Craig Box's journeys, stories and notes...
AWStats is a "free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically". It's commonly used for generating pretty logs of your Apache web server. (See the AWStats demo if you're unfamiliar and interested.)
I got it going with my Ubuntu virtual web hosting setup this morning, and wrote a page about AWStats, Apache 2 and Ubuntu or Debian on the WLUG wiki. Enjoy.
Hey, if Juha's blog is a NZ .NET blog, then dammit, I ought to be one too. Vote for me! I have a Smartphone, and wrote a program in C# once!
On that note, did you hear I wrote a program in C# once? Mostly while watching one-day cricket last summer, in fact. It progressed really well, and seemed like it would fill a need - it does profile management for Windows 2000/XP machines. I learnt a lot on the go, and got it to the point where I didn't think that I would be able to go much further without peer review.
So, I released it, and posted about it to some newsgroups. And got no feedback. Not one. Not a sausage.
Since then, I've actually gone to run it once, and found that it didn't actually work on .NET 1.1 - even though I'd deliberately eschewed nice new 2.0-only classes and done things The Hard Way for maximum compatibility, because I'd used Visual Studio Express 2005, it used 2.0 by default. I found out how to fix that, but by that time, it was quicker to fix the profiles manually.
I don't really enjoy programming the way that my programmer friends do. If I had a Windows programmer buddy to help me with the details and motivate me, then the Windows sysadmins of this world could end up with a pretty cool tool. So, 1. I think this post must make my blog the best .NET blog in NZ (cough cough) and 2. if anyone out there wants to help out with a useful C# project for Windows sysadmins, please comment below.
Debian's package system, as well as its automatic dependency resolution, has reasonable management of configuration files - not as great as Gentoo, unfortunately, which has some smarts about merging changes, but at least it stops you and tells you what is changing. It does this for files that are labelled as 'conffiles'.
If you're upgrading a lot of alike machines, you can find out what answers you want to load in first, and then tell the others to accept or reject the changes appropriately.
For example, hdparm gets an init script in Dapper that it didn't have in Hoary, so we can safely force an answer of 'yes' for that package:
apt-get install -y hdparm -o Dpkg::Options::="--force-confnew"
However, the firewall rules have been customized locally, and overwriting them with defaults would be bad!
apt-get install -y linuxserver-firewall -o Dpkg::Options::="--force-confold"
ClamAV's packages are a bit smarter, using the newer ucf configuration system, which, among other things, can handle a three way merge - letting you compare new, current and original, in a way that can roll your changes in a bit better. (It's also designed more for files edited or created in postinst, and not just plain configuration files). The syntax for automatic accepting of conffile changes is different for UCF:
UCF_FORCE_CONFFOLD=yes apt-get install -y clamav-base
Look at 'man ucf' and 'man dpkg' for more force options.
A long time ago I built an installer for WinVNC so that IT Partners' clients can connect back to us and we can fix their problems remotely.
A problem I have always had with it was that you have to launch WinVNC seperately from a connection shortcut; if you tried to run it every time, it would say "Another instance of WinVNC is already running", and if you go to connect when there isn't a running WinVNC, you get "No existing instance of WinVNC could be contacted". Therefore, users need to perform two distinct steps - a "launch", which does -kill -run, and a "start session", which does a -connect.
Here is a nice batch file to get around it, using SysInternals' PSList utility. If you know your users are on Windows XP or greater, you could use the built in tasklist command instead.
@echo off
pslist winvnc > nul
if %ERRORLEVEL% EQU 0 goto connect
start winvnc -run
:connect
if [%1] NEQ [] start winvnc %1 %2 %3 %4 %5
:end
Don't you hate it when you update a Linux machine, and the order that the network cards are detected, changes?
ifconfig | grep HWaddr | awk ' { printf"KERNEL==\"eth*\",SYSFS{address}==\"%s\", NAME=\"%s\"\n", $5, $1; }' > /etc/udev/rules.d/10-network-cards.rules
The cables don't change around, so neither should the order in which they come up.
Tracking down bugs in Debian and Ubuntu packages is fun for the whole family. Found this one while upgrading from Hoary to Dapper on a test box:
root@unassigned-firewall:~ # apt-get install lvm2..
Preparing to replace lvm2 2.00.32-1 (using .../lvm2_2.02.02-1ubuntu1_i386.deb) ...
dpkg: error processing /cdrom//pool/main/l/lvm2/lvm2_2.02.02-1ubuntu1_i386.deb (--unpack): subprocess pre-installation script returned error exit status 10
Errors were encountered while processing:
/cdrom//pool/main/l/lvm2/lvm2_2.02.02-1ubuntu1_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
Straight to Google. Nothing for this package, but some other packages with a similar error are reported. Eventually, I find a similar example, and work through the steps:
root@unassigned-firewall:~ # export DEBCONF_DEBUG=developer
root@unassigned-firewall:~ # apt-get install lvm2
..
Preparing to replace lvm2 2.00.32-1 (using .../lvm2_2.02.02-1ubuntu1_i386.deb) ...
debconf (developer): frontend started
debconf (developer): frontend running, package name is lvm2
debconf (developer): starting /var/lib/dpkg/tmp.ci/preinst upgrade 2.00.32-1
debconf (developer): <-- VERSION 2.0
debconf (developer): --> 0 2.0
debconf (developer): <-- CAPB backup
debconf (developer): --> 0 multiselect escape backup
debconf (developer): <-- TITLE LVM2
debconf (developer): --> 0
debconf (developer): <-- FSET lvm2/kernel seen false
debconf (developer): --> 10 lvm2/kernel doesn't exist
dpkg: error processing /cdrom//pool/main/l/lvm2/lvm2_2.02.02-1ubuntu1_i386.deb (--unpack):
subprocess pre-installation script returned error exit status 10
debconf (developer): frontend started
debconf (developer): frontend running, package name is lvm2
debconf (developer): starting /var/lib/dpkg/info/lvm2.postinst abort-upgrade 2.02.02-1ubuntu1
Errors were encountered while processing:
/cdrom//pool/main/l/lvm2/lvm2_2.02.02-1ubuntu1_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
Aha! Eventually, the problem presents itself, in the postinst - but of the new package, not the one that is in /var/lib/dpkg/info:
if ! dpkg --compare-versions $(uname -r) ge '2.6.12'; then
db_fset lvm2/kernel seen false
db_input critical lvm2/kernel || true
db_go
exit 1
fi
Which neatly matches this Debian bug. I built me a package without this block (you're going to be running a new kernel when the upgrade that includes this package is done - the new version wouldn't cleanly backport), and the upgrade continued.
The moral of this story is I should have gone to Launchpad first, as the bug is recorded there. Google just didn't see it.
subinacl is "a command-line tool that enables administrators to obtain security information about files, registry keys, and services, and transfer this information from user to user, from local or global group to group, and from domain to domain."
The magic thing that you can do with subinacl that you can't do with the GUI, is change ownership of files. It was a deliberate decision to only allow taking ownership from the GUI, so that if you are an admin, and someone locks you out of their files, and you have to take ownership to see them, the owner will know. Bugger having a paper trail for a laugh - use subinacl.
I have found a good example (with pics) at Windows Server Hacks. There is a reference page at ss64, which is a great reference for command line Windows tools. (What, Windows has a command line?)
If you're the sort of person who already knew about subinacl, can tell me tales of other useful tools like it, and want an IT job in Hamilton, we want to hear from you.
Subscribe with a news reader (RSS)
Have new updates sent by e-mail