Saturday, May 30, 2009
install vmware tools
* your kernel configuration (enabled by default). *
* *
* To configure and recompile your kernel see: *
* http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig.html *
==========================
please remember to configure your network by adding:
ifconfig_vxn0="dhcp"
to the /etc/rc.conf file and start the network with:
/etc/netstart
to use the vmxnet interface using DHCP
Thursday, May 28, 2009
APR == Apache Portable Runtime 簡介
APR 是Apache Portable Runtime的縮寫。APR本來主要目的在於將Apache系統中與作業系統相關的實作部分獨立出來,另外提供一與OS無關的應用程式介面(API,Application Programming Interface)供程式設計者使用,也就是模擬出一個虛擬的OS介面,其主要針對Thread、Process、Directories等功能進行虛擬化。如此一來,可以在不需大量變動原始程式碼即可輕易達到將Apache軟體移植至其他的作業系統上。如果要將所開發的程式移植到新的作業系統上,程式設計者只要在新的作業系統上實作APR所提供的的介面,就可以達到將開發的程式輕易地移植到其他 作業系統 上。
由APR的全名就可以知道,APR原本是屬於Apache的一部份,但是自從Apache 1.3版之後已經被獨立成為一個單獨的project,當然除了Apache之外,也有許多軟體是以APR為基礎或是使用APR進行開發,達到 platform independent。著名的軟體專案包括:Subversion等等。
APR 大致上可以分了兩個部分,分別為APR Core與APR Util。APR Core包含了最基本的portable functions,Apr Util則包含其他不屬於Core但也必須是portable的functions。以下針對APR Core與APR Util分別描述所提供的功能。
APR Core提供了以下功能:
* Reading and writing files
* Character set conversion
* Network communications with sockets
* Time management used for Internet type conversions
* String manipulation like C++ including neural order management
* UNIX password management routines
* Table management routines
* UUID Internet generation
* Filename canonicalization
* Random data generation
* Global lock management
* Threads and process management
* Dynamic library loading routines
* Memory mapped and shared memory
APR Util提供了以下的功能:
參考資料
* Apache Portable Runtime Project
* APR Networking & the Reactor Pattern : Native-code portability for C/C++ programmers
* APR tutorial
after installed or modified a new masted.passwd file
FreeBSD Make World
Welcome to Make World. Theme park rides in this area are know as Panic, Confusion,Dismay, and our all time favorite Segfault
Error Operating System not Found. Please note these rides are not for the faint of heart or the easily frustrated as Make
World rides will emphasis these handicaps. Please note all of these rides are designed solely for the amusement of the
engineers who designed the system and are thousands of miles away. And for people around you who love to laugh at you while
you suffer miserably on these knee jerk rides. And since Make World is free ( as in beer ) you will be getting your money's
worth.
Okay lets boil this down, you can make a trip through Make World with this command:
cd /usr/src/ && mergemaster -p && make buildworld && make buildkernel KERNCONF=KERNNAME && make installkernel KERNCONF=KERNNAME && make installworld && mergemaster && shutdown -r +3
Now if you just went ahead and did that without reading any further. I wish you the best of luck on your journey into hell.
Make World:
is what FreeBSD user call it when you do an upgrade by using the make world group of commands.
The Obligatory Warnings:
BACKUP
BACKUP
BACKUP
If you don't to bad for you. You won't even get cheese with that whine.
I try to keep my articles as simple as possible and not overload you with useless information that you probably don't need.
This article will go completely overboard in that area. Don't like it, to damn bad. What happens when you do this to your
computer is pretty extensive. If messes with just about every critical file it can get it's hands on. And one wrong move
will screw it up to the point where it won't even boot. Scared ? Good. That means you will have loads of fun.
And yes you probably don't need half the information I am throwing at you so I will try to keep critical stuff on the
forefront and trivia in the back. Some people actually want to be a bit smarter others just want to upgrade.
This article deals with an upgrade on a FreeBSD system that originally had 4.7 Stable and upgraded to 4.8 Stable. Current
users don't need this article. Because they like to live on the edge and help beta test new and risky stuff. I am not so
brave.
Everything is done here is done as root.
Final Warning: The handbook really won't help you.
*Addendum.* 6/4/05 The handbook has vastly improved on how to do a make world.
It does not include all the details I have here , but it is much much better.
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html
The Breakdown:
uname -a
cvsup stable-supfile
make.conf
cd /usr/src
mergemaster -p
make buildworld
make buildkernel KERNCONF=KERNNAME
make installkernel KERNCONF=KERNNAME
make installworld
mergemaster
shutdown -r +3
uname -a
df -h
cd /usr/src; make clean
cd /usr/ports; make clean
df -h
The FAQ you never really asked
The Credits
With the exception of the FAQ and Credits all of the above are the commands you will need to issue in order if you want to
do this one step at a time. Please read the whole article. If you have never done this before some of the files need to be
customized.
uname -a
FreeBSD TheBaron.bjh.homenet 4.7-STABLE FreeBSD 4.7-STABLE #0: Sun Oct 13 23:32:36 EDT 2002 root@TheBaron.bjh.homenet:/usr/src/sys/compile/THEBARON i386 |
Please make a note as to what version you are running so when you are done you can see if you actually upgraded.
Definitions here.At the
prompt type:
uname -a
When it is done it will return to a command prompt
cvsup stable-supfile:
The first step to upgrade is to make sure we have the files we need to upgrade. In order to do this I use
cvsup. It is available in the
ports tree. You can also use the
package version if you wish. One way or another you need to
install it.
Once you have installed it. You will need to have a file known as
stable-supfile. I recommend you copy one from the
/usr/share/examples/cvsup/stable-supfile file or the /usr/src/share/examples/cvsup/stable-supfile file. To a simple
location I keep mine in my / directory. You can make a copy with the cp command. type this:
cp /usr/share/examples/cvsup/stable-supfile /stable-supfile
You will need to edit the stable-supfile a little to suit you needs. You can look at an edited stable-supfile
here.
I recommend Easy Editor (ee) when editing files.
ee /stable-supfile
You will need to change the following line:
*default host=CHANGE_THIS.FreeBSD.org
to read like this :
*default host=cvsup3.FreeBSD.org
You should have a line that looks like this:*Addendum* added 6/04/05
*default release=cvs tag=RELENG_4
That will give you the latest STABLE version of 4.x.
That tells cvsup where to go to get the latest stable release files. The rest of the file is already setup to bring
in all the files needed to make a successful trip through Make World. Go to you / directory. If that is where you saved your
stable-supfile and type the following:
cvsup stable-supfile
It will now begin importing all of the file changes it needs for the upgrade. Once it has finished It will return to a prompt
make.conf
Your make.conf is a file that is read during the trip through Make World.
When you issue your make buildworld, make installworld and other make commands on your trip through Make World.The file is
actually located in the /usr/src/etc/defaults/ directory.It needs to be copied over to the /etc/ directory. You can do that
with this command:
cp /usr/src/etc/defaults/make.conf   /etc/make.conf
Once you have copied it you will need to do some editing.
ee /etc/make.conf
Uncomment the following line:
#CFLAGS= -O -pipe
So it looks like this:
CFLAGS= -O -pipe
Press Esc and save the changes.
You can see my make.conf here.
cd /usr/src
This is a change directory (cd) command. You are changing to the /usr/src/
directory. This is where you need to be in order to complete a successful trip through Make World.
Mergemaster -p
This is a prep phase for mergemaster. This a program that goes through your /dev/MAKEDEV file and your /etc/ directory.
Checking for differences between files on your computer and the upgrade files. The program starts by trying to set up a
temp directory. Please take notes on the files that are dealt with. You don't have to write down everything but some notes
on the name of the files would be helpful.Mergemaster -p saves sendmail users and openssh info. Not having that info can cause
errors during make installworld. For the big definition on Mergemaster go
here.At the command prompt type:
mergemaster -p
*** The directory specified for the temporary root environment, /var/tmp/temproot, exists. This can be a security risk if untrusted users have access to the system. Use 'd' to delete the old /var/tmp/temproot and continue Use 't' to select a new temporary root directory Use 'e' to exit mergemaster Default is to use /var/tmp/temproot as is How should I deal with this? [Use the existing /var/tmp/temproot] |
Press Enter ( which means use /var/tmp/temproot ) and you should be good to go. This will keep the temporary root environment
in /var/tmp/temproot. It will now start to compare a large number of files. And show you the differences between them.
Now it is going to start going through your /etc/ directory and /dev/MAKEDEV file .This is the beginning of the hellish part
of Make World. Some notes on what you will see here. Mergemaster brings up the current file on the hard drive and the new
version.If they are the same it smiles and moves on. If they are different it will point out the differences. It brings up
what is different between the files and shows you just the things that are different in the file. It may not need to bring up
everything in the file. The symbols used in Mergemaster:
--- 3 minus symbols in a row usually pertaining to the date of the file installation. I have only seen them at the top of a
file that is to be changed. It means the line next to them really has to be removed.
+++ 3 plus symbols in a row usually pertaining to the date of the file installation. I have only seen them at the top of a
file that is to be changed. It means the line next to them really has to be added (replace the existing line).
@@ means the line numbers that will be affected by the change. @@ -1,5 +1,24 @@ means line 1 and the next 4 lines will
become line 1 and the next 24 lines. Look at the next symbols to understand.
+ means the line that will be added.
- means the line that will be replaced/ removed
.
The mergemaster then brings up this dialogue.
Use 'd' to delete the temporary .name of file Use 'i' to install the temporary .name of file Use 'm' to merge the temporary and installed versions or parts of them. Use 'v' to view the diff results again Default is to leave the temporary file to deal with by hand How should I deal with this? [Leave it for later] |
   'd' will remove any new lines for the file leaving it the way it was. No changes.
   'i' will install all of the new lines and remove all of the old lines.
   'm' will place both old and /or new lines in the file.
   'v' lets you look at it again.
Use 'i' if you want to upgrade. Use 'd' if you don't. Use 'm' if you want to screw with things. And do it without the quotes.
Okay important notes here. If you have custom files in the /etc/ directory And you just click through this without checking.
I can assure you they will be gone when your trip to Make World is done. and you will not have had a good time on
the rides.You did remember to backup didn't you?
So how do I know what to upgrade and what to not upgrade? And what to merge?
My rules of thumb on this is:
The 'd' is for files that I have customized. Files I don't want changes in. Files like
ppp.conf.
The 'i' is for files that I haven't customized that won't affect things I want my FreeBSD box to do. Most of my files in
mergemaster will get this option. Some examples for me are rc.diskless, pam.conf, and rc.syscons. I didn't need to customize
these files and their changes won't affect my box.
The 'm' is pretty cool, scary but cool. I have a file I want some changes in but not all. My example is
motd. I wanted motd to show the new version of FreeBSD, but not the huge
greeting that follows it. It offers you choices:
FreeBSD 4.7-STABLE (THEBARON) #0: S | FreeBSD ?.?.? (UNKNOWN) l: use the left version r: use the right version e l: edit then use the left version e r: edit then use the right version e b: edit then use the left and right versions concatenated e: edit a new version s: silently include common lines v: verbosely include common lines q: quit %r |
See that %r what happened was I got a prompt % and I wanted the right side so I typed r.
and
Welcome to The Baron! | Before seeking technical support, p > > o Security advisories and updated > at http://www.FreeBSD.org/releas > for your release first as it's u > > o The Handbook and FAQ documents a > along with the mailing lists, ca > http://www.FreeBSD.org/search/. > been installed, they're also ava > > If you still have a question or pro > `uname -a', along with any relevant > as a question to the questions@Free > unfamiliar with FreeBSD's directory > man page. If you are not familiar > > You may also use /stand/sysinstall > configuration utility. Edit /etc/m > l: use the left version r: use the right version e l: edit then use the left version e r: edit then use the right version e b: edit then use the left and right versions concatenated e: edit a new version s: silently include common lines v: verbosely include common lines q: quit %l Use 'i' to install merged file Use 'r' to re-do the merge Use 'v' to view the merged file Default is to leave the temporary file to deal with by hand *** How should I deal with the merged file? [Leave it for later] %i |
See that %l that was for left side and %i was to install the merged file
In this case I told it in the upper boxes to use the right version (%r) to show what issue of FreeBSD (?.?.? goes to the new
version) I am using and in the lower setting I used the left version (%l). Then I told it to install the merged version (%i).
Some other things you will also see:
*** There is no installed version of ./etc/login.conf.db Use 'd' to delete the temporary ./etc/login.conf.db Use 'i' to install the temporary ./etc/login.conf.db Default is to leave the temporary file to deal with by hand How should I deal with this? [Leave it for later] |
This means that a new file would like to be added and that there is no current copy of this file. I have always told it to
install ('i' without the quotes people).
When it is done You will see this:
*** Comparison complete Do you wish to delete what is left of /var/tmp/temproot? [no] |
Press Enter (which means no) and you have set up the temporary files. You want to keep those files there for when you go back
into mergemaster at the end.
You get to go through this twice once at the beginning and once at the end and I have seen it choose different files from the
first time to when it has gone through it's make world session. And that folks is the basics of Mergemaster.When it is done
it will go back to a prompt.
make buildworld
Okay it is time for the rides to a more dangerous turn. Make buildworld is the command that tell your computer to grab those
files in /usr/src/ and start putting them together. This will cause a lot of stuff to flash across the screen as it compiles,
uncompresses and sorts through the whole nine yards. These are the files that are connected to the /dev/ and /etc/ and other
directories. These are not the kernel files. This like when a cabinet is built all the parts are formed at a shop away from
your house.At the prompt type:
make buildworld
When it is finished it will return to a prompt.
make buildkernel KERNCONF=KERNNAME
Now we are entering the big drop on the roller coaster ride of make world. Make buildkernel KERNCONF=KERNNAME is the command
that tells the computer to grab the kernel files in /usr/src/ and start
putting them together. Now if you typed it in just like it is shown you will get an error message. KERNNAME is suppose to be
the name of your kernel. If you haven't given your kernel a name you use
GENERIC. So the default is to use GENERIC unlesss you gave your kernel a
name. If you did give your kernel a name such as BOB you would need to replace KERNNAME with BOB. And yes the fact that they
are in capitol letters is important. Make sure yours are also. This would be where the shelves that will go in the cabinet are
built. Nothing is set in place yet.At the prompt type:
make buildkernel KERNCONF=KERNNAME
When it is finished it will return to a prompt.
make installkernel KERNCONF=KERNNAME
Make installkernel KERNCONF=KERNNAME is where the kernel is set into place. This is the core of the FreeBSD operating system.
It is what is read on boot and helps the functions work on the computer. The KERNNAME deal pops up here again remember if you
don't have a custom named kernel you replace KERNNAME with GENERIC. Remember to if you do have a specific KERNNAME it must
be the same as in make buildkernel KERNCONF=KERNNAME. This is the boss file on your computer every other file works for it
. This would be like the shelves going in the cabinet. They are just shelves you say. Shelves are easy to put in. Yes they
are. And they keep everything in the cabinet organized. You will find out if you have no shelves that it is not nearly as
easy to stock the cabinets.At the prompt type:
make installkernel KERNCONF=KERNNAME
When it is finished it will return to a prompt.
make installworld
Okay in make buildworld you built everything. Now you are going to install it. With this command everything starts to fit
itself into place. Lots of gobbledygook flashes across the screen. The cabinet guys come to your house and start installing
the cabinets and the shelves.At the prompt type:
make installworld
When it is finished it will return to a prompt.
mergemaster
Okay we are back here again. Please note that there is no -p switch. The deletes, installs, and merges here are permanent.
This is where what you reviewed earlier in your first mergemaster really happens. It may go through a second time every file
it went through with you before and it may even have a few new ones. The idea is still the same if you didn't customize it.
Just install it. If you did you will have either delete or merge it as described above. Please have your notes from the
previous session ready you did make notes didn't you? Please don't be like the waitress who thinks she can memorize my order
and then come back and say "Could you repeat your order again." Write it down. When it is done you get this again:
*** Comparison complete Do you wish to delete what is left of /var/tmp/temproot? [no] |
This time you tell it yes. Because you are done and don't need the temp files anymore the permanent ones are installed. This
is the beginning of cleaning up the mess. Just like with the cabinets there is going to be some cleaning that should be done.
More on that in a bit.
shutdown -r +3
This is the shutdown reboot command. I tell it that I want the computer
to shutdown in three minutes and then reboot. This prevents a hard shutdown and gives everything a chance to close. You don't
have to make it that long and most everything will happen in the last 10 seconds but I have seen "shutdown -r now" after a
trip through make world screw a few things up. You must reboot for the changes in make world to take place.At the prompt type:
shutdown -r +3
When it has finished you will need to log back on as root..
uname -a
Okay you did the reboot you did log in. And you didn't see any screwed up error messages. Marvelous. Now at the prompt type:
uname -a
This will bring up something like this:
FreeBSD TheBaron.bjh.homenet 4.8-RC FreeBSD 4.8-RC #2: Fri Apr 4 06:43:52 EST 2003 root@TheBaron.bjh.homenet:/usr/obj/usr/src/sys/THEBARON i386 |
Please note that it should be a different version than the one you started with. That was the whole point. Uname displays the
system information the -a switch means give me all of the information.Now that you have done a great job, you have to clean
up. What you don't think you do, look at this:
df-h
At the command prompt you will type df -h and you will see how much space is
used up on your hard disk. So at the command prompt type.
df-h
Filesystem Size Used Avail Capacity Mounted on /dev/ad0s1a 194M 50M 129M 28% / /dev/ad0s1f 992M 513K 913M 0% /tmp /dev/ad0s1g 8.8G 8.1G 921M 93% /usr /dev/ad0s1e 1.9G 14M 1.8G 1% /var procfs 4.0K 4.0K 0B 100% /proc |
That /usr directory is a bit full. There are three things stuff to the hilt in there right now. They are /usr/ports, /usr/src,
and /usr/obj.
cd /usr/src; make clean
The make clean command is the nice way to clean up the source
(src) files used in your trip through Make World. This does a nice neat
clean up. It takes time but when it is done you are worry free. At the prompt type:
cd /usr/src; make clean
When it is finished it will return to a prompt.
cd /usr/ports; make clean
The make clean command is the nice way to clean up the
ports files used in your trip through Make World. This does a nice neat
clean up. It takes time but when it is done you are worry free. At the prompt type:
cd /usr/ports; make clean
When it is finished it will return to a prompt.
Another command you can run is this one, at the prompt type:
find /usr/ports -type d -name 'work' | xargs rm -vrf
That will do the same thing just a little quicker. It takes anything in a 'work' directory in /usr/ports/ and cleans it out.
df -h
Okay let's see how the clean up went at the prompt type:.
df -h
Filesystem Size Used Avail Capacity Mounted on /dev/ad0s1a 194M 50M 129M 28% / /dev/ad0s1f 992M 513K 913M 0% /tmp /dev/ad0s1g 8.8G 2.9G 5.2G 36% /usr /dev/ad0s1e 1.9G 14M 1.8G 1% /var procfs 4.0K 4.0K 0B 100% /proc |
Look at the difference here. And that is with a nice clean up. Not to shabby.
We hope you enjoyed your trip through Make World please come visit again when the next release is issued.
The FAQ you never really asked.
1. What is the && mean?
The && means when you are finished with one thing go and automatically do the next. Provided you don't have any errors. Which
causes the continue functioning to stop.
2. The tables that look like screenshots don't render in my Lynx browser. Are you going to fix that?
No. Blame Lynx not me.
3. How come you included KERNCONF=KERNNAME
when you don't need it for a GENERIC kernel?
While it is true you don't need KERNCONF=KERNNAME for a GENERIC kernel. If you have a custom one and forget to put in
KERNCONF=KERNNAME you will be screwed. Using KERNCONF=KERNNAME is a good habit to get into. Unlike smoking.
4. Something went wrong and I got an error. Can you help me fix it?
Probably not. I am still new to this stuff and I don't get to work or play on FreeBSD boxes all day everyday. You can post it
in Chucktips and/ or
comp.unix.bsd.freebsd.misc and see if you get the answer you need.
You can also post your question in the reply section to this article here. I can't guarentee you will get a quick response let
alone a right one. but I will at least try.
5. Can I post some helpful advice or a suggestion/ comment?
Absolutely. Please do here.
6. I want to upgrade from 4.4 to 4.8 (or some other multi release jump), will what you wrote work?
Yes provided you follow the instructions and backup. Mergemaster is your friend.
7. How come everything says I can delete /usr/obj and you don't?
I don't like deleting it. I use the cd /usr/src; make clean and it does a nice neat job and takes care of /usr/obj without
creating dependency issues.
8. Why don't you drop into single user mode and use the tweaks?
Because you don't have to. Will doing it make your trip through Make World faster, yes. But that means more explaining.
And this is for newbies. Once you have done it a few times, then go into single user mode and use the tweaks.
The Credits
Jason Neuman, who probably
wonders if I am taking all my meds but still lets me post my articles.
acb, who has great ideas and lets me put them in my articles.
Net_Fish, who understands all of this easily and with no effort.As
I have to struggle with it. It just isn't fair.
The Huntsville Macintosh Users Group, who supply most of the man pages.
The GSP, who have some nice man pages. To bad they won't validate under
W3C standards.
The big article on
Make World by Nik Clayton
The FreeBSD handbook section on make world.
comp.unix.bsd.freebsd.misc is a very helpful newsgroup.
University Computing Systems has a nice
glossary of Unix terms.
Kathy Russell with Focus on Unix Guide has a very good
glossary. To bad they have crappy evil pop ups.
The FreeBSD man pages can also be accesed from
here. I can't use them in the glossary
because they won't validate under W3C standards.
The School of Mathematacis had the easy editor man page for my
glossary. I didn't see how many more man pages they had.
The Kiev Polytechnic Institute also has a nice set of
man pages
Visi.com supplies the man page for make.conf.
handicaps
Wednesday, May 27, 2009
The pain before the pay-off
I am not afraid of getting my hand dirty with code, but am at a loss for where to start.
an objective without a strategy remains a dream.
but unfortunately, a strategy without execution remains a dream too.
Tuesday, May 26, 2009
Dates in PHP and MySQL
3rd November 2006
I see a lot of people on forums and on my training courses asking about the best way (or any way) to manage dates stored in a MySQL database and used in PHP. Three options follow, but first the problem.
PHP uses unix timestamps for all its date functionality. It has methods to convert these timestamps into pretty much any text format you could want but internally it uses the timestamp format. A timestamp is simply an unsigned integer. Specifically, it’s the number of seconds that have elapsed since midnight on January 1st 1970 (greenwich mean time).
MySQL has three date types for use in columns. These are DATETIME, DATE, and TIMESTAMP. DATETIME columns store date and time as a string in the form YYYY-MM-DD HH:MM:SS (e.g. 2006-12-25 13:43:15). DATE columns use just the date part of this format - YYYY-MM-DD (e.g. 2006-12-25). TIMESTAMP columns, despite their name, are nothing like the unix timestamps used in PHP. A TIMESTAMP column is simply a DATETIME column that automatically updates to the current time every time the contents of that record are altered. (That’s a simplification but broadly true and the details are not important here). In particular, since version 4.1 of MySQL the TIMESTAMP format is exactly the same as the DATETIME format.
So the problem is how to work with these two very different date formats - the PHP timestamp integer and the MySQL DATETIME string. There’s three common solutions…
1. One common solution is to store the dates in DATETIME fields and use PHPs date() and strtotime() functions to convert between PHP timestamps and MySQL DATETIMEs. The methods would be used as follows -
$mysqldate = date( 'Y-m-d H:i:s', $phpdate );
$phpdate = strtotime( $mysqldate );
2. Our second option is to let MySQL do the work. MySQL has functions we can use to convert the data at the point where we access the database.
UNIX_TIMESTAMP will convert from DATETIME to PHP timestamp and FROM_UNIXTIME will convert from PHP timestamp to DATETIME. The methods are used within the SQL query. So we insert and update dates using queries like this -
$query = "UPDATE table SET
datetimefield = FROM_UNIXTIME($phpdate)
WHERE...";
$query = "SELECT UNIX_TIMESTAMP(datetimefield)
FROM table WHERE...";
3. Our last option is simply to use the PHP timestamp format everywhere. Since a PHP timestamp is an unsigned integer, use an unsigned integer field in MySQL to store the timestamp in. This way there’s no conversion and we can just move PHP timestamps into and out of the database without any issues at all.
Be aware, however, that by using a unsigned integer field to store your dates you loose a lot of functionality within MySQL because MySQL doesn’t know that your dates are dates. You can still sort records on your date fields since php timestamps increase regularly over time, but if you want to use any of MySQL’s date and time functions on the data then you’ll need to use FROM_UNIXTIME to get a MySQL DATETIME for the function to work on.
However, if you’re just using the database to store the date information and any manipulation of it will take place in PHP then there’s no problems.
So finally we come to the choice of which to use. For me, if you don’t need to manipulate the dates within MySQL then there’s no contest and the last option is the best. It’s simple to use and is the most efficient in terms of storage space in the data table and speed of execution when reading and writing the data.
However, some queries will be more complicated because your date is not in a date field (e.g. select all users who’s birthday is today) and you may lose out in the long run. If this is the case it may be better to use either option 1 or 2. Which of these you use depends on whether you’d rather place the work on MySQL or PHP. I tend to use option 2 but there’s no right or wrong answer - take your pick.
So to summarise, for those who’ve skipped straight to the last paragraph, most of the time I use option 3 but occasionally I use option 2 because I need MySQL to know the field contains a date.
Monday, May 25, 2009
LENGTH() and UTF-8
>
> We are storing UTF-8 data in out mysql database and we need to get the
> length of the data. But length() doesn't return the number of characters
> but the pure number of bytes.
>
> SELECT LENGTH('köter') => 6
>
> Currently we are doing something like that:
>
> SELECT LENGTH(CONVERT('köter' USING 'ucs2'))/2;
>
> This works fine but a "real" solution like CHAR_LENGTH() or something like
> that would be really apprectiated.
From http://dev.mysql.com/doc/mysql/en/string-functions.html:
CHAR_LENGTH(str)
Returns the length of the string str, measured in characters. A multi-byte
character counts as a single character. This means that for a string
containing five two-byte characters, LENGTH() returns 10, whereas
CHAR_LENGTH() returns 5.
Look at OCTET_LENGTH() and CHAR_LENGTH(). (While OCTET_LENGTH() is a
synonym, it is the SQL standard way of getting the length of a string
in bytes.)
Jochem
PHP string to image utf-8 unicode
<?php
### str to image.
// Path to our font file
$font = 'mingliu.ttc';
$size = 10;
$width = 465;
$width_padding = 15;
$text = "How To Become A Hacker Why This Document? As editor of the Jargon File, I often get email requests from enthusiastic network newbies asking (in effect) \"how can I learn to be a wizard hacker?\". Oddly enough there don't seem to be any FAQs or Web documents that address this vital question, so here's mine. 身為 Jargon File 的編輯, 常有一些網路新手發 mail 問我 \"如何成為一個厲害的 hacker?\". 但, 很奇怪的, 似乎沒有任何的 FAQs 或 Web documents 說明這麼重要 的問題, 所以我寫了一份我自己的看法. If you are reading a snapshot of this document offline, the current version lives at href=\"http://www.ccil.org/~esr/faqs/hacker-howto.html. 如果你是以 offline 的方式在看這一份文件的某一個版本, 那麼你可以在 \"http://www.ccil.org/~esr/faqs/hacker-howto.html\" 找到這份文件的目前最新版本. What Is A Hacker? 怎麼樣才算是一位 Hacker ?? The Jargon File contains a bunch of definitions of the term 'hacker', most having to do with technical adeptness and a delight in solving problems and overcoming limits. If you want to know how to become a hacker, though, only two are really relevant. 在 Jargon File 裏有一堆關於 'hacker' 這個名詞的定義, 大部份必須是技術上的 行家或熱衷於解決問題, 克服限制的人. 然而, 如果你想知道如何成為一位 hacker, 有兩件事是很有關連的.";
$textArr = _mb_wordwrap($text, $font, $size, $width);
$heightTmp = count($textArr) * 20;
$height = $heightTmp + 50;
$text = '';
foreach ($textArr as $line) {
$text .= $line . "\n";
}
// Create a 300x150 image
$im = imagecreatetruecolor($width + $width_padding, $height);
$black = imagecolorallocate($im, 0, 0, 0);
$white = imagecolorallocate($im, 255, 255, 255);
$red = imagecolorallocate($im, 255, 0, 0);
$green = imagecolorallocate($im, 0, 128, 0);
// Set the background to be white
imagefilledrectangle($im, 0, 0, $width + 20, $height, $white);
$x = 10;
$y = 20;
$angle = 0; // ### The angle in degrees, with 0 degrees being left-to-right reading text. Higher values represent a counter-clockwise rotation. For example, a value of 90 would result in bottom-to-top reading text.
// Write it
imagettftext($im, $size, $angle, $x, $y, $black, $font, $text);
$textTmp = "Copyright © 2009 www.randomdomain.com\n";
$textTmp .= "All right reserved. 版權所有,未經同意,不得翻印";
imagettftext($im, $size, $angle, $x, $y + $heightTmp, $green, $font, $textTmp);
// Set the content-type
// if you want to output to browser, uncomment following line, and remove the file name from next line.
header('Content-type: image/png');
// Using imagepng() results in clearer text compared with imagejpeg()
imagepng($im);
imagedestroy($im);
/**
* Mickey9801 at ComicParty dot com:
* Most of functions shared here seems only work with western language and
* is not suitable for multibyte characters (like Chinese). I have written
* a function using mb_string functions to match the need of multibyte character
* word wrapping.
* I also added some machanism so that English word won't be cut off at the
* end of line. Of couse you must use unicode string on GD.
* @param
* @return
*/
function _mb_wordwrap($txt,$font,$size,$width, $encoding = 'UTF-8') {
$pointer = 0;
$this_line_start = 0;
$this_line_strlen = 1;
$single_byte_stack = "";
$result_lines = array();
$txtLen = mb_strlen($txt, 'UTF-8');
while ($pointer <= $txtLen) {
$this_char = mb_substr($txt, $pointer, 1, $encoding);
$tmp_line = mb_substr($txt, $this_line_start, $this_line_strlen, $encoding);
$tmp_line_bbox = imagettfbbox($size,0 ,$font ,$tmp_line);
$this_line_width = $tmp_line_bbox[2]-$tmp_line_bbox[0];
if ($this_line_width > $width) {
// If last word is alphanumeric, put it to next line rather then cut it off
if ($single_byte_stack != "") {
$stack_len = mb_strlen($single_byte_stack, $encoding);
$this_line_strlen -= $stack_len;
$pointer -= $stack_len;
}
$result_lines[] = mb_substr($txt, $this_line_start, $this_line_strlen-1, $encoding);
$this_line_start = $pointer;
$this_line_strlen = 1;
$single_byte_stack = "";
} else {
// Prevent to cut off english word at the end of line
// if this character is a alphanumeric character or open bracket, put it into stack
if (
(ord($this_char)>=48 && ord($this_char)<=57) ||
(ord($this_char)>=65 && ord($this_char)<=91) ||
(ord($this_char)>=97 && ord($this_char)<=123) ||
ord($this_char)==40 ||
ord($this_char)==60 ||
($single_byte_stack=="" && (ord($this_char)==34 || ord($this_char)==39))
) $single_byte_stack .= $this_char;
else $single_byte_stack = ""; // Clear stack if met multibyte character and not line end
$this_line_strlen++;
$pointer++;
}
}
// Move remained word to result
$result_lines[] = mb_substr($txt, $this_line_start, $txtLen, $encoding);
return $result_lines;
}
?>
Sunday, May 24, 2009
Diskpart differs from many command-line
Back to the top
Comparison with Disk Management
Diskpart enables a superset of the actions that are supported by the Disk Management snap-in. The Disk Management snap-in prohibits you from inadvertently performing actions that may result in data loss. It is recommended that you use the Diskpart utility cautiously because Diskpart enables explicit control of partitions and volumes.
You can use Diskpart to convert a basic disk to a dynamic disk. The basic disk can either be empty or contain either primary partitions or logical drives. The basic disk can be a data disk or system or boot drive. The basic disk cannot have fault-tolerant disk driver (FtDisk) sets such as stripes or mirrors. To convert basic disks that have FtDisk driver sets, use Disk Management on Windows 2000 or convert the disk before you upgrade to Windows XP.
You can use Diskpart to convert a dynamic disk to a basic disk. You must delete any dynamic volumes before the conversion process. It is not recommended that you delete partitions on a dynamic disk except in emergency situations. It is recommended that you delete all volumes on the drive, and then convert the disk to basic. You must delete all dynamic data partitions. Also, never mix the basic primary and dynamic partitions on the same drive. If you do so, the computer may be unable to restart.
You can use Diskpart to create a partition at an explicit disk offset. The Disk Management snap-in places the partition at the end of any occupied area or on the first sufficiently large area. On master boot record (MBR) disks, the partition offset and the size are rounded to preserve the required cylinder alignment. Offsets are rounded to the closest valid value, and the size is always rounded up to the next valid value. Diskpart does not assign a drive letter to a newly created partition. Use the assign command to assign either a mount point or a drive letter.
Diskpart follows the same policy as the snap-in. Dynamic disks can only be created on fixed disks. You cannot convert removable disks, such as 1394 or universal serial bus (USB) drives, to dynamic disks.
Diskpart permits certain partition deletion operations that are blocked by the snap-in. For example, you can use Diskpart to delete MBR OEM partitions. However, these partitions often contain files that are important to the platform operation. Diskpart blocks the deletion of the current system, boot, or paging volumes and partitions. Also, Diskpart blocks deletion of the partitions that underlie dynamic disks.
You cannot use Diskpart to create a partition on removable media. Windows supports at most one MBR partition on removable media. If the media is manufactured with an MBR, that MBR cannot be altered, but the MBR is followed even if multiple partitions or logical drives are configured. If the media is manufactured without an MBR, the media is treated as a "superfloppy" and no partition structure is written to the media.
The drive letter for a removable drive is associated with the drive, and not with the media. You can use Diskpart to change the drive letter.
Diskpart causes disk signatures, GUID partition table (GPT) disk globally unique identifiers (GUIDs), and GPT partition GUIDs to be generated. You cannot explicitly set these items by using Diskpart.
The Diskpart utility (like the snap-in) includes support for the new Itanium disk partition scheme called GPT. You cannot use GPT disks on any x86-based Windows XP-based or Windows 2000-based computers. Diskpart enables the conversion of GPT partitioning to MBR partitioning only for empty disks.
You can use Diskpart to delete missing dynamic disks. Dynamic disks contain a shared database; all of the dynamic disks on a computer have knowledge of all other dynamic disks on that computer. When dynamic disks are moved, the original computer considers theses disks as "missing".
Drive letters are not automatically assigned when you use Diskpart. To ensure that a given partition or volume has a drive letter, you must explicitly assign a drive letter. You can either assign the drive letter or allow the next available drive letter to be allocated.
Tuesday, May 19, 2009
IsNumeric() clause in MySQL??
Posted by: Cassiano ()
Date: September 10, 2004 12:08PM
How can i test if a field has a numeric data type, at SQLServer i use IsNumeric() clause, what can i use in MySQL?
============================
Re: IsNumeric() clause in MySQL??
Posted by: Homam Alsayed ()
Date: February 02, 2005 01:37PM
The condition:
WHERE IsNumeric(SomeColumn) = 1
is bascially equivalent to:
WHERE CONVERT(SomeColumn, SIGNED INTEGER) IS NOT NULL
The only snag is you can only check for integers.
=============================
Re: IsNumeric() clause in MySQL??
Posted by: Cai Black ()
Date: January 07, 2009 11:34AM
Oops! Henri's does work fine. My enhancements then are the following:
* removing the space between the function name and the parentheses
* adding the size to the datatype: TINYINT(1)
* indicating that the function is deterministic: DETERMINISTIC
* replacing the range '{0,1}' with a '?'
CREATE FUNCTION ISNUMERIC(myVal VARCHAR(1024))
RETURNS TINYINT(1) DETERMINISTIC
RETURN myVal REGEXP '^(-|\\+)?([0-9]+\\.[0-9]*|[0-9]*\\.[0-9]+|[0-9]+)$';
Sorry for any confusion that my previous post may have caused.
---
Cai Black
Edited 1 time(s). Last edit at 01/07/2009 11:42AM by Cai Black.
Backup FreeBSD
Ok, this is defiantly worth writing... especially for new users
Here i will cover how to backup/restore (to file) FreeBSD using native utilities called dump and restore
note: dump and restore works only for UFS (aka FFS)
Backing up system
To backup system you need to use dump utility
backup:
Code:
$ dump -0Lauf /path/to/backups/ad0s1d.dump /dev/ad0s1d
Backup and compress on the fly
Code:
$ dump -0Lauf - /dev/ad0s1d | bzip2 > /path/to/backups/ad0s1d.dump
-0 - means to backup entire filesystem
-f name - output to file/device, or to stdout if you use -
-a - you need this if you output to file.
-L - needed if you backup mounted filesystem
Restoring system
to restore system restart in single user mode
format filesystem that you want to restore
in backup example, we backed up /dev/ad0s1d, so let's format it now
Code:
$ newfs -U /dev/ad0s1d
now you need to mount it
Code:
$ mkdir /mnt/target
$ mount /dev/ad0s1d /mnt/target
Let's imagine you backed up files to usb stick (da0, in root directory)
we need to mount it
Code:
$ mount -t msdosfs /dev/da0 /mnt/usb
Important note: you need space in temp to be able to restore
if you run out of space in tmp, mount some filesystem somewhere and
create symbolic links from /tmp and /var/tmp to that mount point
now to restore from backup you need to cd to dir where you mounted partition that you want to restore
Code:
$ cd /mnt/target
to restore from uncompressed backup
Code:
$ restore -rf /mnt/usb/ad0s1d.dump
to restore from compressed backup
Code:
$ bzcat /mnt/usb/ad0s1d.dump.bz2 | restore -rf -
And that is it
now you can delete file dumpdates (or something like that, check for weird file in target directory, in our case /mnt/target)
now unmount filesystems and reboot
Some notes
you can do incremental backups - backup everything and then backup only files that have changed since (on current backup level) see manual for more info
you can use dump/restore to clone your system to other PC's
you will probably need to copy Master Boot Record (MBR) as well
to backup MBR:
Code:
$ dd if=/dev/ad0 of=/path/to/mbr.img bs=512 count=1
to restore MBR:
Code:
$ dd if=/path/to/mbr.img of=/dev/ad0 bs=512 count=1
Tips
* I prefer to compress backup, you can guess why
* if you backup /usr you may delete content of ports directory
this will speed up backup process, and reduce size of backup...
It's good thing because by the time you will restore /usr from backups
/usr/ports will be outdated, and you will need to update them anyway.
And portsnap works very well (fast) in fetching ports
* I prefer to do full backups, that way you can be 100% sure, there won't
be any confusing situations
* if you want to do backups while using filesystem, make sure you haven't
deleted .snap directory, on partition that you want to backup
* if you have backed up encrypted drive, you need to somehow encrypt backups
because if someone gets these files, he can restore them to his pc, and read your files at will. (I used this method in FreeBSD + Geli guide, to encrypt drive, but process can be reversed)
Resources
dump(8)
restore(8)
Update 1
Moving system
You can move system from disk to disk on fly with
Code:
$ newfs -U /dev/ad2s1a
$ mount /dev/ad2s1a.... /target
$ cd /target
$ dump -0Lauf - /dev/ad1s1a | restore -rf -
you can do the same using sudo
Code:
$ sudo echo
$ sudo dump -0Lauf - /dev/ad1s1a | sudo restore -rf -
Update 2
as OpenBSD suggests using gzip instead of bzip2 will seed up compression at cost of larger (very little) archives
so now i suggest using gzip to compress and zcat to uncompress on fly
I've tested it, and i was amazed.
No more Bzip2 for me
Last edited by killasmurf86; April 18th, 2009 at 22:57. Reason: fix
Reply With Quote
The Following 12 Users Say Thank You to killasmurf86 For This Useful Post:
aleksb (November 19th, 2008), ctg (November 19th, 2008), edhunter (January 9th, 2009), estrabd (December 4th, 2008), fender0107401 (November 21st, 2008), pamdirac (April 23rd, 2009), rbelk (February 10th, 2009), rocky (March 27th, 2009), SPlissken (March 17th, 2009), susanth (November 21st, 2008), xserg86 (December 19th, 2008), z0ran (April 21st, 2009)
killasmurf86
View Public Profile
Send a private message to killasmurf86
Visit killasmurf86's homepage!
Find all posts by killasmurf86
#2
Old November 17th, 2008, 01:53
dave's Avatar
dave dave is offline
Junior Member
Join Date: Nov 2008
Posts: 60
Thanks: 13
Thanked 3 Times in 3 Posts
Default
Super helpful!
Reply With Quote
dave
View Public Profile
Send a private message to dave
Find all posts by dave
#3
Old November 17th, 2008, 03:46
abarmot's Avatar
abarmot abarmot is offline
Junior Member
Join Date: Nov 2008
Posts: 19
Thanks: 1
Thanked 0 Times in 0 Posts
Default
yeah, thanks a lot for how-to!!
Reply With Quote
abarmot
View Public Profile
Send a private message to abarmot
Find all posts by abarmot
#4
Old November 17th, 2008, 08:47
thortos's Avatar
thortos thortos is offline
Junior Member
Join Date: Nov 2008
Location: Germany
Posts: 12
Thanks: 8
Thanked 3 Times in 2 Posts
Exclamation
This strategy will probably fail for every server being used more than marginally. Especially dumping databases that are in use (such as Postgres or mySQL data directories) will yield inconsistent results and most likely result in non-working databases after recovery.
While I am aware that important databases are to be replicated live onto backup servers, I want to illustrate that this dump-while-in-use strategy is best used for desktops or low-profile servers, not for heavily-used systems.
How do you people handle the backups of your servers? I'm running a set of customized backup scripts per server that tar important directories and scp them to the backup server, starting and stopping daemons as needed, but obviously that's not for anyone with uptime requirements. I also have many servers running in VMware and use that to snapshot the VMs regularly and scp them to the backup server.
Reply With Quote
thortos
View Public Profile
Send a private message to thortos
Find all posts by thortos
#5
Old November 17th, 2008, 11:07
killasmurf86's Avatar
killasmurf86 killasmurf86 is online now
Member
Join Date: Nov 2008
Location: Riga, Latvia
Posts: 751
Thanks: 87
Thanked 88 Times in 56 Posts
Default
Quote:
Originally Posted by thortos View Post
This strategy will probably fail for every server being used more than marginally. Especially dumping databases that are in use (such as Postgres or mySQL data directories) will yield inconsistent results and most likely result in non-working databases after recovery.
While I am aware that important databases are to be replicated live onto backup servers, I want to illustrate that this dump-while-in-use strategy is best used for desktops or low-profile servers, not for heavily-used systems.
How do you people handle the backups of your servers? I'm running a set of customized backup scripts per server that tar important directories and scp them to the backup server, starting and stopping daemons as needed, but obviously that's not for anyone with uptime requirements. I also have many servers running in VMware and use that to snapshot the VMs regularly and scp them to the backup server.
Thanks for your reply
I use FreeBSD as desktop, so this is more desktop-oriented guide
You made some very good points....
Reply With Quote
killasmurf86
View Public Profile
Send a private message to killasmurf86
Visit killasmurf86's homepage!
Find all posts by killasmurf86
#6
Old November 18th, 2008, 07:12
zszalbot zszalbot is offline
Junior Member
Join Date: Nov 2008
Location: Poland
Posts: 1
Thanks: 0
Thanked 1 Time in 1 Post
Default
Quote:
Originally Posted by thortos View Post
How do you people handle the backups of your servers? I'm running a set of customized backup scripts per server that tar important directories and scp them to the backup server, starting and stopping daemons as needed, but obviously that's not for anyone with uptime requirements. I also have many servers running in VMware and use that to snapshot the VMs regularly and scp them to the backup server.
I use a script called automysqlbackup. It works quite well and it suits my needs.
http://sourceforge.net/projects/automysqlbackup/
Yours,
Zbigniew Szalbot
Reply With Quote
The Following User Says Thank You to zszalbot For This Useful Post:
thortos (November 20th, 2008)
zszalbot
View Public Profile
Send a private message to zszalbot
Find all posts by zszalbot
#7
Old November 18th, 2008, 07:30
soko1's Avatar
soko1 soko1 is offline
Junior Member
Join Date: Nov 2008
Location: Belarus/Minsk
Posts: 14
Thanks: 0
Thanked 14 Times in 3 Posts
Default
Poor /sbin/dump that does not support uzip (geom_uzip.ko) = (
Reply With Quote
soko1
View Public Profile
Send a private message to soko1
Visit soko1's homepage!
Find all posts by soko1
#8
Old November 18th, 2008, 09:21
killasmurf86's Avatar
killasmurf86 killasmurf86 is online now
Member
Join Date: Nov 2008
Location: Riga, Latvia
Posts: 751
Thanks: 87
Thanked 88 Times in 56 Posts
Default
read my 1st post again
Code:
$ bzcat /mnt/usb/ad0s1d.dump.bz2 | restore rf -
Reply With Quote
killasmurf86
View Public Profile
Send a private message to killasmurf86
Visit killasmurf86's homepage!
Find all posts by killasmurf86
#9
Old November 18th, 2008, 18:28
Mel_Flynn Mel_Flynn is offline
Member
Join Date: Nov 2008
Location: Yverdon, Switzerland
Posts: 374
Thanks: 7
Thanked 59 Times in 51 Posts
Default
The attached script, runs a weekly full backup, and incrementals 1-6 for the other days. It can compress locally (the machine being backed up has faster CPU then the backup machine) or remotely.
All this, from the daily periodic. Primarily useful for desktops that are on during the night or where the owner has chosen a different time for daily to run.
The full back up can take a very long time, naturally depending on ammount of data, CPU speed for compression and network transfer speed.
Attached Files
File Type: txt 201.backup-disks.sh.txt (3.8 KB, 58 views)
Reply With Quote
The Following User Says Thank You to Mel_Flynn For This Useful Post:
michaelb (December 21st, 2008)
Mel_Flynn
View Public Profile
Send a private message to Mel_Flynn
Find all posts by Mel_Flynn
#10
Old November 18th, 2008, 20:29
killasmurf86's Avatar
killasmurf86 killasmurf86 is online now
Member
Join Date: Nov 2008
Location: Riga, Latvia
Posts: 751
Thanks: 87
Thanked 88 Times in 56 Posts
Default
Mel_Flynn#
Quote:
# dd is necessary, because bzip2 cannot "compress STDIN to
#named file"
if i understand you right, there's what i say about it:
you can compress stdin to file (simplified)
Code:
dump -0Lauf - /dev/da0s1a | bzip2 > /path/to/backup.img.bz2
Reply With Quote
killasmurf86
View Public Profile
Send a private message to killasmurf86
Visit killasmurf86's homepage!
Find all posts by killasmurf86
#11
Old November 19th, 2008, 11:43
fxp fxp is offline
Junior Member
Join Date: Nov 2008
Posts: 10
Thanks: 1
Thanked 0 Times in 0 Posts
Default
Mysql backup:
Code:
Stop mysql
make snapshot
Start mysql
do dump
Reply With Quote
fxp
View Public Profile
Send a private message to fxp
Find all posts by fxp
#12
Old November 19th, 2008, 12:25
abarmot's Avatar
abarmot abarmot is offline
Junior Member
Join Date: Nov 2008
Posts: 19
Thanks: 1
Thanked 0 Times in 0 Posts
Default
fxp, do not need to stop mysql.
mysqldump lockes tables while dumping...
Reply With Quote
abarmot
View Public Profile
Send a private message to abarmot
Find all posts by abarmot
#13
Old November 19th, 2008, 18:15
Mel_Flynn Mel_Flynn is offline
Member
Join Date: Nov 2008
Location: Yverdon, Switzerland
Posts: 374
Thanks: 7
Thanked 59 Times in 51 Posts
Default
Quote:
Originally Posted by killasmurf86 View Post
Mel_Flynn#
if i understand you right, there's what i say about it:
you can compress stdin to file (simplified)
Code:
dump -0Lauf - /dev/da0s1a | bzip2 > /path/to/backup.img.bz2
Yes, but this doesn't really work well with all shells. At least I had problems with it a few years back when i wrote it. Things may have improved since then, but I kept it to see the difference in transfer speed that dump and dd report:
Code:
DUMP: finished in 68 seconds, throughput 1796 KBytes/sec
DUMP: level 3 dump on Wed Nov 19 03:22:39 2008
DUMP: DUMP IS DONE
53795+1 records in
53795+1 records out
27543432 bytes transferred in 269.804762 secs (102087 bytes/sec)
Reply With Quote
Mel_Flynn
View Public Profile
Send a private message to Mel_Flynn
Find all posts by Mel_Flynn
#14
Old November 19th, 2008, 20:19
killasmurf86's Avatar
killasmurf86 killasmurf86 is online now
Member
Join Date: Nov 2008
Location: Riga, Latvia
Posts: 751
Thanks: 87
Thanked 88 Times in 56 Posts
Default
well, you used
#!/bin/sh
in your script, which means it MUST work everywhere the same, unless someone have replaced sh with something else.
and it doesn't matter under which shell you launch script, because it'll be run in SH
Reply With Quote
killasmurf86
View Public Profile
Send a private message to killasmurf86
Visit killasmurf86's homepage!
Find all posts by killasmurf86
#15
Old November 20th, 2008, 00:55
gelraen gelraen is offline
Junior Member
Join Date: Nov 2008
Location: Ukraine, Kyiv
Posts: 25
Thanks: 1
Thanked 1 Time in 1 Post
Default
Quote:
Originally Posted by killasmurf86 View Post
well, you used
#!/bin/sh
in your script, which means it MUST work everywhere the same, unless someone have replaced sh with something else.
and it doesn't matter under which shell you launch script, because it'll be run in SH
Only if launch it as binary. When you run it like "source ./myscript" it will be parsed by current shell
Reply With Quote
gelraen
View Public Profile
Send a private message to gelraen
Find all posts by gelraen
#16
Old November 20th, 2008, 06:13
killasmurf86's Avatar
killasmurf86 killasmurf86 is online now
Member
Join Date: Nov 2008
Location: Riga, Latvia
Posts: 751
Thanks: 87
Thanked 88 Times in 56 Posts
Default
Quote:
Originally Posted by gelraen View Post
Only if launch it as binary. When you run it like "source ./myscript" it will be parsed by current shell
now, why would you like to do that?
Reply With Quote
killasmurf86
View Public Profile
Send a private message to killasmurf86
Visit killasmurf86's homepage!
Find all posts by killasmurf86
#17
Old November 21st, 2008, 03:01
fender0107401's Avatar
fender0107401 fender0107401 is offline
Junior Member
Join Date: Nov 2008
Location: China, Tian Jin
Posts: 97
Thanks: 14
Thanked 2 Times in 2 Posts
Default
Thank you for the post, I just need a system backup solution.
I think backup is an important part of the system administration, though you may never need the backup data.
__________________
Just be yourself!
Reply With Quote
fender0107401
View Public Profile
Send a private message to fender0107401
Find all posts by fender0107401
#18
Old November 21st, 2008, 05:01
killasmurf86's Avatar
killasmurf86 killasmurf86 is online now
Member
Join Date: Nov 2008
Location: Riga, Latvia
Posts: 751
Thanks: 87
Thanked 88 Times in 56 Posts
Default
Quote:
Originally Posted by fender0107401 View Post
Thank you for the post, I just need a system backup solution.
I think backup is an important part of the system administration, though you may never need the backup data.
as a FreeBSD desktop user, i experiment a lot. And backups saves my tons of time.
Reply With Quote
killasmurf86
View Public Profile
Send a private message to killasmurf86
Visit killasmurf86's homepage!
Find all posts by killasmurf86
#19
Old November 21st, 2008, 08:31
fender0107401's Avatar
fender0107401 fender0107401 is offline
Junior Member
Join Date: Nov 2008
Location: China, Tian Jin
Posts: 97
Thanks: 14
Thanked 2 Times in 2 Posts
Default
Quote:
Originally Posted by killasmurf86 View Post
as a FreeBSD desktop user, i experiment a lot. And backups saves my tons of time.
I am desktop user too, and I never experiment any terrible things (except several kernel panic for my mp3-player, but other usb device is normal).
Maybe the reason is the time that I use it is very short (since june) and I prefer the security_release branch.
__________________
Just be yourself!
Reply With Quote
fender0107401
View Public Profile
Send a private message to fender0107401
Find all posts by fender0107401
#20
Old November 21st, 2008, 12:14
blackjack blackjack is offline
Junior Member
Join Date: Nov 2008
Location: Mother Ukraine
Posts: 19
Thanks: 0
Thanked 1 Time in 1 Post
Default
This my script for dumpfilesystems. It run every day at 4:00 AM.
Code:
cat /root/dumpfs.sh
#!/bin/sh
fl=`date "+%d-%m-%Y"`
path="/backup/dumpfs"
#root file system
/sbin/dump -0 -L -f - /dev/ad4s1a > $path/rootfs/dump_ad4s1a_${fl}.img
tar cfz $path/rootfs/dump_ad4s1a_${fl}.tar.gz $path/rootfs/dump_ad4s1a_${fl}.img
rm -f $path/rootfs/dump_ad4s1a_${fl}.img
chmod 400 $path/rootfs/dump_ad4s1a_${fl}.tar.gz
#home
/sbin/dump -0 -L -f - /dev/ad4s1f > $path/home/dump_ad4s1f_${fl}.img
tar cfz $path/home/dump_ad4s1f_${fl}.tar.gz $path/home/dump_ad4s1f_${fl}.img
rm -f $path/home/dump_ad4s1f_${fl}.img
chmod 400 $path/home/dump_ad4s1f_${fl}.tar.gz
#usr
/sbin/dump -0 -L -f - /dev/ad4s1e > $path/usr/dump_ad4s1e_${fl}.img
tar cfz $path/usr/dump_ad4s1e_${fl}.tar.gz $path/usr/dump_ad4s1e_${fl}.img
rm -f $path/usr/dump_ad4s1e_${fl}.img
chmod 400 $path/usr/dump_ad4s1e_${fl}.tar.gz
#var
/sbin/dump -0 -L -f - /dev/ad4s1d > $path/var/dump_ad4s1d_${fl}.img
tar cfz $path/var/dump_ad4s1d_${fl}.tar.gz $path/var/dump_ad4s1d_${fl}.img
rm -f $path/var/dump_ad4s1d_${fl}.img
chmod 400 $path/var/dump_ad4s1d_${fl}.tar.gz
And this script for backup MYSQL databses.
Code:
cat /root/backup_db.sh
#!/bin/sh
passwd_root_mysql='password'
fl=`date "+%d-%m-%Y"`
#billing database
/usr/local/bin/mysqldump -Q --add-locks -u root --default-character-set=cp1251 --password=${passwd_root_mysql} bill > /backup/db/bill/bill_${fl}.sql
tar cfz /backup/db/bill/bill_${fl}.tar.gz /backup/db/bill/bill_${fl}.sql
rm -f /backup/db/bill/bill_${fl}.sql
chmod 400 /backup/db/bill/bill_${fl}.tar.gz
#all databases
/usr/local/bin/mysqldump --set-charset --all-databases -u root --password=${passwd_root_mysql} > /backup/db/all/all_databases_${fl}.sql
tar cfz /backup/db/all/all_databases_${fl}.tar.gz /backup/db/all/all_databases_${fl}.sql
rm -f /backup/db/all/all_databases_${fl}.sql
chmod 400 /backup/db/all/all_databases_${fl}.tar.gz
#old_base
/usr/local/bin/mysqldump -Q --add-locks -u root --default-character-set=cp1251 --password=${passwd_root_mysql} old_base > /backup/db/old_base/old_base_${fl}.sql
tar cfz /backup/db/old_base/old_base_${fl}.tar.gz /backup/db/old_base/old_base_${fl}.sql
rm -f /backup/db/old_base/old_base_${fl}.sql
chmod 400 /backup/db/old_base/old_base_${fl}.tar.gz
Reply With Quote
blackjack
View Public Profile
Send a private message to blackjack
Find all posts by blackjack
#21
Old November 21st, 2008, 13:04
Mel_Flynn Mel_Flynn is offline
Member
Join Date: Nov 2008
Location: Yverdon, Switzerland
Posts: 374
Thanks: 7
Thanked 59 Times in 51 Posts
Default
Quote:
Originally Posted by killasmurf86 View Post
well, you used
#!/bin/sh
in your script, which means it MUST work everywhere the same, unless someone have replaced sh with something else.
and it doesn't matter under which shell you launch script, because it'll be run in SH
No. The shell redirect is on the target machine and passed on from ssh's command line parsing. All I remember is that it wouldn't work to a BSDi 4.1 host, nor an AIX host, but I can't for the life of me remember the error message.
echo foo|ssh host "cat - >/tmp/out"
works now, didn't work then.
Come to think of it, it's possible it was caused by a shell wrapper.
Reply With Quote
Mel_Flynn
View Public Profile
Send a private message to Mel_Flynn
Find all posts by Mel_Flynn
#22
Old December 12th, 2008, 09:39
killasmurf86's Avatar
killasmurf86 killasmurf86 is online now
Member
Join Date: Nov 2008
Location: Riga, Latvia
Posts: 751
Thanks: 87
Thanked 88 Times in 56 Posts
Default
UPDATE 2
as OpenBSD suggests using gzip instead of bzip2 will seed up compression at cost of larger (very little) archives
so now i suggest using gzip to compress and zcat to uncompress on fly
I've tested it, and i was amazed.
No more Bzip2 for me
P.S. can admin/moderator integrate this in original post (#1)
__________________
If FVWM can't do it, no Window Manager can..
If you have solved your problem, plz add [SOLVED] tag to your thread
Reply With Quote
killasmurf86
View Public Profile
Send a private message to killasmurf86
Visit killasmurf86's homepage!
Find all posts by killasmurf86
#23
Old December 14th, 2008, 22:38
nakal's Avatar
nakal nakal is offline
Junior Member
Join Date: Nov 2008
Location: Germany
Posts: 19
Thanks: 8
Thanked 2 Times in 2 Posts
Default
I would not backup MBRs like you suggested, except you expect to restore things on the same drive again. MBR stores the drive geometry and partitioning information.
When you restore to a fresh drive, after a drive failure for example, it is a better idea to use fdisk, bsdlabel and eventually boot0cfg, in case you want a boot manager.
It is also possible to use gpart now. These is my preferred way to partition drives at the moment. For more information, how to use GPT partitions on i386 and amd64 and boot from them, read the article on my website: http://m8d.de/news/freebsd-on-gpt.php. It's a bit tricky, but you rather have to understand what I do there, not repeat the steps line by line.
Reply With Quote
The Following User Says Thank You to nakal For This Useful Post:
killasmurf86 (December 15th, 2008)
nakal
View Public Profile
Send a private message to nakal
Find all posts by nakal
#24
Old December 15th, 2008, 04:40
killasmurf86's Avatar
killasmurf86 killasmurf86 is online now
Member
Join Date: Nov 2008
Location: Riga, Latvia
Posts: 751
Thanks: 87
Thanked 88 Times in 56 Posts
Default
Quote:
Originally Posted by nakal View Post
I would not backup MBRs like you suggested, except you expect to restore things on the same drive again. MBR stores the drive geometry and partitioning information.
When you restore to a fresh drive, after a drive failure for example, it is a better idea to use fdisk, bsdlabel and eventually boot0cfg, in case you want a boot manager.
It is also possible to use gpart now. These is my preferred way to partition drives at the moment. For more information, how to use GPT partitions on i386 and amd64 and boot from them, read the article on my website: http://m8d.de/news/freebsd-on-gpt.php. It's a bit tricky, but you rather have to understand what I do there, not repeat the steps line by line.
ye, thank you for reminding me.... (i really forgot about this)
btw, i don't backup my MBR, if anything i use sysinstall to rebuild partitions on drive and then press "w" in fdisk editor.
It will write partition table to disk and ask for loader, pick MBR or FreeBSD loader, and exit sysinstall.
Then i just use bsdlabel to rebuild labels and that is it.
After that newfs and restore
__________________
If FVWM can't do it, no Window Manager can..
If you have solved your problem, plz add [SOLVED] tag to your thread
Reply With Quote
killasmurf86
View Public Profile
Send a private message to killasmurf86
Visit killasmurf86's homepage!
Find all posts by killasmurf86
#25
Old December 20th, 2008, 01:18
sim's Avatar
sim sim is offline
Junior Member
Join Date: Nov 2008
Posts: 18
Thanks: 1
Thanked 0 Times in 0 Posts
Default
Quote:
Originally Posted by thortos View Post
How do you people handle the backups of your servers? I'm running a set of customized backup scripts per server that tar important directories and scp them to the backup server, starting and stopping daemons as needed, but obviously that's not for anyone with uptime requirements. I also have many servers running in VMware and use that to snapshot the VMs regularly and scp them to the backup server.
I backup my servers using rsnapshot from my archive server:
On each client server, a nightly cron makes a snapshot of each filesystem and mounts them on /snapped_fs (/snapped_fs/, /snapped_fs/usr/, /snapped_fs/var/ etc). So I always have yesterday's complete filetree, mounted and frozen in time. When my archive server connects for the nightly rsnapshot, it syncs the frozen tree, not the live tree. Filesystem snapshots are supposed to be consistent.
Just to be sure, another nightly cron also runs pg_dumpall. PostgreSQL dumps are point-in-time, consistent dumps which don't require the server to stop or lock any tables. I keep the last 15 dumps, and these are of course part of the filesystem snapshot so they get copied with rsnapshot.
It's getting late, I wonder if that makes sense lol!
/sim
Reply With Quote
Monday, May 18, 2009
我,身心頑強
「他的人生,跟電影一樣精彩。」
「安藤這個人認為,人要有挑戰才會感動不斷。」
「每個人的一生,都要有一段渾然忘我的時間……這樣才能全力衝刺完成任何事情,所以六十歲的我,還是認為自己可以全力以赴。」
我,身心頑強
FreeBSD Network interfaces
Nick Rogness nick@rogness.net
Introduction
So what is a network interface? In plain old english, it is a logical reference to underlying network hardware. They comprise the lowest layer of the networking subsystem, interacting with the actual transport hardware.
Network Interface Concepts
It is important to understand network interfaces as they are the key to talking to your network hardware (like Ethernet, token-ring,ATM,etc). Different network interfaces may support one or more different protocol families, such as TCP/IP, IPX, etc.
Ifconfig The main utility for inspecting and configuring a network interface is ifconfig. First lets look at viewing all interfaces:
# ifconfig -a
xl0: flags=8843 mtu 1500
options=3
inet 205.238.129.221 netmask 0xfffffffc broadcast 205.238.129.223
inet6 fe80::250:daff:fe77:cc77%xl0 prefixlen 64 scopeid 0x1
ether 00:50:da:77:cc:77
media: Ethernet autoselect (100baseTX )
status: active
lp0: flags=8810 mtu 1500
ppp0: flags=8010 mtu 1500
sl0: flags=c010 mtu 552
faith0: flags=8002 mtu 1500
lo0: flags=8049 mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
inet 127.0.0.1 netmask 0xff000000
Ah, it appears I have several interfaces: xl0,lp0,ppp0,sl0,faith0,and lo0. What do they all mean? First lets talk about the loopback interface, lo0. This is a special interface for communicating with itself. It always has the IP address 127.0.0.1. All of the other interfaces (except xl0) will be ignored for now but I will give a brief description:
lp0 -> printer interface
ppp0 -> PPP interface
sl0 -> slip interface
faith0 -> IPv6 interface
Now, xl0. I chose to look at xl0 because it is the logical reference to my ethernet network card I have installed in my machine. This is not to say that every network card in FreeBSD will be referenced by xl0. Unlike Linux, each corresponding Ethernet chipset driver is referenced differently in FreeBSD. A full list is located in the kernel LINT file. I happen to be using a 3com network card, for which the xl driver has been written. therefore, my network card is referenced by xl0, meaning the first 3com network card in the machine. If I added another 3com network card to my box, it would show up as xl1, add another and get xl2, etc, etc. I can get more information from the kernel dmesg.boot file like so:
# grep xl0 /var/run/dmesg.boot
xl0: <3Com 3c905C-TX Fast Etherlink XL> port 0x9000-0x907f mem 0xf6800000-0xf680007f irq 9 at device 10.0 on pci1
xl0: Ethernet address: 00:50:da:77:cc:77
miibus0: on xl0
This is what the kernel probe found at boot time.
Lets look again at just the xl0 ifconfig output:
# ifconfig xl0
xl0: flags=8843 mtu 1500
inet 205.238.129.221 netmask 0xfffffffc broadcast 205.238.129.223
inet6 fe80::250:daff:fe77:cc77%xl0 prefixlen 64 scopeid 0x1
ether 00:50:da:77:cc:77
media: Ethernet autoselect (100baseTX )
status: active
This tells us some interesting things. The first line show the interface flags . The flags basically say that this interfaces is UP. It is a BROADCAST type interface. It's running in SIMPLEX mode and MULTICAST is enabled. The mtu, or Maximum Transmission Unit, is set to 1500 bytes (standard for ethernet). The next line says inet 205.238.129.221 ... This is the IP address configuration line. inet (meaning IPv4 family) followed by the IP address, netmask and broadcast address configured on this ethernet interface. The next line inet6 deals with IPv6 (which I'm not covering). The next line ether 00:50:da:77:cc:77 tells you the ethernet MAC address. The next line media: ... refers to the media type and option of the network card. It appears my card is running at 100baseTX . This was picked up by the autoselect. You can, however, manually set your media type and different options associated with media (like duplex). To see what all media types are supported by your network card:
# ifconfig -m xl0
xl0: flags=8843 mtu 1500
options=3
capability list:
=3
inet 205.238.129.221 netmask 0xfffffffc broadcast 205.238.129.223
inet6 fe80::250:daff:fe77:cc77%xl0 prefixlen 64 scopeid 0x1
ether 00:50:da:77:cc:77
media: Ethernet autoselect (100baseTX )
status: active
supported media:
media autoselect
media 100baseTX mediaopt full-duplex
media 100baseTX
media 10baseT/UTP mediaopt full-duplex
media 10baseT/UTP
media 100baseTX mediaopt hw-loopback
Take special note of the media lines down at the bottom. To manually set them:
To set to 100BaseTX :
# ifconfig xl0 media 100baseTX
Or to set to 100BaseTX and run in full-duplex:
# ifconfig xl0 media 100baseTX mediaopt full-duplex
要有挑戰 才會感動不斷
本篇文章摘自: 商業周刊第 1021 期
作者:鄭呈皇
一個木匠之子為了圓建築夢,每天少吃一餐,存錢買書;
數十年如一日的鬥志,讓他成為榮獲國際四大建築獎第一人。
他為什麼在台灣與國際都擁有高人氣?
他有什麼執著?
「安藤、安藤、安藤!」六月九日晚上六點,台北小巨蛋人聲鼎沸,擠進一萬兩千人。在電影洛基(Rocky)的背景音樂下,出現的不是當紅偶像藝人,更不是選舉造勢的政治人物,而是全球知名的日本建築大師——安藤忠雄。
安藤忠雄,是建築界傳奇人物。
二十歲立志當建築師,經由自學而無師自通,為此還做過拳擊手和卡車司機。
「他的人生,跟電影一樣精彩。」交通大學建築研究所教授劉育東說。
多數人只看到安藤的成功,卻不知道他成功的背後,是四十六年如一日的「戰鬥」和屢敗屢戰的毅力。
「建築就是戰鬥。」
「只要我活著一天,我就像十八歲剛開始的時候一樣,每天認真的工作。」
安藤忠雄自認不同於其他認真的建築師:
「我是不間斷的努力,跟自己戰鬥!」
每天都與第一天相同、不打折的奮鬥,使沒錢、沒背景的他,在講究正統流派的國際建築界中,依舊出類拔萃,衝出一片天。
「安藤這個人認為,人要有挑戰才會感動不斷。」
六十六歲,開始跨入新的建築風格,安藤像個鬥士,不滿足現有成功。
「每個人的一生,都要有一段渾然忘我的時間……這樣才能全力衝刺完成任何事情,所以六十歲的我,還是認為自己可以全力以赴。」安藤說。
二十歲,可以精力充沛,擁有華麗夢想;
但四十歲、五十歲還能保有夢想與體力者,寥寥可數。
安藤忠雄六十六歲,爬上世界的頂峰,但他依舊充滿戰鬥意志。他說:
「我,身心頑強!」
堅持夢想Youtube:
http://tw.youtube.com/watch?v=OEmSgb9iIBI
Thursday, May 14, 2009
0x80070002-A problem is preventing Windows from accurately checking the license for this computer
A problem is preventing Windows from accurately checking the license for this computer.
Error Code: 0x80070002
When Windows XP boots up, after the Welcome Screen a message comes that shows the above message, and it does not allow you to login.
Solution!
Boot into Safemode
Press F8 While booting just after the BIOS screen or during the OS Selection menu.
Then do the following in the command promt.
cd %system root% \ system32regsvr32 licwmi.dllregsvr32 regwizc.dllregsvr32 licdll.dllregsvr32 jscript.dllregsvr32 vbscript.dllregsvr32 msxml.dllregsvr32 shdocvw.dllregsvr32 softpub.dllregsvr32 wintrust.dllregsvr32 initpki.dllregsvr32 dssenh.dllregsvr32 rsaenh.dllregsvr32 gpkcsp.dllregsvr32 sccbase.dllregsvr32 slbcsp.dllregsvr32 cryptdlg.dll
Reboot and check if the problem persists.
If not check if the following files are present in the System32 Folder
%SystemRoot%\System32\secupd.dat
%SystemRoot%\System32\oembios.dat
%SystemRoot%\System32\oembios.bin
If any of these files are missing, restore these files, from the setup disk, I386 folder or from another system.
To restore from a setup disk, put the CD in, and browse to the I386 folder copy the file with extension XXXXX.XX_ where XXXX.XX is the file name with first 2 letters of the extension. Rename it to a .cab file and extract the file to system32.
Reboot the system and now try again.
Your problem must be solved.
If still your problem persists try the following from Microsoft knowledge base.
Reset the default security provider in Windows XP
To reset the default security provider in Windows XP, delete the relevant registry keys in the Windows registry. To do this, follow these steps:
1. Start the computer. Press the F8 key during startup to start the computer in Safe mode.
2. Start Registry Editor (Regedt32.exe).
3. Delete the following registry keys in the Windows registry:
HKEY_USERS\.DEFAULT\Software\Microsoft\Cryptography\Providers
HKEY_USERS\S-1-5-20\Software\Microsoft\Cryptography\Providers
4. Quit Registry Editor.
5. Restart the computer.
Reset the drive letter of the system drive
Use Registry Editor to change the drive letter of the system drive back to its original value. Edit the following registry key to change the value of the system drive:
HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices
Best of luck...
:)
===========================================
Fixing the Windows 0x80070002 update error by utilizing various methods.
While updating windows, it is possible to receive the 0x80070002 Error. As a result the update process will not be completed, and your computer will not be able to transmit files. The reason for your computer receiving the 0x80070002 Error is due to it not having all of the files that should have been transmitted when updating your software. This is an initialization error that occurs after files have been downloaded, and extracted to the computer.
To fix the error manually, it will be necessary to remove all of the files partially downloaded, and try again to update your Windows files. Alternatively you could use Registry Booster from Uniblue, which scans for all system errors and fixes them for you without having to do things manually.
1. On the Windows desktop, press Start, and when the menu opens up,
2. Press Run, and input the following command “services.msc”
3. In the Run box, type "services.msc", and press "Enter".
4. This will open the "Local Services" window.
5. In the Local Services window find the name “Automatic Updates” and right click.
6. On right click, scroll down and press “Stop”. This will cause the Automatic Updates to pause to correct the situation. Do not close the Local Services window.
At this point you can go to the "Software Distribution" folder and delete its contents, or give the folder another name. It is advised that you just rename the folder,
7. To do this go to the Windows desktop and press “Start” then press “Run” when the menu opens.
8. Input the “cmd” command into Run, and the computer will take you to the DOS prompt.
9. At the DOS prompt type in this command “cd %windir%” (without the quotes), and press Enter.
10. You should now be in the Windows directory.
11. At the Windows directory, input “ren SoftwareDistribution SoftDisTemp” and hit "Enter". This will rename the Software Distribution folder to the new name of SoftDisTemp.
12. Type "Exit" and hit "Enter" to close the DOS window.
13. Now go to the "Local Services" window and right click "Automatic Updates" to restart it.
14. Try updating Windows files again.
Thursday, May 7, 2009
copy and paste tool - Flashpaste
http://flashpaste.com/download.php
Clipdiary: A utility for keeping the clipboard history
http://flashpaste.com/onlinehelp/html/clipdiary.html
Tuesday, May 5, 2009
rssh is a Restricted Secure SHell that allow only the use of sftp
rssh is a Restricted Secure SHell that allow only the use of sftp
or scp. It could be use when you need an account (and a valid
shell) in order to execute sftp or scp but when you don't want to
give the possibility to log in to this user.
you need to edit the config to allow sftp.
# vi /usr/local/etc/rssh.conf
uncomment following line:
allowsftp
# set the default umask
umask = 007
ExMerge Failing
*** are you running Exmerge as the administrator?
http://support.microsoft.com/kb/273642/
ExMerge Does Not Work Unless You Have Receive As and Send As Permissions on the Store
By default the admin accounts are specifically denied the SendAs & ReceiveAs rights, so you need to remove those deny permissions, or create a non-admin account for doing Exmerge.
To resolve this issue, grant the account that you are using to run ExMerge Receive As and Send As permissions on the Mailbox store:
1. Start Exchange System Manager, and under Administrative Groups, locate the Mailbox store.
2. Right-click the Mailbox store, click Properties, and then click the Security tab.
3. On the Security tab, in the top pane click the account that you are logged on as, and in the bottom pane, click to select the Receive As and Send As check boxes to grant these permissions to that account.
4. Click OK. This account now has full permissions to log on to the mailbox store, and to export or import messages for every mailbox.
5. Grant Send As and Receive As permissions to this administrator account on all the mailbox stores against which you need to run ExMerge.
Note When you are ready to process the data from the new stores, stop the SMTP service. By stopping the SMTP service, no new e-mail messages are delivered to the new stores while you are running ExMerge.
After you grant these permissions, ExMerge runs successfully.
Monday, May 4, 2009
Restrict individual user to home directory only
Asked by cscorbet in Unix Network Security
Tags: restrict, home, directory, user
Hi, I have a FreeBSD box, with a small number of users, I would like to restrict individual user to their home directory only. Can anyone help?
prasadklk:Set the restricted shell for that user.
See this doc:
http://wks.uts.ohio-state.edu/sysadm_course/html/sysadm-553.html
01/27/03 11:45 AM, ID: 7824677
cscorbet:I would like users to change directory within the users home directory.
Restricted Shell doesnt allow this ?
"28.10.1 Restricted Shell
Restricted shells allow you to control the user's environment. The restricted shell, rsh, allows the user to do everything allowed by sh, except:
change directory".
01/27/03 12:14 PM, ID: 7824894
prasadklk:Yes,That is right.. restricted shell does not allow user to change the directory,...
If it is any other shell, user can see all the files and directories wherever he has read and execute permission.
I don't think there is a way to restrict a user to home directory and allow him to see all the sub directories without changing the permissions of other directories which is not so practical.
01/28/03 02:12 AM, ID: 7828617
liddler:I don't know if it can be applied to login, but chroot is used with ftp to restict users to a directory tree.
01/28/03 04:01 AM, ID: 7829046
ahoffmann:write a small wrapper, like
#!/bin/sh
/usr/bin/chroot ~ /bin/sh && exit 0
use this wrapper as shell in your passwd
(needs to be more tricky if you'd like to allow sevaral shells)
01/28/03 07:46 AM, ID: 7830467
chris_calabrese:Agreed. restricted shell is not restrictive enough. Use chroot. Or better yet, use User Mode Linux (no, it's not available for FreeBSD) where you can give each user their own virtual machine.
01/31/03 07:38 AM, ID: 7853829
cscorbet:"#!/bin/sh
/usr/bin/chroot ~ /bin/sh && exit 0"
this did not work. Operation not permitted.
01/31/03 11:13 AM, ID: 7855328
chris_calabrese:The program needs to be SUID root for chroot to work.
Something more like:
cd "$HOME" || exit 1
/usr/bin/chroot "$HOME" su - "`logname`"
02/01/03 10:38 AM, ID: 7859966
cscorbet:can you give me more information pls
02/03/03 01:25 PM, ID: 7870392
ahoffmann:ok, the file(described above) needs to have permissions as follows:
chown root:root file
chmod 6555 file
BTW, keep in mind that $HOME might be different from ~
02/03/03 02:43 PM, ID: 7870885
cscorbet:can u tell me what this bit is all about please? "`logname`"
thanks.
02/04/03 01:23 AM, ID: 7873762
liddler:logname is a command that returns the name of the user that logged. It is surrounded by single back quotes (``) which tell the script to execute that command and return the result to the script
02/22/03 02:43 PM, ID: 8000319
jimbb:Many platforms won't honor the SUID bit on an interpreted (#!) script. I don't think FreeBSD will, so those solutions may not work.
Anyway you may be able to fulfill this with a restricted shell, as others have pointed out.
Make sure you control the $PATH variable for that shell, though, otherwise they can just execute another shell and escape the restricted directory. Other caveats may apply as well.
05/03/03 11:58 PM, ID: 8453648
Droby10:as suggested, a chroot shell wrapper is a nice solution. there are some caveats to doing so. you will want to copy /bin, /dev/, and /lib, and /usr/lib into the user's home directory ...but only those executables, devices, and libraries that you wish to grant access to...
you will run into some issues. for instance, without creating another swap partition proc under the users home, ps won't work. df, which relies on /dev entries will also fail. who (relies on /var/utmp). so you will need to collect a dependency list for each allowed command and copy those dependencies into the users home in a way that a chroot will result in the same path as before. ie. /usr/home/droby10/usr/bin/perl
also be careful about which devices you copy in, copied terminal devices with unchanged permissions (as normally occurs through getty) will allow read/write access...don't even copy mem or kmem (forget which is present in bsd).
as opposed to using a shell wrapper, you might try to modify login to perform the chroot before initializing the user shell. (again, the shell would have to be copied into the user's home to be effectively called after the chroot occurs).
05/04/03 12:00 AM, ID: 8453650
Droby10:forgot to mention that the results of copying some of those dependencies won't be accurate...ie who from a stale utmp database would only reflect the entries present when it was copied.
05/20/03 07:25 AM, ID: 8550878
mlafortune:I don't know which version of FreeBSD you have, but later versions offer a nice feature called jail. You create a virtual environment (you can call it a virtual machine) and it allow you to chroot you user. The first jail might be a little long to setup as you have to "make world" but once it's done, you can just copy that "environment" to the next user. One warning, you will need a lot of disk space.
on FreeBSD 4.6R
> man jail
NAME
jail - imprison process and its descendants
SYNOPSIS
jail path hostname ip-number command ...
DESCRIPTION
The jail command imprisons a process and all future descendants.
Please see the jail(2) man page for further details.