Usn's IT Blog

Hi,

TheBonsai started a brand-new bash forum at http://forum.bash-hackers.org. Since I know him as a real skilled bash poweruser it should be fun to learn from the site. Just have a look.

Yours,
Usn

Hi,

recently I’ve seen ugly error pages (e.g.for 404 or 403) on my Apache 2.2 server: The supplemental text blocks have been there, but instead of header, footer and spaces “[an error occured while processing this directive]” was shown.

For these accesses, the Apache error.log showed
“unable to include potential exec ‘include/top.html’ in parsed file /usr/share/apache2/error/xyz.html.var”
as well as the same with “include/spacer.html” and “include/bottom.html”.

Solution:
In my case, .html files have been configured as an executable mime type (for php). But Apache’s built-in security does not allow to include executable files (see http://issues.apache.org/bugzilla/show_bug.cgi?id=32346 to change that).

Since I considered php code within .html files useless for me, did not apply the patch and erased the .html and .htm entries from the corresponding “AddType” entry in httpd.conf.

Have fun,
Usn

Hi out there,

installing the Cisco VPN Client 4.8.00 should be no problem (just run “vpninstall” with kernel headers installed). But running it from the notebook in an insecure environment needs a host firewall on the mobile device. I love setting the default policies of a chain to “DROP”!

But the VPN Client communicates via loopback interface, and complains with

The application was unable to communicate with
the VPN sub-system.

So use this ruleset for peace:
Read more…

Hi folx,

if you want to create a self-signed certificate with OpenSSL (useful for encryption-only purposes, e.g. your own mailserver) just do the following:

openssl req -x509 -nodes -days 365
-subj '/C=DE/ST=Bayern/L=Munich/CN=www.example.com'
-newkey rsa:2048 -keyout key4cert.pem
-out cert.pem

It means:
“-nodes” makes the key unencrypted
“-days” makes it valid for n days
“-subj” provides your personal info for the cert, take care of the “CN” – it has to be your hostname as called by the client. Otherwise the client will always complain about a difference between the cert and the reality :)
“-newkey” makes it a rsa key with 2048 bits

Thanks a lot to madboa.com!

Use it right, use it tight.

Yours
Usn