Alex Rodriguez

I wanted to convert one of our production machines from Fedora to Ubuntu server. One of the services this machine was running was subversion.

I both tarred up the repository directory and used ’svnadmin dump’ to backup the repository. I scp’ed both files to another server.

Upon recovery I wanted to use the dump but the dump file became corrupted.

Luckily, there’s an easy way to recover from a repository file backup. I just untarred the repository and used

It worked great!

After updating Wordpress and my devformatter plugin, I noticed some errors popping up from the geshi libraries:

This was actually displaying in the blog posts, which is bad for a number of reasons, including security.

You can turn off php error logging by finding your wp-config.php file, usually in your Wordpress document root, and adding the following lines:

After a recent windows update I found my remote desktop was broken. I did some troubleshooting and packet sniffing and still couldn’t track the problem down.

Finally I stumbled upon this post, which fixed my problem.

It turned out that an nvidia driver update broke RDP. Updating the driver to the latest WHQL fixed the problem.

I love windows updates, they usually break more than they fix.

I recently needed to setup TLS for my company’s email server. My primary goal was to reconfigure our sendmail server to negotiate TLS with other email servers that supported it. This would allow us to send secure information via email to company’s that also supported email over TLS.

The first step was to generate certificates. This is easily done with openssl. I already have a key and scripts setup to generate cert requests with all necessary info filled in. The script looks something like this:

Take the output from that certificate request and provide it to your favorite signer to get a signed certificate. Take the key you used to generate the request and the signed certificate and put it somewhere on your server, say /etc/ssl/crt. Also make sure to put the cacerts bundle, or signing certificate chain, in that directory (or any other for that matter).

Next step is to configure sendmail. The following are the changes I needed to make to my sendmail.mc file under /etc/mail:

Most of that config points sendmail to your keys and certificates to be used for server and client mode. The line

define(`confAUTH_OPTIONS’, `A p y’)dnl

tells sendmail to perform smtp authentication after TLS negotiation has completed. The line

define(`confTLS_SRV_OPTIONS’, `V’)dnl

tells sendmail to skip requests for clients’ certificates.

I would like to thank this site and this site for that helpful information.

Next, recompile the config file and restart sendmail with

You can test your server using openssl:

You should see “Verify return code: 0 (ok)” near the end of the output. Type “quit” to end the communication.

To test that sendmail will communicate properly as a client with another server, you can use the great site test.smtp.org.

I recently upgraded my bugzilla installation to 3.5 to find my Eclipse-mylyn integration had broken.

After some traffic inspection and a look at buglist.cgi, I found that new code was added to “clean” advanced bug queries. This code cleans the query, then performs a redirect to the new clean query using the correct bugzilla hostname but using the local webserver port. Because I was proxying traffic to my actual bugzilla server through another server on a different port, this redirect was invalid.

I fixed this by commenting out the following code in buglist.cgi:

I’ll try to actually fix the redirect tomorrow to take advantage of the cleanup.