# uname -a

Switch

NotesInformatique › Hacks

Fil des billets

mardi 19 avril 2016

"SQLSTATE[HY000] [2002] No such file or directory" for compiled PHP

Par Mathieu le mardi 19 avril 2016, 22:52

Let's say you connect to MySQL using "localhost"

Let's say you compiled PHP

Let's say you didn't specify the --with-mysql-sock= parameter in your configure command when you built mysql

And let's suppose you cannot connect to MySQL using PHP. CLI works fine, but not CGI.

Solution : fix the default sockets in php.ini (use your own working socket paths) :

pdo_mysql.default_socket=/var/run/mysqld/mysqld.sock
mysqli.default_socket = /var/run/mysqld/mysqld.sock

# You shouldn't use mysql_ extension, but if you did:
mysql.default_socket = /var/run/mysqld/mysqld.sock

I suppose that automatically converting "localhost" to an unix socket is done for performance reason on unix systems.

jeudi 18 février 2016

Debian 8 : Limit SSH users to SFTP

Par Mathieu le jeudi 18 février 2016, 10:38

Let’s say you want to configure a secure remote file access for you users, but you can’t use FTPS for some reasons (problems with passive mode and commercial firewalls ? Yes !). Your only secure solution is either a VPN, or a SFTP access.

SFTP is great, but it may implies giving full command line access to your end users.  In order to prevent that, you could set-up a jailed SSH access with Jailkit and some bind mount, but it’s not that trivial to configure and to maintain ; and it may not work with software virtualization (Docker, LXCs…). There is a simpler solution.

The solution is : use the native chroot and limitations abilities of OpenSSH. Here is how.

Lire la suite...

mardi 16 février 2016

Add Drush to Jailkit

Par Mathieu le mardi 16 février 2016, 10:16

Here is the configuration I use to make Drush working inside a Jailkit chrooted shell :

/etc/jailkit/jk_init.ini :

[php]
comment = the PHP interpreter and libraries
executables = /usr/bin/php5, /usr/bin/php
directories = /usr/lib/php5, /usr/share/php, /usr/share/php5, /etc/php5, /usr/share/php-geshi, [B]/usr/share/zoneinfo[/B]
includesections = env

[env]
comment = environment variables
executables = /usr/bin/env

[mysql-client]
comment = mysql client
executables = /usr/bin/mysql
paths = /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18

[drush]
comment = drush (drupal command line)
includesections = php, mysql-client, uidbasics, netbasics
directories = /usr/share/zoneinfo, /etc/ssl/certs, /usr/share/ca-certificates

Once the jailed shell works, add the Drush dependencies to the jail :

jk_init -v -c /etc/jailkit/jk_init.ini -f -k -j /absolute/path/to/jail/ drush

2 commentaires

vendredi 12 février 2016

DomPDF : load custom local fonts in you own folder

Par Mathieu le vendredi 12 février 2016, 23:28

I needed custom fonts for domPDF, but I didn’t want to use the “remote” capabilities of domPDF, and I didn’t wanted to spoil my “contrib” folder with my own fonts. Dependencies should remain clean.

My domPDF version was 0.6.3.

To use your own “fonts” folder in order to autoload you own fonts, do :

  • Creates a directory for your fonts and font cache :

mkdir myfonts
  • Copy your .ttf files in this folder.
  • Creates a file named dompdf_font_family_cache.php in the myfonts folder, and reference your files. As a sample, you can use the file dompdf/lib/fonts/dompdf_font_family_cache.dist.php
  • In your configuration (dompdf_config.custom.inc.php), change the DOMPDF_FONT_DIR and DOMPDF_FONT_CACHE to point on your folder myfonts (relative use realpath on relative paths).
  • Use your fonts like native fonts in font-family declarations.

I hope it will be useful to you.

dimanche 6 décembre 2015

Set-up SQL quarantine with Amavisd-new and ISPConfig

Par Mathieu le dimanche 6 décembre 2015, 16:56

It's documented, but it took me two days to do it correctly, so here is how to reconfigure an ISPConfig installation of Amavis to store quarantined mail in SQL database, in order to install a quarantine viewer like Mailzu.

Lire la suite...

un commentaire une annexe

- page 3 de 12 -