AskApache » Search Results » boot

HOWTO: Uninstall CPANEL over SSH

AskApache — Mon, 04 Jul 2011 18:55:40 +0000

WARNING! This is for advanced users of the shell, this is NOT a howto or tutorial. The thing is, I googled how to uninstall cpanel and for once in my life I came up empty.. And certainly the cpanel official sites themselves don't provide any instructions other than to say "Dont uninstall it, reinstall your entire operating system without it.".. they sure don't seem confident that they know exactly what their code is doing. Cpanel is great for most people, perfect for many situations, so don't get me wrong.. this is just for fun.

Why Uninstall?

Why? Because I have always built my servers, php installations, perl installs, ruby, iptables, everything from source. I read the INSTALL/README docs, I read the man pages, and I read the info pages as well. I google for configuration advice, I google for tips, and I don't need a web-based perl script messing my stuff up!

The main problems I had with cpanel, which really is a great bit of software for millions of website developers, is that it was incredibly sneaky! I used it for about 6 months and spent that entire time trying to figure out what the heck it was doing. A couple issues that I really disliked, it takes over your bind install, it takes over your apache install, it takes over your php install. And although it does let you configure some things (very few) for custom configurations and the like, I just don't need any of that. By removing the darn thing I am saving GIGS of space on my server, tons of bandwidth, and most importantly to me I am saving CPU and processing time along with RAM and IO speed.

Anything Else

Please.. I could go on for DAYS! Another reason I have wanted to be rid of cpanel is that I like my servers to be as lean and mean as possible. This means I like as few files and processes as possible. There are many benefits to this, like it's much easier for my integrity checking software and rootkit/antivirus software to run and drastically reduces the false positives. And there is that glaring security issue of constantly having cpanel run it's own software to create the WHM/Cpanel web interface, which is accessible online. I haven't researched cpanel security at all, it's possible that it never has security problems that are published, but for me, why take the chance?

Warning - Caution!

The following is just a quick reference of some of the commands I used to uninstall cpanel. This is for advanced users of the shell. If you aren't that advanced and you run a single one of these commands without fully understanding it, you will probably kill your server, probably lose everything on it permanently, probably not have a website or email for weeks.. So backup all your data FIRST. Also, if you aren't 100% sure you won't run into problems, you should contact your hosts technical support - but be prepared for some MAJOR negativity.. cpanel makes things very easy for hosts, and the last thing tech support wants is to fix a server broken by someone who doesn't know what they are doing.

Last Warning!

Unless you understand what theses commands do and the purpose they serve, do not try any of this. These are not the exact commands I used verbatim, they are also not in order. I only put them up here because I was so amazed that google didn't have any uninstall cpanel intructions. Hopefully it's not a conspiracy that will get my site taken down.. ;)

That said and out of the way, it really only took me about 10 minutes to uninstall cpanel completely. But keep in mind I have been closely monitoring and debugging cpanel for 6 months, so I knew what I was doing. And finally, I do apologize for not having better instructions.. but hey, if you don't get this then you have no business trying to figure out how to uninstall cpanel! It's great software and shouldn't be removed unless you are fully capable of managing email/dns/www/ftp and any/all other servers and services on your machine by hand.

Do This First

I have a few drafts I'm working on at the moment with specifics, but for now you will have to figure it out with google. Basically you want to make sure you don't totally knock your machine offline without being able to reconnect. What I do is compile a static version of openssh and a few other security-type shell tools, and configure this binary sshd to run by using inittab, which is the file run by init (pid 1) and makes sure if it dies it is restarted. Here is my /etc/inittab to run the static sshd binary:

hh:12345:respawn:/failover/os/sbin/aassh -D -q -u0 -f /failover/os/etc/aassh

Another trick is to keep a detached screen logged in to root. That way if you mess up your sudoers or securetty or pam or whatever, you can just reattach and fix it.

Finally, you may want to setup your syslog to start earlier than usual, and set up more than normal verbosity. ( I take it to the max ). Then you should setup a 2nd server or machine somewhere to act as a syslog server. Lastly, configure your web server syslog to copy all messages to the remote syslog you set up. I use a reverse ssh tunnel to encrypt the syslog packets, but when I do something serious like reboot after uninstalling cpanel, I prepare for it by adding additional networking routes on my machine to make sure I will get some logs even if sshd cant start or even if my network addresses aren't brought up correctly.

If that sounds easy to you, please continue. If you are saying: Wha??? Continue in read-only mode.

Also, you can't just uninstall cpanel, I have replaced a lot of cpanel already, like building my own bind, apache, php, syslog and making sure they work and aren't being tampered with by cpanel. Basically cpanel runs everything on your server in most cases, so you should prepare by creating your own static software to replace cpanel, and make sure it works.

Find files Accessing /var/cpanel

More than likely these will need to be killed.

lsof +w -Rg -nP +c15 -x f +D /var/cpanel
lsof +w -Rg -nP +c15 -x f +D /usr/local/cpanel

Killing cpanel

Just an example, your machine may have a lot more than these, I have been slowly taking control of my machine back from cpanel for 6 months, so it was easier for me.

for P in tailwatchd queueprocd cpanellogd exim; do pkill -9 $P; done

Commands and Shortcuts

alias NF='nice find $PWD -mount -depth ! -type d'
alias NFF='nice find $PWD -mount -depth ! -type d | xargs -IF87 file F87'
alias NA='nice find $PWD -mount -depth'
alias NAF='nice find $PWD -mount -depth | xargs -IF87 file F87'

Watch out for crontab

An example of the sneakiness (from my POV, from most it's called builtin robustness) that cpanel does is automagically adding crontab entries that make it behave similarly to a self-propagating virus. If you don't disable the cronjobs and kill the right processes within a short period of time, be prepared for a magic resurrection.

Here's my awesome crontab information function, you will need to check every file, it lists the default crons on my box, and every users crontab, but it can't account for other cron software like at and other crons.

function askapache_crontab()
{
  local GG i;
  for i in `getent passwd|cut -d ":" -f1`;
  do
    GG=$(sudo crontab -u $i -l 2>$N6 | tr -s '\n\000' | sed '/^#/d');
    [[ ${#GG} -gt 3 ]] && sleep 1 && echo -e "$i \n\n${GG}"
  done;
   sleep 4;
   ls -aLls1ch --color=always /etc/cron.{hourly,daily,weekly,monthly,d} | sed '/^total/d; /\ drwxr-xr-x/d';
}

grep -ir /var/spool cpan

#6 3 * * * /scripts/upcp
#0 1 * * * /scripts/cpbackup
#0 2 * * * /scripts/mailman_chown_archives
#35 * * * * /usr/bin/test -x /usr/local/cpanel/bin/tail-check && /usr/local/cpanel/bin/tail-check
#11,26,41,56 * * * * /usr/local/cpanel/whostmgr/bin/dnsqueue > /dev/null 2>&1
#30 */4 * * * /usr/bin/test -x /scripts/update_db_cache && /scripts/update_db_cache
#45 */8 * * * /usr/bin/test -x /usr/local/cpanel/bin/optimizefs && /usr/local/cpanel/bin/optimizefs
#*/5 * * * * /usr/local/cpanel/bin/dcpumon >/dev/null 2>&1
#25 1 * * * /usr/local/cpanel/whostmgr/docroot/cgi/cpaddons_report.pl --notify

Delete Crontabs

sudo crontab -u mailman -r

Find INIT scripts with cpanel

This is the main startup script: /usr/local/cpanel/etc/init/startup

I had no idea ruby-on-rails was being controlled by cpanel.. sneaky bugger. You can tell by all of these advanced unix commands just how difficult it would be to uninstall cpanel, its totally like the Alien!

(1:3744)# find . ! -type d -print0|xargs -0 -I'F87' grep -Hi "cpan\|tailwat\|chkser" F87
./fastmail:# Author:       cPanel, Inc. 
./httpd:        HTTPD=/usr/local/cpanel/bin/chroothttpd
./cpanel:# cpanel8       Start Cpanel Services
./cpanel:# Author:       cPanel, Inc. 
./cpanel:# description: This is the cpanel webserver and chat.
./cpanel:# processname: cpaneld
./cpanel:# pidfile: /var/run/cpanel.pid
./cpanel:[ -f /usr/local/cpanel/etc/init/startup ] || exit 0
./cpanel:       if [ -f "/var/cpanel/smtpgidonlytweak" ]; then
./cpanel:       echo -n "Starting cPanel services: "
./cpanel:       daemon /usr/local/cpanel/etc/init/startcpsrvd
./cpanel:       echo -n "Starting cPanel brute force detector services: "
./cpanel:       daemon /usr/local/cpanel/etc/init/startcphulkd
./cpanel:    echo -n "Starting cPanel dav services: "
./cpanel:       daemon /usr/local/cpanel/etc/init/startcpdavd
./cpanel:               daemon /usr/local/cpanel/etc/init/startcppop
./cpanel:       echo -n "Starting cPanel Chat services: "
./cpanel:               daemon /usr/local/cpanel/entropychat/entropychat
./cpanel:               daemon /usr/local/cpanel/bin/startmelange
./cpanel:                       /usr/local/cpanel/bin/startinterchange
./cpanel:       echo -n "Starting cPanel ssl services: "
./cpanel:       daemon /usr/local/cpanel/startstunnel
./cpanel:    echo -n "Starting cPanel Queue services: "
./cpanel:       daemon /usr/local/cpanel/etc/init/startqueueprocd
./cpanel:    echo -n "Starting tailwatchd: "
./cpanel:    daemon /usr/local/cpanel/libexec/tailwatchd --start
./cpanel:       echo -n "Starting cPanel Log services: "
./cpanel:       daemon /usr/local/cpanel/cpanellogd
./cpanel:    action "Starting mailman services: " /usr/local/cpanel/etc/init/startmailman
./cpanel:    action "Stopping tailwatchd: " /usr/local/cpanel/libexec/tailwatchd --stop
./cpanel:    action "Stopping cPanel services: " /usr/local/cpanel/etc/init/stopcpsrvd
./cpanel:       action "Stopping cPanel dav services: " /usr/local/cpanel/etc/init/stopcpdavd
./cpanel:       action "Stopping cPanel queue services: " /usr/local/cpanel/etc/init/stopqueueprocd
./cpanel:       action "Stopping cPanel brute force detector services: " /usr/local/cpanel/etc/init/stopcphulkd
./cpanel:               action "Stopping pop3 services: " /usr/local/cpanel/etc/init/stopcppop
./cpanel:       echo -n "Stopping cPanel log services: "
./cpanel:       killproc cpanellogd
./cpanel:       echo -n "Stopping cPanel Chat services: "
./cpanel:       action "Stopping cPanel ssl services: " /usr/local/cpanel/etc/init/stopstunnel
./cpanel:       action "Stopping mailman services: " /usr/local/cpanel/etc/init/stopmailman
./cpanel:       if [ -e "/usr/local/cpanel/3rdparty/mailman/bin/mailmanctl" ]; then
./exim:if [ -e "/etc/chkserv.d" ]; then
./exim:        for file in `ls /etc/chkserv.d`
./exim:            if [ ! -e "/usr/local/cpanel/libexec/tailwatchd" ]; then
./exim:    if [ -x "/usr/local/cpanel/etc/init/startspamd" ]; then
./exim:        /usr/local/cpanel/etc/init/startspamd
./exim:        if [ ! -e "/usr/local/cpanel/libexec/tailwatchd" ]; then
./ror:  /usr/local/cpanel/bin/rormgr --startboot
./ror:  /usr/local/cpanel/bin/rormgr --stopall
./ror:  /usr/local/cpanel/bin/rormgr --stopall
./ror:  /usr/local/cpanel/bin/rormgr --startboot
./ror:  /usr/local/cpanel/bin/rormgr --statusall
./securetmp:# Author:       cPanel, Inc.

Turn off cpanel services

You should remove the below delete command and start by just disabling the inits by turning them off. Then reboot. Then delete. If your machine won't reboot, I told you so, Cpanel told you so, and likely your host told you so.

for S in cpanel ror securetmp fastmail exim; do R=$(command chkconfig --level 123456 $S off ||echo); R=$(command chkconfig --del $S ||echo); done

HTTPD

If you are running chrooted httpd then you'll need to make sure you don't delete your entire webserver on accident. Here's a relevant part from the /etc/init.d/httpd script.

# the path to your httpd binary, including options if necessary
if [ -e "/etc/chroothttpd" ]; then
        HTTPD=/usr/local/cpanel/bin/chroothttpd
else
        HTTPD=/usr/local/apache/bin/httpd
fi

Finding files owned by cpanel

Some super cool bash commands in this post.. let's start with one to find all the files and folders on your machine owned by cpanel. Check your /etc/passwd file for your machines specific usernames and groups. This command saves all the filenames to ~/cpanel-files-backup.txt, which is used by tar next to create a backup of all of them.

{ find / -mount -depth -maxdepth 150 \( -group cpanel -o   -group cpanel-phpmyadmin -o -group cpanel-phppgadmin   -o -group cpanelphpmyadmin   -o -group cpanelphppgadmin   -o -group cpanelhorde   -o -group cpanelroundcube \) -print; find / -mount -depth -maxdepth 150 \( -user cpanel -o   -user cpanel-phpmyadmin -o -user cpanel-phppgadmin   -o -user cpanelphpmyadmin   -o -user cpanelphppgadmin   -o -user cpanelhorde   -o -user cpanelroundcube \) -print; } > ~/cpanel-files-backup.txt

Here's another way to search directories.

 grep --color=always -Hir cpanel /var

Create the Backup

Note that you must have the latest version of tar for this exact command, also you should backup /var/cpanel and /usr/local/cpanel and /etc and heck the whole machine why dontcha!

tar -T ~/cpanel-files-backup.txt -cvz --checkpoint=1000 --checkpoint-action="ttyout=\rHit %s checkpoint #%u" -f /cpanel-files-backup.tgz --totals

Remove Files

Once you do this your upstream without a paddle, you better make sure you know what you're doing with this. This removes all those files.

cat ~/cpanel-files-backup.txt | xargs -I'F87' rm -vfr F87

Additionally you will want to remove /usr/local/cpanel and /var/cpanel - What I always do when running as root is alias my rm command to instead simply move the files to a .trash folder. That way if something goes bork you have a better chance at fixing it.

Find Group-Owned Files

find / -mount -depth -maxdepth 150 \
\(  -group cpanel -o \
  -group cpanel-phpmyadmin \
  -o -group cpanel-phppgadmin \
  -o -group cpanelphpmyadmin \
  -o -group cpanelphppgadmin \
  -o -group mailman \
  -o -group cpanelhorde \
  -o -group cpanelroundcube \
\) -fprintf /root/cpanel-group-files.log '%#8k %#5m %11M %#10u:%-10g %-5U:%-5G %p %f %Y %F\n'

Find User-Owned Files

find / -mount -depth -maxdepth 150 \(
  -user cpanel \
  -o -user cpanel-phpmyadmin \
  -o -user cpanel-phppgadmin \
  -o -user cpanelphpmyadmin \
  -o -user cpanelphppgadmin \
  -o -user mailman \
  -o -user cpanelhorde \
  -o -user cpanelroundcube
\) -fprintf /root/cpanel-users-files.log '%#8k %#5m %11M %#10u:%-10g %-5U:%-5G %p %f %Y %F\n'

       4  0755  drwxr-xr-x     cpanel:cpanel     32002:32004 /var/cpanel/userhomes/cpanel cpanel d reiserfs
       4  0700  drwx------ cpanel-phpmyadmin:cpanel-phpmyadmin 32005:32007 /var/cpanel/userhomes/cpanel-phpmyadmin/tmp tmp d reiserfs
       4  0644  -rw-r--r-- cpanel-phpmyadmin:cpanel-phpmyadmin 32005:32007 /var/cpanel/userhomes/cpanel-phpmyadmin/.cpanel/caches/featurelists/default.cache default.cache f reiserfs
       4  0700  drwx------ cpanel-phpmyadmin:cpanel-phpmyadmin 32005:32007 /var/cpanel/userhomes/cpanel-phpmyadmin/.cpanel/caches/featurelists featurelists d reiserfs
       4  0700  drwx------ cpanel-phpmyadmin:cpanel-phpmyadmin 32005:32007 /var/cpanel/userhomes/cpanel-phpmyadmin/.cpanel/caches caches d reiserfs
       4  0700  drwx------ cpanel-phpmyadmin:cpanel-phpmyadmin 32005:32007 /var/cpanel/userhomes/cpanel-phpmyadmin/.cpanel .cpanel d reiserfs
       4  0750  drwxr-x--- cpanel-phpmyadmin:cpanel-phpmyadmin 32005:32007 /var/cpanel/userhomes/cpanel-phpmyadmin/mail mail d reiserfs
       4  0711  drwx--x--x cpanel-phpmyadmin:cpanel-phpmyadmin 32005:32007 /var/cpanel/userhomes/cpanel-phpmyadmin cpanel-phpmyadmin d reiserfs
       4  0700  drwx------ cpanelphppgadmin:cpanelphppgadmin 32009:32011 /var/cpanel/userhomes/cpanelphppgadmin/sessions sessions d reiserfs
       4  0644  -rw-r--r-- cpanelphppgadmin:cpanelphppgadmin 32009:32011 /var/cpanel/userhomes/cpanelphppgadmin/.cpanel/caches/featurelists/default.cache default.cache f reiserfs
       4  0700  drwx------ cpanelphppgadmin:cpanelphppgadmin 32009:32011 /var/cpanel/userhomes/cpanelphppgadmin/.cpanel/caches/featurelists featurelists d reiserfs
       4  0700  drwx------ cpanelphppgadmin:cpanelphppgadmin 32009:32011 /var/cpanel/userhomes/cpanelphppgadmin/.cpanel/caches caches d reiserfs
       4  0700  drwx------ cpanelphppgadmin:cpanelphppgadmin 32009:32011 /var/cpanel/userhomes/cpanelphppgadmin/.cpanel .cpanel d reiserfs
       4  0750  drwxr-x--- cpanelphppgadmin:cpanelphppgadmin 32009:32011 /var/cpanel/userhomes/cpanelphppgadmin/mail mail d reiserfs
       4  0711  drwx--x--x cpanelphppgadmin:cpanelphppgadmin 32009:32011 /var/cpanel/userhomes/cpanelphppgadmin cpanelphppgadmin d reiserfs
       4  0750  drwxr-x--- cpanelroundcube:cpanelroundcube 514  :514   /var/cpanel/userhomes/cpanelroundcube/mail mail d reiserfs
       4  0700  drwx------ cpanelroundcube:cpanelroundcube 514  :514   /var/cpanel/userhomes/cpanelroundcube/sessions sessions d reiserfs
       4  0711  drwx--x--x cpanelroundcube:cpanelroundcube 514  :514   /var/cpanel/userhomes/cpanelroundcube cpanelroundcube d reiserfs
       4  0644  -rw-r--r--     cpanel:cpanel     32002:32004 /var/cpanel/.cpanel/caches/featurelists/default.cache default.cache f reiserfs
       4  0700  drwx------     cpanel:cpanel     32002:32004 /var/cpanel/.cpanel/caches/featurelists featurelists d reiserfs
       4  0700  drwx------     cpanel:cpanel     32002:32004 /var/cpanel/.cpanel/caches caches d reiserfs
       4  0700  drwx------     cpanel:cpanel     32002:32004 /var/cpanel/.cpanel .cpanel d reiserfs
       4  0700  drwx------ cpanelroundcube:cpanelroundcube 514  :514   /var/cpanel/roundcube/tmp tmp d reiserfs
       4  0700  drwx------ cpanelroundcube:cpanelroundcube 514  :514   /var/cpanel/roundcube/log log d reiserfs

Find Permissions

cat ~/cpanel-group-files.log ~/cpanel-users-files.log |tr -s '\000 \t'|cut -d' ' -f3|sort -u

Find files tailwatchd

(1:3732)# $NICE find ${1:-`pwd`} -mount -name '*tailwatch*'
/usr/local/cpanel/libexec/tailwatchd
/usr/local/cpanel/libexec/tailwatch
/usr/local/cpanel/libexec/tailwatch/tailwatchd
/usr/local/cpanel/etc/init/scripts/freebsd/tailwatchd.sh
/usr/local/cpanel/etc/init/scripts/trustix/tailwatchd
/usr/local/cpanel/etc/init/scripts/centos/tailwatchd
/usr/local/cpanel/etc/init/scripts/suse/tailwatchd
/usr/local/cpanel/etc/init/scripts/caos/tailwatchd
/usr/local/cpanel/etc/init/scripts/whitebox/tailwatchd
/usr/local/cpanel/etc/init/scripts/mandrake/tailwatchd
/usr/local/cpanel/etc/init/scripts/debian/tailwatchd
/usr/local/cpanel/etc/init/scripts/redhat/tailwatchd
/usr/local/cpanel/etc/init/scripts/fedora/tailwatchd
/usr/local/cpanel/etc/init/stoptailwatchd
/usr/local/cpanel/etc/init/starttailwatchd
/usr/local/cpanel/bin/tailwatchd
/usr/local/cpanel/logs/tailwatchd_log
/var/log/cpanel/tailwatchd_log
/var/cpanel/log_rotation/cp_tailwatchd_log.cpanellogd
/var/cpanel/tailwatch.positions
/var/run/tailwatchd.pid
/etc/chkserv.d/tailwatchd
/scripts/restartsrv_tailwatchd

Delete cpanel Users/Groups

for U in cpanel-phpmyadmin cpanel-phppgadmin cpanelphpmyadmin cpanelphppgadmin cpanelhorde cpanelroundcube machbuild; do userdel -fr $U; groupdel $U; done

Check for broken symlinks

find / -mount -depth -type l -print0 |xargs -0 -P0 -I'F87' file -s 'F87' | sed -n '/: broken symbolic link to/p'

Especially check /etc

$ find /etc -mount -depth -type l -print0 |xargs -0 -P0 -I'F87' file -s 'F87' | sed -n '/: broken symbolic link to/p'
/etc/ftpd-rsa.pem                   broken symbolic link to `/var/cpanel/ssl/ftp/ftpd-rsa.pem'
/etc/rc.d/rc1.d/K10chkservd         broken symbolic link to `../init.d/chkservd'
/etc/rc.d/rc1.d/K30antirelayd       broken symbolic link to `../init.d/antirelayd'
/etc/rc.d/rc1.d/K80dcc              broken symbolic link to `../init.d/dcc'
/etc/rc.d/rc3.d/K80dcc              broken symbolic link to `../init.d/dcc'
/etc/rc.d/rc3.d/S80chkservd         broken symbolic link to `../init.d/chkservd'
/etc/rc.d/rc3.d/S80antirelayd       broken symbolic link to `../init.d/antirelayd'
/etc/rc.d/rc6.d/K10chkservd         broken symbolic link to `../init.d/chkservd'
/etc/rc.d/rc6.d/K30antirelayd       broken symbolic link to `../init.d/antirelayd'
/etc/rc.d/rc6.d/K80dcc              broken symbolic link to `../init.d/dcc'
/etc/rc.d/rc5.d/K80dcc              broken symbolic link to `../init.d/dcc'
/etc/rc.d/rc5.d/S80chkservd         broken symbolic link to `../init.d/chkservd'
/etc/rc.d/rc5.d/S80antirelayd       broken symbolic link to `../init.d/antirelayd'
/etc/rc.d/rc2.d/K80dcc              broken symbolic link to `../init.d/dcc'
/etc/rc.d/rc2.d/S80chkservd         broken symbolic link to `../init.d/chkservd'
/etc/rc.d/rc2.d/S80antirelayd       broken symbolic link to `../init.d/antirelayd'
/etc/rc.d/rc4.d/K80dcc              broken symbolic link to `../init.d/dcc'
/etc/rc.d/rc4.d/S80chkservd         broken symbolic link to `../init.d/chkservd'
/etc/rc.d/rc4.d/S80antirelayd       broken symbolic link to `../init.d/antirelayd'
/etc/rc.d/rc0.d/K10chkservd         broken symbolic link to `../init.d/chkservd'
/etc/rc.d/rc0.d/K30antirelayd       broken symbolic link to `../init.d/antirelayd'
/etc/rc.d/rc0.d/K80dcc              broken symbolic link to `../init.d/dcc'
/etc/authlib/authProg               broken symbolic link to `/usr/local/cpanel/bin/courier-auth'

And delete if you are sure

find /etc -mount -depth -type l -print0 |xargs -0 -P0 -I'F87' file -s 'F87' | sed -n '/: broken symbolic link to/p' |cut -d' ' -f1|xargs -I'F87' rm -rvf 'F87'

Reinstall CSF

The only thing I actually used that came with cpanel is the CSF/LFD Firewall package, which is a fantastic piece of software. I had to reinstall this, and to get it working without cpanel add the following line to the csf.conf

GENERIC = "1"

Thats It

Now once you've cleaned up everything, you should try everything conceivable to get an error before rebooting. Like you should start and stop every service in /etc/init.d/, you should use telinit to check various runlevels (which keeps your sshd connection still live). Go all out, should take at least a full hour.

Another thing I like to do is rebuild alot of my source-built software again in case anything got messed up. I upgrade perl from cpanels 5.8.8 to 5.10, which is pretty thorough, and you know, reinstall anything else I think I might need. One of the benefits of compiling your own software is all I have to do is cd to the source directory and type make -B && ( { make test || make check || make checks || make tests; } || echo ) && sudo make install and that's it. The tests/checks are optional of course.

If anyone actually ever reads this and does it, please share your advice here.. everybody knows we need it! Good Luck

HOWTO: Uninstall CPANEL over SSH originally appeared on AskApache.com

Advanced Linux Debugging using a Bootloader (GRUB)

AskApache — Thu, 07 Apr 2011 16:35:41 +0000

AskApache.com

This is part of the GRUB article on the Arch Linux wiki that I contributed. As of now, just a copy.

The grub menu.lst provides for a convenient way to add a number of entries with extended kernel parameters to configure all sorts of advanced settings to enable you to quickly and conveniently boot into your existing system with varying levels of debugging output. It's very easy and useful to create several levels of debugging just by adding additional entries to your grub configuration. And if you ever have issues or problems down the road due to a power-failure or hardware failure, it can save you hours of trouble, and of course nothing can beat debugging output when it comes to learning about your system.

Useful Menu.lst Entries

If you are interested in debugging, then you deserve some grub entries for powerusers, here are a few that I like (just add to your menu.lst).

title Shutdown the Computer
halt
 
title Reboot the Computer
reboot
 
title Command Line
commandline
 
title Install GRUB to hd0 MBR
root (hd0,0)
setup (hd0)
 
title Matrix
color green/black light-green/green
 
title Scan for /boot/grub/menu.lst
find --set-root --ignore-floppies /boot/grub/menu.lst
configfile /boot/grub/menu.lst
 
title Scan for /boot/menu.lst
find --set-root --ignore-floppies /menu.lst
configfile /boot/menu.lst
 
# http://www.vortex.prodigynet.co.uk/x86test/
title    Run x86test (CPU Info)
kernel /boot/x86test_zImage.bin
#wget http://www.vortex.prodigynet.co.uk/x86test/x86test_zImage.bin
 
# http://www.memtest.org/
title    Run memtest86+ (Memory Testing)
kernel /boot/memtest86+-1.70.bin

Light Debug

A quick way to see more verbose messages on your console is to bootup your normal grub entry after appending verbose to the kernel line. This simple word added to your kernel line turns on more logging thanks to the /etc/rc.sysinit file, which at the top of the file runs:

if /bin/grep -q " verbose" /proc/cmdline; then /bin/dmesg -n 8; fi

Very simple way to get a bit more messages and debug output in your logs.

title  Arch Linux DEBUG Light
kernel /vmlinuz26 root=/dev/disk/by-label/ROOT ro rootwait verbose
initrd /kernel26.img

Medium Debug

This example menu.lst entry turns on real logging that is set by the kernel and not in an init script. Adding the debug kernel parameter to your kernel line is recognized by a lot of linux internals and enables quite a bit of debugging compared to the default.

title Arch Linux DEBUG Medium
kernel /vmlinuz26 root=/dev/disk/by-label/ROOT ro rootdelay=5 panic=10 debug
initrd /kernel26.img

Heavy Debug

An even more impressive kernel parameter is the ignore_loglevel, which causes the system to ignore any loglevel and keeps the internal loglevel at the maximum debugging level, basically rendering dmesg unable to lower the debug level.

title Arch Linux DEBUG Heavy
kernel /vmlinuz26 root=/dev/disk/by-label/ROOT ro rootdelay=5 panic=10 debug ignore_loglevel
initrd /kernel26.img

Extreme Debug

If the "Heavy Debug" seemed like a lot of output, thats about 1/2 of the logging that occurs with this example. This does a couple things, it uses the earlyprintk parameter to setup your kernel for "early" "printing" of messages to your "vga" screen. The ,keep just lets it stay on the screen longer. This will let you see logs that normally are hidden due to the boot-up process. This also changes the log buffer length to 10MB, and also instructs that any fatal signals be printed with print_fatal_signals. The last one, sched_debug, you can look up in the very excellent kernel documentation on kernel parameters.

title Arch Linux DEBUG Extreme
kernel /vmlinuz26 root=/dev/disk/by-label/ROOT ro debug ignore_loglevel log_buf_len=10M print_fatal_signals=1 LOGLEVEL=8 earlyprintk=vga,keep sched_debug
initrd /kernel26.img

Insane Debug

The first few debugging examples showed some really nice kernel parameters to turn on really verbose debugging. This kind of debugging is absolutely critical if you want to max out your system or just learn more about what is going on behind the scenes. But there is a final trick that is my favorite, it's the ability to set both environment variables, and more importantly, module parameters at boot.

As an example, here is the boot line that I am using at the moment on an older Dell Desktop, just to illustrate module parameters and environment vars.

title  Arch Linux X-256
kernel /vmlinuz26 root=/dev/disk/by-label/ROOT ro rootwait pause_on_oops=5 panic=60 i915.modeset=1 no_console_suspend ipv6.disable=1 TERM=xterm-256color quiet 5
initrd /kernel26.img

Since it's low on both memory and CPU, I disable ipv6. I also turn on kernel modesetting for the i915 video card, set my terminal to be xterm-256color, and boot straight into X. This lets me use a very optimized arch-linux configuration, amazing how fast thanks to using slim as the login manager, ratpoison as my window manager, and terminal with tmux as my login shell, all from boot, as the pstree shows (plus Synergy!).

init,1
  |-slim,3096
  |   |-X,3098 -nolisten tcp vt07 -auth /var/run/slim.auth
  |   `-ratpoison,3107,askapache
  |       |-terminal,5341 -x sh -c exec /usr/bin/tmux -2 -l -u -q attach -d -t tmux-askapache
  |       |   |-bash,11165
  |       |   |-tmux,5345 -2 -l -u -q attach -d -t tmux-askapache
  |       |   `-{terminal},5346
  |       `-xscreensaver,3113 -no-splash
  |-synergyc,6121,galileo -f --name galileo-fire --restart 10.66.66.2:26666
  |
  `-tmux,5348,askapache -2 -l -u -q attach -d -t tmux-askapache
      |-bash,5351
      |   `-ssh,9969 lug@askapache.com
      `-bash,5868
         `-vim,11149 -p sda1/grub/menu.lst /boot/grub/menu.lst

That kind of optimized system is only possible if you first can figure out your system, by debugging both the kernel as previously illustrated, debugging the init process, and most importantly, by debugging the modules enabled for your system's hardware/firmware/software. Debugging modules is challenging but worth the effort, and then you are able to do some truly insane debugging from grub like the following example, note that the actual grub entry is all on one line, but I split it into 4 lines so you could see it all. This basically turns on every module on this little Dell desktop to be at the absolute max debug level. There is so much logging when I boot this that the system grinds to a halt and is slower than a TI-89 calculator (See Improve Boot Performance).

title  Arch Linux DEBUG INSANE
kernel /vmlinuz26 root=/dev/disk/by-label/ROOT ro rootwait ignore_loglevel debug debug_locks_verbose=1 sched_debug initcall_debug mminit_loglevel=4 udev.log_priority=8
       loglevel=8 earlyprintk=vga,keep log_buf_len=10M print_fatal_signals=1 apm.debug=Y i8042.debug=Y drm.debug=1 scsi_logging_level=1 usbserial.debug=Y
       option.debug=Y pl2303.debug=Y firewire_ohci.debug=1 hid.debug=1 pci_hotplug.debug=Y pci_hotplug.debug_acpi=Y shpchp.shpchp_debug=Y apic=debug
       show_lapic=all hpet=verbose lmb=debug pause_on_oops=5 panic=10 sysrq_always_enabled
initrd /kernel26.img

A couple key items from that grub entry are sysrq_always_enabled which forces on the sysrq magic, which really is a lifesaver when debugging at this level as your machine will freeze/stop-responding sometimes and it's nice to use sysrq to kill all tasks, change the loglevel, unmount all filesystems, or do a hard reboot. Another key parameter is the initcall_debug, which debugs the init process in excruciating detail. Very useful at times. The last parametery I find very useful is the udev.log_priority=8 to turn on udev logging.

Break Into Init

For instance, If you add break=y to your kernel cmdline, init will pause early in the boot process (after loading modules) and launch an interactive sh shell which can be used for troubleshooting purposes. (Normal boot continues after logout.) This is very similar to the shell that shows up if your computer gets turned off before it is able to shutdown properly. But using this parameter lets you enter into this mode differently at will.

title  Arch Linux Init Break
kernel /vmlinuz26 root=/dev/disk/by-label/ROOT ro rootwait break=y
initrd /kernel26.img

Debugging init

This awesome parameter udev.log_priority=8 does the same thing as editing the file /etc/udev/udev.conf except it executes earlier, turning on debugging output for udev. If you want to know your hardware, that is the key parameter right there. Another trick is if you change the /etc/udev/udev.conf to be verbose, then you can make your initrd image include that file to turn on verbose udeb debugging by adding it to your {{Filename|/etc/mkinitcpio.conf} like:

FILES="/etc/modprobe.d/modprobe.conf /etc/udev/udev.conf"

, which on arch is as easy as

# mkinitcpio -p kernel26

Debugging udev is key because the initrd performs a root change at the end of its run to usually launch a program like /sbin/init as part of a chroot, and unless the new file system has a valid /dev directory, udev must be initialized before invoking chroot in order to provide /dev/console.

exec chroot . /sbin/init dev/console 2>&1

So basically, you aren't able to view the logs that are generated before /dev/console is initialized by udev or by a special initrd you compiled yourself. One method the kernel developers use to be able to still get the log messages generated before /dev/console is available is to provide an alternative console that you can enable or disable from grub.

Net Console

If you read through the kernel documentation regarding debugging, you will hear about Netconsole, which can be loaded from the kernel line in GRUB, compiled into your kernel, or loaded at runtime as a module. Having a netconsole entry in your menu.lst is most excellent for debugging slower computers like old laptops or thin-clients. It's easy to use. Just setup a 2nd computer (running arch) to accept syslog requests on a remote port, very fast and quick to do on arch-linux, 1 line to syslog.conf. Then you could use a log-color-parser like ccze to view all syslog logs, or just tail your everything.log. Then on your laptop, boot up and select the netconsole entry from the grub menu, and you will start seeing as much logging as you want on your syslog system. This logging lets you view even earlier log output than is available with the earlyprintk=vga kernel parameter, as netconsole is used by kernel hackers and developers, so it's very powerful.

title  Arch Linux DEBUG Netconsole
kernel /vmlinuz26 root=/dev/disk/by-label/ROOT ro netconsole=514@10.0.0.2/12:34:56:78:9a:bc debug ignore_loglevel
initrd /kernel26.img

Hijacking cmdline

If you do not have access to GRUB or the kernel boottime cmdline, like on a server or virtual machine, as long as you have root permissions you can still enable this kind of simplistic verbose logging using a neat hack. While you cannot modify the /proc/cmdline even as root, you can place your own cmdline file on top of /proc/cmdline, so that accessing /proc/cmdline actually accesses your file.

For example if I cat /proc/cmdline, I have the following:

root=/dev/disk/by-label/ROOT ro console=tty1 logo.nologo quiet

So I use a simple sed command to replace quiet with verbose like:

sed 's/ quiet/ verbose/' /proc/cmdline > /root/cmdline

Then I bind mount /root/cmdline so that it becomes /proc/cmdline, using the -n option to mount so that this mount won't be recorded in the systems mtab.

mount -n --bind -o ro /root/cmdline /proc/cmdline

Now if I cat /proc/cmdline, I have the following:

root=/dev/disk/by-label/ROOT ro console=tty1 logo.nologo verbose

Advanced Linux Debugging using a Bootloader (GRUB) originally appeared on AskApache.com

AskApache Password Protection 4.7 Update in 2 Weeks

AskApache — Wed, 10 Nov 2010 02:51:25 +0000

AskApache.com

I am now about 1 week away from publishing the much-anticipated 4.7 update to the AskApache Password Protection WordPress plugin. It's an upgrade I've been working on for almost 2 years (off and on)! I have been using the new version for quite some time now, and have made a lot of improvements to it, and finally I decided enough users have suffered with the old version. I am very excited for this release, it fixes all known bugs in the older versions, and brings some heavy-duty improvements to all facets of this plugin.. not to mention way better security modules (Lots more COOKIE use) based on code I use with clients.

Plugins for Practice

I wrote 3 plugins to learn the skills I knew I needed for this plugin to do what I envisioned. The first was a plugin that displayed all WP's builtin RewriteRules. The next 2 plugins helped me to learn a great about PHP and WP, so that now my plugins are PHP 4/5 compatible and use PHP classes. Just like all the other code I am into, I am finally achieving 100% E_STRICT conformance. PHP isn't tough at all once you learn the syntax.

AskApache Google 404

This is my favorite plugin. I started developing it in order to learn what I needed to know to continue developing the AskApache PassPro plugin. It's a super-stable plugin and very fast. Check it out and look at the source code if you want to get a preview of the kind of coding used on the AA PassPro 4.7 code.

I use it on every site I develop. Part of the error handling code in that plugin (HTTP Error Handling) is used in the passpro release to provide advanced HTTP 1.1 capabilities and help with the pre-setup testing. Currently it is not working 100% on this site, but the problem is because I use the development version of WP and the latest version breaks wordpress 404 usage (again scribus!).

AskApache Debug Viewer

This is my newest plugin that was created for the same reason as the AskApache 404 plugin, to figure out some things for the PassPro plugin. Mainly, to figure out the best ways to debug php, file permissions, and learn as much as I can to prevent anyone getting locked out of their site with 4.7.

One of the last bits of code I want to add to my 4.7 code, which I have been using for over a year, is super logging capabilities to debug any problems the 4.7 plugin may encounter. The latest release of the Debug Viewer, version 2.0, really has strong logging capabilities, and debugging capabilities. Of course I try to push those capabilities to the max and beyond. Currently the usability isn't the greatest, but if you are interested in debugging it is a goldmine of simple, fast, powerful debugging functions.

Everyone Who had Trouble

To those thousands who inadvertantly locked themselves out of their sites with the PassPro plugin, or even worse shut-down ther sites temporarily, I bet that even though it was annoying, or worse than annoying, you came out of it knowing more about your server, your hosting environment, and it showed you a glimpse of the problems malware face when attempting to crack into a blog protected correctly.

Although part of me knows that there is no better way to learn how to secure your site than dealing with getting locked out yourself, I went all out with making sure this version won't lock you out. Similar to the wordpress plugin bootstrap installation, this version creates a test and verifies it works in a test directory before going live. The new version has the most advanced Apache Version and Apache Module Detection every published online, well not yet.. And if you don't have apache, lighthttpd, or a similar server that supports htaccess, I'm adding a pure-php auth so you can at least still have password protection.. but you can bet I will stronly advise such a user to upgrade their hosting to a Linux+Apache host with skill.

Back to work

I've been extremely swamped at work the past 8 months working on a big project, so I only have days here and there to work on it. I know that I am free either Thursday or Fri this week, so I will have a good shot at getting a BETA release out 4.7.0 one of those days or sometime next week. If you have any ideas for the plugin, nows the time to let me know about it.. If you are a php master (I am not) and would like to help over the next 2 weeks, please email me.

AskApache Password Protection 4.7 Update in 2 Weeks originally appeared on AskApache.com

Ultimate Htaccess Part II

AskApache — Sat, 16 Oct 2010 16:11:33 +0000

AskApache.com

Here is even more information from the Ultimate Htaccess Part I. For now this is very rough and you will want to come back later to read it.

Merging Notes

The order of merging is:

(except regular expressions) and .htaccess done simultaneously (with .htaccess, if allowed, overriding )
(and )
and done simultaneously
and done simultaneously

Below is an artificial example to show the order of merging. Assuming they all apply to the request, the directives in this example will be applied in the order:

A > B > C > D > E


E


D



B



C


A

Htaccess Software

Apache HTTP Server comes with the following programs.

httpd: Apache hypertext transfer protocol server
apachectl: Apache HTTP server control interface
ab: Apache HTTP server benchmarking tool
apxs: APache eXtenSion tool
dbmmanage: Create and update user authentication files in DBM format for basic authentication
fcgistarter: Start a FastCGI program
htcacheclean: Clean up the disk cache
htdigest: Create and update user authentication files for digest authentication
htdbm: Manipulate DBM password databases.
htpasswd: Create and update user authentication files for basic authentication
httxt2dbm: Create dbm files for use with RewriteMap
logresolve: Resolve hostnames for IP-addresses in Apache logfiles
log_server_status: Periodically log the server's status
rotatelogs: Rotate Apache logs without having to kill the server
split-logfile: Split a multi-vhost logfile into per-host logfiles
suexec: Switch User For Exec

Options All
AuthType "Basic"
AuthName "Protected Access"
 
#SetEnv APPLICATION_ENV production
SetEnv APPLICATION_ENV development
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -s [OR]
 
ErrorDocument 404 /index.php
 
AddType text/html url
 
order allow,deny
allow from all
Options +ExecCGI
 
AddHandler python-program .py
PythonHandler mod_python.publisher
PythonDebug On
PythonAutoReload On
 
RewriteEngine on
RewriteRule .* - [E=HTTP_IF_MODIFIED_SINCE:%{HTTP:If-Modified-Since}]
RewriteRule .* - [E=HTTP_IF_NONE_MATCH:%{HTTP:If-None-Match}]
 
# updating tab.ser takes lots of memory
php_value memory_limit 64000000
 
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
 
php_flag magic_quotes_gpc Off
php_flag magic_quotes_runtime Off
 
# redirect moved files
RedirectMatch Permanent ^/fop/anttask(.*) http://xmlgraphics.apache.org/fop/0.20.5/anttask$1
RedirectMatch Permanent ^/fop/compiling(.*) http://xmlgraphics.apache.org/fop/0.20.5/compiling$1
RedirectMatch Permanent ^/fop/configuration(.*) http://xmlgraphics.apache.org/fop/0.20.5/configuration$1
RedirectMatch Permanent ^/fop/embedding(.*) http://xmlgraphics.apache.org/fop/0.20.5/embedding$1
 

ExpiresActive On
ExpiresDefault "access plus 52 weeks"

 
# $Id: .htaccess 1255 2003-12-21 05:30:57Z rufustfirefly $
# $Author: rufustfirefly $
#
# Since sometimes Apache isn't properly configured to view the
# proper PHP script, we do this instead, but only if PHP4 is
 


Order Allow,Deny
Allow from 127.0.0.1
RewriteEngine On
# map phocoa framework wwwroot - enabled PHOCOA Versioning
RewriteRule ^/www/framework(/[0-9\.]*)?/?(.*) /wwwroot/www/framework/$2 [L]
#enable a normal wwwroot
 
RewriteEngine on
RewriteRule Boot/(.*) Boot/$1 [QSA,L]
 
RewriteEngine on
RewriteRule ^xbl.js build/xbl.php
RewriteRule ^ie-dom.js build/ie-dom.php
 
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [QSA,L]
 
# Rewrite rules for Zend Framework
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.*) index.php/$1 [L]
 
AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "You are not welcomed here"
AuthType Basic

 
AddHandler application/x-httpd-php-source php
 
DirectoryIndex index.html index.php
AddDefaultCharset UTF-8
RewriteEngine off
# Web Optimizer options
 
ErrorDocument 404 /~george/blog/index.php
AddType application/x-httpd-php .php .rdf
 
# redirect moved files
RedirectMatch Permanent ^/fop/anttask(.*) http://xmlgraphics.apache.org/fop/0.20.5/anttask$1
RedirectMatch Permanent ^/fop/compiling(.*) http://xmlgraphics.apache.org/fop/0.20.5/compiling$1
RedirectMatch Permanent ^/fop/configuration(.*) http://xmlgraphics.apache.org/fop/0.20.5/configuration$1
RedirectMatch Permanent ^/fop/embedding(.*) http://xmlgraphics.apache.org/fop/0.20.5/embedding$1
AddHandler x-httpd-php504 .php
AddType application/x-httpd-php .html
 
RewriteEngine on
# Remember to change RewriteBase to where your site really is - for example if
# you access the site by www.somesite.com/~myname/thesite, you do as so:
# RewriteBase /~myname/thesite/
 

Order deny,allow
Deny From All

 
#
# Apache/PHP/Drupal settings:
#
# Protect files and directories from prying eyes.
 
DirectoryIndex membersite.pl
Options +ExecCGI
AddHandler cgi-script .pl
 
#AddType application/x-httpd-php .php3 .phtml .php .php4 .php5 .html .html .xml
Options -Indexes
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
 
# Comment/uncomment the lines below depending of your needs
# To deny any access to this directory
Deny from all
 

RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php/$1 [L]
 

Order allow,deny
Deny from all

 
AddHandler application/x-httpd-php5 .php5 .php4 .php .php3 .php2 .phtml
AddType application/x-httpd-php5 .php5 .php4 .php .php3 .php2 .phtml
AddHandler application/x-httpd-php5 .snow
AddType application/x-httpd-php5 .snow
AddHandler image/jpeg me
Redirect permanent /~hoge/hns-lite/i/ http://www.example.ne.jp/~hoge/hns-lite/
 
# Make index.php the default
DirectoryIndex index.php
Options -Indexes
 
# In case it's on, turn off magic quotes:
php_value magic_quotes_gpc off
# On production servers, uncomment these lines and update the path
# to a suitable log file:
 
Deny from all
Satisfy All
 
##############################
# MicroMVC Apache settings
# .htaccess v1.0.0 9/29/2007
##############################
 

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
 

DENY FROM ALL

 
RewriteEngine on
#RewriteCond %{REMOTE_HOST} ^yupi-cms*
RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
 
RewriteEngine On
RewriteBase /
# Rewrite www.domain.com to domain.com
RewriteCond %{HTTP_HOST} ^www\.(.*)
 
#
# OntoWiki requires Apache's rewrite engine to work
#

RewriteEngine Off

# Turn on URL rewriting
RewriteEngine On
 
RewriteEngine on
# Remember to change RewriteBase to where your site really is - for example if
# you access the site by www.somesite.com/~myname/thesite, you do as so:
# RewriteBase /~myname/thesite/
 
# this file is placed here to restrict the access to this directory
# for non authorized users
# Note that the AllowOverride directive (in the Apache's access.conf) must be
# set to "Limit" or "All"
 
# This folder does not require access over HTTP
Order deny,allow
Deny from all
Allow from none
 
RewriteEngine on
# Remember to change RewriteBase to where your site really is - for example if
# you access the site by www.somesite.com/~myname/thesite, you do as so:
# RewriteBase /~myname/thesite/
 
#
# Latitude .htaccess Rules
# Special thanks to Drupal for a template (http://drupal.org/)
#
 
AddHandler php5-script .php
Options +FollowSymLinks +ExecCGI

RewriteEngine On
 
Options +Indexes
IndexOptions FancyIndexing
IndexOptions +NameWidth=*
IndexOptions +DescriptionWidth=*
 
RewriteEngine off
Options -Indexes
 
############
# SECURITY #
###########################################################

Options +Indexes
IndexOptions FancyIndexing
IndexOptions +NameWidth=*
IndexOptions +DescriptionWidth=*
 
AddHandler fcgid-script .abc
#update this path according to your setup
#you can place the executable fcgishell anywhere on your server
 
AddEncoding x-compress Z
AddEncoding x-gzip gz
 
AddHandler cgi-script rb
# Send any page with a slow.html suffix with a delay
AddHandler slow-down .slow
Action slow-down @PATH_PREFIX@/cgi/send-delayed.rb
 
DirectoryIndex index.htm
AddHandler server-parsed .htm
 
# for current work

php_value memory_limit 128M
php_value max_execution_time 150
php_flag magic_quotes_gpc off
 

Deny from all

 
ErrorDocument 404 /cgi-bin/error.cgi
 
deny from all

order allow,deny
deny from all

 
Options -Indexes

RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
# General Apache options
AddHandler fastcgi-script .fcgi
AddHandler cgi-script .cgi
Options +FollowSymLinks +ExecCGI
 
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# RewriteRule !\.(js|ico|gif|jpg|png|css|txt)$ - [C]
RewriteRule (.*) http://127.0.0.1:8080/$1 [P]
 
RewriteEngine on
RewriteCond $1 !^(index\.php|images|robots\.txt)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?$1
 
Order Deny,Allow
Deny from all
#dozwoleni userzy
Allow from localhost
 
# deny access to private folders and files, start with prefix "_"

deny from all

# deny access to all executable files (.php)
 
php_flag register_globals off
php_flag magic_quotes_gpc off
php_flag short_open_tag off
php_flag allow_call_time_pass_reference off
php_flag safe_mode on
 

RewriteEngine on
RewriteBase /jblog/
RewriteCond %{REQUEST_FILENAME} !-f
 
deny from all
Satisfy all
 
#
# Apache/PHP/Drupal settings:
#
# Protect files and directories from prying eyes.
 
RewriteEngine On
RewriteRule ^(\w*)/post$ index.php?at=$1&do=post [L,QSA]
RewriteRule ^edit/(\d*)$ index.php?do=edit&to=$1 [L,QSA]
RewriteRule ^comment/(\d*)$ index.php?do=comment&to=$1 [L,QSA]

Technical Look at .htaccess

Source: Apache API notes

Per-directory configuration structures

Let's look out how all of this plays out in mod_mime.c, which defines the file typing handler which emulates the NCSA server's behavior of determining file types from suffixes. What we'll be looking at, here, is the code which implements the AddType and AddEncoding commands. These commands can appear in .htaccess files, so they must be handled in the module's private per-directory data, which in fact, consists of two separate tables for MIME types and encoding information, and is declared as follows:

table *forced_types;      /* Additional AddTyped stuff */
table *encoding_types;    /* Added with AddEncoding... */
mime_dir_config;

When the server is reading a configuration file, or section, which includes one of the MIME module's commands, it needs to create a mime_dir_config structure, so those commands have something to act on. It does this by invoking the function it finds in the module's `create per-dir config slot', with two arguments: the name of the directory to which this configuration information applies (or NULL for srm.conf), and a pointer to a resource pool in which the allocation should happen.

(If we are reading a .htaccess file, that resource pool is the per-request resource pool for the request; otherwise it is a resource pool which is used for configuration data, and cleared on restarts. Either way, it is important for the structure being created to vanish when the pool is cleared, by registering a cleanup on the pool if necessary).

For the MIME module, the per-dir config creation function just ap_pallocs the structure above, and a creates a couple of tables to fill it. That looks like this:

void *create_mime_dir_config (pool *p, char *dummy)
mime_dir_config *new = (mime_dir_config *) ap_palloc (p, sizeof(mime_dir_config));
 
new->forced_types = ap_make_table (p, 4);
new->encoding_types = ap_make_table (p, 4);

Now, suppose we've just read in a .htaccess file. We already have the per-directory configuration structure for the next directory up in the hierarchy. If the .htaccess file we just read in didn't have any AddType or AddEncoding commands, its per-directory config structure for the MIME module is still valid, and we can just use it. Otherwise, we need to merge the two structures somehow.

To do that, the server invokes the module's per-directory config merge function, if one is present. That function takes three arguments: the two structures being merged, and a resource pool in which to allocate the result. For the MIME module, all that needs to be done is overlay the tables from the new per-directory config structure with those from the parent:

void *merge_mime_dir_configs (pool *p, void *parent_dirv, void *subdirv)
mime_dir_config *parent_dir = (mime_dir_config *)parent_dirv;
mime_dir_config *subdir = (mime_dir_config *)subdirv;
mime_dir_config *new =  (mime_dir_config *)ap_palloc (p, sizeof(mime_dir_config));
new->forced_types = ap_overlay_tables (p, subdir->forced_types, parent_dir->forced_types);
new->encoding_types = ap_overlay_tables (p, subdir->encoding_types, parent_dir->encoding_types);

As a note --- if there is no per-directory merge function present, the server will just use the subdirectory's configuration info, and ignore the parent's. For some modules, that works just fine (e.g., for the includes module, whose per-directory configuration information consists solely of the state of the XBITHACK), and for those modules, you can just not declare one, and leave the corresponding structure slot in the module itself NULL.

Command handling

Now that we have these structures, we need to be able to figure out how to fill them. That involves processing the actual AddType and AddEncoding commands. To find commands, the server looks in the module's command table. That table contains information on how many arguments the commands take, and in what formats, where it is permitted, and so forth. That information is sufficient to allow the server to invoke most command-handling functions with pre-parsed arguments. Without further ado, let's look at the AddType command handler, which looks like this (the AddEncoding command looks basically the same, and won't be shown here):

char *add_type(cmd_parms *cmd, mime_dir_config *m, char *ct, char *ext)
if (*ext == '.') ++ext;
ap_table_set (m->forced_types, ext, ct);

This command handler is unusually simple. As you can see, it takes four arguments, two of which are pre-parsed arguments, the third being the per-directory configuration structure for the module in question, and the fourth being a pointer to a cmd_parms structure. That structure contains a bunch of arguments which are frequently of use to some, but not all, commands, including a resource pool (from which memory can be allocated, and to which cleanups should be tied), and the (virtual) server being configured, from which the module's per-server configuration data can be obtained if required.

Another way in which this particular command handler is unusually simple is that there are no error conditions which it can encounter. If there were, it could return an error message instead of NULL; this causes an error to be printed out on the server's stderr, followed by a quick exit, if it is in the main config files; for a .htaccess file, the syntax error is logged in the server error log (along with an indication of where it came from), and the request is bounced with a server error response (HTTP error status, code 500).

The MIME module's command table has entries for these commands, which look like this:

command_rec mime_cmds[] =
{ "AddType", add_type, NULL, OR_FILEINFO, TAKE2, "a mime type followed by a file extension" },
{ "AddEncoding", add_encoding, NULL, OR_FILEINFO, TAKE2, "an encoding (e.g., gzip), followed by a file extension" },

The entries in these tables are:

The name of the command
The function which handles it a (void *) pointer, which is passed in the cmd_parms structure to the command handler --- this is useful in case many similar commands are handled by the same function.
A bit mask indicating where the command may appear. There are mask bits corresponding to each AllowOverride option, and an additional mask bit, RSRC_CONF, indicating that the command may appear in the server's own config files, but not in any .htaccess file.
A flag indicating how many arguments the command handler wants pre-parsed, and how they should be passed in. TAKE2 indicates two pre-parsed arguments. Other options are TAKE1, which indicates one pre-parsed argument, FLAG, which indicates that the argument should be On or Off, and is passed in as a boolean flag, RAW_ARGS, which causes the server to give the command the raw, unparsed arguments (everything but the command name itself). There is also ITERATE, which means that the handler looks the same as TAKE1, but that if multiple arguments are present, it should be called multiple times, and finally ITERATE2, which indicates that the command handler looks like a TAKE2, but if more arguments are present, then it should be called multiple times, holding the first argument constant.
Finally, we have a string which describes the arguments that should be present. If the arguments in the actual config file are not as required, this string will be used to help give a more specific error message. (You can safely leave this NULL).

Finally, having set this all up, we have to use it. This is ultimately done in the module's handlers, specifically for its file-typing handler, which looks more or less like this; note that the per-directory configuration structure is extracted from the request_rec's per-directory configuration vector by using the ap_get_module_config function.

Side notes --- per-server configuration, virtual servers, etc.

The basic ideas behind per-server module configuration are basically the same as those for per-directory configuration; there is a creation function and a merge function, the latter being invoked where a virtual server has partially overridden the base server configuration, and a combined structure must be computed. (As with per-directory configuration, the default if no merge function is specified, and a module is configured in some virtual server, is that the base configuration is simply ignored).

The only substantial difference is that when a command needs to configure the per-server private module data, it needs to go to the cmd_parms data to get at it. Here's an example, from the alias module, which also indicates how a syntax error can be returned (note that the per-directory configuration argument to the command handler is declared as a dummy, since the module doesn't actually have per-directory config data):

Ultimate Htaccess Part II originally appeared on AskApache.com

Advanced Windows Batch File Scripting

AskApache — Fri, 03 Sep 2010 18:14:02 +0000

AskApache.com

First off, this is a single windows .bat file that I have written to do advanced batch scripting the easy way, meaning it's mostly a series of functions you can call from the script or within other functions for extremely modular code. Before you get all bent out of shape by my choice of words ("easy, modular"), when I say this is advanced I mean for Windows .bat files, one of the worlds worst scripting languages, but it works on all windows versions so it's ideal for things like autorun, autoplay, custom startups, usb drives, etc.. If you are looking for information on how to use and program windows .bat files to do anything cool, this is the right place! I tried my best to mimic linux shell-scripting, so it's likely different than other batch files you have seen.

Batch File IDE and Script Source

My favorite tool (and I've tried sooo many) for editing most Windows files and especially .bat files is the free and open-source Notepad++. Set that up and you will have a color-syntax-highlighted editor for Batch Scripting that works very very well.

The next thing to do is download the source code, which includes comments and formatting I had to remove for this online article. Then rename from .txt to .bat and open in your IDE/text-editor of choice.

Quick Batch File Example

This is a simple batch file named ping-check.bat that I use when rebooting remote servers. The reboot is issued from an SSH session and causes the server to go down and then come back up. When the server goes down the network goes down too so I fire this script up to continually ping the remote server until it responds, at which point I can ssh back in.

One of the first hacks for batch files is line 1, the PUSHD command cd's the scripts working environment to the directory of the script itself.

@ECHO OFF && PUSHD "%~dp0" && SETLOCAL
 
CALL :PINGCHECK "%~1"
 
nircmd.exe speak text "PING RECEIVED.  HOST BACK ONLINE" 7 60
ENDLOCAL && POPD && GOTO :EOF
 
:PINGCHECK
ECHO CHECKING %~1
ping.exe -n 1 %~1 -w 5000 | FIND /C "Reply from %~1" | FIND "1" >nul 2>&1
IF ERRORLEVEL 1 CALL :PINGCHECK "%~1" ELSE EXIT /B

Super-hero like even

Just added this as an after thought, moving the main example further down this page. This is an easier file to understand the scope of. It effectively creates SSH-encrypted SOCK5 tunnels that stay connected and auto-reconnect if the link goes down. I wanted to try and write a pure batch method to do that. I wrote this to run automatically from a USB key so that I could keep my tools with me portably. The thing of this script that is the most revolutionary is the method it uses to create auto-reconnecting SSH-encrypted SOCKS5 tunnels using the windows SYSTEM account to do it all in the background with plink.exe. The hack to run it as a system account is by using the built-in AT command to run interactively, which lets you interactively do whatever you want as the builtin NT AUTHORITY/SYSTEM account. The other part I am proud of with this is how lean I got the code, specifically how lean the function is that creates the at job to run every 5 minutes, while still doing connection-testing, all by parsing the cmd.exe processors builtin in DATE and TIME variables. Do a google search for "windows batch file date and time" and you will appreciate just how lean this sucker is.

Almost forgot, check out the ways to keep a plink.exe (putty.exe for cmd.exe) SOCKS5 tunnel hidden and safe and continuously connected to a remote server in minimal lines od code. This was a fun one to work on! Enjoy (and remember this is just the warm-up example to glance at).

@ECHO OFF && PUSHD "%~dp0" && SETLOCAL && SETLOCAL ENABLEDELAYEDEXPANSION && SETLOCAL ENABLEEXTENSIONS
 
SET _CRYPTDRIVE=%~d0\
SET PATH=%_CRYPTDRIVE%PP;%_CRYPTDRIVE%PP\bin;%PATH%
SET _PUTTYBIN=%_CRYPTDRIVE%P\PP\putty.exe
 
SET _PSERVER=solar.power.com
SET _PPORT=22
SET _PSESSION=newclean-tunnel
 
SET _ADMINUSER=admin
SET _RUNUSER=life
 
REM SAY CHECKING PLINK OUT LOUD
CALL :SPEAK "Checking Putty"
ECHO "CHECKING PUTTY"
 
REM
IF NOT EXIST "%_CRYPTDRIVE%" (
  CALL :SPEAK "Crypt Not Mounted"
  AT|FOR /F "tokens=1" %%i IN ('FIND /I "%~f0"') DO AT %%i /delete /yes >nul 2>&1
  pskill.exe -t putty >nul 2>&1
  pskill.exe -t thunderbird >nul 2>&1
  pskill.exe -t ThunderbirdPortable >nul 2>&1
  pskill.exe -t Firefox >nul 2>&1
  pskill.exe -t FirefoxPortable >nul 2>&1
  pskill.exe -t GC >nul 2>&1
  EXIT
)
 
REM CREATE AT JOB TO RUN THIS SCRIPT EVERY 5 MINUTES
CALL :CREATEATJOB
 
pslist putty >nul 2>&1
IF ERRORLEVEL 1 psexec.exe -i 0 -e -d -u %_RUNUSER% %_PUTTYBIN% -load %_PSESSION%
 
REM KILL MULTIPLE PSEXEC's
CALL :KILLDUPES "psexec.exe"
 
REM KILL MULTIPLE CMD.EXE's
CALL :KILLDUPES "cmd.exe"
 
REM REACHABLE SERVER CHECK
CALL :PINGCHECK %_PSERVER%
 
REM CHECK FOR INACTIVE PUTTY
CALL :PUTTYCHECK
 
REM CHECK PORT IS LISTENING (FOR SOCKISFIED TUNNEL)
CALL :PORTCHECK %_PPORT%
 
REM CALL :SPEAK "OK"
SLEEP 100 && ECHO "OK" && SLEEP 1 && ENDLOCAL && POPD && EXIT
 
REM =======================================================================================
REM =   SPEAK - Speak text
REM =======================================================================================
:SPEAK
nircmd.exe speak text "%~1" 5 60
ECHO "%~1"
EXIT /B
 
REM =======================================================================================
REM =   RESTARTPLINK - Sleeps for %1 number of seconds
REM =======================================================================================
:RESTARTPLINK
CALL :SPEAK "%~1 ReSTARTing Plink"
REM runas /savecred /user:admin "%_PUTTYBIN% -load %_PSESSION%"
psexec.exe -i 0 -e -d -u %_RUNUSER% %_PUTTYBIN% -load %_PSESSION%
EXIT
EXIT /B
 
REM =======================================================================================
REM =   PORTCHECK - Check that Port is being used (for tunnels)
REM =======================================================================================
:PORTCHECK
netstat.exe -n -v -a -p TCP | FIND "ESTABLISHED" | FIND ":%~1" >nul 2>&1
IF ERRORLEVEL 1 CALL :RESTARTPLINK "PORT CHECK FAILED"
EXIT /B
 
REM =======================================================================================
REM =   INACTIVEPUTTYCHECK - Check for inactive putty windows
REM =======================================================================================
:PUTTYCHECK
tasklist.exe /V /NH /FI "WINDOWTITLE eq PuTTY (inactive)" 2>nul|FIND "INFO: " >nul 2>&1
IF ERRORLEVEL 1 taskkill.exe /T /F /FI "WINDOWTITLE eq PuTTY (inactive)" >nul 2>&1
 
:: MAKE SURE ONLY 1 putty is running that is connected to the remote server
netstat.exe -n -a -o -p TCP | FIND ":%_PPORT%" | FIND /C ":%_PPORT%" | FIND "1" >nul 2>&1
IF ERRORLEVEL 1 (
  tasklist.exe /V /FO TABLE /NH /FI "IMAGENAME eq putty.exe" 2>nul | FIND /C "Running" | FIND "1" >nul 2>&1
  IF ERRORLEVEL 1 (
    REM kill all running puttys (owned by system)
    FOR /F "usebackq tokens=2 skip=2" %%p IN (`tasklist.exe /V /FO TABLE /NH /FI "IMAGENAME eq putty.exe"`) DO taskkill.exe /F /PID %%p /T >nul 2>&1
    CALL :RESTARTPLINK "EXTRA PUTTY FOUND"
  )
)
EXIT /B
 
REM =======================================================================================
REM =   PINGCHECK - PING address to make sure it is reachable
REM =======================================================================================
:PINGCHECK
PING %~1 -n 1 -w 5000 | FIND "TTL=" >nul 2>&1
IF ERRORLEVEL 1 (
  PING google.com -n 1 -w 500 | FIND "TTL=" >nul 2>&1
  IF ERRORLEVEL 1 ( CALL :SPEAK "CHECK INTERNET CONNECTION" && SLEEP 60 )
 
  PING google.com -n 1 -w 5000 | FIND "TTL=" >nul 2>&1
  IF ERRORLEVEL 1 ( CALL :SPEAK "CHECK INTERNET CONNECTION" && SLEEP 60 )
 
  PING google.com -n 1 -w 5000 | FIND "TTL=" >nul 2>&1
  IF ERRORLEVEL 1 (
    CALL :SPEAK "KILL SOCKS PROGRAMS"
  SLEEP 100
  pskill.exe -t putty >nul 2>&1
  pskill.exe -t thunderbird >nul 2>&1
  pskill.exe -t ThunderbirdPortable >nul 2>&1
  )
)
EXIT /B
 
REM =======================================================================================
REM =   KILLDUPES - kills duplicate processes, except for the one with lowest pid
REM =======================================================================================
:KILLDUPES
REM Check that more than 1 process is running
tasklist.exe /V /NH /FI "IMAGENAME eq %~1" /FI "USERNAME eq SYSTEM" 2>nul | FIND /C "K Running" | FIND "1" >nul 2>&1
IF NOT ERRORLEVEL 1 EXIT /B
 
REM Create Filename in current dir (of this script)
SET _T=%TIME: =0%&&SET _T=!_T::=-!&&SET _T=%~dp0%!_T:~0,-2!log
 
REM Create the file in the same dir as this script named for date and sorted by PID
tasklist.exe /V /NH /FI "IMAGENAME eq %~1" /FI "USERNAME eq SYSTEM" 2>nul | SORT /+29 > "%_T%"
 
REM Check that the file was created or exit
IF NOT EXIST "%_T%" ( CALL :SPEAK "FILE CREATION FAILED" && EXIT /B )
 
REM kill all the processes found except for 1, do not kill the process with the lowest pid number
FOR /F "tokens=2 skip=2" %%p IN (%_T%) DO taskkill.exe /F /PID %%p /T
 
REM erase the file
REM ERASE /Q "%_T%" >nul 2>&1
 
REM check that the file was erased
REM IF EXIST "%_T%" ( CALL :SPEAK "ERASE FILE FAILED" && EXIT /B )
 
EXIT /B
 
REM =======================================================================================
REM =   CREATEATJOB - runs job (START this file) every 5 minutes
REM =======================================================================================
:CREATEATJOB
:: delete all putty AT jobs
AT | FIND /C "%~f0" | FIND "1" >nul 2>&1
IF ERRORLEVEL 1 ( AT|FOR /F "tokens=1" %%i IN ('FIND /I "%~f0"') DO AT %%i /delete /yes >nul 2>&1 )
SET /A H=!TIME:~0,2!&& SET M=!TIME:~3,2!
SET Y=%H%:%M%&& SET /A M+=5
IF !M! GEQ 61 ( SET /A H+=1&&SET /A M-=61 )
IF !H! GEQ 24 SET /A H-=24
SET M=0!M!&& SET H=0!H!
:: create AT job
AT %H:~-2%:%M:~-2% /INTERACTIVE %ComSpec% /E:ON /D /Q /C START /B /MIN %ComSpec% /E:ON /D /Q /C "%~f0" >nul
EXIT /B

Advanced Batch File

This is the main batch file example which you can download here. Other than some minor changes this is the actual script I use at work when I logon to my PC. The first thing it does is mount an encrypted TrueCrypt Drive where all of my files and settings are located. It also starts a putty session named "1" that I configured to start a few encrypted tunnels and socks proxies so that my email Thunderbird and Website IDE Dreamweaver and other network apps can communicate 100% encrypted and my real location becomes hidden (thanks socks!).

I might come back later and add comments if I get any kind of response for this article, and because it's such a unique and low-traffic topic, I will try to answer any questions added with the comment form.

Starting the Script

The first line is of my own design and is perhaps the coolest hack in the script. I use this 1 line to start pretty much all of my .bat files.

@ECHO OFF&& SETLOCAL&& PUSHD "%~dp0"&& SETLOCAL ENABLEDELAYEDEXPANSION&& SETLOCAL ENABLEEXTENSIONS&& SET V=5&& IF NOT "!V!"=="5" (ECHO DelayedExpansion Failed&& GOTO :EOF)

SCRIPT VARIABLES

These are all local to this script thanks to the SETLOCAL above, so they won't exist outside the scripts execution environment.

REM ** Various vars for output used by functions
SET P1=^^^>^^^>^^^>
SET P2=++
SET P3=::
SET L1=+==============================================================================================================+
SET L2=+--------------------------------------------------------------------------------------------------------------+
 
REM ** administrator username, unless changed for more security, its Administrator
SET ADMINUSER=admin
 
REM ** runuser is the username you use when running this script
SET RUNUSER=bill
 
REM ** Custom COMSPEC for running cmd.exe
SET _SCOM=%COMSPEC% /E:ON /F:ON /D /Q /T:0C /C
 
REM ** Custom START command
SET _START=START /WAIT /MIN /B %_SCOM%

MAIN PROGRAM EXECUTION

This is where the main code starts, note how small it is thanks to the use of functions (labels/call/goto). Read the comments in this area (start with :: or REM ) to see the extent of this script. The gold is in the functions.

:: Only allow certain users to run this script or die (prevents global STARTup or service running it)
CALL :CHECKUSERVALID %RUNUSER% %ADMINUSER%
 
:: Mount the truecrypt container
CALL :CRYPTMOUNT "L" "%SYSTEMDRIVE%\CRYPT\LEONARDO" "%SYSTEMDRIVE%\CRYPT\LEONARDO_KEY"
 
:: Start Mozilla Firefox
CALL :RUNONE "C:\Program Files\Mozilla Firefox\firefox.exe"
 
:: Start Thunderbird Portable
CALL :RUNONE "L:\P\PP\putty.exe" "/MIN" -load 1
 
:: Start Thunderbird Portable
CALL :RUNONE "L:\P\TB\ThunderbirdPortable.exe" "/MIN"
 
:: Start Adobe Dreamweaver CS4
CALL :RUNONE "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe" "/MIN"
 
:: Start LightScreen Portable
CALL :RUNONE "L:\P\LP\LightscreenPortable.exe" /B /B
 
:: Start Google Chrome Portable ( GREAT to use for pandora/last.fm as its so low mem )
CALL :RUNONE "L:\P\GC\GC.exe" "/NORMAL"
 
:: Start Adobe Photoshop CS4
CALL :RUNONE "%ProgramFiles%\Adobe\Adobe Photoshop CS4\Photoshop.exe" "/MAX"

Exit Script

This is the last line executed in the Main, it forces the script to exit cleanly at this point, otherwise the functions below would all get executed. This is what allows the use of all the functions below. I end all my scripts MAIN with this.

REM ** EXIT Script
CALL :MDYE "EOF" && POPD && ENDLOCAL && GOTO :EOF

SCRIPT FUNCTIONS

Now then, onto the MEAT of the script, all the functions. These functions are designed for global use in other batch files, so that the only modification when you make a new batch is the above variables and main execution.. If you know much about batch files you will realize that creating these functions was a very painful process in some cases.. I freakin hate windows! Anyway, enjoy!

CRYPTMOUNT - mounts a truecrypt container and returns to CALLer. On fail, quit

REM
REM     CALL :CRYPTMOUNT "%LEONARDO%" "%LEONARDO_FILE%" "%LEONARDO_KEY%"
REM     CALL :CRYPTMOUNT "L" "%SYSTEMDRIVE%\CRYPT\LEONARDO" "%SYSTEMDRIVE%\CRYPT\LEONARDO_KEY"
REM
REM :: print the settings
REM :: CALL :MP 3 "DRIVE: %DRIVE%"&&CALL :MP 3 " FILE: %FILE%"&&CALL :MP 3 "  KEY: %KEY%"&&CALL :MP 3 "  VOL: %VOL%"

:CRYPTMOUNT
SET DRIVE=%~1&& SET FILE=%~2&& SET KEY=%~3&& SET VOL=!FILE:~0,3!
CALL :MP 1 "Mounting TrueCrypt on %DRIVE% from %FILE%"
 
:: Check for Truecrypt or die
CALL :EXISTORQUIT "%ProgramFiles%\TrueCrypt\TrueCrypt.exe" && CALL :EXISTORQUIT "%FILE%" && CALL :EXISTORQUIT "%KEY%"
 
:: checks that MOUNTVOL works and the drive containing the truecrypt container file is present or dies
MOUNTVOL %VOL% /L 2>NUL | FIND "\\?\Volume{" >NUL 2>&1
IF ERRORLEVEL 1 CALL :MDYE "%VOL% NOT FOUND"
 
REM ** Converts G:\ to its \\?\Volume{234234}\ equivalent for greater portability
FOR /F %%i IN ('MOUNTVOL %VOL% /L') DO @SET VOL=%%i%FILE:~3%
 
:: IF the drive is already mounted then continue, otherwise try to mount
MOUNTVOL %DRIVE%:\ /L >NUL 2>&1
IF NOT ERRORLEVEL 1 (
  CALL :MP 2 "%DRIVE% ALREADY MOUNTED" && EXIT /B
) ELSE (
  START "Mounting TrueCrypt" /D"%ProgramFiles%\TrueCrypt" /MIN /B TrueCrypt.exe /c n /b /q background /h n /k %KEY% /l %DRIVE% /p /v %VOL% && SLEEP 10
)
 
:: try again in case of bad password and accidental keypress
MOUNTVOL %DRIVE%:\ /L >NUL 2>&1
IF ERRORLEVEL 1 (START "Mounting TrueCrypt" /D"%ProgramFiles%\TrueCrypt" /MIN /B TrueCrypt.exe /c n /b /q background /h n /k %KEY% /l %DRIVE% /p /v %VOL% && SLEEP 10)
 
:: IF it still doesnt exist then quit
MOUNTVOL %DRIVE%:\ /L >NUL 2>&1
IF ERRORLEVEL 1 CALL :MDYE "Failed to mount %FILE% on %DRIVE%"
 
CALL :MF && ENDLOCAL && EXIT /B
EXIT /B

RUNONE - Starts one instance of executable after verifying it exists and is not already running.

REM     %~1 is location of executatable
REM     %~2 is optional (unless %~3 is used) START parameters
REM     %~3 is optional parameters for executable
REM
REM     CALL :RUNONE "L:\P\LP\LightscreenPortable.exe" "/MAX" "/HIDE"

:RUNONE
SETLOCAL
CALL :MP 1 "Starting %~n1"
 
:: SLEEP FOR NICENESS, LOCAL VARS _P2 and _P3
SLEEP 2 && SETLOCAL
 
SET P=%~1
ECHO %P%|FIND " " >NUL 2>&1
IF NOT ERRORLEVEL 1 ( PUSHD "%~dp1" && SET P=%~nx1 )
 
:: SET _P2 TO DEFAULT TO "/MIN" IF EMPTY
SET _P2=/MIN
IF NOT " %~2" == " " SET _P2=%~2
IF NOT " %~3" == " " SET _P3=%~3
IF NOT " %~4" == " " SET _P4=%~4
 
:: CHECK THAT EXECUTABLE EXISTS
CALL :EXISTORQUIT "%~1"
 
REM ECHO START %_P2% /D"%~dp1" %P% %_P3% %_P4%&& PAUSE&&
:: CHECK FOR EXISTING PROCESSNAME ( %~n1 is file name without ext, %~nx1 is the file name and extension. )
pslist.exe /e %~n1 >NUL 2>&1
IF ERRORLEVEL 1 (START %_P2% /D"%~dp1" %P% %_P3% %_P4% ) ELSE (CALL :MP 2 "%~n1 already running!" )
 
ENDLOCAL && EXIT /B

ADMINRUNONE - Runs %1 with admin rights IF neccessary

:ADMINRUNONE
CALL :MP 3 "Exec %~1 as %ADMINUSER%"
 
:: Check that file exists
CALL :EXISTORQUIT "%~1"
 
:: test for rights to the task scheduler
:: %SYSTEMDRIVE%\WINDOWS\system32\cmd.exe /E:ON /D /Q /T:0C /C START /WAIT /MIN /B %SYSTEMDRIVE%\WINDOWS\system32\cmd.exe /E:ON /D /Q /T:0C /C %~1
AT >NUL 2>&1
IF ERRORLEVEL 1 (
  RUNAS /noprofile /user:%USERDOMAIN%\%ADMINUSER% "%~1"
) ELSE (
  %COMSPEC% /E:ON /D /Q /T:0C /C "%~1"
)
SLEEP 2 && CALL :MF && EXIT /B

CHECKUSERVALID - checks that defined username equals %ADMINUSER% or %RUNUSER%, then returns to CALLer

:CHECKUSERVALID
:: EXIT IF USERNAME IS NOT DEFINED, CATCHES SYSTEM ACCOUNTS TRYING TO RUN WHEN IN GLOBAL STARTUP
IF NOT DEFINED USERNAME EXIT
 
SETLOCAL
SET UP=no
SET _P1= %~1
SET _P2= %~2
IF NOT "%_P1%" == " " ( IF /I "%~1" == "%USERNAME%" SET UP=yes)
IF NOT "%_P1%" == " " ( IF /I "%~1" == "%USERNAME%" SET UP=yes)
IF NOT "%_P1%" == " " ( IF /I "%~1" == "%USERNAME%" SET UP=yes)
IF /I "bill" == "%USERNAME%" SET UP=yes
IF /I "newbill" == "%USERNAME%" SET UP=yes
IF /I "max" == "%USERNAME%" SET UP=yes
IF /I NOT "%UP%" == "yes" EXIT
ENDLOCAL
EXIT /B

SETPROMPT - sets prompt, then returns to CALLer

REM =   [user@MACHINE] [C:\DR\PEPPER\SCRIPTS]
REM =   > REG /?

:SETPROMPT
set PROMPT=$_[%USERNAME%@%USERDOMAIN%]$S[$P]$_$M$G && EXIT /B

BEEP - beeps once, then returns to CALLer

The character after the echo is the actual BEL char, so unless you have my source file, you will need to copy a literal BEL char here to make it beep.

:BEEP
@ECHO # && EXIT /B

MSETCOLOR - SET colors for screen, then returns to CALLer

REM
REM     0 = Black       8 = Gray
REM     1 = Blue        9 = Light Blue
REM     2 = Green       A = Light Green
REM     3 = Aqua        B = Light Aqua
REM     4 = Red         C = Light Red
REM     5 = Purple      D = Light Purple
REM     6 = Yellow      E = Light Yellow
REM     7 = White       F = Bright White
REM

:MSETCOLOR
COLOR %~1 && EXIT /B

MSETCONSOLE - sets the cols and lines of current screen buffer, then returns to CALLer

:MSETCONSOLE
MODE CON COLS=%~1 LINES=%~2 && EXIT /B

PARAMTEST - tests params, then returns to CALLer

:PARAMTEST
ECHO. && CALL :MP 1 "PARAMTEST CALLED WITH: %*" && ECHO %L1%
SET _P= %~1
IF NOT "%_P%" == " " ( ECHO %%1          = %1 && ECHO %%~f1        = %~f1 && ECHO %%~d1        = %~d1 && ECHO %%~p1        = %~p1
  ECHO %%~n1        = %~n1 && ECHO %%~x1        = %~x1 && ECHO %%~s1        = %~s1 && ECHO %%~dp1       = %~dp1
  ECHO %%~nx1       = %~nx1 && ECHO %%~$PATH:1   = %~$PATH:1 && ECHO %%~dp$PATH:1 = %~dp$PATH:1 && ECHO %L1% )
SET _P= %~2
IF NOT "%_P%" == " " ( ECHO %%2          = %2 && ECHO %%~f2        = %~f2 && ECHO %%~d2        = %~d2 && ECHO %%~p2        = %~p2
  ECHO %%~n2        = %~n2 && ECHO %%~x2        = %~x2 && ECHO %%~s2        = %~s2 && ECHO %%~dp2       = %~dp2
  ECHO %%~nx2       = %~nx2 && ECHO %%~$PATH:2   = %~$PATH:2 && ECHO %%~dp$PATH:2 = %~dp$PATH:2 && ECHO %L1% )
SET _P= %~3
IF NOT "%_P%" == " " ( ECHO %%3          = %3 && ECHO %%~f3        = %~f3 && ECHO %%~d3        = %~d3 && ECHO %%~p3        = %~p3
  ECHO %%~n3        = %~n3 && ECHO %%~x3        = %~x3 && ECHO %%~s3        = %~s3 && ECHO %%~dp3       = %~dp3
  ECHO %%~nx3       = %~nx3 && ECHO %%~$PATH:3   = %~$PATH:3 && ECHO %%~dp$PATH:3 = %~dp$PATH:3 && ECHO %L1% )
SET _P= %~4
IF NOT "%_P%" == " " ( ECHO %%4          = %4 && ECHO %%~f4        = %~f4 && ECHO %%~d4        = %~d4 && ECHO %%~p4        = %~p4
  ECHO %%~n4        = %~n4 && ECHO %%~x4        = %~x4 && ECHO %%~s4        = %~s4 && ECHO %%~dp4       = %~dp4
  ECHO %%~nx4       = %~nx4 && ECHO %%~$PATH:4   = %~$PATH:4 && ECHO %%~dp$PATH:4 = %~dp$PATH:4 && ECHO %L1% )
SET _P= %~5
IF NOT "%_P%" == " " ( ECHO %%5          = %5 && ECHO %%~f5        = %~f5 && ECHO %%~d5        = %~d5 && ECHO %%~p5        = %~p5
  ECHO %%~n5        = %~n5 && ECHO %%~x5        = %~x5 && ECHO %%~s5        = %~s5 && ECHO %%~dp5       = %~dp5
  ECHO %%~nx5       = %~nx5 && ECHO %%~$PATH:5   = %~$PATH:5 && ECHO %%~dp$PATH:5 = %~dp$PATH:5 && ECHO %L1% )
SET _P= %~6
IF NOT "%_P%" == " " ( ECHO %%6          = %6 && ECHO %%~f6        = %~f6 && ECHO %%~d6        = %~d6 && ECHO %%~p6        = %~p6
  ECHO %%~n6        = %~n6 && ECHO %%~x6        = %~x6 && ECHO %%~s6        = %~s6 && ECHO %%~dp6       = %~dp6
  ECHO %%~nx6       = %~nx6 && ECHO %%~$PATH:6   = %~$PATH:6 && ECHO %%~dp$PATH:6 = %~dp$PATH:6 && ECHO %L1% )
SET _P= %~7
IF NOT "%_P%" == " " ( ECHO %%7          = %7 && ECHO %%~f7        = %~f7 && ECHO %%~d7        = %~d7 && ECHO %%~p7        = %~p7
  ECHO %%~n7        = %~n7 && ECHO %%~x7        = %~x7 && ECHO %%~s7        = %~s7 && ECHO %%~dp7       = %~dp7
  ECHO %%~nx7       = %~nx7 && ECHO %%~$PATH:7   = %~$PATH:7 && ECHO %%~dp$PATH:7 = %~dp$PATH:7 && ECHO %L1% )
SLEEP 3
CALL :MF
EXIT /B

PARAMTESTHELP - show params help, then returns to CALLer

:PARAMTESTHELP
ECHO %%~1 Expands %%1 and removes any surrounding quotation marks
ECHO %%~f1 Expands %%1 to a fully qualified path name.
ECHO %%~d1 Expands %%1 to a drive letter.
ECHO %%~p1 Expands %%1 to a path.
ECHO %%~n1 Expands %%1 to a file name.
ECHO %%~x1 Expands %%1 to a file extension.
ECHO %%~s1 Expanded path contains short names only.
ECHO %%~a1 Expands %%1 to file attributes.
ECHO %%~t1 Expands %%1 to date and time of file.
ECHO %%~z1 Expands %%1 to size of file.
ECHO %%~dp1 Expands %%1 to a drive letter and path.
ECHO %%~nx1 Expands %%1 to a file name and extension.
ECHO %%~ftza1 Expands %%1 to a dir-like output line.
ECHO %%~$PATH:1 Searches the dirs in PATH expanding %%1 to fully qualified name of first found. If var name isn't defined or the files not found, expands to empty string.
ECHO %%~dp$PATH:1 Searches the directories listed in the PATH environment variable for %%1 and expands to the drive letter and path of the first one found.
CALL :MF
EXIT /B

EXAMINEFILE - FINDs useful strings in file, then returns to CALLer

:EXAMINEFILE
CALL :MP 1 "Examine File %~1"
CALL :EXISTORQUIT "%~1"
STRINGS "%~1" | FINDSTR /R /C:"[A-Z][A-Z]\="
CALL :MF
EXIT /B

ADMINSHELL - sets prompt, then returns to CALLer

:ADMINSHELL
CALL :MP 1 "Creating Admin Shell"
CALL :EXISTORQUIT "%SYSTEMROOT%\system32\runas.exe"
START %SYSTEMROOT%\system32\runas.exe /profile /savecred /user:%ADMINUSER% "%COMSPEC% /T:0C /E:ON /F:ON /K cmd.exe /K cd C:\CRYPT\BIN"
CALL :MF
EXIT /B

EXISTORQUIT - checks %~1 exists, IF it does returns to CALLer, otherwise, quit

:EXISTORQUIT
:: CALL :MP 1 "Checking for %~1"
IF NOT EXIST "%~1" CALL :MDYE "%~1 NOT FOUND"
EXIT /B

RR - IF file %1 EXISTs then :MT "Removing %1" then :MF, then ( or IF %1 not EXISTs) returns to CALLer

:RR
CALL :MP 1 "Removing %~1"
IF EXIST "%~1" ERASE /q "%~1"
CALL :MF && EXIT /B

LOCKDOWN - locks workstation, then returns to CALLer (pointless)

:LOCKDOWN
RUNDLL32 USER32.DLL,LockWorkStation && EXIT /B

SHUTDOWNIN - initiates shutdown, then returns to CALLer (pointless)

REM shutdown /a aborts

:SHUTDOWNIN
SHUTDOWN -r -t "%~1" && EXIT /B

LISTSERVICES - lists services, then returns to CALLer

:LISTSERVICES
SC query state= all type= all | FOR /F "tokens=2" %%i IN ('FIND /I "SERVICE_NAME"') DO @ECHO %%i
SC query | FOR /F "tokens=2" %%i IN ('FIND /I "SERVICE_NAME"') DO @ECHO %%i
EXIT /B

TASKS - Advanced Tasklisting

:TASKS
SET _P=%~1
SET _PP= %~1
IF "%_PP%" == " " EXIT /B
 
REM SORTABLES
IF /I "%_P%" == "pid" ( tasklist.exe /V /NH | SORT /+29 && EXIT /B )
IF /I "%_P%" == "size" ( tasklist.exe /V /NH | SORT /+59 && EXIT /B )
IF /I "%_P%" == "user" ( tasklist.exe /V /NH | SORT /+89 && EXIT /B )
IF /I "%_P%" == "time" ( tasklist.exe /V /NH | SORT /+138 && EXIT /B )
IF /I "%_P%" == "window" ( tasklist.exe /V /NH | SORT /+152 && EXIT /B )
 
REM FILTERS
IF /I "%_P%" == "image" ( tasklist.exe /V /NH /FI "IMAGENAME eq %~2" && EXIT /B )
IF /I "%_P%" == "username" ( tasklist.exe /V /NH /FI "USERNAME eq %~2" && EXIT /B )
IF /I "%_P%" == "running" ( tasklist.exe /V /NH /FI "STATUS eq Running" && EXIT /B )
IF /I "%_P%" == "status" ( tasklist.exe /V /NH /FI "STATUS eq %~2" && EXIT /B )
CALL :MF
EXIT /B

SPEAK - Speak text

:SPEAK
REM ECHO "%~1"
nircmd.exe speak text "%~1" 5 60 && EXIT /B

MF - SLEEPs for 1 second, then prints out completed message, followed by 2 blank lines, then returns to CALLer

:MF
SLEEP 1 && ECHO  [COMPLETED] && ECHO. && ECHO. && EXIT /B

MM - prints blank line, L1, changes title of the interpreter window to %~1, prints >>> %~1..., L2, blank line, then returns to CALLer

:MM
SLEEP 1 && ECHO. && ECHO %L1% && title +++ %~1... && ECHO %P1% %~1... && ECHO %L2% && ECHO. && EXIT /B

MT - prints blank line, L1, changes title of the interpreter window to %~1, prints >>> %~1..., L2, blank line, then returns to CALLer

:MT
CALL :MM "%~1" && CALL :SPEAK "%~1" && EXIT /B

MP - Print Output, then returns to CALLer

:MP
IF "%~1" == "1" ECHO %P1% %~2 && EXIT /B
IF "%~1" == "2" ECHO %P2% %~2 && ECHO. && EXIT /B
IF "%~1" == "3" ECHO %P3% %~2 && EXIT /B
EXIT /B

MP3 - ECHO %~1, speak %~1 with nircmd.exe, then returns to CALLer

:MP3
CALL :MP 1 "%~1" && CALL :SPEAK "%~1" && EXIT /B

MDYE - exit script with message %~1, then returns to CALLer

:MDYE
SETLOCAL
SET _M= %~1
IF NOT "%_M%" == " " SET _M=REASON: %~1
CALL :MP 1 "EXITING SCRIPT...  %_M%" && ECHO. && ECHO.
ENDLOCAL && EXIT /B

MKILL - exit cmd processor with message %~1

:MKILL
SETLOCAL
SET _M= %~1
IF NOT "%_M%" == " " SET _M=REASON: %~1
ECHO. && ECHO. && CALL :MP 1 "EXITING CMD WINDOW IN 3 SECONDS...  %_M%" && ECHO. && ECHO. && SLEEP 3
ENDLOCAL && EXIT && EXIT && EXIT

EOF: Thoughts

So what did you think? I have around 20 batch scripts that utilize these and other functions to do all sorts of cool things. One takes a screenshot of my desktop every 10 minutes and saves it for a real-cool archive of my activity. Another lets me edit a boot.ini file with 1 command.. And another runs when I insert a USB drive to automatically mount a truecrypt volume and create SSH tunnels in the background by using Plink, AT, and the runas.exe command.

If you want to program, please use linux... If you need to write a Windows batch file, I hope this helps.

Advanced Windows Batch File Scripting originally appeared on AskApache.com

Debugging Tools for Windows

AskApache — Thu, 24 Jun 2010 23:43:47 +0000

AskApache.com

I am almost ready to publish the final tutorial on using ssh tunnels from a truecrypt partition on a Windows machine. Of course I choose to go way overboard in my research and the tutorial is full of some pretty awesome windows tricks.. I will come back to this post soon and post all the other advanced tools I use for debugging windows, for now though you MUST know how to debug the kernel and use these basic debugging tools.

WINDOWS NETWORKING !!!!!

Debugging Tools for Windows

Target Computer and Host Computer

Kernel-mode debugging requires a target computer and a host computer. The target computer is used to run the kernel-mode application. The host computer is used to run the debugger. The following diagram shows the typical Microsoft Windows setup that you can use to perform kernel debugging and diagnose system failures. Typical Windows debugging setup This diagram shows the typical setup. However, the current versions of KD and WinDbg (which you installed with this documentation) are flexible. KD and WinDbg can do the following

Debug a target computer that is running Windows.
Debug a target computer that is running on an x86-based platform, an Itanium-based platform, or an x64-based platform.
Can be started from a host computer that is running Windows.
Can be started from a host computer that is on an x86-based platform, an Itanium-based platform, or an x64-based platform.

The target computer and host computer do not have to use the same platform or the same version of Windows. Kernel debugging does not require specific combinations of the free or checked builds. You can debug a free system from a free or checked system, and you can debug a checked system from a free or checked system. However, typically, there is no reason for the host computer to run the slower checked build. Note If you are running the debuggers from an Itanium-based host computer, make sure that you are using the correct version of the binaries. For more information about which version of the debugger package to use, see Choosing a 32-bit or 64-bit Debugger Package.

Debugging Tools for Windows

List of Tools and Documentation

Microsoft Debugging Tools for Windows includes a number of debuggers and other tools. Some of them are described in this documentation, and others are described elsewhere. The following list briefly describes each tool and where its documentation can be found.

Debuggers

Debugging Tools for Windows includes the following debuggers. These are described throughout this documentation, and are referred to by their individual names or collectively as "the debugger":

WinDbg (Windbg.exe): A user-mode and kernel-mode debugger with a graphical interface.
KD (Kd.exe): A kernel-mode debugger with a console interface.
CDB (Cdb.exe): A user-mode debugger with a console interface.
NTSD (Ntsd.exe): A user-mode debugger with a console interface. CDB and NTSD are virtually identical. In this documentation, whenever a reference is made to "CDB", it applies to both CDB and NTSD. When these two debuggers differ, it is noted. (See CDB and NTSD for details.)

Debugging Tools for Windows - Overview

Looking for updates and drivers for your personal computer? You can use Debugging Tools for Windows to debug drivers, applications, and services on systems that are running Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows Server 2008 R2, or Windows 7. You can also use Debugging Tools for Windows to debug the operating system itself. Versions of the Debugging Tools for Windows package are available for 32-bit x86, native Intel Itanium, and native x64 platforms. The latest release of Debugging Tools for Windows is available as part of the Windows Driver Kit (WDK). Note: If you have a system with a 64-bit processor and you are debugging an application on it, you must use one of the native 64-bit packages.

Using Debugging Tools for Windows

	Download Windows Symbol Packages Symbol packages for a variety of Windows versions.
	Install Debugging Tools for Windows 32-bit Version Download page for the latest 32-bit packages.
	Install Debugging Tools for Windows 64-bit Versions Download page for the latest 64-bit packages.
	What's New for Debugging Tools for Windows
	Debugging Tools and Symbols: Getting Started Tips for using Debugging Tools for Windows, with links to presentations and papers on best practices

Debugger How-Tos

	Driver Tip: Debugging Windows Vista
	Improve Driver Debugability
	1394 Kernel Debugging Tips and Tricks [WinHEC 2004; 373 KB]
	Advanced Driver Debugging [336 KB]
	Driver Debugging Basics [WinHEC 2007; 633 KB]
	Debugging Kernel-Mode Driver Framework Drivers
	Debugging User-Mode Driver Framework Drivers Training Sessions
	Debugging Tools for Windows (MSDN)
	HOWTO: Enable Verbose Debug Tracing in Various Drivers and Subsystems (314743)
	WDK Online: Tools for Debugging Drivers

Resources

	WDK Documentation Download
	Driver Developer Community Resources
	Driver Signing Requirements for Windows
	Notes from Windows Development Teams
	Support for Developer Kits and Tools
	Driver Developer Blogs
	Windows Driver Kit (WDK) Version 7.1.0 Release Notes
	WDK Documentation on MSDN

See Also

Microsoft Application Verifier

Additional Tools and Utilities

Debugging Tools for Windows also includes the following tools and utilities:

Logger (Logger.exe and Logexts.dll): A tool and an extension DLL that record the function calls and other actions of a program. Logger is described in this documentation; see Logger and LogViewer.
LogViewer (Logviewer.exe): A tool that displays the logs created by Logger. LogViewer is described in this documentation; see Logger and LogViewer.
ADPlus (Autodump+, Adplus.vbs): A console-based Microsoft Visual Basic script that can automatically create memory dump files and log files with debug output from one or more processes. ADPlus is described in this documentation; see ADPlus.
DbgRpc (Dbgrpc.exe): A tool used to display Microsoft Remote Procedure Call (RPC) state information. DbgRpc is described in this documentation; see RPC Debugging and Using the DbgRpc Tool.
KDbgCtrl (Kernel Debugging Control, Kdbgctrl.exe): A tool that controls and configures the kernel debugging connection. KDbgCtrl is described in this documentation; see Using KDbgCtrl.
SrcSrv (Srcsrv.dll): A source server that can be used to deliver source files while debugging. SrcSrv is described in this documentation; see SrcSrv.
SymSrv (Symsrv.dll): A symbol server that the debugger can use to connect to a symbol store. SymSrv is described in this documentation; see SymSrv.
SymStore (Symstore.exe): A tool used to create a symbol store. SymSrv is described in this documentation; see Using SymStore.
SymProxy: A tool used to create a single HTTP symbol server on your network that all your debuggers can point to. This has the benefit of pointing to multiple symbol servers (both internal and external) with a single symbol path, handling all authentication, and increasing performance via symbol caching. SymProxy is described in this documentation; see SymProxy.
AgeStore (Agestore.exe): A tool that removes old entries in the downstream store of a symbol server or a source server. AgeStore is described in this documentation; see AgeStore.
DBH (Dbh.exe): A tool that displays information about the contents of a symbol file. DBH is described in this documentation; see DBH.
PDBCopy (Pdbcopy.exe): A tool that removes private symbol information from a symbol file, and controls which public symbols are included in the file. PDBCopy is described in this documentation; see PDBCopy.
DumpChk (Dump File Checking Utility, Dumpchk.exe): A tool used to validate a memory dump file. DumpChk is described in this documentation; see DumpChk.
DbgSrv (Dbgsrv.exe): A process server used for remote debugging. DbgSrv is described in this documentation; see Process Servers (User Mode).
KdSrv (Kdsrv.exe): A KD connection server used for remote debugging. KDSrv is described in this documentation; see KD Connection Servers (Kernel Mode).
DbEngPrx (Dbengprx.exe): A repeater (small proxy server) used for remote debugging. DbgSrv is described in this documentation; see Repeaters.


The Remote tool (Remote.exe): A remoting tool that can be used to remotely control any console program, including KD, CDB, and NTSD. The Remote tool is described in this documentation; see Remote Tool and Remote Debugging Through Remote.exe.
GFlags (Global Flags Editor, Gflags.exe): A tool used to control registry keys and other settings. GFlags is described in this documentation; see GFlags.
The Kill tool (Kill.exe): A tool used to terminate a process. The Kill tool is described in this documentation; see Kill Tool.
The Breakin tool (Breakin.exe): A tool used to cause a user-mode break to occur in a process. Breakin.exe is not described in this documentation. Use the breakin /? command for help with this tool.
The List tool (File List Utilit y, List.exe): List.exe is not described in this documentation. Use the list /? command for help with this tool.
TList (Task List Viewer, Tlist.exe): A tool used to list all running processes. TList is described in this documentation; see TList.
RTList (Remote Task List Viewer, Rtlist.exe): A tool used to list running processes via a DbgSrv process server. RTList is not described in this documentation. Use the rtlist /? command for help with this tool.
UMDH (User-Mode Dump Heap utility, Umdh.exe): A tool used to analyze heap allocations. UMDH is described in this documentation; see UMDH.
USBView (Universal Serial Bus Viewer, Usbview.exe): A tool used to display the USB devices connected to a computer. USBView is described in this documentation; see USBView.

If you peform a custom install of Debugging Tools for Windows and select the SDK feature and all of its subfeatures, the libraries, headers, and samples used to build debugger extensions will be installed.

Documentation

"Debugging Tools for Windows" (Debugger.chm): This is the documentation you are currently reading. It is the central documentation for Debugging Tools for Windows.
"Debug Help Library" (Dbghelp.chm): This documentation describes the DbgHelp API and the ImageHlp API, and also explains how to create your own symbol server. This is installed when you peform a custom install of Debugging Tools for Windows and select the SDK feature and its subfeatures.

Tools Outside the Debugging Tools for Windows Package

The following related tools are not part of the Debugging Tools for Windows package:

Dr. Watson (Drwtsn32.exe): A tool used for automatically creating dump files and sending error reports to Microsoft Online Crash Analysis (OCA). Dr. Watson is partially described in this documentation; see Dr. Watson. The other features of Dr. Watson are described in the help file associated with drwtsn32.exe.
Build utility (Build.exe): A compiler and linker used to build debugger extensions and other programs. The Build utility and its documentation can be found in the Windows Driver Kit, and in earlier versions of the Windows DDK.
BinPlace (Binplace.exe): A tool used to control symbol files for build products. BinPlace and its documentation can be found in the Windows Driver Kit, and in earlier versions of the Windows DDK.
Application Verifier (AppVerif.exe and !avrf): A tool used to test user-mode applications. This tool consists of two components: the AppVerif.exe utility and the !avrf extension command. All the features of Application Verifier that are debugger-related are described in Application Verifier. The other features of Application Verifier are described in the help file associated with AppVerif.exe.

Debugging Tools for Windows

WinDbg

Microsoft Windows Debugger (WinDbg) is a powerful Windows-based debugging tool. It is capable of both user-mode and kernel-mode debugging. WinDbg provides full source-level debugging for the Windows kernel, kernel-mode drivers, and system services, as well as user-mode applications and drivers. WinDbg uses the Microsoft Visual Studio debug symbol formats for source-level debugging. It can access any symbol or variable from a module that has PDB symbol files, and can access any public function's name that is exposed by modules that were compiled with COFF symbol files (such as Windows .dbg files). WinDbg can view source code, set breakpoints, view variables (including C++ objects), stack traces, and memory. Its Debugger Command window allows the user to issue a wide variety of commands. For kernel-mode debugging, WinDbg requires two machines (the host computer and the target computer). Kernel debugging is only supported on NT-based Windows operating systems. WinDbg also supports various remote debugging options for both user-mode and kernel-mode targets. WinDbg is the graphical-interface counterpart to CDB / NTSD and to KD.

Debugging Tools for Windows

Microsoft Kernel Debugger (KD) is a character-based console program that enables in-depth analysis of kernel-mode activity on all NT-based operating systems. KD can be used to debug kernel-mode programs and drivers, or to monitor the behavior of the operating system itself. KD also supports multiprocessor debugging. Typically, the KD tool will not be run on the computer being debugged. Two machines (the host computer and the target computer) are needed for kernel-mode debugging. Most KD commands cannot be targeted to specific processes or threads, as they can in CDB, NTSD, and WinDbg.

Debugging different target platforms

KD is capable of debugging a target computer which is running on an x86, Itanium, or x64 platform. The debugger will automatically detect the platform on which the target is running. You do not need to specify the target on the KD command line. The older syntax (using the name I386KD or IA64KD) is obsolete.

Debugging Tools for Windows

CDB and NTSD

CDB and NTSD are console applications which can debug user-mode programs. These two debuggers are nearly identical, except in the manner in which they are launched. This documentation will use "CDB" when referring to the capabilities of both CDB and NTSD. Except as noted, all references to CDB in this documentation apply equally to NTSD. There are a few techniques that can only work properly with CDB, or can only work properly with NTSD. These differences are documented in the appropriate sections.

CDB

Microsoft Console Debugger (CDB) is a character-based console program that enables low-level analysis of Windows user-mode memory and constructs. CDB is extremely powerful for debugging a program that is currently running or has recently crashed ("live analysis"), yet simple to set up. It can be used to investigate the behavior of a working application. In the case of a failing application, CDB can be used to obtain a stack trace or to look at the guilty parameters. It works well across a network (using a remote access server), as it is character-based. With CDB, you can display and execute program code, set breakpoints, and examine and change values in memory. CDB can analyze binary code by "disassembling" it and displaying assembly instructions. It can also analyze source code directly. Because CDB can access memory locations through addresses or global symbols, you can refer to data and instructions by name rather than by address, making it easy to locate and debug specific sections of code. You can also display disassembled machine code. CDB supports debugging multiple threads and processes. It is extensible, and can read and write both paged and non-paged memory. If the target application is itself a console application, the target will share the console window with CDB. To spawn a separate console window for a target console application, use the -2 command-line option.

NTSD

There is a variation of the CDB debugger named Microsoft NT Symbolic Debugger (NTSD). It is identical to CDB in every way, except that it spawns a new text window when it is started, whereas CDB inherits the Command Prompt window from which it was invoked. Like CDB, NTSD is fully capable of debugging both console applications and graphical Windows programs. (The name "Console Debugger" is used to indicate the fact that CDB is classified as a console application; it does not imply that the target application must be a console application.) Since the start command can also be used to spawn a new console window, the following two constructions will give the same results: start cdb parameters ntsd parameters

NTSD in the System32 Directory

Whereas CDB is only available as part of the Debugging Tools for Windows package, NTSD is available both in this package and as part of the Windows system itself. It can be found in the system32 directory of Windows. If you are planning on using the NTSD that appears in the system32 directory, there are two important facts you should be aware of:

This version of NTSD cannot be used for Remote Debugging Through the Debugger.
This version of NTSD may not match the version of the documentation you are currently reading.

To avoid these issues, it is recommended that you use only the version of NTSD or CDB that was installed as part of the Debugging Tools for Windows package.

Controlling CDB or NTSD from the Kernel Debugger

It is possible to redirect the input and output from CDB or NTSD so that it can be controlled from a kernel debugger (either KD or WinDbg). If this technique is used with CDB, the CDB window will appear but will not be useable for input and output. If this is used with NTSD, no console window will appear at all. Controlling NTSD from the kernel debugger is therefore especially useful, since it results in an extremely light-weight debugger that places almost no burden on the computer containing the target application. This combination can be used to debug system processes, shutdown, and the later stages of boot up. See Controlling the User-Mode Debugger from the Kernel Debugger for details.

Debugging Tools for Windows originally appeared on AskApache.com

Questions I Ask Web Hosting Companies, Before Buying

AskApache — Sun, 25 Apr 2010 10:15:16 +0000

AskApache.com

I'm always on the lookout for cheap hosting and great hosting companies, and being that I have done this for many years, on many platforms, and with many hosts, my only requirement is that the host uses a UNIX/BSD/LINUX operating system. I'm just not one of those people who likes to do things the hard way, constantly, if its even possible on a non-nix, or one of those people who enjoys getting hacked or my sites defaced by a cracker. So *nix is definitely a requirement. This is just a current look at the basic idea I use when looking for a web host. If you were smart you would do a whole lot more than this.

Research the People

Ok, in a web hosting company there are 5 distinct groups of people, at least generally, that you will want to get in contact with or at least do some background research on (like the owners/founders). Depending on which of these groups you talk to will determine the amount and quality of information you get, the difference is night and day. Because of my past experience with really bad hosts (DreamHost), and really great hosts (WiredTree), I am very cautious and purposeful in making this decision, so I go to great lengths to contact at least one person from each of these groups. Most good advice says to also get in touch with customers.. I don't usually need/want to do that though because most customers don't know jack. But of course I know a few of the customers because I research the hosts network block and test the speed and servers that run on their IP block.

Who / Why

Being a curious and inquisitive person by nature, I always do background research on who started the company, how they started it, and what skills they have. Knowing who the owners are and if they are real unix/network experts or just snake oil salesmen really makes a difference in this world of smoke and mirrors.

Here's my recommendation of which group to contact, in order of best to worst:

Owners/Founders - The Founders have been involved since the start of the company. Always contact.
System Admins - Programmers and System Operators who keep things running, fix problems tech support cant. Always contact.
Sales/Marketing - Both types have different motivations for what they say, and how they say it. Always contact both.
Tech Support - They make the web go round, will always know a lot about problems and issues their customers frequently experience. Always contact.
Management - These people are in charge of the day-to-day operations, overseers. Contact optional.

Questions to Ask

The following is a transcript of a chat I had with a company called tektonic, and at that time I was looking for a cheap linux host to use for some redundancy/failover operations. I generally contact a new hosting company like this every few months.. I like to have options available in case of some kind of failure or network attack, so it's always a good idea to have a few ace linux servers in your back pocket.

If you've read any other articles on AskApache, you can see a certain obsession towards optimization, speed, and security -- so that is the purpose of the following questions.

General Info
Chat start time	Apr 7, 2010 7:18:07 AM EST
Chat end time	Apr 7, 2010 8:38:52 AM EST
Duration (actual chatting time)	01:20:44
Operator	Vish

Chat Transcript

info: Please wait for a site operator to respond. You are 1 out of 1 in the queue. The average wait time is 0 minutes and 30 seconds.

info: You are now chatting with 'Vish'

Vish: Hello

AskApache: Hi vish, i was looking to purchase a planwith you guys but had some questions.. is this the right place to ask?

Vish: yeah sure

Vish: Let me know how may I assist you with ?

AskApache: what is your cheapest plan that includes ssh?

Vish: http://tektonic.net/vps.php

Vish: Linux-360

AskApache: im there..

Vish: It is cheapest plan you can have

AskApache: what does full root access mean for you guys?

AskApache: do you have swap? jailshell?

Vish: you have full access of you server .

AskApache: including network interface device access? ie.. is it possible to setup virtual nics?

Vish: Sorry we do not provide it.

Vish: hold on

Vish: Let me check

AskApache: how can i find out more about the limits of the machine for the Linux-360?

AskApache: like how many processes, fd descriptors..

Vish: You can mail us at sales department.

Vish: They will get back to you with in few hrs with your answers

Vish: You can just drop mail at sales@tektonic.net

AskApache: no thanks.

AskApache: jw if you had that info offhand.

AskApache: do you know if cpanel is optinoal?

AskApache: could it be uninstalled?

Vish: yeah

Vish: you can install or uninstall as you wish

AskApache: Thanks vish you are being very helpful... a few more..

Vish: sure

AskApache: what operating system?

Vish: Hold on ..

Vish: allow me a moment.

AskApache: please take your time

Vish: We do provide Ubantu , Centos and Debian

Vish: You can reinstall your server any time with one click

AskApache: what devices are supported in /dev ?

AskApache: do you support loop devices, ramdisk/tmpfs/swap?

Vish: One moment please..

AskApache: no rush at all, thanks

Vish: We do provide tmpfs but ramdisk and swap is not available .

Vish: All basic device are available with us optional devices like TUN is also enabled for you automatically.

AskApache: sweet

AskApache: is ipv6 supported?

Vish: It is there but we do support currently .

Vish: We are thinking to provide it in near future for our clients ;)

AskApache: good idea, people will start using it in 5years or so.. maybe

AskApache: how is the internal network segmented? vlans?

AskApache: for security..

Vish: Yeah, We do have Vlans

AskApache: security is very crucial.

Vish: You can check more info in network here network

AskApache: ok thanks brb

AskApache: do you allow kernel modules? or reloading the kernel like kexec?

Vish: a moment please.

Vish: What type kernel module you are looking for exactly ?

Vish: kexex is for fast reboot .

Vish: Is there any specific requirement ?

Vish: As we do not allow kernel modules on VPS they are not supported by virtuzzo.

AskApache: ok.. so far so good. let me think a minute.

AskApache: what kind of failovers do you have?

AskApache: like if a machine fails to reboot or goes offline

Vish: we do not provide failover services for vpses at this time. You will have power panel in hand using it you can reboot or reinstall your machine in one click. You can reach us 24*7 for live support.

AskApache: one problem that I've seen on other vps's is sometimes a vps upon reboot fails to recognize the network interface/fails to connect to the web.. When that happens we are unable to ssh into the box to fix the problem and rely on support.. is this something that would be easy/normal for your support (to have to manually login to the vps locally)

Vish: There are the possiblities for the issue so we need to check in server but you can reach us anytime for live chat and ticket system.

Vish: as you are on live chat right now ;)

AskApache: so your support does have access to the vps locally?

AskApache: in case the network is down due to vps errors

Vish: Yes, We have the access

AskApache: do you run any packet filtering on the network or is this controlled solely with the vps?

AskApache: like iptables stuff.. switch/router filtering beyond defaults..

Vish: No , we dont have packet filtering the port we block is IRC only.

AskApache: great

Vish: I'm sorry for the delay. I'll be right with you.

Vish: Is there anything else I may assist you with ?

AskApache: no problem, you've answered all my questions so far.. trying to think of anything else I'd like to know before buying..

Vish: Sure

Vish: Is there anything else I can help you with ?

AskApache: Does the Linux-360 support filesystems? what storage devices are included (usually just 1 ext2/3/4 fs for vps).. Is it possible to repartition the drive?

AskApache: Oh and the other kernel module I would love to have on a vps is fuse so that I can mount remote filesystems (such as sshfs or nbd)

Vish: We do not provide kernel modules on VPS.

AskApache: do you allow kernel compilation? (that way i can build the module statically into the kernel)

Vish: A moment please.

Vish: We do not allow kernel compilation on VPS.

AskApache: ok, thats smart security

AskApache: what about the linux-360 partitioning question?

Vish: Thanks. :)

Vish: it is tmpfs on VPS

Vish: and we dot allow repartition.

AskApache: which is ultimately mounted on.. filesystems? like could I modify an ext3 / to ext4 or reiserfs?

AskApache: expected.. ok

Vish: No, it is vzfs

AskApache: even better.

AskApache: thats what i mostly use.

Vish: great

AskApache: What vps os install images do you use? like where do you get the CentOS/Ubuntu/Debian vps images? And are they modified/customized by you guys in any way?

AskApache: Or just all defaults?

Vish: they include basic services such as httpd, sendmail

AskApache: sorry for all the q's ... I wasn't thinking that I'd actually find a good host to purchase, but so far tek is looking really good.. might go ahead within the hour.

Vish: otherwise default

Vish: We get it from parallels

Vish: Okay great.

Vish: Is there anything else I can help you with ?

AskApache: like: http://download.openvz.org/template/precreated/

AskApache: do you use templates like that..

Vish: We get it from parallels

AskApache: how many employees do you have? how many customers?

Vish: Sorry, We do not disclose this information

AskApache: thats fine..

Vish: For more you can contact sales department.

Vish: You are on technical department live chat.

AskApache: can you give me more info on what type of parallels products you utilize?

AskApache: I wouldn't last long on any other chat.. ;)

AskApache: I'm curious so if it's a template/container I haven't used before I can test it out on my own machine.

Vish: We provide power panel from parallels

AskApache: i mean like the templates/container versions you use.. I want to check that you use updated/new versions and are valid licensed.

Vish: you mean OS version ?

AskApache: basically, do you know if you use the latest available os images from parallels..

AskApache: and I will let you go with that..

info: Your chat transcript will be sent to your email at the end of your chat.

Vish: Yes , We do provide latest OS version as per requirement.

AskApache: thank you vish, you've been most helpful. I am going to do a little more digging online about you guys and will probably be back with a couple questions.. cya around, have an awesome day

Hosts used by AskApache.com

WiredTree is the main hosting company that I mainly use for this site and my business. It took me 10+ years of trial and error before I found them, you can believe I will be posting alot more about them on this site, stay tuned. I also use HostGator, and several other dependable nix hosts that are dirt cheap.

Finding A Host

I used to spend days and weeks googling for a host that wouldn't end up burning me later, oh that really sucked. Now I use a site developed by a colleague of mine, Web Hosting Search as it lets me fairly quickly find a linux host with my bare requirements. From THERE is when I start my own research. This includes email and followups on the phone, visiting wiki's, googling owners, sneaking around in customer areas, etc..

Who do you Use?

I'd love to hear about anyone's experiences with specific hosts, recommendations especially!

Questions I Ask Web Hosting Companies, Before Buying originally appeared on AskApache.com