Linux Support, Hosting & Security Hertfordshire

Monday, 2 July 2012

evms_activate is not available on boot


You have (or had) encrypted partitions in your system and are now getting the following error on boot;

evms_activate is not available

WARNING: This is only applicable if you have already checked your /etc/fstab and /etc/crypttab and made sure there are no errors etc in those.


You need to rebuild your initramfs to fix/remove the pointers to the encrypted partitions. The following command will do this;

update-initramfs -u -k all

One method of doing this is to boot from a Linux boot cd, mount your FS, chroot into your install and rebuild the initramfs.

Step-by-Step fix

  • Boot from your favourite distros Live CD. (e.g. Ubuntu 64bit desktop)
  • Open a terminal and run the following commands, replacing sda1 with your root partition (if your /boot is on a separate partition, then you will need to mount that also)
sudo su
mkdir /mnt/fix
mount /dev/sda1 /mnt/fix
mount -t proc none /mnt/fix/proc
mount -o bind /sys /mnt/fix/sys
mount -o bind /dev /mnt/fix/dev
chroot /mnt/fix /bin/bash
update-initramfs -u -k all
  • Reboot the system and cross your fingers!

Did this post help you? Thank us with bitcoin;

Monday, 30 April 2012

Shrink windows guest Virtualbox VDI disk


Shrink/compat a windows guest dynamically allocated NTFS disk image which is in the Virtual box .VDI format to its minimum size.

In order to achieve this, there are a number of programs and steps you need to take;

Steps Outlined

  • Clean up your windows FS
  • Defrag your windows guest fs and optimise it into a solid block of data.
  • Ensure that all free space on the disk is zero'ed out, so Virtual box can see what is unused. This might increase your VDI file to the maximum size, so make sure you have the free space. Virutal box documentation on the flags to use with sdelete are at present wrong! Dont use -c, use -z.
  • Tell Virtual box to compat the VDI disk image

The Steps

  1. Boot up your windows guest and uninstall/delete all unwanted programs and files
  2. Install Ultra Defrag
  3. In Ultra Defrag, run a Defragment [F6]
  4. In Ultra Defrag, run a Full Optimization. [Ctrl+F7]
  5. Download the latest version of sdelete and Extract sdelete zip to c: (or what ever drive your shrinking).
  6. Click Start> Run and type cmd. in the command prompt type;
    c:\sdelete.exe -z c:
  7. Shutdown the windows guest
  8. Run the following command on the linux host (windows virtual box has a similar command and syntax);
VBoxManage modifyhd /path/to/disk.vdi compact

Did this post help you? Thank us with bitcoin;

Thursday, 12 January 2012

ZEND: Merge multiple xml configs for Zend_Navigation

If are using Zend_Navigation and wish to use mutliple xml Zend_Config_Xml files to build your Navigation object then it is possible to merge xml configuration files using Zend_Config::merge and pass the resulting object into Zend_Navigation. (e.g if a module/plugin wishes to append further navigation elements into your main navigation.xml)

The following example will merge two different xml config files and pass the resulting config to Zend_Navigation

//Make an empty Zend_Config object
$config = new Zend_Config( array(), true);

//Merge 1st xml file  (navigation.xml)
    new Zend_Config_Xml(
        APPLICATION_PATH . '/configs/navigation.xml', 

//Merge 2nd xml file (navigation2.xml)
    new Zend_Config_Xml(
        APPLICATION_PATH . '/configs/navigation2.xml', 

//Pass the resulting config to Zend_Navigation
$navigation = new Zend_Navigation($config);

Did this post help you? Thank us with bitcoin;

Saturday, 18 June 2011

Ubuntu 10.04 LTS Lucid PHP >=5.3.3 backport PPA

Ubuntu 10.04 LTS Lucid provides PHP 5.3.2, which is missing some key goodies and has some well known bugs. At the time of writing ubuntu have not backported a newer version to Lucid, however there is an outstanding bug request for it.

In the mean time ive noticed some people are manually compling a new version for their LTS, but thanks to a developer called Fabián Arias there is no longer a need to do this. He has created a PPA for other ubuntu users which will allow you to easily update your PHP (to 5.3.5 at the time of writing).

Id suggest heavy testing before you use this in a live environment, but for those willing to give it a go, just use the following steps;

sudo apt-get install python-software-properties
sudo add-apt-repository ppa:fabianarias/php5
sudo apt-get update
sudo apt-get upgrade
Warning, im not sure if this PPA is being updated with the latest php security patches. Use at your own risk!

Did this post help you? Thank us with bitcoin;

Thursday, 5 May 2011

HOWTO: PHP TCP Server/Client with SSL Encryption using Streams


PHP provides methods to allow you to listen on a TCP port, accept incoming connections and then send and receive SSL encrypted data over the established link.

How it works

First you need to prepare a SSL Certificate for PHP to use in its communication. In this example i will get PHP to create a new self-signed cert everytime the serverside script is started. (But you could use a standard cert as long as its in the pem format).

Then you set PHP to listen on a TCP IP:Port and accept any new incoming connections using the "streams" php extension. At the point of accepting a new connection PHP will queue the commands for each client which connects and run them in order. When a connection is closed it will move the to the next queued client. This allows multiple connections to be active at once without you worrying about manually forking for each. Each connection will get answered, in the order they connected. If your scripts take a long time to execute or you need a concurrency, You may also wish to fork a new process at this point, but we have not included that in this example.

Because we are using the streams extension, once your connection is established, you can read and write to the connection just like you would a local file, using fread/fwrite. But at the other end of the fread/fwrite is not a file, but another program.

Server side script

For the purpose of this example, I will presume you are running a cli php script (which wont timeout etc). I've also only implemented one command being run on each connection, but it is fairly straight forward to change this so you can have a flow of commands and responses going back and forth.

The script will take the following steps;

  • Create a Self-signed SSL Certificate
  • Attach to a TCP IP:Port and listen for connections
  • Accept an incoming connection
  • Switch to SSL
  • Wait and accept a command from the client
  • Respond to command
  • Close the connection

Client side script

This is the script which will run on the client side of the connection

The script will take the following steps;

  • Connect to IP:PORT
  • Switch to SSL
  • Send a command
  • Receive a response
  • Close the connection
  • Echo out the response Received

Download Server/Client Example

You can Download the example code listed below, with the proper tab formatting that our blog appears to strip out. :/

Server side script Code

Make sure you set all of the example variables with your information.

 *  Example of HOWTO: PHP TCP Server/Client with SSL Encryption using Streams
 *  Server side Script
 *  Website :

$ip="";               //Set the TCP IP Address to listen on
$port="8099";                  //Set the TCP Port to listen on
$pem_passphrase = "<your password>";   //Set a password here
$pem_file = "filename.pem";    //Set a path/filename for the PEM SSL Certificate which will be created.

//The following array of data is needed to generate the SSL Cert
$pem_dn = array(
 "countryName" => "UK",                 //Set your country name
 "stateOrProvinceName" => "Herts",      //Set your state or province name
 "localityName" => "St. Albans",        //Ser your city name
 "organizationName" => "Your Company",  //Set your company name
 "organizationalUnitName" => "Your Department", //Set your department name
 "commonName" => "Your full hostname",  //Set your full hostname.
 "emailAddress" => ""  //Set your email address

//create ssl cert for this scripts life.
echo "Creating SSL Cert\n";
createSSLCert($pem_file, $pem_passphrase, $pem_dn);

//setup and listen to a tcp IP/port, returning the socket stream
echo "Listening to {$ip}:{$port} for connections\n";
$socket = setupTcpStreamServer($pem_file, $pem_passphrase, $ip, $port);

//enter a loop until an exit command is received.
while($exit==false) {

 //Accept any new connections
 $forkedSocket = stream_socket_accept($socket, "-1", $remoteIp);

 echo "New connection from $remoteIp\n";

 //start SSL on the connection
 stream_set_blocking ($forkedSocket, true); // block the connection until SSL is done.
 stream_socket_enable_crypto($forkedSocket, true, STREAM_CRYPTO_METHOD_SSLv3_SERVER);

 //Read the command from the client. This will read 8192 bytes of data, If you need to read more you may need to increase this. However some systems will fragment the command over 8192 anyway, so you would instead need to write a loop waiting for the command input to end before proceeding.
 $command = fread($forkedSocket, 8192);

 //unblock connection
 stream_set_blocking ($forkedSocket, false);

 //run a switch on the command to determine what we need to do
 switch($command) {
  //exit command will cause this script to quit out
  CASE "exit";
   echo "exit command received \n";

  //hi command
  CASE "hi";
   //write back to the client a response.
   fwrite($forkedSocket, "Hello {$remoteIp}. This is our $i command run!");

   echo "hi command received \n";

 //close the connection to the client

function createSSLCert($pem_file, $pem_passphrase, $pem_dn) {
//create ssl cert for this scripts life.

 //Create private key
 $privkey = openssl_pkey_new();

 //Create and sign CSR
 $cert    = openssl_csr_new($pem_dn, $privkey);
 $cert    = openssl_csr_sign($cert, null, $privkey, 365);

 //Generate PEM file
 $pem = array();
 openssl_x509_export($cert, $pem[0]);
 openssl_pkey_export($privkey, $pem[1], $pem_passphrase);
 $pem = implode($pem);

 //Save PEM file
 file_put_contents($pem_file, $pem);
 chmod($pem_file, 0600);

function setupTcpStreamServer($pem_file, $pem_passphrase, $ip, $port) {
//setup and listen to a tcp IP/port, returning the socket stream

 //create a stream context for our SSL settings
 $context = stream_context_create();

 //Setup the SSL Options
 stream_context_set_option($context, 'ssl', 'local_cert', $pem_file);  // Our SSL Cert in PEM format
 stream_context_set_option($context, 'ssl', 'passphrase', $pem_passphrase); // Private key Password
 stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
 stream_context_set_option($context, 'ssl', 'verify_peer', false);

 //create a stream socket on IP:Port
 $socket = stream_socket_server("tcp://{$ip}:{$port}", $errno, $errstr, STREAM_SERVER_BIND|STREAM_SERVER_LISTEN, $context);
 stream_socket_enable_crypto($socket, false);

 return $socket;

Client side script Code

Make sure you set all of the example variables with your information.

 *  Example of HOWTO: PHP TCP Server/Client with SSL Encryption using Streams
 *  Client side Script
 *  Website :

$ip="";     //Set the TCP IP Address to connect too
$port="8099";        //Set the TCP PORT to connect too
$command="hi";       //Command to run

//Connect to Server
$socket = stream_socket_client("tcp://{$ip}:{$port}", $errno, $errstr, 30);

if($socket) {
 //Start SSL
 stream_set_blocking ($socket, true);
 stream_socket_enable_crypto ($socket, true, STREAM_CRYPTO_METHOD_SSLv3_CLIENT);
 stream_set_blocking ($socket, false);

 //Send a command
 fwrite($socket, $command);

 $buf = null;
 //Receive response from server. Loop until the response is finished
 while (!feof($socket)) {
  $buf .= fread($socket, 20240);

 //close connection

 //echo our command response
 echo $buf;

Did this post help you? Thank us with bitcoin;

Tuesday, 3 August 2010

Google Font API

I stumbled across this great informative post which gives a nice outline of Google's new Font API. I think most web developers will agree that this could be a game changer.


For years, we’ve been stuck with the same old fonts: Arial, Georgia, Verdana, Times New Roman — web-safe fonts that a majority of web users have installed on their computer. But lately, the web design community is abuzz — and the source of the excitement is around web fonts. "Web fonts" is a generic term that refers to the method of serving font files — the same type of files you have installed on your computer — to your website visitors so that you can guarantee they’ll have the appropriate type faces you want displayed on your web pages.

...end snip

Read the full article here.

Tuesday, 13 July 2010

HOWTO: Mount KVM/Xen virtual disk image outside guest OS


Mounting a virtual disk image used by KVM or Xen (.xm file) outside of the guest OS. (e.g on the Host/Dom0 machine)


These images can not be mounted directly as they are not just a formatted partition, but a complete disk image with a boot sector. So if you try to just mount the file it will fail.


losetup to the rescue! We just need to mount it with losetup, specifying an offset to get past the bootstrap. This way we can also get to different partitions within the disk image.

Steps outlined

  1. Make sure the disk is not in use by the virtual machine! If its a LVM partition then you can take a LVM snapshot of the disk and mount the snapshot.
  2. Mount the virtual image to an lo device using an offset. If your wanting to mount the first partition in the virtual disk, then in most cases the offset will be 32256. If that doesn't work OR its not the first partition then read the instructions for calculating the offset. and use that value instead.
  3. Mount the lo device

Bash commands to mount the image

sudo losetup -o32256 /dev/loop0 /path/to/diskimage.xm
sudo mount /dev/loop0 /mnt/tmp

Clean up when your finished

sudo umount /dev/loop0
sudo losetup -d /dev/loop0



Calculate the offset steps outlined

If the above did not work, then it maybe because the offset ive suggested (32256) is not correct for your setup. The following shows how to calculate the offset for your setup.

  1. Make sure loop0 is free
  2. Mount image to loop0 without an offset
  3. Use fdisk to list partitions
  4. Find the start number of the partition you want to mount. Multiply that it by the number of bytes per sector (normally 512)

Calculate the offset Bash commands

sudo losetup -d /dev/loop0
sudo losetup /dev/loop0 /path/to/diskimage.xm
sudo fdisk -ul /dev/loop0

Look for the "Units = " value and Start value for the partition you wish to mount. In this example its "512 bytes" and "63". The output should show something like;

Disk /dev/loop0: 10.5 GB, 10485760000 bytes                                                                                                                                                                                                                                    
255 heads, 63 sectors/track, 1274 cylinders, total 20480000 sectors                                                                                                                                                                                                            
Units = sectors of 1 * 512 = 512 bytes                                                                                                                                                                                                                                         
Disk identifier: 0x0007b39a                                                                                                                                                                                                                                                    
      Device Boot      Start         End      Blocks   Id  System                                                                                                                                                                                                              
/dev/loop0p1   *          63    20466809    10233373+  83  Linux

Now multiply those two values to get your offset. (e.g. In this example its 512x63=32256)

Now unmount your lo device

sudo losetup -d /dev/loop0

...and start this HOWTO again but using your calculated offset value instead of 32256.

Did this post help you? Thank us with bitcoin;