work with initrd linux

# open directory tree
zcat /tmp/initrd.img | cpio -i --no-absolute-filenames

# compress initrd
find . | cpio -o -c | gzip -9 > /boot/initrd-kernel_version.img

debug symbols

enable debug for test.c file

1.  use -g option in gcc
2. define   FLAG
freebsd:
/etc/make.conf

CFLAGS?=-pipe
WITH_CTF=1
DEBUG_FLAGS=-g

mysql repair and optimize

 mysqlcheck

-A - Check all Mysql databases
-r - Repair all Mysql databases
-o - Optimize all Mysql databases


mysqlcheck -Arp   repair all databases
mysqlcheck -Arop  repair and optimize

enable debug symbols in libc

в freebsd release не включен debug в libc , из-за чего нет возможности эффективно использовать gdb


cd /usr/src/lib/libc
make cleandir obj
make DEBUG_FLAGS=-g && make install

php 5.3.3 freebsd 8.1 build error

error while build
main/spprintf.c:186 static declaration of 'strnlen' follows non-static declaration  freebsd
/usr/include/string.h:105: error: previous declaration of 'strnlen' was here

go to the line 186 in main/spprintf.c

find  this block of code and comment it
static size_t strnlen(const char *s, size_t maxlen) {
  char *r = memchr(s, '\0', maxlen);
  return r ? r-s : maxlen;
}

mpd5 l2tp config

l2tp2:

        set ippool add pool1 192.168.88.11 192.168.88.100
        create bundle template BL
        set iface enable proxy-arp
        set iface idle 1800
        set iface enable tcpmssfix
        set ipcp yes vjcomp
# Specify IP address pool for dynamic assigment.
        set ipcp ranges 192.168.88.10/24 ippool pool1
        set ipcp dns local_dns_ip
# The five lines below enable Microsoft Point-to-Point encryption
# (MPPE) using the ng_mppc(8) netgraph node type.
        set bundle enable compression
        set ccp yes mppc
        set mppc yes e40
        set mppc yes e128
        set mppc yes stateless
# Create clonable link template named L
        create link template L2 l2tp
# Set bundle template to use
        set link action bundle BL
# Multilink adds some overhead, but gives full 1500 MTU.
        set link enable multilink
        set link yes acfcomp protocomp
        set link no pap chap
        set link enable chap
        set link keep-alive 10 60
        set link mtu 1460
# Configure l2tp
# IP адресс нашего VPN сервера. (Собственно адресс машины с фряхой)
        set l2tp self your_real_ip
# Allow to accept calls
        set link enable incoming

if you don`t want use certificate in windows systems open regedit
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Parameters
add key
ProhibitIpSec DWORD 1

mysql sphinx install

download http://sphinxsearch.com/downloads.html

cp -R /root/builds/sphinx-0.9.7/mysqlse /root/builds/mysql-5.1.14/storage/sphinx

sh BUILD/autorun.sh

./configure --with-plugins=sphinx

make
make install

thunderbird tips

disable storing read messages  on the local disk

Edit->Account Settings->Synchronization  & Storage

turn off checkbox  "Keep messages for this account on this computer"

pptp mpd5 config

part of pptp mpd5 config suitable for ipad vpn client working thru GSM providers

pptp:
    create bundle template B
    set iface enable proxy-arp
    set iface idle 1800
    set iface enable tcpmssfix
    set ipcp yes vjcomp

    set ippool add poolsat 192.168.0.2 192.168.0.100
    set ipcp ranges 192.168.0.1/32 ippool pool1
    set ipcp dns DNSIP_IFEXIST
    set bundle enable compression
    set ccp yes mppc
    set mppc yes e40
    set mppc yes e128
    set mppc yes stateless

    create link template L pptp
    set link action bundle B

    set link enable multilink
    set link yes acfcomp protocomp

    set link no pap chap
    set link enable chap
    set link enable chap-msv1
    set link enable chap-msv2

    set link keep-alive 10 60
    set link mtu 1460
    set pptp self REALVPN_IP
    set link enable incoming

pcre regex

Positive Integers --- ^\d+$
Negative Integers --- ^-\d+$
Integer --- ^-{0,1}\d+$
Positive Number --- ^\d*\.{0,1}\d+$
Negative Number --- ^-\d*\.{0,1}\d+$
Positive Number or Negative Number - ^-{0,1}\d*\.{0,1}\d+$
Phone number --- ^\+?[\d\s]{3,}$
Phone with code --- ^\+?[\d\s]+\(?[\d\s]{10,}$
Year 1900-2099 --- ^(19|20)[\d]{2,2}$
Date (dd mm yyyy, d/m/yyyy, etc.) --- ^([1-9]|0[1-9]|[12][0-9]|3[01])\D([1-9]|0[1-9]|1[012])\D(19[0-9][0-9]|20[0-9][0-9])$
IP v4 --- ^(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5]){3}$

Personal Name --- ^[\w\.\']{2,}([\s][\w\.\']{2,})+$
Username --- ^[\w\d\_\.]{4,}$
Password at least 6 symbols --- ^.{6,}$
Password or empty input --- ^.{6,}$|^$
email --- ^[\_]*([a-z0-9]+(\.|\_*)?)+@([a-z][a-z0-9\-]+(\.|\-*\.))+[a-z]{2,6}$
domain --- ^([a-z][a-z0-9\-]+(\.|\-*\.))+[a-z]{2,6}$

Match no input --- ^$
Match blank input --- ^\s[\t]*$
Match New line --- [\r\n]|$

antialiasing in Netbeans

etc/netbeans.conf

add options   ‘-J-Dswing.aatext=true’ and ‘-J-Dawt.useSystemAAFontSettings=on’   in default options string

openssl crypt and decrypt files

создать шифрованный tar архив
tar -czf - /dir | openssl enc des3  -salt -k KEY  > file.tar.gz.des3
расшифровать
cat file.tar.gz.des3 | openssl enc -des3  -d  -salt -k KEY  | tar -xvzf -

зашифровать полный dump mysql
mysqldump -A -pPASS |  gzip -c | openssl des3  -d  -salt -k KEY > file.sql.gz.des3
расшифровать

cat file.sql.gz.des3 | openssl des3  -d  -salt -k KEY  | gunzip  > file.sql

openssl tip

как узнать когда кончается сертификат из консоли

openssl x509 -dates -noout -in server.crt

postgres tips

создать пользователя

create user pguser with password 'password';

сменить пароль 

alter user pguser with password 'password';

удалить юзера

drop user pguser;

Grant Privileges

grant all privileges on database mydatabase to pguser;

Revoke Privileges

revoke all  privileges on mydatabase from pguser;

 

Решение проблемы с вводом русских символов с psql

alias psql='rlwrap psql -n'

sudo tips

chroot allow

>sudoers
user  ALL = NOPASSWD: /usr/sbin/chroot -u user  /workdirectory
>command
 sudo /usr/sbin/chroot -u user /workdirectory

allow only service restart and edit config
>sudoers
user ALL=NOPASSWD: /etc/init.d/lighttpd restart, /usr/bin/vim /etc/lighttpd/lighttpd.conf

linux i/o monitoring

некоторый полезные команды  linux   для мониторинга различного in\out подсистем

vmstat  -  дисковая подситема  и swap ,очень похожа по поведению на iostat во FreeBSD
sar  -  информация о io событиях происходивших в системе


sysctl.conf
vm.swappiness - параметр определяющий приоритет хранение памяти в свап, 0..100, чем больше тем больше лезет в swap. изменить мгновенно можно командой  
 echo 50 > /proc/sys/vm/swappiness

ipfw enable

в очередной раз наступив на свои любимые грабли.
как включить ipfw

firewall_logging="YES"
firewall_enable="YES"
firewall_quiet="YES"  #  если это не вписать то в случае если в /etc/ipfw.conf есть flush  будет запрос на рутовой консоли, и сервер не загрузится.
firewall_type="/etc/ipfw.conf"

mason + lighttpd fastcgi

включаем mason в lighttpd

сначало готовим скрипт mason.cgi


#!/usr/bin/perl
use CGI::Fast;
use HTML::Mason::CGIHandler;
use URI;

{
package HTML::Mason::Commands;

## anything you want available to components
use Storable qw(freeze thaw);
use HTTP::BrowserDetect;

## An example of how to keep a $dbh persistent
##our $dbh = DBI->connect_cached(
## 'dbi:Pg:dbname=dbname'
## , 'username'
## , 'password'
## , {AutoCommit=>0, RaiseError=>1, PrintError=>1}
##) || die "Could not Connect to DB".$dbi::errstr ;

}

# lazily-instantiated variables
my $cgi;
my $h;

while ($cgi = new CGI::Fast())
{
## make sure it is alive! (if not it will reconnect)
## $HTML::Mason::Commands::dbh->ping;

my $uri = URI->new( $ENV{REQUEST_URI} );

## this is a hack, that emulates mod_perl behavior see notes at bottom
## You might not want this hack, and it might be worse than not having it
$uri->path( $uri->path . 'index.html' )
if $uri->path =~ /\/$/
;

$ENV{PATH_INFO} = $uri->path;
$ENV{QUERY_STRING} = $uri->query;
$ENV{REQUEST_URI} = "$uri";

# this is lazily instantiated because %ENV is not set at startup time
if (! $h) {
$h = HTML::Mason::CGIHandler->new(
comp_root => $ENV{MASON_COMP_ROOT}
, data_dir => $ENV{MASON_DATA_ROOT}
, error_mode => 'fatal'
, error_format => 'line'
## Three good globals dbh user and session
, allow_globals => [qw/$dbh $U $S/]
);
}

## hand off to mason
eval { $h->handle_cgi_object($cgi) };

## catch error
if ( my $raw_error = $@ ) {
warn $raw_error;
# print out a pretty system error page and log $raw_error
}
## things went well
else {
$HTML::Mason::Commands::dbh->commit;
}

}

exit 0;

добавляем в lighttpf.conf

fastcgi.map-extensions = ( ".css" => ".html", "/" => ".html" )
        index-file.names = ( "index.html" )
        url.access-deny = ( ".mhtml" ) ## add autohandler/dhandler if you'd like
        fastcgi.server = ( ".html" =>
        ((
                "socket" => "/tmp/fastcgi.socket",
                "bin-path" => "/etc/lighttpd/bin/mason.cgi",   # пусть до скрипта
                "check-local" => "disable",
                "bin-environment" => (
                "MASON_COMP_ROOT" => "/www/myproject",
                "MASON_DATA_ROOT" => "/www/myproject/data",
                ),
        ))
        )

index.html кладем в comp_root
простенький helloworld
<HTML>
   <HEAD>
   <TITLE> Hello <% $worldname %> world!!</TITLE>
   </HEAD>
   <BODY bgcolor="#FFFFFF">
   Hello World<BR>
   This is my <B><% $count %></B> Mason component.
   </BODY>
</HTML>
<%init>
   my $worldname = "Great";
   my $count = "first";
</%init>
<%args>
</%args>

freebsd kernel 6.x -> 7.2

в FREEBSD 7 поменялись опции ядра касательно IPSEC

эти опции отсутствуют

options     IPSEC_ESP       #IP security (crypto; define w/ IPSEC)
options     IPSEC_FILTERGIF # Enbale to filter IPSEC GIF packets

ipsec теперь требует device crypto



device crypto
device enc

options IPSEC

options IPSEC_FILTERTUNNEL

*some notes 

# Set IPSEC_FILTERTUNNEL to change the default of the sysctl to force packets
# coming through a tunnel to be processed by any configured packet filtering
# twice. The default is that packets coming out of a tunnel are _not_ processed;
# they are assumed trusted.

amazon vodoo

http://s3sync.net/ -набор скпритов для управления
в консоли
export AWS_ACCESS_KEY_ID=тут типа ключ который паблик (короткий)
export AWS_SECRET_ACCESS_KEY=тут секретный ключ (коротки)

./s3cmd.rb listbuckets - смотрим список контейнеров
./s3cmd.rb list container1 - просмотреть содержимое контейнера
./s3cmd.rb delete container1:file - удалить один файл
./s3cmd.rb deleteall container1:filemaks - удалить файлы по маске