Tag Archives: centos
January 17, 2010 

Nginx, Apache, SSL and signed by an unknown certifying authority

We just moved a whole bunch of servers to a new hosting center and moved from CentOS to Ubuntu (server) and Apache to Nginx (more on this in a later blog post).

While we migrated mostly everything without problems we were confronted with the problem that our SSL certificate gave us an error message of the form:

“The certificate for this website was signed by an unknown certifying authority”

This was rather strange because the same certificate worked with Apache just fine. After some time and searching for a solution we found that we had to tell Nginx to use the SSL Chain file as well. The only problem is that Nginx does not have a explicit parameter like Apache has. In Apache the SSL config looks like this (we use a GoDaddy certificate):

SSLEngine On
SSLCertificateFile /etc/httpd/ssl/youcert.crt
SSLCertificateKeyFile /etc/httpd/ssl/yourkey.key
SSLCertificateChainFile /etc/httpd/ssl/gd_bundle.crt

Now, in order to get this working in Nginx you need to append the “gd_bundle.crt” to your crt file, which is quite simple with the following commands (do a backup of any files before doing this!):
cat gd_bundle.crt >> yourcert.crt

Then simply restart Ngnix and all is back to normal (but just really faster with Nginx then with anything else:-) ).

December 21, 2009 

WordPress, PHP error and updating PHP on CentOS 5.x

Mind you, I’m no PHP guru and I only have PHP installed on our server because of our WordPress blogs. that said, I was facing an ugly PHP error today and somehow we could not load the WordPress admin pages anymore of it. The error was:

PHP Warning:  Module 'fileinfo' already loaded in Unknown on line 0

After searching for a solution I thought it would be best to update PHP along the way. Thus I found this nice description on Webtatic Blog which describes how to update to the latest PHP version on CentOS 5.x (since the default repro only brings you 5.1.6).

Low and behold, after updating to the latest PHP version, it will give you 5.3.1, the error was gone and WordPress Admin pages are back to normal.

July 26, 2009 

Updating subversion on 64-bit Linux (CentOS/RedHat)

I run into some issues trying to update subversion on our Linux 64-bit (CentOS) servers. In other words, RPM always complained on some missing dependencies from a old version and aborted the upgrade. The error lines were of the nature;

Transaction Check Error:
file /{filesuchandsuch} from install of subversion-1.5.6-0.1.el5.rf

I mean, I had the old subversion installed and wanted to update to the new one. Isn’t that what a update is all about?

After trying to remove, reinstall and reconfigure subversion I tried the update again, just to find out that it still did not work. So, i started to dig into CentOS and found that during the installation of subversion the RPM installed both the 64-bit and the 32-bit versions.

Since, I did not need the 32-bit version I removed it with;

rpm erase subversion.i386

Then tried updating subversion again with;

svn update subversion

BINGO! Apparently the 32-bit version interfered with the update. Removing it solved it.

July 21, 2009 

Configure web server to handle .air files

Recently over at the website of our open source Digital Asset Management company Razuna Ltd., we published a desktop application that was build with Adobe AIR.

Now, while we could easily link to the AIR application, which all end with an extension of “.air”, within the web page it would prompt the user to install the application only under FireFox (both Windows and MacOS X), but users with Safari or Internet Explorer where prompted to download a “.zip” file.

In order to fix this, we had to change the mime type configuration of the web server itself. Now, we figured that there are different solution to this, depending on your web server;

For Apache

Adding the mime type for .air extensions with Apache requires you edit the file “/etc/mime.types” (on RedHat/CentOS) and adding the line:

application/vnd.adobe.air-application-installer-package+zip     .air

Make sure to reboot Apache to apply the changes.

For Tomcat

Adding mime types for your Tomcat installation requires you to edit the file “tomcat/conf/web.xml” and adding a new “mime-mapping” like;

<mime-mapping>
<extension>air</extension>
<mime-type>application/vnd.adobe.air-application-installer-package+zip</mime-type>
</mime-mapping>

Make sure to restart Tomcat to apply the change.

Using .htaccess

If you can’t access the server config files or you simply don’t want to, then the other option is to simply add the mime type to your .htaccess file.  Add the following line to it;

AddType application/vnd.adobe.air-application-installer-package+zip .air

Save it and you should be all set to make it possible to launch the Adobe AIR installer ones your .air file is downloaded.

February 24, 2009 

Installing FFMpeg on CentOS/RedHat 5.x successfully

My primary Linux distribution of choice is CentOS. CentOS is an Enterprise-class Linux Distribution derived from sources freely provided to the public by RedHat. Thus CentOS is merely speaking a copy of RedHat and provides the same stability and security.

The trade off with stability and security is, that you mostly run packages which are not cutting edge and thus you run into issues where you need the cutting edge. This is the case with FFMpeg.

There is a DAG repository that give you FFMpeg in the yum installation, but that version is not working with libx264 or libfaac and still uses the older way of and might break some applications.

Thus I set out to find the best way to install FFMpeg. Since FFMpeg depends on a lot of external libraries we first have to install this external libraries.

Please follow the below steps one by one to install FFMpeg on CentOS/RedHat 5.x. successfully. Some of these libraries might be older (some even from 2008), thought I used what worked best for me and were stable in production environment.

Lets create a directory first
mkdir -p /opt/ffmpeg-packages
cd /opt/ffmpeg-packages

Installing FAAD2
wget http://downloads.sourceforge.net/faac/faad2-2.6.1.tar.gz
tar zxf faad2-2.6.1.tar.gz
cd faad2
autoreconf -vif
./configure –disable-drm –disable-mpeg4ip
make && make install

Installing FAAC
wget http://downloads.sourceforge.net/faac/faac-1.26.tar.gz
tar zxfv faac-1.26.tar.gz
cd faac
./bootstrap
./configure –disable-mp4v2
make && make install

Installing LAME
wget http://superb-east.dl.sourceforge.net/sourceforge/lame/lame-3.98b8.tar.gz
tar zxfv lame-3.98b8.tar.gz
cd lame-3.98b8
./configure
make && make install

Installing yasm
wget http://www.tortall.net/projects/yasm/releases/yasm-0.7.0.tar.gz
tar zfvx yasm-0.7.0.tar.gz
cd yasm-0.7.0
./configure
make && make install

Installing x264

FFMpeg requires that you get the latest x264 codec. Thus we use the latest from their GIT repository.

git clone git://git.videolan.org/x264.git
cd x264
./configure –enable-shared –prefix=/usr && make && sudo make install

Installing Xvid
wget http://downloads.xvid.org/downloads/xvidcore-1.2.1.tar.gz
tar zxfv xvidcore-1.2.1.tar.gz
cd xvidcore/build/generic
./configure
make && make install

Installing FFmpeg

For FFMPEG, you will need to get the latest out of SVN.

svn checkout svn://svn.mplayerhq.hu/ffmpeg/trunk ffmpeg
cd ffmpeg
./configure –enable-gpl –enable-postproc –enable-nonfree –enable-postproc \
–enable-libfaad –enable-avfilter –enable-pthreads –enable-libxvid \
–enable-libx264 –enable-libmp3lame –enable-libfaac –disable-ffserver –disable-ffplay
make
make install

The “make” of FFmpeg can take up to 5 minutes, so please be patience. I also disable “FFServer” and “FFplay” on my servers. Please adjust to your environment.

Hope this helps.

January 26, 2009 

How to create a virtual machine server image from a physical CentOS server

I run a couple of servers over at a server farm. All of those machines run VMWare ESX, so today I wanted to move my last physical server to a VMWare image. If you want to convert a physical Windows machine then your task is quite easy. Start up the freely available VMWare Converter and start converting your physical machine to a virtual one. But what about when you need to convert a Linux server?

Since I really did not want to setup a new CentOS machine with all the packages I need and copying stuff from the physical to the virtual I did the following steps successfully. Keep in mind that this is on CentOS 5.2. I am sure this works for other Linux distributions as well.

  1. Create a new virtual machine and install the bare minimum CentOS. I used the CentOS NetInstall Option. This takes about 20 minutes or so.
  2. Now, create a “backup” directory on the root level (“/”) of your disk and copy the following directories into this backup directory;
    1. boot
    2. etc/fstab
    3. lib/modules
  3. Then on your physical server create tarball with the following directories included;
    1. boot
    2. bin
    3. etc
    4. home
    5. lib
    6. sbin
    7. usr
    8. root
    9. var
    10. opt

    Include any other directories that you need or have created. You should not need to include the “tmp” or the “lost & found” one. It is important to keep the permissions settings and this use the following command to create the tar;
    tar czvfp physicalserver.tgz <directoriesabove>
    (be prepared to make yourself some coffee in the meantime)

  4. Copy the file physicalserver.tgz to your new virtual machine.
  5. On the virtual machine move the physicalserver.tgz to the root (“/”) folder and extract it. This will probably take some time and you should get to your second cup of coffee.
  6. Once it has finished extracting do not attempt to reboot the server. Doing so will most probably render your image unbootable!
  7. Copy all of the directories within the backup directory to their original position (the ones from step 2) and confirm to overwrite existing files.
  8. Once done, issue the command “grub”. You will then be in the grub editor. Type the following commands to create a new MBR;
    1. root (hd0,0) (this is hd<zero>,<zero>)
    2. setup (hd0) (this is hd>zero)
      You should see some confirmation messages. Type “quit” to exit the editor.
  9. Now reboot the server and pray :-)

I have done the above steps with 3 servers and it has always worked without problems. But there are some post-reboot steps that you should do as well. They are;

  1. Network Adapter. During the move above you will loose your network adapter. Thought CentOS still got everything setup and all working, you wont be able to reach outside of the virtual machine. Funny thing is that the Network Adapter in the Virtual Machines Configuration Settings also shows no problem. To make it work again you have to remove the Network Adapter in the Virtual Machine Settings and add one again.
  2. Install VMWare Tools. Since your physical server has no VMWare Tools installed this is a obvious step.
  3. Run security configuration. In my case, after step 1 and 2 above were done, I still could not get outside of my network. This was due to a mess up with the security settings of CentOS and most probably SELinux is running and prohibiting any network traffic. Simply run “system-config-security” in the shell and adjust your settings.
  4. Reboot your server.

With the above steps you should have a full copy of your physical server on your virtual machine environment. Let me know how it goes for you in the comments.

January 25, 2009 

CentOS NetInstall Settings

My previous settings for the CentOS NetInstall did not work anymore. So, I was hunting around for the right ones. In the end, I found that the below ones work the best:

This is for the HTTP one
Host: mirrors.kernel.org
Directory: centos/5.2/os/i386