存档

‘OpenSource’ 分类的存档

从源码编译rpm,安装升级 openssl及openssh 最新版本

2011年7月22日 评论已被关闭

当前版本:
$ ssh -V
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
目标版本:
openssh-5.8p2.tar.gz
openssl-0.9.8r.tar.gz

compile and upgrade openssl-0.9.8r
wget http://www.openssl.org/source/openssl-0.9.8r.tar.gz
tar zxvf openssl-0.9.8r.tar.gz
mkdir -p /usr/src/redhat/SPECS/
mkdir -p /usr/src/redhat/SOURCES/
cp openssl-0.9.8r/openssl.spec /usr/src/redhat/SPECS/
cp openssl-0.9.8r.tar.gz /usr/src/redhat/SOURCES/
cd /usr/src/redhat/SPECS

#源码自带的SPEC文件有点问题,需要替换一下关键字License
perl -i.bak -pe ‘s/^Copyright: Freely distributable$/License: Freely distributable/’ openssl.spec

[2hei.net ~]#rpmbuild -bb openssl.spec
#如果系统找不到rpmbuild,需要先安装
yum install rpm-build
yum install redhat-rpm-config
yum install pam-devel

#安装结束:

Wrote: /usr/src/redhat/RPMS/i386/openssl-0.9.8r-1.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/openssl-devel-0.9.8r-1.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/openssl-doc-0.9.8r-1.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/openssl-debuginfo-0.9.8r-1.i386.rpm
Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.36929
+ umask 022
+ cd /usr/src/redhat/BUILD
+ cd openssl-0.9.8r
+ rm -rf /var/tmp/openssl-0.9.8r-root
+ exit 0

[2hei.net ~]#cd /usr/src/redhat/RPMS/i386/
ls -l
-rw-r–r– 1 root root 1198354 Jul 22 15:31 openssl-0.9.8r-1.i386.rpm
-rw-r–r– 1 root root  117348 Jul 22 15:31 openssl-debuginfo-0.9.8r-1.i386.rpm
-rw-r–r– 1 root root 2149166 Jul 22 15:31 openssl-devel-0.9.8r-1.i386.rpm
-rw-r–r– 1 root root  596803 Jul 22 15:31 openssl-doc-0.9.8r-1.i386.rpm
rpm -Uvh openssl*.rpm
error: Failed dependencies:
    libcrypto.so.6 is needed by (installed) python-2.4.3-27.el5.i386
    libcrypto.so.6 is needed by (installed) openldap-2.3.43-12.el5.i386
    libcrypto.so.6 is needed by (installed) curl-7.15.5-9.el5.i386
    libcrypto.so.6 is needed by (installed) net-snmp-libs-5.3.2.2-9.el5.i386
    …
    libssl.so.6 is needed by (installed) python-2.4.3-27.el5.i386
    libssl.so.6 is needed by (installed) openldap-2.3.43-12.el5.i386
    libssl.so.6 is needed by (installed) curl-7.15.5-9.el5.i386
    …
use –nodeps force install
rpm –nodeps -Uvh openssl-*.rpm
Preparing…                ########################################### [100%]
   1:openssl                ########################################### [ 25%]
   2:openssl-debuginfo      ########################################### [ 50%]
   3:openssl-devel          ########################################### [ 75%]
   4:openssl-doc            ########################################### [100%]

#添加旧的链接库链接,使之支持已安装的其他软件的依赖:
[2hei.net ~]#cd /usr/lib
ln -s libcrypto.so.0.9.8 libcrypto.so.6
ln -s libssl.so.0.9.8 libssl.so.6

openssh的编译寄安装过程类似,不过要比openssl的简单一些,因为依赖关系少了很多,在此略去。。。

#重启sshd服务:
service sshd restart
#检查版本:
[root@test-test01 ~]# ssh -V
OpenSSH_5.8p2, OpenSSL 0.9.8r 8 Feb 2011

至此大功告成,不过升级openssl要谨慎,有可能影响其他服务,如httpd,openvpn等等,本文在vm上测试通过,权作记录备忘~

分类: OpenSource 标签: ,

cassandra cluster install and configuration

2011年7月13日 评论已被关闭

1) Install

http://labs.renren.com/apache-mirror/cassandra/0.7.6-2/apache-cassandra-0.7.6-2-bin.tar.gz(apache官网推荐人人的mirror,不过link有问题 ^_^)

  * tar -zxvf apache-cassandra-$VERSION.tar.gz
  * cd apache-cassandra-$VERSION
  * sudo mkdir -p /var/log/cassandra
  * sudo chown -R `whoami` /var/log/cassandra
  * sudo mkdir -p /var/lib/cassandra
  * sudo chown -R `whoami` /var/lib/cassandra

Note: The sample configuration files in conf/ determine the file-system
locations Cassandra uses for logging and data storage. You are free to
change these to suit your own environment and adjust the path names
used here accordingly.

Now that we’re ready, let’s start it up!
#start up front
  * bin/cassandra -f

2) two nodes configuration:
node1:192.168.46.155
node2:192.168.46.179

[2hei.net conf]$ cat cassandra.yaml
cluster_name: ‘Test Cluster’
initial_token:
auto_bootstrap: false
hinted_handoff_enabled: true
max_hint_window_in_ms: 3600000 # one hour
hinted_handoff_throttle_delay_in_ms: 50
authenticator: org.apache.cassandra.auth.AllowAllAuthenticator
authority: org.apache.cassandra.auth.AllowAllAuthority
partitioner: org.apache.cassandra.dht.RandomPartitioner
data_file_directories:
    – /var/lib/cassandra/data
commitlog_directory: /var/lib/cassandra/commitlog
saved_caches_directory: /var/lib/cassandra/saved_caches
commitlog_rotation_threshold_in_mb: 128
commitlog_sync: periodic
commitlog_sync_period_in_ms: 10000
flush_largest_memtables_at: 0.75
reduce_cache_sizes_at: 0.85
reduce_cache_capacity_to: 0.6
seeds:
    – node2
concurrent_reads: 32
concurrent_writes: 32
memtable_flush_queue_size: 4
sliced_buffer_size_in_kb: 64
storage_port: 7000
listen_address: 192.168.46.155
rpc_address: 0.0.0.0
rpc_port: 9160
rpc_keepalive: true
thrift_framed_transport_size_in_mb: 15
thrift_max_message_length_in_mb: 16
incremental_backups: false
snapshot_before_compaction: false
column_index_size_in_kb: 64
in_memory_compaction_limit_in_mb: 64
compaction_preheat_key_cache: true
rpc_timeout_in_ms: 10000
endpoint_snitch: org.apache.cassandra.locator.SimpleSnitch
dynamic_snitch: true
dynamic_snitch_update_interval_in_ms: 100
dynamic_snitch_reset_interval_in_ms: 600000
dynamic_snitch_badness_threshold: 0.0
request_scheduler: org.apache.cassandra.scheduler.NoScheduler
index_interval: 128

the same as node2,just need change
seeds:
    – node1

cat /etc/hosts    
192.168.46.155  node1
192.168.46.179  node2

Logs
#node1:
 INFO 10:23:46,151 Listening for thrift clients…
 INFO 10:23:46,315 Compacted to /var/lib/cassandra/data/system/LocationInfo-tmp-f-33-Data.db.  942 to 536 (~56% of original) bytes for 4 keys.  Time: 178ms.
 INFO 10:23:52,089 Node /192.168.46.179 has restarted, now UP again
 INFO 10:23:52,095 Node /192.168.46.179 state jump to normal
 INFO 10:24:02,177 Deleted /var/lib/cassandra/data/system/LocationInfo-f-32
 INFO 10:24:02,179 Deleted /var/lib/cassandra/data/system/LocationInfo-f-31
 INFO 10:24:52,097 Started hinted handoff for endpoint /192.168.46.179
 INFO 10:24:52,100 Finished hinted handoff of 0 rows to endpoint /192.168.46.179  
#node2:
 INFO 10:23:51,930 Binding thrift service to /0.0.0.0:9160
 INFO 10:23:51,939 Using TFastFramedTransport with a max frame size of 15728640 bytes.
 INFO 10:23:51,988 Listening for thrift clients…
 INFO 10:23:52,133 Node /192.168.46.155 has restarted, now UP again
 INFO 10:23:52,137 Node /192.168.46.155 state jump to normal
 INFO 10:23:53,548 InetAddress /192.168.46.155 is now dead.
 INFO 10:23:53,646 InetAddress /192.168.46.155 is now UP
 INFO 10:24:33,362 Started hinted handoff for endpoint /192.168.46.155
 INFO 10:24:33,365 Finished hinted handoff of 0 rows to endpoint /192.168.46.155
 
3) use cassandra:
#check cluster:
[2hei.net apache-cassandra-0.7.6-2]$ bin/nodetool -host localhost ring
Address         Status State   Load            Owns    Token                                      
                                                       168969914150282478893277211064871807700    
192.168.46.155   Up     Normal  53.28 KB        42.38%  70927753273796620281025030712152398970     
192.168.46.179   Up     Normal  45.16 KB        57.62%  168969914150282478893277211064871807700

#use cassandra-cli:
[2hei.net apache-cassandra-0.7.6-2]$bin/cassandra-cli –host localhost
[default@unknown] create keyspace FisherKeyspace;
2b1e86b8-ac65-11e0-9677-2edcd0f45bc6
Waiting for schema agreement…
… schemas agree across the cluster
[default@unknown] use FisherKeyspace;
Authenticated to keyspace: FisherKeyspace
[default@FisherKeyspace] create column family 2hei with comparator=UTF8Type and default_validation_class=UTF8Type;
3a0e8809-ac65-11e0-9677-2edcd0f45bc6
Waiting for schema agreement…
… schemas agree across the cluster
[default@FisherKeyspace] set Users[2hei][first] = ‘Fisher’;
Users not found in current keyspace.
[default@FisherKeyspace] set 2hei[2hei][first] = ‘Fisher’;
Value inserted.
[default@FisherKeyspace]  set 2hei[2hei][last] = ‘fishman’;
Value inserted.
[default@FisherKeyspace] set 2hei[2hei][age] = long(42);
Value inserted.
[default@FisherKeyspace] get 2hei[2hei];
=> (column=age, value=42, timestamp=1310461245929000)
=> (column=first, value=Fisher, timestamp=1310461237981000)
=> (column=last, value=fishman, timestamp=1310461242014000)
Returned 3 results.

[default@unknown] show keyspaces;
Keyspace: FisherKeyspace:
  Replication Strategy: org.apache.cassandra.locator.SimpleStrategy
    Replication Factor: 1
  Column Families:
    ColumnFamily: 2hei
      default_validation_class: org.apache.cassandra.db.marshal.UTF8Type
      Columns sorted by: org.apache.cassandra.db.marshal.UTF8Type
      Row cache size / save period in seconds: 0.0/0
      Key cache size / save period in seconds: 200000.0/14400
      Memtable thresholds: 0.0234375/5/1440 (millions of ops/minutes/MB)
      GC grace seconds: 864000
      Compaction min/max thresholds: 4/32
      Read repair chance: 1.0
   &nbsp
;  Built indexes: []

#other useful command of nodetool
bin/nodetool -host localhost ring
bin/nodetool -host localhost info
[2hei.net apache-cassandra-0.7.6-2]$ bin/nodetool -host localhost info
70927753273796620281025030712152398970
Gossip active    : true
Load             : 57.4 KB
Generation No    : 1310523824
Uptime (seconds) : 645
Heap Memory (MB) : 25.27 / 183.31
[2hei.net apache-cassandra-0.7.6-2]$ bin/nodetool -host localhost cfstats
Keyspace: FisherKeyspace
    Read Count: 0
    Read Latency: NaN ms.
    Write Count: 0
    Write Latency: NaN ms.
    Pending Tasks: 0
        Column Family: 2hei
        SSTable count: 0
        Space used (live): 0
        Space used (total): 0
        Memtable Columns Count: 0
        Memtable Data Size: 0
        Memtable Switch Count: 0
        Read Count: 0
        Read Latency: NaN ms.
        Write Count: 0
        Write Latency: NaN ms.
        Pending Tasks: 0
        Key cache capacity: 200000
        Key cache size: 0
        Key cache hit rate: NaN
        Row cache: disabled
        Compacted row minimum size: 0
        Compacted row maximum size: 0
        Compacted row mean size: 0

——————————–
接下来会继续完善cassandra的应用及api。

 

分类: OpenSource 标签:

linux 入侵监测工具 chkrootkit

2011年6月23日 评论已被关闭

wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

compile:
make sense
gcc -DHAVE_LASTLOG_H -o chklastlog chklastlog.c
gcc -DHAVE_LASTLOG_H -o chkwtmp chkwtmp.c
chkwtmp.c: In function ?.ain?.
chkwtmp.c:95: warning: incompatible implicit declaration of built-in function ?.xit?
gcc -DHAVE_LASTLOG_H   -D_FILE_OFFSET_BITS=64 -o ifpromisc ifpromisc.c
gcc  -o chkproc chkproc.c
gcc  -o chkdirs chkdirs.c
gcc  -o check_wtmpx check_wtmpx.c
gcc -static  -o strings-static strings.c
gcc  -o chkutmp chkutmp.c

Usage: ./chkrootkit [options] [testname …]
 Options:
         -h                show this help and exit
         -V                show version information and exit
         -l                show available tests
         -d                debug
         -q                quiet mode
         -x                expert mode
         -r dir            use dir as the root directory
         -p dir1:dir2:dirN path for the external commands used by chkrootkit
         -n                skip NFS mounted dirs
        
sudo ./chkrootkit
ROOTDIR is `/’
Checking `amd’… not found
Checking `basename’… not infected
Checking `biff’… not found
Checking `chfn’… not infected
Checking `chsh’… not infected
Checking `cron’… not infected
Checking `crontab’… not infected
Checking `date’… not infected
Checking `du’… not infected
Checking `dirname’… not infected
Checking `echo’… not infected
Checking `egrep’… not infected
Checking `env’… not infected
Checking `find’… not infected
Checking `fingerd’… not found
Checking `gpm’… not infected
Checking `grep’… not infected
Checking `hdparm’… not infected
Checking `su’… not infected
Checking `ifconfig’… not infected
Checking `inetd’… not tested
Checking `inetdconf’… not found
Checking `identd’… not found
Checking `init’… not infected
Checking `killall’… not infected
Checking `ldsopreload’… not infected
Checking `login’… not infected
Checking `ls’… not infected
Checking `lsof’… not infected
Checking `mail’… not infected
Checking `mingetty’… not infected
Checking `netstat’… not infected
Checking `named’… not infected
Checking `passwd’… not infected
Checking `pidof’… not infected
Checking `pop2’… not found
Checking `pop3’… not found
Checking `ps’… not infected
Checking `pstree’… not infected
Checking `rpcinfo’… not infected
Checking `rlogind’… not found
Checking `rshd’… not found
Checking `slogin’… not infected
Checking `sendmail’… not infected
Checking `sshd’… not infected
Checking `syslogd’… not infected
Checking `tar’… not infected
Checking `tcpd’… not infected
Checking `tcpdump’… not infected
Checking `top’… not infected
Checking `telnetd’… not found
Checking `timed’… not found
Checking `traceroute’… not infected
Checking `vdir’… not infected
Checking `w’… not infected
Checking `write’… not infected
Checking `aliens’… no suspect files
Searching for sniffer’s logs, it may take a while… nothing found
Searching for HiDrootkit’s default dir… nothing found
Searching for t0rn’s default files and dirs… nothing found
Searching for t0rn’s v8 defaults… nothing found
Searching for Lion Worm default files and dirs… nothing found
Searching for RSHA’s default files and dir… nothing found
Searching for RH-Sharpe’s default files… nothing found
Searching for Ambient’s rootkit (ark) default files and dirs… nothing found
Searching for suspicious files and dirs, it may take a while…
/usr/lib/gtk-2.0/immodules/.relocation-tag /lib/.libssl.so.0.9.8e.hmac /lib/.libcrypto.so.6.hmac /lib/.libcrypto.so.0.9.8e.hmac /lib/.libssl.so.6.hmac

Searching for LPD Worm files and dirs… nothing found
Searching for Ramen Worm files and dirs… nothing found
Searching for Maniac files and dirs… nothing found
Searching for RK17 files and dirs… nothing found
Searching for Ducoci rootkit… nothing found
Searching for Adore Worm… nothing found
Searching for ShitC Worm… nothing found
Searching for Omega Worm… nothing found
Searching for Sadmind/IIS Worm… nothing found
Searching for MonKit… nothing found
Searching for Showtee… nothing found
Searching for OpticKit… nothing found
Searching for T.R.K… nothing found
Searching for Mithra… nothing found
Searching for LOC rootkit… nothing found
Searching for Romanian rootkit… nothing found
Searching for HKRK rootkit… nothing found
Searching for Suckit rootkit… nothing found
Searching for Volc rootkit… nothing found
Searching for Gold2 rootkit… nothing found
Searching for TC2 Worm default files and dirs… nothing found
Searching for Anonoying rootkit default files and dirs… nothing found
Searching for ZK rootkit default files and dirs… nothing found
Searching for ShKit rootkit default files and dirs… nothing found
Searching for AjaKit rootkit default files and dirs… nothing found
Searching for zaRwT rootkit default files and dirs… nothing found
Searching for Madalin rootkit default files… nothing found
Searching for Fu rootkit default files… nothing found
Searching for ESRK rootkit default files… nothing found
Searching for rootedoor… nothing found
Searching for ENYELKM rootkit default files… nothing found
Searching for common ssh-scanners default files… nothing found
Searching for suspect PHP files… nothing found
Searching for anomalies in shell history files… nothing found
Checking `asp’… not infected
Checking `bindshell’… not infected
Checking `lkm’… chkproc: nothing detected
chkdirs: nothing detected
Checking `rexedcs’… not found
Checking `sniffer’… eth0: not promisc and no PF_PACKET sockets
eth0: not promisc and no PF_PACKET sockets
eth1: PF_PACKET(/usr/sbin/dhcpd)
Checking `w55808’… not infected
Checking `wted’… chkwtmp: nothing deleted
Checking `scalper’… not infected
Checking `slapper’… not infected
Checking `z2’… chklastlog: nothing deleted
Checking `chkutmp’… chkutmp: nothing deleted
Checking `OSX_RSPLUG’… not infected

 

分类: OpenSource 标签:

openvpn vnc java firefox on centos5

2011年6月10日 评论已被关闭

1. yum install openvpn
wget http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
yum install epel-release-5-4.noarch.rpm
yum intall openvpn

vnp configs: 2hei.net.ovpn
add:
–script-security 2
up “/etc/openvpn/update-resolv-conf up”
down “/etc/openvpn/update-resolv-conf down”

script: update-resolv-conf
#!/bin/bash
case “$1” in
    up)
        mv /etc/resolv.conf /etc/resolv.conf.openvpn
        echo “# Generated by OpenVPN Client UP Script” > /etc/resolv.conf
        echo “search 2hei.net” > /etc/resolv.conf
        for opt in ${!foreign_option_*};
        do
            #echo ${!opt} | sed -e ‘s/dhcp-option DOMAIN/domain/g’ -e ‘s/dhcp-option DNS/nameserver/g’ >> /etc/resolv.conf
            echo ${!opt} | sed -e ‘s/dhcp-option DNS/nameserver/g’ >> /etc/resolv.conf
        done
        #add orig nameserver
        grep nameserver /etc/resolv.conf.openvpn >> /etc/resolv.conf
        ;;
    down)
        mv /etc/resolv.conf.openvpn /etc/resolv.conf
        ;;
    *)
        echo “Pass either UP or DOWN”
        ;;
esac

cat start_client_dc1.sh
#!/bin/sh
/usr/sbin/openvpn /etc/openvpn/2hei.net.ovpn

2. update firefox on centos
down load new version of firfox
ln -s /usr/local/firefox/firefox /usr/bin

3. use java web start on firefox
download new version of jre
sh ./jre-6u25-linux-x64-rpm.bin
alternatives –install /usr/bin/java java /usr/java/jre1.6.0_25/bin/java 2
alternatives –config java     # pick 1 or 2 or 3
java -version
cd /usr/lib/mozilla/plugins
ln -s /usr/java/jre1.6.0_25/lib/amd64/libnpjp2.so

4. vnc
[2hei.net# .vnc]$ cat xstartup
#!/bin/sh

# Uncomment the following two lines for normal desktop:
# unset SESSION_MANAGER
# exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80×24+10+10 -ls -title “$VNCDESKTOP Desktop” &
gnome-session &

start vncserver
vncserver

分类: linux, OpenSource 标签: , , ,

sftp get “Connection closed”

2011年1月30日 1 条评论
Some users experience “Connection closed” messages when attempting to use sftp, scp, svn+ssh or other ssh tunneled services if their profile contains errors.
use ssh+key can log to the server, but scp and sftp just return a “Connection closed”
$sftp -v 2hei.net
Connecting to 2hei.net…
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 2hei.net [192.168.1.100] port 22.
debug1: Connection established.
debug1: identity file /home/2hei/.ssh/id_rsa type 1
debug1: identity file /home/2hei/.ssh/id_dsa type -1
debug1: loaded 2 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host ‘2hei.net’ is known and matches the RSA host key.
debug1: Found key in /home/2hei/.ssh/known_hosts:2
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
Unknown code krb5 195
debug1: Unspecified GSS failure.  Minor code may provide more information
Unknown code krb5 195
debug1: Unspecified GSS failure.  Minor code may provide more information
Unknown code krb5 195
debug1: Next authentication method: publickey
debug1: Offering public key: /home/2hei/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending subsystem: sftp
debug1: client_input_channel_req: channel 0 rtype exit-signal reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 9.2 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status -1
Connection closed
this caused by .bashrc or .bash_profile, we can change our bash configs:
$cat .bashrc 
# .bash_profile
# Get the aliases and functions
#if [ -f ~/.bashrc ]; then
#        . ~/.bashrc
#fi
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
分类: OpenSource 标签:

eventfd() failed when start nginx

2011年1月7日 评论已被关闭

yum install nginx
service nginx start

error.log:
2011/01/07 05:39:49 [emerg] 7180#0: eventfd() failed (38: Function not implemented)
2011/01/07 05:39:49 [alert] 7179#0: worker process 7180 exited with fatal code 2 and can not be respawn
2011/01/07 05:43:01 [emerg] 7296#0: eventfd() failed (38: Function not implemented)
2011/01/07 05:43:01 [alert] 7295#0: worker process 7296 exited with fatal code 2 and can not be respawn

[root@2hei.net /etc/nginx]# /usr/sbin/nginx -V
nginx version: nginx/0.8.53
built by gcc 4.1.2 20080704 (Red Hat 4.1.2-48)
TLS SNI support disabled
configure arguments: –user=nginx –group=nginx –prefix=/usr/share/nginx –sbin-path=/usr/sbin/nginx –conf-path=/etc/nginx/nginx.conf –error-log-path=/var/log/nginx/error.log –http-log-path=/var/log/nginx/access.log –http-client-body-temp-path=/var/lib/nginx/tmp/client_body –http-proxy-temp-path=/var/lib/nginx/tmp/proxy –http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi –http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi –http-scgi-temp-path=/var/lib/nginx/tmp/scgi –pid-path=/var/run/nginx.pid –lock-path=/var/lock/subsys/nginx –with-http_ssl_module –with-http_realip_module –with-http_addition_module –with-http_xslt_module –with-http_image_filter_module –with-http_geoip_module –with-http_sub_module –with-http_dav_module –with-http_flv_module –with-http_gzip_static_module –with-http_random_index_module –with-http_secure_link_module –with-http_degradation_module –with-http_stub_status_module –with-http_perl_module –with-mail –with-file-aio –with-mail_ssl_module –with-ipv6 –with-cc-opt=’-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector –param=ssp-buffer-size=4 -m64 -mtune=generic’ –with-cc-opt=’-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector –param=ssp-buffer-size=4 -m64 -mtune=generic’

we can see –with-file-aio is been compiled at yum.

[root@2hei.net /etc/nginx]# yum list | grep aio
libaio.i386                              0.3.106-3.2            installed       
libaio.x86_64                            0.3.106-3.2            installed       
libsane-hpaio.x86_64                     1.6.7-4.1.el5.4        installed       
libaio-devel.x86_64                      0.3.106-3.2            base            
libaio-devel.i386                        0.3.106-3.2            base   

yum install libaio-devel
restart nginx still has such error.

Got a new stable version of nginx
nginx version: nginx/0.8.54
built by gcc 4.1.2 20080704 (Red Hat 4.1.2-48)
TLS SNI support disabled
configure arguments: –user=nginx –group=nginx –prefix=/usr/share/nginx –sbin-path=/usr/sbin/nginx –conf-path=/etc/nginx/nginx.conf –error-log-path=/var/log/nginx/error.log –http-log-path=/var/log/nginx/access.log –http-client-body-temp-path=/var/lib/nginx/tmp/client_body –http-proxy-temp-path=/var/lib/nginx/tmp/proxy –http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi –pid-path=/var/run/nginx.pid –lock-path=/var/lock/subsys/nginx –with-http_ssl_module –with-http_realip_module –with-http_addition_module –with-http_sub_module –with-http_dav_module –with-http_flv_module –with-http_gzip_static_module –with-http_stub_status_module –with-http_perl_module –with-mail –with-mail_ssl_module –with-cc-opt=’-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector –param=ssp-buffer-size=4 -m64 -mtune=generic’ –add-module=/builddir/build/BUILD/nginx-0.8.54/nginx-upstream-fair
download link: nginx-stable-0.8.54-1.el5.x86_64.rpm
useful link:
http://forum.nginx.org/read.php?2,23577,153119#msg-153119
http://forum.nginx.org/read.php?2,150853,150853

分类: nginx, OpenSource 标签:

nginx dynamic url rewrite — II

2010年11月25日 评论已被关闭
nginx rewirte II, nginx if has no AND OR and nest,so we only can use regx to do it:
———————————- BEGIN—————————————–
location /music/search.html {
root   /home/2hei.net/music;
if ($query_string ~* ^p=(.*)&a=(.*)&t=(.*)$) {
set $p $1;
set $a $2;
set $t $3;
rewrite /music/search.html http://www.last.fm/music/$p/$a/$t? last;
}
if ($query_string ~* ^p=(.*)&t=(.*)$) {
set $p $1;
set $t $2;
rewrite /music/search.html http://www.last.fm/music/$p/_/$t? last;
}
if ($query_string ~* ^p=(.*)&a=(.*)$) {
set $p $1;
set $a $2;
rewrite /music/search.html http://www.last.fm/music/$p/$a? last;
}
if ($query_string ~* ^p=(.*)$) {
set $p $1;
rewrite /music/search.html http://www.last.fm/music/$p? last;
}
rewrite /music/search.html http://www.last.fm/music/? last;
}
———————————- END —————————————–
Test URL:
http://2hei.net/music/search.html?p=lady gaga
http://2hei.net/music/search.html?p=lady gaga&a=the frame
http://2hei.net/music/search.html?p=lady gaga&t=just dance
http://2hei.net/music/search.html?p=lady gaga&a=the frame&t=just dance
分类: nginx, OpenSource 标签:

ibevent-1.1a.so.1 depend memcached CentOS5.5

2010年10月29日 评论已被关闭
update to centos5.5, memcached has issue:
resent failed: Execution of ‘/usr/bin/yum -d 0 -e 0 -y install memcached’ returned 1: memcached-1.2.6-1.el5.rf.x86_64 from EPEL-base has depsolving problems
  –> Missing Dependency: libevent-1.1a.so.1()(64bit) is needed by package memcached-1.2.6-1.el5.rf.x86_64 (EPEL-base)
Error: Missing Dependency: libevent-1.1a.so.1()(64bit) is needed by package memcached-1.2.6-1.el5.rf.x86_64 (EPEL-base)
 You could try using –skip-broken to work around the problem
 You could try running: package-cleanup –problems
                        package-cleanup –dupes
                        rpm -Va –nofiles –nodigest
how to resolve it?
will update it when I find a way!
分类: OpenSource 标签:

solved: Fatal error: Allowed memory size of 33554432 bytes exhausted

2010年10月20日 评论已被关闭

wordpress2.8
wp-settings.php
change
define(‘WP_MEMORY_LIMIT’, ’32M’);
to:
define(‘WP_MEMORY_LIMIT’, ’64M’);

wordpress3.0
wp-config.php
/** Database Charset to use in creating database tables. */
define(‘DB_CHARSET’, ‘utf8’);

/** The Database Collate type. Don’t change this if in doubt. */
define(‘DB_COLLATE’, ”);
add:
//allow memory size
define(‘WP_MEMORY_LIMIT’, ’64M’);

分类: OpenSource 标签:

use openvpn client in ubuntu

2010年9月10日 评论已被关闭

#install openvpn and resovconf
$sudo apt-get install openvpn
$sudo apt-get install resovconf

$sudo cat client.conf.mytest
client
;dev tap
dev tun
;dev-node MyTap
proto tcp
;proto udp
remote your-vpn-domain 1001
remote your-vpn-domain 1002
remote-random
resolv-retry infinite
nobind
;user nobody
;group nogroup
persist-key
persist-tun
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
;mute-replay-warnings
ca /home/2hei.net/.vpn/ca.crt
cert /home/2hei.net/.vpn/client.crt
key /home/2hei.net/.vpn/client.key
ns-cert-type server
;tls-auth ta.key 1
;cipher x
comp-lzo
verb 3
;mute 20
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

#start openvpn
$sudo openvpn –script-security 3 –config /home/2hei.net/.vpn/client.conf.mytest

分类: OpenSource 标签: