Archive for July, 2005

Sophos AntiVirus update script

Sunday, July 24th, 2005

I wrote this script some time ago to automatically update the installation of Sophos AntiVirus on my Linux server. But as I’m replacing the server, I decided to switch to ClamAV and so the script is no longer any use to me. Mainly I’m posting it here in case I should ever need it again, but also I hope somebody might find it useful. No doubt it could benefit from some serious cleaning-up, so consider it public domain and feel free to fix it.

The script is designed to be run as root from cron. I used to run it daily, but you could run it hourly if you want more frequent updates. It will handle IDE updates as well as full application updates. It logs it’s actions to /var/log/sophos.log and sends mail to the e-mail address you specify if it fails to update for some reason.

#!/bin/sh
#
# Script to automate the download and installation of Sophos AntiVirus
#

#
# Init some variables
#
INSTSRCDIR=”http://downloads.sophos.com/dp/full”;
IDESRCDIR=”http://www.sophos.com/downloads/ide”;
INSTFILENAME=”linux.intel.libc6.tar.Z”;
EMAIL=”admin@mydomain.co.uk”;
IDEFILENAME=”web_ides.zip”;
LOGFILE=”/var/log/sophos.log”;
NICEDATE=`date +%d/%m/%Y`;
MAILTMP=”/tmp/.mail”;
http_proxy=”";
export http_proxy

#
# Setup the log file descriptor
#
exec 4>>$LOGFILE

#
# This is a function to log the end of the update and send
# an error e-mail to the administrator.
# This is used when an error occurs.
#
# Called By: scriptdie
#
scriptdie() {
 echo “`date +%a\ %b\ %e\ %H:%M:%S\ %Y` *** Update Finished ***” >&4
 echo “This is an automatically generated message from $HOSTNAME.” >$MAILTMP
 echo “The antivirus update on $NICEDATE has generated errors. The relevant part of the log is attached below.” >> $MAILTMP
 echo ” ” >> $MAILTMP
 echo “—” >> $MAILTMP
 tail $LOGFILE >> $MAILTMP
 echo “—” >> $MAILTMP
 mail $EMAIL -s “Sophos update has generated errors!” < $MAILTMP
 rm -f $MAILTMP
 exit 1
}

#
# A function to cleanup the installation directory
# after the install – or when the install fails.
#
# Called By: cleanup
#
cleanup() {
 cd /tmp
 rm -rf sav-install
 rm -f web_ides.zip
}

#
# Check if we’re running as root.
#
if [ "`whoami`" != "root" ]; then
 echo “This script must be run as root. Exiting…”;
 scriptdie
fi

#
# Log the fact that the update has started.
#
echo “`date +%a\ %b\ %e\ %H:%M:%S\ %Y` *** Update Started ***” >&4

#
# Change to the temporary directory to which everything
# will be downloaded.
#
cd /tmp

#
# Record the installed version of Sophos
#
if [ -e /tmp/$INSTFILENAME ]; then
 FILESTAMP=`ls -al /tmp/$INSTFILENAME | awk ‘{print $6$7$8}’`;
fi

#
# Download the file, but only if it is newer than the installed version.
# Then check if it downloaded correctly.
#
wget $INSTSRCDIR/$INSTFILENAME –cache=off -q -N
if [ $? -eq 0 ]; then
 #
 # Check if we actually got a newer version. If we did, then install it.
 #
 if [ ! "$FILESTAMP" = "`ls -al /tmp/$INSTFILENAME | awk '{print $6$7$8}'`" ]; then
  echo “`date +%a\ %b\ %e\ %H:%M:%S\ %Y` A newer version is available!” >&4
  echo “`date +%a\ %b\ %e\ %H:%M:%S\ %Y` The new version was successfully downloaded.” >&4
  tar -xvzf $INSTFILENAME > /dev/null
  cd sav-install
  ./install.sh > /dev/null
  if [ ! $? -eq 0 ]; then
   echo “`date +%a\ %b\ %e\ %H:%M:%S\ %Y` The installation has failed.” >&4
   rm -f /tmp/$INSTFILENAME
   cleanup
   scriptdie
  else
   echo “`date +%a\ %b\ %e\ %H:%M:%S\ %Y` The installation has completed successfully.” >&4
  fi
  cleanup
 else
  echo “`date +%a\ %b\ %e\ %H:%M:%S\ %Y` The most recent version is already installed.” >&4
 fi
else
 echo “`date +%a\ %b\ %e\ %H:%M:%S\ %Y` The file failed to download!” >&4
 scriptdie
fi

#
# Now that the installation has successfully completed,
# we download the latest set of IDE updates for Sophos.
#
wget $IDESRCDIR/$IDEFILENAME –cache=off -q
if [ $? -eq 0 ]; then
 rm -f /usr/local/sav/*.ide
 unzip -o web_ides.zip -d /usr/local/sav/ > /dev/null
 if [ $? -eq 0 ]; then
  echo “`date +%a\ %b\ %e\ %H:%M:%S\ %Y` IDE Update Successful.” >&4
 else
  echo “`date +%a\ %b\ %e\ %H:%M:%S\ %Y` IDE Update Failed. File did not extract.” >&4
  cleanup
  scriptdie
 fi
 cleanup
else
 echo “`date +%a\ %b\ %e\ %H:%M:%S\ %Y` Couldn’t download the IDE updates.” >&4
 cleanup
 scriptdie
fi

#
# Log the fact that the update has finished.
#
echo “`date +%a\ %b\ %e\ %H:%M:%S\ %Y` *** Update Finished ***” >&4

Tags: , , ,
Posted in linux | No Comments »

Anybody want to buy a laptop?

Wednesday, July 20th, 2005

Clevo D410S Laptop – P4/512MB RAM/CDRW+DVD-ROM.

Runs Linux well :-)

Tags:
Posted in Technology | No Comments »

Software RAID hell

Tuesday, July 19th, 2005

I’ve been trying for some time to set-up software RAID on my new server and it’s been a real pain. When I was running Solaris on it, it took just a few clicks to set up the required software RAID 5 configuration with 9 disks. In Linux, it takes lots of messing about and trial-and-error.

So, to help anyone else who is being driven mad (or myself, should I ever need to do this again), here’s what I did to get software RAID 5 working in Debian Sarge (on SPARC64, but that doesn’t make any difference to the technique):

  1. Install udev (ensuring you have a kernel which supports it – I’m using a self-compiled 2.6.11.8). You could opt for devfs instead but, without wanting to start a flamewar, the udev developer says udev is better and I believe him. Once installed, reboot to ensure it is all working.
  2. Partition your disks. Most people probably want to create one partition on each disk using all the available space. Set the partition type to ‘Linux RAID autodetect’ (in fdisk, type ‘t’, then ‘fd’ when prompted for the hex code). If you’re using SPARC[64], remember to start each partition at cylinder 1 and NOT cylinder 0 otherwise you’ll overwrite your Sun disk labels (as I did many times).
  3. Now you are ready to create the RAID device. Do ‘mdadm -C -a -l5 -n8 -x1 /dev/md0 /dev/sdd1 /dev/sde2 etc.’. The mdadm man page is your friend here, but briefly: -C tells mdadm that it’s creating a new array, -a tells it to create the md0 device node if it doesn’t already exist, -l is the RAID level (5 is the best for most people, but you need at least 3 disks), -n is the number of active disks, -x is the number of spare disks (these will be used when an active disk fails), /dev/md0 is the RAID device (it will be md0 if this is your first RAID array), then finally you need to specify the disks you want the array to use.
  4. Ensure Debian will start the array on boot: do ‘dpkg-reconfigure mdadm’ and ensure it is set to do so.
  5. Next you need to create a filesystem on the device. This can be pretty much anything, but apparently XFS isn’t stable on software RAID. I opted for reiser as it’s supposed to be stable, but you might like to use ext3 or reiser4 (for reiser4 you’ll need a Debian newer than Sarge or Gentoo).
  6. Add your device to fstab next. I mounted mine on /home.
  7. Reboot and see what happens. Your device should be mounted and working. It will take a while to sync everything.

So that’s it. Some instructions tell you to do things with mdadm.conf – ignore them. If you do that, it won’t work. You don’t need a configuration file as long as your partitions are labelled as Linux RAID autodetect.
The howtos I found most useful were this one and this one, with the latter of the two being the most useful.

Tags: ,
Posted in linux | No Comments »

Software Patents and the Olympics

Thursday, July 7th, 2005

I am not going to write about what happened in London today. If we don’t carry on as we normally would, they have succeeded. Instead I am going to write about a few things I meant to post about yesterday but didn’t get round to.

So yesterday the European Parliament decided to drop the Directive on the Patentability of Computer Implemented Inventions – aka, software patents. Many people have been counting this as a victory, but actually it isn’t. Of course things could have been worse, but they could have been better too. Had the directive been adopted in it’s unammended state, it would have opened the door to software patents in Europe. Had it been adopted as ammended by the Parliament, the door would be firmly closed and software patents would be history. However as the directive has been dropped, the door is ajar. It is now up to each member state whether they allow software patents or not – many have already been granted and as the directive has been dropped, can still be enforced.
What we need now is a new directive and a Council of Ministers prepared to listen to our elected reprentatives in the European Parliament.

Also yesterday it was announced that London has won the 2012 Olympics. This will no doubt be great for the country but I must admit that personally, I’m not interested. I don’t know why, but I have never been interested in the Olympics. Football – yes. Wimbledon – yes. Maybe I should actually make an effort to see some of it and maybe I’d enjoy it…

On a completely unrelated note, hello to everyone who’s clicked through from dot.kde.org, where my write-up of LRL 2005 was quoted. Methinks it’s time to get proper hosting as my current server only has 256Kbp/s of upstream bandwidth…

Tags: ,
Posted in Life, Patents & Copyright | No Comments »

Photo album online

Tuesday, July 5th, 2005

I’ve been saying for ages that I should write a photo album for my site, so that my photographs aren’t all attached to blog entries. Well, I’ve finally coded it. Actually that’s a lie: I wrote the code for another project I’m working on and I’ve finally bothered to copy and paste it over :-)

So far I’ve put in my pictures from FOSDEM and LUGRadio Live. I’m not going to go back and move any more older stuff in there though, only new stuff from now on.
I only finished it in the early hours of this morning, so please let me know if anything is broken or doesn’t look right (as usual, I haven’t tested it in IE).

For the PHP developers out there, I’ve created it using code based on the gd library. I can upload photos using my super-secret admin interface and they will be resized and have thumbnails generated automatically. I stole some of the code for the resizing and thumbnail generation from here.

View my photo album

Tags:
Posted in General | No Comments »