Linux Support, Hosting & Security Hertfordshire

Monday, 2 July 2012

evms_activate is not available on boot

Problem

You have (or had) encrypted partitions in your system and are now getting the following error on boot;

evms_activate is not available

WARNING: This is only applicable if you have already checked your /etc/fstab and /etc/crypttab and made sure there are no errors etc in those.

Solution

You need to rebuild your initramfs to fix/remove the pointers to the encrypted partitions. The following command will do this;

update-initramfs -u -k all

One method of doing this is to boot from a Linux boot cd, mount your FS, chroot into your install and rebuild the initramfs.

Step-by-Step fix

  • Boot from your favourite distros Live CD. (e.g. Ubuntu 64bit desktop)
  • Open a terminal and run the following commands, replacing sda1 with your root partition (if your /boot is on a separate partition, then you will need to mount that also)
sudo su
mkdir /mnt/fix
mount /dev/sda1 /mnt/fix
mount -t proc none /mnt/fix/proc
mount -o bind /sys /mnt/fix/sys
mount -o bind /dev /mnt/fix/dev
chroot /mnt/fix /bin/bash
update-initramfs -u -k all
exit
  • Reboot the system and cross your fingers!

Did this post help you? Thank us with bitcoin;

Monday, 30 April 2012

Shrink windows guest Virtualbox VDI disk

Intro

Shrink/compat a windows guest dynamically allocated NTFS disk image which is in the Virtual box .VDI format to its minimum size.

In order to achieve this, there are a number of programs and steps you need to take;

Steps Outlined

  • Clean up your windows FS
  • Defrag your windows guest fs and optimise it into a solid block of data.
  • Ensure that all free space on the disk is zero'ed out, so Virtual box can see what is unused. This might increase your VDI file to the maximum size, so make sure you have the free space. Virutal box documentation on the flags to use with sdelete are at present wrong! Dont use -c, use -z.
  • Tell Virtual box to compat the VDI disk image

The Steps

  1. Boot up your windows guest and uninstall/delete all unwanted programs and files
  2. Install Ultra Defrag
  3. In Ultra Defrag, run a Defragment [F6]
  4. In Ultra Defrag, run a Full Optimization. [Ctrl+F7]
  5. Download the latest version of sdelete and Extract sdelete zip to c: (or what ever drive your shrinking).
  6. Click Start> Run and type cmd. in the command prompt type;
    c:\sdelete.exe -z c:
  7. Shutdown the windows guest
  8. Run the following command on the linux host (windows virtual box has a similar command and syntax);
VBoxManage modifyhd /path/to/disk.vdi compact

Did this post help you? Thank us with bitcoin;

Thursday, 12 January 2012

ZEND: Merge multiple xml configs for Zend_Navigation

If are using Zend_Navigation and wish to use mutliple xml Zend_Config_Xml files to build your Navigation object then it is possible to merge xml configuration files using Zend_Config::merge and pass the resulting object into Zend_Navigation. (e.g if a module/plugin wishes to append further navigation elements into your main navigation.xml)

The following example will merge two different xml config files and pass the resulting config to Zend_Navigation

//Make an empty Zend_Config object
$config = new Zend_Config( array(), true);

//Merge 1st xml file  (navigation.xml)
$config->merge( 
    new Zend_Config_Xml(
        APPLICATION_PATH . '/configs/navigation.xml', 
        'nav'
    )
);

//Merge 2nd xml file (navigation2.xml)
$config->merge( 
    new Zend_Config_Xml(
        APPLICATION_PATH . '/configs/navigation2.xml', 
        'nav'
    )
);

//Pass the resulting config to Zend_Navigation
$navigation = new Zend_Navigation($config);

Did this post help you? Thank us with bitcoin;

Saturday, 18 June 2011

Ubuntu 10.04 LTS Lucid PHP >=5.3.3 backport PPA

Ubuntu 10.04 LTS Lucid provides PHP 5.3.2, which is missing some key goodies and has some well known bugs. At the time of writing ubuntu have not backported a newer version to Lucid, however there is an outstanding bug request for it.

In the mean time ive noticed some people are manually compling a new version for their LTS, but thanks to a developer called Fabián Arias there is no longer a need to do this. He has created a PPA for other ubuntu users which will allow you to easily update your PHP (to 5.3.5 at the time of writing).

Id suggest heavy testing before you use this in a live environment, but for those willing to give it a go, just use the following steps;

sudo apt-get install python-software-properties
sudo add-apt-repository ppa:fabianarias/php5
sudo apt-get update
sudo apt-get upgrade
Warning, im not sure if this PPA is being updated with the latest php security patches. Use at your own risk!

Did this post help you? Thank us with bitcoin;

Thursday, 5 May 2011

HOWTO: PHP TCP Server/Client with SSL Encryption using Streams

Intro

PHP provides methods to allow you to listen on a TCP port, accept incoming connections and then send and receive SSL encrypted data over the established link.


How it works

First you need to prepare a SSL Certificate for PHP to use in its communication. In this example i will get PHP to create a new self-signed cert everytime the serverside script is started. (But you could use a standard cert as long as its in the pem format).

Then you set PHP to listen on a TCP IP:Port and accept any new incoming connections using the "streams" php extension. At the point of accepting a new connection PHP will queue the commands for each client which connects and run them in order. When a connection is closed it will move the to the next queued client. This allows multiple connections to be active at once without you worrying about manually forking for each. Each connection will get answered, in the order they connected. If your scripts take a long time to execute or you need a concurrency, You may also wish to fork a new process at this point, but we have not included that in this example.

Because we are using the streams extension, once your connection is established, you can read and write to the connection just like you would a local file, using fread/fwrite. But at the other end of the fread/fwrite is not a file, but another program.


Server side script

For the purpose of this example, I will presume you are running a cli php script (which wont timeout etc). I've also only implemented one command being run on each connection, but it is fairly straight forward to change this so you can have a flow of commands and responses going back and forth.

The script will take the following steps;

  • Create a Self-signed SSL Certificate
  • Attach to a TCP IP:Port and listen for connections
  • Accept an incoming connection
  • Switch to SSL
  • Wait and accept a command from the client
  • Respond to command
  • Close the connection


Client side script

This is the script which will run on the client side of the connection

The script will take the following steps;

  • Connect to IP:PORT
  • Switch to SSL
  • Send a command
  • Receive a response
  • Close the connection
  • Echo out the response Received


Download Server/Client Example

You can Download the example code listed below, with the proper tab formatting that our blog appears to strip out. :/


Server side script Code

Make sure you set all of the example variables with your information.

<?php
/*
 *  Example of HOWTO: PHP TCP Server/Client with SSL Encryption using Streams
 *  Server side Script
 * 
 *  Website : http://blog.leenix.co.uk/2011/05/howto-php-tcp-serverclient-with-ssl.html
 */

$ip="127.0.0.1";               //Set the TCP IP Address to listen on
$port="8099";                  //Set the TCP Port to listen on
$pem_passphrase = "<your password>";   //Set a password here
$pem_file = "filename.pem";    //Set a path/filename for the PEM SSL Certificate which will be created.

//The following array of data is needed to generate the SSL Cert
$pem_dn = array(
 "countryName" => "UK",                 //Set your country name
 "stateOrProvinceName" => "Herts",      //Set your state or province name
 "localityName" => "St. Albans",        //Ser your city name
 "organizationName" => "Your Company",  //Set your company name
 "organizationalUnitName" => "Your Department", //Set your department name
 "commonName" => "Your full hostname",  //Set your full hostname.
 "emailAddress" => "email@example.com"  //Set your email address
);

//create ssl cert for this scripts life.
echo "Creating SSL Cert\n";
createSSLCert($pem_file, $pem_passphrase, $pem_dn);

//setup and listen to a tcp IP/port, returning the socket stream
echo "Listening to {$ip}:{$port} for connections\n";
$socket = setupTcpStreamServer($pem_file, $pem_passphrase, $ip, $port);

//enter a loop until an exit command is received.
$exit=false;
$i=1;
while($exit==false) {

 //Accept any new connections
 $forkedSocket = stream_socket_accept($socket, "-1", $remoteIp);

 echo "New connection from $remoteIp\n";

 //start SSL on the connection
 stream_set_blocking ($forkedSocket, true); // block the connection until SSL is done.
 stream_socket_enable_crypto($forkedSocket, true, STREAM_CRYPTO_METHOD_SSLv3_SERVER);

 //Read the command from the client. This will read 8192 bytes of data, If you need to read more you may need to increase this. However some systems will fragment the command over 8192 anyway, so you would instead need to write a loop waiting for the command input to end before proceeding.
 $command = fread($forkedSocket, 8192);

 //unblock connection
 stream_set_blocking ($forkedSocket, false);

 //run a switch on the command to determine what we need to do
 switch($command) {
  //exit command will cause this script to quit out
  CASE "exit";
   $exit=true;
   echo "exit command received \n";
  break;

  //hi command
  CASE "hi";
   //write back to the client a response.
   fwrite($forkedSocket, "Hello {$remoteIp}. This is our $i command run!");
   $i++;

   echo "hi command received \n";
  break;
 }

 //close the connection to the client
 fclose($forkedSocket);
}
exit(0);



function createSSLCert($pem_file, $pem_passphrase, $pem_dn) {
//create ssl cert for this scripts life.

 //Create private key
 $privkey = openssl_pkey_new();

 //Create and sign CSR
 $cert    = openssl_csr_new($pem_dn, $privkey);
 $cert    = openssl_csr_sign($cert, null, $privkey, 365);

 //Generate PEM file
 $pem = array();
 openssl_x509_export($cert, $pem[0]);
 openssl_pkey_export($privkey, $pem[1], $pem_passphrase);
 $pem = implode($pem);

 //Save PEM file
 file_put_contents($pem_file, $pem);
 chmod($pem_file, 0600);
}

function setupTcpStreamServer($pem_file, $pem_passphrase, $ip, $port) {
//setup and listen to a tcp IP/port, returning the socket stream

 //create a stream context for our SSL settings
 $context = stream_context_create();

 //Setup the SSL Options
 stream_context_set_option($context, 'ssl', 'local_cert', $pem_file);  // Our SSL Cert in PEM format
 stream_context_set_option($context, 'ssl', 'passphrase', $pem_passphrase); // Private key Password
 stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
 stream_context_set_option($context, 'ssl', 'verify_peer', false);

 //create a stream socket on IP:Port
 $socket = stream_socket_server("tcp://{$ip}:{$port}", $errno, $errstr, STREAM_SERVER_BIND|STREAM_SERVER_LISTEN, $context);
 stream_socket_enable_crypto($socket, false);

 return $socket;
}
?>

Client side script Code

Make sure you set all of the example variables with your information.

<?php
/*
 *  Example of HOWTO: PHP TCP Server/Client with SSL Encryption using Streams
 *  Client side Script
 *
 *  Website : http://blog.leenix.co.uk/2011/05/howto-php-tcp-serverclient-with-ssl.html
 */

$ip="127.0.0.1";     //Set the TCP IP Address to connect too
$port="8099";        //Set the TCP PORT to connect too
$command="hi";       //Command to run


//Connect to Server
$socket = stream_socket_client("tcp://{$ip}:{$port}", $errno, $errstr, 30);

if($socket) {
 //Start SSL
 stream_set_blocking ($socket, true);
 stream_socket_enable_crypto ($socket, true, STREAM_CRYPTO_METHOD_SSLv3_CLIENT);
 stream_set_blocking ($socket, false);

 //Send a command
 fwrite($socket, $command);


 $buf = null;
 //Receive response from server. Loop until the response is finished
 while (!feof($socket)) {
  $buf .= fread($socket, 20240);
 }

 //close connection
 fclose($socket);

 //echo our command response
 echo $buf;
}
?>

Did this post help you? Thank us with bitcoin;

Wednesday, 1 December 2010

Pura Launch new sister site

Announcement

Pura asked us to assist in the redesign of their existing website into a sister site which is dedicated to the sale of Dermalogica Products.

The new design needed to be better suited to Dermalogica brand colours, while still retaining the majority of investment they had already put into their existing site. The result was a re-skinning and reworking of the site to achieve both objectives.

The results can be seen at below;

Before -> www.pura-nb.com

After -> www.pura-skin-care.com

Friday, 22 October 2010

iG3 Website Launched

Announcement

Today we launched our latest website for a company called iG3. They are the official and exclusive UK SME sales agents for the world leading Quofore mobile sales force automation software.


What is it?

Quofore is a solution which consists of two major parts:

Mobile Field Rep management software

In the field, Quofore runs on reps’ mobile devices, giving them instant access to functionality that boosts the efficiency and effectiveness of daily activities. User-friendly and feature-rich handheld application that typically runs on PDA and Smartphone style device allowing instant access to your data. Giving an ease of use that results in successful take up in the field and faster call times, while also ensuring best practice policies are used.

Field salesforce management

At head office, managers use Quofore to direct, manage, and monitor field operations. Comprehensive field operation controls such as messaging, call planning, territory management and activity analysis. This in-office application integrates seamlessly with the Mobile Suite applications on the field representatives handheld devices. Intelligent active messaging allows managers to act in time to make a difference, for example, to fix stock-outs, increase promotion compliance, or thwart competitor pricing.