Yesterday, 13 May 2008, was a really bad day for the Debian project, probably one of the worst days in the history of Debian. Luciano Bello discovered that the random number generator in Debian’s openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package (CVE-2008-0166). As a result, cryptographic key material may be guessable.
Systems which are running any of the following releases are affected :
Read the rest of this entry »
Tags: debian-etch, openssl, ssh
After performing some security related OS updates, i was receiving from LDAP all sort of strange errors. Like, when you logged on the ldap server as a regular ldap user (not system user) the regular user@host:~$ prompt changed to:
I have no name!@host:~$
Read the rest of this entry »
Tags: ldap, tips
This article will show how you can rebuild any debian package. You might need to rebuild a package for various reasons: add/remove some compilation options, make some changes to the sources, or compile a newer version from testing/sid into stable, etc. Regardless of your reason, this can be done very easy using debian tools.
First you will need to have some basic debian building tools installed:
apt-get install devscripts build-essential Read the rest of this entry »
Tags: apt, Debian
It seems that the Debian team doesn’t like to release minor versions anymore. After Debian 4.0 (code name “Etch”) released last year, the next Debian release (code name “Lenny“) will be numbered as Debian 5.0 as announced yesterday by Marc Brockschmidt: “For reading this far, you receive the small reward of the knowledge that Lenny will be shipped as Debian 5.0.”
Also interesting enough he mentioned that Lenny might be released with KDE4:
“There may be a possibility to include KDE 4 in Lenny. The efforts on KDE 4.1 have been quite promising and seem to be leading to a desktop environment which can fully replace KDE 3. The KDE team will provide betas and release candidates of the 4.1 release in experimental. In the event that KDE 4.1 is on time, and there are no major issues, an upload to unstable in order to include it in Lenny is possible.”
The development of Debian GNU/Linux 5.0 seems to be on track and the final release is still expected in September 2008.
Tags: Debian, lenny
Debian provides security updates for old stable releases for one year after a new distribution has been released. Yesterday, Debian announced that the support for Debian 3.1 (sarge) is coming to an end this month, as etch was released last year in April, sarge will be supported until March 2008.
Anyone still running Debian sarge, should really be thinking seriously to finally update to etch asap. 
Debian’s Official Announcement: http://www.debian.org/News/2008/20080229
Tags: Debian, sarge
This document describes how to install and use sshfs, a FUSE based filesystem that uses SSH to mount remote folders. Since it is based on FUSE (userspace filesystem framework for Linux) your kernel will need to have the fuse module available. FUSE is included in kernel newer than 2.6.14, so I will assume that you will have it already included in your kernel.
Read the rest of this entry »
Tags: fuse, ssh, sshfs, tips
“The Debian project is pleased to announce the third update of its stable distribution Debian GNU/Linux 4.0 (codename etch). This update mainly adds corrections for security problems to the stable release, along with a few adjustment to serious problems.
Those who frequently install updates from security.debian.org won’t have to update many packages and most updates from security.debian.org are included in this update.”
Note: this is true 
. I’ve not even noticed this and seen it as a minor apt upgrade
Release Announcement: http://www.debian.org/News/2008/20080217
A complete list of all accepted and rejected packages together with rationale is on the preparation page for this revision: http://release.debian.org/stable/4.0/4.0r3/
Tags: Debian, etch
If you have seen an error like “Fatal Error: PHP Allowed Memory Size Exhausted” in apache logs or in your browser, this means that PHP has exhausted the maximum memory limit. This post will show 3 different ways on how you can increase the php memory limit and also explain when you should use them.
First, let’s see where is this limit coming from. Normally you will see from the error message what is the actual limit, as this will look like:
PHP Fatal error: Allowed memory size of X bytes exhausted (tried to allocate Y) in whatever.php
The default value might differ depending on what php version and linux distribution you are running, but normally this will be set to either 8M or 16M. For example on my debian etch, running on php 5.2 this is set by default at 16M.
In order to identify the current value on your system, look inside your php.ini and search for memory_limit:
memory_limit = 16M ; Maximum amount of memory a script may consume (16MB)
There are three ways to change this value, the obvious way - changing the global value from php.ini, but also an individual method to change it just for a script, or folder. Read the rest of this entry »
Tags: php, php5
The Unix find command is a very powerful tool, and this short post is intended to show how easy you can achieve something that might look complicate: to find all the files of a particular size. Let’s assume you are searching for all the files of exactly 6579 bytes size inside the home directory. You will just have to run something like:
find /home/ -type f -size 6579c -exec ls {} \;
As units you can use:
- b - for 512-byte blocks (this is the default if no suffix is used)
- c - for bytes
- w - for two-byte words
- k - for Kilobytes (units of 1024 bytes)
- M - for Megabytes (units of 1048576 bytes)
- G - for Gigabytes (units of 1073741824 bytes)
Read the rest of this entry »
Tags: tips
Apache is one complex piece of software, that contains many features most people are normally not using. You can do so many things with apache outside of the default configurations, and I am not going to discuss today about an external module, but about the plain old mod_log_config.
Normally most people will use for apache logging the combined LogFormat, and will not even think there will be other possible additions to that. This normally looks like:
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
and it contains most of the information we would like to see in the logs. Still there are many other information we can include here… just see below for the full list. Read the rest of this entry »
Tags: apache-tips-and-tricks, apache2
Loading ...
