Tag Archives: anger

How To Destroy Your Web Server and Ruin Your Night

Posted by on May 22, 2013 1 comment

You could say I have a fairly healthy interest for the systems admin side of tech. I wouldn’t say I’m an expert, but I think I could get by as an entry to mid level admin. Though that certainly doesn’t stop me from doing some colossally stupid things with my personal server(s).

...

As of right now, I have two hosted VPSs, including the one that this blog runs on. This server is supposed to be my “production” server, so it’s as locked down as I can make it, with only the necessary services running. Beyond that, the next cardinal rule of managing a production environment is testing software updates somewhere else before you run them on the production machine(s). Even though I’m fully aware of this rule, and of the possible ramifications of not following it, I’m usually – read: always – too lazy to test updates on a mirrored environment first. Cue ominous music.

That feels about right

That feels about right

The Incident

Yesterday before I left for the gym, I decided to log into my server and run, just like I do every couple of weeks, probably the most dangerous command I have in my bash aliases.

alias update='sudo apt-get check && sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade && sudo apt-get autoclean'

A command that I’ve run hundreds of times without incident, until now. After running the command and clearing my terminal, I went through my typical cursory check of this site before heading out to the gym.

Pictured: Brief confusion, before panic sets in.

Pictured: Brief confusion, before panic sets in.

No. F$@KING. Way!

Debugging – Panic Style

I was so confused, I failed to realize I was getting the default apache page, when…you know…this is supposed to be an nginx only box… I checked the site config files and “restarted” nginx and php-fpm a couple of times before I realized apache was somehow installed and running. I shut down the apache process, thinking it was just conflicting with the nginx process, but what I didn’t realize was that nginx was somehow uninstalled from the system!

Crap! Crap! Crap! Crap! Crap!

More investigation revealed that not only had nginx been uninstalled, but so had php-fpm! No wonder restarting though the /etc/init.d/ executables did nothing. What exactly did I miss?!

mistake

That would explain it…

This is what happens when you do this crap in a hurry! But no big deal, the configs all seemed to be intact, just install everything again and we are back in business. Right?

~ $ install nginx-full
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
nginx-full : Depends: libgeoip1 (>= 1.4.8+dfsg) but 1.4.7~beta6+dfsg-1 is to be installed
Depends: libpcre3 (>= 8.10) but 8.02-1.1 is to be installed
Depends: libssl1.0.0 (>= 1.0.1) but it is not installable
E: Broken packages

Wait…what? Why the hell are the nginx/php packages dependant on library versions that don’t exist or are uninstallable?!

Dreadful Realization

At that moment, I remembered something a friend told me a few days prior: Debian 7 was just released. Somehow I was trying to install packages in Debian 6, that had dependencies on libraries in Debian 7! But how?!

Now we add Dotdeb, a great resource for debian installs that provides bleeding edge packages for a stable and up to date LA(/E)MP stack. Update your /etc/apt/sources.list to include the repo:

deb http://packages.dotdeb.org stable all
deb-src http://packages.dotdeb.org stable all

Then add the GnuPG key:

wget http://www.dotdeb.org/dotdeb.gpg
apt-key add dotdeb.gpg

- Adventures With Nginx and PHP

Ohhhhhhh

Using Dotdeb is very simple:

1. Add the main repository to your sources.list

Depending on your distribution (Wheezy or Squeeze), add these two lines to your /etc/apt/sources.list file (you can also choose a mirror near you) :

deb http://packages.dotdeb.org wheezy all
deb-src http://packages.dotdeb.org wheezy all

or

deb http://packages.dotdeb.org squeeze all
deb-src http://packages.dotdeb.org squeeze all

2. Options

If you want to install :

  • PHP 5.4 on Debian 6.0 “Squeeze”, add these two lines too :
    deb http://packages.dotdeb.org squeeze-php54 all
deb-src http://packages.dotdeb.org squeeze-php54 all

- Dotdeb Instructions

OHHHHHHHH

HOLY CRAP I NEVER SPECIFIED THE VERSION OF DEBIAN!

 Cleaning Up My Mess

It’s not such a big deal to screw up, as long as you can fix it, right? Well that’s what I’m going with here.

I followed Dotdeb’s (updated) instructions to specify the version of Debian I was using, and tried to install stuff again.

The following packages have unmet dependencies:
nginx-full : Depends: nginx-common (= 1.4.1-1~dotdeb.0) but 1.4.1-1~dotdeb.1 is to be installed

What a nightmare! Thankfully one that isn’t ridiculous to work through. After running

sudo apt-get autoremove

I was finally able to successfully reinstall all of the packages I accidentally removed

Woo hoo!

Woo hoo!

Word of Warning

While I was writing this post, and further investigating what happened, I discovered that there is something…strange with the Dotdeb PHP 5.4 packages. I would not recommend using them with Debian 6 (squeeze) just yet, especially if you want to install PHP extensions like mcrypt or suhosin.

If you end up with issues installing PHP extensions you’ll want to find out what PHP components you have installed that are 5.4, and remove them with apt. In a similar setup as mine, you’ll want to remove php5-fpm and php5-common to clean up all of the problematic components.

dpkg

After that, you should just be able to install PHP 5.3 along with whatever extensions you need!

Kicking The Hornet’s Nest

Posted by on January 17, 2012 No comments

Seems Congress, along with their buddies Big Content, have been hard at work trying to piss off the entire internet. Now for the first time in recent memory, Congress seems to have actually accomplished something.

The SOPA/PIPA bills cannot be allowed to sneak through our system so, even though I am a little late to the game announcing it, I will also be switching off this site in protest with the help of a handy plugin.

See you folks on the other side.

Verizon Galaxy Nexus RANT

Posted by on December 8, 2011 No comments

Saw this on reddit, felt it was appropriate.

Verizon Really Grinds My Gears

Posted by on December 8, 2011 No comments

I have to admit, I cycled through a lot of titles for this post that were far more… colorful, but in the end I decided to try and keep it classy.

What am I pissed about this time? Two words: Galaxy Nexus. More to the point, where the hell is it?! There have been more than a few rumors flying around, enough to the point where lot’s of the fanboys I know waiting for this blasted phone (myself included), are getting burned out. The newest batch, pointing to December 8th or 9th, promptly got debunked right after they managed to rekindle my hope I would actually get this phone before 2011 was out.

fffuuu

Curse you Verizon, curse you and your torments

I have always been one for gadgets, I understand the hype machine that all of the companies subscribe to. Though as I am sure most who have been following this phone’s development would agree, this instance has seemingly “jumped the shark.” The worst part being the phone has actually been released, it is tangible, and has been in the hands of Android fans in Europe for months. Yet we still wait, with no word as to why, goodness knows Verizon isn’t saying anything. All we know is that there have been mysterious “delays” halting Verizon from getting this damned phone into my/our patiently awaiting hands.

galaxy-nexus-aliens

Who is *really* to blame for the Galaxy Nexus delays?!

Conveniently enough, these mysterious delays have been followed up by some unsettling rumors about the phone, and more importantly, how Verizon is screwing with it.

That’s why it’s so sad to see Verizon block people from using Google Wallet (Verizon Galaxy Nexus users won’t see the Google Wallet app in the Android Market). Especially on a reference phone like the Galaxy Nexus that should represent the purest Android experience. Plus it’s a dick move, presumably because Verizon will eventually be pimping its own phone payment service, ISIS (which Verizon is working on with AT&T and T-Mobile), over Google’s. ISIS sounds promising but it hasn’t launched yet and, well, when was the last time carriers did something good for you?

To me this stinks as one of the reasons for the delay, Big Red hard-balling Google into letting them disable the ability to use Google Wallet, then having to figure out how to do it while still allowing for ISIS to work in the who-the-hell-knows-when future. The Nexus line of phones is supposed to represent pure, untampered Android: Google’s vision for the OS and cutting edge hardware to show off how it’s meant to be experienced. But that’s not what we seem to be getting here.

…the Verizon version of the Samsung Galaxy Nexus will indeed have two bloatware apps. Both My Verizon Mobile and Backup Assistant will come preloaded…

Sure these are only two apps, and fairly utilitarian ones at that, but that doesn’t matter to me. I just want a clean slate! This leads me to my next theory that I have been toying with during this maelstrom of rumors: further delays are being caused by Verizon having a tough time with the new app disabling feature in Ice Cream Sandwich. Sure this phone will only have 2 Verizon apps on it, but will I be allowed to remove them? Will I even be allowed to disable them? If not on both accounts, then where does that leave us on future ICS handsets? Right back where we started, stuck with either having a bunch of apps we don’t want cluttering our devices or having to root the phone and go with a custom ROM. All just to make your phone actually yours!

Really I just hope above all else that this post was all for naught, Verizon finally pulls their collective heads out of their collective asses, and I can finally get a new phone!

Just release the damn phone!

My Only Problem With Mint (and It’s Not Their Fault)

Posted by on August 26, 2011 No comments

I would venture to say that anyone who is reading this has heard of Mint, the wonderful web app to manage your whole financial life.

mint

They didn't pay me to say any of this, I swear.

After a quick stint using Quicken, I discovered Mint, switched everything over, and never looked back. I guess that shows how good a decision Intuit made when they bought them, since I couldn’t of been the only one that jumped ship. With the constant stream of new features and improvements, not only on their site, but also their iPhone and Android apps, it would be pretty foolish to use anyone else in my opinion.

With the fawning over them finished, let’s move on to the problem I have with Mint, and really all applications like it: security. Whenever I add an account on Mint I of course need to supply my login information to the account, along with any security questions and answers. To me this feels…awful, I get that Mint prides themselves on security, but that doesn’t really make me feel any better having all of that information stored in one place that I have no control over.

data-security

Security through chaining your datacenter and launching it into orbit!

Do I blame Mint on having to ask for all of my account credentials? No, of course not. The real problem is that banks do not make it simple or secure for Mint and other apps to collect the data they need to be useful. With the increasing complication of personal finances, more and more people will inevitably move to using Mint and its like, so banks should make it one of their top priorities to allow you to liberate your data.

bankers

Look at these guys, most of them probably don't even know what "an internet" is.

My suggestion is this, banking institutions adopt some sort of authentication method which allows trusted applications to access a read-only data store that only contains: a times stamp, description, and amount . Something similar to how you can allow other apps access to your twitter account without having to give them your username and password. This would also solve the incredibly annoying problem of certain accounts randomly not being able to refresh because you once again have to enter in the answer to a security question.

Will this happen in my lifetime? Probably not, considering how notoriously resistant to change the financial industry is. I can dream though can’t I?

Performance Optimization WordPress Plugins by W3 EDGE