BigSmoke

Smokes your problems, coughs fresh air.

Page 20 of 52

Often used Eagle parts and packages

Everytime I work with Eagle, I need to dig deep to remember which libraries and packages I used. Here’s a memory aid:

  • Pinheaders for flatcable: library con-lstb
  • Pinheaders for PC-fan like connectors: con-molex
  • Big single pin connectors: testpad or wirepad.
  • Fuse holder: lib: fuse, package: SH22,5A
  • Connector ‘printkroonsteen’: lib con-ptr500, part ak500/3 ak500/2 etc
  • Smaller footprint for high current diode: package diode, part DIODE-DO41-7.6

More to come…

Adding a disk to a RAID5 array on a 3Ware array with tw_cli

I wanted to know if I could extend the size of a RAID5 array on the 3Ware 9650SE, so I tried something.

I first had this:

# tw_cli /c0 show
Unit  UnitType  Status         %RCmpl  %V/I/M  Stripe  Size(GB)  Cache  AVrfy
------------------------------------------------------------------------------
u0    RAID-5    OK             -       -       256K    5587.9    RiW    ON
 
VPort Status         Unit Size      Type  Phy Encl-Slot    Model
------------------------------------------------------------------------------
p0    OK             u0   1.82 TB   SATA  0   -            ST32000542AS
p1    OK             u0   1.82 TB   SATA  1   -            ST32000542AS
p2    OK             u0   1.82 TB   SATA  2   -            ST32000542AS
p3    OK             u0   1.82 TB   SATA  3   -            ST32000542AS
p4    OK             -    1.82 TB   SATA  4   -            ST32000542AS
 
Name  OnlineState  BBUReady  Status    Volt     Temp     Hours  LastCapTest
---------------------------------------------------------------------------
bbu   On           Yes       OK        OK       OK       0      xx-xxx-xxxx

A 4 disk raid 5 and one extra disk.

Then I did this:

# tw_cli /c0/u0 migrate type=raid5 disk=4
Sending migration message to /c0/u0 ... Done.

Then I have this:

# tw_cli /c0/u0 show
 
Unit     UnitType  Status         %RCmpl  %V/I/M  Port  Stripe  Size(GB)
------------------------------------------------------------------------
u0       Migrator  MIGRATING      -       0%      -     -       -
 
su0      RAID-5    OK             -       -       -     256K    5587.9
su0-0    DISK      OK             -       -       p0    -       1862.63
su0-1    DISK      OK             -       -       p1    -       1862.63
su0-2    DISK      OK             -       -       p2    -       1862.63
su0-3    DISK      OK             -       -       p3    -       1862.63
su0/v0   Volume    -              -       -       -     -       50
su0/v1   Volume    -              -       -       -     -       5537.9
 
du0      RAID-5    OK             -       -       -     256K    7450.54
du0-0    DISK      OK             -       -       p0    -       1862.63
du0-1    DISK      OK             -       -       p1    -       1862.63
du0-2    DISK      OK             -       -       p2    -       1862.63
du0-3    DISK      OK             -       -       p3    -       1862.63
du0-4    DISK      OK             -       -       p4    -       1862.63
du0/v0   Volume    -              -       -       -     -       N/A
du0/v1   Volume    -              -       -       -     -       N/A

su0 and du0 are probably source and destination, giving me a new and bigger u0 at the end. But this is going to take a week to migrate, so I won’t know for a while… (edit: I contacted 3Ware support and they said the change in size is only seen after driver reload, which means a reboot in most cases).

Create a remote repository and branch with bzr

Create a shared remote bzr repository:

bzr init-repo --no-trees sftp://development@server.example.com/srv/bzr/project/
bzr init sftp://development@server.example.com/srv/bzr/project/trunk
bzr co sftp://development@server.example.com/srv/bzr/project/trunk project 

The docs all create a repos in /srv/bzr in which branches are created, but to me, it seems illogical to put all your projects in one repository. So, I create one per project.

Ubuntu Desktop Linux and Acer TravelMate 7513WSMi

My youngest sister has retired her big-ass (17″) Acer TravelMate (model 7513WSMi 7510) with a more modern offering from Sony. That was last year. Now, she thought it’d be a good idea to donate it to our oldest sister. But since the thing has always “run” like a pig with Windows Vista, her girl-geek instincts thought it better if I’d equip the old monster with Ubuntu Linux instead.

AMD 64bit

I’m also considering upgrading my own laptop to 64 bit. (They’ve told me that, really, the 32 bit age is over.) So, the first thing I’m trying to find out (now that I’m getting on the 64 bit train) is if this thing supports 64 bit. I can’t really think of a quick way to find out, so I’m just going to create a 64bit installation CD and see how that works.

Or, I could have just popped open the hood to see the “AMD Turion64x2 Mobile Technology” sticker. 😯

Installation

After changing the boot order, the installation CD (burned from my T61 using “wodim -data ubuntu-10.10-desktop-amd64.iso”) seems to be booting despite the worrying sounds that seem to indicate that the laptop is trying to rip apart and eat the disc.

I’m surprised how good the current installation program looks and that it asks me if I want to “download updates while installing” and “install third-party software”. Nice.

Great idea to ask all the annoying questions (timezone, etc.) during installation instead of after! I’m amused with how much I’m behind the time if I see all the promotional screens for new and improved software which is meant to keep me inspired during the installation process. “OpenOffice.org is fully compatible with Microsoft Office[…]” Am I really that much behind with the times? Nah, I can’t imagine. I must still have some very, very nasty Excel sheet lying around somewhere, gathering dust. If I feed that monster of a thing to OpenOffice, then I’m pretty sure… Yeah, that’s going to be fun. 😈

Post-installation configuration

I had expected to spend at least an hour or two hunting around forums to find solutions for obscure driver-related issues and other nuisances. But no issues popped up. It just worked. Ubuntu is very compatible with the Acer TravelMate 7513WSMi! 😀

So, I spent some of the time saved on setting a user pic and a few other niceties, but I refrained from doing anything fancy, because I’ve figured out a new sister support strategy that I might blog about later. (It involves a four-hour work-week…)

[For my own reference, I started on the first draft of this post on Januari 14.]

Making a shell-script run with setuid root

If you want to run a process with root privileges that you can invoke as a less unprivileged user, you can make the program setuid root. This can be very useful, for example, when you want a PHP or CGI script to call a backup process, or to create a new site or irrevocably delete you whole system. The latter example points to a serious security problem: if anyone can figure out a way to make your program do something you don’t want, you’re screwed, because you just gave them root privileges to wreak maximum havoc. That’s why, normally, scripts (anything executed by an interpreter by the kernel because of a shebang) won’t get elevated privileges when you set their setuid bit.

To understand the setuid bit, let’s first see what happens when I try to cat a file that belongs to root:

su -
# I am now root; fear me
touch no-one-can-touch-me
chmod 600 no-one-can-touch-me
cat no-one-can-touch-me
# cat: Permission denied 

Next, I’ll create a shell script that cats the file:

#!/bin/bash
 
cat no-one-can-touch-me

And make the script setuid root:

su -
chown root:root script.sh
chmod +xs script.sh

If I now execute the script, I still get the permission denied. What I need to make this work is a wrapper program. For that, I refer to Wiebe’s post about the same subject. (Yeah, I know: why bother publishing this if Wiebe already did an excellent job explaining? Well, I just hate to throw away an otherwise fine draft.)

Executing system commands from PHP with SUID executable.

If you want to execute system commands from something like PHP, you need a SUID executable which you can call from your PHP scripts. This is such a script. It could be extended to support parameters for the commands you want to execute, but that would be an enormous security risk, because then anybody can execute any command. If you need something as flexible as that, you need to think about adding some kind of security restrictions, like a list of allowed commands.

When writing this, it occurred to me how unnecessary this all is. I will explain below. First, I will describe the old way.

Here is the c source code, as written for our backup script, bsbackup.sh:

// Wrapper for the bsbackup.sh shell script, to be able to run it as root when
// started from a webserver, for example. Set the resulting executable to SUID
// root.
 
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <errno.h>
#include <error.h>
 
int main(int argc, char *argv[], char *envp[])
{
    int set_uid_result;
    int effective_user_id;
    int execute_script_error;
    char* script;
 
    effective_user_id = geteuid();
 
    // Set real and effective user ID
    set_uid_result = setreuid(effective_user_id, effective_user_id);
 
    if (set_uid_result != 0)
    {
        printf("Failed to set user id\n");
        return 1;
    }
 
    script = "/usr/local/sbin/bsbackup.sh";
 
    // This does not return on success.
    execve(script, argv, envp);
    execute_script_error = errno;
 
    // Show a fancy error message.
    error(execute_script_error, execute_script_error, script);
 
    // Shouldn't be necceary, but you never know.
    return 1;
}

To compile:

gcc -o bsbackup bsbackup.c

You can then run this inside PHP:

// The 2>&1 makes all error messages appear on stdout, for easy capturing.
passthru('/usr/local/sbin/bsbackup usb_backup 2>&1');

As I said, when writing this, it all became very clear to me that it is quite useless. One can also install sudo, run visudo and put this in (assuming your webserver runs as www-data, like on (Debian and Ubuntu):

www-data ALL = NOPASSWD: /usr/local/sbin/bsbackup.sh

Then in PHP, just run this:

passthru('sudo /usr/local/sbin/bsbackup.sh usb_backup 2>&1');

I haven’t tested whether specifying the parameters after the script in the passthru actually works, but I think so. If not, you can just write a wrapper script around the command you’re going to execute.

See what you like best 🙂

« Older posts Newer posts »

© 2024 BigSmoke

Theme by Anders NorenUp ↑