Wednesday, September 1st, 2010
I’ve actually run into two separate causes of this problem during my time running Ubuntu Server machines. And while I am discussing Ubuntu Server in this post, I see no reason why this same problem couldn’t affect the desktop version of Ubuntu, or maybe other Ubuntu variants (Kubuntu, Xubuntu, etc.).
The problem: You’ve enabled automatic security update installation, and yet, security updates are not being automatically installed.
First possible solution: This one is easy. Check the file /etc/cron.daily/apt and make sure that it is marked executable. Permissions on this file should look like rwxr-xr-x (755). This file somehow lost its executability when I upgraded from one Ubuntu release to the next, which broke the daily update check and thus no automatic security update installation.
In the more recent occurrence of this problem for me, the daily update check was obviously happening. I would connect to the server via SSH and see something like…
Welcome to the Ubuntu Server!
* Documentation: http://www.ubuntu.com/server/doc
5 packages can be updated.
5 updates are security updates.
So, the daily update check was happening, but the automatic update installation was not. What could cause this?
Well, it turns out that the script that does the update installation will only proceed to that point if the check for updates was successful (no errors at all). This leads us to…
Second possible solution: Run a sudo aptitude update or sudo apt-get update and see if there are any errors. If there are, address them, and hopefully that will resolve the problem. In my case, I had a third-party repository that had become inaccessible, so although the main Ubuntu repositories were updating fine, this error still prevented automatic security update installation.
If you want to know how to set up automatic security updates, there are (at least) three possible ways:
- When first installing the system, you will be given the option to enable automatic security updates.
- Follow the directions on this page in the Ubuntu Wiki. I recommend the apt.conf.d method (which is what will be set up for you using either of the other options presented here), but, the cron method may help you get around other similar issues that prevent automatic updates from working.
- You can set it up using the GUI method like you would with a desktop version of Ubuntu. First, install Synaptic (sudo aptitude install synaptic). Then, make sure that you are connected to your server via SSH with X11 forwarding (by adding the -Y parameter to ssh when you connect). Then, run Synaptic on the server as root (just type “sudo synaptic” at the terminal) and the Synaptic window should appear on your desktop. Then, select “Settings -> Repositories” from the menu, click on the “Updates” tab, and configure automatic updates as you see fit.
Tags: Ubuntu, Ubuntu Server
Posted in Software | 1 Comment »
Friday, August 20th, 2010
VMware Server is a cool free product that you can install on an existing Windows or Linux system and run virtual machines in the background. While it’s built on VMware’s awesome virtualization technology, there are a few issues that make the current version of VMware Server (2.0.2) a little annoying to use.
Out-of-the-box, it can only be managed through the web interface. The web interface itself is not too bad, but if you aren’t accessing it from the same machine that it’s running on, it forces you to use HTTPS. This is great, of course, except something is wonky with the https implementation that is used (it appears to only support SSL version 2, for which support is disabled by default or outright removed from the current version of every major browser?). So, blah. I can’t manage my VMs remotely, which is one of the reasons why I’d like to use VMware Server in the first place.
Now, there are ways around this. You could set up an SSH tunnel or some similar network trick so that you could access the web interface without being kicked over to HTTPS. Or you could use Remote Desktop or a remote X application to access it using a web browser on the same machine as the server. These work for getting to the configuration pages, but I still had trouble trying to access the remote console (which relies on a browser plugin that seems a bit flaky).
There are lots of people complaining about both of these issues (flaky HTTPS and flaky remote console). Now, wouldn’t it be cool if there was a downloadable client that could manage said VMs without having to use the web browser? Read the rest of this entry »
Tags: VMware, VMware Server
Posted in Software | No Comments »
Tuesday, August 17th, 2010
For a while now, I’ve been noticing that my Windows printer list would come up empty in the control panel, or when I tried to print something, I’d get an error that indicates that the Print Spooler service is not running. Going and manually starting the Print Spooler service fixes the problem, but that’s silly, why should I have to do it? Why is the Print Spooler service stopping at all?
Read the rest of this entry »
Tags: Printers, Windows 7
Posted in Software | 2 Comments »
Wednesday, August 11th, 2010
On one of the web servers I help run, we noticed some suspicious activity. After poking around, I found a pair of suspicious files in a directory that contains user-uploaded files. One was named .htaccess (typical Apache distributed configuration file), and one was named 203497.php. Here’s my analysis of these mystery files.
Read the rest of this entry »
Tags: PHP, Security
Posted in Software | No Comments »
Tuesday, July 13th, 2010
Today, support for Windows 2000 from Microsoft ends. Windows 2000 was released over ten years ago, on February 17, 2000. Although it may have had a shaky start as far as application compatibility goes, it is renowned as one of the most stable operating systems ever to come out of Microsoft, and it paved the way for Microsoft to merge the “home” (9x) and “business” (NT) lines of Windows with Windows XP, the following year.
Read the rest of this entry »
Tags: Windows, Windows Vista, Windows XP
Posted in Software | No Comments »
Tuesday, March 9th, 2010
Windows XP is a picky beast. If you want to move it from one system to another, chances are that you’ll just get a BSOD upon boot. To get around this, you can do a repair install or “in-place upgrade” to convince it to take stock of all of the new hardware and then it will probably boot up fine. Of course, there’s other reasons to run a repair install, it might be able to save a system that isn’t working because of a strange configuration problem or a malware attack.
Anyway, here’s something that I’ve run into a few times now: After running a repair install using a Windows XP SP3 disc, after booting up and logging in, you’re given the message along the lines of: “You must activate Windows before you can log on. Would you like to activate Windows now?” If you select “Yes,” which is supposed to bring up the activation prompt, nothing happens. You get to stare at your desktop wallpaper until you decide to restart your computer manually. If you select “No,” you are immediately logged out. What to do?
Read the rest of this entry »
Tags: Windows XP
Posted in Software | 21 Comments »
Monday, February 22nd, 2010
When you start up Cygwin’s X.Org X11 server via startxwin.exe, it likes to leave an xterm window open on your desktop.
I suppose this is kind of handy if you were manually starting Cygwin/X, it’s pretty annoying if you have it set to start up when you log in to Windows. To keep this from happening, you just need to add an empty .startxwinrc file to your Cygwin home directory. That is, start the Cygwin bash shell, and use this command:
touch .startxwinrc
That’s it! No more xterm windows popping up.
Oh, if you’d rather have something besides xterm start up when you start Cygwin/X, you can just add a list of commands to .startxwinrc and it will execute them after starting the X.Org server.
Tags: Cygwin
Posted in Software | 1 Comment »
Sunday, February 21st, 2010
So, to combat spam, I recently deployed Postini at my workplace. We qualified for the K-12 promotion to it is awesome to have good spam handling for free. We currently use FirstClass as our mail server, and I’d rate it’s built in spam-handling mechanisms as “poor-to-none.” (We are eying Google Apps mail as a replacement in the next year or so.)
So, after finally getting Postini deployed and enabled for all accounts, the Postini stats report that just over 50% of incoming mail is being tossed out as “blatant spam,” with over 25% of the remaining mail being quarantined as “potential spam.” This is with Postini on the default lowest aggressiveness setting. So, assuming the worst case (“all incoming mail is spam”, which is almost true), our users are already receiving less than 37.5% as much spam as they used to. Once we’re satisfied that things are working fine, I’ll bump up the aggressiveness.
Anyways, I noticed that my FirstClass inbox was still being bombarded by spam messages (a few per hour), most of them obviously spam. Why weren’t these being blocked by Postini?
Read the rest of this entry »
Tags: E-mail, E-mail Security, Postini
Posted in Software | No Comments »
Thursday, February 18th, 2010
I ran into this problem with WordPress running on a Mac OS X server. I suppose that this may happen on other servers running Apache as well. Attempting to access the WordPress site threw this error at you:
Server error!
The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there was an error in a CGI script.
If you think this is a server error, please contact the webmaster.
Error 500
Turned out that the .htaccess file in the root of the WordPress install had some gibberish in it. It looks like this gibberish replaced some of the actual contents of the file. I don’t know how it got there, but fixing the .htaccess file solved the problem. So, that’s something to check if you are having this problem as well!
Tags: Mac OS X Server, WordPress
Posted in Software | 1 Comment »
Thursday, February 11th, 2010
Yesterday, Facebook finally launched XMPP support for Facebook Chat. (More about XMPP here.) This is something that they announced that they were working on back in May, 2008 — almost two years ago. After a long time (of mostly silence), here we have it — you can now connect to Facebook using (almost) any XMPP client, including popular “universal” chat clients like Pidgin, Trillian, Adium, Digsby, Miranda, Empathy, etc., using the XMPP support that they already have. This also paves the way for Facebook Chat to become one of the most used IM protocols, up in the ranks with AOL Instant Messenger, Windows Live, and Google Talk.
I’m a bit disappointed, but not surprised, that this initial launch of XMPP support comes without support for XMPP federation (“S2S”). If we had S2S support for Facebook Chat, then Facebook users could talk with users on any XMPP/Jabber network, and vice versa. This would also enable a particularly cool bridge between Facebook Chat and Google Talk, which are both based on XMPP, and it might even push AIM and WLM more towards supporting XMPP, so that we could have a truly universal IM network on the Internet. (We have it for e-mail already… why not for IM?)
Read the rest of this entry »
Tags: Facebook, Facebook Chat, Google Talk, XMPP
Posted in The World Online | 3 Comments »
|
