Fri, 29 Dec 2006

eAccelerator Weirdness

— SjG @ 4:52 pm

I’ve been busy setting up a new hosting environment for a bunch of static HTML and PHP-based web sites on a Go Daddy Virtual Server. It was going swimmingly, until I came to an old CMS Made Simple site (running 0.10.x), which merely returned blank pages. Newer versions of CMS Made Simple ran fine. I could find nothing in the virtual host’s web error logs, the php log, the mysql error logs, the eaccelerator error logs, or any other system logs — except in the main Apache error log, there was:

child pid XXXXX exit signal Segmentation fault (11)

Searching around, this looks like it could be some kind of threading issue; however, I’m following the recommendations and using the Apache 2 prefork MPM.

Eventually, the (weak) solution I came up with is to turn off eaccelerator for that virtual host. This remedies the situation, although I can’t say it makes me very happy, since I don’t understand exactly what’s going on (or what the problem is).

I’d welcome insight into this.

Details: Fedora Core 4, Apache/2.0.54 (Fedora), PHP 5.0.4, eAccelerator 0.9.5.

Thu, 12 Jan 2006

sa-exim config tweak

— SjG @ 11:13 pm

This is probably obvious to everyone in the universe but me, but I was having a problem where my outbound email was being scanned by sa-exim, in addition to the desired scanning of incoming email.

The trick is in setting your SAEximRunCond in sa-exim.conf correctly. This is probably documented somewhere, but I totally missed it. In any case, assuming you want to skip scanning of email originating in your local network (e.g., IP address of and that you changed the secret SA-Do-Not-Run header’s name to SA-Do-Not-Think-Of-Running, you would use the following line in your sa-exim.conf:

SAEximRunCond: ${if and {{def:sender_host_address} {!eq {${mask:$sender_host_add
ress/24}}{}} {!eq {$h_X-SA-Do-Not-Think-Of-Running:}{Yes}} } {1}{0}}

Voila, outbound emails are no longer checked. Of course, if you are sending spam, please do not make the above change, but instead please swallow whole six to ten large, unpeeled pineapples.

Sat, 7 Jan 2006


— SjG @ 12:03 am

So, courtesy of the DWP, the Meier Quagg was without power for about 7.5 hours today. It’s not clear what was wrong. The other side of the street had power, as did several parallel streets nearby, but this side of Meier was out, as were patches of Venice like the Oakwood.
Anyway, when the power came back up, most of the servers came back with it. Intervention was required for the Golem, Pylonhead, and Sekhmet. Sekhmet was the worst. I only got the “LI” of LILO, which says that the /boot/boot.b file was bad, or the drive geometry was hosed.

So I tried my trusty Debian rescue disk. Typed rescue root=/dev/hda1 at the boot: prompt. The boot failed with a complaint that /dev/hda1 was an MSDOS partition. uh-oh… MSDOS?

Of course, it turns out that I was using the wrong rescue disk. I was using a Woody ISO, and I had upgraded the machine to Sarge — and EXT3, which evidently was not compiled into the rescue disk. When I finally tried the correct rescue disk, it came up neatly, repaired the journals, and gave me my precious root prompt.

I did the LILO replacement trick (lilo -u /dev/hda; lilo), popped out the CD, rebooted, and held my breath. Then I decided to breathe. It’s my second fastest server, but it’s still a four-plus-year-old Dell Optiplex. In any case, it came up cleanly and there was much rejoicing.

Now it’s just a matter of waiting for the mail secondary to forward on all the queued up spam.

Wed, 20 Jul 2005

Gadspot IP Camera

— SjG @ 8:27 pm

How could I resist a $150 wireless network camera? Well, the answer is I couldn’t.

This is one of the NC1000-W10 systems. It has, according to this site, an embedded Linux kernel running on an ARM processor.

It seems pretty slick. It has dual network interfaces, and, web-based access. The image quality is acceptable for a security camera, or for doing long-term timelapse (my purpose). It’ll do short-range IR illumination, will email images if motion is detected, etc. It requires Windows for its initial setup, but once you get network access, it will work and be further configurable with any Java-enabled browser.

One quirk is that you seem to have to power cycle it (or perhaps reboot it) to get it to utilize any new Network settings. The one snag is that if you configure it to listen on both wired and unwired networks, and it’s unable to connect to the wireless network, it seems to stall out and fail to boot correctly. This is a problem when I have wired and wireless connections out in the office, but only wireless (on a separate wireless network) in the eventual destination. I’ll have to run a long cable to configure it for its final use.

Tue, 18 Jan 2005

Slow POP connections

— SjG @ 12:29 pm

OK, this is an esoteric one, but I’m happy to report there is a simple solution.

We migrated Stacy over to using Thunderbird (from Outlook Express) on her Mac to cut down on the spam. In the process, we upgraded her to OS X.
Strangely, while POP connections to our local QMail server are nearly instantaneous on the Windows machines, there would be a 30-40 second delay for her. It wasn’t a Thunderbird problem — we could replicate the problem by telnetting to port 110 — and only from the Mac OS X machines.

Karl finally succeeded in diagnosing the problem. QMail uses tcpserver to wrap connections. tcpserver, in turn, checks back via ident. The Mac OS machines don’t have identd running by default. By running tcpserver with the “-R” option (disabling the ident lookup), everything works brilliantly as it should.