Archive for the "Computer" Category

Install Ioncube Loader while SELinux Enabled

When you install ioncube loader under CentOS 5.x, which has SELinux enabled by default, you will see following error message:

“cannot restore segment prot after reloc: Permission denied”

This is a common problem when you install ioncube with SELinux enabled.

You have a few options here.

You can disable SELinux, edit /etc/selinux/config, look for” SELINUX=”, put “disabled” to the right of “=”, it reads like this “SELINUX=disabled”, when you restart the machine, SELinux will be totally disabled. But when you want to enable SELinux lately, the system will relabel all the files at the boot time, it will take very long time to finish the relabeling process, so disable SELinux is not recommended.

Then you can put “permissive” in place of “disabled”, or run “setenforce 0” on command line(“setenforce 1” re-enable it),  you will see warning messages but SELinux won’t do anything to stop unauthorized access. If you are serious about security, probably you won’t feel comfortable when SELinux is not enforcing it’s rules.

Now you’re ready for the real solution.

When you see the error messages when you restart your HTTP server, run following command(step 1):

audit2allow -l -a -r

You should see the required types and classes being displayed and the permissions you need to load into selinux module, you’re not going to see them all at once, you will have to try a few times(load the  first set of rules if there are still problems, start from step 1 again ) to get all the required types, classes and permissions. Following I will show you how make it work, step by step:

You need to create an file “local.te”, which will hold all the required types, classes and permissions to be loaded in to SELinux module, in our case, you need to add following into local.te:

module local 1.0;

require {

class process {execstack execmem execheap};

class file { ioctl lock append create getattr setattr link relabelfrom unlink write read rename execmod };

type unconfined_t;

type httpd_t;

type httpd_sys_content_t;

};

allow unconfined_t httpd_sys_content_t:file execmod;

allow httpd_t self:process {execstack execmem execheap};

End of code.

When you have the local.te ready, run following command:

checkmodule -M -m -o local.mod local.te
semodule_package -o local.pp -m local.mod
semodule -i local.pp

Now you HTTP server will load ioncube loader without any trouble.

Technorati Tags: ,

Upgrade Kubuntu from 8.10 to 10.04

Starting from a few weeks ago or so, I don’t receive updates on my Kubuntu 8.10 as  usual, I believe 8.10 is being phased out, and I figure that upgrade is long overdue, maybe this is the time to try the latest version, 10.04, which is a Long Term Support version.

Now you can’t just upgrade from 8.10 to 10.04, in fact you have to upgrade from 8.10 to 9.04, then to 9.10, then 10.04, so if you choose to upgrade you will have to do it three times! OK, I said to myself, let’s do it!

From 8.10 to 9.04 went smoothly(though I need to clean up root partition to make room for downloading and unpacking), when the machine(Dell Latitude  E6500) rebooted, I got 9.04 up and running, and in not time I started the upgrade from 9.04 to 9.10, this time it wasn’t going as expected. Almost at the end of the upgrading, there was no room left on the root partition, the upgrade didn’t complain about this, that was the weird thing, and I expected there would be problems. And there it was! When the system rebooted, X server just bailed because no nvidia(my laptop has a nvidia graphics card) kernel module was loaded, it turned out the kernel wasn’t installed correctly due to disk space exhaustion, I was lucky that I only had to remove the broken kernel image package then reinstalled it, reboot, everything was fine. From 9.10 to 10.04 took about 1 hour and 40 minutes(about 40 minutes downloading and 1 hour upgrading), I had 10.04 on my laptop and it’s running great!

In the upgrading process I was doing what I usually do, almost no interruption(except 5 minutes to fix 9.04 to 9.10 problem), I have to say I am amazed but not surprised, Linux has come of age, not only on server, but also on desktop, mobile devices and much more, I have been a Linux user for more than 11 years, I still find something new almost every day. I can’t imagine what the computing will be if there is no Linux.

Technorati Tags: , ,

Increase the speed of Firefox, tips to improve performance

Her eare a handful of tips to improve the speed of Firefox. While Firefox is a great browser, it some times fails and crashes, especially firefox 3.0 and you could easily fix this issue with a little bit of tuning the browser settings.

In fact, there are few times where launching Firefox itself is a much heavier task for the machine, like how the same kind of problem occurs with Safari, the browser which is simply a part of the operating system in MAC computers. And for this reason more and more people are moving towards Chrome which launches just in a second.

By modifying the way Firefox handles certain functions, we can not only improve the performance of the browser, but the speed with which pages load.

Reduce the amount of RAM Firefox uses for its cache feature

1. Type “about:config” (no quotes) in the adress bar in the browser.
2. Find “browser.sessionhistory.max_total_viewer
3. Set it’s value to “0“;(Zero)

Increase the Speed at Which Firefox loads pages

1. Type “about:config” into the address bar and hit Enter.
(Normally the browser will make one request to a web page at a time. When you enable pipelining it will make several at once, which really speeds up page loading.)

2. Alter the entries as follows:
Set “network.http.pipelining” to “true
Set “network.http.proxy.pipelining” to “true
Set “network.http.pipelining.maxrequests” to some number like 10.

This means it will make 10 requests at once.

3. Lastly, right-click anywhere and select New-> Integer. Name it “nglayout.initialpaint.delay” and set its value to “0“;.(Zero)

This value is the amount of time the browser waits before it acts on information it receives. If you’re using a broadband connection you’ll load pages faster now.
Optionally (for even faster web browsing) here are some more options for your about:config (you might have to create some of these entries by Right Click –> New– > Interger or String

network.dns.disableIPv6: set “false”
content.notify.backoffcount”: set “5“; (Five)
plugin.expose_full_path”: set “true”.
ui.submenuDelay”: set “0; (zero)

Reduce RAM usage when Firefox is minimized:

This little hack will drop Firefox’s RAM usage when minimized:

1. Open Firefox and go to the Address Bar. Type in about:config and then press Enter.
2. Right Click in the page and select New -> Boolean.
3. In the box that pops up enter “config.trim_on_minimize”. Press Enter.
4. Now select True and then press Enter.
5. Restart Firefox.

Now you can try these tricks!

Technorati Tags: , , ,

Reduce consumption of RAM to use Firefox cache

* Type “about:config” in the browser bar
* Search browser.sessionhistory.max_total_viewer
* Set the value to 0

What we are changing here, as per the Firefox Knowledgebase is that we are reducing the number of pages stored in your Firefox cache. That is the number of pages that are stored in memory so that when you click on the “Back” button, there is a least delay in the loading time of the page.

Setting the value to 0, helps to recover the RAM, because Firefox does not save pages in the cache, but if you decide to go back then it will force the browser to reload the page completely.

You can experiment with different settings (the default is -1, which calculates the number of cached pages, according to available RAM).

Technorati Tags: ,