Tag Archives | Linux

Xnest, xdmcp and X11 on CentOS

It has been a while since I have used XNest. It works. Slow, but it works. I can ssh into a box and bring back a full X session back to my Mac.

In CentOS 5.5 I had to edit /etc/gdm/custom.conf and add:

Enable=true under [xdmcp]. Restart X and now I can run:

Xnest :1 -geometry 1024×768 -kb -query localhost

which will bring a gnome session back to my X11 server.

Very easy with out having to open any ports!

GNU date vs BSD date

I usually develop and test my BASH scripts on my mac, mostly for use on RedHat systems. Occasionally I run into problems with this workflow. Recently I realized there was a differnce between the date command on RedHat and the date command in OS X. Turns out BDS date != GNU date. The workaround, install coreutils from Mac Ports, and add this alias to my .bashrc:

alias date=”/opt/local/bin/gdate”


Update: gdate is part of the GNU coreutils, and the MacPorts install command for gdate is: sudo port install coreutils

Quick check if a mysql database exists

Here is my bash code that checks if a db exists before I try to create one in a script:

DBEXISTS=$(mysql --batch --skip-column-names -e "SHOW DATABASES LIKE '"$DBNAME"';" | grep "$DBNAME" > /dev/null; echo "$?")
if [ $DBEXISTS -eq 0 ];then
	echo "A database with the name $DBNAME already exists. exiting"

This will exit out if there is a database with the name you are searching for. The tricky part for me (and always is) was this double quotes inside the single quotes in the LIKE statement.

Finding diffs between clean and modified versions of WordPress

We have an issue where our developers try to update the core WordPress files. I wanted to find a way to keep them honest. here is my script:

# get WordPress
cd ~/src/
rm -f ~/src/latest.tar.gz
rm -rf ~/src/wordpress/
wget -q http://wordpress.org/latest.tar.gz
tar -xzf latest.tar.gz
CURRENTVERSION=$(grep "wp_version =" ~/src/wordpress/wp-includes/version.php | cut -f 3 -d " " | sed "s/;//" | sed "s/'//g")
# find WordPress installs and compare
for installpath in $(find $SEARCHPATH -name wp-config.php)
		BASEDIR=$(dirname $installpath)
		INSTALLEDVERSION=$(grep "wp_version =" $BASEDIR/wp-includes/version.php | cut -f 3 -d " " | sed "s/;//" | sed "s/'//g")
		echo "====Comparing $BASEDIR to Source====" 
		diff -rq --exclude="wp-content" ~/src/wordpress  $BASEDIR #| grep differ

CentOS: HowTo install ruby, rubygems and passenger for a redmine install

I like to put my complied software in /opt vs /usr/local. Make sure rpm version is not installed.

install ruby:

wget ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p174.tar.gz
./configure --prefix=/opt/ruby-1.8.7-p174
sudo make && sudo make install

user alternatvies to create sym links:

/usr/sbin/alternatives --install /usr/bin/ruby ruby /opt/ruby-1.8.7-p174/bin/ruby 1 \
--slave /usr/bin/rdoc rdoc /opt/ruby-1.8.7-p174/bin/rdoc \
--slave /usr/bin/ri ri /opt/ruby-1.8.7-p174/bin/ri \
--slave /usr/bin/irb irb /opt/ruby-1.8.7-p174/bin/irb \
--slave /usr/bin/erb erb /opt/ruby-1.8.7-p174/bin/erb \
--slave /usr/bin/testrb testrb /opt/ruby-1.8.7-p174/bin/testrb \
--slave /usr/bin/gem gem /opt/ruby-1.8.7-p174/bin/gem \
--slave /usr/bin/rake rake /opt/ruby-1.8.7-p174/bin/rake

make sure current ruby is set to 1.8.7: /usr/sbin/alternatives –config ruby

install rubygems:

wget http://rubyforge.org/frs/download.php/70696/rubygems-1.3.7.tgz
sudo ruby setup.rb

install gems (No docs):

gem install --no-rdoc --no-ri rails
gem install --no-rdoc --no-ri passenger
gem install --no-rdoc --no-ri mysql
gem install --no-rdoc --no-ri rack -v=1.0.1

Passenger said I needed to install curl-dev  (yum install curl-devel)

install passenger apache module:


modify your httpd conf file

   LoadModule passenger_module /opt/ruby-1.8.7-p174/lib/ruby/gems/1.8/gems/passenger-3.0.0/ext/apache2/mod_passenger.so
   PassengerRoot /opt/ruby-1.8.7-p174/lib/ruby/gems/1.8/gems/passenger-3.0.0
   PassengerRuby /opt/ruby-1.8.7-p174/bin/ruby

Install redmine according to Docs

My current WordPress Update Script

Below is my current WordPress update script. First this script downloads the most recent version and determines which version it is:

cd ~/src/
rm -f ~/src/latest.tar.gz
rm -rf ~/src/wordpress/
wget -q http://wordpress.org/latest.tar.gz
tar -xzf latest.tar.gz
CURRENTVERSION=$(grep "wp_version =" wordpress/wp-includes/version.php | cut -f 3 -d " " | sed "s/;//" | sed "s/'//g")
echo "Latest Version: $CURRENTVERSION"

Next it looks for all wp-config.php files in all the websites to identify which sites have WordPress installed. Then and finds the version from the versions.php script. If the version is not equal to the most recent downloaded version (from the code above), it copies the updated source to the website:

for installpath in $(find /webdir -name wp-config.php)
	BASEDIR=$(dirname $installpath)
	INSTALLEDVERSION=$(grep "wp_version =" $BASEDIR/wp-includes/version.php | cut -f 3 -d " " | sed "s/;//" | sed "s/'//g")
		cp -R  ~/src/wordpress/* $BASEDIR/
		echo $BASEDIR "is already" $CURRENTVERSION

My esxupdate script

I was having problems using update manager on an esx box at a remote site. I needed to install several prerequisite patches before i could get to U5.
I went to : http://www.vmware.com/patch/download/ and found the patches I needed.

So I used lwp-download to download the files(esx does not have wget) like so:

lwp-download http://download3.vmware.com/software/vi/ESX350-200911210-UG.zip
lwp-download http://download3.vmware.com/software/vi/ESX350-200911211-UG.zip
lwp-download http://download3.vmware.com/software/vi/ESX350-200911212-UG.zip
lwp-download http://download3.vmware.com/software/vi/ESX350-200911214-UG.zip
lwp-download http://download3.vmware.com/software/vi/ESX350-200911215-UG.zip
lwp-download http://download3.vmware.com/software/vi/ESX350-200911217-UG.zip
lwp-download http://download3.vmware.com/software/vi/ESX350-200911219-UG.zip
lwp-download http://download3.vmware.com/software/vi/ESX350-200911221-UG.zip
lwp-download http://download3.vmware.com/software/vi/ESX350-200911222-UG.zip
lwp-download http://download3.vmware.com/software/vi/ESX350-200911223-UG.zip

Then I used the following simple bash script:

for i in ESX350-2009*.zip
unzip $i
mv {,_}$i
cd ${i%%.*}/
esxupdate --noreboot update
cd /back/to/location/of/patches
mv {,_}${i%%.*}/

Use IPTables to ban repeated ssh attempts

My logs were getting filled with scripts trying to log in via ssh. I already have “PasswordAuthentication no” so I believe I am safe. I wanted to add a new layer (and keep my logs cleaner). I added the following to my iptables config. Anyone with more than 4 connections in 60 seconds is banned:

. . . 
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j SSHAUTOBAN
. . . 
-A SSHAUTOBAN -m recent --set --name SSH
-A SSHAUTOBAN -m recent --rcheck --hitcount 4 --name SSH -j LOG
-A SSHAUTOBAN -m recent --update --seconds 60 --hitcount 4 --rttl --name SSH -j DROP
-A SSHAUTOBAN -m recent --rcheck --name SSH -j ACCEPT