Using GDB to debug httpd process_beginner

First you would need to list all the outstanding httpd processes

ps -ef|grep httpd

then you would attach gdb to one of the process listed

gdb httpd PID

once GDB is started, you would need to continue the process attached by command “continue”

type “where” to see the current trace

if the process was terminated by error, use “bt” to back trace it


Selinux How to check for HTTPD options

A very important note about Selinux;

You really have to look closely to the context of Selinux.

Httpd would only work if the script was set to “httpd_sys_script_exec_t”

Find out what the file is currently set to by using “ls -lZ *.cgi”

then set the file to httpd_sys_script_exec_t by using “chcon -t httpd_sys_script_exec_t /var/www/html/*.cgi”


/usr/sbin/getsebool -a | grep httpd

Sample output

httpd_anon_write –> off
httpd_builtin_scripting –> on
httpd_can_check_spam –> off
httpd_can_connect_ftp –> off
httpd_can_connect_ldap –> off
httpd_can_connect_mythtv –> off
httpd_can_connect_zabbix –> off
httpd_can_network_connect –> off
httpd_can_network_connect_cobbler –> off
httpd_can_network_connect_db –> on
httpd_can_network_memcache –> on
httpd_can_network_relay –> off
httpd_can_sendmail –> off
httpd_dbus_avahi –> off
httpd_dbus_sssd –> off
httpd_dontaudit_search_dirs –> off
httpd_enable_cgi –> on
httpd_enable_ftp_server –> off
httpd_enable_homedirs –> off
httpd_execmem –> off
httpd_graceful_shutdown –> on
httpd_manage_ipa –> off
httpd_mod_auth_ntlm_winbind –> off
httpd_mod_auth_pam –> off
httpd_read_user_content –> off
httpd_run_preupgrade –> off
httpd_run_stickshift –> off
httpd_serve_cobbler_files –> off
httpd_setrlimit –> off
httpd_ssi_exec –> off
httpd_sys_script_anon_write –> off
httpd_tmp_exec –> off
httpd_tty_comm –> off
httpd_unified –> off
httpd_use_cifs –> off
httpd_use_fusefs –> off
httpd_use_gpg –> off
httpd_use_nfs –> off
httpd_use_openstack –> off
httpd_use_sasl –> off
httpd_verify_dns –> off


Set options on/off by

setsebool -P httpd_enable_cgi on
















按照我爱水煮鱼文章中提到的方法,君子不器直接搜索了_wp_check_for_scheduled_split_terms 这个函数,然后君子不器就在/wp-includes/taxonomy.php文件中找到了了如下代码。

  1. /**
  2. * In order to avoid the wp_batch_split_terms() job being accidentally removed,
  3. * check that it’s still scheduled while we haven’t finished splitting terms.
  4. *
  5. * @ignore
  6. * @since 4.3.0
  7. */
  8. function _wp_check_for_scheduled_split_terms() {
  9.         if ( ! get_option( ‘finished_splitting_shared_terms’ ) && ! wp_next_scheduled( ‘wp_batch_split_terms’ ) ) {
  10.                 wp_schedule_single_event( ‘wp_batch_split_terms’, time() + MINUTE_IN_SECONDS );
  11.         }
  12. }

按照我爱水煮鱼的解释,上面的代码会定期把shared terms分离,然而wp_schedule_single_event函数的第一个参数是$timestamp,第二个才是 $hook。但是上面这段代码竟然写反了,然后就产生了一大堆定时作业,使得正常的定时作业都无法工作了。



SElinux And ways to stop it!

I’m going to start with the hammer and work my way down to the scalpel.

Here’s the hammer:


[root@boxy ~]# setenforce 0
[root@boxy ~]# getenforce


The setenforce 0 command switches off SELinux enforcing until the next reboot, and getenforce shows you the current status. To stop SELinux from enforcing on any reboot, you’ll need to change a configuration file:

[root@boxy ~]# cat /etc/selinux/config 
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.

Change that enforcing to permissive (or disabled) and you’re good to go. The difference:


  • enforcing blocks operations that SELinux does not allow
  • permissive does not block the operations, but logs them (to /var/log/audit/audit.log)
  • disabled switches off SELinux entirely, to the extent that you cannot use setenforce until you change it and reboot.

For example, on a machine with SELinux set to permissive, I can do the following:

[root@boxy ~]# setenforce 1
[root@boxy ~]# getenforce

But if it’s disabled, this happens:

[root@boxy ~]# setenforce 0
setenforce: SELinux is disabled
[root@boxy ~]# setenforce 1
setenforce: SELinux is disabled

That’s the hammer.

So, to return to the example that generated the error, I can use the hammer:

[root@boxy ~]# setenforce 0
[root@boxy ~]# service mysql start --datadir=/datadir
Starting MySQL. SUCCESS! 
[root@boxy ~]# service mysql stop
Shutting down MySQL.. SUCCESS!

If you’re happy with that, you could then edit the configuration file to disable SELinux on next reboot, and thanks for reading. See you next time.

I’m intrigued. How do I configure it?

Obviously, there’s a lot more to SELinux than disabling it, and a responsible admin (that’s you, right?) wants to know how to use it rather than disable it. I’m not going to get into too much detail here.

We can, however, look at how you can assign SELinux types to objects such as ports and files, so that members of the mysqld_t domain (specifically the mysqld_safe process, launced when you run service mysql start) can access those objects.

So here’s the scalpel. First, let’s configure SELinux to enable MySQL’s use of port 3307:

 [root@boxy ~]# semanage port -a -t mysqld_port_t -p tcp 3307
You’ll need to install the policycoreutils-python package to use the semanage utility.

The semanage utility changes various SELinux settings.  In this case, it adds (-a) a type (-t  mysqld_port_t) to the port mappings for port 3307 using TCP as its protocol (-p tcp). When MySQL (through the mysqld_safe process) tries to access that port, SELinux recognises that the port has a type that is approved for such access by the policy.

We can also allow MySQL to use the /datadir directory:


[root@boxy ~]# semanage fcontext -a -t mysqld_db_t "/datadir(/.*)?"
[root@boxy ~]# restorecon -Rv /datadir
restorecon reset /datadir context 
restorecon reset /datadir/mysql.sock context 

In this example, semanage is adding the type mysqld_db_t to the file context map (fcontext) for anything in the/datadir directory and subdirectories (“/datadir(/.*)?”, a regular expression). File mappings such as this are contained in the file /etc/selinux/targeted/contexts/files/file_contexts.local; that file must subsequently be read in order to set the appropriate type on the file itself. That’s done by the restorecon utility, and at system reboot.  If you want to change a file context immediately, but don’t need it to survive a reboot, there’s achcon utility that performs that task.

The same principles and statements apply if you wish to use other ports or directories. There are similar types that apply to different kinds of files; I used mysqld_db_t above for database directories, but the standard SELinux policy for MySQL also include:


  • mysqld_etc_t for configuration files such as /etc/my.cnf
  • mysqld_log_t for logfiles such as those named /var/log/mysql*
  • Types for the PID file, tmp files, service startup files in the /etc/init.d directory, and the various executables you’re likely to use

As you can see, you can get quite fine-grained as you wield your configuration scalpel. Personally, I’ve had mixed results using things like mysqld_log_t for custom logfile locations, but I got around it initially by using mysqld_db_t(as for data files), and subsequently by using a custom-made policy file.


ls -lZ /var/lib/mysql
semanage fcontext -a -t mysqld_log_t “/var/log/Mysql-bin(/.*)?”
grep -i mysql /etc/selinux/targeted/contexts/files/file_contexts.local
restorecon -R -v /var/log/Mysql-bin


MySql max_connections issue

For quite some times, I have not been able to set this max_connections to the value I wanted. Did some searching today, found out some possible answer and solutions.

Turns out, You may not have max_connections larger than the Open_Files_limit by Linux, therefore, I went on searching how to adjust such value.

If a quick change is needed, do the following in the CL

ulimit -n 4096

If you would like a permanent change, go to etc/security.limits.conf , add the line of following

*               hard    nofile             2048

for further explanation on Ulimit, go to


for futher details on adjusting Max_connection value



I needed to edit /usr/lib/systemd/system/mysqld.service and add


Then run systemctl daemon-reload and systemctl restart mysql.service.

About LVM partition

A few things ahead:

to shrink LVM space: lvreduce –size 100G /dev/LVM   *** 100G as the final amount or use -100G meaning reduce 100G

use pvs to look at physical volume status.

use fdisk -l to look at partition status

df -h to look at free space status

use lvextend  to extend the lvm volume

IF there is no LVM volume to extend, means you need to create one and mount it on the path you want.

– use lvreduce to free some space and use the following to create and mount a new lvm

1-Assume there is already a physical volume created (pvcreate /dev/hdb1)

2- Assume LVM volume group is already created (vgcreate -s 16M vg0 /dev/hdb1)

3- use pvs to find the lvm group name: pvs -> /dev/xvda2 abcde lvm2 a–  699.51g 290.62g

4- create a logical volume lvcreate -L 400M -n lvol0 abcde

5- format the partition mkfs -t ext3 -m 1 -v /dev/vg0/lvol0

6- mount it to the designated folder mount -t ext3 /dev/vg0/lvol0 /var/www




There has been always some issue with installing the imap support lib for the rehl. It’s they are just not liking it or IMAP did not pay enough commission to rehl. I don’t know, but lucky i came across a script which will ultimately save your trouble and put everything nice and neat into the /usr/local/php-imap, So afterall you could just simple compile php with  –with-imap=/usr/local/php-imap –with-imap-ssl –with-openssl.

download the rar and unzip it, upload it to your linux box, and run the, don’t forget to chmod 777 of it.




PHP Mail()

So here is the headache.

Most of the time I will have myself run into problems A LOT dealing with php mail. And with all the efforts, here are the steps i took to trouble shoot them

–First makesure inside php.ini


sendmail_path=/usr/sbin/sendmail -t -i


must be configured.

–then make sure you set the log file right. This could be really helpful when it comes to find out just why mails are not sending out even with everything set correctly. so within php.ini make sure the following.

mail.log=A path 

–Then make sure one tricky thing. Make sure the following folder has the correct permission. or otherwise your webserver will not be able to use sendmail.

ls -l /usr/sbin/sendmail.sendmail  -r-xr-sr-x root smmsp /usr/sbin/sendmail.sendmail

ls -l /var/spool/clientmqueue  drwxrwx--- smmsp smmsp /var/spool/clientmqueue

— One last thing, If your bloody SeLinux is open. Do the following.

getsebool -a | grep mail

if they are turned off it will show as follows.

allow_postfix_local_write_mail_spool –> on
httpd_can_sendmail –> off

turn it on by using

setsebool -P httpd_can_sendmail on

——————–Here is how you can test sendmail—————————

write a test.txt with the following contents

Subject: Put a subject here

Of cause, here's the place to put the body
sendmail -vt < [email file above]

install mysql on redhat on yum repo

Steps for a Fresh Installation of the latest GA Version of MySQL

Follow the steps below to install the latest GA version of MySQL with the MySQL Yum repository:

  1.  Adding the MySQL Yum Repository

    First, add the MySQL Yum repository to your system’s repository list. This is a one-time operation, which can be performed by installing an RPM provided by MySQL. Follow these steps:

    1. Go to the Download MySQL Yum Repository page ( in the MySQL Developer Zone.
    2. Select and download the release package for your platform.
    3. Install the downloaded release package with the following command (except for EL5-based systems), replacingplatform-and-version-specific with the name of the downloaded RPM file:
      shell> sudo yum localinstall platform-and-version-specific.rpm


      For an EL6-based system, the command is in the form of:

      shell> sudo yum localinstall mysql-community-release-el6-{version-number}.noarch.rpm


      For an EL7-based system:

      shell> sudo yum localinstall mysql-community-release-el7-{version-number}.noarch.rpm


      For Fedora 19:

      shell> sudo yum localinstall mysql-community-release-fc19-{version-number}.noarch.rpm


      For Fedora 20:

      shell> sudo yum localinstall mysql-community-release-fc20-{version-number}.noarch.rpm


      For an EL5-based system, use the following command instead:

      shell> sudo rpm -Uvh mysql-community-release-el5-{version-number}.noarch.rpm


      The installation command adds the MySQL Yum repository to your system’s repository list as well as downloading the GnuPG keys to check the integrity of the software packages. See Signature Checking Using GnuPG for details on GnuPG key checking.

      You can check that the MySQL Yum repository has been successfully added by the following command:

      shell> sudo yum repolist enabled | grep "mysql*-community*"




    Once the MySQL Yum repository is enabled on your system, any system-wide update by the yum updatecommand will upgrade MySQL packages on your system and also replace any native third-party packages, if Yum finds replacements for them from within the MySQL Yum repository; see Chapter 3, Upgrading MySQL with the MySQL Yum Repository and, for a discussion on some possible effects of that on your system, see Upgrading to the Shared Client Libraries.

  2.  Installing MySQL with Yum

    Install MySQL by the following command:

    shell> sudo yum install mysql-server

    This installs the package for MySQL server (mysql-community-server) and also packages for the components required to run the server, including packages for the client (mysql-community-client), the common error messages and character sets for client and server (mysql-community-common), and the shared client libraries (mysql-community-libs).

  3.  Starting and Stopping the MySQL Server

    Start the MySQL server with the following command:

    shell> sudo service mysqld start


    This is a sample output of the above command:

    Starting mysqld:[ OK ]


    You can check the status of the MySQL server with the following command:

    shell> sudo service mysqld status


    This is a sample output of the above command:

    mysqld (pid 3066) is running.


    Stop the MySQL server with the following command:

    shell> sudo service mysqld stop


  4.  Securing the MySQL Installation

    Always run the program mysql_secure_installation to secure your MySQL installation:

    shell> mysql_secure_installation


    mysql_secure_installation allows you to perform important operations like setting root password, removing anonymous users, and so on. The program is safe and easy to use. It is important to remember the root password you set though. See mysql_secure_installation — Improve MySQL Installation Security for details.

installing google chrome onto red hat 6.1

Google Chrome is a freeware web browser developed by Google Inc. Google Chrome team proudly announced the release of Google Chrome 32 on January 14, 2014. The actual version is 32.0.1700.77 for Linux/Mac OS X and 32.0.1700.76 for Windows operating system. This new version bundled with a number of exciting fixes, features and improvements, including:

  1. Tab indicators for sound, webcam and casting
  2. A brand new look and feel for Win8 Metro mode
  3. Automatically blocking malware files
  4. Several new apps/extension APIs
  5. Number of new changes for stability and performance
  6. Updated Flash player

If you would like to know more other cool features of this release, please visit at Google’s Chrome Features.

Install Google Chrome in Linux
In our earlier articles we have shown you how to install latest released 
Opera Browser 12.00 and Firefox 26 versions. In this tutorial we will show you how we have practically installed Google Chrome 32 browser in one of our CentOS 6.5 server using Google’s own repository with Yum tool. By using repository you will keep your Chrome browser up-to-date. However, it should also work on RHEL 6.5/6.4/6.3/6.2/6.1/6.0CentOS 6.5/6.4/6.3/6.2/6.1/6.0 and Fedora 19,18,17,16,15 versions as well.

Step 1: Enable Google YUM repository

Create a file called /etc/yum.repos.d/google-chrome.repo and add the following lines of code to it.


Step 2: Installing Chrome Web Browser

Download and Install Chrome Web Browser with yum command. It will automatically install all dependencies.

# yum install google-chrome-stable

Update : Sadly, the Google Chrome browser no longer supports the most famous commercial distribution Red Hat and its free clones such as CentOS and Scientific Linux.

Yes, they’ve discontinued support for RHEL 6.X version as of Google Chrome and on other side, latest Firefox and Opera browsers run successfully on the same platforms.

Luckily, there is a script developed by Richard Lloyd, that automatically download and install latest Google Chrome browser by picking libraries from a more recent released distro and put those libraries in (/opt/google/chrome/lib) directory and then you can able to runGoogle Chrome on CentOS 6.X version.

# wget
# chmod u+x
# ./
Sample Output
Google Chrome Installer 2.00 on the i686 platform
(C) Richard K. Lloyd 2013 <>

*** Checking for an update to ...

--2013-07-18 17:27:02--
Connecting to||:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 5 [text/plain]
Saving to: âversion.datâ

100%[===================================================================================================================>] 5           --.-K/s   in 0s

2013-07-18 17:27:02 (264 KB/s) - âversion.datâ

*** is already the latest version (2.00) - continuing ...

*** Determining latest Google Chrome version number ...

Step 3: Starting Chrome Web Browser

Start browser with non-root user.

# google-chrome &

Google Chrome Startup Screen

Welcome screen of Chrome web browser.

Google Chrome Welcome Screen

Exploring with cool Chrome web browser.

Exploring in Google Chrome

That’s it, enjoy browsing with Chrome and do let me know your browsing experience with Chrome via comments.