Posts Tagged ‘linux’

No Software Repositories in SuSE Enterprise on EC2

For anyone who knows SuSE Enterprise, you can file this one under “what a n00b!” (my SuSE experience in the past has been with openSUSE), but I recently inherited a project that required RHEL or SuSE Enterprise so they chose to deploy SuSE Enterprise on EC2 to reduce acquisition time. (Who would’ve thought a cloud provider like Amazon would be faster to acquire an install of one of these softwares that used more traditional licensing models?) Anyway, I needed to install a few extra pieces of software, but when I ran yast, its list of repositories was empty!? Turns out the fix is really easy, but I couldn’t easily find the answer within a minute or two, so I thought I’d share:

suse_register -a email="myemail@whatan00b.com"

Yup, that was it. No license key required (at least on the EC2 build). Novell just wanted my email address.

Tags: , , ,
Filed under How-Tos / Tips : Comments (0) : Mar 25th, 2011

Using API Tools on Amazon AMIs

I did a fairly deep dive into some new cool things in EC2 this weekend and ran into something that caught me off guard. The default Amazon AMIs come with the EC2 tools pre-loaded and ready to go. Or so I read. But, when trying to run, I was greeted with a nice stack trace:

Unexpected error:
javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1665)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1628)
at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1611)
at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1537)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:83)
(snipped)

Turns out it doesn’t quite have everything it needs. Even though it’s complaining about trustAnchors and such, all it really needs is a Java Runtime Environment..

yum install java-1.6.0-openjdk

Tags: , , ,
Filed under How-Tos / Tips : Comments (0) : Dec 13th, 2010

Hands on with Opendedup

After reading about Opendedup on Slashdot this weekend, I decided to try it out to see how well it all really worked. My test server was an install of Ubuntu 9.10 x64. If you happen to be using that stack, the installation isn’t too difficult:

Download required files (adding links to the most recent versions of each, check for newer versions as necessary):
cd /usr/local/src
wget http://download.java.net/jdk7/binaries/
wget http://opendedup.googlecode.com/files/debian-fuse.tar.gz
wget http://opendedup.googlecode.com/files/sdfs-latest.tar.gz

And install:
chmod +x jdk-7-ea-bin-b87-linux-x64-25_mar_2010.bin
./jdk-7-ea-bin-b87-linux-x64-25_mar_2010.bin
(follow instructions – afterwards, but sure to set the JAVA_HOME variable)
export JAVA_HOME=/usr/local/src/jdk1.7.0
tar zxf debian-fuse.tar.gz
cd debian-fuse
dpkg --install *.deb

Next, just extract the SDFS packages and use:
tar zxf sdfs-latest.tar.gz
cd sdfs-bin

Now, we make our filesystem and mount it:
./mkfs.sdfs --volume-name=deduped --volume-capacity=5000MB
./mount.sdfs -m /srv -v deduped

Assuming all goes well, you should have a newly mounted deduped mount.

Great results from testing in the small
As a test, I copied over a sample song from my music collection (what nerd doesn’t enjoy a little Weird Al?). Copying to /root, the file size was 2.9MB. Once I copied it to my deduped /srv directory, the file size took just 46K on disk! Not too shabby. Just as a sanity check, I copied the file back off the deduped filesystem and the file size grew back to normal.

Things not all rosy in Opendedup-land
I decided to try throwing a little more data at it as a test and copied over the Documents directory from my desktop. The folder that I copied was slightly over 600MB of docs, text files, images, and a few other file types. During the file copy, Opendedup took a significant amount of memory (it hung around the 90% mark). My test machine was a small virtual machine (1 CPU, 2GB of RAM) and the file transfer slowed it down significantly. Eventually, I got curious as to how much had been transferred. I cd’d to the test dir and did an ‘ls’ which never completed and I could no longer open a new shell via SSH to the vm either. I’m sure this would be much better if I had the resources to throw a little more RAM and CPU at it (since I’m running the minimum), but I don’t have time the resources to try at the moment.

Conclusion
Overall, the technology seems really promising and pretty straightforward to use. If my compression rates hold true, this could dramatically cut down on the amount of disk space needed to store my backups and virtual machine templates. Judging by the performance I’ve seen thus far, I don’t think I’d want to run this in production, but it looks promising, nonetheless.

Tags: ,
Filed under Tech Trends : Comments (4) : Mar 30th, 2010

Enabling Flash in Chrome on Ubuntu 10.04

Update: The same steps seem to work on Ubuntu 11.04 as well.

Another update (10/24/2011): The same seems to work as well for 11.10. “Virtue” hints that the path may have changed to /usr/lib/adobe-flashplugin/libflashplayer.so, but that doesn’t seem to be the case for me.

Hello again there, world. I’ve been away from my computer for a little while now as I relocated to Silicon Valley, but I got a chance to play around with one of the Alpha’s of Ubuntu 10.04 this weekend. The new version has some vast improvements in the looks over the last one as well as now it includes Google Chrome in the default repository. When I wanted to setup Flash for Chrome, I followed a handy how-to, but this one didn’t account for the fact that Chrome was installed via the regular repositories and wasn’t installed to /opt.

To install, I simply had to follow the step-by-step with a few modifications:

  1. Install Chrome and Flash (with the Ubuntu Software Center or with apt-get

    2. sudo apt-get install chromium-browser flashplugin-nonfree

  2. Add the Flash plugin to the Chrome plugins directory

    3. sudo cp /usr/lib/flashplugin-installer/libflashplayer.so /usr/lib/chromium-browser/plugins/

  3. Restart Chrome

That’s it. While a bit annoying that one has to install Flash for Chrome this way (especially considering YouTube – another Google product – relies on Flash), but it’s not too painful.

If you still run into problems, you can double-check the location of the file (using locate libflashplayer.so) needed and the location where Chrome is installed (using whereis chromium-browser).

If you’ve just installed Ubuntu 10.04 and came across this, you may also want to install the browser Java plugin as well.

Tags: , , , , , ,
Filed under How-Tos / Tips : Comments (23) : Mar 15th, 2010

Insecurity by Non-Obscurity

I was a bit shocked and disheartened tonight to discover that my WordPress version was being broadcast to the world without me knowing it. It’s something that I hadn’t ever really given much thought to, mostly because I always assumed that a piece of information like that wasn’t being given out. What was even more disheartening to me was what I discovered as the method for disabling this broadcasting of my version number. The easiest way, by far, was to just install the Secure WordPress extension (or I could dive into a bit of their PHP code and have to make the change with each upgrade, not so much fun). Not so long ago, there was a huge ordeal about a vulnerability in WordPress 2.8.3 that allowed an attacker to reset an admin password very easily. No wonder they urged us to upgrade so quickly – your vulnerability was being broadcast.

The sad part is, broadcasting this version number isn’t something that can be disabled using the built-in settings. I don’t know what the rationale is, but one either has to edit the functions.php file in WordPress directly, or install the plugin mentioned above.

Anyway, this got me thinking about plenty of other open source softwares that I’ve disguised over the years.. For instance, perform a fresh install of Ubuntu 8.04 with the LAMP stack and you’ll see the version listed in the headers as detailed as this:

Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.9 with Suhosin-Patch Server

Yup, there it is, script kiddies. Bust out Metasploit and eat your hearts out. In this case, if one leaves the defaults enabled, the server major version, minor version, PHP version, OS, and WordPress version all are exposed. That leaves a pretty nice little attack vector.

Of course, hiding these things doesn’t mean that anything is secure. On the contrary, one must go far deeper than that. I am just disappointed in so many open source projects that cut down the time needed for any script kiddies to start playing with my public services.

Tags: , ,
Filed under Tech Trends : Comments (1) : Jan 18th, 2010

« Older Entries