Shibboleth Ubuntu

June 23rd, 2009

SP2 Installation

I switched one server from Fedora Core to Ubuntu yesterday. Shibboleth 2 SP installation is a bit more tricky under Ubuntu than Fedora Core. The packages are not available in the Ubuntu repositories, but Satya's blog serves a working howto.

failed to bind to socket

Shibboleth seemed to be working well after installation, but today it was down dumping

2009–06–23 12:51:53 ERROR Shibboleth.Listener : socket call resulted in error (2): no message 2009–06–23 12:51:53 CRIT Shibboleth.Listener : failed to bind to socket.

into the /var/log/shibboleth/shibd.log. I luckily found a solution in quite a short time. The problem was that the shibd was trying to create socket in /var/run/shibboleth directory, which did not exist. Creating it once does not help because Ubuntu removes content of /var/run/ at every reboot. To fix it this has to be added to /etc/init.d/shibd

if [ ! -e /var/run/shibboleth ]
then
   mkdir /var/run/shibboleth
fi

DB2: SQL30082N Security processing failed with reason “15″

May 11th, 2009

If you are getting

SQL30082N Security processing failed with reason „15“ („PROCESSING FAILURE“)

when connecting to the db2 database using db2 CONNECT TO dbname USER username or

Connection authorization failure occurred. Reason: Local security service non-retryable error. ERRORCODE=-4214, SQLSTATE=28000

when connecting remotely (via JDBC driver) read on. I finally found what causes this error and a solution!

Environment

  • OS: Fedora Core 10 64bit
  • DB2: version 9.5, Express edition

Problem

Tho whole problem is in the format of the passwords in /etc/shadow. DB2 doesn't seem to like the passwords generated when changing password using the standard passwd command. In Fedora Core 10 the password is hashed using sha-512 and the entry for user username looks like:

username:$6$ef­WWOYRY$z5DNL1kLQ­U4AmPkFBqbQh6LOh­0Qjxq654dS9jE46iP­Np8Zces8I4bP8GLZ3G3RWLo/­6o.LYOV5neYSKxXbL­.M1:14375:0:99999:7:::

Solution

DB2 works fine with passwords hashed with standard crypt function. Password in the desired format can be obtained by calling openssl passwd desiredPassword. The output of openssl can be passed to usermod --password The complete command to change user's password then look like:

usermod --password `openssl passwd desiredPassword` usename

Bigger image

I tried to hand-edit /etc/shadow and insert salted MD5 password, which can be obtained by openssl passwd -1 desiredPassword and the connection was sucessfuly established. To sum it up, the whole problem in the end seems to be that DB2 doesn't like SHA-512 hashes in /etc/shadow. On the other hand, it works fine with hashes generated by crypt and MD5.

Changing default algorithm in Fedora Core

Fedora Core contains a nice tool authconfig. To change the default hashing algorithm to MD5 run

authconfig –passalgo md5 –update

All the passwords inserted in the password database will be stored in MD5 from now on. It will, of course, not change the hashes of the current passwords.

How to install DB2 Express on Fedora Core 9

October 21st, 2008

I got 2 errors while installing DB2 Express that comes with Rational Team Concert. Two libraries were missing:

libstdc++.so.5

ERROR:
The required library file libstdc++.so.5 is not found on the system.

Solution: (thanks http://tldp.org/…fedora6.html)

yum -y install compat-libstdc++-33

libaio.so.1

ERROR:
The required library file libaio++.so.1 is not found on the system.

Solution:

yum -y install libaio

Read the rest of this entry »

Debian Lenny VIM broken dependency

June 28th, 2008

Today I ran apt-get update && apt-get dist-upgrade on my Debian Lenny installed on WD MyBook as I ussually do. It removed VIM (I let it as I thought it was just replaced by another package). I tried to run vim after the upgrade but it was really uninstalled. Trying to install it again by apt-get install I got

The following packages have unmet dependencies:
  vim: Depends: vim-runtime (= 1:7.1.293-3)
         but 1:7.1.293-3+lenny1 is to be installed
E: Broken packages

I tried to uninstall vim-runtime. It didn't help. I don't have time to solve it now so I can't give a solution. If you encountered the same problem and have a solution to this problem, I'd really appretiate your comment.

It's quite sad that Debian repository is not consistent and one gets errors using apt-get.

nice apt-get

April 5th, 2008

Today I wanted to upgrade packages at my WD MyBook running Debian Lenny. My notebook was being backed up at the time so I thought that it would be a good idea to run apt-get with a lower priority, as the the samba process eats almost all MyBook resources.

I typed nice apt-get update && nice apt-get upgrade. It did what I wanted it to do, but hour later I found that apache and samba were running with low priority. This is because the services were restarted by apt-get.

Having been reniced, all the services are running OK again.

C++ round

January 19th, 2008

27th January Update: as somebody has pointed via email (thanks for that), the function I gave only worked for positive numbers. This is the solution he offered (altered a bit not to give warnings so that you can cut&paste ):

#include <cmath>
int function round(double num) {
  char sign = static_cast<char>(num/fabs(num));
  return static_cast<int>(sign* (fabs(num)+ 0.5));
}

Actually, the solution I gave first (and then suddenly changed it to the one that only works for positive number…) worked perfectly with both positive and negative too. This is it:

#include <cmath>
int function round(double num) {
  return static_cast<int>(floor(num+0.5));
}

Read the rest of this entry »

WD MyBook useful links

January 12th, 2008

System upgrade

When things break

WD My Book Debian Lenny — Samba

January 10th, 2008

I have recently installed Debian Lenny to my Western Digital My Book. All thanks to great guide at Mario Pascucci's site (big thanks!)

A commented version with some other details can be found at Hacking WD MyBook World Ed site

The system installed is full-fledged version of testing version (called lenny) of Debian, so one can use use apt-get to install packages the same way as at PC (providing you use a packages mirror, that serves arm architecture). Having successfully installed FTP (vsftpd), htop, gcc, and others, I also wanted to install Samba (as the most important part of such a device).

I was fighting with Samba at MyBook for more than two days (and nights). The problem was that it didn't want to list the shares at the server. The problem in the end was that there is a bug in Debian samba package version 3.0.28–1 – current testing (lenny) version, which has something to do with arm compiler – if you download Samba source code and compile it yourself without additional parameter -O0, the result will be the same as with the samba Debian package.

The bug has already been fixed in 3.0.28–2. This version is not in testing (lenny) yet, but you can manually download the current versions from

To install it do as root:

cd /tmp
wget http://http.us.debian.org/debian/pool/main/s/samba/samba-common_3.0.28-2_arm.deb
wget http://http.us.debian.org/debian/pool/main/s/samba/samba_3.0.28-2_arm.deb
dpkg --install samba-common_3.0.28-2_arm.deb
dpkg --install samba_3.0.28-2_arm.deb
rm samba-common_3.0.28-2_arm.deb samba_3.0.28-2_arm.deb

Another way is to add sid deb sources to you /etc/apt/sources­.list

I hope that this can make somebody's fight shorter than two days…

How to open Western Digital My Book World Edition

November 11th, 2007
WD MyBook

There are few guides on how to dismantle Western Digital My Book World Edition (500 GB) available online. (see here or here).

Just for those who have the new model (white with rubber around it):

  • There is no screw in the cover.
  • You need to remove the rubber before you try to slide the cover.