Mailman: how to set moderated flag on for all

November 4th, 2020

Mailman  is an old and well known free software for managing electronic mail discussion and e-newsletter lists.
Recently i had to put as active the “moderated” flag for all the people in a very big mailing list.
To do this, first I loaded this python script, then I exported all the list members into a file

/usr/lib/mailman/bin/list_members mylistname  > /tmp/mylistnameusers.txt

and finally I applied the withlist command for all:

for ADDR in $(cat /tmp/mylistnameusers.txt) ; do
/usr/lib/mailman/bin/withlist -l -r du.setMemberModeratedFlag mylistname  $ADDR 0
done

Iptables rules loaded every time after a reboot

November 7th, 2019

Even if it has been disabled firewalld and iptables, some iptables rules could be activated after a reboot. It’s due to libvirtd .

I’ve just read a good post here where it’s fully explained why even though iptables is turned OFF, after every boot the command iptables -L -n still displays some rules to be activated.

Execute Windows Commands from Linux using winexe

September 10th, 2019

I’ve just found a good tutorial to compile winexe.
My host was a CentOS 7 box and I followed the instruction of this link:

Execute Windows Commands from Linux using winexe. Connect from Linux to Windows without SSH

In order to have git working, I opened the outgoing connection of 9418 TCP port on my firewall.

openssl and digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:536 error

January 8th, 2019

If You used an old openssl to encrypt a file, e.g. openssl 1.0.x with some command line such as:

$ openssl enc -in <plain input file> -out <crypted output file> -e -des-ede3-cbc

decrypting it using a newer openssl release You will find a similar error:

$ openssl enc -in <plain input file> -out <crypted output file> -d -des-ede3-cbc

bad decrypt
140109197936000:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:536:

despite this mismatch error, it’s possible to obtain the original plain file adding the -md md5  option in the decrypt command:

$ openssl enc -in <plain input file>  -md md5   -out <crypted output file> -d -des-ede3-cbc

running more than a single telegram desktop client

August 2nd, 2016

I installed the Telegram Desktop client, and next I created a new folder named “C:\Users\myname\AppData\Roaming\Telegram Desktop\tdata_another”.

Then I added  telegram.exe path in the PATH environment variable. This step is not mandatory but I’d rather to write “telegram” instead of “C:\Users\myname\AppData\Roaming\Telegram Desktop\telegram” in the next step.

Finally, to run two telegram instances, from the DOS prompt I wrote

C:\Users\myname>Telegram -many -workdir “C:\Users\myname\AppData\Roaming\Telegram Desktop\tdata”

followed by

C:\Users\myname>Telegram -many -workdir “C:\Users\myname\AppData\Roaming\Telegram Desktop\tdata_another”

a nagios check to remind me the SSL certificate expiration

March 3rd, 2014

I wrote a quite unuseful check for nagios to remind me to renew my SSL certificate. This is the definition in commands.cfg file

define command{
        command_name check_ssl_expiration
        command_line /usr/lib/nagios/plugins/check_ssl_expiration.sh $ARG1$ $ARG2$ $ARG3$ $ARG4$
}

and this the check_ssl_expiration.sh script

#!/bin/bash
# input parameters
MYSRV=$1
MYPORT=$2
DAYWARN=$3
DAYCRIT=$4
# return values
RET_OK=”0″
RET_WARN=”1″
RET_CRIT=”2″
RET_UNKN=”3″
TEMPFILE=/tmp/.$$certtest.pem

# check data input
checkdata () {
        VAL=`echo $2 | wc | awk ‘{print $2}’`
        if [ $VAL -eq 0 ]; then
                echo $1 is not set
                exit $RET_UNKN
        fi
}

checkdata “HTTPS server name” $MYSRV
checkdata “HTTPS PORT” $MYPORT
checkdata “warning threshold” $DAYWARN
checkdata “critical error threshold” $DAYCRIT

echo | openssl s_client -connect $MYSRV:$MYPORT  2> /dev/null | sed -ne ‘/-BEGIN CERT/,/-END CERT/p’ > $TEMPFILE 2>/dev/null
EXPDATE=`openssl x509 -noout -in $TEMPFILE -dates|grep notAfter|sed -e “s/.*notAfter=//”`
rm $TEMPFILE

EXPSEC=`date “+%s” –date=”$EXPDATE”`
NOWSEC=`date “+%s”`
DAYLEFT=`expr \( $EXPSEC – $NOWSEC \) / 86400`

# $DAYLEFT days left to SSL certificate expiration

if [ $DAYLEFT -le $DAYCRIT ]; then
        echo “ERROR – $DAYLEFT days left to SSL certificate expiration for $MYSRV:$MYPORT”
        exit $RET_CRIT
fi

if [ $DAYLEFT -le $DAYWARN ]; then
        echo “WARNING – $DAYLEFT days left to SSL certificate expiration for $MYSRV:$MYPORT”
        exit $RET_WARN
fi

echo “$DAYLEFT days left to SSL certificate expiration for $MYSRV:$MYPORT”
exit $RET_OK

Off course I scheduled this check once a day.

How to remove the NameVirtualHost *:80 has no VirtualHosts warning

February 17th, 2014

I had a debian squeeze webserver showing me this strange warning at statrup

root@web:/etc/apache2# /etc/init.d/apache2 restart
Restarting web server: apache2[Mon Feb 17 10:27:43 2014] [warn] NameVirtualHost *:443 has no VirtualHosts
[Mon Feb 17 10:27:43 2014] [warn] NameVirtualHost *:80 has no VirtualHosts
 … waiting [Mon Feb 17 10:27:44 2014] [warn] NameVirtualHost *:443 has no VirtualHosts
[Mon Feb 17 10:27:44 2014] [warn] NameVirtualHost *:80 has no VirtualHosts

This was due to a duplicated couple of lines in configuration.

NameVirtualHost *:80
NameVirtualHost *:443

in the /etc/apache2/port.conf and in /etc/apache2/conf.d/virtual.conf too. Commenting out the last file I removed the warning.

Don’t ask me, I don’t know why…

February 7th, 2014

I’m telling You about a Centos 5.10 server joined to an Active Directory environment.
Once I was able to open a ssh session on this server with my A.D. username/password, but some day ago I noticed it was possible only to log in this server using local root account.
I discovered that the wbinfo -i myusername  command retuned a WBC_ERR_WINBIND_NOT_AVAILABLE error.

To fix this problem I issued the following commands:

  # service winbind stop
  # service smb stop
  # net cache flush
  # rm -f /var/lib/samba/*tdb
  # service smb start
  # service winbind start