Table marked as crashed in mysql

If you run a php mysql server you might sometimes get this error:
Table xxxx is marked as crashed
This problem usually happens when your server shuts down improperly due to power failures or some other problems. It’s a very common problem on oscommerce installations and usually happens on the sessions table.
The problem often crashes your website and you must first recover the crashed table before bringing it back online.
To recover the table, simply use this command:
mysqlcheck -r databasename tablename -u admin -p
replacing databasename with your database name and tablename with your crashed table name
Your website should now be back online.
The code has been tested on a linux centos 6 server.
Using -c option instead of -r in the upper code will perdorm a check on the table.

Partitioning alignment and formatting large disk over 2TB on linux

If you got here you probably had a problem partitioning a disk over 2TB on linux, maybe having the message you have a poor alignment on your partition.
If your answer is yes follow these easy steps, assuming your disk is /dev/sdb:
go root with su - or adding sudo right before every following command
parted -a optimal /dev/sdb

create the gpt label
(parted) mklabel gpt

(parted) mkpart
Partition name? []?
File system type? [ext2]? ext4
Start? 0%
End? 100%

Then check partitions
(parted) print
Model: ATA ST4000VN000-1H41 (scsi)
Disk /dev/sdb: 4001GB
Sector size (logical/physical): 512B/4096B
Partition Table: gpt

Number Start End Size File system Name Flags
1 1049kB 4001GB 4001GB

Your partition is made and correctly aligned
Now let’s format
mkfs.ext4 /dev/sdb1
And we’re all set. You just have to mount and eventually edit your /etc/fstab file for automount on boot.

Mythbuntu and dvd or cdrom

I’m using a Mythbuntu box as mediacenter at home. The system works great, but there’s a bug in the system involving dvd configuration. You open the dvd rack, put the disk in, close and nothing happens, mythtv simply can’t find any dvd while it’s correctly mounted by the base os.
To correct this problem open a terminal application –> system –> terminal
sudo gedit /etc/init.d/rc.local
to edit rc.local then add the following two lines at the bottom of the file:
ln -s /dev/sr0 /dev/dvd
ln -s /dev/sr0 /dev/cdrom
to map /dev/sr0 (your dvd device) as /dev/dvd and /dev/cdrom the device mythtv looks for.
save and reboot and now your mythtv in mythbuntu will find the cdrom drive.

MS Access and “Overflow” error message

I’m getting a weird message from a long time running Access database. The error message displays when running a vba code in a form, simply saying “Overflow”.
After googling around I found there’s a size limit involving Integer variables over 32767 and -32768, I’ve noticed the table counter has reached that limit and is handled in the vba code as an Integer variable. Simply change the variable to “Long” in the variable declaration header like the following example.
Change this:
Dim myintegervariable as Integer

Into this:
Dim myintegervariable as Long

And my database is back online.

Use iptables to block unwanted traffic on Centos or RH 5 and 6 machines

Ip tables is a powerfull firewall included in many linux distros, we’re here focusing on Centos or Red Hat 5 and 6 distributions, you can check if iptables is installed on your system with the command:
rpm -q iptables
you should get the iptables version if present.

With the command
iptables -L -v
you can check the configuration you’re running, something like this as default configuration:
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all — anywhere anywhere reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

The firewall is based on chains, each chain is just a firewall area, looking at the default configuration we have three chains, INPUT, FORWARD, OUTPUT.
in INPUT chain are listed all rules for incoming packets
in FORWARD chain are all forwarding rules, usually for routers.
in OUTPUT chain we have all rules for outgoing packets.
We’ll now set up an easy firewall, frequently used on stand alone internet server, a Stateful Packet Inspection (SPI) firewall allowing all outgoing traffic, but blocking all forwarding and unwanted incoming packets as default, allowing only incoming packet for our hosted services.

Let’s move now into configuration details, starting to edit and add some rules:
iptables -P INPUT ACCEPT
to allow all incoming traffic on chain INPUT, if we’re logging in over an SSH connection and something goes wrong we won’t get ourself locked out from the system, we’ll set DROP as default later, as soon as the configuration process ends.
then digit:
iptables -A INPUT -i lo -j ACCEPT
To allow all local traffic, the -A option adds a rule to the INPUT chain, -i means interface and adds that rule to the specified interface, lo, or local (, while -j (jump) specify the standard action over packets maching the rule, in this case ACCEPT. This rule is very important.
Another “must add” command is:
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
This rule allows all packets coming or related to an established connection to come in. With -m we load a module (state), the state module can check a packet and see if it’s NEW, ESTABLISHED OR RELATED. NEW are packets from new connections, not initiated by our host, ESTABLISHED and RELATED are packets referring or related to connections established by our host.
Now let’s open ports for our services:
iptables -I INPUT 4 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
This command opens a port for SSH service over port 22 tcp. -p adds a rule to a protocol, tcp, while –dport adds the rule to a specific port, 22 is the default for SSH service.

iptables -I INPUT 4 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
Remove the number 4 and leave it blank if you want it to be added on the top.
This rule opens port 80 tcp for http service and add the line in position 4.

If you have other services running you need to issue the above command changing tpc/udp and port number accordingly.
You can find a full list of port numbers and related services here:

As soon as you have all your ports opened, you need to set the default INPUT chain rule to DROP:
iptables -P INPUT DROP
the -P switch sets the default policy for a chain, here is DROP.
If you’re not working on a router system, you also need to block the packet forwarding:
iptables -P FORWARD DROP
while OUTPUT chain should also be set to ACCEPT:
If you trust your users and programs.
Check your rules with
iptables -L -v
and save them so they will be reloaded when booting:
/sbin/service iptables save
the rules are saved in /etc/sysconfig/iptables and reapplied at boot.

If your iptables service do not automatically run on boot check with:
chkconfig --list iptables
If you get something like this everything’s fine
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
else add your iptable command in startup
chkconfig --add iptables
and add the starting run levels:
chkconfig --level 2345 iptables on
so that iptables will automatically start at runlevels 2,3,4,5.

Your all set now, enjoy your brand new firewall.

Reconfiguring SSH making it stronger

SSH is a great and secure way to log into your linux server, but there are some tips to make it stronger and safer. I’m writing some of these tips working on a Centos/RH 5 or 6 distribution, even if different distros can’t be that different.
You better start disabling root logins, but you first need another user for standard logins, just in case you lock yourself out…. we’re calling it newuser, so open your server’s terminal and write:
su -
to login as root
useradd newuser
then give it a password
passwd newuser
and you’ll be promped for a new password, choose a strong password, at least 8 or better 12 digits with caps, numbers and special characters such as !?/%.
Keep yourself logged in as root and edit the file /etc/ssh/sshd_config using nano or vi:
nano /etc/ssh/sshd_config
locate the code and edit to match as follows:
# Prevent root logins:
PermitRootLogin no

restart your sshd service
service sshd restart
Now your root user cannot remotely login by ssh anymore.
Your ssh connection is now safe, anyone trying to break in should break your newuser password first, then gain root password, even using brute force attacks it will take years if you used a strong password as suggested.

You may want to have some computers logging in as root for scripting or other special services, you can do that by using rsa public keys.
You first need to create a public/private key on the client remotely logging into your server:
so move to your client terminal and login as the user running scripts, then digit:
ssh-keygen -t rsa
you’ll be prompted for a file name and password, if you leave it blank pushing return you’ll not be asked for a password when logging in to the server, it’s ok if you’re running scripts, but i strongly suggest you to choose a password if you’re on mobile devices and you’re not running scripts connecting to your remote server. Leave the filename as default (
Now set permissions on your newly created keys:
chmod 700 ~/.ssh
chmod 600 ~/.ssh/id_rsa

then move to the user ssh directory:
cd ~/.ssh
And copy your public key to the /root/.ssh/authorized_keys on your remote server (remoteserver).
Since you cannot login as root you have to first copy the public key to your newuser home on the remote server
scp ~/.ssh/ newuser@remoteserver:/home/newuser/
then login to your remote server as newsuser
ssh newuser@remoteserver
become super user (root)
su -
move to newuser home where the public key file is:
cd /home/newuser/
and copy the public key into the server root’s authorized keys file:
cat >> /root/.ssh/authorized_keys
Now delete your public key from the server
rm -f /home/newuser/
And set permissions on your authorized keys file:
chmod 700 /root/.ssh
chmod 600 /root/.ssh/authorized_keys

And get rid of any possible SElinux problem:
restorecon -Rv /root/.ssh

Now try to login as root to your remote server and you won’t be promped for any password anymore

You may wish to completely disable remote ssh logins, using only public keys logins. Edit the /etc/ssh/sshd_config fileon remote server as root, find and edit the following line as it is:
# Disable password authentication forcing use of keys
PasswordAuthentication no

Be carefull, you can lock yourself out of the system without any ssh logins, so I suggest you to always have a ssh user login available. You can keep it safe changing passwords and using fail2ban (read more later).

Galaxy Tab 2 10.1 and Ubuntu file transfer

Recently I’ve got myself a Samsung Galaxy tab 2, a useful and well made device, easy to carry around.
Using Ubuntu on my pc I suddenly met an odd connection problem I never had with my android smartphone, the device cannot be accessed directly as storage, but only using mtp protocols. This means I’m having problems moving most files on the tablet.
Looks like in the latest 13.04 version Ubuntu has a new upgraded version of GVFS with MTP support embedded.
Even if you’re not using the 13.x version of ubuntu you can install a special PPA providing the upgraded GVFS, just follow these steps:

sudo add-apt-repository ppa:langdalepl/gvfs-mtp
sudo apt-get update

Then install gvfs

sudo apt-get install gvfs

or lunch update manager if you already have it installed on your system.

If you should face any problem you can purge the new PPA doing:

sudo ppa-purge ppa:langdalepl/gvfs-mtp

Out of space on a linux machine, how to

Sometimes happens a linux machine runs out of space, there are many reasons for it, external attacks, large uploaded files, misconfigured log files, ecc…Running out of space can sometimes lead to file corruption problems, so it’s a good idea addressing the problem as soon as possible. While on windows machines we have many graphic tools to find large files, in linux we have all we need inside our kernel, but as usual, as a good linux sysadmin you need some command line tool tips, or finding those large file to delete can be tricky.
First of all find which partition you need to inspect:
and move there positioning yourself on the root.
then take a look at your directories (and they subdir) size:
du -sk *|sort -n
You will have something like this:

0 misc
0 net
0 proc
0 selinux
0 sys
4 media
4 mnt
4 srv
16 lost+found
88 tmp
296 dev
1036 root
3028 opt
7744 bin
14280 sbin
22827 boot
27276 lib64
46896 etc
131836 lib
324124 var
2859540 usr
81246924 home

folders are sorted from smaller to bigger.
Look at the folders size and try to guess where you need to clean some space, usually a sys admin knows his servers and can find out oversized directories at the first glance. We’ll move into /home for a deeper inspection:
cd /home
let’s see the files:
ls -al
if we can’t find anything wrong we can type
du -sk *|sort -n
again and follow the subfolders for a deeper inspection until we find our large file/files to be deleted, issuing
rm -f
will delete the file
rm -rf
will delete a directory and its contenet, use the commands carefully.
Check with df again your partition usage until you can free out the needed space.


Sometimes there’s a big difference between what the “df” command says and what “du-sk” returns, the reason is “df” returns the disk allocation, while “du” the file dimensions. You can check if there are deleted files issuing this command:
lsof |grep '(deleted)'
finding deleted files still used by other programs when deleted. They still use space but do not show up in the du command. As soon as you restart the system or stop the program they leave.


You can use a simple script to prevent your disk from going full:

you can find some more info about the script here:

set up a cronjob:
crontab -e
press the insert key, then add this line:
*/5 * * * * path_to_script
then press ESC key
and type :wq then return key to save and exit.

The script will run every 5 minutes checking space on your partitions and sending an email to “ADMIN” address once the space will go lower then the percentage in “ALERT”.
Remember to setup ALERT, ADMIN and eventually EXCLUDE_LIST in the script.

Make ReIMG Image Resizer working with User Blog Mod on phpBB3 board

I came across this problem a couple nights ago, I had a phpBB3 board rel. 3.0.11 with User Blog Mod rel. 1.0.15 and Reimg Image Resizer rel. 2.0.1 . Googling I found a well done solution here
So I found the template html page in subsilver2 (my default template) in charge of the page generation /WEBSITEROOT/styles/subsilver2/template/viewtopic_print.html and got the following code:

So i updated my /WEBSITEROOT/blog.php according to the above link instructions as follows (first 4 script lines):

Emptying cache and refreshing the big images have not got resized.

At this point I solved the problem in this way:

move into the template folder /WEBSITEROOT/styles/subsilver2/template/ edit the file attachment.html, the template file used by phpBB to format attachment html code, find the following code:

Replace with:

Now if you’re using subsilver2 or prosilver template check that the presence in overall_header.html right before the closing HEAD tag of this code:

or add it.
While if you’re using Coda or Blogger template (included in user blog mod) check the file /WEBSITEROOT/blog/styles/blogger(or coda)/blog/viewblog.html for the code above, if not present just add it right before the closing HEAD tag as shown above.
Check the presence in /WEBSITEROOT/blog.php of the LOAD_REIMG row in the very first rows:

or add it.
Empty cache and refresh.

It’s not fancy, you have to repeat this easy procedure for any template used, but it works!