Category: Linux

automysqlbackup ERRORS REPORTED: MySQL Backup error Log Warning: Skipping the data of table mysql.event. Specify the –events option explicitly.

I was receiving email error messages from cron like this from my autbackupmysql on a regular basis:
ERRORS REPORTED: MySQL Backup error Log for somehost.com.dxa - 2014-05-01_06h26m -- Warning: Skipping the data of table mysql.event. Specify the --events option explicitly.
It turns out that mysqldump now warns you if the events table is not being dumped. So to get rid of the warning either ensure the table gets dumped when you do a backup or tell mysql explicitly not to dump it. I chose the former approach as it is a backup after all.
Simply add the following line to /etc/mysql/my.cnf
[mysqldump] ... ... ... events
This tells the mysqldump program to explicity include the events table, and removes the warning. You can see a discussion about this option here.
If you are using debian, you will need to add that section to the /etc/mysql/debian.cnf file also as automysqlbackup uses that file for its configuration instead. See debian bug report for more details.

01/05/2014
increase wordpress Maximum upload file size beyond 8MB.

There is at least three places you need to set the maximum upload file size in WordPress.
First check your php.ini
upload_max_filesize = 64M; post_max_size = 64M;
Restart Apache after making this change.
Then if you are using WordPress multi-site, you need change a setting in the backend. Visit My Sites -> Network Admin -> Dashboard -> Settings -> Network Settings. Then scroll down to the Upload Settings area and change that.
Thanks to dorr13 for that tip.

29/04/2014
How to create debian init.d startup script

From time to time I need to create an init.d startup script for a program that is not part of the default debian distribution. I’ve always found it unnecessarily fiddly to create a new script. The other day I came across naholyr’s gist, a script to make init.d scripts.
There were a few problems with it so I made it into a proper github project and fixed up the problems. The url it was retrieving the service.sh script from was 404, and it wasn’t checking for successful download of the script, so I made it abort if it fails to download.
I couldn’t come up with a decent name for it so its called sample-service-script.
I already had a few pull request to it, yay!

29/04/2014
Set group permissions for whole subdirectory with ACLs

Sometimes you want to preserve file permissions under subdirectories in linux with ACLs but that’s not the whole story. If you want multiple users to be able to read and write to these files, and the group permissions to stay correct, you need to set ACLs and also group +s on the subdirectories. This is to ensure new files and directories are also created with the correct permissions and group ownership.
I wrote a small script that takes a group and a directory as parameters, and recursively fixes the permissions and set new ACL and group permissions so in future, new files will have the correct permissions.
I put set-acl-permissions on github.
It blindly recursively sets permissions so be careful. Also, it may well contain bugs that could cause catastrophic failures.

18/04/2014
Pull a backup from a remote host with ssh and tar
Sometimes you might need to copy a whole directory from a remote host, but the remote host does not have enough space to tar the whole thing up and then sftp it off. The solution is to tar/bzip the directory and stream it directly to your local host:
```
ssh root@remotehost 'tar cjf - /path/to/somedirectory' | pv -cN tar  > somedirectory.tar.bz2
```
Using pv (pipe viewer) gives you extra progress bar goodness:
```
tar:  176MB 0:09:14 [ 371kB/s] [                             <=>    ]
```
07/04/2014
HP MediaSmart IR Remote for MythTV
I’ve been on a quest to find a good remote for MythTV. My first try was with a Logitech Harmony. Those things are nasty horrible pieces of crap. I’d never touch one again. Programming it is a nightmare. It does not have a generic PVR option so you have to fake it to make it work with Mythtv by telling it its another device and learning those codes in LIRC. It is a very slow device with what felt like a 500ms delay with each keypress. It also tried to know what state your equipment was in so that it could turn things on and off, but of course it would always be out of sync and then you’d have to go through this process of turning things on and off until it was in sync again.
Enter the HP MediaSmart IR remote, also known as HP RC2285202/01. These devices used come with a media player box that HP used to sell. As far as I can tell, its not in production anymore but the remotes are readily available on Ebay.
Features:
1. Dedicated IR codes for the PVR. On previous universal remotes I have used, I was unable to find a “code” setting that would make all the buttons active, that I could then learn in LIRC.
2. Back-lit keys. All the keys seem to be backlit. Some universal remotes either only backlight a few keys or have no backlight at all.
3. Cheap. A$23 with USB receiver, delivered.
4. Universal remote. Can control 5 devices including your PVR.
5. Punch Through. Some buttons like volume and mute can punch through from the TV or Amp, to the PVR device. IE. you can make it turn the volume up on the amp when you press the volume button when in PVR or TV modes.
6. Takes standard AA batteries.
There are a few downsides too:
1. Difficult to get going (solved now that you have found this blog post)
2. Punch through does not work on all buttons. Namely Power and Source. This is annoying but solvable with a pulse-eight CEC adapter
I spent many hours trying to work out why it would not work on my system. In the end it came down to two things.
For some reason LIRC does not work correctly with MCEUSB receivers that are plugged into USB3 sockets.
You need to tell the kernel to treat the receiver as lirc rather than anything else, in order for LIRC to be able to connect to it:
```
$ sudo sh -c "echo lirc > /sys/class/rc/rc6/protocols"
$ sudo cat /sys/class/rc/rc6/protocols
rc-5 nec rc-6 jvc sony mce_kbd [lirc]
```
The word [lirc] surrounded with square brackets tells you it worked.
I implemented this at boot time by adding
```
/etc/rc-scripts/start-lirc
```
to /etc/rc.local and then in /etc/rc-scripts/start-lirc
```
#!/bin/bash
echo "Making lirc the default for rc"
echo lirc > /sys/class/rc/rc0/protocols
echo "Starting lircd"
/etc/init.d/lirc start
```
Remove lirc from the normal startup process:
```
$ sudo update-rc.d lirc remove
```
Test your configuration (retrieve HP-RC2285301-01.conf below):
```
$ sudo /usr/sbin/lircd -n -d /dev/lirc0 -P ./lirc.pid  HP-RC2285201-01.conf
$ irw
```
And when you press the keys on your remote, you should see some output from irw.
03/04/2014

Tips on installing FreeSWITCH and FusionPBX in debian

I’ve been testing out FreeSWITCH and FusionPBX. I found it non trivial to install in debian. Here are my tips for installing.

Don’t bother with the install script. I found it to be broken. And when it breaks during install, it leaves you in a state that’s very hard to understand and fix. In the end it was easier to install FreeSWITCH by hand, get that working, to the extend that you can make inter extension calls, then proceed with the FusionPBX install.
Install FreeSWITCH by following the Quick Install Guide.

Commit the entire FreeSWITCH configuration to git so its easy to roll back when you reinstall FusionPBX. Switch to a new branch before making further changes.

cd /usr/local/freeswitch
      git init
      echo 'db/*' >> .gitignore
      echo 'log/*' >> .gitignore
      echo '.svn*' >> .gitignore
      git add -A
      git commit -m "Initial Commit"
      git checkout -b try1

Get the latest version of FusionPBX from svn.

cd /usr/src
         svn checkout http://fusionpbx.googlecode.com/svn/trunk/ fusionpbx
         cd fusionpbx
         cp -a fusionpbx /var/www/fusionpbx

Create a fusionpbx site for apache and enable it. Note that this makes fusionpbx appear at the root of your site. Create file called fusionpbx in your /etc/apache2/sites-available directory and put the following in it:

      <VirtualHost *:80>
        ServerAdmin webmaster@localhost
        ServerName freepbx.example.com
        DocumentRoot /var/www/fusionpbx
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/fusionpbx/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>
        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
        <Directory "/usr/lib/cgi-bin">
                AllowOverride None
                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                Order allow,deny
                Allow from all
        </Directory>
        ErrorLog /var/log/apache2/error.log
        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel debug
        CustomLog /var/log/apache2/access.log combined
    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>
</VirtualHost>

Then enable the site with a2ensite fusionpbx/

after installing FusionPBX, commit the entire configuration to git to make rolling back easier. Switch to a new branch before making further changes.
set up a FQDN for the box running FreeSWITCH and FusionPBX
use ACL to allow www-data to make changes to the /usr/share/freeswitch directory

And after you install and you realise it didn’t quite go as planned

Reset the postgresql database:

root@fusionpbx: # su - postgres
postgres@fusionpbx:~$ psql
postgres=# drop database fusionpbx;
postgres=# create database fusionpbx;
postgres=# alter user fusionpbx with password 'XXXX';
grant ALL PRIVILEGES ON DATABASE fusionpbx to fusionpbx;

revert your FreeSWITCH configuration using git
revert your FusionPBX configuration using git

06/03/2014

Proxy Dashing Dashboard behind Apache with SSL

I needed to allow access to my Dashing dashboard over ssl from the Internet. I decided to proxy it behind Apache and get Apache to do all the SSL heavy lifting, mainly because I couldn’t work out if and how you could enable SSL within Dashing itself.
It turned out to be quite simple to implement. I simply created a vhost configuration for my dashboard and enabled it in Apache.
Create a file called dashboard in /etc/apache2/sites-available/ with the following content:

<VirtualHost *:80>
 ServerName dashboard.example.com
 Redirect permanent / https://dashboard.example.com/
</VirtualHost>
NameVirtualHost *:443
<VirtualHost _default_:443>
 SSLEngine On
 SSLCertificateFile /etc/ssl/CAcert.cert.pem
 SSLCertificateKeyFile /etc/ssl/private/key.pem
 ServerAdmin webmaster@localhost
 ServerName dashboard.example.com
 ErrorLog "/var/log/apache2/dashboard-error_log"
 CustomLog "/var/log/apache2/dashboard-access_log" common
 <Proxy *>
   Order allow,deny
   Allow from all
 </Proxy>
 ProxyPass / http://mylocalserver.example.com:3030/
 ProxyPassReverse / http://mylocalserver.example.com:3030/
</VirtualHost>

Ensure the proxy modules are enabled:

$ sudo a2enmod proxy
Enabling module proxy.
To activate the new configuration, you need to run:
service apache2 restart
$ sudo a2enmod proxy_http
Enabling module proxy_http.
To activate the new configuration, you need to run:
service apache2 restart
$

Enable the new dashboard site:

$ sudo a2ensite dashboard

Check your configuration is working before restarting apache:

$ sudo apachectl configtest
Syntax OK
$ sudo service apache2 restart
[ ok ] Restarting web server: apache2 ... waiting .
$

Don’t forget to delegate your dashboard.example.com hostname to resolve to your apache server’s IP address.
Now visit http://dashboard.example.com/name_of_your_dashboard. Your browser should automatically get redirected to https://dashboard.example.com/name_of_your_dashboard and you should see your dashboard.

04/03/2014

Preserve file permissions 664 under subdirectories in linux with ACLs
Have you ever wanted to give several users permission to work on files within a directory, but then struggled with what permissions and user:group ownership to set them to so users can always edit the files?
You might think the solution is to make the parent directory owned by a common group, lets say dev, and then try and make the permissions flow through to the files within. This doesn’t work though, and new files will still be created with the user’s umask, typically 644, which is no good as it results in the other users not being able to edit the file.
The solution lies in ACLs (Access Control Lists). Thanks to Pelle at Stackoverflow for making such a concise set of steps to set this up. Blatantly copied here:
First add the acl option to the mounted partition where the directory is you want to apply this to. Add the acl option to the mount point in /etc/fstab:
```
/dev/xvda1      /               ext3    errors=remount-ro,acl 0       1
```
Then remount the filesystem to enable it:
```
# mount -oremount /
```
Then set the permissions using the setfacl command:
```
# setfacl -dm u::rwx,g::rwx,o::r /shared/directory
```
Test by creating a new file in /shared/directory:
```
/shared/directory$ touch test
/shared/directory$ ls -al test
-rw-rw-r-- 1 jason dev 0 Feb 20 12:37 test
```
Marvel in the wonders of modern filesystems.
20/02/2014
Anacron run-parts: /etc/cron.daily/amavisd-new exited with return code 1

I’ve been getting messages like the ones below from cron my debian box for some time now. I finally got sick of seeing them and I tracked down the error.
/etc/cron.daily/amavisd-new: Please run this cronjob as user amavis run-parts: /etc/cron.daily/amavisd-new exited with return code 1
At some point the debian package moved the cron config file from /etc/cron.daily/amavisd-new to /etc/cron.d/amavisd-new but for some reason when upgrading, it does not remove the old config file, leaving you with an erroneous file.
All you need to do is delete /etc/cron.daily/amavisd-new and the messages should go away.

28/06/2013