When re-installing or performing a fresh installs of Linux, I’ve found that packages often disappear from default installations. These are the tools I install from the get-go. I’m sure there is more that I’m missing, next time I re-install I’ll update the list. Feel free to contribute your favorites to the list in the comments!
After updating a Fedora installation a development server froze sitting there with GRUB on the screen at boot.
It had been like this all night after a successful upgrade earlier that day. yum update was run from a screen session and then connected to from home. What had caused the problem was the kernel and possibly grub had been updated. This caused the system to need a reboot, but after the reboot the drive map had changed.
Fortunately when I came in the next morning I had an e-mail with a link to this website: http://readlist.com/lists/redhat.com/fedora-list/51/259917.html with a solution to the problem.
Here are the step by step instructions since they are not clearly lined out on the site:
1) Insert Fedora installation media
2) boot to rescue mode
3) choose language, skip network settings
4) once you are at a shell, type:
5) grub –device-map=/tmp/drivemap
7) vi,pico or nano /tmp/drivemap and move sda and sdb around, or perhaps hda.
8) chroot /mnt/sysimage
9) I had checked that /tmp/drivemap had stayed the same by running cat /tmp/drivemap
10) grub –device-map=/tmp/drivemap
After grub gave its usual message I rebooted, removed the CD and everything worked as expected. Excellent. I’ve always used lilo over grub, but recently the distributions I’ve been using use grub and more importantly the servers I manage. Therefore I guess I better get more accustomed to grub. Luckily the server this went wrong on was a development server and nothing mission critical, so thankfully no one had to make the long haul into the data center to fix this issue at 1:00am. Hopefully you will be just as lucky if you run into this issue.
The 188.8.131.52 Kernel was released at 11:47UTC with a lot of fixes. Notably the eeepc-laptop module got a fix that should stop it from failing to unload if anyone has an eeepc and had that problem. There were 40 unique commits to this update and I think that everyone involved should be thanked for their hard work.
A new Wine was released on Friday the 5th putting Wine on version 1.1.4, so those of you that use Wine may want to update to see if your apps run better. They’ve fixed a lot of applications and reimplemented parts of WinHTTP. Unless you’ve been under a rock, you’ll know about Google Chrome, and this Wine version includes several fixes to better support this. I might do a writeup of getting Google Chrome to work under Linux.
In security its just about the usual, SQL injections and XSS holes everywhere. Tomcat has some information disclosures that if your running the newest versions will not affect you.
Wireshark has some denial of service attacks and possibly arbitrary code execution, but only the DOS attacks have been confirmed. Your distribution probably has an older version in its repositories so, unless your running 1.0.3 which was released on September 3rd, you may want to update if your mission relies on this.
If you run postfix and notice your mail servers load is unusually high, look out for a denial of service against that also.
This ones an oldie but a good one: Get Pwnd by your Coffee machine of course its just one coffee machine, but as we see more household appliances being connected to the web. Which might get you thinking about Linux on Household Appliances.
If you run into the following problem:
VMware Server is installed, but it has not been (correctly) configured for the running kernel. To (re-)configure it, invoke the following command: /usr/local/bin/vmware-config.pl.
and then try to issue the vmware-config.pl command and get something similar to the following:
/tmp/vmware-config1/vmnet-only/bridge.c: In function ‘VNetBridgeUp’: /tmp/vmware-config1/vmnet-only/bridge.c:949: error: implicit declaration of function ‘sock_valbool_flag’ make: *** [/tmp/vmware-config1/vmnet-only/bridge.o] Error 1 make: *** [_module_/tmp/vmware-config1/vmnet-only] Error 2 make: Leaving directory `/usr/src/kernels/184.108.40.206-47.fc8-i686' make: *** [vmnet.ko] Error 2 make: Leaving directory `/tmp/vmware-config1/vmnet-only' Unable to build the vmnet module.
Then try to use the VMWare any patch from: http://groups.google.com/group/vmkernelnewbies/files
I had used the patch before to get my VMWare Server up and running but did not realize that you had to use the patch after kernel upgrade or your VMWare server will no longer work.
The case of the Ubuntu servers being breached [wiki.ubuntu.com]
Missing security updates and system administrators not running updates on servers is a problem. I don’t know why they didn’t do any updates past Breezy. They suggest that it was because of problems with network cards and later kernels but I don’t get it. Since when do software updates for an operating system have anything to do with what kernel is running? If there is a problem with hardware support for the network card you have two choices. The first is to fix the driver yourself or pay some one to do it. The second is to replace the network card to a better supported device. Both situations could be costly but it would get the problem fixed and five of the servers wouldn’t have been taken down at the same time.
If the kernels were configured correctly, the boxes probably wouldn’t of even had to have been rebooted.
Running FTP instead of a more secure version is not so bad unless they were running accounts with higher privileges than guest or using system accounts. In which case thats just stupid.
The Gentoo Situation [bugs.gentoo.org]
Apparently there is a problem in the packages.gentoo.org script. The bugzilla article goes into deeper explanation but basically there is some pretty unsafe code which could have allowed any one to run any command. I understand that the code is old but it probably should have been audited at some point. The problem would have stuck out like a soar thumb if looked at by a python coder and they probably would have fixed it, or at least suggested a fix. The problem was found on Tuesday the 7th. All of the infra- (I assume they mean infrastructure?) guys were at a conference last week so they couldn’t work on it. It still seems that if they were at the conference until midnight on the 12th they would still have been able to put up a coming back soon placeholder on the packages site by now. Hey, if they put some pay per click ads up there maybe they will get some additional funds during the down time. I would like to see what products would be pushed thru the advertising on that one. I believe that they could have reduced the downtime by releasing the code for the packages.gentoo.org site as open source or by asking for help from developers to review and upgrade the code as needed.
Its not strange for web servers get hacked. They get hacked all the time but who’s fault is it in the open source community? I really think that there is a problem in the community when it comes to situations like this but the blame can’t be placed on any one person. I would offer any assistance I could into getting these situations resolved but its not as easy as that. There has to be a certain level of trust for those working within a project. If they gave out keys to their servers to anyone the servers probably would have been compromised a long time ago. I hope that the affected sites can pull them selfs together and get back up and running as normal. It seems that Ubuntu did not have complete down time, but the Gentoo site is still down and there is no indication of when it will be back up.