Update bash at Slackware 11 with the latest patch against shellshock bugs CVE-2014-6271 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187
I still have Slackware 11 machines … so I had to recompile the bash
I took a moment to read this nice blog related to shellshock: http://chester.me/archives/2014/09/building-bash-from-source-shellshock-mitigation/
So in short what I did at my Slackware 11 machines:
root@DL-380:[Wed Oct 01 23:05:47]:[~]$ cat /etc/slackware-version Slackware 11.0.0 root@DL-380:[Wed Oct 01 23:05:47]:[/opt/installs]$ bash --version GNU bash, version 3.1.17(2)-release (i486-slackware-linux-gnu) Copyright (C) 2005 Free Software Foundation, Inc. root@DL-380:[Wed Oct 01 23:06:02]:[/opt/installs]$ wget http://ftp.gnu.org/gnu/bash/bash-3.1.tar.gz root@DL-380:[Wed Oct 01 23:06:35]:[/opt/installs]$ lftp http://ftp.gnu.org/gnu/bash cd: received redirection to `http://ftp.gnu.org/gnu/bash/' cd ok, cwd=/gnu/bash lftp ftp.gnu.org:/gnu/bash> mirror bash-3.1-patches Total: 1 directory, 44 files, 0 symlinks New: 44 files, 0 symlinks 60375 bytes transferred in 5 seconds (11.3K/s) lftp ftp.gnu.org:/gnu/bash> exit root@DL-380:[Wed Oct 01 23:07:39]:[/opt/installs]$ rm bash-3.1-patches/*sig root@DL-380:[Wed Oct 01 23:07:53]:[/opt/installs]$ tar xvf bash-3.1.tar.gz root@DL-380:[Wed Oct 01 23:08:54]:[/opt/installs]$ cd bash-3.1 root@DL-380:[Wed Oct 01 23:08:59]:[/opt/installs/bash-3.1]$ root@DL-380:[Wed Oct 01 23:08:59]:[/opt/installs/bash-3.1]$ for patch_file in `find /opt/installs/bash-3.1-patches/ -type f `; do echo $patch_file && patch -p0 < $patch_file ; done root@DL-380:[Wed Oct 01 23:09:23]:[/opt/installs/bash-3.1]$ tail patchlevel.h #if !defined (_PATCHLEVEL_H_) #define _PATCHLEVEL_H_ /* It's important that there be no other strings in this file that match the regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh looks for to find the patch level (for the sccs version string). */ #define PATCHLEVEL 21 #endif /* _PATCHLEVEL_H_ */ root@DL-380:[Wed Oct 01 23:09:44]:[/opt/installs/bash-3.1]$ ./configure root@DL-380:[Wed Oct 01 23:10:49]:[/opt/installs/bash-3.1]$ make --j3 ls -l bash -rwxr-xr-x 1 root root 1556950 2014-10-01 23:11 bash size bash text data bss dec hex filename 634120 22840 19432 676392 a5228 bash root@DL-380:[Wed Oct 01 23:11:19]:[/opt/installs/bash-3.1]$ root@DL-380:[Wed Oct 01 23:11:19]:[/opt/installs/bash-3.1]$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test" vulnerable this is a test root@DL-380:[Wed Oct 01 23:12:36]:[/opt/installs/bash-3.1]$ env x='() { :;}; echo vulnerable' ./bash -c "echo this is a test" this is a test root@DL-380:[Wed Oct 01 23:12:41]:[/opt/installs/bash-3.1]$ ./bash --version GNU bash, version 3.1.21(2)-release (i686-pc-linux-gnu) Copyright (C) 2005 Free Software Foundation, Inc. root@DL-380:[Wed Oct 01 23:12:46]:[/opt/installs/bash-3.1]$ which bash /usr/bin/bash root@DL-380:[Wed Oct 01 23:13:11]:[/opt/installs/bash-3.1]$ file /usr/bin/bash /usr/bin/bash: symbolic link to `/bin/bash' root@DL-380:[Wed Oct 01 23:13:15]:[/opt/installs/bash-3.1]$ file /bin/bash /bin/bash: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), stripped root@DL-380:[Wed Oct 01 23:13:18]:[/opt/installs/bash-3.1]$ cp -fp bash /bin/bash root@DL-380:[Wed Oct 01 23:13:28]:[/opt/installs/bash-3.1]$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test" this is a test root@DL-380:[Wed Oct 01 23:13:43]:[/opt/installs/bash-3.1]$ (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash || echo "CVE-2014-7187 vulnerable, word_lineno" root@DL-380:[Wed Oct 01 23:13:53]:[/opt/installs/bash-3.1]$ bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' || echo "CVE-2014-7186 vulnerable, redir_stack" root@DL-380:[Wed Oct 01 23:14:02]:[/opt/installs/bash-3.1]$
Done
Slackware4LIfe 🙂
oneliner how to clear store of particular old MO/DLR messages of Kannel bearerbox version `svn-r5011M’.
We assume the kannel stora is spooled at /var/log/kannel/kannel.spool/
How to clean the old non sent/routed MO messages from 1st to 9th Feb 2013
root@darkstar:[Sun Feb 10 17:28:56]:[~/bin]$ curl -s "http://127.0.0.1:13000/store-status.txt?username=xxxxx&password=xxxx" | awk '$2~/\[MO\]/{print $0};$3~/\[2013-02-0/{ gsub(/[\[\]]/,"",$1);print $1}' | xargs --no-run-if-empty -icrap find /var/log/kannel/kannel.spool/ -type f -name crap -exec rm -f {} \; serice kannel restart
Compile svn kannel sqlbox and opensmmp with PostgreSQL and gsoap support at CentOS 6.2 x86_64 GNU/Linux
1, install PostgreSQL 9.2 from the official postgresql.org repository
yum -y install wget bash-completion wget http://yum.postgresql.org/9.2/redhat/rhel-6-i386/pgdg-centos92-9.2-6.noarch.rpm yum localinstall --nogpgcheck pgdg-centos92-9.2-6.noarch.rpm yum install postgresql92-server postgresql92-plperl postgresql92-pltcl postgresql92-devel postgresql92-docs postgresql92-libs postgresql92-plpython postgresql92-contrib -y yum install skytools-92 skytools-92-modules pgtune pgbouncer pgagent_92 pg_top92 bucardo
2. install kannel with PostgreSQL and soap interface
yum install automake pcre* mlocate -y yum groupinstall 'Development Tools' yum install libxml2-devel -y yum install openssl-devel -y mkdir /opt/installs/kannel.svn && cd /opt/installs/kannel.svn svn co https://svn.kannel.org/gateway/trunk cd /opt/installs/ svn co https://gsoap2.svn.sourceforge.net/svnroot/gsoap2 gsoap2 cd gsoap2 ./configure
The build will fail with the following error :
make -j3 cd . && /bin/sh /opt/installs/gsoap2/missing --run autoconf cd . && /bin/sh /opt/installs/gsoap2/missing --run automake-1.10 --foreign /opt/installs/gsoap2/missing: line 46: automake-1.10: command not found WARNING: `automake-1.10' is needed, and you do not seem to have it handy on your system. You might have modified some files without having the proper tools for further handling them. Check the `README' file, it often tells you about the needed prerequirements for installing this package. You may also peek at any GNU archive site, in case some other package would contain this missing `automake-1.10' program. make: *** [Makefile.in] Error 1 make: *** Waiting for unfinished jobs.... aclocal.m4:14: error: this file was generated for autoconf 2.61. You have another version of autoconf. If you want to use that, you should regenerate the build system entirely. aclocal.m4:14: the top level autom4te: /usr/bin/m4 failed with exit status: 63 WARNING: `autoconf' is missing on your system. You should only need it if you modified `configure.in'. You might want to install the `Autoconf' and `GNU m4' packages. Grab them from any GNU archive site.
After some digging into the source and googling in deep, the fix is simple, but very efficient …:
cd /opt/installs/gsoap2/ touch config.h.in touch Makefile.in touch configure # NOW you can build it 🙂 make -j3 ..... ** The gSOAP code generator for C and C++, soapcpp2 release 2.8.11 ** Copyright (C) 2000-2012, Robert van Engelen, Genivia Inc. ** All Rights Reserved. This product is provided "as is", without any warranty. ** The soapcpp2 tool is released under one of the following two licenses: ** GPL or the commercial license by Genivia Inc. Saving wsdlStub.h annotated copy of the input declarations Saving xmime.nsmap namespace mapping table Saving wsdlH.h interface declarations Saving wsdlC.cpp XML serializers Compilation successful .... # install it : make -j3 install .... +--------------------------------------------------------+ | You now have successfully built and installed gsoap. | | | | You can link your programs with -lgsoap++ for | | C++ projects created with soapcpp2 and you can link | | with -lgsoap for C projects generated with soapcpp2 -c | | | | There are also corresponding libraries for SSL and | | zlib compression support (-lgsoapssl and lgsoapssl++) | | which require linking -lssl -lcrypto -lz | | | | Thanks for using gsoap. | | | | http://sourceforge.net/projects/gsoap2 | +--------------------------------------------------------+
Now go for the kannel install
cd /opt/installs/kannel.svn/trunk/ ./configure --with-pgsql --enable-ssl --with-gsoap --enable-start-stop-daemon --enable-pcre # it will fail due to missing libpq-fe.h # fix it by creating the proper link ln -s /usr/pgsql-9.2/ /usr/pgsql # now try again ./configure --with-pgsql --enable-ssl --with-gsoap --enable-start-stop-daemon --enable-pcre # it will fails AGAIN 🙂 with the following error : Configuring for gSOAP support ... checking whether to compile with SOAP support... not found configure: error: Unable to find gSOAP import at /usr/share/gsoap/import or plugin at /usr/share/gsoap/plugin root@aegir.voicecom.bg:[Thu Nov 29 23:11:29]:[/opt/installs/kannel.svn/trunk]$ /usr/local/bin/soapcpp2 -d `dirname soap/service/parlayx/soapH.h` -I /usr/share/gsoap/import -I soap/service/parlayx -cLxw soap/service/parlayx/parlayx_sms_send_service_2_1_wrapper.h ** The gSOAP code generator for C and C++, soapcpp2 release 2.8.11 ** Copyright (C) 2000-2012, Robert van Engelen, Genivia Inc. ** All Rights Reserved. This product is provided "as is", without any warranty. ** The soapcpp2 tool is released under one of the following two licenses: ** GPL or the commercial license by Genivia Inc. Critical error: #import: Cannot open file "wsse.h" for reading. Hint: use option -I<path> (for example -Igsoap/import:gsoap/custom:.) # Fix that with creating the proper link : ln -s /usr/local/share/gsoap /usr/share/ # now try again ./configure --with-pgsql --enable-ssl --with-gsoap --enable-start-stop-daemon --enable-pcre ...... License information ... +--------------------------------------------------------------------+ | License: | | This software is subject to the Kannel Software License, available | | in this distribution in the file LICENSE. By continuing this | | installation process, you are bound by the terms of this license | | agreement. If you do not agree with the terms of this license, you | | must abort the installation process at this point. | | | | The Kannel Group <http://www.kannel.org/> | +--------------------------------------------------------------------+ Thank you for using Kannel. # now compile and install make -j3 install ..... Using project directory path: soap/service/parlayx/ Saving soap/service/parlayx/soapStub.h annotated copy of the input declarations Using px1 service name: SendSmsBinding Using px1 service style: document Using px1 service encoding: literal Using px1 service location: http://localhost:9080/ParlayXSms/services/SendSms Using px1 schema namespace: http://www.csapi.org/wsdl/parlayx/sms/send/v2_1/service Saving soap/service/parlayx/SendSmsBinding.nsmap namespace mapping table Using px2 service name: SmsNotificationBinding Using px2 service style: document Using px2 service encoding: literal Using px2 service location: http://localhost:9080/SmsNotificationService/services/SmsNotification Using px2 schema namespace: http://www.csapi.org/wsdl/parlayx/sms/notification/v2_1/service Saving soap/service/parlayx/SmsNotificationBinding.nsmap namespace mapping table Using px3 service name: ReceiveSmsBinding Using px3 service style: document Using px3 service encoding: literal Using px3 service location: http://localhost:9080/ReceiveSmsService/services/ReceiveSms Using px3 schema namespace: Saving soap/service/parlayx/ReceiveSmsBinding.nsmap namespace mapping table Saving soap/service/parlayx/soapClient.c client calling stubs Saving soap/service/parlayx/soapServer.c server request dispatcher Saving soap/service/parlayx/soapH.h interface declarations Saving soap/service/parlayx/soapC.c XML serializers Compilation successful .....
Complile and install opensmppbox :
cd /opt/installs/kannel.svn/trunk/addons/opensmppbox ./bootstrap ./configure make -j3 install
Complile and install sqlbox :
cd /opt/installs/kannel.svn/trunk/addons/sqlbox ./bootstrap ./configure make -j3 install
Check the install :
cd /usr/local/sbin root@darkstart:[Thu Nov 29 23:24:31]:[/usr/local/sbin]$ ls bearerbox opensmppbox run_kannel_box smsbox sqlbox start-stop-daemon wapbox
aaand that is it ,,, Slackware4Life .. 😀
Compile MariaDB 5.5.28 MySQL on Slackware i486-slackware-linux-gcc-3.3.4 with Cmake 2.8.10.1
1. install Cmake
wget http://www.cmake.org/files/v2.8/cmake-2.8.10.1.tar.gz tar xvfz cmake-2.8.10.1.tar.gz cd cmake-2.8.10.1/ ./configure gmake -j3
2. install libaio
gmake -wget http://www.kernel.org/pub/linux/kernel/people/bcrl/aio/libaio-0.3.92.tar.gz tar xvfz libaio-0.3.92.tar.gz cd libaio-0.3.92/ make prefix=/usr/ make prefix=/usr/ installj3 install
3. install MariaDB 5.5.28
go to https://downloads.mariadb.org/mariadb/5.5.28/ OR
wget https://downloads.mariadb.org/f/mariadb-5.5.28/kvm-tarbake-jaunty-x86/mariadb-5.5.28.tar.gz/from/http:/mariadb.ulak.net.tr/ tar xvf mariadb-5.5.28.tar.gz cd mariadb-5.5.28/
the build will fail :
root@bubu:[Tue Nov 27 10:15:45]:[/opt/installs/mariadb-5.5.28]$ ./BUILD/compile-pentium-max testing pentium3 ... ok +++ /bin/rm -rf configure +++ /bin/rm -rf CMakeCache.txt CMakeFiles/ +++ path=./BUILD +++ . ./BUILD/autorun.sh +++++ dirname ./BUILD/compile-pentium-max ++++ path=./BUILD ++++ cp ./BUILD/cmake_configure.sh ./BUILD/../configure ++++ chmod +x ./BUILD/../configure +++ CC='ccache gcc' +++ CFLAGS='-Wall -Wextra -Wunused -Wwrite-strings -Wno-uninitialized -mcpu=pentium3 -O3 -fno-omit-frame-pointer -g ' +++ CXX='ccache g++' +++ CXXFLAGS='-Wall -Wextra -Wunused -Wwrite-strings -Wno-uninitialized -Wno-unused-parameter -Wnon-virtual-dtor -felide-constructors -fno-exceptions -fno-rtti -mcpu=pentium3 -O3 -fno-omit-frame-pointer -g ' +++ CXXLDFLAGS= +++ ./configure --prefix=/usr/local/mysql --enable-assembler --with-extra-charsets=complex --enable-thread-safe-client --with-big-tables --with-plugin-aria --with-aria-tmp-tables --with-readline --with-ssl --with-plugins=max --with-embedded-server --with-libevent --enable-local-infile configure.pl : calling cmake /opt/installs/mariadb-5.5.28 -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DENABLE_ASSEMBLER=1 -DWITH_EXTRA_CHARSETS=complex -DENABLE_THREAD_SAFE_CLIENT=1 -DWITH_BIG_TABLES=1 -DWITH_PLUGIN_ARIA=1 -DWITH_ARIA_TMP_TABLES=1 -DWITH_READLINE=1 -DWITH_SSL=bundled -DWITH_MAX=1 -DWITH_EMBEDDED_SERVER=1 -DWITH_LIBEVENT=1 -DENABLE_LOCAL_INFILE=1 -- The C compiler identification is unknown -- The CXX compiler identification is unknown -- Check for working C compiler: /usr/bin/ccache -- Check for working C compiler: /usr/bin/ccache -- broken CMake Error at /usr/local/share/cmake-2.8/Modules/CMakeTestCCompiler.cmake:61 (message): The C compiler "/usr/bin/ccache" is not able to compile a simple test program. It fails with the following output: Change Dir: /opt/installs/mariadb-5.5.28/CMakeFiles/CMakeTmp Run Build Command:/usr/bin/gmake "cmTryCompileExec591660954/fast" /usr/bin/gmake -f CMakeFiles/cmTryCompileExec591660954.dir/build.make CMakeFiles/cmTryCompileExec591660954.dir/build gmake[1]: Entering directory `/opt/installs/mariadb-5.5.28/CMakeFiles/CMakeTmp' /usr/local/bin/cmake -E cmake_progress_report /opt/installs/mariadb-5.5.28/CMakeFiles/CMakeTmp/CMakeFiles 1 Building C object CMakeFiles/cmTryCompileExec591660954.dir/testCCompiler.c.o /usr/bin/ccache gcc -Wall -Wextra -Wunused -Wwrite-strings -Wno-uninitialized -mcpu=pentium3 -O3 -fno-omit-frame-pointer -g -o CMakeFiles/cmTryCompileExec591660954.dir/testCCompiler.c.o -c /opt/installs/mariadb-5.5.28/CMakeFiles/CMakeTmp/testCCompiler.c cc1: error: unrecognized option `-Wextra' gmake[1]: Leaving directory `/opt/installs/mariadb-5.5.28/CMakeFiles/CMakeTmp' gmake[1]: *** [CMakeFiles/cmTryCompileExec591660954.dir/testCCompiler.c.o] Error 1 gmake: *** [cmTryCompileExec591660954/fast] Error 2 CMake will not be able to correctly generate this project. Call Stack (most recent call first): CMakeLists.txt:70 (PROJECT) -- Configuring incomplete, errors occurred! +++ gmake -j 6 -- The C compiler identification is unknown -- The CXX compiler identification is GNU 3.3.4 -- Check for working C compiler: /usr/bin/ccache -- Check for working C compiler: /usr/bin/ccache -- broken CMake Error at /usr/local/share/cmake-2.8/Modules/CMakeTestCCompiler.cmake:61 (message): The C compiler "/usr/bin/ccache" is not able to compile a simple test program. It fails with the following output: Change Dir: /opt/installs/mariadb-5.5.28/CMakeFiles/CMakeTmp Run Build Command:/usr/bin/gmake "cmTryCompileExec3386681460/fast" gmake[1]: Entering directory `/opt/installs/mariadb-5.5.28/CMakeFiles/CMakeTmp' /usr/bin/gmake -f CMakeFiles/cmTryCompileExec3386681460.dir/build.make CMakeFiles/cmTryCompileExec3386681460.dir/build gmake[2]: Entering directory `/opt/installs/mariadb-5.5.28/CMakeFiles/CMakeTmp' /usr/local/bin/cmake -E cmake_progress_report /opt/installs/mariadb-5.5.28/CMakeFiles/CMakeTmp/CMakeFiles 1 Building C object CMakeFiles/cmTryCompileExec3386681460.dir/testCCompiler.c.o /usr/bin/ccache gcc -Wall -Wextra -Wunused -Wwrite-strings -Wno-uninitialized -mcpu=pentium3 -O3 -fno-omit-frame-pointer -g -o CMakeFiles/cmTryCompileExec3386681460.dir/testCCompiler.c.o -c /opt/installs/mariadb-5.5.28/CMakeFiles/CMakeTmp/testCCompiler.c cc1: error: unrecognized option `-Wextra' gmake[2]: Leaving directory `/opt/installs/mariadb-5.5.28/CMakeFiles/CMakeTmp' gmake[2]: *** [CMakeFiles/cmTryCompileExec3386681460.dir/testCCompiler.c.o] Error 1 gmake[1]: Leaving directory `/opt/installs/mariadb-5.5.28/CMakeFiles/CMakeTmp' gmake[1]: *** [cmTryCompileExec3386681460/fast] Error 2 CMake will not be able to correctly generate this project. Call Stack (most recent call first): CMakeLists.txt:70 (PROJECT) -- Configuring incomplete, errors occurred! gmake: *** [cmake_check_build_system] Error 1
REASON for the fail :
Since you use -Wall to report all warning, the two flags -Wall -Wextra are redundant.
However gcc treat them as errors and stop compiling.
FIX :
## make backup of of the Build script cp -p BUILD/SETUP.sh BUILD/SETUP.sh.ORIGINAL # fix the Wextra issues root@bubu:[Tue Nov 27 10:19:41]:[/opt/installs/mariadb-5.5.28]$ sed -i 's/-Wextra//' BUILD/SETUP.sh # Now run the build again, it will not fail, make sure your home directory has enough space for the ~/.ccache root@bubu:[Tue Nov 27 10:21:11]:[/opt/installs/mariadb-5.5.28]$ ./BUILD/compile-pentium-max
Enjoy Slackware 🙂
How to install inotail at CentOS 6.3
yum install inotify-tools #Name : inotify-tools #Arch : x86_64 #Version : 3.14 git clone git://git.distanz.ch/inotail.git cd inotail make install inotail -V #inotail 0.6 #Slackware4LIfe!
Linux bash script for creating new tables and rules for huge partitioned PostgreSQL table
in general this script is editable to be started on 1st of December each year
#!/bin/sh # 2012-05-19 05:54:39.946835+03 # HLR lookups control tasks hor sharting # inject new tables and rules for partitioned HLR lookups table # for s_year in '2012' # skip 2013 # set a cron at 1st of December , every year echo " CREATE TABLE IF NOT EXISTS bsms_in_hlr_tasks ( task_id character varying(90) NOT NULL, msisdn bigint NOT NULL, sid integer NOT NULL, ext_id character varying(90) NOT NULL, ops_to_be_processed integer[] NOT NULL DEFAULT '{1,2,3}'::integer[], status integer NOT NULL DEFAULT 0, intime timestamp without time zone NOT NULL DEFAULT now(), ptime timestamp without time zone, control_date date NOT NULL, -- partitioning per date CONSTRAINT bsms_in_hlr_tasks_pkey PRIMARY KEY (task_id ) ) WITH ( OIDS=FALSE ); " # for s_year in $(date +%Y --date="next year") for s_year in 2012 $(date +%Y --date="next year") do for s_manth in `seq 1 12` do if [ "${s_manth}" == "12" ] then (( n_year = s_year + 1)) n_month=01 else echo "-- calculating next month of ${s_manth} before december" n_year=${s_year} s_month=${s_manth#0} (( n_month= s_month +1 )) fi if [ ${#s_manth} -eq 1 ] then s_manth="0${s_manth}" fi if [ ${#n_month} -eq 1 ] then n_month="0${n_month}" fi show=1 if [ "${show}" == "1" ] then echo " CREATE TABLE if not exists bsms_in_hlr_tasks_y${s_year}m${s_manth} ( CHECK ( control_date >= DATE '${s_year}-${s_manth}-01' AND control_date < DATE '${n_year}-${n_month}-01' ) ,CONSTRAINT bsms_in_hlr_tasks_y${s_year}m${s_manth}_pkey PRIMARY KEY (task_id ) ) INHERITS (bsms_in_hlr_tasks); CREATE INDEX bsms_in_hlr_tasks_y${s_year}m${s_manth}_ext_id_idx ON bsms_in_hlr_tasks_y${s_year}m${s_manth} USING btree (ext_id ); CREATE RULE OR REPLACE route_bsms_in_hlr_tasks_y${s_year}m${s_manth} AS ON INSERT TO bsms_in_hlr_tasks WHERE ( control_date >= DATE '${s_year}-${s_manth}-01' AND control_date < DATE '${n_year}-${n_month}-01' ) DO INSTEAD INSERT INTO bsms_in_hlr_tasks_y${s_year}m${s_manth} VALUES (NEW.*); " fi; done done
Install Redis stable (2.4.13) on CentOS release 6.2 x86_64 and Slackware 12.0.0 i686
just follow the instructions here : http://redis.io/topics/quickstart
there is small issue with the Slackware 12.0.0 install – the default tclsh version installed is tclsh8.4
so after the make is done, on make test you will see this error at Slackware shell:
Hint: To run 'make test' is a good idea 😉 make[1]: Leaving directory `/opt/installs/redis-2.4.13/src' root@darkwater:[Tue May 15 18:01:17]:[/opt/installs/redis-2.4.13]$ make test cd src && make test make[1]: Entering directory `/opt/installs/redis-2.4.13/src' which: no tclsh8.5 in (/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin:/usr/games:/usr/lib/java/bin:/usr/lib/java/jre/bin:/usr/lib/java/bin:/usr/lib/java/jre/bin:/usr/lib/qt/bin:/usr/share/texmf/bin:/opt/pgsql/bin:/opt/mysql/bin:/usr/local/ssl/bin:/opt/kannel/sbin:/opt/apache2/bin) You need 'tclsh8.5' in order to run the Redis test make[1]: *** [test] Error 1 make[1]: Leaving directory `/opt/installs/redis-2.4.13/src' make: *** [test] Error 2 root@darkwater:[Tue May 15 18:01:21]:[/opt/installs/redis-2.4.13]$ locate tclsh locate: warning: database /var/lib/slocate/slocate.db' is more than 8 days old /usr/bin/tclsh /usr/bin/tclsh8.4
how to fix that – install the latest tcl and deinstall the old one :
wget http://prdownloads.sourceforge.net/tcl/tcl8.5.11-src.tar.gz tar xvfz tcl8.5.11-src.tar.gz cd tcl8.5.11/ cd unix/ ./configure make -j3 removepkg tcl-8.4.15-i486-1 make install ldconfig
then proceed with the usual Redis install
the debian init script works for Slackware, just configure it
cp redis_init_script /etc/rc.d/rc.redis chmod +x /etc/rc.d/rc.redis
and add the stop / start execution of the script at the rc.0 and rc.3 script in a view to stop properly and to start on boot
Regarding the CentOS install ,
there is epel package ready for install version 2.4.10:
root@aegir.ee:[Tue May 15 21:48:38]:[~]$ yum info redis Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: centos.skknet.net * epel: mirror.telepoint.bg * extras: centos.skknet.net * updates: centos.skknet.net Available Packages Name : redis Arch : x86_64 Version : 2.4.10 Release : 1.el6 Size : 213 k Repo : epel Summary : A persistent key-value database URL : http://redis.io License : BSD Description : Redis is an advanced key-value store. It is similar to memcached but the data : set is not volatile, and values can be strings, exactly like in memcached, but : also lists, sets, and ordered sets. All this data types can be manipulated with : atomic operations to push/pop elements, add/remove elements, perform server side : union, intersection, difference between sets, and so forth. Redis supports : different kind of sorting abilities.
however I do prefer the latest stable version compiled from source, so I installed Redis by http://redis.io/topics/quickstart
the provided init script will start the redis server but will not be recognized by chkconfig,
so the fast way to set the start stop init script for Redis is to follow the instructions here:
http://www.saltwebsites.com/2012/install-redis-245-service-centos-6
and that is all, you may start playing with this amazing Redis
Slackware install stud 0.3-dev the Scalable TLS Unwrapping Daemon
How to compile the Scalable TLS Unwrapping Daemon
Read the manual here : https://github.com/bumptech/stud
1. get the source in /opt/installs/stud/
install libev if needed : https://github.com/brimworks/libev
get the stud source
https://github.com/bumptech/stud.git
you might need to fix the LDFLAGS in the stud Make file :
#LDFLAGS = -lssl -lcrypto -lev -L/usr/local/lib
LDFLAGS = -lssl -lcrypto -lev -L/usr/local/ssl/lib
work log :
root@darkwater:[Mon May 07 08:52:10]:[/opt/installs/stud/libev]$ /bin/sh autogen.sh root@darkwater:[Mon May 07 08:53:50]:[/opt/installs/stud/libev]$ ./configure root@darkwater:[Mon May 07 08:54:10]:[/opt/installs/stud/libev]$ make -j3 root@darkwater:[Mon May 07 08:54:21]:[/opt/installs/stud/libev]$ make -j3 install root@darkwater:[Mon May 07 08:58:08]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ ls LICENSE Makefile README.md configuration.c configuration.h debian/ init.stud* ringbuffer.c ringbuffer.h shctx.c shctx.h stud.8 stud.c version.h root@darkwater:[Mon May 07 08:58:17]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ make clean rm -f stud stud.o ringbuffer.o configuration.o root@darkwater:[Mon May 07 08:58:20]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ make cc -O2 -g -std=c99 -fno-strict-aliasing -Wall -W -D_GNU_SOURCE -I/usr/local/include -c -o stud.o stud.c cc -O2 -g -std=c99 -fno-strict-aliasing -Wall -W -D_GNU_SOURCE -I/usr/local/include -c -o ringbuffer.o ringbuffer.c cc -O2 -g -std=c99 -fno-strict-aliasing -Wall -W -D_GNU_SOURCE -I/usr/local/include -c -o configuration.o configuration.c cc -o stud stud.o ringbuffer.o configuration.o -lssl -lcrypto -lev -L/usr/local/lib /usr/lib/gcc/i486-slackware-linux/4.1.2/../../../../i486-slackware-linux/bin/ld: cannot find -lssl collect2: ld returned 1 exit status make: *** [stud] Error 1 root@darkwater:[Mon May 07 09:06:33]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ openssl version OpenSSL 1.0.0g 18 Jan 2012 root@darkwater:[Mon May 07 09:08:20]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ ls /usr/local/ssl/lib engines/ libcrypto.a libssl.a pkgconfig/ root@darkwater:[Mon May 07 09:17:08]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ emacs Makefile root@darkwater:[Mon May 07 09:17:33]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ make cc -o stud stud.o ringbuffer.o configuration.o -lssl -lcrypto -lev -L/usr/local/ssl/lib root@darkwater:[Mon May 07 09:17:51]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ make install install -d /usr/local/bin install stud /usr/local/bin install -d /usr/local/share/man/man8 install -m 644 stud.8 /usr/local/share/man/man8 root@darkwater:[Mon May 07 09:17:55]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ stud --help stud: error while loading shared libraries: libev.so.4: cannot open shared object file: No such file or directory root@darkwater:[Mon May 07 09:18:02]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ which stud /usr/local/bin/stud root@darkwater:[Mon May 07 09:18:10]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ ldd /usr/local/bin/stud linux-gate.so.1 => (0xffffe000) libev.so.4 => not found libc.so.6 => /lib/libc.so.6 (0xb7e5a000) libdl.so.2 => /lib/libdl.so.2 (0xb7e56000) /lib/ld-linux.so.2 (0xb7fbb000) root@darkwater:[Mon May 07 09:18:14]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ ldconfig root@darkwater:[Mon May 07 09:18:41]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ ldd /usr/local/bin/stud linux-gate.so.1 => (0xffffe000) libev.so.4 => /usr/local/lib/libev.so.4 (0xb7f2f000) libc.so.6 => /lib/libc.so.6 (0xb7ded000) libdl.so.2 => /lib/libdl.so.2 (0xb7de9000) libm.so.6 => /lib/libm.so.6 (0xb7dc2000) /lib/ld-linux.so.2 (0xb7f5b000) root@darkwater:[Mon May 07 09:18:58]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ stud --help Usage: stud [OPTIONS] PEM This is stud, The Scalable TLS Unwrapping Daemon. CONFIGURATION: --config=FILE Load configuration from specified file. --default-config Prints default configuration to stdout. ENCRYPTION METHODS: --tls TLSv1 (default) --ssl SSLv3 (implies no TLSv1) -c --ciphers=SUITE Sets allowed ciphers (Default: "") -e --ssl-engine=NAME Sets OpenSSL engine (Default: "") -O --prefer-server-ciphers Prefer server list order SOCKET: -b --backend=HOST,PORT Backend [connect] (default is "[127.0.0.1]:8000") -f --frontend=HOST,PORT Frontend [bind] (default is "[*]:8443") PERFORMANCE: -n --workers=NUM Number of worker processes (Default: 1) -B --backlog=NUM Set listen backlog size (Default: 100) -k --keepalive=SECS TCP keepalive on client socket (Default: 3600) SECURITY: -r --chroot=DIR Sets chroot directory (Default: "") -u --user=USER Set uid/gid after binding the socket (Default: "root") -g --group=GROUP Set gid after binding the socket (Default: "root") LOGGING: -q --quiet Be quiet; emit only error messages -s --syslog Send log message to syslog in addition to stderr/stdout --syslog-facility=FACILITY Syslog facility to use (Default: "daemon") OTHER OPTIONS: --daemon Fork into background and become a daemon (Default: off) --write-ip Write 1 octet with the IP family followed by the IP address in 4 (IPv4) or 16 (IPv6) octets little-endian to backend before the actual data (Default: off) --write-proxy Write HaProxy's PROXY (IPv4 or IPv6) protocol line before actual data (Default: off) -t --test Test configuration and exit -V --version Print program version and exit -h --help This help message root@darkwater:[Mon May 07 09:20:11]:[/opt/installs/stud/bumptech-stud-a9b5aca]$ stud -V stud 0.3-dev
Install and configure pgbouncer version 1.5 at Slackware 12.0.0 and PostgreSQL 8.3.7
I had an issue with suddent spikes at the parallel db connections, which caused the Linux swap and memory out
Solution – sql optimisation, PostgreSQL tunning and pgbouncer implementation
postgresql.conf changes
root@darkwater:[Tue Feb 21 23:21:00]:[/opt/pgsql/data]$ diff postgresql.conf postgresql.conf.2012-02-20.22.59.32 106,107c106,107 < # shared_buffers = 32MB < shared_buffers = 16MB # min 128kB or max_connections*16kB --- > > shared_buffers = 32MB # min 128kB or max_connections*16kB 115c115 < maintenance_work_mem = 16MB # min 1MB --- > #maintenance_work_mem = 16MB # min 1MB 166,168d165 < # 2012-02-20 < wal_buffers = 8MB < synchronous_commit = off 213,214d209 < # 2012-02-20 < effective_cache_size = 1024MB 240,243c235,236 < # < #log_destination = 'csvlog' # Valid values are combinations of < # 2012-02-20 < log_destination = 'stderr' # Valid values are combinations of --- > # > log_destination = 'csvlog' # Valid values are combinations of 422,425c415,416 < # < # 2012-02-20 < #autovacuum_vacuum_cost_delay = 20 # default vacuum cost delay for < autovacuum_vacuum_cost_delay = 100 # default vacuum cost delay for --- > # > autovacuum_vacuum_cost_delay = 20 # default vacuum cost delay for root@darkwater:[Tue Feb 21 23:21:11]:[/opt/pgsql/data]$
SQL optimization .. just explain analyze usage along with pg_stat_activity data.
usefull links :
http://www.revsys.com/writings/postgresql-performance.html
http://www.anchor.com.au/hosting/dedicated/Tuning_PostgreSQL_on_your_Dedicated_Server
pgbouncer install, the short version, it took me a bit longer to fix the dependencies 🙂
anyway, it was easy as the Linux is Slackware .. eveything works here if you have the proper source
cd /opt/installs wget http://ignum.dl.sourceforge.net/project/asciidoc/asciidoc/8.6.6/asciidoc-8.6.6.tar.gz tar xvfz asciidoc-8.6.6.tar.gz cd asciidoc-8.6.6/ ./configure ; make -j3 install wget --no-check-certificate https://github.com/downloads/libevent/libevent/libevent-2.0.17-stable.tar.gz tar xvfz libevent-2.0.17-stable.tar.gz cd libevent-2.0.17-stable/ ./configure; make -j3 install wget http://pgfoundry.org/frs/download.php/3197/pgbouncer-1.5.tar.gz tar xvfz pgbouncer-1.5.tar.gz cd pgbouncer-1.5/ ./autogen.sh ./configure make -j3 install mkdir /etc/pgbouncer cp /opt/installs/pgbouncer-1.5/etc/* /etc/pgbouncer/ chown -R dragkh:users /etc/pgbouncer/ #example working configuration root@darkwater:[Tue Feb 21 23:32:03]:[/opt/installs]$ cat /etc/pgbouncer/pgbouncer.ini | grep -v "^;" | sed '/^ *$/d' [databases] injected = host=127.0.0.1 port=5432 dbname=dragkh nondefaultdb = pool_size=50 reserve_pool=10 [pgbouncer] logfile = pgbouncer.log pidfile = pgbouncer.pid listen_addr = 127.0.0.1 listen_port = 6543 user = dragkh auth_type = trust auth_file = /etc/pgbouncer/userlist.txt admin_users = dune, dragkhhhh stats_users = dune, dragkhhhh pool_mode = statement server_reset_query = DISCARD ALL max_client_conn = 100 default_pool_size = 20 reserve_pool_size = 5 log_pooler_errors = 1 server_lifetime = 1200 server_idle_timeout = 60 server_connect_timeout = 15 server_login_retry = 15 query_wait_timeout = 10 client_login_timeout = 20 autodb_idle_timeout = 3600 #Slackware rc.d start script based on the provided bu the pgboncer debian scrip/opt/installs/pgbouncer-1.5/etc/example.debian.init.sh root@darkwater:[Tue Feb 21 23:30:17]:[/opt/installs]$ cat /etc/rc.d/rc.pgbouncer #!/bin/bash # # pgbouncer Start the PgBouncer PostgreSQL pooler. # # The variables below are NOT to be changed. They are there to make the # script more readable. NAME=pgbouncer DAEMON=/usr/local/bin/pgbouncer PIDFILE=/var/run/$NAME.pid CONF=/etc/pgbouncer/$NAME.ini OPTS="-d $CONF" # note: SSD is required only at startup of the daemon. SSD=`which start-stop-daemon` export PATH=${PATH}::/opt/kannel.before.smpp/sbin ENV="env -i LANG=C PATH=/bin:/usr/bin:/usr/local/bin" trap "" 1 # Check if configuration exists test -f $CONF || exit 0 case "$1" in start) echo -n "Starting server: $NAME" $ENV $SSD --start --pidfile $PIDFILE --exec $DAEMON -- $OPTS > /dev/null ;; stop) echo -n "Stopping server: $NAME" start-stop-daemon --stop --pidfile $PIDFILE ;; reload | force-reload) echo -n "Reloading $NAME configuration" start-stop-daemon --stop --pidfile $PIDFILE --signal HUP ;; restart) $0 stop $0 start ;; *) echo "Usage: /etc/rc.d/$NAME {start|stop|reload|restart}" exit 1 ;; esac if [ $? -eq 0 ]; then echo . exit 0 else echo " failed" exit 1 fi #edited pgsql rc.d start/stop script to include the pgbouncer root@darkwater:[Tue Feb 21 23:36:15]:[/opt/installs]$ cat /etc/rc.d/rc.pgsqld #! /bin/sh # chkconfig: 2345 98 02 # description: PostgreSQL RDBMS # This is an example of a start/stop script for SysV-style init, such # as is used on Linux systems. You should edit some of the variables # and maybe the 'echo' commands. # # Place this file at /etc/init.d/postgresql (or # /etc/rc.d/init.d/postgresql) and make symlinks to # /etc/rc.d/rc0.d/K02postgresql # /etc/rc.d/rc1.d/K02postgresql # /etc/rc.d/rc2.d/K02postgresql # /etc/rc.d/rc3.d/S98postgresql # /etc/rc.d/rc4.d/S98postgresql # /etc/rc.d/rc5.d/S98postgresql # Or, if you have chkconfig, simply: # chkconfig --add postgresql # # Proper init scripts on Linux systems normally require setting lock # and pid files under /var/run as well as reacting to network # settings, so you should treat this with care. # Original author: Ryan Kirkpatrick <pgsql@rkirkpat.net> # $PostgreSQL: pgsql/contrib/start-scripts/linux,v 1.7 2004/10/01 18:30:21 tgl Exp $ ## EDIT FROM HERE # Installation prefix prefix=/opt/pgsql # Data directory PGDATA="/opt/pgsql/data" # Who to run the postmaster as, usually "postgres". (NOT "root") PGUSER=postgres # Where to keep a log file PGLOG="$PGDATA/serverlog" ## STOP EDITING HERE # Check for echo -n vs echo \c if echo '\c' | grep -s c >/dev/null 2>&1 ; then ECHO_N="echo -n" ECHO_C="" else ECHO_N="echo" ECHO_C='\c' fi # The path that is to be used for the script PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin # What to use to start up the postmaster (we do NOT use pg_ctl for this, # as it adds no value and can cause the postmaster to misrecognize a stale # lock file) DAEMON="$prefix/bin/postmaster" # What to use to shut down the postmaster PGCTL="$prefix/bin/pg_ctl" port=5432 set -e # Only start if we can find the postmaster. test -x $DAEMON || exit 0 seikvars="-B 2000 -N 500" # Parse command line parameters. case $1 in start) $ECHO_N "Starting PostgreSQL: "$ECHO_C su - $PGUSER -c "$DAEMON ${seikvars} -p ${port} -D '$PGDATA' &" >>$PGLOG 2>&1 echo "ok" /etc/rc.d/rc.pgbouncer start ;; stop) echo -n "Stopping PostgreSQL: " su - $PGUSER -c "$PGCTL -p ${port} stop -D '$PGDATA' -s -m fast" echo "ok" /etc/rc.d/rc.pgbouncer stop ;; restart) echo -n "Restarting PostgreSQL: " /etc/rc.d/rc.pgbouncer stop su - $PGUSER -c "$PGCTL -p ${port} stop -D '$PGDATA' -s -m fast -w" su - $PGUSER -c "$DAEMON ${seikvars} -p ${port} -D '$PGDATA' &" >>$PGLOG 2>&1 /etc/rc.d/rc.pgbouncer start echo "ok" ;; reload) echo -n "Reload PostgreSQL: " su - $PGUSER -c "$PGCTL -p ${port} reload -D '$PGDATA' -s" echo "ok" ;; status) su - $PGUSER -c "$PGCTL -p ${port} status -D '$PGDATA'" /etc/rc.d/rc.pgbouncer status ;; *) # Print help echo "Usage: $0 {start|stop|restart|reload|status}" 1>&2 exit 1 ;; esac exit 0 # pgbouncer consile usage: dragkhhhh@[local]:6543::pgbouncer=[Tue Feb 21 23:39:50 EET 2012]# show help; NOTICE: Console usage DETAIL: SHOW HELP|CONFIG|DATABASES|POOLS|CLIENTS|SERVERS|VERSION SHOW STATS|FDS|SOCKETS|ACTIVE_SOCKETS|LISTS|MEM SHOW DNS_HOSTS|DNS_ZONES SET key = arg RELOAD PAUSE [<db>] RESUME [<db>] KILL <db> SUSPEND SHUTDOWN SHOW dragkhhhh@[local]:6543::pgbouncer=[Tue Feb 21 23:50:16 EET 2012]# show stats; -[ RECORD 1 ]----+----------- database | pgbouncer total_requests | 3 total_received | 0 total_sent | 0 total_query_time | 0 avg_req | 0 avg_recv | 0 avg_sent | 0 avg_query | 0 -[ RECORD 2 ]----+----------- database | dragkh total_requests | 450333 total_received | 216309096 total_sent | 178535626 total_query_time | 2820410959 avg_req | 5 avg_recv | 2562 avg_sent | 2314 avg_query | 2230 Time: 0.119 ms dragkhhhh@[local]:6543::pgbouncer=[Tue Feb 21 23:41:33 EET 2012]# show mem; name | size | used | free | memtotal --------------+------+------+------+---------- user_cache | 156 | 5 | 100 | 16380 db_cache | 120 | 3 | 133 | 16320 pool_cache | 260 | 2 | 61 | 16380 server_cache | 232 | 2 | 68 | 16240 client_cache | 232 | 11 | 59 | 16240 iobuf_cache | 2060 | 1 | 49 | 103000 (6 rows)
Enjoy pgbouncer …:)
Slackware4Life
Slackware mailx send html formatted mail with PostgreSQL query result
I needed monitoring script to mail particular records from a log table.
#!/bin/sh # Sun Jan 29 22:32:22 EET 2012 # done by dragkh recipientMail="meee@host.com me3@host.com" recipientID="jefe" where="$(/bin/pwd)" homeDir="/opt/bin" locKFile="${homeDir}/${recipientID}.lock.alert" SMTP="smtp.host.com:25" FROM_MAIL="me@host.com" LOGIN="me@host.com" LOGIN_PASSWORD="paaa4444ssswwwd00d" sql=" select service_id as SID , reason_to_fail as ERROR , mesg as SMS , shortcode as ORIGINATOR , msisdn as MSISDN , client_sms_id , ext_id as smsID , otime as OTIME , retry as RETRY from bsms_in_failed_requests_log where true and otime > now() - interval '30 minute' order by otime -- limit 50 ; " status=$(echo "${sql}" | /opt/pgsql/bin/psql -x ddlog) echo "$(date) : result : ${status}" #exit 0 if [ "${status}" != "" -a "${status}" != "(No rows)" ] then echo "<!DOCTYPE html PUBliC \"-//W3C//DTD html 4.0 Transitional//EN\"> <html> <head> <META HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html; charset=utf-8\"> </head> <body> <h3>Slednite zaiavki sa bili othvyrleni ot HOSTBGAPI:</h3> <h3>Следните заявки са били отхвърлени в последните 30 минути от HOSTBGAPI:</h3> <pre> ${status} </pre> </body> </html> " | /usr/bin/mailx \ -vvv \ -s "HOSTBG failed requests : $(date) Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit" \ -S smtp-auth=login \ -S smtp="$SMTP" \ -S from="$FROM_MAIL" \ -S smtp-auth-user="$LOGIN" \ -S smtp-auth-password="$LOGIN_PASSWORD" \ -b me1@host.com \ "${recipientMail}" fi crontab -l # notify for rejected requests : */30 * * * * /bin/sh /opt/bin/check.rejected.reqs.and.send.mail.sh >> /var/log/check.rejected.reqs.and.send.mail.log 2>&1
enjoy 🙂