Author Archive

Safe rm – stops you accidentally wipeing the system!

Posted by on Monday, 21 September, 2009

I found this the today http://www.safe-rm.org.nz/ , and having had the odd accident im most definitely going to be installing this on my own server!

What is safe-rm?

Safe-rm is a safety tool intended to prevent the accidental deletion of important files by replacing /bin/rm with a wrapper, which checks the given arguments against a configurable blacklist of files and directories that should never be removed.

Users who attempt to delete one of these protected files or directories will not be able to do so and will be shown a warning message instead:

    $ rm -rf /usr
Skipping /usr

(Protected paths can be set both at the site and user levels.)

Recovering important files you deleted by mistake can be quite hard.

So, why not install this on your server and save yourself some hassles in case you accidentally have that shell script gone wrong problem. Now if somebody could do the same to fdisk I would be totally happy, there was this time when i accidentally repartitioned my own server HDD after puting a new one in, and got the wrong drive :/

For manual install its as simple as

wget the file http://safe-rm.googlecode.com/files/safe-rm-0.6.tar.gz

tar zvxf safe-rm-0.6.tar.gz

cd safe-rm-0.6

mv /bin/rm /bin/old-rm

mv safe-rm /bin/rm

For those running debian variants you can

apt-get install safe-rm

Points to note in the README:

Once you have installed safe-rm on your system (see INSTALL), you will need to
fill the system-wide or user-specific blacklists with the paths that you’d like
to protect against accidental deletion.

The system-wide blacklist lives in /etc/safe-rm.conf and you should probably add
paths like these:

/
/etc
/usr
/usr/lib
/var

The user-specific blacklist lives in ~/.safe-rm and could include things like:

/home/username/documents
/home/username/documents/*
/home/username/.mozilla

Here are two projects which allow you to recover recently deleted files by trapping
all unlink(), rename() and open() system calls through the LD_PRELOAD facility:

delsafe (link in the readme is dead but i googled and updated it here)
http://unix.freshmeat.net/projects/delsafe

libtrashcan
http://hpux.connect.org.uk/hppd/hpux/Development/Libraries/libtrash-0.2/readme.html

There are also projects which implement the FreeDesktop.org trashcan spec. For example:

trash-cli
http://code.google.com/p/trash-cli

Category: Articles, Tutorials   , , , , , , ,
Comments (2)

Ubuntu networking bug updating to Jaunty

Posted by on Thursday, 10 September, 2009

We had a customer email in after updating to Jaunty recently. They said the following

Hi guys, I upgraded my VPS a little while back to Ubuntu Jaunty (because I was several versions out of date and the apt repositories had gone away.) I never actually rebooted the machine afterwards though because it wasn’t a good time to potentially interrupt email. I finally got around to doing that, and the VPS won’t come back onto the network. Logging in over the console, it looks like there are no network interfaces configured. A few other things don’t feel right (eg, dmesg tells me that the current tls library or perhaps libc isn’t xen-friendly.) but mostly everything *looks* like it’s ok but doesn’t have a network interface.. services that want to resolve hostnames didn’t start up, etc. Trying to dig into the problem, it looks like there are no modules installed for the kernel, but this is where my expertise runs out.. I don’t know enough about Xen to know if everything was just precompiled into the kernel, or if I blew away my kernel modules during upgrade.

I was curious so logged in via the console .

I ran ifup and got the following errors

root@charon ~ # ifup eth0
ifup: failed to open statefile /var/run/network/ifstate: No such file or directory

so i checked and /var/run/network did not exist. I fixed this

root@charon network # mkdir /var/run/network/
root@charon network # ifup eth0
* if-up.d/mountnfs[eth0]: waiting for interface lo before doing NFS mounts
root@charon network # ifconfig
eth0 Link encap:Ethernet HWaddr aa:00:d6:a1:5e:e4
inet addr:72.33.222.111 Bcast:72.29.222.255 Mask:255.255.255.128
inet6 addr: fe80::a800:d6ff:fea1:5ee4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:56 errors:0 dropped:0 overruns:0 frame:0
TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5447 (5.4 KB) TX bytes:1074 (1.0 KB)

The file system on Ubuntu in /var/run is a virtual filesystem on Ubuntu, I googled and came across this post here https://bugs.launchpad.net/ubuntu/+bug/367171 which clearly logs the bug, and a fix.

The fix i applied which was adding the following into /etc/init.d/networking

[ -d /var/run/network ] || mkdir -p /var/run/network

This checks if the dir exists and creates it if it doesn’t.

This does fix the problem but its a bit of a hack. I noticed a link later on down the post which took me to https://bugs.launchpad.net/ubuntu/+bug/377432 . This link had a bit more technical information. They said look for the following files and remove them.

/etc/udev/rules.d/85-ifupdown.rules

/lib/udev/rules.d/85-ifupdown.rules

Category: Articles   , , , ,
Comments (0)

WordPress upgrade script

Posted by on Tuesday, 1 September, 2009

There have been some interesting exploits out and about, and often sysadmins have a lot of wordpress installs going on the one machine. This can be problematic when it comes to upgrading multiple instances.

So I posted a script up on the Rimuhosting blog that should fix this

wget http://b.ri.mu/files/wordpress-upgrade-patched.sh
sh wordpress-upgrade-patch.sh

Original Article: http://blog.rimuhosting.com/2009/08/20/wordpress-upgrade-script/

Category: Scripts, Security   , , , ,
Comments (0)