michaelanthoni.com

Well I’ve been using cfengine for a number of years now and thought I had paid my dues already when I initially took on its steep learning curve… Well today I had a little run in with cfengine that made me feel as frustrated as when I was a newbie to this software, but I guess it was a newbie mistake that Im sure I learned years ago that I just happened to forget over the years when adding a cluster of new hosts to the mix - reverse dns.
The issue came about when I was configuring a new group of servers. I was on the final one when I simply installed cfengine on the host, scp’ed over cfagent.conf, cfservd.conf, and update.conf from a host that I had just been successful with. But after running “cfagent -v” i ran into the familiar “Can’t stat /var/lib/cfengine… in copy” which struck me as odd because it had just worked on all the other hosts. After checking the usual suspects such as the grant: function in the cfservd.conf to make sure permissions were explicitly granted on the server side, the hostname and domain name configured on the client, typos, cfkeys, cfservd started ?, etc, nothing seemed to work and adding the debug options -d seemed to frustrate me even more. As a last resort I took a packet capture to see what was going on between the client-> server for both the system that was failing and one that was working. I didnt think it would help much but sure enough after crawling through the capture packet by packet I seen the issue in one of the packets data field that looked something like this…

CAUTH IP IP user - non-working host
CAUTH IP hostname user - working host

This is when the little cfl lightbulb went off in my head and I decided to have a look at reverse dns. Sure enough all the hosts had reverse dns configured but this last one.

Although other functions such as directories,files,editfiles seemed to authenticate and run fine without reverse dns it seemed the copy function was failing because authentication under cfservd and the grant directive is based on the domain *.domain.com and not the IP… sheesh… it seems the parameter SkipVerify can be applied globally here and workaround hosts not having reverse dns, however I decided not to use this option since we control the reverse dns and it really should of been configured, not sure why it was not…

as soon as I added the reverse dns for the host cfagent ran without a hitch…

So i came across this the other day while trying to configure ldirectord to load balance pop3 services.

Can’t locate Mail/POP3Client.pm

It seems there is a missing dependency that is specific to debian etch I believe. I was a little disappointed as I’ve had little other issues with LVS and ldirectord but the fix was easy enough and I was able to find bug #421415 in Debian’s bug tracking system so Im sure I was not the first or the last to run into this. If you run into this just run apt-get install libmail-pop3client-perl and you should be good to go.

Slackware has been a staple in the linux community since the beginning and its great to see another release as this distribution evolves thanks to the hard work by Patrick J. Volkerding. Slackware 12.1 was released yesterday and boasts a 2.6.24.5 kernel, and of course the simplicity, stability and security we’ve always expected and recieved from this distro.

The rsync folks just recently released rsync 3.0 last month with a bug-fix release and a security release earlier this month. Unfortunately, after upgrading one of my critical systems that feeds a cluster of about 10 machines, I ran into an ugly little bugger that prevented my cluster’d nodes from successfully pulling there data from the central rsync machine resulting in stale files on the clustered nodes. Heres the error I seen when running my rsync manually:

$ rsync -t 10.9.8.7::module/* /dest
rsync: link_stat “/*” (in module) failed: No such file or directory (2)
rsync error: some files could not be transferred (code 23) at main.c(1515) [receiver=3.0.2]

Instead of using the wildcard I tried one file specifically and that seemed to work just fine so I knew something was up with the wildcard thrown in there…After a little searching I confirmed my suspicions…

https://bugzilla.samba.org/show_bug.cgi?id=5388

Unfortunately this required a manual patch as the current version remains unpatched at the time of this writing and unavailable via package managers such as apt-get, portage, ports, yum, etc. Luckily this was easy enough as the patching and compilation was very smooth as I would expect…

#cd /usr/local/src/
#wget http://samba.org/ftp/rsync/src/rsync-3.0.2.tar.gz
#wget http://samba.org/ftp/rsync/src/rsync-patches-3.0.2.tar.gz
#tar -zxvf rsync-3.0.2.tar.gz
#tar -zxvf rsync-patches-3.0.2.tar.gz
#cd rsync-3.0.2
#patch util.c patches/util.c
#./configure
#make
#make install
#cp /usr/local/bin/rsync /usr/bin/rsync
#/etc/init.d/rsync restart

And once again my cluster’d nodes are happy again :).

The rsync folks just recently released rsync 3.0 last month with a bug-fix release and a security release earlier this month. Unfortunately, after upgrading one of my critical systems that feeds a cluster of about 10 machines, I ran into an ugly little bugger that prevented my cluster’d nodes from successfully pulling there data from the central rsync machine resulting in stale files on the clustered nodes. Heres the error I seen when running my rsync manually:

$ rsync -t 10.9.8.7::module/* /dest
rsync: link_stat “/*” (in module) failed: No such file or directory (2)
rsync error: some files could not be transferred (code 23) at main.c(1515) [receiver=3.0.2]

Instead of using the wildcard I tried one file specifically and that seemed to work just fine so I knew something was up with the wildcard thrown in there…After a little searching I confirmed my suspicions…

https://bugzilla.samba.org/show_bug.cgi?id=5388

Unfortunately this required a manual patch as the current version remains unpatched at the time of this writing and unavailable via package managers such as apt-get, portage, ports, yum, etc. Luckily this was easy enough as the patching and compilation was very smooth as I would expect…

#cd /usr/local/src/
#wget http://samba.org/ftp/rsync/src/rsync-3.0.2.tar.gz
#wget http://samba.org/ftp/rsync/src/rsync-patches-3.0.2.tar.gz
#tar -zxvf rsync-3.0.2.tar.gz
#tar -zxvf rsync-patches-3.0.2.tar.gz
#cd rsync-3.0.2
#patch util.c patches/util.c
#./configure
#make
#make install
#cp /usr/local/bin/rsync /usr/bin/rsync
#/etc/init.d/rsync restart

And once again my cluster’d nodes are happy again :).

After installing Apache 2.0.63 w/ OpenSSL 0.9.7 on a Windows Server (see previous posts), I ran into this little issue while trying to create a certificate request with the following command…

#openssl req -new -key mydomain.key -out mydomain.csr

Luckily I found bug #1187 quickly on the openssl request tracker site at

http://rt.openssl.org/Ticket/Display.html?id=1187&user=guest&pass=guest

If your looking for the quick fix use the -config switch and point it to the openssl.conf under
tha apache install dir.

#openssl req -config "D:\Apache Group\Apache2\conf\openssl.cnf" -new -key mydomain.key -x509 -days 365 -out mydomain.csr

thanks to msathesh@gmail.com

As I stated in my About page I am not a programmer by trade but I can and do code when the need arises. One of my favorite languages to code in is Perl as it provides a ton of functionality thanks to CPAN, is platform-indepandant, and at times very natural and easy going for most tasks I need to accomplish. The thing about Perl though is its Perl and it can be very intimidating at times. Luckily what I needed to do earlier today was not one of those times. Theres always something new to discover using Perl and I’m always glad when I find something new in Perl that is useful or any other language for that matter and today I came across a module that I had never used before so I’d figured I’d share even though it may be a household module for the hardcore perl monks out there.

So my problem was I needed to diff two files and determine if they were identical in order to apply logic based on the output of the diff. Now I do this all the time on the command line using the GNU diff utility but I needed its functionality within Perl. At first I was thinking I could execute a system or exec function but I figured there has to be a better way right? This is Perl after all surely this functionality is available. Well it wasn’t hard to find Text::Diff with a simple search and and after a few minutes of reading the documentation it is exactly what I needed. First things first though. I need to install the module first either via CPAN or my package manager.

Installing on OpenBSD via pkg manager was a snap as long as you have exported the PKG_PATH first.

#export PKG_PATH="ftp://ftp.openbsd.org/pub/OpenBSD/pub/4.2/packages/i386/"
#pkg_add -v p5-Text-Diff

If your on Debian it should be as simple as
#apt-get install libtext-diff-perl

…or from the CPAN shell

cpan>install Text::Diff

With that installed now I just needed the code in my script…

use Text::Diff

if($diff) {
#files are different
...
}
else{
# files are the same.
...
}

…and there it is. I will be sharing the script where I needed this functionality in the near future as part of a feature article I plan to write once my project is near completion. I hope someone may find this to be useful in the meantime.

Heres a quick little script for automating the creation of Dom-U’s and there corresponding configuration files. Nothing to fancy, but it helps for users who may be unfamiliar with the process or just need to fire up a new Dom-U quickly without going thru an installation process.

This script assumes that when you first build a Dom-U either by d’bootstrapping or windows installation or whatever it may be, you shut the Dom-U down and move the “template” to /home/xen/templates and that your running Dom-U’s are running from /home/xen/domains . Lastly make sure the template configuration file has the <> strings so sed can replace them with your intended variables. This can be extended as you see fit, if you need to change values for networking, kernel, etc… Happy cloning.

./clone.sh

#!/bin/bash

function syntax {
           echo "Syntax: ./clone.sh source_image destination_image memory(mb)"
           echo " where source_image is the name of the directory in this folder                                                              "
           echo "  destination_image is the name of your new DomU "
           echo "  and memory(mb) is the ammount of memory you want to provision                                                              ."
           echo ""
           echo "Example: ./clone.sh debian_etch_x86 v-debian-etch-x 512"
           echo "Example: ./clone.sh winxp_pro_x86 v-winxp-pro-x 512"
}

if [ $1 ]; then
        if [ $2 ]; then
                if [ $3 ]; then
                        echo "Cloning Template $1 to DomU $2 with $3 MB of memor                                                              y."

                        echo "Copyig Disk Images... This will take a few minutes                                                              ..."
                        cp -R /home/xen/templates/$1 /home/xen/domains/$2

                        echo "Creating Configuration file."
                        sed 's/<domU>/'"$2"'/' /home/xen/templates/$1/$1.cfg > /                                                              home/xen/domains/$2/$2.cfg.tmp
                        sed 's/<domU-mem>/'"$3"'/' /home/xen/domains/$2/$2.cfg.t                                                              mp > /home/xen/domains/$2/$2.cfg
                        echo "Cleaning up temporary files..."
                        rm /home/xen/domains/$2/$2.cfg.tmp
                        rm /home/xen/domains/$2/$1.cfg
                        echo "All Done."
                else
                        syntax
                fi
        else
                syntax
        fi
else
        syntax
fi

./template.cfg

kernel = ‘/boot/vmlinuz-2.6.18-5-xen-vserver-amd64′
ramdisk = ‘/boot/initrd.img-2.6.18-5-xen-vserver-amd64′
memory = ‘<domU-mem>’
root = ‘/dev/sda1 ro’
disk = [ ‘file:/home/xen/domains/<domU>/disk.img,sda1,w’,
‘file:/home/xen/domains/<domU>/swap.img,sda2,w’ ]
name = ‘<domU>’
dhcp = ‘dhcp’
vif = [ ” ]
on_poweroff = ‘destroy’
on_reboot = ‘restart’
on_crash = ‘restart’