≡ Menu


Apache2 mod_fastcgi: Connect to External PHP via UNIX Socket or TCP/IP Port

Now, mod_fastcgi is configured and running. FastCGI supports connection via UNIX sockets or TCP/IP networking. This is useful to spread load among various backends. For example, php will be severed from and python / ruby on rails will be severed from This is only possible with mod_fastcgi.
[click to continue…]

Download of the day: OpenBSD 4.4 CD ISO Images

OpenBSD 4.4 has been released and available for download (jump to download link ) from official project website. OpenBSD is often the first to add new security tools to make it harder to break, developers have also carefully read through the programming code to check for mistakes more than once. OpenBSD is also used for protecting networking using its pf firewall.

What's new in OpenBSD 4.4

  • A new tool sysmerge(8), derived from the old mergemaster port, makes it easier to merge configuration files changes during an upgrade.
  • Fully support OpenBSD inside extended partitions on i386 and amd64.
  • During installation 'dhcp' is now the initial default answer during network configuration.
    OpenSSH 5.1
  • New experimental fingerprint ASCII art visualisation system for easier verification of remote keys. Added chroot(2) support for sshd(8).
  • Added an extended test mode (-T) to sshd(8).
  • Make ssh(1) support negation of groups in a "Match group" block.
  • Over 5205 ports, minor robustness improvements in package tools.
  • See all new features here.

OpenBSD 4.4 Download

You can grab OpenBSD ISO and boot files from the FTP server or mirror machines.

OpenBSD download: OpenBSD 4.4 CD ISO download

OpenBSD 4.4 Download Mirrors

Find out if service / server running in chrooted jail or not under Linux

Chrooted jail allows run command or service such as http / mysql / postfix with special root directory i.e. chroot changes the root directory for application. The biggest benefit is a service that is re-rooted to another directory cannot access files outside that directory. Basically you are going to set service in sandbox. Chrooting offers the following 2 benefits:

[a] Service Isolation

[b] Privilege Separation

But how do you find out if service / server is chrooted or not under Linux?

Simply run ls -ld command on /proc/MAIN-PID/root directory.

For example, find out if httpd chrooted or not:
pidof httpd


Run ls command:
ls -ld /proc/23456/root

lrwxrwxrwx 1 root root 0 Sep 10 02:52 /proc/23456/root -> /wwwdata

Find out if postfix is chrooted or not (PID 4645):
ls -ld /proc/4645/root
lrwxrwxrwx 1 root root 0 Sep 10 02:59 /proc/4645/root -> /
The PID 4645 pointing out to / (root) i.e. the root directory for application is not changed or chrooted. This is a quick and dirty way to find out if application is chrooted or not w/o opening configuration files.