Archive for the ‘tips’ Category

MySQL Error in the errmsg.sys file

Friday, August 5th, 2011

I came across a simple fix for an odd MySQL issue. We recently had a MySQL server that needed to be restored from backups. After reinstalling all the essentials and importing the data, the database engine wouldn’t start. The log file indicated the following error.

[ERROR] Error message file '/usr/share/mysql/english/errmsg.sys' had only 481 error messages,
but it should contain at least 641 error messages.

After some googling, I found that some of the official RPM packages for MySQL actually contain the incorrect errmsg.sys files. The recommended fix listed on several sites was to either recompile from scratch or, vaguely, to “replace it with the correct errmsg.sys file.” I decided to try the vague reference and make it more specific here.

  • First, determine the version of MySQL installed. In our case it was 5.1.56
  • Second, locate a zip file of the raw uncompiled tar.gz of that version. I used http://mysql.llarian.net/Downloads/MySQL-5.1/mysql-5.1.56.tar.gz
  • Third, download and extract the file to a location of your choosing.
    cd /usr/local/src
    wget http://mysql.llarian.net/Downloads/MySQL-5.1/mysql-5.1.56.tar.gz
    tar -zxf mysql-5.1.56.tar.gz
  • Fourth, backup the existing errsg.sys file.
    mv /usr/share/mysql/english/errmsg.sys /usr/share/mysql/english/errmsg.sys.old
  • Fifth, copy the errmsg.sys file from the extrated source code to the live location.
    cp /usr/local/src/mysql-5.1.56/sql/share/english/errmsg.sys /usr/share/mysql/english/errmsg.sys

After that’s done, MySQL should start normally unless it encounters other errors.

-Mark Kraus
Senior Systems Administrator

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon

How to Identify a Matching SSL Cert and Key

Friday, August 5th, 2011

Sometimes when needing to install or reinstall an SSL cert the key file used to generate the cert becomes misplaced, rendering the certificate useless. This can especially be a problem when installed via a control panel where the key is stored in the underlying filesystem. If multiple requests were generated the key file which was used may not match the one that is currently in place. When attempting to install the certificate you may receive an error that the key file does not match, though it is fairly easy to identify the appropriate key using the OpenSSL command line utility.

To see the full details used for a certificate (such as the Common Name, issuer, expiration date, etc.) you can run the following command against the certificate:

[root@host ssl.crt]# openssl x509 -text -noout -in somedomain.cer

which will produce full details about the certificate in question, including what is referred to as the ‘modulus’. To single out a particular piece of information, you can ‘grep’ for the particular line of output you are looking for, or the command can be modified with the specific parameter, such as:

[root@host ssl.crt]# openssl x509 -subject -noout -in somedomain.cer

will tell what specific hostname(s) the certificate was registered for, while

[root@host ssl.crt]# openssl x509 -enddate -noout -in somedomain.cer

will tell you when the certificate will expire.

The easiest way to identify the particular key file that matches this cert is to look at the modulus:

[root@host ssl.crt]# openssl x509 -modulus -noout -in somedomain.cer

this will produce several lines of output, which in itself can be a bit tricky to compare visually:

Modulus=C81B0D3BB43343E779F34BC6371F3AF4E8F9031FFD6DD01D15B

A9BEC1242008C9EFD468132BA7DFGBC7CFAB9F938BE534F3BDC96EF58FF

4EE640154C6243CE1B1C2787D22306E25E86A9A5F3759B14C2A890F4006

9B975830147E0772337AEC058B8AC2CF3356EEE4F8619FE2FB2F578C4EB

B8D46EB15E47B5E44C28A5C3462D

 

The solution is to pipe this output to the ‘md5sum’ (or simply md5 on some os’s) command:

[root@host ssl.crt]# openssl x509 -modulus -noout -in somedomain.cer | md5sum
cd75b831054e4418f7bf7fe0fc5b609a -
[root@host ssl.crt]#

If you use the same option against the key file you can easily match up the specific one used to generate this cert:

[root@host ssl.crt]# openssl x509 -modulus -noout -in somedomain.cer | md5sum
cd75b831054e4418f7bf7fe0fc5b609a -
[root@host ssl.crt]# openssl rsa -modulus -noout -in ../ssl.key/somedomain.key | md5sum
cd75b831054e4418f7bf7fe0fc5b609a -
[root@host ssl.crt]#

This output is much easier to compare and will only match for the specific files which correspond with each other.

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon

Using a Content Management System (CMS)

Monday, August 1st, 2011

Content management systems have been around for many years and while they have their pitfalls, they also offer a tremendous advantage over hand coded HTML websites. The primary difference is that the content management system provides you with a web-based interface to modify the contents of your website. If you are unfamiliar with HTML, this prospect might scare you. However, if you know how to use email than you have enough skills to use a content management system and update the content on your website by yourself.

Even designers are using content management systems for the final product because it’s much easier to hand off the completed website and a fully functioning back end control panel that empowers their clients to make changes without having to call the designer every time they want to add a new sentence or change a heading. There are lots of content management systems available but WordPress is probably the most commonly used. It’s easy to install, easy to manage and even easier to use. If you have a complex website that is database driven or have some special function that you think might be incompatible with WordPress, it’s very likely that the developer can integrate that functionality into WordPress and still give you enough control to make changes to your content without whacking all of the code that they created.

The thing that blows me away about Word press and other content management systems is that there is literally an army of developers who create widgets and plug-ins for WordPress and most if not all, are free. So if you need to add a scheduling function to your website, you can typically just search the plug-ins and find one that you like and that is rated very highly by other users, then easily add that your website yourself. This whole process could take (5) or (10) minutes as opposed to (5) or (10) days with a developer, and your cost is nothing.

Another cool thing about WordPress is that it runs on open source operating systems (you can run it on Windows too) and WordPress itself is totally free. So you can essentially run this free application on a server running an open source operating system and open-source web server software like Apache. WordPress is also a very light weight application so it will only use a small amount of resources on the server. This doesn’t mean that WordPress is not capable of serving up millions of webpages because it certainly is. In fact, there are tremendous amount of very popular blogs and websites running WordPress right now that serve tens if not hundreds of millions of page views monthly.

While WordPress is not for everyone and content management systems in general are not always a good fit, they’re certainly worth a look if you’re tired of waiting around for your Web designer or developer to return your phone call or email because you need to update the telephone number on your website.

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon

Exim Line Mismatch Error

Friday, July 29th, 2011

From time to time I run across an Exim mailserver whose mail queue has become corrupted. This can often happen if the server has unexpected reboots or crashes while processing a large queue and loses data as a result.

Say I notice exim is taking a lot of resources on the server and want to see what’s going on. First I may look to see how many messages are in the queue:

[root@mailserver ~]# exim -bpc
11078
[root@mailserver ~]#

Wow, that’s a lot of messages for most servers, even for shared hosts. (this server was generating a ton of bounces for various reasons, but that’s another story.) The large queue was becoming corrupt often, so that when I actually tried to drill down on queued messages I would get strange errors. Here I want to see what’s in the queue from the past hour.

[root@mailserver ~]# exiqgrep -y 3600
Line mismatch: 5h 1Qmr1H-0005ql-So
[root@mailserver ~]#

What’s this? I decide to freeze the offending message-id:

[root@mailserver ~]# exim -Mf 1Qmr1N-0005rj-BM
Spool data file for 1Qmr1N-0005rj-BM does not exist
[root@mailserver ~]#

Ahh, exim has lost the spool file for this message so I can remove the message:

[root@mailserver ~]# exim -Mrm 1Qmr1N-0005rj-BM
Spool data file for 1Qmr1N-0005rj-BM does not exist
Continuing, to ensure all files removed
Message 1Qmr1N-0005rj-BM has been removed or did not exist
[root@mailserver ~]#

But chances are if this happened to one, there are more to follow:

[root@mailserver ~]# exiqgrep -y 3600
Line mismatch: 5h 1Qmr1N-0005rm-Uq
[root@mailserver ~]#

To remove a larger number of these corrupt messages I can run the following command for any that are labeled ’5h’.

[root@mailserver ~]# exim -bpru | grep ’5h’ | awk ‘{print $2}’|xargs -n 1 -P 20 exim -Mrm
exim: malformed message id 886 after -Mrm option
-snip-
exim: malformed message id 886 after -Mrm option
Spool data file for 1Qmr1V-0005sc-9v does not exist
Continuing, to ensure all files removed
Message 1Qmr1V-0005sc-9v has been removed or did not exist
exim: malformed message id 886 after -Mrm option
-snip-
exim: malformed message id 1016 after -Mrm option
Spool data file for 1Qmr1z-0005y7-1x does not exist
Continuing, to ensure all files removed
Message 1Qmr1z-0005y7-1x has been removed or did not exist
exim: malformed message id 894 after -Mrm option
-snip-
exim: malformed message id 897 after -Mrm option
Spool data file for 1Qmr1S-0005sL-28 does not exist
Continuing, to ensure all files removed
Message 1Qmr1S-0005sL-28 has been removed or did not exist
exim: malformed message id 886 after -Mrm option
-snip-
exim: malformed message id 965 after -Mrm option
Spool data file for 1Qmr1N-0005rm-Uq does not exist
Continuing, to ensure all files removed
Message 1Qmr1N-0005rm-Uq has been removed or did not exist
exim: malformed message id 1.1K after -Mrm option
-snip-
exim: malformed message id 940 after -Mrm option
[root@mailserver ~]#

Notice all the lines that say ‘malformed message id’ (I snipped hundreds form the command output above). This is because only the corrupt messages have the message id as the 2nd position in the above commands output that is sent to the awk ‘print($2)’, all messages that are not corrupt will print the size of the message in this column, so only the corrupt messages are affected.

If I continue to run this command for any more messages that report ‘line mismatch’, I can remove the corrupt messages and get on with troubleshooting the real problem at hand, the ever growing mail queue on this server.

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon

What is a Dedicated Server?

Wednesday, July 27th, 2011

What is a dedicated server? That’s a relatively easy question to answer but a short answer will only scratch the surface. A dedicated server is a physical server that is installed in a data center, connected to an IP network and used to host applications that are accessed via the web or to process database requests, email, DNS or any other number of tasks.

The thing that differentiates a dedicated server is typically that the full resources of the server are only used by one client, hence the word “dedicated”. This is also referred to as dedicated hosting. An example of how this would not apply would be for shared hosting because while you can have literally hundreds of shared hosting clients on a single dedicated server, those resources are not dedicated to any one particular client and are spread among many clients. The example of running hundreds of shared hosting websites on a single dedicated server goes back to the earlier comment about the short answer only scratching the surface.

Good examples of clients who would require dedicated servers would be clients whose websites have outgrown their shared hosting environment. That is typically a function of CPU and RAM requirements. If you are trying to run large database application on a shared hosting server while 200 other websites are competing for processing power, you will probably see a substantial degradation of service. It will likely still function, but it will also more than likely be very slow and at times even unresponsive. Not to mention that your provider will encourage you to migrate to a dedicated server or to managed hosting if you lack the technical expertise to manage the dedicated server.

What is a dedicated server vs. what is not. Dedicated servers typically imply that you have the technical expertise on staff to manage all of the technical aspects of that server, including security, routine maintenance, updates and many other things. If you do lack those resources, managed hosting would likely be a far better choice for you. While the cost for managed hosting is always more than dedicated, the peace of mind you will receive by knowing that your server is managed by a team of experts is always well worth the additional cost.

So there you have it. The next time someone asks you “What is a Dedicated Server?”, you can now give an answer that makes sense.

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon