Phat Site Blog

–00151761ca48ed7e11047a70b394Content-Type: text/plain; charset=ISO-8859-1Best advisory link I’ve found:http://www.vupen.com/english/advisories/2009/34682009/12/11 James Hogarth > on that today perhaps those thinking of ext4 for production systems -> especially shared multiuser systems – should check out CVE-2009-4131 …>> CVE-2009-4131: Arbitrary file overwrite in ext4>> Insufficient permission checking in the ext4 filesytem could be> exploited by local users to overwrite arbitrary files.>> Ksplice update ID: mfm62pmh>> 2009/12/11 Ross Walker >> on Dec 10, 2009, at 7:52 PM, Mark Caudill wrote:>>>> > Christopher Chan wrote:>> >> Morten Torstensen wrote:>> >>> on 08.12.2009 13:34, Chan Chung Hang Christopher wrote:>> >>>>> Speaking for me (on Linux systems) on top of LVM on top of md.>> >>>>> on IRIX>> >>>>> as it was intended.>> >>>>>>> >>>> That is a disaster combination for XFS even now. You mentioned some>> >>>> pretty hefty hardware in your other post…>> >>> if XFS doesn’t play well with LVM, how can it even be an option? I>> >>> couldn’t live without LVM…>> >>>>> >>>> >> I meant it in the sense of data guarantee. XFS has a major history of>> >> losing data unless used with hardware raid cards that have a bbu>> >> cache.>> >> That changed when XFS got barrier support.>> >>>> >> However, anything on LVM be it ext3, ext4 or XFS that has barrier>> >> support will not be able to use barriers because device-mapper does>> >> not>> >> support barriers and therefore, if you use LVM, it better be on a>> >> hardware raid array where the card has bbu cache.>> >>> > Wait, just to be clear, are you saying that all use of LVM is a bad>> > idea>> > unless on hardware RAID? That’s bad it if it’s true since it seems>> > to me>> > that most modern distros like to use LVM by default. Am I missing>> > something?>>>> if you use a leading edge distro then they will most likely be using a>> LVM version with barrier support as it was implemented as of>> 2.6.29-2.6.30+.>>>> It should be backported by the next release of CentOS hopefully.>>>> -Ross>>>> _______________________________________________>> CentOS mailing list>> CentOS@centos.org>> http://lists.centos.org/mailman/listinfo/centos>>>>–00151761ca48ed7e11047a70b394Content-Type: text/html; charset=ISO-8859-1Content-Transfer-Encoding: quoted-printableBest advisory link I’ve found:http://www.vupen.com/english/advisories/2009/3=4682009/12/11 James Hogarth <james.hogarth@gmai=l.com>On that today per=haps those thinking of ext4 for production systems – especially shared mult=iuser systems – should check out CVE-2009-4131 …CVE-2009-4131: Arbitrary file overwrite in ext4Insufficient per=mission checking in the ext4 filesytem could beexploited by local users to overwrite arbitrary files.Ksplice updat=e ID: mfm62pmh2009/12/11 Ross Walker <rswwalker@gmail.com>

On Dec 10, 2009, at 7:52 PM, Mark Caudill <markca@codelulz.com> wrote:

> Christopher Chan wrote:>> Morten Torstensen wrote:>>> on 08.12.2009 13:34, Chan Chung Hang Christopher wrote:>>>>> Speaking for me (on Linux systems) on top of LVM on to=p of md.>>>>> on IRIX>>>>> as it was intended.>>>>>>>>> That is a disaster combination for XFS even now. You menti=oned some>>>> pretty hefty hardware in your other post…>>> if XFS doesn’t play well with LVM, how can it even be an o=ption? I>>> couldn’t live without LVM…>>>>>>> I meant it in the sense of data guarantee. XFS has a major history= of>> losing data unless used with hardware raid cards that have a bbu>> cache.>> That changed when XFS got barrier support.>>>> However, anything on LVM be it ext3, ext4 or XFS that has barrier>> support will not be able to use barriers because device-mapper doe=s>> not>> support barriers and therefore, if you use LVM, it better be on a>> hardware raid array where the card has bbu cache.>> Wait, just to be clear, are you saying that all use of LVM is a bad> idea> unless on hardware RAID? That’s bad it if it’s true since it s=eems> to me> that most modern distros like to use LVM by default. Am I missing> something?

If you use a leading edge distro then they will most likely be =using aLVM version with barrier support as it was implemented as of2.6.29-2.6.30+.

It should be backported by the next release of CentOS hopefully.

_______________________________________________CentOS mailing listCentOS@centos.orghttp://lists.centos.org/mailman/listinfo/centos

–00151761ca48ed7e11047a70b394–

[CentOS] Is ext4 safe for a production server?

I have 10 site scripts which are all on different base of users… They have their own sessions users database tables and all… is there any software(user management system) which can link all my scripts to one single sign-on standard?

Is there any php script software to manage users and sessions across all my site scripts?

Apache Hadoop, the open-source version of Google’s MapReduce architecture named after a kid’s stuffed elephant, is still working to tame the 1.0 beast.

Only a year ago, Hadoop hit its first stable release, a release that – in true open-source fashion – couldn’t be called version 1.0 but contained two decimal points: version 0.20.0.

Despite that, Hadoop is running search on some of the internet’s largest sites. Lovers on eHarmony, job seekers on LinkedIn and social networkers on Fox Interactive Media – Rupert Murdoch’s media arm running MySpace, Photobucket, and Rotten Tomatoes – are getting their queries answered thanks to Hadoop.

During a recent interview with The Reg, Hadoop co-founder Doug Cutting confessed his surprise at Hadoop’s level of uptake and success. “I started Nutch [Hadoop's precursor] trying to think about web search … I was trying to be provocative,” he said.

“I didn’t see us outside the production environment of building these big web indexes.”

And yet, a year since that first stable version and months after Cutting discussed Hadoop 1.0 at ApacheCon last year, version 1.0 – promised for 2010 – is proving elusive.

The project is working towards a goal that’s a must for any piece of technology that wants to be taken seriously in business: the ability to upgrade without injecting breaking changes, changes that force users to re-install their software or cause data loss. in Hadoop’s case, the goal is to let users upgrade parts of a data center cluster without uprooting the whole thing.

Different priorities

Cutting says that his former employer, Yahoo!, a huge sponsor and early fan whose support made Hadoop possible for others, isn’t helping. Yahoo! remains Hadoop’s single largest contributor, and that’s a challenge, Cutting says, because Yahoo! has a slightly different focus than the rest of the project.

The web’s second largest search property, he says, has been working on security updates so people can share large clusters in private, without others knowing what they’re doing.

While security is a goal of Hadoop. 1.0, Cutting says that Yahoo!’s focus comes at the expense of work on a broader front. “That’s taken some of the steam of the 1.0 efforts,” Cutting said. “Hadoop 1.0 has not made as much progress as we’d have hoped.”

It’s an interesting twist.

Yahoo!’s intervention in Hadoop proved decisive in the early days, helping boost the project to success. With Google thrashing the company in the 2000s, Yahoo! clearly saw something in Hadoop that few others had noticed. Yahoo! saw it not just as web search indexing project, but as an architecture that could handle distributed number crunching for all sorts of services.

That architecture is based on Google’s own distributed file system (GFS) and MapReduce. before GFS and MapReduce, Cutting had built a full-scale web search engine called Nutch, something that started in 2002. however, things hit a wall. “We had something that kind of worked and was in theory scalable to the entire web, but was very painful to use on anything more than 100 million web pages,” Cutting said.

Next page: From Nutch to Hadoop

Hadoop takes Big Data beyond Java

• Sign up for the Lifehacker Daily and get one great story in your inbox each day.

• Join Lifehacker on Facebook. Click “Like” to get the most important stories in your News Feed.

by Rick Broida

If you’ve been playing the MP3 game for more than a few years, you’ve probably amassed a library that’s both sizable and eclectic. It’s probably a bit messy, too, with inconsistent volume levels, missing or incorrect album art and messed-up metadata.

Fortunately, these problems aren’t difficult to correct. With a little extra time and the right software tools, you can whip your MP3 library into shape. Let’s start with volume leveling. Read on to discover the first secret of a perfect MP3 library.

Put song volume on the levelBecause your MP3s probably came from a variety of sources—CDs, friends, download services, peer-to-peer software and the like—they probably have woefully inconsistent volume levels. this song’s too loud, the next one’s too soft, and very few are juuuuust right. if you live for shuffle play, you know how exasperating this can be: you end up reaching for the volume controls with every new song that plays.

There are myriad solutions to this problem. iTunes 7, for instance, can automatically adjust volume level—but only when you play your tunes in iTunes. Some portable players, meanwhile, have volume-leveling capabilities built in, like the Creative Zen Vision:M. But these options don’t attack the root of the problem, which is that your multi-sourced MP3s have inconsistent levels.

Enter MP3Gain, widely regarded as one of the best tools for “normalizing” MP3s. The software analyzes your tracks, then modifies them so they play at a consistent volume. there are other programs that do likewise (notably MediaMonkey, which we’ll be using in part II of this feature), but I’m partial to MP3Gain. after you download and install the program, meet me at the next paragraph.

Click Add Folder, then select the folder containing your MP3s. The next step is to choose a method of volume analysis: album or track. when you analyze by album, MP3Gain focuses on all the songs in any given album, relative to each other. when you analyze by track, it’s like your entire library is one big album: MP3Gain calculates the volume level for each individual song. I recommend the latter option, as our goal here is to achieve consistent levels for your entire library.

What’s happening under the hoodIt’s worth noting at this point that MP3Gain makes no changes to the encoding of the MP3 files themselves, meaning song quality won’t be affected. What’s more, the program stores analysis and undo information inside each file’s metadata, so you can reverse the process or make additional changes later on. In other words, the volume adjustments are only semi-permanent.

Once MP3Gain completes the analysis, you can review the results (see the included help file for detailed descriptions of what everything means) or just go ahead and start the leveling procedure by clicking Track Gain. (Again, you have the option of adjusting the volume by album instead, but for our purposes, stick with track.) this will take even longer than the analysis, so be prepared to wait awhile.

When you’re done, fire up Windows Media Player, MediaMonkey or whatever player you use and test your tracks. they may not have perfectly consistent volume, but they should be much better. you can always go back to MP3Gain and raise or lower the Target “Normal” Volume a few decibels if your tracks prove to be too soft or too loud.

A few final notes: You’ll need to re-sync your portable player so it has the volume-leveled MP3s; you’ll need to run MP3Gain on any new tracks you add to your library; and you’ll need to tune in next week to learn how to fix and add album art!

Rick Broida, Lifehacker associate editor, co-authored How to do Everything with MP3 and Digital Music, but it’s so old and out of date, he’s not going to shill for it. His special feature, Alpha Geek, appears every Monday. Subscribe to the Alpha Geek feed to get new installments in your newsreader.

Contact information for this author is not available.

Whip your MP3 library into shape, Part I – Level the volume

I needed to have the latest rails on my ubuntu desktop : lucid lynx (the one that is by default in repository is too old)

and this command will not work on any debian based system because it’s disabled and
it will break the debian way

sudo gem update –systemanyway you can update and the replace the gem installed on the system this way
sudo gem install rubygems-updatesudo update_rubygems
if it’s not in the path (I wonder why is not there by default when the gem package is installed)
you can do this
sudo /var/lib/gems/1.8/bin/update_rubygems RubyGems 1.3.6 installed=== 1.3.6 / 2010-02-17changelog and notices——————————–RubyGems installed the following executables: /usr/bin/gem1.8

then you can install the latest stable rails

sudo gem install rails

Mariuz's Blog: Installing the latest ruby on rails on any ubuntu …

If I have VNC server running in Bactrack 2 Linux, will I automatically be able to access it if the computer with the server has an internet connection, or will I have to do this manually?

If it says my new x desktop is ‘bt:2′ , is that all I have to enter in the vncviewer box as long as I have an internet connection on both computers?

(They aren’t on the same network)

VNC Server?

Suggest a post:
moc.rekcahefil@spitLIFEHACKER TEAMEditor-in-Chief:
Adam Pash
liamE | AIM | Twitter

Contributing Editor:
Kevin Purdy

liamE | AIM | Twitter

Senior Writer:
Jason Fitzpatrick

liamE | Twitter

Contributors:
Lowell Heddings

liamE | Twitter
Whitson Gordon
liamE | Twitter

Founding Editor:
Gina Trapani | Twitter

Intern:
Lauren Pon

Contributing Copy Editor:Dustin Luck

liamE

Catch up on the best of Lifehacker with Lifehacker Random

Follow Lifehacker on:
Twitter
Facebook

Buy our new book!
The Complete Guide to Google Wave
Buy our new book!
Upgrade your Life

Mod a cheap $5 throwaway flashlight into a blinding torch

I’m not a developer, but I have experience with tools like MS Access. Wondering if there’s a similar tool for RonR that help non-technical people build sites.

Is there a tool that allows you to develop Ruby on Rails applications through a graphical interface?

Canonical’s latest free Ubuntu Linux operating system version is officially released today. Ubuntu 9.04 for desktop, server and “netbook remix” is available for immediate download, CD purchase or you can request a free CD.

Ubuntu is a free operating system that can be used on desktop PCs, notebooks, work/business PCs as well as other devices that support either the x86 CPU or ARM CPUs (beginning with version 9.04, previous versions only supported x86). It is a version of Linux that includes a graphical desktop. In fact, beginning with 8.x, Ubuntu comes standard with the Compiz Fusion 3D desktop, which enables some really amazing effects (and here, and here) that puts Windows Vista to shame. as in Vista, these features require a moderate to high-end 3D accelerated graphics card, and can be enabled easily in the screen controls options.

The usable qualities of Ubuntu easily surpass anything seen in Vista. its only real limitations come in the form of software. Most applications written for Windows were not also ported to Ubuntu (or, more generally, Linux). as a result, many of people’s favorite programs will not run natively in Linux. however, there are almost always alternatives that have been written which provide similar functionality, and are also free.

In the alternative, VMware has created a server version of their software which can be downloaded for free. It creates a virtual machine which runs inside of Ubuntu. from there, any Windows operating system can be installed and made to run full-screen, in a window or alongside multiple versions of Windows (and even other versions of Linux) at the same time. this functionality is limited only by system resources.

Note: In my tests on an AMD Athlon X2 CPU without hardware virtualization assist, the operating system ran about 30% slower in Ubuntu than it did natively on the machine by itself. In addition, some features (such as 3D games) were not possible due to driver limitations, which enable the Windows instance to operate smoothly with VMware’s hypervisor layer (and ultimately with Ubuntu itself). Files can be exchanged back and forth, as can data on the system clipboard. and, just as in regular Windows running natively on a machine, all software can be installed. Virtual Windows machines also have one additional feature which can be a life saver: Simply by copying the VMware disk files associated with the virtual machine, the entire state of a machine can be backed up or copied to another computer, allowing one to take a virtual machine from work to home and back again, even on a USB thumb drive, for example.

Ubuntu 9.04 includes the latest 2.6.28.8 kernel, and a host of features. Some of the highlights include:

• OpenOffice 3.0
• Latest Skype
• Latest Adobe Flash
• Faster boot times (reportedly as low as 25 seconds)
• Gnome 2.26
• Brasero 2.26 (all-in-one CD burning application)
• Better (more intuitive) multi-monitor support
• X.Org server 1.6, which supports several new video cards, as well as ATI-specific improvements including EXA acceleration (by default), 2D support for R6/R7 series, 3D support for R5 series, along with an updated -fglrx proprietary driver for R6/R7 series 3D support.
• More uniform notifications and system messages
• Ext4 file system support
• A Netbook Remix version, which offers:
  • Even faster boot speeds
  • Enhanced power management
  • Easier network switching
  • More intuitive icons and other design changes
  • Native support for Acer Aspire one, Asus Eee PC 1000, Dell Mini 9
• A Server Edition, which offers:
  web, print, file, database and mail servers – more efficiently. Ubuntu 9.04 Server Edition integrates the latest, stable Open Source applications from across the community, packaged and ready for users to deploy. New enhancements include improved virtualization with the latest KVM features, clustering support in Samba file server and easier mail server setup with out-of-the-box Dovecot-Postfix integration.

  In addition, Ubuntu 9.04 Server Edition will preview Ubuntu Enterprise Cloud (UEC). Ubuntu is the first commercially-supported distribution to enable businesses to build cloud environments inside their firewalls. With Ubuntu 9.04 Server Edition, organizations can explore the benefits of cloud computing without the data or security issues associated with moving data to an external cloud provider. following a successful beta program last year, Ubuntu Server Edition 9.04 will also be fully available on Amazon Elastic Compute Cloud (EC2).

Jane Silber, COO, Canonical, says: “With every release, we see Ubuntu Desktop Edition make significant steps forward in appealing to mainstream computer users. With access to the latest office productivity suite, support for Skype and Adobe Flash, and faster boot times, we’re confident that Ubuntu 9.04 Desktop Edition will see more people join millions of others and make the switch to an open platform.”

Ubuntu 9.04 also comes with a native ARM processor port, for MIDs and low-end netbooks featuring an ARM CPU instead of an x86 CPU, and specifically the ARMv5EL and ARMv6EL-VFP architectures. See Geek.com’s previous coverage for additional information on Ubuntu’s ARM support.

Read Canonical’s press release on Ubuntu 9.04. You can download Ubuntu here.

Rick’s Opinion

Ubuntu 8.x was advanced enough that it could read and write to all Windows hard drive formats without error. It provided trouble-free operations when I was working as an online journalist up to 12 hours per day, along with personal computer time. I have had no problems at all, no comparable “blue screens of death” or anything negative with the experience.

The only problems I could possibly come up with are a lack of full hardware support (though this is literally changing every day as new drivers are created constantly) and that some of the free software programs I have downloaded and tested had some odd user-interface effects, such as needing to move away from a button, then back over it before it would accept a click, for example.

For all other software programs I have used VMware Server and Windows XP or Windows 2000. Windows 2000, for example, is a small 32-bit version of Windows (installs for a few dozen Megabytes) and is adequate to run most Windows software. and since it is such a small footprint, its performance is more than adequate even when running inside the VMware hypervisor as a virtual machine.

I would encourage everyone to download Ubuntu, burn the ISO to CD, and then at least boot into Ubuntu and take the test drive. if you have a permanent Internet connection, or a WiFi connection, you’ll immediately be able to surf the web with the built-in Firefox browser.

There are several user forums with answers to most every question a new Ubuntu user could come up with. one problem I’m having right now is how to enable my Verizon wireless card, which is PCMCIA, not USB. There is a native SuSE Linux support for it, but as of right now I have not found native Ubuntu support for it. if I can figure out how to do this, I will be done with Windows forever.

Ubuntu 9.04 “Jaunty Jackalope” officially released

Sponsor Hosting, Sponsor Bayi, Sponsor Reseller, Bedava VPS, Bedava Sunucu Hizmetleri, Ucretsiz Hosting, Ucretsiz Bayi, Ucretsiz Reseller, Ucretsiz VPS, Ucretsiz Sunucu Hizmetleri,Linux-Windows Hosting Sponsorlugu

Tm Linux Hosting planlarimiz son srm PHP ve MySQL desteklemektedir. Kullanicilarimiza sundugumuz kontrol paneller sayesinde, PhpBB, Php-Nuke, phpLinks, phpMyChat, Invision Board vs. gibi pek ok popler scripti tek tiklamayla sitenize kurmaniz mmkndr.

Linux Bronz Paketimizi Sifirdan Site Kurmak Isteyen Msterilerimize Tavsiye Edebiliriz.Paketi Begendiginiz takdirde destek@hostingsiteniz.net veya msn@hostingsiteniz.net adreslerinden Msteri Temsilcilerimiz ile irtibata geebilirsiniz

Hostingsiteniz.Net,diger pek ok firmadan farkli olarak, serverlarinda az sayida hostingbarindirarak maksimum performans ve kaliteyi hedeflemektedir

Sponsor Web Hosting – Hosting Sponsor