Friday, June 13, 2008

Apache Security

When hosting an Apache web server for very concerned customers, authentication, authorization, and access control can all flood in the way. Some may even ask for host-based methods. Just keep in mind that Apache has its own way for them all, including where to write logs. Don't go mess with usual files like /etc/hosts, /etc/hosts.allow, /etc/hosts.deny, or /var/log/messages. Unless, of course, your boss told you to.

Tuesday, June 3, 2008

MySQL in Non-standard Locations

Sometimes one ends up with a machine containing multiple MySQL installations, and no clue how and why it happened in the first place. Besides normal which password to use for which server confusions, it also requires some attention when installing packages like Perl DBD-mysql module. Be sure to specify the correct -I and -L paths at "perl Makefile.PL" step of the installation.

For example:
perl Makefile.PL --cflags="-I/usr/local/mysql/include -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -fno-strict-aliasing -fwrapv" --libs="-L/usr/local/mysql/lib -lmysqlclient -lz -lcrypt -lnsl -lm -L/usr/lib64 -lssl -lcrypto"


A Perl DBI client connection string can specify the non-standard socket location like this:
"DBI:mysql:mydb:localhost:mysql_socket=/tmp/mysql.sock"