NRPE errors regarding SSL handshake

Error:

CHECK_NRPE: Error - Could not complete SSL handshake.

If you are trying to work with Nagios and setup NRPE, when performing check_nrpe -H hostname you might get the above error. Usually it happens when you have added another IP to the list of allowed hosts and you have added a SPACE after the coma. Just remove the space after the coma so your /etc/nagios/nrpe.cfg contains a line like this:

allowed_hosts=127.0.0.1,XXX.XXX.XXX.XXX

Freelancer acquires vWorker

Today I’ve received an email from Freelancer.com letting me know that they have acquired vWorker.com (RentACoder for older freelancers). I was quite shocked by this news as I never expected that a big site like vWorker will be bought. But life goes on and nothing stays the same forever. I have to say that so far I really enjoy Freelancer’s interface a lot more than vWorker. It’s clean, it’s modern and it’s logical. Even after the face lift vWorker did some time ago the site looked dated and wasn’t very intuitive.

I am still waiting for Freelancer to import my project ratings, I hope they will do it soon. Without rating is really really hard to get a job on a freelancing site. But while I wait for them I’ve already made a bid to check the process. So far I like what I see, it seems very clean and intuitive. I’ve also checked the taxes (10% for free account and 3% for premium) which are not that bad.

One thing that drives me nuts is the “Skills” section. Although I have checked many skills it only displays 5 for my Freelancer profile, while for my Employer profile it displays a lot more. I don’t get it. I’ll probably contact their support, maybe they can enlighten me.

The Portfolio section is beautiful, I cannot even compare to what vWorker had. It’s exactly what you need to display your work.

I’ll update the article as I discover more things (hopefully pleasant) on Freelancer. Meanwhile if you need my services you can click on the button bellow and give me a job on Freelancer.com

LE: One day later and I have all my ratings and projects imported. Good work Freelancer!
PHP Developer

Recover MySQL InnoDB database from ibdata1 and frm

In this post I will deal with recovery from a corrupted InnoDB database. Remember that sometimes data cannot be recovered. That’s it. Deal with it and move on. As a matter this article is based on my findings when trying to recover several databases after a crash. In the end I couldn’t recover them, but I thought maybe my article will give you some ideas to try. Maybe it will work for you 🙂

If you already tried innodb_force_recovery with no success, prepare for the worst. I am assuming that your MySQL server is not started because of this.

First of all make a backup copy of you ibdata1 file, you will use this to work on it.

cd /var/lib/mysql
dd if=ibdata1 of=ibdata1.recovery conv=noerror

Most of the following things are documented very well here http://www.percona.com/docs/wiki/innodb-data-recovery-tool:mysql-data-recovery:start but I think there are some issues with their approach. First of all they demonstrate how to recover a single table. That’s perfectly fine, but I had several databases crashed with a dozen of tables each, so I couldn’t afford the luxury to recover each table.

Now download the database recovery tools from percona, in your home directory:

wget https://launchpad.net/percona-data-recovery-tool-for-innodb/trunk/release-0.5/+download/percona-data-recovery-tool-for-innodb-0.5.tar.gz
tar zxvf percona-data-recovery-tool-for-innodb-0.5.tar.gz

Next make MySQL server start

cd /var/lib/mysql
mv ibdata1 ibdata1.bak
mv ib_logfile0 ib_logfile0.bak
mv ib_logfile1 ib_logfile1.bak
service mysqld start

The tricky part comes now. Create recovery database and within it create the table structure (this can be done from an old backup, or maybe you can use the frm files from the database you try to recover). Make sure that the tables are using InnoDB as engine.

The following script is modified a bit after the script provided as example here http://www.percona.com/docs/wiki/innodb-data-recovery-tool:mysql-data-recovery:advanced_techniques. Put it in the same directory where you extracted the percona recovery tools.

#!/bin/sh

db=$1

tables=`mysql -ss -u root -p -e "SHOW TABLES" $db`
for i in $tables
do
        #Check how many rows has a table
        rows=`mysql -u root -p -e "SELECT COUNT(*) FROM $i" -s $db`
                # Prepare environment
                echo "Restoring table $i"
                table=$i
                perl create_defs.pl --host=localhost --user=root --password=YOUR_PASSWORD --db=$1 --table=$table > include/table_defs.h.$table
                cd include && rm -f table_defs.h && ln -s table_defs.h.$table table_defs.h
                cd ..
                make clean all
                # Restoring rows
                found=0
                while [ $found -lt 1 ]
                do
                        echo ""
                        ./constraints_parser -5 -f /var/lib/mysql/ibdata1.recovery >> out.$i
                        found=1
                done
done

Now execute the script like:

sh recover-tables.sh recovery_database_you_created

If you are lucky you will get some output in out.TABLE_NAME. Clean the file and load the data into database.

I know the script looks like POS. Sorry for that. You can take a look at percona’s script and modify it to your needs. Please feel free to correct me if I am wrong in this post (probably I am 🙂 ).

Amazon RDS SUPER privileges

#1419 – You do not have the SUPER privilege and binary logging is enabled (you *might* want to use the less safe log_bin_trust_function_creators variable

This error occurs sometimes on RDS instances when you try to use procedures. You will soon find out that grant super privilege for a user won’t work. So the only way to make things work is to set log_bin_trust_function_creators to 1.

RDS console available at https://console.aws.amazon.com/rds/ allows you to create a new group and modify its parameters. Log in to RDS console, go to “DB Parameters Groups” and click the “Create DB Parameter Group”. Set the following

  • DB Parameter Group Family: mysql5.1
  • DB Parameter Group Name: mygroup
  • Description: mygroup

Confirm by clicking “Yes, create” button.

Here comes the ugly part, since you cannot edit from the console the parameters (for the moment, I hope they are going to change that). You will need to log to your instance using SSH and download RDS cli from here: http://aws.amazon.com/developertools/2928?_encoding=UTF8&jiveRedirect=1

To do so right click on “Download” button and copy link location. In the SSH window use wget to download and unzip it:

wget "http://s3.amazonaws.com/rds-downloads/RDSCli.zip"
unzip RDSCli.zip

If you don’t have unzip you can quickly get it using “apt-get install unzip”(for ubuntu) or “yum install unzip”(for centos). Of course you will need root privileges.

After successfully unpacking the RDSCli cd to that directory and set a few variables. Following is an example on Ubuntu 10.04:

cd RDSCli-1.4.006
export AWS_RDS_HOME="/home/ubuntu/RDSCli-1.4.006"
export JAVA_HOME="/usr/lib/jvm/java-6-sun"
cd bin
./rds --help

If rds –help outputs no errors then you have set it correctly. Congrats. One more command:

./rds-modify-db-parameter-group mygroup --parameters="name=log_bin_trust_function_creators, value=on, method=immediate" --I="YOUR_AWS_ACCESS_KEY_ID" --S="YOUR_AWS_SECRET_ACCESS_KEY"

The AWS keys can be obtain from your AWS account Security Credentials->Access Credentials->Access Keys.

Go to AWS RDS console, “DB Instances”, select your instance and right click “Modify”. Set “DB Parameter group” to “mygroup” and check “Apply Immediately”. Confirm with “Yes, modify”.

You are done 🙂

Postfixadmin errors executing /usr/local/bin/postfixadmin-*

If you have followed the tutorials on howtoforge to install Postfixadmin and Postfix + CourierIMAP + Maildrop on a CentOS server for virtual domains you may have stumbled upon this problem when trying to add a new mailbox for a virtual domain:

[DATE] [error] [client XX.XX.XX.XX] Running sudo -u vmail /usr/local/bin/postfixadmin-mailbox-postcreation.sh 'user@domain.tld' 'domain.tld' 'domain.tld/user/' '0' yielded return value=1, first line of output=, referer: http://server/postfixadmin/create-mailbox.php?domain=domain.tld

Above this error message you may or you may have not noticed(like I did) this error message:

sudo: sorry, you must have a tty to run sudo

The solution is simple, just run visudo and comment the line containing:

Defaults    requiretty

Hope it will help someone!

ISPConfig3: Updating to myDNS-ng

If you have followed the tutorials “the perfect setup” for installing ISPConfig 3 chances are that you have an older myDNS version (1.1.0 or so). Since I had a few problems with that version I decided to update to myDNS-ng, the latest version.

In this article I will refer to rpmbuilder user, a user I create to compile and/or make RPMs. For more information on how to set it up check this link.

Also the instructions are for CentOs 5.4(but will probably work for any other 5.x version).

su - rpmbuilder
cd /tmp
wget http://downloads.sourceforge.net/project/mydns-ng/mydns/1.2.8.27/mydns-1.2.8.27.tar.gz?use_mirror=garr
tar zxvf mydns-1.2.8.27.tar.gz
cd mydns-1.2.8
./configure
make

Everything should be ok untill now. I had no problems to compile it. Then I decided to use checkinstall.

sudo yum install checkinstall
checkinstall

It will ask you a few questions, answer them and you should have a rpm package in /usr/src/redhat/RPMS. It will tell you anyway where he created the rpm.
After that I removed the old mydns packages and installed the new one as root:

service mydns stop
yum remove mydns mydns-mysql
yum install /usr/src/redhat/RPMS/i386/mydns-1.2.8-1.i386.rpm --nogpgcheck

After that I needed to create mydns start script:

vi /etc/init.d/mydns
chmod +x /etc/init.d/mydns

I used the script posted by rukus77 on howtoforge. Make sure you read all the comments on that forum (especially the one containing [ -f /usr/sbin/mydns ] || exit 1).
The last step is to run ISPConfig 3 setup:

cd ispconfig3_install/
cd install
php -q update.php

When asked if to reconfigure services answer yes, the rest you can answer no.

That would be all, thanks for reading.

Install Postfix, Courier-IMAP on CentOS 5

Platform: CentOS 5.4 i386
Extra repositories used: utterramblings and rpmforge
You will end up with Postfix 2.6.5, Courier IMAP 4.6.0, authlib 0.62.4 and maildrop 2.2.0

First of all you will need to install gcc++:

yum install gcc-c++ redhat-rpm-config

Create a user to compile packages if you don’t have one already. I used rpmbuilder for the account name.

useradd -m -s /bin/bash rpmbuilder
passwd rpmbuilder

It will need some privileges so type visudo and add this line somewhere (I added it after root):

rpmbuilder ALL=(ALL) ALL

Create the directory structure:

su - rpmbuilder
mkdir $HOME/rpm
mkdir $HOME/rpm/SOURCES
mkdir $HOME/rpm/SPECS
mkdir $HOME/rpm/BUILD
mkdir $HOME/rpm/SRPMS
mkdir $HOME/rpm/RPMS
mkdir $HOME/rpm/RPMS/i386
echo "%_topdir $HOME/rpm" >> $HOME/.rpmmacros

Start downloading the needed courier packages(under the user rpmbuilder):

cd /tmp
wget http://sourceforge.net/projects/courier/files/maildrop/2.2.0/maildrop-2.2.0.tar.bz2/download
wget http://sourceforge.net/projects/courier/files/imap/4.6.0/courier-imap-4.6.0.tar.bz2/download
wget http://sourceforge.net/projects/courier/files/authlib/0.62.4/courier-authlib-0.62.4.tar.bz2/download

These were the latest versions when I wrote the article, feel free to browse sourceforge and get what version you want.
Start building and installing the RPMs:

sudo rpmbuild -ta courier-authlib-0.62.4.tar.bz2
cd $HOME/rpm/RPMS/i386
sudo rpm -ivh courier-authlib-0.62.4-1.i386.rpm courier-authlib-mysql-0.62.4-1.i386.rpm courier-authlib-devel-0.62.4-1.i386.rpm
cd /tmp
rpmbuild -ta courier-imap-4.6.0.tar.bz2
cd $HOME/rpm/RPMS/i386
sudo rpm -ivh courier-imap-4.6.0-1.i386.rpm
cd /tmp
sudo rpmbuild -ta maildrop-2.2.0.tar.bz2
cd $HOME/rpm/RPMS/i386
sudo rpm -ivh maildrop-2.2.0-1.i386.rpm

Done with Courier. Moving to postfix…

Download source RPM from this location:

cd /tmp
wget http://ftp.wl0.org/official/2.6/SRPMS/postfix-2.6.5-1.src.rpm
rpm -ivh postfix-2.6.5-1.src.rpm

I’ve made a few changes to the postfix.spec file (enabled mysql_redhat, vda patch) and also installed the required dependencies:

sudo yum install db4-devel mysql-shared mysql-devel

Building the postfix-2.6.5 rpm:

cd $HOME/rpm/SPECS
rpmbuild -ba postfix.spec

You should have the rpm in $HOME/rpm/BUILD so cd there and type:

sudo rpm -ivh postfix-2.6.5-1.rhel5.i386.rpm

In the end enable required services as root user:

chkconfig --levels 235 courier-authlib on
chkconfig --levels 235 sendmail off
chkconfig --levels 235 postfix on
chkconfig --levels 235 saslauthd on
chkconfig --levels 235 courier-imap on
service sendmail stop
service postfix start
service saslauthd start
service courier-authlib start
service courier-imap start

If everything went ok when telneting on port 25 of localhost you should get something similar to this:

Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 lightbringer.inno-solutions.ro ESMTP Postfix (2.6.5)
ehlo localhost
250-lightbringer.inno-solutions.ro
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

NOTE 1:
If you already have any of the packages install use rpm -Uvh instead of rpm -ivh.

Zend Framework + SVN + ZF Tools on CentOS part 2

This is the 2nd part of my attempt to write a tutorial about using svn and ZF to create a working environment for a small team of developers. It assumes you have followed the instructions provided here.

The following notations will be used in this part:
project is the name of your project, wherever you see project written with italics replace it with your actual project name. It should be one word.
developer is the name of the developer that is part of the team working on this project. For example john.
example.com is the name of your domain, replace it with the real name.
A # in front of the line means you have to execute those commands as root, while $ means you have to be a normal user.

1. Create the repository for the project

# mkdir -pv /var/svn
# svnadmin create /var/svn/project

2. Create project layout

# cd /tmp
# mkdir project
# cd project
# mkdir branches tags trunk

If you want to create a standard zf project:


# cd trunk
# zf create project
# ls

ATTENTION: zf create project is a command, so do not replace the word project.
You should have the standard structure now for a Zend Framework project.

3. Import the project files to repository

# svn import /tmp/project file:///var/svn/project -m "initial import"
# chown -R apache:apache /var/svn/project

4.1 Creating a user for the developer

# adduser -g users developer
# passwd developer

Repeat the above steps for each developer you want to add.

4.2 Creating a user for the project

# adduser project
# passwd project

5.1 Add a virtual host for each developer in apache conf file

You will have to figure out where your virtual hosts are defined in apache conf files. Most likely you can add the following lines to /etc/http/conf/httpd.conf


# developer sandbox
<VirtualHost *:80>
ServerAdmin someone@example.com
DocumentRoot /home/developer/www
ServerName developer.example.com
ErrorLog /home/developer/logs/error_log
CustomLog /home/developer/logs/access_log combined
<Directory "/home/developer/www/">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>

5.2 Add a virtual host for the project

# project sandbox
<VirtualHost *:80>
ServerAdmin someone@example.com
DocumentRoot /home/project/www
ServerName project.example.com
ErrorLog /home/project/logs/error_log
CustomLog /home/project/logs/access_log combined
CustomLog /home/project/logs/svn_logfile "%t %u %{SVN-ACTION}e" env=SVN-ACTION
<Directory "/home/project/www/">
Options -Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<Location /svn>
Options +Indexes
DAV svn
SVNParentPath /var/svn
SVNPathAuthz off
SVNIndexXSLT "/svnindex.xsl"
Require valid-user
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /var/svn/project/conf/passwd
</Location>
</VirtualHost>

* Depending on your DNS settings you may have to manually add the needed records for developer.example.com/project.example.com to properly work.

7.1 Checking out to dev boxes

# su - developer
$ mkdir svn
$ cd svn
$ svn checkout http://project.example.com/svn/project/trunk .
$ cd ..
$ rm www
$ ln -s /home/developer/svn/public www

7.2 Exporting the latest version of the project

# su - project
$ mkdir svn
$ cd svn
$ svn export http://project.example.com/svn/project/trunk . --force
$ cd ..
$ rm www
$ ln -s /home/project/svn/public www

See the project page at http://project.example.com

Next time you want to update the page remove the svn directory, and re-export it as above.

8.1 Working as a developer

To update you dev box to latest version:

$ cd svn
$ svn up

Whenever you add a NEW file/directory to the project use:

$ svn add filename

Of course you replace filename with the real name of the file. The reverse of this is svn del.

When you are satisfied with your changes don’t forget to commit:

$ svn commit -m "something meaningful for that idiot project manager"

8.2 Working as a project manager(?)

$ su - project
$ rm -rf svn

Repeat the steps from 7.2
Check logs for svn commits at /logs/svn_logfile

<< EOF

Zend Framework + SVN + ZF Tools on CentOS

This first part focuses on installing svn + zf library + zf tools on your dev server. In the second part (coming soon) I will show you how to create a svn repository and import into it a simple zf project created with zf tools.

Prerequisites:
You will need at least a working web server (Apache2) and PHP version 5.

I’ll be using utterramblings repository to install subversion and required packages for the apache server.

Import the gpg key for utterramblings repository:

rpm –import http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka

Add the repository to yum by creating a repo file in /etc/yum.repos.d/utterramblings.repo that contains the following lines:

[utterramblings]
name=Jason’s Utter Ramblings Repo
baseurl=http://www.jasonlitka.com/media/EL$releasever/$basearch/
enabled=0
gpgcheck=1
gpgkey=http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka

Install subversion and mod_dav_svn from utterramblings:

yum install subversion –enablerepo=utterramblings
yum install mod_dav_svn –enablerepo=utterramblings

You should have everything you need to start working with svn on your server.

Now let’s install ZF tools to the server:

mkdir ZF_Tool
cd ZF_Tool/
svn checkout http://framework.zend.com/svn/framework/laboratory/Zend_Tool/ .

Now copy the directory ‘library/ZendL’ to a place that’s in the include path of your php. In my case it was ‘/usr/share/php’.

Copy ‘bin/zf.sh’ and ‘bin/zf.php’ to /bin and edit zf.sh updating ZF_BIN_PHP variable to:

ZF_BIN_PHP=/bin/zf.php

Don’t forget to change their permissions so anyone can use them:

chmod a+rx /bin/zf*

For ZF library I’ve used the minimal package since it contains most of the stuff I use anyway without being bloated. At the time of writing this article 1.6 was the latest version, which I’ve got it from their site using wget:

wget http://framework.zend.com/releases/ZendFramework-1.6.2/ZendFramework-1.6.2-minimal.tar.gz
tar zxvf ZendFramework-1.6.2-minimal.tar.gz

Copy the directory ‘library/Zend’ to the same place where you’ve put ZendL directory (‘/usr/share/php’ for me).

Now if everything went ok when you type at the cli ‘zf show version’ you should get something like ‘Zend Framework Version: 1.6.2’.

Congratulations you are done with this part. If you want you can play around with ‘zf create project’ until I publish my next article showing how to use zf tools + SVN together to create the bases of a project.