Scott Mcintyre

If you need to add a second panel/task window on your second (or more in my case) monitors using ubuntu/debian/mint linux here are two ways to achieve it.

First you should right click on the current panel and click “New panel” then all you have to do is move the panel to the other monitor of which there are a few ways, the easiest two are

- Hold ALT and drag the panel to the new window.
or
- Right click the panel and go to properties
- Uncheck “Expand”
- Now drag the smaller panel to the monitor you want it on
- Right click and re-check expand and also select where you want it (top/bottom/left/right)

Then simply add what items you want on the panel. In my case I added the Window List item.

On CentOS 5 the e4fsprogs RPM provides a separate binary (/sbin/resize4fs) for resizing ext4 partitions.

# rpm -qf /sbin/resize2fs
e2fsprogs-1.39-23.el5_5.1
# rpm -qf /sbin/resize4fs
e4fsprogs-1.41.9-3.el5

As I found out today when resizing an LVM partition on one of our mongodb snapshot systems.

# lvextend -L+50G /dev/mapper/mongo
Extending logical volume mongo to 150.00 GB
Logical volume mongo successfully resized
# resize2fs /dev/mapper/mongo
resize2fs 1.39 (29-May-2006)
resize2fs: Filesystem has unsupported feature(s) while trying to open /dev/mapper/mongo
Couldn’t find valid filesystem superblock.

Having alook around I noticed the resize4fs binary which resized it successfully.

# resize4fs /dev/mapper/mongo
resize4fs 1.41.9 (22-Aug-2009)
Filesystem at /dev/mapper/mongo is mounted on /var/lib/mongodb; on-line resizing required
old desc_blocks = 7, new_desc_blocks = 10
Performing an on-line resize of /dev/mapper/mongo to 39321600 (4k) blocks.

I recently had to troubleshoot an issue while migrating from cherokee to nginx. This was a PHP application which had a shared set of common scripts , these where accessed by domain/common/file which in turn was translated into /vhosts/shared/common and this then included the necessary files.

After doing the rewrite for nginx,

location ^~ /common/ {
fastcgi_split_path_info ^(/common)(/?.+)$;
fastcgi_param SCRIPT_FILENAME /vhosts/shared/common$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass 127.0.0.1:9000;
include fastcgi_params;
}

nginx was simply returning access denied.

# curl http://localhost/common/file
Access denied.

Which is because the new file has no extension and PHP-FPM now defaults to only allow .php. This can be altered by editing security.limit_extensions in the php-fpm.conf (in this case /etc/php-fpm.d/daemon.conf) to allow the extensions you need. In this case we needed it to support files without extensions so setting security.limit_extensions to FALSE done the job,

security.limit_extensions = FALSE

While installing and configuring trac on my development VM it wouldn’t load over HTTP (500 error). Stracing the process returned the issue,

Error: unsupported locale setting

So it looks like it doesn’t have the locale installed (In my case EN_GB) this is easily fixed by running,

sudo dpkg-reconfigure locales

Then selecting the necessary locale, you’ll most likely want to default to UTF8.

You should then be able to run trac and have it accessible, in my case

sudo -u trac tracd -s -p 8000 –pidfile ~trac/dev/tracd.pid -d –basic-auth=”*,/home/trac/dev/htpasswd,dev” ~trac/dev
curl -I localhost:8000
HTTP/1.0 200 OK
Server: tracd/0.11.7 Python/2.6.6
Date: Wed, 16 Jan 2013 07:38:32 GMT
Cache-Control: must-revalidate
Content-Type: text/html;charset=utf-8
Content-Length: 6184
Set-Cookie: trac_form_token=a83b66948209b4197936bd1a; Path=/
Set-Cookie: trac_session=d2dad341a8e80e6fd2f76551; expires=Tue, 16-Apr-2013 07:38:32 GMT; Path=/

The script below will import the betfair data from data.betfair.com into a mySQL table.  First create the table,

CREATE TABLE `history` (
`sports_id` int(11) DEFAULT NULL,
`event_id` int(11) DEFAULT NULL,
`country` varchar(10) DEFAULT NULL,
`scheduled_off` varchar(30) DEFAULT NULL,
`actual_off` varchar(30) DEFAULT NULL,
`full_description` varchar(150) DEFAULT NULL,
`odds` double DEFAULT NULL,
`settled_date` varchar(30) DEFAULT NULL,
`first_taken` varchar(30) DEFAULT NULL,
`latest_taken` varchar(30) DEFAULT NULL,
`course` varchar(150) DEFAULT NULL,
`volume_matched` double DEFAULT NULL,
`number_bets` double DEFAULT NULL,
`event` varchar(50) DEFAULT NULL,
`in_play` varchar(2) DEFAULT NULL,
`selection` varchar(50) DEFAULT NULL,
`selection_id` int(11) DEFAULT NULL,
`win_flag` varchar(1) DEFAULT NULL,
KEY `sports_id` (`sports_id`),
KEY `event_id` (`event_id`),
KEY `odds` (`odds`),
KEY `win_flag` (`win_flag`),
KEY `descr` (`full_description`)
) ENGINE=InnoDB DEFAULT

Then use the following script,

#!/usr/bin/python
import csv
import MySQLdb
import re
import os

path=”/path/to/files”

db = MySQLdb.connect(host=’localhost’,
user=’user’,
passwd=’pass’,
db=’betfair’)

cursor = db.cursor()
files = os.listdir(path)

for filename in files:
csv_data = csv.reader(file(path+”/”+filename))
for row in csv_data:
cursor.execute(“INSERT into history(sports_id, event_id, settled_date, country, full_description, course, scheduled_off, event, actual_off, selection_id, selection, odds, number_bets, volume_matched, latest_taken, first_taken, win_flag, in_play) values (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)”, row)

db.commit()
cursor.close()

Adjust the path at the to to the location of the raw csv(uncompressed) files that you would like loaded into mySQL.
Edit the database information
Run the script

You can also add filters, for example when processing horse racing data I wanted only the following,

- UK races
- Bets placed before the event (IE not in running)
- Exclude hurdles

This is what I used

for row in csv_data:
if row[1] != “EVENT_ID” and row[3] == “GB” and row[17] == “PE” and “PLACED” not in row[7] and “Hrd” not in row[7]:
if re.search(‘[0-9]f’, row[7]):
cursor.execute(“INSERT into history(sports_id, event_id, settled_date, country, full_description, course, scheduled_off, event, actual_off, selection_id, selection, odds, number_bets, volume_matched, latest_taken, first_taken, win_flag, in_play) values (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)”, row)

I have been working on scraping the data from attheraces.com for a project I am working on which combines this and betfair data for some statistical analysis.

In case this is useful to anyone here is the regex I have written,

meetings = re.findall(“<h5 id=\”fastfixhead(\d+)\”.*\”>(\w+)<\/a><\/h5>”, info)
for meeting in meetings:
times = re.findall(“<li class=\” \”><a href=\”/card.aspx\?raceid=(\d+)&amp;meetingid=(“+meeting[0]+”)&amp;date=([0-9]{4}-[0-9]{2}-[0-9]{2})&amp.*<strong>([0-9]{2}:[0-9]{2})<\/strong> – ([0-9+][f|m].*)\((\d+) run”, info)

This gathers the course name, raceid, meetingid, date, race time, distance and number of runners. It only gathers UK data (by only matching alphanumeric and underscores it strips non UK codes) so replace “\w+” with “.*” for the meetings match to include other countries.

Sample output,

Wolverhampton

RaceID: 741858
Date: 57674,
Race Time: 2013-01-14
Distance: 13:50,
Number of runners: 7f 32y
RaceID: 741859
Date: 57674,
Race Time: 2013-01-14
Distance: 14:20,
Number of runners: 5f 216y
RaceID: 741860
Date: 57674,
Race Time: 2013-01-14
Distance: 14:50,
Number of runners: 1m 4f 50y
RaceID: 741861
Date: 57674,
Race Time: 2013-01-14
Distance: 15:20,
Number of runners: 1m 141y
RaceID: 741862
Date: 57674,
Race Time: 2013-01-14
Distance: 15:50,
Number of runners: 1m 141y
RaceID: 741863
Date: 57674,
Race Time: 2013-01-14
Distance: 16:20,
Number of runners: 1m 1f 103y
RaceID: 741864
Date: 57674,
Race Time: 2013-01-14
Distance: 16:50,
Number of runners: 1m 1f 103y

While trying to reinstall one of my windows laptops (A Dell 1555 Studio) to Windows 7 I had alittle trouble locating the windows activation/product key. After alittle fiddling I managed to locate this well hidden under the battery.

So if you are looking for this on your dell laptop try taking the battery out and see if the sticker is under there.

We where having an issue with replica sets on our MongoDB databases changing primaries. The logs shows it was hitting resource limits creating new processes.

[initandlisten] pthread_create failed: errno:11 Resource temporarily unavailable
[initandlisten] can’t create new thread, closing connection

There is a bug fix in the init.d available per https://jira.mongodb.org/browse/SERVER-6443 to increase the ulimit -u however while working through increasing the available max processes on RHEL I was noting the soft limit would not increase past 1024 when checking /proc/pid/limits even when being increased in the startup script.

Limit Soft Limit Hard Limit Units
Max cpu time unlimited unlimited seconds
Max file size unlimited unlimited bytes
Max data size unlimited unlimited bytes
Max stack size 10485760 unlimited bytes
Max core file size 0 unlimited bytes
Max resident set unlimited unlimited bytes
Max processes 1024 256662 processes
Max open files 8192 8192 files
Max locked memory 65536 65536 bytes
Max address space unlimited unlimited bytes
Max file locks unlimited unlimited locks
Max pending signals 256662 256662 signals
Max msgqueue size 819200 819200 bytes
Max nice priority 0 0
Max realtime priority 0 0
Max realtime timeout unlimited unlimited us

It turns out the pam package provides a file /etc/security/limits.d/90-nproc.conf which explicitly overrides the settings in security.conf for the number of processes,

# Default limit for number of user’s processes to prevent
# accidental fork bombs.
# See rhbz #432903 for reasoning.

* soft nproc 1024

Changing this allowed the number of processes to be increased.

You can convert AIFF files to MP3 using ffmpeg on linux. This works with many other inputs and not just AIFF but in the instance I was testing I needed to convert AIFF.

First you need ffmpeg and libmp3lame which on Ubuntu and Linux Mint can be done with

sudo apt-get install libavcodec-extra-53 ffmpeg

Then use ffmpeg to do the conversion replacing INPUT.aiff and OUTPUT.mp3

ffmpeg -i INPUT.aiff -f mp3 -acodec libmp3lame -ab 192000 -ar 44100 OUTPUT.mp3

Sample,

scott@scott:~/Music$ ffmpeg -i INPUT.mp3 -f mp3 -acodec libmp3lame -ab 192000 -ar 44100 OUTPUT.mp3
ffmpeg version 0.7.3-4:0.7.3-0ubuntu0.11.10.1, Copyright (c) 2000-2011 the Libav developers
built on Jan 4 2012 16:08:51 with gcc 4.6.1
configuration: –extra-version=’4:0.7.3-0ubuntu0.11.10.1′ –arch=amd64 –prefix=/usr –enable-vdpau –enable-bzlib –enable-libgsm –enable-libschroedinger –enable-libspeex –enable-libtheora –enable-libvorbis –enable-pthreads –enable-zlib –enable-libvpx –enable-runtime-cpudetect –enable-vaapi –enable-gpl –enable-postproc –enable-swscale –enable-x11grab –enable-libdc1394 –enable-shared –disable-static
WARNING: library configuration mismatch
avutil configuration: –extra-version=’4:0.7.3ubuntu0.11.10.1+medibuntu1′ –arch=amd64 –prefix=/usr –enable-vdpau –enable-bzlib –enable-libgsm –enable-libschroedinger –enable-libspeex –enable-libtheora –enable-libvorbis –enable-pthreads –enable-zlib –enable-libvpx –enable-runtime-cpudetect –enable-libopencore-amrnb –enable-libopencore-amrwb –enable-version3 –enable-vaapi –enable-libopenjpeg –enable-libfaac –enable-nonfree –enable-gpl –enable-postproc –enable-swscale –enable-x11grab –enable-libdirac –enable-libmp3lame –enable-librtmp –enable-libx264 –enable-libxvid –enable-libopencore-amrnb –enable-version3 –enable-libopencore-amrwb –enable-version3 –enable-libvo-aacenc –enable-version3 –enable-libvo-amrwbenc –enable-version3 –enable-libdc1394 –enable-shared –disable-static
avcodec configuration: –extra-version=’4:0.7.3ubuntu0.11.10.1+medibuntu1′ –arch=amd64 –prefix=/usr –enable-vdpau –enable-bzlib –enable-libgsm –enable-libschroedinger –enable-libspeex –enable-libtheora –enable-libvorbis –enable-pthreads –enable-zlib –enable-libvpx –enable-runtime-cpudetect –enable-libopencore-amrnb –enable-libopencore-amrwb –enable-version3 –enable-vaapi –enable-libopenjpeg –enable-libfaac –enable-nonfree –enable-gpl –enable-postproc –enable-swscale –enable-x11grab –enable-libdirac –enable-libmp3lame –enable-librtmp –enable-libx264 –enable-libxvid –enable-libopencore-amrnb –enable-version3 –enable-libopencore-amrwb –enable-version3 –enable-libvo-aacenc –enable-version3 –enable-libvo-amrwbenc –enable-version3 –enable-libdc1394 –enable-shared –disable-static
libavutil 51. 7. 0 / 51. 7. 0
libavcodec 53. 6. 0 / 53. 6. 0
libavformat 53. 3. 0 / 53. 3. 0
libavdevice 53. 0. 0 / 53. 0. 0
libavfilter 2. 4. 0 / 2. 4. 0
libswscale 2. 0. 0 / 2. 0. 0
libpostproc 52. 0. 0 / 52. 0. 0
[aiff @ 0x100d560] max_analyze_duration reached
Input #0, aiff, from ‘INPUT.aiff’:
Duration: 00:53:17.08, start: 0.000000, bitrate: 1411 kb/s
Stream #0.0: Audio: pcm_s16be, 44100 Hz, 2 channels, s16, 1411 kb/s
Output #0, mp3, to ‘OUTPUT.mp3′:
Metadata:
TSSE : Lavf53.3.0
Stream #0.0: Audio: libmp3lame, 44100 Hz, 2 channels, s16, 192 kb/s
Stream mapping:
Stream #0.0 -> #0.0
Press ctrl-c to stop encoding
size= 74933kB time=3197.13 bitrate= 192.0kbits/s
video:0kB audio:74933kB global headers:0kB muxing overhead 0.000042%

Been following a thread over at Web Hosting Talk today called “WHMCS got hacked?“. It seems their server was compromised by accessing the owners email and using this to gain access to the servers authentication details directly from the hosting provider.

Many questions arise from this and from the information provided so far it looks like very little steps were done to prevent such incidents, most important of all – how did his email get accessed in the first place.

It seems like some basic security steps could have prevented this and most importantly, prevented the leak of all the customers details, credit cards, support tickets, internal emails and a whole treasure trove of information from now circulating through-out the internet.

Following an initial investigation I can report that what occurred today was the result of a social engineering attack.

The person was able to impersonate myself with our web hosting company, and provide correct answers to their verification questions. And thereby gain access to our client account with the host, and ultimately change the email and then request a mailing of the access details.

This means that there was no actual hacking of our server. They were ultimately given the access details.

This is obviously a terrible situation, and very unfortunate, but rest assured that this was no issue or vulnerability with the WHMCS software itself.

We are immediately reviewing all of our hosting arrangements, and will be migrating to a new setup at the earliest opportunity.

I would like to take this opportunity to thank all of you who have sent in messages of support, and offers of help. It has clearly been a very stressful time, and I thank everyone both personally and on behalf of WHMCS for their loyalty and support.

The matter is now in the hands of the FBI.

The attackers have posted much more information at their twitter feed: http://twitter.com/#!/UGNazi