Tagged: freebsd

Zsh glob qualifiers ftw!

I have a FreeBSD 7.1 server, a couple of macs, a windows machine, and an ubuntu machine. I need to share files between them all. I could try to get NFS for windows working, but it seemed to me that using Samba was a good way for me to allow all of the machines (Even the windows one!) have access to the storage I have on my “server”. I’ve been working with BSD, Linux and Windows for a long time, and I still get emails to thank me for that old Linux From Scratch hint I wrote that describes how to set up printing with samba and cups. I thought this would be a cinch. Was it? Of course not haha. It turns out that even though my user had access to mount the share, I had mounted it in FreeBSD owned by user root, group wheel with permission set to 755. My user is in the wheel group and I would like the wheel group to have write permission, so I remounted it with the following line in /etc/fstab:

/dev/ad8s1  /mnt/sambashare msdosfs rw,large,-m=775,-g=wheel 0 0

the large is there because it’s a 500GB drive.

And now, all is well. I can mount the share and I have read write access! I can create and delete a test folder… so that’s it! Right? Wrong. There’s an old windows directory on there that I need to delete, but OS X says I haven’t got enough permission to do that. Oh no!

Well how am I supposed to go digging through some directory tree and find the files that I don’t have permission to delete? I bet there’s a unix command that can help me… (actually I know there is – it’s called find, and find is great…but… I love zsh and I love finding fun reasons to use its features!)  Since I know ls will list my files… and ls -al will tell me the permissions… why not just say “ls -al everything i dont have write permission to”?

ls -al *(^I)

The stuff that is between the parentheses is called a glob qualifier. Glob qualifiers let you ask zsh to give you back more specific information. In this case, the capital I means group writable files and the ^ is used to negate the qualifier. If you try to translate this command line into english it would say something like, “list the names and permissions of all of the files in the current directory, even the hidden ones, that are not group writable.”

You may be thinking, “Wait… did you say all files in the current directory?” and if you are thinking that – you’re right. The above command only lists the files in the current directory, so it is not very useful right now.  I need to look in my mounted drive, which is on /mnt/sambashare, so how about this command line?

ls -al /mnt/sambashare/*(^I)

That is close… but not quite there. It’s only showing files in that directory, and I need to look into all the directories that might be in there. Since all the files and directories in that directory are group writable, this gives me:

zsh: no match

So how can I tell ls to look into directories too? That’s easy! I can use the recursive globbing operator, **

Now the command line looks like this:

ls -al /mnt/sambashare/**(^I)

But that STILL doesn’t go all the way into directories I need it to. This is getting crazy now isn’t it? It turns out that to look into directories, even directories that are inside other directories, we cannot simply use the recursive globbing operator, we need to append a /* as well, which makes the command line:

ls -al /mnt/sambashare/**/*(^I)

But now… oh no! We’re still not there! This returned a list including some files that ARE group writable! Why don’t I just run chmod -R  and end this agony already? (Is that what you’re thinking? haha well the answer is… I want to know exactly what files I can’t delete before I take further action). It seems that the ls command is going into directories and showing me things I didn’t ask for. I have a hunch that it’s because ls is doing some recursion of its own… (don’t ask me why, it’s just a hunch) so I’m going to add the -d option to the ls command, making the command line….(drum roll please):

ls -ald /mnt/sambashare/**/*(^I)

….and my hunch was correct! So now I have my list of all files in my share that are not group writable. It might seem like a lot of time and effort, but for a seasoned zsh user this is nothing! I did have to consult the zsh man page to find the glob qualifier for “group writable files”, but that didn’t take long. In the next article I’ll continue with this scenario, and tell you if I ever did manage to get those files deleted 🙂 Stay tuned… if you dare!

Cups / FreeBSD / Windows Domain

So as you may know, I’m working on secret PHP project using the Zend Framework. It’s coming along well and I have been taking some notes on the server which is on the local network. I was about to download my notes and print them when I decided that printing directly from the FreeBSD server to the printer in our office should not be a difficult feat.

Of course… it wasn’t difficult, but it was a bit tricky. Here are some things I just learned, in no particular order:

* When installing the port called ghostscript8-no_x11 , you are asked to configure it and set up some options via the usual curses menu interface. One of these options says “include X11 support”. Doesn’t it seem strange that the port is named with the no_x11 suffix, yet including X support is an option? I thought so. I don’t have X on this server and never will. I don’t want X there. I unchecked the option, and then the build failed. Oddly enough you need to leave this option enabled or you will run into bizarre build errors like “ert file not found”.  Don’t worry though, leaving this option checked does not build X! (I don’t think it makes sense but with the port as it is today, this is the case)

* If you didn’t think about installing CUPS early enough to set up the special options in make.conf to tell FreeBSD’s ports system to overwrite the default LPR printing base, you’ll have to move or otherwise disable /usr/bin/lp and /usr/bin/lpr and then either link /usr/local/bin/lpr and lp to /usr/bin or just edit your PATH.  I found that tidbit here: http://home.nyc.rr.com/computertaijutsu/cups.html

* The DELL 5110 printer we use has been added to our windows domain. The drivers for PCL and PS were added to the print server so that when the printer is being added there are choices. If you have the PS driver installed, just use that, trust me. You can add the printer in cups’ web interface and tell it to send the job raw. It’s much easier, in my opinion, than messing with drivers and ppd files. Using the PS driver and the raw queue I was able to print a test page the first try, which is saying something, believe me.

* I wasn’t able to print text files properly via the lpr command. I got strange stair-stepping on my printouts and they were totally unusable. Using the a2ps command to format and send the output directly to the printer worked amazingly. I never saw a printed text file look so good. a2ps is available in the ports tree and it works great even when you’re printing from a FreeBSD server via Cups and the samba/smb backend to some printer on a windows domain.

PHP/Recode fail

I use PHP on FreeBSD servers, compiled from the ports system. It works very well, except that sometimes… well… sometimes… segfaults happen. Yes random, bizarre, “how did this working system suddenly become non-working wtf” errors happen.

Here’s an example of what happened to me today. This is a snip from my lighttpd error log

(mod_fastcgi.c.2722) child signaled: 11
(mod_fastcgi.c.1051) the fastcgi-backend /usr/local/bin/php-cgi failed to start:
(mod_fastcgi.c.1065) terminated by signal: 11
(mod_fastcgi.c.1070) to be exact: it segfaulted, crashed, died, … you get the idea.
(mod_fastcgi.c.1072) If this is PHP, try removing the bytecode caches for now and try again.
(mod_fastcgi.c.2759) ERROR: spawning fcgi failed.

WHAT!?

Well in a nutshell, php-cgi is failing to start. When I attempt to run /usr/local/bin/php-cgi from the command line, it causes a segmentation fault. If you’ve seen this before, you might have thought “oh no… sig11! signal 11 could mean my hardware is fried!” At least I thought so. The truth of the matter, in this case, is that the php-cgi executable is not happy. Why isn’t it happy? I’m glad you asked. We all want our executeables to be happy, right?

This wasn’t easy for me to figure out the first time it happened to me last year. I was going nuts trying to figure out what went wrong, I even put in a request for new hardware (yes a new development server, which I actually got). This didn’t solve my problem either. I began to panic. I’m not sure what made me think of it, but after a while I decided to try minimalizing my PHP installation, by commenting out extensions from my extensions.ini file (on my sys it’s /usr/local/etc/php/extensions.ini)

With everything commented out, php-cgi was happy again, but of course I need at least a few of the extensions (specifically mysqli), and so I started adding extensions back in one at a time to find the problem. It turns out that the problem is with the recode extension.

With the recode extension out of the picture, things went along fine for quite a while and I was able to develop my small web application with Zend Framework (1.5 at the time, I think). PHP was happy, Lighttpd was happy, I was happy. There was a lot of happiness to be found! And then it happened. I updated my PHP port with portmaster. A dark cloud (a cloud named sig11) loomed over the server and the happiness turned to confusion once again. Then I remembered… “didn’t this happen last year?” Yes. Yes it did. Same problem. This time I didn’t panic though, I went straight for the extensions file.

Now I’m not sure what about the recode extension my system doesn’t like, but it doesn’t like it. It didn’t like it last year, and it doesn’t like it now. The PHP port installed a new copy of extensions.ini which includes the recode extension and so that’s why the error reoccured after updating the port. If you are experiencing weird segmentation faults with PHP, I highly recommend you start commenting out your extensions. Also, you may want to check the order of the extensions. If they are in alphabetical order, something is wrong. Some extensions rely on others to be loaded first, so be careful.

That’s it for now… PHP is happy once again, and I’m working on a new dev project, this time with Zend Framework 1.7  🙂 I’d tell you more about it… but it’s a secret. No, really, it’s a secret.

ISC DHCPD duplicate uid lease

Ever see this?

dhcpd: uid lease 192.168.1.150 for client xx:xx:xx:xx:xx:xx is duplicate on 192.168.1/24

or something like it, in your dhcp logs? Well I checked /var/log/messages today and saw that I had thousands of this message repeated over and over (so much so it was spamming my log  and making it harder to find what might be important stuff). I searched around the ‘net and found some hints but nothing conclusive. The hints pointed toward a duplicate lease (duh) but more specifically lead me to check my leases file. Mine was located in /var/db/dhcpd/dhcpd.leases.

It turns out that what caused this error for me was that I had started the machine in question (the MAC address has been altered to protect the innocent haha) before I had the time to create a reservation for it. Then after it already had an address leased to it, I created a reservation for it (for internal DNS purposes, nothing more). Apparently because duplicates are allowed by default in isc dhcpd, when the machine’s networking was restarted and it got it’s new reserved IP, the server kept the original lease (which was that .150 address) and also got a lease from it’s reservation (.80 on my network). Since the .150 lease was still present in the leases file it caused the warning message (over and over and over for a month).

So if you are using isc dhcpd, and you use reservations, and you’re getting these error messages, you might want to check your leases file and make sure that you don’t have a lease for something that also has a reservation under a different IP.

The other pages I found on my search also suggested that you might have a reservation that hands out an address that is within your dynamic scope. You definitely don’t want to do that, so you may need to check that out as well in your dhcpd.conf.

For the curious, I run FreeBSD 7 on a Pentium 4 Dell desktop (I think it’s a dimension series, I haven’t looked at it in a while haha) that sits in my kitchen as a headless DNS/DHCP/Web/Random Unix Fun server. It’s actually making lots of bad noise lately and I think one of it’s fans might be going 🙁 I’ll check that out and report back 🙂