rubysecurity.org

Cloud Architect / DevOps Engineer / SRE / Developer | /root

Home About Books Blog Portfolio Archive

Tag Cloud


Currently Reading

Certified Kubernetes Administrator (CKA) Study Guide
Certified Kubernetes Administrator (CKA) Study Guide
38 / 155 Pages


Latest Book Reviews

Latest Posts


April 13, 2013

User creations in Solaris 11

by Alpha01

To my surprise Solaris 11 does not create new user’s home directory by default.

Errors

root@solaris:~# su - testuser
su: No directory!
root@solaris:~# pwck
[....]
testuser:x:106:10::/export/home/testuser:/usr/bin/bash
        Login directory not found

Fix

root@solaris:~# useradd -m testuser
80 blocks

In the process, I learned something new about the su command. In Linux, when switching from root to a limited user, I used to do the following:

[root@rubyninja ~]# su tony -

What I did not know was that the above command will indeed load up the PATH of tony, but it will also append root’s PATH at end of it which is kind of scary. In theory the command that I wanted to use was su - username, luckily this feature is not supported in Solaris 11.

root@solaris:/# su testuser -
bash: /root/.bashrc: Permission denied
Tags: [ solaris ]
April 9, 2013

OSSEC agent install issue on Debian Squeeze

by Alpha01

So the OSSEC installer has a conditional expression that doesn’t seem to be supported with the version of Bash in Debian Squeeze.

Error

3- Configuring the OSSEC HIDS.

./install.sh: 158: [[: not found

Fix (workaround)

Update line 372 on install.sh to the following:

if [ "X${USER_AGENT_SERVER_IP}" = "X" -a "X${USER_AGENT_SERVER_NAME}" = "X" ]; then

This was so frustrating, and it appears to be known issue. Unless I’m mistaken double brackets are only used in Bash to do a regular expression conditions, at least that’s the only time I’ve used them…

UPDATE: I also ran into this same issue on FreeBSD 9 and Ubuntu Server 12.04 LTS.

Resources

Tags: [ ubuntu security freebsd ]
April 1, 2013

ZFS on Linux: Stability Issues

by Alpha01

So far I’ve had one stability issue on my backup virtual machine. Though, I can’t really blame ZFS for crashing my VM, instead I believe this was a consequence the VM running out of memory due to large amount of rsync, and the heavy I/O caused on the ZFS drive.

After updating the dedicated memory on my backup VM from 512 MB to 3.5 GB and updating my rsync’s to run with low process and I/O priority, I have yet experience any more problems.

nice -n 19 ionice -c 3
Tags: [ zfs ]
March 27, 2013

PHP: XCache performance testing

by Alpha01

Aside APC, as far as I know XCache is the second most popular PHP caching optimizer. So I manually compiled and installed XCache on my www.rubyninja.org VM and configured the WordPress W3 Total Cache plugin to use the XCache optimizer and ran the same benchmarks test that I did when APC was enabled.

After a few tests, the total requests per second was around 24-25 seconds. Slightly slower than APC. However, unlike APC, I noticed that with XCache the overall server load was less (peak at about 3.3), in addition the I/O system activity also appeared to be less than with APC.

Concurrency Level:      5
Time taken for tests:   40.740110 seconds
Complete requests:      1000
Failed requests:        0
Write errors:           0
Non-2xx responses:      1000
Total transferred:      351000 bytes
HTML transferred:       0 bytes
Requests per second:    24.55 [#/sec] (mean)
Time per request:       203.701 [ms] (mean)
Time per request:       40.740 [ms] (mean, across all concurrent requests)
Transfer rate:          8.39 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0    6 134.1      0    3000
Processing:    99  196  25.6    200     297
Waiting:       98  196  25.6    199     297
Total:         99  202 136.9    200    3209

Percentage of the requests served within a certain time (ms)
  50%    200
  66%    209
  75%    214
  80%    216
  90%    222
  95%    227
  98%    234
  99%    241
 100%   3209 (longest request)
Tags: [ php apache wordpress ]