Category Archives: Tech

Scripting bsdinstall in FreeBSD 9.0 for custom installation CD

Posted on by
Reply

Starting with FreeBSD 9.0, the default installer for FreeBSD has changed from sysinstall to bsdinstall. While there has been mixed reactions from old time users, the process of creating a custom install CD for FreeBSD has become a lot easier (although longer). bsdinstall uses a set of shell scripts which can be modified as per requirements.

First step is to install a fresh 9.0 RELEASE, and select the src to be installed along with the base system. Once the system with source is installed (by default /usr/src) execute the following commands

# cd /usr/src
# make buildworld buildkernel

Installation scripts are located at /usr/src/usr.sbin/bsdinstall/scripts/ . First file to run is ‘auto’, which then calls other files. Almost all of them are shell scripts. Remember, you do not need to repeat ‘make buildworld buildkernel’ if you are just making changes to the install script file.

# cd /usr/src/release
# make release

Once the release has been built we now copy the iso / usb image / ftp files to the desired directory

# make install DESTDIR=/usr/freebsd-snapshot clean

This creates the iso file, memory stick image and ftp folder for ftp install. In case you are wondering how to use the memory stick image, see this blog post:
http://koitsu.wordpress.com/2009/11/03/writing-freebsd-memstick-img-to-a-usb-drive-in-windows/

Cheers
Amitabh

Using timeouts with file_get_contents in PHP

Posted on by
Reply

If you are trying to use file_get_contents for fetching data from url’s, you might sometime need to define a timeout value. While it would seem as there is no obvious way, thanks to this comment on the manual page for file_get_contents, there is a pretty simple way.

// create the context
$arContext['http']['timeout'] = 3;
$context = stream_context_create($arContext);

// Fetch data
$url_data = file_get_contents('http://example.com', 0, $context);

There are other options too which can be seen here – http://www.php.net/manual/en/context.http.php

Cron Job Syntax check

Posted on by
Reply

If you work a lot using the cron jobs, it makes sense to check the syntax that you are using. This is more so if you have something that runs only once a day or month.

I got across this link http://www.hxpi.com/cron_sandbox.php which gives you a list of date/time when your script would run based on the syntax provided.

Amitabh

Update: It seems that the site registration expired and a link farm has come up in its place.

Enable SSL with Apache in FreeBSD

Posted on by
Reply

Generate a server key. This would remain same for all domains/ips on this server

# openssl genrsa -des3 -out server.key 1024

Now make sure it does not ask for any password while loading the certificate

# cp server.key server.key.org
# openssl rsa -in server.key.org -out server.key

Now create a certificate signing request (CSR) for your domain. Once you execute the command listed below, you will be asked few questions. The most important is “Common Name”, which should be the fully qualified domain name that requires SSL cert

# openssl req -new -key server.key -out domain_name.csr

Once you have the CSR, there are two ways you can get the certificate: (a) generate the certificate yourself, but you and more importantly your users will get a warning every time they access the domain/web page or (b) use the CSR to submit this request to one the browser recognized SSL cert providers. They generally charge for such services. To complete the process here, we would generate the certificate ourselves.

# openssl x509 -req -days 365 -in /root/domain_name.csr -signkey /root/server.key -out /root/domain_name.crt

Now, we need to move the certificate file and the server key from where Apache can read it. make sure you set the correct permissions on both the files

# mkdir /usr/local/etc/apache22/ssl
# chmod 0700 /usr/local/etc/apache22/ssl

# cp ~/server.key /usr/local/etc/apache22/ssl/
# cp ~/domain_name.crt /usr/local/etc/apache22/ssl/
# chmod 0400 /usr/local/etc/apache22/ssl/server.key
# chmod 0400 /usr/local/etc/apache22/ssl/domain_name.crt

If you are running with virtual hosts enabled, make sure the domain entry in the virtual host section is ip based.

<VirtualHost xxx.xxx.xxx.xxx:80>
ServerAdmin webmaster@domain_name.com
DocumentRoot /usr/local/www/apache22/data/domain_name.com/htdocs
ServerName domain_name.com
ErrorLog /usr/local/www/apache22/data/domain_name.com/logs/error_log
CustomLog /usr/local/www/apache22/data/domain_name.com/logs/access_log common
</VirtualHost>

The SSL section will require a the path to the certificate and server key.

<VirtualHost xxx.xxx.xxx.xxx:443>
ServerName domain_name.com
ServerAdmin webmaster@domain_name.com
DocumentRoot /usr/local/www/apache22/data/domain_name.com/htdocs
SSLEngine on
SSLCertificateFile /usr/local/etc/apache22/ssl/domain_name.crt
SSLCertificateKeyFile /usr/local/etc/apache22/ssl/server.key
</VirtualHost>

For FreeBSD, default Apache virtual host file is located at /usr/local/etc/apache22/extra/http-vhosts.conf and SSL configuration file is located at /usr/local/etc/apache22/extra/httpd-ssl.conf. You need to enable both of them in your main httpd.conf file (/usr/local/etc/apache22/httpd.conf).

Also make sure that accf_data_load=”YES” is present in your /boot/loader.conf, otherwise you will receive a warning every time your start Apache.

This guide has been written for FreeBSD 8.0 and Apache 2.2.14 . For other distributions and versions, the file location might have to be adjusted to make it work.