How to , and other stuff about linux, photo, php … Another blog just like others on internet

August 30, 2017

httpd with multiple ssl and password for every key automatically

Filed under: Linux — Tags: , , , , — admin @ 1:19 pm

Well to use this we must use the SSLPassPhraseDialog functionality of httpd Рapache .

Basically into ssl.conf we put this line or modify the existing one into

SSLPassPhraseDialog exec:/path/script

Where script is read/execute only by root.

And the script is

 

#!/bin/perl
$server = $ARGV[0];
#print $server;
if ($server eq ‘www.example.com:443’ || $server eq ‘www.example2.com:443’ ) {
print ‘password one’;
} elsif ($server eq ‘example3.com’) {
print ‘Password two’;
}

 

September 22, 2015

centos /dev/md127 problem after reboot

Filed under: Linux — Tags: , , , , — admin @ 1:06 pm

Hello
Well today I want to explain about my raid experience.
I have to setup a hybrid server on hetzner. I setup the ssd on raid1 using installimage and those other hard drive I have create a raid from linux and mounted them on /raid1 directory .
However after reboot, my /dev/md4 disappear and a /dev/md127 appear.
To create the raid I have use this
fdisk /dev/sdc and /dev/sdd . Make a primary partition and set it up as fd software raid partition .

mdadm –create /dev/md4 –level=1 –raid-devices=2 /dev/sdc1 /dev/sdd1
mkfs.ext4 /dev/md4
mkdir /raid1
mount /dev/md4 /raid1

And insert this into fstab file
/dev/md4 /raid1 ext4 noatime,rw 0 0

So how to fix this ?
First I try to input some information into /etc/mdadm.conf but without luck . It appear that the linux read this late and the centos/ubuntu initalize this from initrd . So in order to fix this some steps have to be done .
After reboot try to fill the information into mdadm.conf with
ARRAY /dev/md/4 UUID=b3c33fe5:3b078681:e2776e37:4f9fd991
The UUID I have taken from

mdadm –detail /dev/md4

First unmount and stop the raid

mdadm –stop /dev/md127
After this assemble it again with your desire
mdadm –assemble /dev/md4 /dev/sdc1 /dev/sdd1

After this I have copy the
/boot/initramfs-2.6.32-573.3.1.el6.x86_64.img to a backup file ( initramfs-2.6.32-573.3.1.el6.x86_64.img-back ) in case something go wrong.

After this run
dracut –force

If is centos 5 or less you have to copy initrd file and to recreate use
mkinitrd -f -v /boot/initrd-$(uname -r).img $(uname -r)

On ubuntu you have to run
sudo update-initramfs -u

And restart the server.

December 16, 2014

Setting up HAProxy with SSL

Filed under: Linux — Tags: , , , , — admin @ 2:02 pm

Well today I was set up a haproxy to use ssl, and did’t figure out from first time how to get only one file for the pem.
In haproxy you have only one file with all certificates.

So the order is this:
cat matrafox.info.key >> matrafox.info.pem
cat matrafox.info.crt >> matrafox.info.pem
cat intermediate.bundle >> matrafox.info.pem

After this just add the
bind *:443 ssl crt /etc/ssl/matrafox.info.pem
And you will have the right one.

October 29, 2014

chkconfig list ubuntu

Filed under: Linux — Tags: , — admin @ 10:52 am

Well on ubuntu I didn’t find a corresponding command to chkconfig list.
So a, easy way to find out what is running on startup is to run this:
runlevel
N X
And after you see what runlevel is you list the directory :
ls -ialh ls -ialh /etc/rcX.d/

Where X is the answer from runlevel

Also some equivalent command:
chkconfig –add
chkconfig –level 345 on
chkconfig –del

update-rc.d defaults
update-rc.d start 20 3 4 5
update-rc.d -f remove

May 9, 2014

apache child pid exit signal Segmentation fault

Filed under: Linux — Tags: , , , , , , , — admin @ 8:26 pm

Well today I face a strange problem. My apache start throw some segmentation fault into error log. So how to find out what is the problem ?

Well first of all we have to enable the coredump for apache, so in orde to do this we can add this line at the start of httpd.conf
CoreDumpDirectory /path
( Some put the path to /tmp directory but please be aware that for me core have 2.2G , so if you have a small /tmp partition you can put it in other place , but it have to be into a directory with same user/group as apache run ) .

We restart the apache and wait to see a segmentation fault again into error_log, and we will see that he say something about path also
For example:
[notice] child pid 4959 exit signal Segmentation fault (11), possible coredump in /var/www/html

If don’t say anything about path then something is not ok, most probably you have to check properties for path.

After this we find out where is located apache , so for this a
which httpd
/usr/sbin/httpd

Should be ok .
After this we have to run
gdb httpd_path core_path
gdb /usr/sbin/httpd /var/www/html/core

We will see something like this

....
....
....
Loaded symbols for /lib64/libgpg-error.so.0
Reading symbols from /usr/lib64/php/modules/zip.so...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/php/modules/zip.so
Reading symbols from /usr/lib64/gconv/ISO8859-1.so...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/gconv/ISO8859-1.so
Core was generated by `/usr/sbin/httpd'.
Program terminated with signal 11, Segmentation fault.
#0 0x00007f278f5a5c29 in zend_hash_index_find () from /etc/httpd/modules/libphp5.so
Missing separate debuginfos, use: debuginfo-install httpd-2.2.15-30.el6.centos.x86_64
(gdb)

Ok now we run
where
(gdb) where
And now is the magic to see what is causing the problem.

For me was
#0 0x00007f278f5a5c29 in zend_hash_index_find () from /etc/httpd/modules/libphp5.so
#1 0x00007f2789b98661 in my_copy_zval (dst=0x7f279e2e8dd0, src=0x7f2709eee8d0, ctxt=0x7fff0d4c3900) at /var/tmp/APC/apc_compile.c:314
#2 0x00007f2789b9176d in zif_apc_fetch (ht=, return_value=0x7f279e2e8dd0, return_value_ptr=, this_ptr=, return_value_used=)
at /var/tmp/APC/php_apc.c:858
#3 0x00007f278f5e8498 in ?? () from /etc/httpd/modules/libphp5.so
#4 0x00007f278f5bf5e0 in execute () from /etc/httpd/modules/libphp5.so
#5 0x00007f278f58ff35 in zend_call_function () from /etc/httpd/modules/libphp5.so
#6 0x00007f278f4e7c37 in ?? () from /etc/httpd/modules/libphp5.so
#7 0x00007f278f5e8498 in ?? () from /etc/httpd/modules/libphp5.so
#8 0x00007f278f5bf5e0 in execute () from /etc/httpd/modules/libphp5.so
#9 0x00007f278f5997ed in zend_execute_scripts () from /etc/httpd/modules/libphp5.so
#10 0x00007f278f547878 in php_execute_script () from /etc/httpd/modules/libphp5.so
#11 0x00007f278f622e55 in ?? () from /etc/httpd/modules/libphp5.so
#12 0x00007f279adfebb0 in ap_run_handler ()
#13 0x00007f279ae0246e in ap_invoke_handler ()
#14 0x00007f279ae0d96c in ap_internal_redirect ()
#15 0x00007f2791cfc855 in ?? () from /etc/httpd/modules/mod_rewrite.so
#16 0x00007f279adfebb0 in ap_run_handler ()
#17 0x00007f279ae0246e in ap_invoke_handler ()
#18 0x00007f279ae0db30 in ap_process_request ()
#19 0x00007f279ae0a9a8 in ?? ()
#20 0x00007f279ae066b8 in ap_run_process_connection ()
#21 0x00007f279ae12977 in ?? ()
#22 0x00007f279ae12c8a in ?? ()
#23 0x00007f279ae1390c in ap_mpm_run ()
#24 0x00007f279adea900 in main ()

To quit from gdb we have to type quit .

For me the problem was the apc, I have increased the memory_limit, and the problem is fixed .

Also some interesting link I found here

Generate PHP core dumps on segfaults in PHP-FPM

« Newer PostsOlder Posts »

Powered by WordPress