NRPE errors regarding SSL handshake


CHECK_NRPE: Error - Could not complete SSL handshake.

If you are trying to work with Nagios and setup NRPE, when performing check_nrpe -H hostname you might get the above error. Usually it happens when you have added another IP to the list of allowed hosts and you have added a SPACE after the coma. Just remove the space after the coma so your /etc/nagios/nrpe.cfg contains a line like this:


Recover MySQL InnoDB database from ibdata1 and frm

In this post I will deal with recovery from a corrupted InnoDB database. Remember that sometimes data cannot be recovered. That’s it. Deal with it and move on. As a matter this article is based on my findings when trying to recover several databases after a crash. In the end I couldn’t recover them, but I thought maybe my article will give you some ideas to try. Maybe it will work for you 🙂

If you already tried innodb_force_recovery with no success, prepare for the worst. I am assuming that your MySQL server is not started because of this.

First of all make a backup copy of you ibdata1 file, you will use this to work on it.

cd /var/lib/mysql
dd if=ibdata1 of=ibdata1.recovery conv=noerror

Most of the following things are documented very well here but I think there are some issues with their approach. First of all they demonstrate how to recover a single table. That’s perfectly fine, but I had several databases crashed with a dozen of tables each, so I couldn’t afford the luxury to recover each table.

Now download the database recovery tools from percona, in your home directory:

tar zxvf percona-data-recovery-tool-for-innodb-0.5.tar.gz

Next make MySQL server start

cd /var/lib/mysql
mv ibdata1 ibdata1.bak
mv ib_logfile0 ib_logfile0.bak
mv ib_logfile1 ib_logfile1.bak
service mysqld start

The tricky part comes now. Create recovery database and within it create the table structure (this can be done from an old backup, or maybe you can use the frm files from the database you try to recover). Make sure that the tables are using InnoDB as engine.

The following script is modified a bit after the script provided as example here Put it in the same directory where you extracted the percona recovery tools.



tables=`mysql -ss -u root -p -e "SHOW TABLES" $db`
for i in $tables
        #Check how many rows has a table
        rows=`mysql -u root -p -e "SELECT COUNT(*) FROM $i" -s $db`
                # Prepare environment
                echo "Restoring table $i"
                perl --host=localhost --user=root --password=YOUR_PASSWORD --db=$1 --table=$table > include/table_defs.h.$table
                cd include && rm -f table_defs.h && ln -s table_defs.h.$table table_defs.h
                cd ..
                make clean all
                # Restoring rows
                while [ $found -lt 1 ]
                        echo ""
                        ./constraints_parser -5 -f /var/lib/mysql/ibdata1.recovery >> out.$i

Now execute the script like:

sh recovery_database_you_created

If you are lucky you will get some output in out.TABLE_NAME. Clean the file and load the data into database.

I know the script looks like POS. Sorry for that. You can take a look at percona’s script and modify it to your needs. Please feel free to correct me if I am wrong in this post (probably I am 🙂 ).

Postfixadmin errors executing /usr/local/bin/postfixadmin-*

If you have followed the tutorials on howtoforge to install Postfixadmin and Postfix + CourierIMAP + Maildrop on a CentOS server for virtual domains you may have stumbled upon this problem when trying to add a new mailbox for a virtual domain:

[DATE] [error] [client XX.XX.XX.XX] Running sudo -u vmail /usr/local/bin/ 'user@domain.tld' 'domain.tld' 'domain.tld/user/' '0' yielded return value=1, first line of output=, referer: http://server/postfixadmin/create-mailbox.php?domain=domain.tld

Above this error message you may or you may have not noticed(like I did) this error message:

sudo: sorry, you must have a tty to run sudo

The solution is simple, just run visudo and comment the line containing:

Defaults    requiretty

Hope it will help someone!

ISPConfig3: Updating to myDNS-ng

If you have followed the tutorials “the perfect setup” for installing ISPConfig 3 chances are that you have an older myDNS version (1.1.0 or so). Since I had a few problems with that version I decided to update to myDNS-ng, the latest version.

In this article I will refer to rpmbuilder user, a user I create to compile and/or make RPMs. For more information on how to set it up check this link.

Also the instructions are for CentOs 5.4(but will probably work for any other 5.x version).

su - rpmbuilder
cd /tmp
tar zxvf mydns-
cd mydns-1.2.8

Everything should be ok untill now. I had no problems to compile it. Then I decided to use checkinstall.

sudo yum install checkinstall

It will ask you a few questions, answer them and you should have a rpm package in /usr/src/redhat/RPMS. It will tell you anyway where he created the rpm.
After that I removed the old mydns packages and installed the new one as root:

service mydns stop
yum remove mydns mydns-mysql
yum install /usr/src/redhat/RPMS/i386/mydns-1.2.8-1.i386.rpm --nogpgcheck

After that I needed to create mydns start script:

vi /etc/init.d/mydns
chmod +x /etc/init.d/mydns

I used the script posted by rukus77 on howtoforge. Make sure you read all the comments on that forum (especially the one containing [ -f /usr/sbin/mydns ] || exit 1).
The last step is to run ISPConfig 3 setup:

cd ispconfig3_install/
cd install
php -q update.php

When asked if to reconfigure services answer yes, the rest you can answer no.

That would be all, thanks for reading.

Install Postfix, Courier-IMAP on CentOS 5

Platform: CentOS 5.4 i386
Extra repositories used: utterramblings and rpmforge
You will end up with Postfix 2.6.5, Courier IMAP 4.6.0, authlib 0.62.4 and maildrop 2.2.0

First of all you will need to install gcc++:

yum install gcc-c++ redhat-rpm-config

Create a user to compile packages if you don’t have one already. I used rpmbuilder for the account name.

useradd -m -s /bin/bash rpmbuilder
passwd rpmbuilder

It will need some privileges so type visudo and add this line somewhere (I added it after root):

rpmbuilder ALL=(ALL) ALL

Create the directory structure:

su - rpmbuilder
mkdir $HOME/rpm
mkdir $HOME/rpm/SOURCES
mkdir $HOME/rpm/SPECS
mkdir $HOME/rpm/BUILD
mkdir $HOME/rpm/SRPMS
mkdir $HOME/rpm/RPMS
mkdir $HOME/rpm/RPMS/i386
echo "%_topdir $HOME/rpm" >> $HOME/.rpmmacros

Start downloading the needed courier packages(under the user rpmbuilder):

cd /tmp

These were the latest versions when I wrote the article, feel free to browse sourceforge and get what version you want.
Start building and installing the RPMs:

sudo rpmbuild -ta courier-authlib-0.62.4.tar.bz2
cd $HOME/rpm/RPMS/i386
sudo rpm -ivh courier-authlib-0.62.4-1.i386.rpm courier-authlib-mysql-0.62.4-1.i386.rpm courier-authlib-devel-0.62.4-1.i386.rpm
cd /tmp
rpmbuild -ta courier-imap-4.6.0.tar.bz2
cd $HOME/rpm/RPMS/i386
sudo rpm -ivh courier-imap-4.6.0-1.i386.rpm
cd /tmp
sudo rpmbuild -ta maildrop-2.2.0.tar.bz2
cd $HOME/rpm/RPMS/i386
sudo rpm -ivh maildrop-2.2.0-1.i386.rpm

Done with Courier. Moving to postfix…

Download source RPM from this location:

cd /tmp
rpm -ivh postfix-2.6.5-1.src.rpm

I’ve made a few changes to the postfix.spec file (enabled mysql_redhat, vda patch) and also installed the required dependencies:

sudo yum install db4-devel mysql-shared mysql-devel

Building the postfix-2.6.5 rpm:

cd $HOME/rpm/SPECS
rpmbuild -ba postfix.spec

You should have the rpm in $HOME/rpm/BUILD so cd there and type:

sudo rpm -ivh postfix-2.6.5-1.rhel5.i386.rpm

In the end enable required services as root user:

chkconfig --levels 235 courier-authlib on
chkconfig --levels 235 sendmail off
chkconfig --levels 235 postfix on
chkconfig --levels 235 saslauthd on
chkconfig --levels 235 courier-imap on
service sendmail stop
service postfix start
service saslauthd start
service courier-authlib start
service courier-imap start

If everything went ok when telneting on port 25 of localhost you should get something similar to this:

Connected to localhost.localdomain (
Escape character is '^]'.
220 ESMTP Postfix (2.6.5)
ehlo localhost
250-SIZE 10240000
250 DSN

If you already have any of the packages install use rpm -Uvh instead of rpm -ivh.

Zend Framework + SVN + ZF Tools on CentOS part 2

This is the 2nd part of my attempt to write a tutorial about using svn and ZF to create a working environment for a small team of developers. It assumes you have followed the instructions provided here.

The following notations will be used in this part:
project is the name of your project, wherever you see project written with italics replace it with your actual project name. It should be one word.
developer is the name of the developer that is part of the team working on this project. For example john. is the name of your domain, replace it with the real name.
A # in front of the line means you have to execute those commands as root, while $ means you have to be a normal user.

1. Create the repository for the project

# mkdir -pv /var/svn
# svnadmin create /var/svn/project

2. Create project layout

# cd /tmp
# mkdir project
# cd project
# mkdir branches tags trunk

If you want to create a standard zf project:

# cd trunk
# zf create project
# ls

ATTENTION: zf create project is a command, so do not replace the word project.
You should have the standard structure now for a Zend Framework project.

3. Import the project files to repository

# svn import /tmp/project file:///var/svn/project -m "initial import"
# chown -R apache:apache /var/svn/project

4.1 Creating a user for the developer

# adduser -g users developer
# passwd developer

Repeat the above steps for each developer you want to add.

4.2 Creating a user for the project

# adduser project
# passwd project

5.1 Add a virtual host for each developer in apache conf file

You will have to figure out where your virtual hosts are defined in apache conf files. Most likely you can add the following lines to /etc/http/conf/httpd.conf

# developer sandbox
<VirtualHost *:80>
DocumentRoot /home/developer/www
ErrorLog /home/developer/logs/error_log
CustomLog /home/developer/logs/access_log combined
<Directory "/home/developer/www/">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all

5.2 Add a virtual host for the project

# project sandbox
<VirtualHost *:80>
DocumentRoot /home/project/www
ErrorLog /home/project/logs/error_log
CustomLog /home/project/logs/access_log combined
CustomLog /home/project/logs/svn_logfile "%t %u %{SVN-ACTION}e" env=SVN-ACTION
<Directory "/home/project/www/">
Options -Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
<Location /svn>
Options +Indexes
DAV svn
SVNParentPath /var/svn
SVNPathAuthz off
SVNIndexXSLT "/svnindex.xsl"
Require valid-user
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /var/svn/project/conf/passwd

* Depending on your DNS settings you may have to manually add the needed records for to properly work.

7.1 Checking out to dev boxes

# su - developer
$ mkdir svn
$ cd svn
$ svn checkout .
$ cd ..
$ rm www
$ ln -s /home/developer/svn/public www

7.2 Exporting the latest version of the project

# su - project
$ mkdir svn
$ cd svn
$ svn export . --force
$ cd ..
$ rm www
$ ln -s /home/project/svn/public www

See the project page at

Next time you want to update the page remove the svn directory, and re-export it as above.

8.1 Working as a developer

To update you dev box to latest version:

$ cd svn
$ svn up

Whenever you add a NEW file/directory to the project use:

$ svn add filename

Of course you replace filename with the real name of the file. The reverse of this is svn del.

When you are satisfied with your changes don’t forget to commit:

$ svn commit -m "something meaningful for that idiot project manager"

8.2 Working as a project manager(?)

$ su - project
$ rm -rf svn

Repeat the steps from 7.2
Check logs for svn commits at /logs/svn_logfile

<< EOF

Zend Framework + SVN + ZF Tools on CentOS

This first part focuses on installing svn + zf library + zf tools on your dev server. In the second part (coming soon) I will show you how to create a svn repository and import into it a simple zf project created with zf tools.

You will need at least a working web server (Apache2) and PHP version 5.

I’ll be using utterramblings repository to install subversion and required packages for the apache server.

Import the gpg key for utterramblings repository:

rpm –import

Add the repository to yum by creating a repo file in /etc/yum.repos.d/utterramblings.repo that contains the following lines:

name=Jason’s Utter Ramblings Repo

Install subversion and mod_dav_svn from utterramblings:

yum install subversion –enablerepo=utterramblings
yum install mod_dav_svn –enablerepo=utterramblings

You should have everything you need to start working with svn on your server.

Now let’s install ZF tools to the server:

mkdir ZF_Tool
cd ZF_Tool/
svn checkout .

Now copy the directory ‘library/ZendL’ to a place that’s in the include path of your php. In my case it was ‘/usr/share/php’.

Copy ‘bin/’ and ‘bin/zf.php’ to /bin and edit updating ZF_BIN_PHP variable to:


Don’t forget to change their permissions so anyone can use them:

chmod a+rx /bin/zf*

For ZF library I’ve used the minimal package since it contains most of the stuff I use anyway without being bloated. At the time of writing this article 1.6 was the latest version, which I’ve got it from their site using wget:

tar zxvf ZendFramework-1.6.2-minimal.tar.gz

Copy the directory ‘library/Zend’ to the same place where you’ve put ZendL directory (‘/usr/share/php’ for me).

Now if everything went ok when you type at the cli ‘zf show version’ you should get something like ‘Zend Framework Version: 1.6.2’.

Congratulations you are done with this part. If you want you can play around with ‘zf create project’ until I publish my next article showing how to use zf tools + SVN together to create the bases of a project.