; use “$ a2enmod rewrite” and then reload apache2
Edit /etc/php5/apache2/php.ini
- “memory_limit” [the manual says] no less than 256Mb (preferably 512)
- “max_execution_time” [this is the max time that a script may be left running] SOAP requests take time, so make suer it is at a reasonable time
- “upload_max_filesize” Set this to a size that is reasonable depending on what you plan to upload (manuals might be large)
- “post_max_size” Set this to a size that is reasonable depending on what you plan to post (manuals might be large); also make sure that the value and the modifier is correct (so that it says 8M and not just 8 for instance)
- “display_errors” Set to Off
- “log_errors” Set to On
- “error_log” Set to a file that you will be able to find [if you wish to have it in a subdir; create that as root and give it permissions as apache log dir]
download magento (lastest version from magento
Upack it (I choose bzip2 format) “$ tar -jxvvf magento-downloader-1.3.2.1.tar.bz2” and make sure the files gets put in the directory you wish
Some directories have to be writable to the webserver (and all subdirectories, where there are)
- var
- var/.htaccess
- app/etc
- media
If you are using the downloader installation
- “$./pear mage-setup .”
- “$./pear install magento-core/Mage_All_Latest”
- “$rm -rf downloader/pearlib/cache/* downloader/pearlib/download/*”
Create database and database user [this is to do it manually via mysql console]
- “$mysql -uroot -p”
- “mysql> create database magento;”
- “mysql> use mysql;”
- “mysql> INSERT INTO user (Host,User,Password) VALUES (‘localhost’, ‘magento’, PASSWORD(‘password’));”
- “mysql> GRANT ALL ON magento.* TO ‘magento’;”
- “mysql> FLUSH PRIVILEGES;”
- “mysql> exit”
Go to the webserver and complete the installation
If you get stuck on the configuration page [that you get back to it even after adding correct information]:
- Check “AllowOverride” in the apache config.
- Check “post_max_size2 in the php.ini [also check so that the value is either absolute or has a modifier; 8 means 8 bytes while 8M means 8Mb]

Jontas

My digital notepad (notes etc)

Category Archives: debian