nixCraft Linux Sys Admin Blog

Posted: 12 Feb 2008 02:28 AM CST

Yesterday, I wrote about a serious Linux kernel bug and fix. However, few readers like to know about patching running Linux kernel. Patching production kernel is a risky business. Following procedure will help you to fix the problem.

Step # 1: Make sure your product is affected

First find out if your product is affected by reported exploit. For example, vmsplice() but only affects RHEL 5.x but RHEL 4.x,3.x, and 2.1.x are not affected at all. You can always obtain this information by visiting vendors bug reporting system called bugzilla. Also make sure bug affects your architectures. For example, a bug may only affect 64 bit or 32 bit platform.

Step # 2: Apply patch

You better apply and test patch in a test environment. Please note that some vendors such as Redhat and Suse modifies or backports kernel. So it is good idea to apply patch to their kernel source code tree. Otherwise you can always grab and apply patch to latest kernel version.

Step # 3: How do I apply kernel patch?

Warning examples may crash your computer

WARNING! These instructions require having the skills of a sysadmin. Personally, I avoid recompiling any kernel unless absolutely necessary. Most our production boxes (over 1400+) are powered by mix of RHEL 4 and 5. Wrong kernel option can disable hardware or may not boot system at all. If you don’t understand the internal kernel dependencies don’t try this on a production box.

Change directory to your kernel source code:
# cd linux-2.6.xx.yy
Download and save patch file as fix.vmsplice.exploit.patch:
# cat fix.vmsplice.exploit.patch
Output:

--- a/fs/splice.c +++ b/fs/splice.c @@ -1234,7 +1234,7 @@ static int get_iovec_page_array(const struct iovec __user *iov,                 if (unlikely(!len))                         break;                 error = -EFAULT; -               if (unlikely(!base)) +               if (!access_ok(VERIFY_READ, base, len))                         break;                  /*

Now apply patch using patch command, enter:
# patch < fix.vmsplice.exploit.patch -p1
Now recompile and install Linux kernel.

I hope this quick and dirty guide will save someones time. On a related note Erek has unofficial patched RPMs for CentOS / RHEL distros.

OpenOffice Text Files That Are Larger Than 65,536 Rows Cannot Open / Imported

Posted: 12 Feb 2008 01:39 AM CST

This sucks, Open office 2.3 spreadsheet cannot open or import text files that are larger than 65,536 rows. Basically, I need 100k rows. However, it is possible to recompile OO to extend rows limitation. From the OO wiki hack page:

Well, it depends on what your goal is. For personal use you may set MAXROWCOUNT_DEFINE in sc/inc/address.hxx to a different value, multiple of 128, and recompile the application respectively the libsc680*.so and shove it under your existing installation. However, doing so implies that you don’t save to any binary file format like Excel or whatsoever, otherwise you risk loss of data. You’ll also encounter drawing layer misfits in higher row numbers, may experience performance problems, and there may be other quirks lurking. Note that it generally works for data and formulas, but otherwise is completely untested.

For the number of columns the same applies to the MAXCOLCOUNT_DEFINE in sc/inc/address.hxx, just that the value must be a multiple of 16 instead.

My text file is truncated at 65,536 and I was dumped with the following error message:

I’m going to recompile my OO. Another good option is using MySQL. However, I’m not in mood to write a php / python scripts to just create graphs and other stuff.

Ping IPv6 IP Address With ping6 Command

Posted: 12 Feb 2008 12:11 PM CST

Q. I’m unable to ping an IPv6 address. I’m getting error: ping 2001:db8::1428:57ab ping: unknown host 2001:db8::1428:57ab My network is configured for IPv6 with IP address. How do I ping an IPv6 address?

Answer to "Ping IPv6 IP Address With ping6 Command"