November 22, 2007

newsyslog Revisited

Earlier this month, I wrote about a new utility that handles log rotation in Leopard, and gave a tip on fixing logging for the mail.log. It turns out that my fix wasn't quite right...

The original line in the configuration file was as follows:


/var/log/mail.log 640 5 100 * J

This results in the log file being rotated when it reached 100Kb in size. What I wanted was for the logs to roll weekly as they had with prior systems, and my assumption was that this would continue to happen as part of the periodic.weekly script. Bad assumption.

I don't usually have to scroll too far back in my logs when researching things, but tonight discovered that I had entries going back more than a week, and that the log file wasn't rotating as I thought it should have been. A quick check of the periodic.weekly script revealed that log rotation wasn't there anymore, so I revisited the newsyslog.conf file, and made the following change:

/var/log/mail.log			640  5	   *	$W0D0     J

The asterisk there is in the size column, meaning don't worry about the log size, the $W0D0 is under the when column, this means to rotate weekly, on day 0 (Sunday), at hour 0 (12am).

The man page for newsyslog.conf gives a wealth of info on configuring this utility, and is well worth a read.

Posted by Jim at 11:35 PM | TrackBack

November 10, 2007

Otterbox Defender case for iPhone

Just a quick head's up that the Otterbox Defender case for iPhone will be shipping soon, I should be having a model for review fairly soon, and will post the details of this as soon as I'm able. Until then, check out their product site for more info.

Posted by Jim at 10:35 PM | TrackBack

November 7, 2007

Linksys WRTSL54GS Review

I've been running the Linksys WRTSL54GS router here for a few months now, and figured it was time to write up a review on this unit. This is only a review of the hardware, though, as I've completely replaced the software.

Routers for home networks have come a long way in the last few years, and the demands placed on them have driven the market to produce models with the speed and features to keep up with the power users out there. But often, the built in software may not always be up to the tasks users demand.

When I began my search, I discovered early on that my configuration needs would be best served by a 3rd party software package called OpenWRT, and the Table Of Hardware at their site made for a great read in researching a unit that would fit my needs. I had heard good things about the Linksys brand overall, and the WRTSL54GS seemed to be at the top of the heap as far as performance and expandability. In fact, the only thing that was missing (since I'd be using a 3rd party firmware) was a serial console interface, which with some research, I was able to rectify.

The information on the OpenWRT site was very helpful, as most manufacturers do not publish information on the processor in their router, the amount of RAM it contains, or the size of the Flash RAM, a necessary bit of info when running 3rd party firmware. Obviously the processor speed will have the greatest impact on performance, and more RAM means that the system will operate efficiently. With 64Mb RAM, and a 266MHz processor, this little guy is comparable to desktop systems of just a few years ago. And the 4Mb Flash capacity meant that I'd be able to load up a new firmware with all the features I'd need here.

In running this router the last few months, I've not once had to reboot it due to any failure. A number of other routers that I've read of folks using seemed to experience freezes, slowdowns, or other failures at fairly frequent intervals, even when running factory firmware. Reliability is of prime importance, especially when the router is handling traffic for mail and web servers, and this unit hasn't let me down yet.

The unit also includes an 802.11g access point, the range of this compared favorably with my Apple AirPort Extreme base station, and the performance was every bit as good as 802.11g allows. The only downside that most folks might run into on this unit is that the antenna is not replaceable with a higher gain model, but the enterprising hacker can find ways around this. The antenna cable can be easily desoldered from the logic board, and a connector for a better antenna can be modded to the case without too much difficulty.

The 4-port switch in the unit is fantastic. Most folks probably wouldn't get that worked up over a switch, but the chipset used, along with the OpenWRT software allow for each port on the switch to actually act as a separate VLAN (Virtual Local Area Network), allowing for even more complex network setups.

A single USB port on the back allows for further expansion, a USB flash drive or hard drive can be attached for network storage, and with OpenWrt other devices such as USB cameras, GPS, BlueTooth, or even a USB VGA interface can be attached.

I'd definitely recommend a Linksys router to anyone looking for one, from my reading online, their quality is much better than most of the brands out there. A few dollars more spent for a better model is usually money well spent in terms of usability and reliability, not to mention saving headaches from performance issues or other downtime. Even using the stock firmware, this is a really great unit, and should be flexible enough for most power users at home without having to look at a 3rd party firmware.

Posted by Jim at 12:44 PM | TrackBack

November 4, 2007

New log rotation utility in Leopard

Most folks have no need to ever check their system logs. Some folks check their logs religiously. Mac OS X 10.5 has thrown a new tool into the mix, and it might bite you if you don't know about it.

There is a new command line command called newsyslog, it is called every minute by the file /System/Library/LaunchDaemons/com.apple.newsyslog.plist, and it's config file lives in /etc/newsyslog.conf.

Tonight, I needed to check my mail server logs for some information, and had to search prior logs. At first, my searches made no sense, as I kept coming up with today's date in the data, but my mail logs normally contain a week's worth of data. Well, not anymore, thanks to newsyslog, now they only contain 100Kb worth of data before they roll over to a new log. Ack! A simple fix, commenting out the log cycling for the mail.log file. Hopefully this tip might help out anyone else out there that gets bitten by this.

Posted by Jim at 1:08 AM | TrackBack

November 3, 2007

Details on upgrades

To recap my recent upgrades here, I was transitioning my old web/mail server from a G4 box running OS 10.4 to a new Mac Mini running OS X 10.5. Funny that I wrote about using a Mini as a server back in 2005, and I'm only now finally getting around to putting one in here...

So, the basic process here was shutting down Postfix, then using Carbon Copy Cloner to clone my existing server to the Mac Mini (booted in Target Disk Mode), then rebooting the Mini into the Mac OS X 10.5 Installer. The Installer had absolutely no problems upgrading a PPC version of OS 10.5 to an Intel OS running 10.5, which was great. I really did not want to do a clean install, which would have been more of a hassle in converting mail files and other lower level items.

The next necessary step after installing 10.5 was to install Xcode 3.0, in order to compile all the apps I needed. Once that was done, I was finally able to start getting things up and running.

From prior dry runs, I had done a lot of testing of various packages to make sure that things would compile properly, and run without errors. There was a good bit of trial and error, and lots of googling. And thanks to someone else googling and finding an earlier entry of mine, a helpful tip out of the blue (Thanks to Paul S.) that helped massively. I had partitioned my drive so that I had a nice workspace partition to hold files between attempts at cloning and upgrading, and I had saved a few helpful notes there as well, which was very handy.

As I had mentioned a few days ago, the unix system accounts for postfix, mysql, www, and others, now for some reason all begin with an underscore character, so I had to edit a few config files where these accounts were specifically used to make sure that they reflected the current users. Also, 10.5 now runs Apache 2.2.x and not Apache 1.x, so I had to do some reading up on how this gets configured in order to migrate my config files, there were few surprises there, once I paid attention to the sample config files. Having saved copies of my working config files from earlier runs, it was a simple matter to copy these over before starting other work.

In retrospect, I should have worked on getting the mail server up and running before the web server, I didn't lose any mail, but I just hated it being offline as long as it was...

Starting with the web side, I installed MySQL 5.0.45 using a pre-build package, I used the one built for 10.4 Intel, and plan to upgrade that to a 10.5 specific build once one is available. After installing this, I simply copied my data folder over, ran the mysql_upgrade script, and all was well. Next, I compiled DBI-1.601 and DBD-mysql-4.005. For some reason I wasn't able to track down, DBD insisted on looking for mysql/lib files in /mysql/lib/mysql, even though my install never mentioned this path anywhere. Some googling finally revealed that the easiest fix was simply to fake it with some symlink trickery:

cd /usr/local/mysql/lib
sudo mkdir mysql
cd mysql
sudo ln -s ../*

DBI compiled fine, DBD threw up an error about incompatible pointers, which I was stuck at for a day or two before finding out that this was just a warning and could be ignored. Sure enough, it ran just fine, and I found that MovableType was now working fine. During the final install of everything, I discovered that I had to reset access privs for my web folder in order for MT to be able to write files, but after doing that, it worked fine again. I'm saving my upgrade to MovableType 4.x for another day.

Compiling Postfix was fairly straightforward, as before, I built Postfix according to the standard install docs to include MySQL and PCRE support, but this time included SASL in the mix. It is very important to read the SASL docs, there was a bit of needing to create symlinks and make sure that header files were in the right locations, but once I followed all the steps outlined, it compiled fine.

The Courier-IMAP pieces drove me nuts for several days. Courier-IMAP 4.2.1, the latest build, just couldn't be made to work here, I eventually tried building an older version, 4.1.3, and that worked just fine. Courier-Authlib 0.60.2 compiled but had problems running, the trick mailed in my Paul S. was to enter the following before doing the compile:

export MACOSX_DEPLOYMENT_TARGET=10.5

This handy command has been around for a few OS releases now, and forces some settings that apparently don't get set otherwise, a quick google search found many packages needing this to compile properly. Once set, AuthLib compiled properly and more importantly, ran properly.

Despite doing the 'migrate' steps, though, my old Courier settings never made it over, and so I had to edit the authmysqlrc and some other Courier files by hand using my older versions as templates, but this work was done in short order.

One site that helped a lot in checking over some of my steps was this one:

http://switch.richard5.net/isp-in-a-box-v2/building-the-mail-server-components/building-the-courier-imap-server/

The versions used there weren't current, but helped to validate what I was trying to do here, and setting the proper CFLAGS and compile arguments. His setup there was very similar to mine, virtual domains, MySQL authentication, etc, which was a great help.

With this done, I was now actually able to check mail the last necessary step, which made a good stopping point for the night with a fairly functioning server.

The next day, I tested a few more functions of the system, and found that one of the web packages I had installed was having problems with MySQL. This turned out to be a PHP issue connecting to MySQL, it was looking for the mysql.sock file in /var instead of /tmp. The easiest fix here was to create a /etc/php.ini file, consisting of the following:

; Default socket name for local MySQL connects.  If empty, uses the built-in MySQL defaults.
mysql.default_socket = /tmp/mysql.sock
; Default socket name for local MySQL connects.  If empty, uses the built-in MySQL defaults.
mysqli.default_socket = /tmp/mysql.sock

The second section for mysqli was required for version of MySQL 4.1 and later, once this was in place and Apache stopped and started, this problem was now history.

The last hurdle I had was getting policyd running, this is the greylisting package I use with Postfix. I had been struggling for some time to get newer builds of this running. I had somehow hacked the 1.7.x version into running previously, and was never able to duplicate my success with later builds. Thanks to some outstanding work by the developers, the final fixes to this are now available in the latest SVN builds, and I was able to get the 1.9.x experimental build to compile successfully, and more importantly, to run successfully as well.

In closing, what I'd like to say here is that when you're rolling your own code, patience is your best friend. Take things one step at a time, make sure you have a backup, and when you hit a wall, do searches and ask questions on mailing lists until you find the answers you need. If all else fails, post about your failures, and someone else might stumble across your post and supply the answers you need, it's amazing how things like that work out sometimes.

Posted by Jim at 9:27 PM | TrackBack

November 2, 2007

Server upgraded successfully

The server here has been successfully upgraded to Mac OS X 10.5. A few tips rolled in earlier this week that resolved the last of my compile issues (details to follow soon), so last night I cloned everything over to the new box and started the upgrade process.

One important tip, installing Xcode is kinda important. It's the little things you forget to do... :)

Posted by Jim at 11:34 AM | TrackBack