Fedora 17 Shellshock fix (until official F17 bugfix RPM is released)

Updated Sep 29 to include most recent patches.

Why cannot I release my (fixed) ready to use rpm package? Because how would you know I am not taking advantage of the panic and post compromised one? Use only official resources!

I assume you have newest available bash-4.2.39-3.fc17.i386 installed and fix for Fedora 17 is still not released by the Fedora team

rpm -q bash

to check

0. Check if you are vulnerable

foo='() { echo not patched; }' bash -c foo

(you are)


not patched

1. Download bash source rpm and install it
(you will need to use admin/root account from now on)

yumdownloader --source bash
rpm -i bash-4.2.39-3.fc17.src.rpm

2. go to the sources and download the Shellshock patches

cd /root/rpmbuild/SOURCES/
wget http://ftp.gnu.org/gnu/bash/bash-4.2-patches/bash42-048
wget http://ftp.gnu.org/gnu/bash/bash-4.2-patches/bash42-049
wget http://ftp.gnu.org/gnu/bash/bash-4.2-patches/bash42-050

3. hand edit the patches

vim bash42-048

(yes – use your favorite editor : )

and change line saying (on the bottom of the file)

#define PATCHLEVEL 47

to

#define PATCHLEVEL 39

This is because you are patching version 39 not 47, but we ignore patches 40..47 for time being.

4. install required thirdparty packages
on my machine these were: texinfo bison ncurses-devel autoconf

yum install texinfo bison ncurses-devel autoconf

Your mileage my vary (I had most of development environment in place already so you may need more, like gcc)

5. Edit spec file that describes build process
We need to let it know it needs to pick up new patch

cd /root/rpmbuild/SPECS
vim bash.spec

below the line

Patch039: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-039

add

Patch048: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-048
Patch049: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-049
Patch050: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-050

and below the line

%patch039 -p0 -b .039

add

%patch048 -p0 -b .048
%patch049 -p0 -b .049
%patch050 -p0 -b .050

6. Rebuild a bash package

rpmbuild -bb bash.spec

resolve any missing dependencies (go back to #5 if needed)
when done wait unitl rpmbuild says


Wrote: /root/rpmbuild/RPMS/i386/bash-4.2.39-3.fc17.i386.rpm

This is what you need!

7. Install new package

rpm -Uhv /root/rpmbuild/RPMS/i386/bash-4.2.39-3.fc17.i386.rpm --force

You will need –force since you update bash-4.2.39-3 with (your own) bash-4.2.39-3

8. Now check if you are still vulnerable

foo='() { echo not patched; }' bash -c foo

If it says:


bash: foo: command not found

You are done!

PS. This shell work for Fedora 18 as well, just you will use bash-4.2.45-1.fc18 instead, and insert PATCHLEVEL 45 instead of 39 in #3 of instruction. Using the same schema I have also patched ancient Fedora 11.

Posted in Linux | Tagged , , , , , , , , , , , | 1 Comment

Wake On Lan to wake from sleep (pm-suspend)

Some Linux machines wakes up correctly on WOL packet when they are normally powered off, but ignores the signal when they are in sleep. Found out that for configurations with Realtek network cards this can be fixed by (easy) substituting the kernel driver.

My system can be woken up with wakeonlan command from the other host in the LAN if have been powered off, but if I put it to sleep the WOL does not work. The only way to wake it is to press a key or a power button. This have nothing to do with network card mode (ethtool always shows ‘Wake-on: g’ — no problem there).

It turns out that the stock kernel module for that network card (r8169.ko) just can’t do it.

There is an alternative r8168 module by Realtek itself, mirrored on Google code that listen to Wake On Lan magic packets also when computer is in ACPI S3 sleep.

The installation is very simple:

wget http://r8168.googlecode.com/files/r8168-8.035.00.tar.bz2
tar -xjf r8168-8.035.00.tar.bz2
cd r8168-8.035.00
./autorun.sh

One more important info: the LED next to the ethernet port does TURN OFF when computer is put to sleep. Apparently it does not mean that the whole network interface is powered off. It still listen and wake on WOL packet.

Update:
Above version of the Realtek’s driver (8.035.00) does not compile with Linux kernel 3.8.x. Before Realtek updates it source it is possible to make it work by applying r8168-8.035.00-linux-3.8.patch (I have extracted it from Evangelos Foutras update).

So the recipe for r8168 module for Linux 3.8 is:

wget http://r8168.googlecode.com/files/r8168-8.035.00.tar.bz2
tar -xjf r8168-8.035.00.tar.bz2
cd r8168-8.035.00
wget http://juljas.net/linux/files/r8168-8.035.00-linux-3.8.patch
patch -p 1 < r8168-8.035.00-linux-3.8.patch
./autorun.sh
For the record, the affected system is:
- PC running Fedora 17
- kernel 3.5.3-1.fc17.x86_64 (and 3.8.3-103.fc17.x86_64 after the update)
- motherboard: Asus P8H77-V LE
- network card (integrated): Realtek RTL8111/8168B PCI Express Gigabit Ethernet (10ec:8168)
But I assume that the instruction is true for any distribution or motherboard that uses that series of Realtek network
Posted in Linux | Tagged , , , , , , , , , , | 2 Comments

Play – pobierania stanu konta skryptem PHP (lub w AQQ)

This entry is about PHP script to programatically access billing statements from web service of Polish cell phone operator Play.

W skrócie:

Ten wpis dotyczy wątku AQQ [ScriptRunner] Play – pobierania stanu konta na forum AQQ.

W poście #76 radeck opublikował skrypt PHP będący jednocześnie wtyczką do AQQ który umożliwiał pobranie z Play24 informacji o stanie konta numeru w sieci Play.

Aby ów skrypt znów działał, trzeba zastąpić linię:

  preg_match('#<input type="hidden" name="random" value="(.*)"#iU', $random, $m);

następującym kodem (stan na 21.01.2013):

  preg_match('#<input type="hidden" value="([-0-9]*)" name="random"#iU', $random, $m);
  if($m[1] == '1') {
    preg_match("#jQuery\('input\[name=\"random\"\]'\)\.val\('([-0-9]*)'\);#", $random, $m);
  }

następującym kodem (stan na 18.02.2013):

  preg_match('#<input type="hidden" name="random" value="([-0-9]*)"#iU', $random, $m);
  if(!count($m))
    preg_match('#<input type="hidden" value="([-0-9]*)" name="random"#iU', $random, $m);
  if($m[1] == '1') {
    preg_match("#jQuery\('input\[name=\"random\"\]'\)\.val\('([-0-9]*)'\);#", $random, $m);
  }

W szczegółach:

Na forum AQQ jakiś czas temu pojawił się i był rozwijany kod PHP służący do ekstrakcji z serwisu Play24 danych o własnym koncie abonenta/użytkowania sieci komórkowej Play.

Kod ten był pomyślany jako wtyczka do komunikatora AQQ, tak aby bez żmudnego logowania się do panelu Play24 można było jednym kliknięciem wyświetlić w komunikatorze podsumowanie stanu konta (liczba złotówek/minut/pakiety do wykorzystania itp.).

Co prawda kod był przystosowany do AQQ, ale bez problemu można go wykorzystać jako moduł PHP w dowolnym zastosowaniu. Ja na przykład na jego bazie zbudowałem sobie automat, który 2 razy w tygodniu wysyła mi email z tabelką podsumowującą stan zużycia pakietów kilku numerów które mam w Play.

-

Specyfika tego skryptu i konieczność jego ścisłego dostosowania do poszczególnych stron Play24 powoduje, iż nawet drobne zmiany w serwisie Play24 mogą powodować, że skrypt przestaje działać i trzeba go na nowo przystosować.

Gdy po raz pierwszy poszukiwałem gotowego rozwiązania (biblioteki) która mi skryptowo obsłuży Play24 i gdy natrafiłem na ów skrypt na forum AQQ, zachodziła właśnie taka sytuacja – skrypt nie działał, gdyż programiści Play (sądząc z postów – pod koniec lipca 2012) zmienili nieco sposób przekazywania parametrów.

Wystarczyła drobna poprawka (którą opisałem w poście #105) aby wszystko wróciło do normy (potwierdzenie w poście #106 od użytkownika AQQ – ja osobiście nigdy AQQ nie używałem więc nawet nie mam jak przetestować).

Podobnież około 20-21 stycznia 2013 r. znów zaszły kosmetyczne zmiany i skrypt to AQQ znów przestał działać. Niestety z nieznanych mi powodów zamknięty został wątek na forum AQQ, więc nie da się już opublikować poprawki tam. Stąd ten wpis.

Posted in Programming | Tagged , , , , , | 2 Comments

WordPress moderate comments even if moderation off

Recently I came across a problem with comments moderation. I didn’t want to have comments on a blog moderated, so I have turned it off in a discussion settings in WordPress. But WordPress kept putting all new comments into the moderation queue.

The answer is an Akismet plugin, that was turned on but not initialized (no code generated). Apparently Akismet in that state treat all comments as suspicious and overrides WordPress by putting them to moderation queue.

Disabling Akismet plugin finally turned the moderation off.

Posted in Technology | Tagged | Leave a comment

Skype, Firefox 4 (or other 32-bit app) on 64-bit Fedora Linux

After setting up new Fedora 14 x86_64 system I have installed Skype for Fedora offered on the Skype web page. It turned out that it is i586 compilation and my system wasn’t configured to run 32-bit applications out of the box. The same problem showed up with brand new Firefox 4 that also by default came in i386 flavor.

Jump straight to solution

First error I got was:

bash: /usr/bin/skype: /lib/ld-linux.so.2: bad ELF interpreter: No such file or directory

This is the sign of missing i386 version of glibc library.

After installing that, there were more errors, i.e.:

skype: error while loading shared libraries: libasound.so.2: cannot open shared object file: No such file or directory
skype: error while loading shared libraries: libXv.so.1: cannot open shared object file: No such file or directory

and more of such.

Each one means missing i386 (i686) library that was not installed by default on x86_64 system.

To find out package that needs to be installed for a particular error, I first check if I do have x86_64 version, i.e.

$ locate libXv.so.1
/usr/lib64/libXv.so.1
/usr/lib64/libXv.so.1.0.0

Then I check what is the name of the package containing it:

$ rpm -qf /usr/lib64/libXv.so.1
libXv-1.0.5-1.fc13.x86_64

and I learn that I need to install libXv.i686 — the same package in i386/i686 flavor.


For Skype this is the command that will install all the requirements:

yum install glibc.i686 alsa-lib.i686 libXv.i686 libXScrnSaver.i686 libstdc++.i686 qt.i686 qt-x11.i686

Firefox 4 is more demanding and needs yet:

yum install gtk2.i686 dbus-glib.i686 libXt.i686
Posted in Linux | 1 Comment

Moving windows partition

This is an advanced topic, and the description below is very quick and raw. If you have any doubts you know what you are doing, just don’t risk and don’t experiment.

After moving a FAT32 (not sure about NTFS) partition within a disk (as a whole, without looking inside, just byte-to-byte copying), Windows stops to boot. It even starts to, but later fails with the error (blue screen) -  I don’t remember saying what right now (but will check).

Problem is that damn Windows keeps absolute offset of the partition data inside the boot sector of that partition!

These are 4 little-endian bytes at 1Ch offset from partition start.
Number in there should point do partition data start, that is (at least in case of extended partitions) partition offset (a sum of size of all the preceding partitions) + 63 bytes.

References: MS WIN4.1 boot record

Posted in Windows | Tagged , , | Leave a comment

KDE 4 grumbling

Recently I have upgraded my system to Fedora 9, and was generously forced to upgrade KDE 3 to KDE 4. I found it very annoying, and still cannot configure it in a way I’m used to work on my desktop.

So here you have – my problems, workarounds, and solutions (if I ever get to that point).

  • Upgraded KDE 3 to KDE 4 + doing some configuration tweaking resulted in
    crash of KDE on every startup
    . Well, I didn’t have time to debug it, so
    just removed ~/.kde directory and did new config from scratch. Painful, lost
    all settings from kde apps too (have a backup), but worked.

    Ah, it happened again. I wasn’t going to scratch the config again, so tried to find out.
    Crash seems to be related with adding some scripts (anything?) to
    ~/.kde/Autostart. If I find out something more, I’ll be submitting a bug
    report probably.

    Update: Problem turned out to be my default settings of umask 0077, that disallowed any access to /usr/share/mime/ every time it got updated. That made kde to crash.

  • Panel (or how they call the main menu bar) on the left (vertically)
    setting is unusable
    Applications (widgets) embed in it, just does not
    support (does not fit) that mode. No solution as of now.
    Update (KDE 4.2): This is partially fixed, but some apps/widgets still behave poorly.
  • No ‘Manual’ mode for window placement Any automatic (even Smart) option
    on a large (virtual/multi-monitor) display just does not work for me. I want
    manual control, period. For KDE 3 I wrote a small, and quite imperfect patch
    to add that mode to kwin. Will have to do the same for KDE 4.
    Anyway, ok, that’s just a feature request, with apparently minimal interest among users.

    Update (KDE 4.2): I have implememnted that feature for myself. Maybe after more testing I will make the patch public.

  • gnome-terminal just got mad, shows a lot of trash instead of ASCII
    text on a +- half of the screen. Didn’t debug. Highlighting the text, or
    moving the window out of the screen and back helps until contents changes.
    gnome-termial window with broken contents

    Tried switching to konsole, but…

    Update (KDE 4.1): this started to work ok at some point. Not sure when/why. No more konsole. Hurray!

  • konsole knows better(!) what shortcuts I want to use, so redefines
    Ctrl+Insert to ‘Paste’ the clipboard (aka Ctrl+V), instead paste the current selection (X
    default), and disallow to change it.
  • konsole starts in geometry of last closed konsole (sic!), and no way
    to change, set up on
    command line or in
    any other way (tried dcop/dbus too!)
  • konsole tabs cannot be set up upon command line startup, i.e. what
    tabs are opened, how to name them, and what command to run
  • Where do I configure mouse wheel to change desktops?

    Answer: Option is gone in KDE4 (using compositing, but apparently, in my case, without compositing too), but planned.

    Update (KDE 4.2): Fixed

  • New kickoff menu very hard to navigate when you want to scan through menus. Fortunately old one is available.

  • How do I setup middle click on the desktop = window list?

  • And forced predefined shortcuts again!. I’m used to have Alt+Up
    combination bound to Window Rise action. Who made the developers into the
    position to decide it will be irrevocably bound to some ‘Up’ action?! If you
    wish, you can warn, that redefining the standard action is a bad idea
    and user does it on his responsibility. But force?! You are apparently going
    Windows!
    Dialog showing error window

    Window says: The ‘Alt+Up’ key combination has already been allocated to the standard action “Up” that many application use. You cannot use it for global shortcuts for this reason.


  • Fixed both forced shortcuts problem with a kdelibs-remove-shortcuts.patch. For now on, it disables only shortcuts: Alt+Up & Shift+Insert, so both can redefined. This unfortunately does not fix Ctrl+Insert being bound to ‘Paste’ (although it can be now redefined to something else).
  • It means rebuilding whole KDE rpms every KDE update. Eh…

Post Scriptum: this is an import of information that I wrote a while ago. Things might have changed since then.

Posted in Linux | Leave a comment

IOGear GWU513 wireless card – Windows 64-bit drivers

I’ve been trying to find x64 drivers for my USB 802.11g WiFi adapter (actually to use them under Linux x86_64, but that doesn’t matter). I couldn’t find Vista nor XP 64-bit drivers for it, neither for any other device with Prism54 chip GWU513 has.
So finally I went into a Live Chart with IOGEAR support and here is an answer I got:

You are now chatting with: ‘Iogear3′
Iogear3: Thank you for using IOGEAR Customer Advocacy Technical Support Live Chat. Please tell me your model number, operating system, and short description of the problem.
You: Hello, I own GWU513 802.11g network card, and just upgraded my computer to 64 bit. Where can I find drivers that would work with 64-bit OS?
Iogear3: That unit is only supported on 32 bit OSs, we unfortunately do not offer support for it under 64 bit systems.
You: Are there any plans to release 64-bit drivers?
Iogear3: No as that product is discontinued we have no plans to offer 64 bit support.
You: Hmm, I must say I’m quite disappointed.
You: Hmm, I must say I’m quite disappointed.Thanks anyway
Iogear3: Take care.

Well, that would be it… Any new info is appreciated.

PS. Actually, GWU513 works under Linux (x86 and x86_64) after minor tweaking.
Isn’t it funny that for once Linux has better WiFi drivers than Windows?

Posted in Windows | Tagged , | Leave a comment

Matshita UJDA745 CD-RW/DVD combo drive failure

UJDA745 drive

Matshita UJDA745 (Panasonic/Matsushita) is an ultraslim 9.5mm (regular is 12.7mm high) cdrw/dvd drive build into some light laptops, ie. Sony Vaio PCG-V505BX (and probably other from 505 series), IBM T40.

DVD reading problems

Unfortunately it seems that it is build on weak parts, or something else bad happens to the hardware as after some period of time for unspecified reason drive stops reading/playing DVDs. Some DVD still can be recognized, but later a lot of read errors shows up. Same DVDs are read without any problem in another drive.
This happened to drive I bought (new) in a laptop and another I’ve bought on eBay as a replacement.

more info

  • CD and CD-writing is not affected.
  • both data DVD and video DVD does not work (neither DVD-R/RW nor pressed)
  • not an OS issue (doesn’t work in Linux nor in WinXP)
  • uploading newest firmware 1.05 doesn’t help
  • software or hardware were not abused in any way (ie. no unofficial firmwares, no disassembling)
  • BTW, drive ‘by design’ doesn’t read DVD+R (but firmware 1.05 states to add support for Double Layer DVD+R)

devices that failed

  • manufactured: June 2003, serial no: 3FBEB127xxx
  • manufactured: March 2003, serial no: 3CAEB037xxx

finally…, replace with compatible drive

After unsuccessful tries to rescue or replace broken UJDA745 drive, with new one. I have finally decided to buy compatible DVD+-RW drive MATSHITA UJ-822Da. I’ve paid about $130 on eBay. Replacing the drive is easy, and the drive seems to work without any problems so far (a few months now).

Resources

Here I’m trying to collect web resources on that issue, for others that are hit by that issue, and to show that it is not single issue, but rather common problem with this hardware…

various complains on the issue

Compatible models

Some says that UJDA755, Panasonic UJ-812B DVD-R or Panasonic UJ-822B DVD+-R can replace UJDA745

Other resources

Comments

Any solution to the problem is really appreciated…
Any additional info of course, too…
By then, I would recommend to avoid buying laptop with an UJDA745.

Posted in Hardware | Tagged , | Leave a comment

Debug memory errors with valgrind

For debugging memory errors valgrind is very useful tool.

broken program would show

$ ./program
*** glibc detected *** double free or corruption (out): 0x08138a80 ***
Aborted

valgrind shows where the problem occurs

$ valgrind ./program</div>
<div>==31784== Invalid free() / delete / delete[]
==31784==    at 0x1B90579D: free (vg_replace_malloc.c:152)
==31784==    by 0x1BB2E6CD: xfree (xmalloc.c:200)
==31784==    by 0x1BB25095: _xFreePtr (mem.c:613)

For debugging with valgrind I use following configuration:

~/.valgrindrc file

--tool=memcheck
--memcheck:leak-check=yes
--memcheck:show-reachable=yes
--num-callers=16
--memcheck:db-attach=no

To disable glibc memory errors detection you need to set MALLOC_CHECK_ environment variable to 0 (note the ending underscore).

export MALLOC_CHECK_=0
Posted in Programming | Tagged , , | Leave a comment