Author Archives: Oren

"basename" magic; mass resize images

Leave a reply

basename + dirname fun

  • shell> dirname /long/path/file.jpeg
    output: /long/path
  • shell> basename /long/path/file.jpeg
    output: file.jpeg
  • shell> basename /long/path/file.jpeg .jpeg
    output: file
    This one is sooo amazing, ah?!


convert

convert tool comes with ImageMagick. It allows extensive image-manipulation-by-command-line. I've just found out that it supports -resize xx% form, although not mentioned in manpage.

Putting it all together

The 2nd parameter of basename is really useful in mass-filename-scripts. Let's write a script for mass-resizing all jpegs to 50% of their original size:

for i in *.jpeg; do convert -resize 50% $i basename $i .jpeg-resized.jpeg; done


glibc 2.7 on CentOS / RHEL 5

2 Replies

Update: Note! The issue was fixed in CentOS/RHEL 5.2 !

glibc 2.7 introduces a new flag to open() syscall, called O_CLOEXEC.

The official redhat 2.6.18 kernel (even of version 5.1) doesn't support it, and returns errors (in strace it looks like open() returns unknown error 530).

So.. just try not to use glibc 2.7 on RedHat, until they support it. If you want an adventure, this kernel seems to do the job..

How did I encounter this uncommon problem, you ask? I'm running Debian unstable VM inside a CentOS5 host (the VM's kernel is actually a CentOS5 kernel). Debian upgraded glibc to 2.7, and later the VM couldn't function (open /etc/passwd gave error 530). Not too smart of me, I guess. But dzickus kernel seems to solve it.

Burn multisession CDs using cdrtools (cmdline)

Leave a reply

This time in cookbook style:

  • Get the current CD's multi-session info by

    cdrecord -msinfo

    • You got a pair of numbers representing the start and end blocks of the latest session. We'll need them for the next step.
  • Use mkisofs along with the next flags to create the image:
    • -M /dev/cdrw: path of your cd/dvd writer device
    • -C start block,end block: use the pair of numbers you got above, but you must increase the start block by 1!
      i.e. if cdrecord -msinfo gives "11231,44323", you should use something like that:

      mkisofs -J -R -o /tmp/myimg.iso -M /dev/cdrw -C 11232,44323

      Why the +1? I'm not sure! Common docs don't mention it!

  • Burn the new image with

    cdrecord -tao -multi /tmp/myimg.iso

PHP Session locks

2 Replies

At work we have a page that loads multiple PHP scripts (in parallel), using XMLHttpRequest.

Later, we noticed that if one PHP script responds very slowly (i.e. when we put sleep(120) inside), all the others are waiting till the first one finishes loading. In other words: the load is serial, not parallel!

What? Why?!
A little research revealed an interesting phenomena: PHP session locks the session file till the session is closed. By default, the lock starts with session_start() call, and ends at the end of the PHP script!

Continue reading

Switch to another UID/GID, with Perl

Leave a reply

Originally I wanted to start by describing Linux' setuid()-like functions, which change the user-id of a running process (and more). Some reading made me realize that this area is too big (but interesting!) for a simple post, and also that I still don't master it..

So I'll focus only a single, simple task: switching from root to regular user permissions: when a daemon is being run by root (i.e. init scripts), for security reasons we want them to "transform" to a regular user right asap. In the kernel level we want to do something like setuid or setresuid (set all the user identifiers: Real, Effective and Saved) to a specific, different UID.

However, we don't talk about the kernel, but about a much higher scripting language.. So let's begin with basics: according to perlvar manpage, $> (or $EUID if using 'use English') represents the Effective User ID (Effective is the User ID which matters permission-wise). "print $>" perl command would simply print the EUID.

Now for the surprise.. "$>=44" perl command simply sets the EUID! Oh, the simplicity 🙂

GID can be set in a similar manner, but can't be set after the the uid is switched (we need the initial root permission for the GID switch).

Enough talking, let the code begin:

#!/usr/bin/perl -w
use strict;
ues English;
$EGID=22;
$EUID=22;
sleep 50; # Sleep so we can have time to run "ps axo pid,uid,euid,gid,egid" :)

Nmap service detection

Leave a reply

Many times people do port scans to get the list of services which are alive; however sometimes (i.e. on heavy load) the port is reported to be open, but the service does not respond (or responds after 1 minute..).

Well, surprise! (to me, at least): nmap can recognize the service behind the open port and its version! It's called 'service/version detection'.

This is useful for many purposes, one use is simply running:

nmap -A <ipaddr>

to get the list of service behind the open ports.

And for the topic I began this post with, it can be useful for listing the services (i.e. ssh) which are actually open and responding in a network, with a command like that:

nmap 192.168.0.0/24 -sV -p 22 --host-timeout=2s

Of course few greps would make it nicer. Fun!