Mar 23 2009

manage SSL certificate expiration with ssl-cert-check

Tag:tepezcuintle @ 20:46

Digital certificates have become an essential part of
Internet commerce, and are widely used to verify the identity
of clients and servers. All digital certificates contain an
expiration date which most client and server applications will
check before using the certificates contents. If a client or
server application detects that a certificate has expired, one
or more implementation specific actions (e.g., abort
connection, check or update a revocation list, alert user,
etc.) are typically performed.

When a web browser encounters an expired certificate, the
browser will normally present the user with a warning message
indicating that the certificate has expired. Some browsers will
continue connecting to the site after presenting the user with
the warning, while others will prompt the user with a dialog
box requesting their approval to proceed. These warnings are
extremely confusing for the typical web user, and cause most
users to question the authenticity of the site they are
attempting to view.

Continua”manage SSL certificate expiration with ssl-cert-check”

Dec 17 2008

RPM is your friend

Tag:tepezcuintle @ 22:18

RPM Commands

by Jeff Hunter, Sr. Database Administrator

This document contains an overview of the principal RPM commands for
installing, uninstalling, upgrading, querying, listing, and checking RPM packages
on your Red Hat Linux system.

# rpm -ivh foo-2.0-4.i386.rpm
# rpm -i ftp://ftp.redhat.com/pub/redhat/RPMS/foo-1.0-1.i386.rpm
# rpm -i http://oss.oracle.com/projects/firewire/dist/files/kernel-2.4.20-18.10.1.i686.rpm

Used to install a RPM package. Note that RPM packages have file naming conventions
like foo-2.0-4.i386.rpm, which include the package name (foo), version (2.0), release (4),
and architecture (i386). Also notice that RPM understands FTP and HTTP protocols for installing
and querying remote RPM files. 

# rpm -e foo

To uninstall a RPM package. Note that we used the package name foo,
not the name of the original package file foo-2.0-4.i386.rpm above. 

# rpm -Uvh foo-1.0-2.i386.rpm
# rpm -Uvh ftp://ftp.redhat.com/pub/redhat/RPMS/foo-1.0-1.i386.rpm
# rpm -Uvh http://oss.oracle.com/projects/firewire/dist/files/kernel-2.4.20-18.10.1.i686.rpm

Continua”RPM is your friend”

Dec 13 2008

Cool stuff you can do with netcat

Tag:tepezcuintle @ 2:38

One of the Linux command line tools I had initially under-estimated is netcat or just nc. By default, netcat creates a TCP socket either in listening mode (server socket) or a socket that is used in order to connect to a server (client mode). Actually, netcat does not care whether the socket is meant to be a server or a client. All it does is to take the data from stdin and transfer it to the other end across the network.

Continua”Cool stuff you can do with netcat”

Dec 05 2008

Compiz Fusion Keyboard shortcuts

Tag:tepezcuintle @ 5:43

For Linux users who are fortunate enough to be playing with the Desktop Effects on their favorite Linux distribution - mine is Ubuntu, here’s a list of keyboard shortcuts for the Compiz Fusion Desktop Effects that you may have been looking for. I have put together a list mainly because I’ve had a hard time finding a comprehensive list from a single location. I may have missed something, so please let me know. One more thing, the Super key is the Windows key in case you are wondering. Here are the shortcuts.

Continua”Compiz Fusion Keyboard shortcuts”

Dec 19 2007

The magic of the find command

Tag:tepezcuintle @ 15:17

Find

Table of Contents

Continua”The magic of the find command”

Nov 08 2007

Regular Expressions with .NET

Tag:tepezcuintle @ 17:35
  • Expresso 2.1C - 328 Kb

    • Learning .NET Regular Expressions with Expresso

    Did you ever wonder what Regular Expressions are all about and want to gain a basic understanding quickly? My goal is to get you up and running with a basic understanding of regular expressions within 30 minutes. The reality is that regular expressions aren’t as complex as they look. The best way to learn is to start writing and experimenting. After your first half hour, you should know a few of the basic constructs and be able to design and use regular expressions in your programs or web pages. For those of you who get hooked, there are many excellent resources available to further your education.

    What the Heck is a Regular Expression Anyway?

    Continua”Regular Expressions with .NET”

    Nov 05 2007

    RedHat CheatSheet

    Tag:tepezcuintle @ 16:31

    This is a good table that tells you the differences between all the redhat versions.
    good for job interviews.

    Red Hat Enterprise Linux

    Server Version comparison chart

      Version 3 Version 4 Version 5
      AS ES AS ES Advanced Platform base server
    Server Architecture support
    x86, AMD64, Intel64, Itanium2 Yes Yes Yes Yes Yes Yes
    IBM POWER Yes No Yes No Yes Yes
    *Note: For IBM zSeries and S/390 information please refer to the mainfame page
    Server Support limits as defined by Red Hat Enterprise Linux Product Subscription
    Maximum physical CPUs/sockets [1] Unlimited 2 Unlimited 2 Unlimited 2
    Maximum memory Unlimited 8GB Unlimited 16GB Unlimited Unlimited
    Maximum virtualized guests/instances N/A N/A N/A N/A Unlimited 4
    Storage virtualization (with Red Hat GFS and Cluster Suite) N/A N/A N/A N/A Yes No
    Included Red Hat Network modules Update Module Update Module Update Module Update Module Update Module Update Module


    Desktop Version comparison chart

      Version 3 Version 4 Version 5
      WS Desktop WS Desktop Desktop Desktop
    with Workstation option    		 Desktop
    with Multi OS option
    Desktop Architecture support
    X86, AMD64, Intel64 Yes Yes Yes Yes Yes Yes Yes
    Itanium2 Yes No Yes No No No No
    Desktop Support limits as defined by Red Hat Enterprise Linux Product Subscription
    Maximum physical CPUs/sockets [1] 2 1 2 1 1 2 1
    Maximum memory Unlimited 4GB Unlimited 4GB 4GB Unlimited 4GB
    Maximum virtualized guests/instances N/A N/A N/A N/A N/A N/A 4
    Storage virtualization (with Red Hat GFS and Cluster Suite) N/A N/A N/A N/A No No No
    Included Red Hat Network modules Update Module Update Module Update Module Update Module Update, Management, & Provisioning modules


    Technology capabilities and limits (certified[/theoretical]) [3]

      Version 3 Version 4 Version 5
    Maximum logical CPUs [4]
    x86 16 32 32
    Itanium2 8 64/512 64/1024
    AMD64/Intel64 8 64/64 64/255
    Power 8 64/128 128/128
    zSeries 8 8 8/64
    Maximum memory
    X86 64GB [5] 64GB [5] 16GB [6]
    Itanium2 128GB 256GB/1024TB 1TB/1024TB
    AMD64/Intel64 128GB 256GB/1TB 256GB/1TB
    Power 64GB 128GB/1TB 512GB/1TB
    zSeries 64GB 64GB 64GB
    Maximum filesize (Ext3) 2TB 2TB 2TB
    Maximum filesystem size (Ext3) 2TB 8TB 8TB/16TB
    Maximum filesize (GFS) 2TB 16TB/8EB 16TB/8EB [7]
    Maximum filesystem size (GFS) 2TB 16TB/8EB 16TB/8EB [7]
    Maximum x86 per-process virtual address space Approx 4GB Approx 4GB Approx 3GB [6]
    Required minimums
    X86 256MB 256MB 512MB
    AMD64/Intel64 256MB 256MB 512MB
    Itanium2 512MB 512MB 512MB
    Power 512MB 512MB 1GB minimum/
    2GB recommended
    Minimum diskspace 800MB 800MB 1GB
    Kernel and OS features
    Kernel foundation Linux 2.4.21 Linux 2.6.9 Linux 2.6.18
    Compiler/toolchain GCC 3.2 GCC 3.4 GCC 4.1
    Languages supported 10 15 19
    NIAP/CC certified Yes - 3+ Yes - 4+ Yes - 4+
    Compatibility libraries V2.1 V2.1 and V3 V3 and V4
    Common Operating Environment (COE) compliant Yes Yes N/A
    LSB compliant Yes - 1.3 Yes -3 Yes -3.1
    GB18030 No Yes Yes
    Client environment
    Desktop GUI Gnome 2.2 Gnome 2.8 Gnome 2.16
    Graphics XFree86 X.org X.org 7.1.1
    OpenOffice V1.1 V1.1.2 V2.0.4
    Ximian Evolution V1.4 V2.0 V2.8.0
    Default browser Mozilla Firefox Firefox 1.5

    Nov 05 2007

    Redhat 5 ditches up2date for yum

    Tag:tepezcuintle @ 16:27

    For those who redhat users who are new to yum check this out.

    Check for and update all RPM(S)
    up2date -u yum update
    Check for and update specified RPM(s)
    up2date -u [ ...] yum update [ ...]
    Install the specified RPM(s)
    up2date -i [ ...] yum install [ ...]
    Remove the specified RPM(s) and it’s dependents
    rpm -e [ ...] yum remove [ ...]
    Search for packages by name
    up2date –showall | grep “” yum list “” [""...]
    List all packages which could be updated
    up2date -l yum list updates [""...]
    List all available packages
    up2date –show-available yum list available [""...]
    List all installed packages
    rpm -qa yum list installed [""...]
    List all installed and available packages
    up2date –showall yum list all [""...]
    Update packages in a group
    up2date -u “@” yum groupupdate “” [""]
    Install all the default packages by group
    up2date “@” yum groupinstall “” [""]
    Remove all packages in a group
    not possible yum groupremove “” [""]
    List available package groups
    up2date –show-groups yum grouplist
    Install local packages solving and satisfying dependencies as needed
    up2date -k

    [:...] yum localinstall [ ]
    Install package of specified architecture
    up2date –arch= [ ...] yum install . [ ....]
    Show all packages not available via subscribed channels or repositories
    up2date –show-orphans yum list extras
    List all channels the system is currently subscribed to
    up2date –show-channels echo “repo list” | yum shell
    List packages that satisfy dependency(ies)
    up2date –whatprovides=[,...] yum whatprovides [...]
    Register a system to RHN hosted/satellite
    up2date –register rhn_register

    Nov 05 2007

    Counting open file descriptors per user

    Tag:tepezcuintle @ 16:22

    If your server is running out of file descriptors, or you want to know what your users are doing you can review the content of their open files using this command

    lsof -u username | wc -l

    Let’s check our user mongrel.

    lsof -u mongrel

    Continua”Counting open file descriptors per user”

    Apr 17 2007

    Breaking my linux server while trying to get open ldap installed

    Tag:tepezcuintle @ 17:54

    So this weekend. I was trying to install openldap the most recent version on my server at home. So I did it and like always when you try to install some new software on your computer the configure script usually fails saying you have some missing or outdated libraries.

    I ran the configure script for my ldap source code and it failed saying that I had an older version of cyrus-sasl so I went and downloaded the cyrus-sasl software and installed a new version. The new version got installed an then I was able to configure my openldap build. I ran make install and I was able to install openldap. I was really happy because it was working and I was able to build an address book and get other cool information on my new ldap server database.

    So guess what a day later I tried to open pine to check one of my accounts and it said that some libldap.so file was missing , oh no this sucks.
    It was trying to look for a library so what I did I setup a symlink to point to a new libldap.so that was installed by the new ldap software.

    So after that got fixed I got another library error message when trying to load pine. So fine I had to create another symlink to another library that was installed by the new ldap software.

    Once i fixed that symlink I was able to start the pine software. Cool then I noticed that I was having problems with sending mail saying that my outgoing email username and password was not working. I restarted sendmail and guess what I got an error message saying I had some missing
    cyrus-sasl libraries missing. Damn

    It looks like everything got hosed, this was a nightmare. I don’t want to make things longer but let me say that I screwed up my server, usually when I build software I install it using the make install command and i choose the folder where things should be installed.

    My mistake was that I used checkinstall to install this new software. Checkinstall basically creates rpms and installs them and what happened is that after I built the software and installed it checkinstall just overwrote my original RPM’s .

    I should’ve just done make install because make install would’ve put the software on the right directories without overwritting my existing software.

    Still I was able to learn a lot of stuff. There is always something positive out of something bad.

    1.-I was able to configure openldap from scratch, I installed a new cyrus-sasl from scratch, and berkeleydb 4 in order to get openldap started.
    2.-I was able to configure an address book on my new ldap server. I was even able to query it using netscape and outlook express.
    3.-Installing openldap was a pain on the ass but after hard work it worked and it was up and running.
    4.- I hacked an init script to make openldap start.

    Then after I realized that everything broke. I learned the following.

    1.-Don’t use checkinstall and use make install only for certain packages specially if it will replace existing software. I had known this before but I was working on ldap for almost 48 hours and I was tired. Still don’t make the same mistakes again.
    2.- I learned how to fix certain error messages using symlinks to libraries requested by programs that can’t find certain libraries.
    3.-I learned to fix a broken linux server by removing rpm’s rebuilding rpms just so they can be removed.

    here is a good tip on how to remove duplicate rpms

    rpm bad-package -e –allmatches

    4.-I was able to figure out what had caused all the damage to my existing programs and servers.

    I had to uninstall openldap and the new cyrus-sasl software just to get my server working and although my ldap server is gone.

    I was able to fix everything my server and everything is back to normal.

    At least I know that I can build openldap again and without causing the sames problems.

    :)

    penguincares.

    Next Page »