Linux kernel CVE-2012-0056 vulnerability

Posted on February 3, 2012 by John Billings

You have probably all heard about the recent local privilige escalation in recent Linux kernels by now. If not you can read all about it here.

This only affects our recent Ubuntu 11.10 "Oneiric" VPSs, which by default were installed with a Linux 3.0.4 kernel. The 3.0.4 kernel was also tested to work with some of our older distributions, which were shipped with 2.6.32.x kernel. None of the 2.6.32.x kerenls we use were affected by this vulnerability.

We quickly released a 3.2.1 kernel patched against the vulnerabilty when we heard about the proof of concept mempodipper exploit. After pushing that kernel out though, we found that it was not compatiable with all of our host servers.

We have now released some post 3.0.18 kernels which should be more compaitable across all of our hosts. These kernels are no longer vulnerable to the mempodipper exploit. Any users of Ubuntu 11.10 "Oneiric", or users of other OSs that updated to a 3.0.4 kernel, are encouraged to upgrade to one of these newer kernels. You can go to your control panel here to upgrade:

https://rimuhosting.com/cp/vps/kernel.jsp

If you have any questions about upgrading your kernel, don't hesitate to pop in a support ticket or jump in our live chat and ask any questions.

Posted in Rimuhosting | Tagged , | Leave a comment

Centos brcm-iscsi.log

Posted on February 1, 2012 by John Billings

We have noticed a log related to iscsi daemons filling up disk space on a few of our Centos 5 VPSs lately. There have been a few reports of this in other places:

http://www.webhostingtalk.com/archive/index.php/t-1046154.html

It seems after you do a yum or apt-get update past Centos 5.6, this unneeded service will sometimes get enabled:

# chkconfig --list | grep iscsi
iscsi 0:off 1:off 2:off 3:on 4:on 5:on 6:off
iscsid 0:off 1:off 2:off 3:on 4:on 5:on 6:off

If that happens you will need to turn them off:

# chkconfig iscsi off
# chkconfig iscsid off

Or else you will get some meaningless logs filling up your disk space like this:

# tail brcm-iscsi.log
ERR [Tue Jan 31 19:44:24 2012]NIC_NL waiting binding to NETLINK_ISCSI socket
ERR [Tue Jan 31 19:44:25 2012]NIC_NL waiting binding to NETLINK_ISCSI socket
ERR [Tue Jan 31 19:44:26 2012]NIC_NL waiting binding to NETLINK_ISCSI socket
ERR [Tue Jan 31 19:44:27 2012]NIC_NL waiting binding to NETLINK_ISCSI socket
ERR [Tue Jan 31 19:44:28 2012]NIC_NL waiting binding to NETLINK_ISCSI socket

Also be sure to stop those daemons:

# /etc/init.d/iscsid stop
# /etc/init.d/iscsi stop

And be sure to remove the log at:

/var/log/brcm-iscsi.log

To free up some space.

For some more tips on checking what is using up all your disk space check our page here.

Posted in Rimuhosting | Tagged , , | Leave a comment

WordPress mass update script 3.3.1

Posted on January 5, 2012 by Liz Quilty

This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version.
It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site in case of major catastrophe (make sure you have spare disk space if your sites have a lot of uploaded files).

I have now added putting the site into maintenance mode whilst upgrading. This just involves adding a .maintenance in the document root.

It pays to check each site after the upgrade to make sure plugins all worked (and upgrade plugins before the upgrade works also!)

Let me know if you have any bugs at all, or any problems.

Here’s your script to upgrade them all.

wget http://b.ri.mu/files/wordpress-upgrade-3.3.1.sh
bash wordpress-upgrade-3.3.1.sh

MD5
e365a7fa4b69b3ad52e75b4175c1539a wordpress-upgrade-3.3.1.sh

SHA1
653d1a95a89cfc4be3253af96ef915ba3615ad18 wordpress-upgrade-3.3.1.sh

If you find any bugs or problems, just let me know at liz at rimuhosting dot com

Posted in Security | Tagged | 2 Comments

Introducing 2 Parts Magic

Posted on December 16, 2011 by Peter Bryant

I am happy to announce the launch of a new RimuHosting service: 2 Parts Magic web app development services

2 Parts Magic is team of web programmers.  Based here in the Cambridge RimuHosting offices.  They write browser based web applications for start-ups and successful Internet-based businesses.  So you can use their services to implement your rich internet applications.  Typically forms or pages using things like Ajax, Javascript, HTML5 on the client side.  Applications that require a 'server side' that makes use of databases and knows about users and billing and things like complex ordering systems.  Applications that need things like REST-ful APIs.

Why do this?  First we think there is a need.  Our customers ask whether we provide programming services, or if we can refer them to someone who does.

Also, our development team here is getting pretty darn good at quickly building really useful and usable web applications.

So far the 2 Parts Magic team has worked on our own internal ventures:  Pingability website monitoring, Zonomi managed DNS, Bakop's backup service, the 25Mail.st email hosting, et al.  Plus our unique InboxHarmony collaborative email client.

We are continuing to develop our own new ventures (we've just started work on a cool new project, stay tuned) and we're constantly improving our current applications.

But now the 2 Parts Magic developers are also available to turn your idea for a new software-as-a-service application into a production ready, highly usable, efficient web app.

Visit http://2partsmagic.com to find out how we work and how easy it is to get your idea off the ground.

Posted in Rimuhosting | Tagged | 1 Comment

WordPress mass update script 3.3

Posted on December 14, 2011 by Liz Quilty

This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version.
It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site in case of major catastrophe (make sure you have spare disk space if your sites have a lot of uploaded files).

I have now added putting the site into maintenance mode whilst upgrading. This just involves adding a .maintenance in the document root.

It pays to check each site after the upgrade to make sure plugins all worked (and upgrade plugins before the upgrade works also!)

Let me know if you have any bugs at all, or any problems.

Here’s your script to upgrade them all.

wget http://b.ri.mu/files/wordpress-upgrade-3.3.sh
bash wordpress-upgrade-3.3.sh

MD5
a976aca14faf744f6271f8b8de9f59cb wordpress-upgrade-3.3.sh

SHA1
cdcda9912cd9e0063cd3d0930cd55b07ae2bda96 wordpress-upgrade-3.3.sh

If you find any bugs or problems, just let me know at liz at rimuhosting dot com

Posted in Rimuhosting | Tagged | 6 Comments

December 2011 Newsletter

Posted on December 13, 2011 by Peter Bryant

Welcome to the latest RimuHosting newsletter.

We will try to keep you posted on some of the our key news since the last newsletter back in April (http://blog.rimuhosting.com/2011/04/19/newsletter-2011-04/)

Launching 2 Parts Magic software development services

RimuHosting's latest venture is a team of web application developers-for-hire. 2 Parts Magic (http://2partsmagic.com) builds made-to-order web application software.  So if you are launching a new web service, or need a billing or user registration, or want a dynamic, easy-to-use ordering system consider working with the 2 Parts Magic team.

Continue reading

Posted in Rimuhosting | Tagged | Leave a comment

Silverstripe CMS on Standing Cloud webinar Tue Dec 13 1300 PST

Posted on December 13, 2011 by Peter Bryant

Join Standing Cloud and Peter from RimuHosting at Tue, Dec 13, 2011 1:00 PM - 2:00 PM PST for a webinar that demonstrates Standing Clouds one-click app deployment and management (to RimuHosting servers).

We will be giving a demo using Silverstripe as our target app.  And the webinar will be followed by a Q&A session.

You can reserve your spot in the webinar now at:

https://www3.gotomeeting.com/register/787963142

See you at the webinar!

For more information about the Standing Cloud/RimuHosting integration see http://blog.rimuhosting.com/2011/11/07/standing-cloud/

Posted in Rimuhosting | Tagged , | Leave a comment

Fixing broken permissions or ownership

Posted on November 15, 2011 by Liz Quilty

People are not perfect, not even the staff here. Perfection is not required to be a sysadmin we found, just some good shell scripts to fix things when you break them accidentally.

One of the more common accidents are chown or chmod ones, especially the ones done as root from / . Its easy to accidentally chown someuser:someuser * and forget you are not /home/someuser but in /, and equally easy to find / -type f -exec xargs chmod 600 or similar (instead of find ./  ... ) . Here's how we fix it.

Continue reading

Posted in Featured, Rimuhosting | Tagged | Leave a comment

Using swap within a VPS

Posted on November 11, 2011 by Liz Quilty

In a virtual environment, disk io can be about the most expensive operation there is. And swap (virtual memory) depends on that heavily. By default we configure a small swap partition for each VPS server so conditions where memory is exhausted can be detected more consistently, Continue reading

Posted in Rimuhosting | Tagged , , , , , , | Leave a comment

Easy application hosting using StandingCloud and RimuHosting

Posted on November 7, 2011 by Peter Bryant

Imagine being able to configure a server, pre-setup and ready to run your favorite webapp, with a push of a button.  Need a bug tracking system?  Just hit a button, and wait a minute, then log into your own Bugzilla app.  No sysadmin skills required.  No wondering about best practices or security upgrades.

StandingCloud are making this possible.  They currently have 101 web applications that can be deployed and managed on a cloud server with a push of a button.  They automate the sysadmin tasks required to install and manage these applications, and use 3rd party cloud hosts to provide the hosting platform.

Continue reading

Posted in Rimuhosting | Tagged , , | 4 Comments