uudruid74

Time for another STUPID Admin Trick ... running a CGI on Nginx / Tengine ! There are plenty of ways to do it, most involve installing a wrapper around the fastCGI interface. However, I already have FPM installed, and figured that PHP could execute a program, so why not wrap a PHP wrapper? I would NOT recommend this for production use as there is probably more than one security issue, compatibility issue, or whatever. Then again, you aren't using CGI for production system's anyway, right? First a bit of magic in your server { } section of your web server config file : location ~ ^/cgi-bin(.*)$ { gzip off; include /etc/tengine/fastcgi.conf; fastcgi_split_path_info ^/cgi-bin/(.*cgi)(.*)$; fastcgi_param CGI_FILENAME $fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root/cgi-bin.php; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; } Now, you need a wrapper called cgi-bin.php (in server root): <?php $scriptname = "{$_SERVER['DOCUMENT_ROOT']}/cgi-bin/{$_SERVER['SCRIPT_NAME']}"; if (array_key_exists('HTTP_REFERER',$_SERVER)) { putenv ("HTTP_REFERER={$_SERVER['HTTP_REFERER']}"); } putenv("DOCUMENT_ROOT={$_SERVER['DOCUMENT_ROOT']}"); putenv("QUERY_STRING={$_SERVER['QUERY_STRING']}"); putenv("REMOTE_ADDR={$_SERVER['REMOTE_ADDR']}"); putenv("REMOTE_PORT={$_SERVER['REMOTE_PORT']}"); if (array_key_exists('REMOTE_USER',$_SERVER)) { putenv("REMOTE_USER={$_SERVER['REMOTE_USER']}"); } putenv("REQUEST_METHOD={$_SERVER['REQUEST_METHOD']}"); putenv("REQUEST_URI={$_SERVER['REQUEST_URI']}"); putenv("SCRIPT_FILENAME=$scriptname"); putenv("SCRIPT_NAME={$_SERVER['SCRIPT_NAME']}"); if (array_key_exists('PATH_INFO',$_SERVER)) { putenv("PATH_INFO={$_SERVER['PATH_INFO']}"); } $output = shell_exec ($scriptname); echo preg_replace('/^.+\n/', '', $output); ?> Now, assuming you have a /cgi-bin directory, you can run scripts like this /cgi-bin/mycgi.cgi?h=45&y=6 or whatever. The script must be executable and must end in cgi and must be in the /cgi-bin directory. I'm no PHP programmer, and new to Tengine/Nginx (using Apache too long), so if you are shaking your head at some of the above hackery, feel free to correct it! I'm sure its pretty bad, but I couldn't find any examples online that did anything like it. Have fun.

I would, but its not there. Its nearly empty. Ah ... its in /var/src/distfiles!! Here you go: navi distfiles # md5sum tengine-2.1.0.tar.gz fb60c57c2610c6a356153613c485e4af tengine-2.1.0.tar.gz

Courier is fixed via new imap release ... unicode lib update broke the reinstall. Passenger I am giving up on. I don't use Ruby anyway and it was just going to be a toy to try out.

It works, but you are getting a 'B' rating on ssllabs.com. Weak DH key exchange parameters and support of older RC4. I recently set this up (tengine/nginx) so if you want a copy of the config file, lemme know (I get an A+, and that's with the free certificate from startssl). Took me awhile to find all the tweaks for tengine/nginx to lock everything down. Time to update the HOWTOs. In fact, getting Joomla to work with Tengine requires some magic regex that was incredibly hard to find! I added some extras to detect mobile browsers and redirect (to another domain or a directory via URL rewrite) which you can turn off via "Request Desktop Site", and this is ignored for the joomla URLs since it detects this stuff itself - it's just a regex. And the virtual mail server how-to was pretty dated as well. Whats the procedure for updating these? I might go ahead and take a stab at it.

GLXVBlank probably should be on. I think this tells the driver to wait for vblank to do updates, which will stop tearing. Tearing is a result of changing the display while the hardware is reading it, so you get half of one frame and half of another. The ATI binary drivers have all sorts of anti-tearing settings in the control panel, but I have not been able to get them to work with Gnome. Mutter uses some new Xrandr call that isn't supported by the ATI drivers. I have a couple really STRANGE problems with the radeon drivers so I'm always tempted to try the binary ones, but as long as I can't get Gnome to work, its a dead issue. If anyone has fglrx and gnome 3.16 together, I want to hear from you!

I didn't recommend Ubuntu because I'm boycotting them. Their GUI doesn't give you a way to display the apps you have installed so that you will use the search feature ... which sends your search results to Amazon! Not only does Amazon get to track you, but you get "product recommendations" on your desktop. Linux is now more commercialized than Windows! Arch may be too complicated for him. Mint could be okay - but I've not used it. Sabayon is pretty damn easy, and you can play with "emerge" after its installed. I need to get back to my Funtoo-based binary-distro-for-noobs idea someday.

Step 1 : Learn how to find your log files Step 2 : Learn how to redirect the output of a command to a file Step 3 : Learn to follow the steps people are giving you and only post what is being asked for! Don't flood the forum with useless crap like the Xorg log from the system rescue cd! Why would we need that? Once again, I think you need to go back to basics and learn basic Linux. Try Fedora or Sabayon.

Don't EVER post a picture of your monitor again EVER

And don't thank me until you see the bill I'm going to send you for my consulting fees!

s/hooting/booting/g damn Android autocorrect!

You aren't hooting the kernel you just built. You are spinning you wheels. Finish your install according to the HowTo, get grub installed, get it hooting. Then emerge your syslog and other stuff the HowTo mentions. Once you are booting native, come back and try X again.

you still didn't answer if you were hooting natively or chrooted. if the file is empty, you have other issues. Xorg always makes a log. Try running startx with output and stderr redirected to a file so you can at least see what's going on. dmesg doesn't tell me what's wrong with X.

PASTEBIN PASTEBIN PASTEBIN! Dunno who asked to look at your dmesg, but its not where you should start. As I said, Xorg.log. And WTF are you using btrfs? Basics first. Btrfs looks cool, but that's kinds advanced if you don't know if you need ACPI or not. ACPI is Advanced Configuration Power Interface. On a laptop, you want it. Desktop it would be optional and definately not related to the issue at hand. Did you Google ACPI before asking?

1 - this ain't Windows. Why did you post a link to a driver site? 2 - Is the system hooting by itself or are you still using the rescue CD and a chroot? If the latter, do the former first. ie: ditch the training wheels! 3 - Your Xorg log file will tell you what you need to know. You need to read it. You could post it, but I don't feel like reading it because... 4 - I think funtoo is the wrong distro for you. Funtoo is a meta distro and you need to learn the basics first. You need a distro where you can get started. I would recommend Sabayon since once installed, you can still use emerge to update it and start tweaking your make.conf, build your own kernels, etc. Beware: Sabayon is gentoo/systemd based. Some things will not be compatible. It will be easy though. Makes a good desktop/laptop OS.

Interesting. I never noticed that. I wonder what the plan is? I'm guessing the new features would be using control groups?

Firefox will continue to use more and more RAM as you use it. I just set it to open all current tabs on restart and then I can close it and restart it to reclaim RAM. Close firefox before letting your system suspend and it wont take so much time to resume. It will be faster to reopen it after suspend. ZRAM compresses RAM that is 'swapped out', basically it compresses it instead of swapping it by giving you a /dev/zramX set of devices to swap to. Unless you are using a cell phone (swapping to flash ia a horrible idea) then you can disregard zram.

Hmm... shouldn't evdev take care of keyboard and mouse as well? AFAIK, X should have migrated over to the newer API awhile ago. I don't even use xorg.conf files anymore. The autodetect is usually better. In fact, even my touchscreen works (nice with Gnome 3.16) and hotplugging HDMI monitors (except for audio ... I have to manually change the HDMI audio to another device via pulseaudio's control panel if I yank out the hdmi cable).

Firefox has an obvious memory leak. I think its had a leak since Netscape Navigator and no one seems to want to fix it. 20GB is absolutely ludicrous! Mine is at 14GB (I only have 8GB of actual RAM). I have less than a dozen tabs open. All the images and html on all those pages PLUS all the over head to load in the regular expression virtual machine, the javascript virtual machine, and all the node tree overhead shouldn't be THAT much. I don't think any Java is on any of these pages, so that VM shouldn't be eating RAM, although thats another one that eats RAM like its nothing. The kernel isn't at fault. And are you actually using ZSWAP compressed memory? I don't know if it would make it faster in this case (possibly), but you have to set it up in userspace too, not just in the kernel, and then its 1 zram device per CPU core due to how its designed (prevents contention).

There is always the standard Funtoo Logo ... (although this one has some slight changes from the standard - looks better on dark backgrounds, more shadows, fixed spelling of 'powered'). I'd put it on my laptop. I could put it next to my Tux "Linux Inside" computer case emblem.

UHmm ... impressive in what way? It is not dependency based and does not seem to support parallel start-up. It doesn't look like its very "intelligent" - I assume it uses plain shell scripts to configure services ... compare to Gentoo/Funtoo's OpenRC which have most of the intelligence abstracted into a library, with configuration in a separate directory. I suppose you might be able to start OpenRC with the runit init daemon, but why? My /sbin/init is 37K. Where did you read that Funtoo is changing init?

My opinion on systemd: systemd is horrible. Binary logs is a horrible idea. Restarting services is bad (if I want that, I'll use Nagios and have it actually monitored and get proper notifications and prevention of thrashing if the service can't be started). Putting everything into pid1 is bad - the main difference between pid 1 and all others is that if pid 1 dies, so does your server. As long as its external to pid 1, it can be rescued. If someone wants systemd, there are other distros (gentoo, etc). Pulseaudio ... a horrible waste of effort that should have been spent on jack. The capabilities added should have been added to jack instead. It would still be possible to merge pulseaudio and jackd, and I think Linux needs this. Having to switch between "pro" audio and a minimal "please switch the audio to another device" capability really bites. I use a laptop and for movies, I want the video player's audio going out the HDMI to the monitor and surround system, but I don't play music in surround (evil) nor do I want my mp3/flac audio to stop when the screen is shut down (lock screen powers off the screens and HDMI port), and I NEED my guitar to go through jack for the effects (USB audio device). So, each app needs to route different places. A merger of PA's API into Jackd so everything could run via jackd would be awesome. Boot speed: Actually most ebuild scripts don't require bash, just sh. Its possible to use a smaller minimal sh to boot your system, but quite a few projects assume that /bin/sh is bash, or autodetect if /bin/sh is bash on install (you'll need to re-emerge these if you switch). Considering how many bash scripts are invoked, switching the boot process to use a minimal sh instead of bloated old bash can shave quite a bit of time off your boot. Combine w/parallel start-up and you'll get most of the speed of systemd, but better reliability.

OK, I need some help understanding virtual dependencies. The Web HOW-TO says to let nginx be pulled in if you use tengine (seems horrible) since most apps don't know what tengine is. BTW ... the existing instructions are horribly managed for the mail HOW-TO. I'm going to look into cleaning that up since I finally got it all working well, but had to manually edit just about everything! Likewise, getting newer PHP functionality out of tengine/nginx took a bit of regex magic that needs to go into a HOW-TO. And there should be one for SSL as well. Thats non-trivial with the newer exploits (I now score A+ on ssllabs.com). But, shouldn't the ebuild take care of that as a virtual dependency? For example, take roundcube. I have nginx and apache masked (nginx is installed but not running since I use tengine, and I don't want apache installed or nginx to be upgraded). I did -auDNv roundcube and it wanted to pull in lighttpd as a web server! It saw that apache and nginx were masked and went to the next option. So, I looked at the roundcube ebuild and it is looking for virtual/httpd-php. OK, great. That looks correct. So I pull in that ebuild. It has an RDEPEND line that wants fpm, apache2 or cgi. Perfect! I add -t to my emerge line and it wants virtual/httpd-cgi which is what is pulling in other web servers. I think the need_httpd_cgi is at fault. Is this a bug, or is it intentional. Roundcube works fine and I have nothing CGI right now. Its all via fpm. Now, I have fpm installed. Its working just fine with tengine. Roundcube is installed and working. I was just checking to see if updates had made it into the tree. Why is it still trying to pull in a webserver? Shouldn't fpm satisfy the RDEPEND and that's it? What am I missing?

Next stupid trick, which is pertinent to Gentoo/Funtoo since you frequently may have to add to a file with >>/etc/portage/package.mask (or .use or whatever). A slight typo could kill your file. Fix this way: In .profile set -o noclobber Just please don't ask what made me think of this :(

Let's go again, this time its trying to rebuild stuff that's supposed to work. It all worked fine before! And courier-unicode is installed at the latest version. I'm doing an -auDNv courier-imap to upgrade depends before @preserved-rebuild since world failed. First line appears to be an ebuild bug?? configure: error: The Courier Unicode Library appears not to be installed. You may need to install a separate development subpackage, in addition to the main package !!! Please attach the following file when seeking support: !!! /var/tmp/portage/net-mail/courier-imap-4.16.0/work/courier-imap-4.16.0/config.log * ERROR: net-mail/courier-imap-4.16.0 failed (configure phase): * econf failed * * Call stack: * ebuild.sh, line 93: Called src_configure * environment, line 2685: Called econf '--disable-root-check' '--bindir=/usr/sbin' '--sysconfdir=/etc/courier-imap' '--libexecdir=/usr/lib64/courier-imap' '--localstatedir=/var/lib/courier-imap' '--with-authdaemonvar=/var/lib/courier-imap/authdaemon' '--enable-workarounds-for-imap-client-bugs' '--with-mailuser=mail' '--with-mailgroup=mail' '--with-fam' '--with-ipv6' '--without-gnutls' '--with-db=gdbm' * phase-helpers.sh, line 526: Called die * The specific snippet of code: * die "econf failed" * * If you need support, post the output of `emerge --info '=net-mail/courier-imap-4.16.0'`, * the complete build log and the output of `emerge -pqv '=net-mail/courier-imap-4.16.0'`. * The complete build log is located at '/var/tmp/portage/net-mail/courier-imap-4.16.0/temp/build.log'. * The ebuild environment file is located at '/var/tmp/portage/net-mail/courier-imap-4.16.0/temp/environment'. * Working directory: '/var/tmp/portage/net-mail/courier-imap-4.16.0/work/courier-imap-4.16.0' * S: '/var/tmp/portage/net-mail/courier-imap-4.16.0/work/courier-imap-4.16.0' >>> Failed to emerge net-mail/courier-imap-4.16.0, Log file: >>> '/var/tmp/portage/net-mail/courier-imap-4.16.0/temp/build.log' * Messages for package net-mail/courier-imap-4.16.0: * ERROR: net-mail/courier-imap-4.16.0 failed (configure phase): * econf failed * * Call stack: * ebuild.sh, line 93: Called src_configure * environment, line 2685: Called econf '--disable-root-check' '--bindir=/usr/sbin' '--sysconfdir=/etc/courier-imap' '--libexecdir=/usr/lib64/courier-imap' '--localstatedir=/var/lib/courier-imap' '--with-authdaemonvar=/var/lib/courier-imap/authdaemon' '--enable-workarounds-for-imap-client-bugs' '--with-mailuser=mail' '--with-mailgroup=mail' '--with-fam' '--with-ipv6' '--without-gnutls' '--with-db=gdbm' * phase-helpers.sh, line 526: Called die * The specific snippet of code: * die "econf failed" * * If you need support, post the output of `emerge --info '=net-mail/courier-imap-4.16.0'`, * the complete build log and the output of `emerge -pqv '=net-mail/courier-imap-4.16.0'`. * The complete build log is located at '/var/tmp/portage/net-mail/courier-imap-4.16.0/temp/build.log'. * The ebuild environment file is located at '/var/tmp/portage/net-mail/courier-imap-4.16.0/temp/environment'. * Working directory: '/var/tmp/portage/net-mail/courier-imap-4.16.0/work/courier-imap-4.16.0' * S: '/var/tmp/portage/net-mail/courier-imap-4.16.0/work/courier-imap-4.16.0' Trying emerge @system to see what happens. Something is borked somewhere.

Ugh ... 4 GB isn't enough ?? World fails when it hits tengine again. Trying to do @preserved-rebuild, but I don't see anything that would help a memory problem. I guess I'll have to turn on swap to a file. I don't have X or anything running that would eat up RAM. @preserved-rebuild fails building courier-imap. Adding swap is not an option.