PHP CLI commands in Debian

This problem was infuriating. After having upgraded my Vagrant Box to run PHP 5.6, I was looking forward to trying out phpdbg, the new built in debugger that ships with PHP 5.6.

It turns out that Debian use their own moronic naming system for their PHP package commands. I was typing in phpdbg into the shell, and all I got in return was ‘command not found’.

I tried sudo apt-get install php5-phpdbg, yet it told me that it was already the latest version!

I eventually found it in the /usr/bin folder, under the name php5dbg. Why?

For reference, you can run this command to help find it: (if dpkg is installed)

dpkg -L <pkgname> | grep '/bin/'

What a waste of time, I hope this helps someone.

Advertisements

Fixing the Shellshock Vulnerability

While I was on holiday in Andalucia (Olé!) a vulnerability was found for the Bash shell, called Shellshock (or BashDoor).
http://en.wikipedia.org/wiki/Shellshock_%28software_bug%29
So you’ll be wanting to secure yourself up then. First up, lets see if you are vulnerable:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If the output contains ‘vulnerable’, then you need to fix it. If not, you’re all good. To fix it:

sudo apt-get update
sudo apt-get -s upgrade
sudo apt-get  upgrade

Now get back on with your work! 😉

Installing Memcached on CentOS with PHP Memcache

So I pushed my changes to the production repository, only to discover that Memcache wasn’t installed on the server at work (a cPanel installation running over CentOS(6 i think)). Time to install it then!

in the terminal, get memcached installed. Nice n easy.

sudo yum install memcached

Then launch it!

memcached -d -u nobody -m 512 -p 11211 127.0.0.1

Then install memcache PHP extension. You do this in cPanels WHM. Search module installers in WHM

In Find a PHP Pecl, type memcache, and get it installed! You may or may not have to restart apache, but go to a phpinfo() and you should now see it running on your system!

See my previous post for how to use memcache in your PHP 🙂

Run Composer installed binaries globally

cd-ing into a directory then running ./command, or worse yet, php command.php, sucks!
As an example, I wanted to run the doctrine command from anywhere.
I already have composer installed globally, and no longer have to type php composer.phar, but I haven’t blogged it since it was pretty easy, but anyway here it is:

curl -sS https://getcomposer.org/installer | php
 sudo mv composer.phar /usr/local/bin/composer

Then you can just type composer from anywhere. If you already have composer you should run sudo composer self-update. Anyway on to our php binaries (Doctrine, PHPUnit, Behat, you name it). If it’s a fresh install of composer you should see when you type composer global install:

Composer could not find a composer.json file in /home/username/.composer

Now we know where we can create our composer.json. Go to the sites for the packages you would like and copy paste the require field info; Here is Doctrine’s:

{
    "require":
    {
       "doctrine/dbal": "2.3.4",
       "doctrine/orm": "2.3.5"
    }
}

Now run composer global install and it will install in /home/username/.composer/vendor. The bin folder is inside that. Lastly we need to have our bin path set in our PATH environment variable, so the system knows to check that folder for a binary matching the command’s name. edit ~/.bashrc (it could be .bash_profile or something similar). At the end, paste this in:

export PATH=$PATH:/home/username/.composer/vendor/bin

now exit the shell and open a new terminal up and log back in. you can now type doctrine into the command line and lo and behold, your composer executables are rocking!

Fixing the cPanel SoftException writable by group

If you’ve been following these posts, we now have a lovely git push to deploy setup, and can ssh into our server without constantly needing to enter our password through the use of ssh keys.

However, if you’re running on cPanel, you will probably have bumped into this error:

SoftException in Application.cpp:256: File "/home/username/public_html/index.php" is writeable by group

This is clearly a permissions error, and so the obvious thought is to chmod it. However, we don’t want to ssh in and chmod every time we push! On the testing server, the permissions are fine, but they are different once the git push has done its post-update.

The reason for this is something to do with a thing called umask. Umask is a user mask which is created for processes that are performing tasks, and affects new files and folders.

The solution to this is to edit ~/.bash_profile, and insert the following command:

umask 022

From now on you shouldn’t have the problem. With newly created files.

To sort already existing files, Chmod -R 755 any folders affected, OR just log out and in, and git pull or git reset –hard HEAD^ in order to re-fetch the files. This time they should be created without any strange permission errors!

 

Setup SSH keys for login without password

Sick of being asked for your password? Set up SSH authorised keys and forget about it!

you@localmachine:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa): 
Created directory '/home/you/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/you/.ssh/id_rsa.
Your public key has been saved in /home/you/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4
you@localmachine

you@localmachine:~> chmod -R go-rwx ~/.ssh

Now copy the contents of /home/you/.ssh/id_rsa.pub, and SSH in for the last time with your password to your remote machine:

you@localmachine:~> ssh user@remote.com
Password:
Last login: Tue Jan 28 14:14:51 2014 from 83.86.250.39
CentOS release 6.3 (Final)

user@remote.com:~> cd .ssh
user@remote.com:.ssh> nano authorized_keys

Paste in the contents you copied from your public key file. Make sure it is all on ONE LINE. Save and exit.

user@remote.com:.ssh> cd ..
user@remote.com:~> chmod -R go-rwx ~/.ssh
user@remote.com:.ssh> exit
you@localmachine:.ssh> ssh user@remote.com
Last login: Tue Jan 28 15:28:51 2014 from 83.86.250.39
CentOS release 6.3 (Final)

Awesome!

Fix Varnish from losing REMOTE_ADDR IP address

So!
You got Varnish serving up cached pages! Great!
Until you realise that when you grab a users $_SERVER[‘REMOTE_ADDR’], you get your server IP address!
Not good! Lets fix that, using reverse proxy add forward module for Apache (mod_rpaf)

wget http://www.stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz
tar -zxvf mod_rpaf-0.6.tar.gz
cd mod_rpaf-0.6
apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c

Now it’s installed, you need to add some guff to your Apache httpd.conf. If you are crippled by a cPanel install, then you edit it by going into WHM, clicking Apache Configuration, Include Editor, and under Pre Main Include select all versions of Apache.  Paste in the following, inserting your servers IP address where I’ve written “Server.IP.Goes.Here”.

LoadModule rpaf_module modules/mod_rpaf-2.0.so
# mod_rpaf Configuration
RPAFenable On
RPAFsethostname On
RPAFproxy_ips 127.0.0.1 Server.IP.Goes.Here
RPAFheader X-Forwarded-For

Thats you! cPanel/WHM should restart the Apache server. Obviously command line commandos will type service httpd restart or one of the other similar commands, depending on your OS.
Now when you check, you will find you are getting the correct REMOTE_ADDR again!