24. July 2014

couriertls: /etc/courier/esmtpd.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line

After upgrade of Linux distribution Courier stopped to accept emails delivered over TLS or SSL.

There was just nice error message in the log file:

couriertls: /etc/courier/esmtpd.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line

Long story short. The problem was in pem file.

Previous versions of Courier-SSL were able to read files with Windows EOL. The new version is failing with this nice error.

Solution is simple: get rid of Windos EOL.

You can use e.g. dos2unix

dos2unix esmptd.pem

Restart services and everything will work 🙂

10. April 2014

Debian Heartbleed openssl bug remains even after upgrade of openssl package

If you’re using Debian and you want to get rid of Hearbleed bug then it’s not sufficient to upgrade openssl package.

The really important package is libssl1.0.0:

apt-get install libssl1.0.0

It will restart all services which depends on this package.

4. April 2014

Debian – Tomcat 7 is not serving https after upgrade

I made upgrade of Tomcat7 server on Linux Debian.

Tomcat stopped serving https. Port was open, no strange message in log, but it was not possible to connect from browser.

Here is configuration of https connector:

Connector port="8443" SSLEnabled="true" 
 protocol="org.apache.coyote.http11.Http11Protocol"
 maxThreads="150" scheme="https" secure="true"
 clientAuth="false" sslProtocol="TLSv1"

Long story short. Old version of Tomcat7 was using keystore from file /etc/tomcat7/keystore, but new version expects /etc/tomcat7/keystore.jks.

Simple fix:

cd /etc/tomcat7
ln -s keystore keystore.jks

Restart Tomcat. 🙂

22. March 2014

Kivy – buildozer android debug failed with libstdc++.so.6: cannot open shared object file

Kivy is awesome library for developing GUI applications in Python.

It’s possible to build same application for desktop, Android or iOS. It’s something like Cordova/PhoneGap for JavaScript.

I was following Kivy crash course 2: Building an android apk tutorial recorded by Alexander Taylor.

I was trying to build application on Linux Debian for Android:

buildozer android debug

Build failed with quite strange message:

[mergemanifest] Manifest merger disabled. Using project manifest only.
     [echo] Handling aidl files...
     [aidl] Found 1 AIDL files.
     [aidl] Compiling 1 AIDL files.
     [aidl] /home/georgik/.buildozer/android/platform/android-sdk-21/platform-tools/aidl: error while loading shared libraries: libstdc++.so.6: cannot open shared object file: No such file or directory

BUILD FAILED

assets/private.mp3: /home/georgik/idea/kivytest/.buildozer/android/app/sitecustomize.pyo
Traceback (most recent call last):
  File "build.py", line 431, in 
    make_package(args)
  File "build.py", line 346, in make_package
    subprocess.check_call([ANT, arg])
  File "/usr/lib/python2.7/subprocess.py", line 540, in check_call
    raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['ant', 'debug']' returned non-zero exit status 1

The reason of this problem is not so obvious.

My operating system is 64bit, but Android build system requires 32 bit version of stdc++ library.

Fix is very easy. Just install lib32stdc++6 package 🙂

apt-get install lib32stdc++6

If build is still failing, because of other missing libraries, then you can use online Debian package search to find missing dependencies: https://www.debian.org/distrib/packages

Other missing 32bit libraries are often libz, libncurses5:

apt-get install lib32z1 lib32ncurses5

17. December 2013

Debian – upgrade from Apache 2.2 to 2.4 – Starting web server: apache2 failed!

Debian maintainers changed default Apache from version 2.2 to 2.4. Not a big deal?

I was just upgrading one package and it had dependency on whole new Apache. I said yes to upgrade, because I had no bigger issues with Apache upgrade in past.

Wohoo. This upgrade was very funny, because Apache 2.4 was not able to start due to conflicting configurations. The coolest part was that Subversion stopped working, but that’s different story.

The problematic part was that Apache failed to start with nice message:

[FAIL] Starting web server: apache2 failed!
[warn] The apache2 instance did not start within 20 seconds. Please read the log files to discover problems ... (warning)

I checked the log file /var/log/apache2/error.log, but there was no hint what went wrong.

Apache was working even though startup script reported error. 🙂

After a while I found that there were some important changes in /etc/apache2/apache2.conf. I compared this file with /etc/apache2/apache2.conf.dpkg.dist.

It was necessary to update following lines in apache2.conf:

Mutex file:${APACHE_LOCK_DIR} default
PidFile ${APACHE_PID_FILE}
#LockFile /var/lock/apache2/accept.lock - disable this, old value

Then it was possible to start Apache without problem:

[ ok ] Restarting web server: apache2.
  • Where is the fish?

  • Translations

  • Further info

  • Twitter

    Follow @jurajmichalek on twitter.

  • Comments

  • Tags

  • Topics