ArghWebWorks

PHPGreetz is an open source, free, and powerful php site building tool- it’s designed to help you build a greeting card website.

Are you using it?

If so- not only is it under active development, but a large hole has been found in the code allowing an unfriendly to execute whatever code they want. Here’s the details… phpgreetz exploit.

Included code like this one are fairly easy to create; fixing them is another matter.

I had an extremely embarrasing moment this morning when I discovered that our MySQL replication wasn’t working, and hadn’t been working all weekend. We had some mission critical services that failed miserably when we didn’t get the systems back up right.

I scribbled this together to hopefully warn me when it happens again.

[code]

use strict;
use Getopt::Long;
use vars qw($opt_V $opt_w $opt_c $opt_h $PROGNAME);
use lib "/usr/lib64/nagios/plugins" ;
use utils qw(%ERRORS &print_revision &support &usage);

$PROGNAME = "check_simplereplication.pl";

sub print_help ();
sub print_usage ();

$ENV{'PATH'}='';
$ENV{'BASH_ENV'}='';
$ENV{'ENV'}='';

Getopt::Long::Configure('bundling');
GetOptions
("V" => \$opt_V, "version" => \$opt_V,
"h" => \$opt_h, "help" => \$opt_h,
"w=s" => \$opt_w, "warning=s" => \$opt_w,
"c=s" => \$opt_c, "critical=s" => \$opt_c
);

if ($opt_V) {
print_revision($PROGNAME,'$Revision: 0.5 $');
exit $ERRORS{'OK'};
}

if ($opt_h) {print_help(); exit $ERRORS{'OK'};}

($opt_w) || usage("Warning threshold not specified\n");
my $warning = $1 if ($opt_w =~ /([0-9]{1,2}|100)+/);
($warning) || usage("Invalid warning threshold: $opt_w\n");

($opt_c) || usage("Critical threshold not specified\n");
my $critical = $1 if ($opt_c =~ /([0-9]{1,2}|100)/);
($critical) || usage("Invalid critical threshold: $opt_c\n");

my @rawinput = `echo "show slave status\\G" | /usr/bin/mysql -uUSER -pPASS `;
chomp( @rawinput );
my @vararray;
my $var, my $val=0;
for (@rawinput) {
( $var, $val) = split /:\s+/ ;
@vararray[$var]=$val;
}

my $lag = $vararray['Seconds_Behind_Master'];
my $missing = $vararray['Read_Master_Log_Pos'] - $vararray['Exec_Master_Log_Pos'];
my $msg = 'OK';

if ( $lag eq 'NULL' ) { $msg = "CRITICAL"; }
if ( $lag > $critical ) { $msg = "CRITICAL"; }
if ( $lag > $warning ) { $msg = "WARNING"; }

print "$msg| lag:$lag missed:$missing\n";

sub print_usage () {
print "Usage: $PROGNAME -w -c \n";
}

sub print_help () {
print_revision($PROGNAME,'$Revision: 0.5 $');
print "Copyright (c) 2005 Russell Gilman-Hunt

This plugin uses the 'show slave status' command in mysql to check replication status.

";
print_usage();
print "
-w, --warning=INTEGER
Number of seconds before a warning status will result
-c, --critical=INTEGER
Number of seconds before a critical status will result
";
support();
}
[/code]

I got this working today on one of the new servers at work. The goal is not a hundred percent achieved; I want each user to come from a database and be assigned to their /home/username/www directory, and I’d like them to be able to upload and download files in that director. I’m still working out the details: I think I need to chown all the www directories to my guest_username in vsftpd.conf ( ftp ). But that won’t help a lot if the user logs in via ssh; apparently some users might get ssh access.

First, I had to modify the /etc/vsftpd/vsftpd.conf file to look like this:

[code]
guest_enable=YES
guest_username=ftp
virtual_use_local_privs=YES
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
chroot_local_user=YES
chroot_list_file=/etc/vsftpd/chroot_list
ls_recurse_enable=YES
text_userdb_names=YES
use_localtime=YES
user_sub_token=$USER
local_root=/home/$USER/www
hide_ids=YES
pam_service_name=vsftpd
listen=YES
tcp_wrappers=YES
[/code]

The user_sub_token has to be part of the local_root variable. That problem tripped me up for a bit. I did a bunch of testing with the pam_mysql plugin. My /etc/pam.d/vsftpd file looks like this:

[code]
#%PAM-1.0
auth required /lib64/security/pam_mysql.so user=sqluser passwd=sqlpwd host=localhost db=hosting_aff_com table=users usercolumn=username passwdcolumn=password crypt=0
account required /lib64/security/pam_mysql.so user=sqluser passwd=sqlpwd host=localhost db=hosting_aff_com table=users usercolumn=username passwdcolumn=password crypt=0
[/code]

I don’t think this is quite done yet either, because I need to allow shell-users to be able to log in, which I think means adding more auth and account lines and changing ‘required’ to ’suffices.’

I’ve been sentenced and done my time working with Microsoft tools. I spent a long two years administering an IIS server / SQL server combo for the Internet marketing arm of a publisher. I am an MCSE, although it’s getting kind of long in the tooth and overgrown. I still have the MCSE’s first response to an unknown error. (Reboot it).

But it appears that not only does Microsoft do the absorb and extend trick, but also they learn from prevailing winds in the market. They’re offering SQL Server for free. You can actually download a fair sampling of their back-office software, register for a key (or download an ISO) and be up and running within a day. That’d be pretty awesome if I wanted to take my eyes from my current project and start working with their technology again.

But it’s good knowing where they are, so I can sort of keep them located on a mental map of me, them, and what I want.

I do a lot of PHP scripting at home. My code, however, has grown from a self-taught amorphous blob of for-next loops and mysql_fetch_row function calls to a non-elegant, probably archaic, definately arcane, knowledge base.

It’s not just me, either; the last few places I’ve worked as a PHP programmer have had their own code libraries; which are good things, don’t get me wrong. In fact, I’m developing my own (because I’m tired of rewriting a database object every time I start a new project. ) However, after working one place where we had a series of nested objects calling each other by reference, I’m concerned about code optimization. I want to cut down on the time my scripts spend doing … basically doing nothing for the end-user. I want to know where the bottlenecks in my code are.

So as part of my system initialization script (gets called first in my code base, and sets up a Smarty object and Pear objects), I’ve also got a test to see if the computer is my home linux box, and if it is, to initialize the APD.

This nifty little gem will output memory usage, function trees and execution time. It sure beats using a set of microtime() calls and printing the differences!

One thing to be aware of when doing this bash loop; the ssh that runs within the loop won’t have the full environment variable set for the user on the remote computer. So if you have two versions of php, you may be checking the version of the wrong one.

Not that this would happen, mind you… *blush*

I consider myself a very basic Bash Scripting kind of guy. I like it, it feels a lot like basic, and I’m sure I’ll get better at it. Today, I was playing with a for-next loop.

I have several servers I’m in charge of, and I have ssh set up so I don’t have to type a password when I want to connect to them. So at the prompt, I can type this:
[code]
$ for i in server1 server2 server3
> do ssh $i uname -a
> done
[/code]
and the computer will connect to the servers in sequence and run the uname -a command (which tells some specific things about the linux kernel).

This is useful because I am trying to make these different servers all the same. And I can run programs with the version flag ( mysql -v ) and figure out which ones need to be upgraded. Or if I got better at this, I could use awk and sed to modify the hosts file, or an initialization script, or whatever. It’s true that I could use some other tool (like cssh; cluster ssh ), but this would be a primitive way to manage it