Chronophage's Blog

Tag: UNIX 101

Cloudy With a Chance of Productivity…

by on Oct.11, 2011, under Administration, Cloud, E-Mail, Hardware, News, Software, UNIX 101, Virtualization

I’ve been waiting, and working.

I’ve been waiting for my work to release a its new product. I’ve been waiting, politely, for my boss to blog about it. I’ve been waiting to show off this new product.

I’ve been working on provisioning, and working with customers on beta testing the new product. I’ve been working on templates, and auto install media, to make everyone’s life easier. I’ve been working on documentation for customers.

I’ve been waiting for, and working on, a VMware vCloud Director based product known as vmForge VDC.

This is cool stuff!

(continue reading…)

Leave a Comment :, , , , , , , , , , , , more...

Ubuntu Apache2 Auto Config BASH script

by on Jan.12, 2011, under Administration, Software, UNIX 101

Man, I’ve been busy… I’ve recently been promoted to being a System’s Administrator! This has forced me to program a few BASH scripts. This one is for a customer that wants a managed system, but wants to be able to add websites at will. It’s pretty simple, and relies on an existing example.com template. Why example.com? Because I follow RFCs dammit! The template allows me to adjust the Apache specific settings, without recoding the script.  A little REGEX here, and a pipe to sed there, some error checking, formatting and a dash of some SUDO magic and voila! The customer doesn’t need to email/call me to add a website.  Sure beats paying for a crappy control panel ;)

(continue reading…)

Leave a Comment :, , , more...

Postfix MySQL and You!

by on Oct.30, 2009, under Administration, E-Mail, News

Postfix is surprisingly flexible. When I initially set it up two years ago, I set it up to reference a database, but I had a flaw in my logic. Basically, Postfix had no idea if a domain was marked active or inactive in the database. All it knew was whether a domain was in the database or not. Postfix has a default query, that looks for key information. However, you can supercede it in your config files. So I simply commented out the old variables that it passed to the default query, and wrote a new one:

user = DB_USER
password = supersecretpassword
hosts = 127.0.0.1
dbname = DB_NAME
table = domain
#select_field = domain < -- old version, commented out
#where_field = domain <-- old version, commented out
#New Query:
query = SELECT domain FROM domain WHERE domain='%s' and backupmx = false and active = true

Yes, I have backupmx enabled, even though that’s a titanically bad idea, and I would never use it. Why is it a bad idea to fuction as a Backup MX server? Because spammers don’t play by the RFCs and often send spam to lower weighted MX records in an attempt to bypass spam protection.

But I never know what people may ask for in the future. ;)

Leave a Comment :, , , more...

Oops…

by on Sep.24, 2009, under Administration, News, Software

This is a live and learn moment. When I did my last update, I had a lot of old libraries hanging around. I thought that portupgrade would recompile all of my ports, but it didn’t. Most had been recompiled in the interim as I had been upgrading, but Apache, well, Apache upgrades are hardly for the weak. So, when I deleted a bunch of crud laying around. I broke SUEXEC. SUEXEC is what allows scripts to be executed under my various users’ home directories. Well, a recompile and reinstall, and things are working much much faster. Always fix your architecture kids.

Leave a Comment :, , more...

DNS and you!

by on Jul.31, 2009, under News, Security

Say what you want about Kaminsky. I mean, the man is crazy. However, being on call when your employer, a regional ISP, reboots both the primary and secondary DNS servers, makes you appreciate how important DNS is in the grand scheme of internet things. Granted, his attack is fairly novel, but yeah… I’m glad ISC makes updating BIND nice and easy.

Leave a Comment :, , , more...

What happens when I program “On the Fly”

by on Jun.11, 2009, under News, Software

So I needed a quick script to query a billing database for DSL users. The user names, of course where horribly inconsistent. I had to use a program that executed a query of the database, as I didn’t have access to the actual database. Oh, and I didn’t know any Perl at the time.

Now, I have a bad habit when writing code for myself, to use ambiguous variable names, and strange loop structures, and no comments. See if you can figure out what’s going on.

Oh, I vow never to write code like this again. ;)

#!/bin/bash

echo Audit run on $( date )
echo Audit run on $( date ) > notinbilldb.txt
echo
echo

for i in $( cat radiusdump.txt | awk '{print $1}' ); do
 	t2=""
	t2=$( echo $i | sed -e 's/@.*$//;' | cut -f1 -d . )
	t1=$( billdb -s $t2 | grep DSL | awk '{print $3}' | sed -e 's/.dsl//; s/^dsl//;s/@.*$//;' )
  	t3="0"
	t4="0"
	t5="0"
	t6=""

	if [ "$t1" = "" ]; then
		t1=$( billdb -s $i | grep Email | awk '{print $3}' | sed -e 's/@.*$//;' )
		t5="1"
	fi

	if [ "$t1" = "" ]; then
		echo $i is not in billdb.
		echo $i is not in billdb. >> notinbilldb.txt
		t4="1"
	fi
	p=$( echo $i | sed -e 's/.dsl//; s/^dsl//;s/@.*$//;' )
	k=""

	for k in $( echo $t1 ); do
		if [ "$p" = "$k" ]; then
			if [ "$t5" = "1" ]; then
				t6=", but only in email"
			fi
			echo $i matched $k in billdb$t6.

			t3="1"
	 	fi
	done
	if [ "$t4" = "$t3" ]; then
		echo $i is really not in billdb but was close to $t1.
        	echo $i is really not in billdb but was close to $t1. >> notinbilldb.txt
	fi
	echo --------------------------------
	echo
done
echo
echo Audit completed $( date )
echo
Leave a Comment :, , , , more...

sudo -u

by on Jun.11, 2009, under News, UNIX 101

From XKCD. Used for Advocacy

Sometimes, especially on X.X upgrades, WordPress Automatic Update does not work.

Oh, it claims to work. But it doesn’t. So you have to upgrade manually. Now, a manual upgrade is trivial in WordPress. Just download the zip (or gzipped tar,) unpack it, copy the files, go to the admin interface, and click two buttons.

But what if you have multiple users, who have WordPress in their home directories? Use sudo!

Sudo is a tool that administrators can use to execute commands as root. However, you can also the -u parameter to execute a command as another user.

So, if I put WordPress in a neutral folder, then I can simply do this:

>sudo -u username cp -r wordpress/* /home/username/www/example.com/

Voila! Nice and easy.

I should script this…

Leave a Comment :, , more...

Chronophage E-mail Settings

by on May.18, 2009, under E-Mail, News

I host mail for a few friends and family. I use Postfix as my MTA with Dovecot as my SASL/LDA/POP/IMAP server. Users are authenticated via MySQL and PAM, so I can have local, and virtual accounts. To manage things, I user PostfixAdmin, with a few¬† tweeks to accomodate my virtual user’s file structure. Logins are either the full email address (virtual accounts) or the username.

I use a combination of SQLGrey and ClamAV and Maia(SpamAssassin frontend) for my anti-spam/anti-virus protection. SquirrelMail and RoundCube are both availible for webmail. Mutt and Alpine are installed on the server as well.

The Settings are as follows:

Main Settings:

The POP3/IMAP4  and SMTP server is mail.chronophage.net

SMTP Authentication is ON

Ports are: 110/993* 143/995* and 25/587/465* for SMTP.

After switching LDA and SASL over to Dovecot, I have magnanimously set up Sieve scripting for my valuable users. And it works for both virtual and shell accounts.
Shell accounts can use either Squirrelmail, or upload Sieve scripts via the Sieve Thunderbird plugin or place them in your .sieve folder.
Virtual accounts will either have to use Squirrelmail or a program that can speak Sieve (standard port, 2000)
Sieve scripts DO count against your quota, so be careful Virtual Users.
This is LDA level filtering, so I can’t see what it’s doing via my logs, so watch your filters!

There are a lot of Sieve scripts out there, have fun!

Procmail and Maildrop are installed on the system, and can be used for shell users via a .forward file.

Webmail:

http://mail.chronophage.net for SquirrelMail

http://mail.chronophage.net/ for RoundCube

Postfix Admin

http://mail.chronophage.net/admin redirects to https://mail.chronophage.net/postfixadmin

Shell users should be able to log in with their email address but passwords don’t sync with local passwords.

Send me an email to change passwords.

Leave a Comment :, , , , , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!