Archive for the ‘Technical’ Category

« Older Entries

PHP, exec(), perl, not output

Tuesday, November 10th, 2009

Yesterday in writing some PHP to put a pretty web based front end on a perl script I ran into a problem, no output was being returned from the perl script.

I tried all the PHP commands for calling external commands ( exec(), system(), passthru(), and shell_exec() ) and all failed to return output.

What was VERY frustrating was that I was effectively reusing some code that called a different perl script and returned output without any problems. All my various google searches were fruitless as none of them provided me with any solutions or ideas as to how to solve my problem. So I was left to my own devices to figure things out.

Ater much trial and error I discovered that if I displayed the script’s help text (which exits immediately after that) the exec call worked as expected. That lead me to the root cause of my problem. When I was using this script straight from the command like I opened a log file and appended some information to it as the script executed. Perhaps that was the cause….. Not wanting to loose that functionality I first explicitly made sure all my output was being directed to STDOUT. That did not help. Next I removed all instances to printing to the logfile. That also didn’t help. It was only when I removed the open() statement that the erl script began returning information to PHP as I expected.

Posted in Technical | Comments Off

“‘UCHAR_MAX’ undeclared (first use in this function)” solved

Thursday, October 22nd, 2009

In trying to compile an email testing tool on Fedora 11 I ran into error while make was compiling one of the programs.
I kept getting the error:

‘UCHAR_MAX’ undeclared (first use in this function)

While a googling of this error message did return a lot of results none of them had much useful content for actually solving it. There was a hint in one post on page 2 of my google results that helped me craft the right query to find the answer.

As it turn out UCHAR_MAX is declared in limits.h which for this particular program was not being included. Once that was added the program compiled with no complaints.

Posted in Technical | No Comments »

finally back up

Monday, June 1st, 2009

I finally took a few minutes this afternoon to get Apache back up and running.

It failed to come back after the server restarted a 2 weeks ago today. Why did the server restart you might ask. Because the collocation facility where it is house mucked up something with the back-up power. The story is they while doing a weekly test of the generator the switch back to main power failed and the UPS batteries failed before they could get the mains back online or the generators running again.

While I got the most critical functions of the server back as soon as I could (and it was non trivial thanks to an issue with my RAID 1 mirrored config and a corrupted boot file) and restarted critical functions (my mail server and a 2nd mailserver that is relied on for a business). The web server and blog could wait. And wait they did all the way until today.

Now it is back and I am happy.

Oh and two other things the power outage claimed 1 server immediately and I hold it responsible for a firewall failing last week. And I have to say I am no fan of software RAID 1 mirroring on this machine. It made recovering about 10x as hard b/c I had to unmirror the root partition.

Posted in Customer Service, Random, Technical | No Comments »

Hacking an APC9211

Sunday, March 22nd, 2009

This morning after being frustrated with getting a USB drive to function properly on linux machine I turned my attention to breaking into an APC Power Switch I had acquired but didn’t have the opportunity to do a reset and recover before I had to install it. This would be simple if I could reset the switch during a reboot, unfortunately in doing this I would reboot several servers that needed to stay up and available.

So I went searching a bit and found that this APC Power Switch is vulnerable to a local attack that would allow you to find what the current administrative user account is defined as as well as the current password associated with that account. The vulnerability was in a different, more recent, version of the software currently being run by the device. I was hopeful that my older version would also be vulnerable.

The first step is to connect to the serial port on the device using a standard null modem cable running at 2400baud 8-N-1. Once you get a User Name : prompt enter apc and the password: TENmanUFactOryPOWER

This will drop you to the Factory Menu that will look like this: 

User Name : apc
Password  : *******************

Factory Menu
<ctrl -A> to exit

1AP9606
2WA0033002610
310
408/08/2000
500 C0 B7 63 FA F1
6v2.5.3
7A
8A
9198.180.62.87
A255.255.255.240
B198.180.62.81
C
D
E
F
G

The instruction I found indicated at this point to enter 13 which will drop you to this prompt:

Selection> 13

Enter byte address in Hex(XXXX):

The instructions further indicated that the address to view taht would contain the information was: 1d10. However in my version of the software this is what I saw: 

Enter byte address in Hex(XXXX): 1d10

1D10   FF FF FF FF FF FF FF FF  ........
1D18   FF FF FF FF FF FF FF FF  ........
1D20   FF FF FF FF FF FF FF FF  ........
1D28   FF FF FF FF FF FF FF FF  ........
1D30   FF FF FF FF FF FF FF FF  ........
1D38   FF FF FF FF FF FF FF FF  ........
1D40   FF FF FF FF FF FF FF FF  ........
1D48   FF FF FF FF FF FF FF FF  ........
1D50   FF FF FF FF FF FF FF FF  ........
1D58   FF FF FF FF FF FF FF FF  ........
1D60   FF FF FF FF FF FF FF FF  ........
1D68   FF FF FF FF FF FF FF FF  ........
1D70   FF FF FF FF FF FF FF FF  ........
1D78   FF FF FF FF FF FF FF FF  ........
1D80   FF FF FF FF FF FF FF FF  ........
1D88   FF FF FF FF FF FF FF FF  ........

<sp>nxt,b-bck,p-pch,other-exit

Obviously there is no useful information there. So I started to systematically tr other address locations to see if the information I was seeking was someplace else. After about 5 minutes of trial and error I found the information I was seeking at 1c2: 

Enter byte address in Hex(XXXX): 1c2

01C2   FF FF FF FF FF FF FF FF  ........
01CA   FF FF FF FF FF FF FF 50  .......P
01D2   46 61 64 6D 69 6E 00 64  Fadmin.d
01DA   6D 69 6E 00 68 69 68 61  min.hiha
01E2   74 31 31 00 00 00 FF 64  t11....d
01EA   65 76 69 63 65 00 FF FF  evice...
01F2   FF FF 61 70 63 00 FF FF  ..apc...
01FA   FF FF FF FF FF 72 6F 62  .....rob
0202   68 61 72 72 69 73 68 61  harrisha
020A   73 61 62 61 62 79 00 FF  sababy..
0212   FF FF FF FF FF FF FF FF  ........
021A   FF FF FF FF FF FF 64 65  ......de
0222   76 69 63 65 20 75 73 65  vice use
022A   72 20 70 68 72 61 73 65  r phrase
0232   00 FF FF FF FF FF FF FF  ........
023A   FF FF FF FF FF FF FF 00  ........

<sp>nxt,b-bck,p-pch,other-exit

In case you don’t see it the userid is admin and the password is hihat11

After gaining that information I was able to easily login, and reset the password to something I will easily remember as well as configuring the network interface to enable web management of the device.

Posted in Technical | 2 Comments »

Ostrich responses to an error message

Monday, February 23rd, 2009

I was looking at the DNS servers I admin last week and noticed, among other things, the following error message showing up frequently in the system logs: 

Feb 23 10:23:08 baltimore named[14105]: [ID 873579 daemon.info] \
edns-disabled: info: too many timeouts resolving \
'171.221.32.207.sbl.spamhaus.org/TXT' \
(in 'sbl.spamhaus.org'?): disabling EDNS

This looks like a problem that should be fixed. I googled this error message and 9 out of 10 replies to people asking how to deal with this error was (and I’m paraphrasing)

“Oh just ignore it, and here’s how to configure logging to not log those errors”

WTF? How about some helpful information about why this is happening and how to fix it? Or more information why it is happening so a person can be informed about what is happening and the root causes.

here is a posting from Mark Williamson the bind-users mailing list that does provide some useful information that can be used to made an informed decision if you want to disable logging these events: 

"disabling EDNS" is issued when named experiences too many
timeouts to EDNS queries and named decides to give up on
EDNS and revert to plain old DNS.   Now timeouts can be the
result of many things.  Broken nameservers that don't respond
to EDNS queries.  Firewalls that block EDNS queries.
Firewalls that block fragmented responses.  Firewalls/NATs
that don't handle out of order fragments.

Timeouts can also be due to other network problems including
unreachable servers.

If you are getting lots of these then you do have network /
firewall problems.  They may however *not* be caused by EDNS.

The message has the symptom "too many timeouts", what it
was trying to do "resolving 'ns.cmmail.com/AAAA' (in
'cmmail.com'?)" and what named doing "disabling EDNS" to
try to rectify the problem.

based on that information I think I will be disabling these messages.

Posted in Opinion, Technical, Uncategorized | No Comments »

upgraded to v2.7

Monday, February 9th, 2009

I finally bothered to upgrade to Wordpress 2.7 tonight. It took a little longer than I would have liked but that is because of the various plug-ins I have installed, several needed upgrading which took some additional time. But now I’m up to date.

Posted in Technical | No Comments »

VMWare Server 2.0 problems

Monday, February 9th, 2009

For the past few days at work I’ve been banging my head against my desk because I can’t see to get VMWare Server 2.0 to remember virtual machines after a reboot.

I tried many things including creating new directories and setting the permissions on them to 777 (accessible to all). None of those things helped. Then it dawned on me….maybe it was something else….

The what else was the file system I am using is a software RAID 5 array mounted to /export. This file system isn’t mounted until last in the boot process, after vmware started. Perhaps that was the problem. And after a restart of the vmware process it did indeed turn out to be the problem.

My quick and dirty solution is to restart the vmware service immediately after I mount /export.

This also indicates VMware does not dynamically read a data store but only once on boot and then just adds to it if you create a new Virtual Machine. Given my experience this doesn’t seem to be an ideal way to do this.

Posted in Technical | No Comments »

Roku’s Netflix Player

Sunday, January 11th, 2009

Danielle bought me this device for my birthday. I had been hesitant to do so for myself for a couple reasons. The primary one was some of the reviews I had seen mentioned issues with video quality and streaming issues. The secondary one was I didn’t really want yet another A/V component and remote around. But I am glad Danielle didn’t consider any of this and just bought it because it is a wonderful device for my wants/needs.

The quality and streaming issues I have yet to see any problems with. For the former it is probably related to the fact that I’m still using an older standard definition CRT TV. So unless something is very noticeably pixelated or the like I don’t notice. As for any streaming issues I credit my ISP () with providing me a good quality connection.

The other great thing about this device is its core purpose streaming movies from Netflix. Both Danielle and I are more willing to add some movies to our instant queue than we would be to add them to our normal queue. Since we have unlimited streaming and there is no turn around time watching something like McLibel or Going to Pieces: The Rise and Fall of the Slasher Film makes more sense.

I am very much looking forward to Roku adding addition streaming options in addition to Netflix. Hulu would be a great start. Or if they could do something like Sling has with their online streaming and making multiple sources available via a single front end that would be even better and more user friendly.

For me the roku added to my Tivo’s with Amazon Unboxed makes me happy and have zero desire to get an Apple TV even with something like Boxee added to it (via a hack).

Posted in Opinion, Technical | No Comments »

Good customer service

Monday, October 13th, 2008

Say all the bad things you want about Apple but my experience at the Genius Bar in Columbia Mall with Steve today was great. I opted for Columbia over Towson because I had another errand that I needed to accomplish there.

My appointment was for 2:40 and it was right on time (if not a minute or two early that they called on me). I explained my problem and Steve immediately dove in to trying to solve my problem. At first he suspected it might be a video card problem and tried to nail it down to that. He wasn’t able to and called Apple support and one way or another Apple decided to cover the cost of whatever repair is required to get me running (logic board seems to be the consensus to people I’ve spoken to about the problem). I don’t know why they decided to make that decision but it is a cheap way to keep me a happy Apple customer.

I couldn’t leave it with Apple today since I needed to remove some confidential files (even though it is an encrypted drive) because it is just the right thing to do. But Steve left me with his card and a reference number so everything e did and they fact Apple will take it back to fix it is recorded.

So while I am away for the next week my MacBook will be getting fixed. And unless there is some compelling new netbook type Apple being released I won’t feel compelled to venture to an Apple store in Jacksonville.

Posted in Apple, Customer Service, Opinion, Technical | No Comments »

My impression of G1 review/comments

Wednesday, September 24th, 2008

Like the initial release of Apple’s iPhone I’ surprised at how many people are panning the phone before we have any real devices in people’s hands. I’m also noticing some similar themes between the iPhone initial comments and the G1. Here they are:

iPhone (v1.0) T-Mobile’s G1
no exchange support no exchange support
no keyboard no touch screen
locks you into Apple’s world locks you into Google’s world
where is my CDMA (i.e. Verizon) model? where is my CDMA (i.e. Verizon) model?
what no 3G? T-Mobile still doesn’t have 3G where I lived
no support for VoIP (what you mean I need to use my cell phone as a cell phone?!?!?! that’s crazy!) no support for VoIP (what you mean I need to use my cell phone as a cell phone?!?!?! that’s crazy!)
My Windows Mobile phone has been able to do all the same things for years My Windows Mobile phone has been able to do all the same things for years
Only 4GB of storage space on the entry level model Only 1GB of storage space on the entry level model

Personally I’m tempted, especially since unlike the iPhone I can buy one unlocked (for what the original iPhones cost IIRC). But I’m going to wait until I hear back from some hands on reviews and the first adopters.

Posted in Opinion, Technical, Uncategorized | 2 Comments »

« Older Entries