Category Archives: Debian

Lightweight & fast webmail client

Leave a reply

My main home server is a measly pentium II class machine running (now) on Debian Etch. Not the fastest machine but it works, uses little power and is cheap while setup from left-overs. Among other things it serves me my email when not at home using RoundCube Webmail. With the low-end hardware I am using it is key to keep it as fast and lightweight as possible. The server is behind a DSL connection at home so compression comes in handy as well.
Continue reading

Pre-loading debconf values for easy installation

1 Reply

Debian’s configuration management might take some getting used to, but after you learn your way around /etc/{default,init.d,} it makes good sense.

Now when you have to do the same thing over and over again (ever said yes 25 times to Sun’s java license?), or you find that after a dist-upgrade your ldap configurations are gone because you pressed ‘enter’ one too many times…; you could either keep lots of tarballs or digg deeper. The latter could be done with debconf. Debconf keeps all answers to questions packages can ask during installation, both the ones you gave yourself and the implied or low-priority ones chosen by the packager.

You can set those values yourself quite easily, once you know how.
Continue reading

Broken WordPress: debian unstable is called unstable for a reason

Leave a reply

Update: The maintainer of the wordpress package released “my” bugfix. It’s available now for those using unstable (sid). I guess it will be available in testing (lenny) soon, since the bug is listed in the release critical bugs list. To bad he credited me with the name Del Gurt, but well… The only thing I did was finding the missing methods in WordPress 2.6. But it’s my first fix in Debian, yeh.

I just ran an apt-get update + apt-get upgrade and after that my WordPress homepage was broken when I’m logged in, it gives a nice "Fatal error: Call to undefined function admin_url() in /usr/share/wordpress/wp-includes/link-template.php on line 470". And so is it for all people using the debian unstable package for WordPress, for example this guy.

I quickly searched what functions where missing and created a patch and submitted it to the related debian bug. I hope they will accept it soon, but well. My WordPress works fine again now.

Creating a patch took me a while, since I never created a patch for a debian package before. Lucky me, there are tutorials on how to create patches for debian packages, so I just had to read up on that. I read about how to submit the patch in the tutorial on how to help squashing Release-Critial bugs.

And I had to read up on dpatch, because the other patches on WordPress where created using that. Lucky me, someone has created a nice short tutorial on how to use dpatch already. Dpatch seems like a good way to keep your patches separated from the original code, so when the original code is updated, you can determine easily if that conflicts with your patches or not.

And then I had to create a GPG key to sign my patch. Since dpkg-buildpackage complains about it otherwise.

So in the end, what I had to do to patch my WordPress and submit the patch (besides generating the GPG key):

Install the required tools
sudo apt-get install build-essential devscripts lintian linda diff patch patchutils dpatch
Get the WordPress package source
apt-get source wordpress
Enter the root directory of the extracted source
cd wordpress-2.5.1
Let the package know I’m making the changes
dch -i
Start the dpatch process
dpatch-edit-patch 009CVE2008-3747.addendum
Make the changes
Exit dpatch process
exit
The wordpress patches are all called .patch so rename it
mv debian/patches/009CVE2008-3747.addendum.dpatch debian/patches/009CVE2008-3747.addendum.patch
Change the e-mail address in the patch
EDIT debian/patches/009CVE2008-3747.addendum.patch
Add the patch to the list of patches
echo "009CVE2008-3747.addendum.patch" >> debian/patches/00list
Test the patch
fakeroot debian/rules binary && sudo dpkg -i ../wordpress_2.5.1-6.1_all.deb
Build the source package
dpkg-buildpackage -kMYKEY -rfakeroot
Create the patch
interdiff -z ../wordpress_2.5.1-6.diff.gz ../wordpress_2.5.1-6.1.diff.gz > ../bug_497524.patch
Email the bugs list with the patch
Email bug control to inform them that a patch has been made for the bug

That was it. Not that hard, if you know the commands + procedure. Now wait and see what the package maintainer is going to do with the patch I created.

Update: seems I forgot to check the edit link itself after the fatal error was gone… It didn’t work anymore. Fixed that as well now.

Update2: for those who find my post and do not want to wait on the maintainer to release the patch, I’ve “released” it. The MD5 of wordpress_2.5.1-6.1_all.deb is: dc46d35743122d933def7db431c8f49e.

PHP Acceleration with eAccelerator

Leave a reply

With high traffic sites, performance issue’s rise. Now one of the solutions is to use an opcode caching mechanism for PHP. There are two mainstream open source solutions for that, APC and eAccelerator. And there is Zend platform and Zend core.

Installing eAccelerator
I found a very straight forward howto about installing eAccelerator (and others) on Debian.

But, as always, there are some problems with that tutorial. First the -- is replaced by a special character on that tutorial (and in my blog if I don’t use the <code> tag) in the configure command, so that doesn’t work if you copy paste it. The working configure command is:


./configure --enable-eaccelerator=shared --with-php-config=/usr/bin/php-config

And you don’t need to do all the work as root, only the apt-get, the make install and the php.ini editing should be done as root (best practice, only use root privileges when needed).

Also the double quotes are changed into a special character in that tutorial, so if you get an error in your logs about unable to load \xe2\x80\x9deaccelerator.so\xe2\x80\x9d you copied them just like I did ;-)

This is what I put in the php.ini, without the special double quotes, and with one change


extension="eaccelerator.so"
eaccelerator.shm_size="16"
eaccelerator.cache_dir="/var/cache/eaccelerator"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

The tutorial writer creates the cache directory in /tmp. But he fails to make the remark that /tmp is cleared on server restart. So that’s not really a good option. So I’ve done the following in stead


sudo mkdir /var/cache/eaccelerator
sudo chown www-data /var/cache/eaccelerator
sudo chmod 0755 /var/cache/eaccelerator

Yes, the 0644 from the eAccelerator wiki is what you want for the files being created in there, but not for the directory itself.

The big disadvantage of this way of installing it, is that you probably need to recompile it (after a make clean) and reinstall it on every update of PHP. But reading up on APC vs eAccelerator made me choose for the latter.

But does it really help?
Now, the results. What better to test then my own PHP blog (and yes it’s not the fastest one, it’s running on a VPS).

Before installing eAccelerator:

Server Software:        Apache/2.2.8
Server Hostname:        blog.delgurth.com
Server Port:            80


Document Path:          /
Document Length:        44436 bytes


Concurrency Level:      10
Time taken for tests:   397.121299 seconds
Complete requests:      1000
Failed requests:        0
Write errors:           0
Total transferred:      44796000 bytes
HTML transferred:       44436000 bytes
Requests per second:    2.52 [#/sec] (mean)
Time per request:       3971.213 [ms] (mean)
Time per request:       397.121 [ms] (mean, across all concurrent requests)
Transfer rate:          110.16 [Kbytes/sec] received


Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0    0   0.3      0       6
Processing:   712 3961 1674.7   3696   10696
Waiting:      368 2177 1013.3   2033    6943
Total:        712 3961 1674.7   3696   10696


Percentage of the requests served within a certain time (ms)
  50%   3696
  66%   4454
  75%   4977
  80%   5270
  90%   6225
  95%   7039
  98%   8188
  99%   8632
 100%  10696 (longest request)

After installing eAccelerator

Server Software:        Apache/2.2.8
Server Hostname:        blog.delgurth.com
Server Port:            80


Document Path:          /
Document Length:        44436 bytes


Concurrency Level:      10
Time taken for tests:   242.584585 seconds
Complete requests:      1000
Failed requests:        0
Write errors:           0
Total transferred:      44796000 bytes
HTML transferred:       44436000 bytes
Requests per second:    4.12 [#/sec] (mean)
Time per request:       2425.846 [ms] (mean)
Time per request:       242.585 [ms] (mean, across all concurrent requests)
Transfer rate:          180.33 [Kbytes/sec] received


Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0    0   0.2      0       4
Processing:   430 2419 983.2   2330    6409
Waiting:      100  648 448.6    578    3025
Total:        430 2419 983.2   2330    6409


Percentage of the requests served within a certain time (ms)
  50%   2330
  66%   2798
  75%   3051
  80%   3246
  90%   3712
  95%   4182
  98%   4614
  99%   4901
 100%   6409 (longest request)

So it helps also quite a bit on my wordpress install, it’s about a 33% performance increase!

Some material I read

P.s. yet another wordpress rant, if you have empty lines between <code> tags, wordpress inserts <p> tags there for you. Not very nice to my liking, since it breaks the formatting of the <code> tag, which I used to format the apache bench results…

Debian Etch Samba printing from Windows XP

Leave a reply

For a while I was not able to print from Windows XP via Samba with my Brother HL 2030 laser printer which is connected to one of my servers. I’m running debian Etch there and had upgraded some packages, including samba. The printer was listed in my SWAT samba status, but on windows I couldn’t find it.

In the end it seems that I was missing one statement in my smb.conf:

[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
guest ok = Yes
printable = Yes
read only = No

The odd thing is, that when I look at the documentation, setting printable = Yes should have been enough. At least, that’s how I read it. But I guess I’m wrong since the read only = No helps (although you can’t set this parameter for a printer share using SWAT).

Debian Etch Postfix + Sasl2

Leave a reply

Some time ago I had some problems sending mail to one of our clients, something with their primary mailserver not accepting connections and a non-existent secondary mailserver. So I wanted to enable authenticated mail sending on my own mailserver.

It was quite easy to get it working, after finding some articles which I could use. The biggest problem was the jail Postfix was in so it couldn’t talk with saslauthd direcly.

I added the following in my main.cf

#SMTP Auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = smtpd
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unknown_recipient_domain

And I created directory sasl and placed a smtpd.conf in there containing:

pwcheck_method: saslauthd
mech_list: plain login

And I changed /etc/default/saslauthd to use the suggested option (suggested in comment in the file itself):

OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

Used articles:

Update 2008-05-15:
Today I ran into a problem after I did a package upgrade. I got the warning:

SASL authentication failure: cannot connect to saslauthd server: Permission denied

Seems some permissions where incorrect. I did a:

sudo chgrp sasl /var/spool/postfix/var/run/saslauthd
sudo passwd postfix sasl
sudo /etc/init.d/postfix restart

and that solved it. Why I didn’t get this before I don’t know, but well, this fixed it. Thanks to Jimmy who blogged about Debian and SASL as well.