Debian https://tech.feedyourhead.at/ en HackADay: A Christmas-Machine(Merry Christmas) https://tech.feedyourhead.at/content/hackaday-a-christmas-machine <span class="field field--name-title field--type-string field--label-hidden">HackADay: A Christmas-Machine(Merry Christmas)</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>This year I want to send you merry christmas by creating a blog-entry for a raspberry pi christmas project. The "christmas-machine" displays merry christmas and wishes for the "christkind" on a tft display for the raspberry. It is possible to send christmas wishes using a web applications that can be accessed via wifi. I placed this installation at the coffee-kitchen in the office and it was very nice to see that my colleges had a lot of fun with it.</p> <p>Blesses for "Brother Patrick" who spent me that wonderful Joy-IT TFT display.</p> <p> <video controls="" height="360" width="480"><source src="/sites/default/files/DateiUploads/xmasdev.mp4" type="video/mp4" /></video> </p> <h2>Install Joy-IT TFT3.2</h2> This is a very short installation guide for this display. Please visit the documentation for this display to see the <a href="http://anleitung.joy-it.net/wp-content/uploads/2017/04/RB-TFT3.2_RB-TFT3.5_Manual.pdf">full installation guide</a>. Edit /boot/config.txt <pre><code> dtparam=spi=on dtoverlay=joy-IT-Display-Driver-32b-overlay:rotate=270,swapxy=1 </code></pre> Edit /boot/cmdline.txt and add "fbcon=map:10" <pre><code> console=serial0,115200 console=tty1 root=PARTUUID=6c586e13-02 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait fbcon=map:10 </code></pre> Install xorg-modules: <pre><code> apt-get install xorg xorg-docs-core xserver-xorg xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-libinput xserver-xorg-input-wacom xserver-xorg-legacy xserver-xorg-video-all xserver-xorg-video-amdgpu xserver-xorg-video-ati xserver-xorg-video-fbdev xserver-xorg-video-fbturbo xserver-xorg-video-nouveau xserver-xorg-video-radeon xserver-xorg-video-vesa </code></pre> Edit /usr/share/X11/xorg.conf.d/99-calibration.conf: <pre><code> Section "InputClass" Identifier "calibration" MatchProduct "ADS7846 Touchscreen" Option "Calibration" "160 3723 3896 181" Option "SwapAxes" "1" Option "TransformationMatrix" "1 0 0 0 -1 1 0 0 1" EndSection </code></pre> Edit /usr/share/X11/xorg.conf.d/99-fbturbo.conf and set fbdev to "/dev/fb1" <pre><code> Section "Device" Identifier "Allwinner A10/A13 FBDEV" Driver "fbturbo" Option "fbdev" "/dev/fb1" Option "SwapbuffersWait" "true" EndSection </code></pre> Install the driver: <pre><code> cd /tmp wget anleitung.joy-it.net/upload/joy-IT-Display-Driver-32b-overlay.dtbsudo cp joy-IT-Display-Driver-32b-overlay.dtb /boot/overlays/joy-IT-Display-Driver-32b-overlay.dtbo </code></pre> <h2>Prepare the desktop environment</h2> Install the LXDE-desktop: <pre><code> apt-get install lxde-common lxde-core lxde-icon-theme lxde-settings-daemon openbox-lxde-session lightdm lightdm-gtk-greeter chromium-browser unclutter </code></pre> Set autologin for user pi in lightdm: <pre><code> autologin-guest=false autologin-user=pi autologin-user-timeout=0 </code></pre> Edit /etc/xdg/lxsession/LXDE/autostart and remove xscreensaver: <pre><code> @lxpanel --profile LXDE @pcmanfm --desktop --profile LXDE @xset s off @xset -dpms @xset s noblank </code></pre> <b>Reboot</b> Edit /home/pi/.config/lxsession/LXDE/autostart: <pre><code> @lxpanel --profile LXDE @pcmanfm --desktop --profile LXDE @/home/pi/startxmas.sh @xset s off @xset -dpms @xset s noblank </code></pre> Remove software: <pre><code> apt-get remove light-locker wpasupplicant </code></pre> Edit /home/pi/startxmas.sh: <pre><code> #!/bin/bash DISPLAY=:0.0 unclutter & DISPLAY=:0.0 chromium-browser --kiosk --disable-restore-session-state --disable-features=TranslateUI --disable-session-crashed-bubble http://localhost/tree.html </code></pre> <h2>Install the Access-Point</h2> <pre><code> apt-get install hostapd dnsmasq </code></pre> Edit /etc/hostapd/hostapd.conf: <pre><code> interface=wlan0 driver=nl80211 ssid=xmas hw_mode=g channel=11 macaddr_acl=0 </code></pre> Edit /etc/dhcpcd.conf and add the following lines at the end of the file: <pre><code> interface wlan0 static ip_address=10.0.0.1/24 </code></pre> Edit /etc/dnsmasq.d/dhcp: <pre><code> dhcp-authoritative dhcp-range=10.0.0.50,10.0.0.150,12h address=/\#/10.0.0.1 interface=wlan0 </code></pre> Edit /etc/default/hostapd and modify DAEMON_CONF: <pre><code> DAEMON_CONF="/etc/hostapd/hostapd.conf" </code></pre> Configure autostart for hostapd: <pre><code> systemctl daemon-reload systemctl unmask hostapd systemctl enable hostapd </code></pre> <h2>Configure the webservice</h2> <pre><code> apt-get install apache2 php7.3 php7.3-cli php7.3-json git </code></pre> Download the Webfiles: <pre><code> git clone https://github.com/whotwagner/xmas2019.git /tmp/xmas2019 cp -r /tmp/xmas2019/* /var/www/html/ chown www-data /var/www/html/wishes </code></pre> </b>Reboot</b> <h2>MERRY CHRISTMAS AND A HAPPY NEW YEAR 2020</h2> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Dec 21 2019</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/xmas" hreflang="en">xmas</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/hackaday" hreflang="en">HackADay</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/raspberry" hreflang="en">Raspberry</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Linux" hreflang="en">Linux</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Fun" hreflang="en">Fun</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Programming" hreflang="en">Programming</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/sysadmin" hreflang="en">Sysadmin</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/debian" hreflang="en">Debian</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=286&amp;2=comment&amp;3=comment" token="bOpcwG6QkMNce10GTTONTe1gk3UOW4gOFZ8auDQ32WI"></drupal-render-placeholder> </section> Sat, 21 Dec 2019 20:28:14 +0000 Hoti 286 at https://tech.feedyourhead.at Privilege escalation in groonga-httpd (CVE-2019-11675) https://tech.feedyourhead.at/content/privilege-escalation-in-groonga-httpd <span class="field field--name-title field--type-string field--label-hidden">Privilege escalation in groonga-httpd (CVE-2019-11675)</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><h3>Overview</h3> <ul> <li>System affected: Debian packages of groonga/-httpd 6.1.5-1</li> <li>Software-Version: 6.1.5-1</li> <li>User-Interaction: Not required</li> <li>Impact: Local root</li> <li>CVE: CVE-2019-11675</li> </ul> <h3>Detailed Description</h3> <p>The path of the logdirectory of groonga-httpd can be manipulated by user groonga:</p> <pre> <div class="geshifilter"><pre class="bash geshifilter-bash" style="font-family:monospace;"><span style="color: #c20cb9; font-weight: bold;">ls</span> <span style="color: #660033;">-l</span> <span style="color: #000000; font-weight: bold;">/</span>var<span style="color: #000000; font-weight: bold;">/</span>log<span style="color: #000000; font-weight: bold;">/</span>groonga total <span style="color: #000000;">8</span> <span style="color: #660033;">-rw-r--r--</span> <span style="color: #000000;">1</span> root root <span style="color: #000000;">1296</span> Apr <span style="color: #000000;">25</span> <span style="color: #000000;">18</span>:<span style="color: #000000;">44</span> groonga.log drwxr-xr-x <span style="color: #000000;">2</span> groonga groonga <span style="color: #000000;">4096</span> Apr <span style="color: #000000;">25</span> <span style="color: #000000;">18</span>:<span style="color: #000000;">55</span> httpd</pre></div></pre> <p>The files in /var/log/groonga/httpd/*.log are once a day rotated by logrotate as user root with the following config:</p> <pre> /var/log/groonga/httpd/*.log { daily missingok rotate 30 compress delaycompress notifempty create 640 groonga groonga sharedscripts postrotate . /etc/default/groonga-httpd if [ x"$ENABLE" = x"yes" ]; then /usr/bin/curl --silent --output /dev/null \ "http://127.0.0.1:10041/d/log_reopen" fi endscript } </pre> <p>Due to <a href="https://tech.feedyourhead.at/content/details-of-a-logrotate-race-condition">logrotate is prone to a race-condition</a> it is possible for user "groonga" to replace the directory /var/log/groonga/httpd with a symbolik link to any directory(for example /etc/bash_completion.d). logrotate will place files AS ROOT into /etc/bash_completition.d and set the owner and group to "groonga.groonga". An attacker could simply place a reverse-shell into this file. As soon as root logs in, a reverse shell will be executed then.</p> <h3>Exploit</h3> <p>A proof-of-concept exploit can be found at <a href="https://github.com/whotwagner/logrotten">https://github.com/whotwagner/logrotten</a></p> <h3>Mitigation</h3> <p>The problem can be mitigated by changing the owner and group of /var/log/groonga to root, or by using the "su option" inside the logrotate-configfile.</p> <h3>Credits</h3> <p>This bug was discovered by Wolfgang Hotwagner(https://tech.feedyourhead.at/content/privilege-escalation-in-groonga-httpd)</p> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">May 07 2019</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/security" hreflang="en">Security</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/taxonomy/term/107" hreflang="en">CVE</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Linux" hreflang="en">Linux</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/sysadmin" hreflang="en">Sysadmin</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/debian" hreflang="en">Debian</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/c" hreflang="en">C</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Programming" hreflang="en">Programming</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=278&amp;2=comment&amp;3=comment" token="gm3BXsVi-55Kr8NZ8Sqnkq-hgDkw5pOYeXcWUQ1uut0"></drupal-render-placeholder> </section> Tue, 07 May 2019 20:32:56 +0000 Hoti 278 at https://tech.feedyourhead.at Debian Stretch released https://tech.feedyourhead.at/content/debian-stretch-released <span class="field field--name-title field--type-string field--label-hidden">Debian Stretch released</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p><a href="https://www.debian.org/News/2017/20170617.en.html">On Saturday the Debian Project announced the release of Debian 9 "Stretch".</a> This means that Jessie will be oldstable and Wheezy won't recieve any updates anymore. So it's time to dist-upgrade.</p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Jun 18 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/debian" hreflang="en">Debian</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/news" hreflang="en">News</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=240&amp;2=comment&amp;3=comment" token="v6rrzvW9Gl_uyKw22p81VdwPN-EEK_WYSalGYJJYWes"></drupal-render-placeholder> </section> Sun, 18 Jun 2017 11:02:10 +0000 Hoti 240 at https://tech.feedyourhead.at Debian Squidguard: update-squidguard does not work with tabs in config-file https://tech.feedyourhead.at/content/debian-squidguard-update-squidguard-does-not-work-with-tabs-in-config-file <span class="field field--name-title field--type-string field--label-hidden">Debian Squidguard: update-squidguard does not work with tabs in config-file</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>I experienced an interesting problem: on a Debian Jessie host with squidguard: update-squidguard threw the following error-message:</p> <pre> <code> root@34697f9f06a2:/# update-squidguard /usr/sbin/update-squidguard: 69: test: dbhome: unexpected operator Rebuild SquidGuard database - this can take a while. </code></pre> <p>On Debian Wheezy it returns with the following error:</p> <pre> <code> root@34697f9f06a2:/# update-squidguard /usr/sbin/update-squidguard: 95: /usr/sbin/update-squidguard: cannot create dbhome /var/lib/squidguard/db/../dbversion: Directory nonexistent </code></pre> <p>The admin configured tabs instead of whitespaces in the following line of his squidguard.conf:</p> <pre> <code> dbhome /var/lib/squidguard/db </code></pre> <p>Even if squidguard accepts tabs, update-squidguard does not and apt-get upgrade would not work if squidguard would be upgraded because it calls update-squidguard. The problem seems to be in /usr/sbin/update-squidguard at the following line:</p> <pre> <code> DATADIR=$(grep ^dbhome ${CONFDIR}/${CONFFILE} | cut -d' ' -f2) </code></pre> <p>This could be easily fixed by using the following code:</p> <pre> <code> DATADIR=$(grep ^dbhome ${CONFDIR}/${CONFFILE} | sed 's/\t/ /' | cut -d' ' -f2) </code></pre> <p>This would make update-squidguard more robust. I wrote the maintainer, but since it is recommended to use whitespaces he might not fix this.</p> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Dec 18 2016</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/debian" hreflang="en">Debian</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/sysadmin" hreflang="en">Sysadmin</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Linux" hreflang="en">Linux</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=220&amp;2=comment&amp;3=comment" token="iv8iuytKpgPZZgxKJb8jICAQe2FsY8jLwR4dBwSdMa4"></drupal-render-placeholder> </section> Sun, 18 Dec 2016 15:24:23 +0000 Hoti 220 at https://tech.feedyourhead.at LXC: Problems with the ubuntu-template in Debian Jessie https://tech.feedyourhead.at/content/lxc-problems-with-the-ubuntu-template-in-debian-jessie <span class="field field--name-title field--type-string field--label-hidden">LXC: Problems with the ubuntu-template in Debian Jessie</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>I tried to create an Ubuntu-container on my Debian Jessie Server and I got the following error-message:</p> <pre> <code> root@lxc-server.foo:/usr/share/lxc/templates$ lxc-create -n mycontainer -t ubuntu Checking cache download in /var/cache/lxc/precise/rootfs-amd64 ... Installing packages in template: ssh,vim,language-pack-en Downloading ubuntu precise minimal ... I: Keyring file not available at /usr/share/keyrings/ubuntu-archive-keyring.gpg; switching to https mirror https://mirrors.kernel.org/debian I: Retrieving Release E: Failed getting release file https://mirrors.kernel.org/debian/dists/precise/Release lxc_container: container creation template for sec.toscom.at failed lxc_container: Error creating container mycontainer </code></pre> <p>I installed the ubuntu-archive-keyring to fix it:</p> <pre> <code> apt-get install ubuntu-archive-keyring </code></pre> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Sep 29 2016</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Linux" hreflang="en">Linux</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/debian" hreflang="en">Debian</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/tricks" hreflang="en">Tricks</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/virtualization" hreflang="en">Virtualization</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/sysadmin" hreflang="en">Sysadmin</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <div class="node__links"> <ul class="links inline"><li class="comment-add"><a href="/content/lxc-problems-with-the-ubuntu-template-in-debian-jessie#comment-form" title="Share your thoughts and opinions." hreflang="en">Add new comment</a></li></ul> </div> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class="title">Comments</h2> <article data-comment-user-id="0" id="comment-86" about="/comment/86" typeof="schema:Comment" class="comment js-comment by-anonymous"> <mark class="hidden" data-comment-timestamp="1514190733"></mark> <footer class="comment__meta"> <article typeof="schema:Person" about="/user/0" class="profile"> </article> <p class="comment__submitted"><span rel="schema:author">Submitted by <span lang="" typeof="schema:Person" property="schema:name" datatype="">Otaner Nartleb (not verified)</span> on Dec 13 2017</span> <span property="schema:dateCreated" content="2017-12-13T18:15:30+00:00" class="rdf-meta hidden"></span> </p> <a href="/comment/86#comment-86" hreflang="en">Permalink</a> </footer> <div class="content"> <h3 property="schema:name" datatype=""><a href="/comment/86#comment-86" class="permalink" rel="bookmark" hreflang="en">Great...! thanks!</a></h3> <div property="schema:text" class="clearfix text-formatted field field--name-comment-body field--type-text-long field--label-hidden field__item"><p>Great...! thanks!</p> </div> <drupal-render-placeholder callback="comment.lazy_builders:renderLinks" arguments="0=86&amp;1=default&amp;2=en&amp;3=" token="Sj9SPfNMAnFGqau8LGuJ5EZiXF1BddRCBIPaAlCeVmo"></drupal-render-placeholder> </div> </article> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=204&amp;2=comment&amp;3=comment" token="s0rR3lGUWCFaiRyATmFV-HZzLN_ea6y2j2lDJ9OAdlQ"></drupal-render-placeholder> </section> Thu, 29 Sep 2016 15:07:49 +0000 Hoti 204 at https://tech.feedyourhead.at Rest In Peace Ian Murdock https://tech.feedyourhead.at/node/140 <span class="field field--name-title field--type-string field--label-hidden">Rest In Peace Ian Murdock</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p><a href="https://de.wikipedia.org/wiki/Ian_Murdock">Ian Murdock</a>, founder of the <a href="https://www.debian.org/">Debian Project </a>died at the age of 42.</p> <blockquote> <p>Rest In Peace Ian and thank you for your amazing work.</p> </blockquote></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Jan 02 2016</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/debian" hreflang="en">Debian</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=140&amp;2=comment&amp;3=comment" token="2mBpDhjwI4h31VeEKx7y6irStd66D1tebJdw3OUAx1A"></drupal-render-placeholder> </section> Sat, 02 Jan 2016 09:45:53 +0000 Hoti 140 at https://tech.feedyourhead.at Debian Jessie: upgrade problems with openldap https://tech.feedyourhead.at/content/debian-jessie-upgrade-problems-openldap <span class="field field--name-title field--type-string field--label-hidden">Debian Jessie: upgrade problems with openldap</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>At the moment I am upgrading all my infrastructure. Today I tried to upgrade one of my openldap-slaves and it failed so hard. It stucked during dpkg --configure. In my syslog some errors appeared:</p> <pre> <code> bdb(dc=feedyourhead,dc=at): BDB1538 Program version 5.3 doesn't match environment version 5.1 bdb(dc=feedyourhead,dc=at): BDB1566 txn_checkpoint interface requires an environment configured for the transaction subsystem bdb_db_close: database "dc=feedyourhead,dc=at": txn_checkpoint failed: Invalid argument (22). backend_startup_one (type=hdb, suffix="dc=feedyourhead,dc=at"): bi_db_open failed! (-30969) bdb_db_close: database "dc=feedyourhead,dc=at": alock_close failed </code></pre> <p>So I was doomed. My ldap was a mess. But I fixed it using the following commands:</p> <pre> <code> cp -r /var/lib/ldap /opt/ldap_backup cd /var/lib/ldap db5.1_recover -v -h . db5.1_upgrade -v -h . *.bdb db5.1_checkpoint -v -h . -1 /etc/init.d/slapd start </code></pre> <p>Now I had a working ldap again. But whenever I tried to use apt-get, I got messages like:</p> <pre> <code> slapd (2.4.40+dfsg-1+deb8u1) wird eingerichtet ... Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.4.31-2+deb7u1... done. Moving old database directories to /var/backups: There are leftover files in /var/lib/ldap. This will probably break creating the initial directory. If that's the case please move away stuff in there and retry the configuration. Loading from /var/backups/slapd-2.4.31-2+deb7u1: Directory /var/lib/ldap for dc=feedyourhead,dc=at not empty, aborting. </code></pre> <p>Even a "dpkg --configure -a" did not work. I had already fixed the ldap-database, so I could just skip this configure-job. I opened /var/lib/dpkg/info/slapd.postinst and commented the following lines:</p> <pre> <code> # Configuration. # if is_initial_configuration "$@"; then # postinst_initial_configuration # else # postinst_upgrade_configuration # fi </code></pre> <p>I know, it's a very ugly fix. But it worked for me and I have to say it was a very ugly problem too...</p> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Oct 15 2015</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/debian" hreflang="en">Debian</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/openldap" hreflang="en">OpenLDAP</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=122&amp;2=comment&amp;3=comment" token="KWaYOH2ht2oCxVkNOpA6VO9YpmzfLKE4_h_kPOOJJGc"></drupal-render-placeholder> </section> Thu, 15 Oct 2015 21:28:29 +0000 Hoti 122 at https://tech.feedyourhead.at Debian drops LSB(partly) https://tech.feedyourhead.at/content/debian-drops-lsbpartly <span class="field field--name-title field--type-string field--label-hidden">Debian drops LSB(partly)</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>&nbsp;</p> <p><a href="https://lists.debian.org/debian-lsb/2015/09/msg00008.html">https://lists.debian.org/debian-lsb/2015/09/msg00008.html</a></p> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Oct 03 2015</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/debian" hreflang="en">Debian</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Linux" hreflang="en">Linux</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/lsb" hreflang="en">LSB</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=115&amp;2=comment&amp;3=comment" token="gFN8jhSbSeHPGEnQ_K51Zbf2O_Ey2QhbB1_dHD-jzos"></drupal-render-placeholder> </section> Sat, 03 Oct 2015 14:03:48 +0000 Hoti 115 at https://tech.feedyourhead.at Debian Jessie: nrpe without command-args https://tech.feedyourhead.at/content/debian-jessie-nrpe-without-command-args <span class="field field--name-title field--type-string field--label-hidden">Debian Jessie: nrpe without command-args</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>Due to security issues nrpe-server in Debian Jessie is now compiled without "--enable-command-args". If you want to use it you have to recompile it.</p> <pre> <code> nagios-nrpe (2.15-1) unstable; urgency=high This update disables the command-args support in nrpe. The feature has several security problems and is often used wrong. If you have to use this feature recompile the package with --enable-command-args in debian/rules. -- Alexander Wirt <formorer@debian.org> Tue, 15 Jul 2014 09:52:48 +0200 </formorer@debian.org></code></pre> <p>Maybe that's a good point of time to use check_mk..</p> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">May 28 2015</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/sysadmin" hreflang="en">Sysadmin</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Nagios" hreflang="en">Nagios</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Linux" hreflang="en">Linux</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/debian" hreflang="en">Debian</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=92&amp;2=comment&amp;3=comment" token="g2PgVxDFSIuQKdkmVIeEepo1PoHZNpkHBYObCFNlw-g"></drupal-render-placeholder> </section> Thu, 28 May 2015 08:46:13 +0000 Hoti 92 at https://tech.feedyourhead.at Debian Jessie: Issues to be aware of https://tech.feedyourhead.at/content/debian-jessie-issues-be-aware <span class="field field--name-title field--type-string field--label-hidden">Debian Jessie: Issues to be aware of </span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p><img alt="" src="http://tech.feedyourhead.at/sites/tech.feedyourhead.at/files/pictures/banner_jessie.png" style="height:250px; width:250px" /></p> <p><a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html">Here are some interesting informations about issues to be aware of for jessie.</a></p> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">May 03 2015</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/debian" hreflang="en">Debian</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Linux" hreflang="en">Linux</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/sysadmin" hreflang="en">Sysadmin</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=83&amp;2=comment&amp;3=comment" token="LI5W_Ja-CIpAVq29BYN0CHhRaUFC8TFuAew8fUEGPNY"></drupal-render-placeholder> </section> Sun, 03 May 2015 09:42:01 +0000 Hoti 83 at https://tech.feedyourhead.at