Tomasz Korwel
programmer, administrator, engineer - my everyday fights with reality

Standard way how Debian is logging things always made me crazy. Why the hell this daemon is logging everything 5 times? Why do I have to see mail logs in syslog file? Anyway, I started to look for some better solution and at one point I came on article describing installation and configuration if the standard syslogd replacement: syslog-ng. I decided to give it a try.

As the whole process is almost trivial I’ll put here only couple info

First - syslog-ng configuration file

The file is under /etc/syslog-ng/syslog-ng.conf

#
# Configuration file for syslog-ng under Debian
#

# the standard syslog levels are (in descending order of priority):
# emerg alert crit err warning notice info debug
# the aliases “error”, “panic”, and “warn” are deprecated
# the “none” priority found in the original syslogd configuration is
# only used in internal messages created by syslogd

######
# options

options {
chain_hostnames(0);
time_reopen(10);
time_reap(360);
sync(5);
log_fifo_size(2048);
create_dirs(yes);
owner(root);
group(root);
perm(0640);
#dir_owner(root);
#dir_group(root);
dir_perm(0755);
use_dns(no);
#log_msg_size(2048);
stats_freq(0);
};

######
# sources

source int { internal(); };
source main { unix-stream(”/dev/log”); };
source kernel { file(”/proc/kmsg” log_prefix(”kernel: “)); };

######
# destinations

destination mail { file(”/var/log/mail.log”); };
destination kernel { file(”/var/log/kernel.log”); };
destination messages { file(”/var/log/messages”); };
destination sshd { file(”/var/log/ssh.log”); };

######
# filters
filter mail { facility(mail); };
filter sshd { program(”ssh”); };

######
# logs
# order matters if you use “flags(final);” to mark the end of processing in a
# “log” statement

# these rules provide the same behavior as the commented original syslogd rules

log { source(kernel); destination(kernel); };
log { source(main); filter(sshd); destination(sshd); flags(final); };
log { source(main); filter(mail); destination(mail); flags(final); };
log { source(main); source(int); destination(messages); };

Little explanation:

• Sources - defines sorce of incomming lg message. To be honest I didn’t dig deeper about meanings of every line there - it works.
• Destinations - the name says it all - places (not only files) where messages ends.
• Filters - again - rules allowing you to filter some messages out
• Logs - the actual place where something happens. You decide here, from which source, with which filter applied to which destination message goes. Simply, clean and effective.

Second - logrotate script

As you may noticed as an output we have 4 files. I personally preferr to save them for a little longer. So my logrotate file for syslog looks like:

/var/log/ssh.log {
rotate 52
weekly
missingok
notifempty
compress
}

/var/log/kernel.log {
rotate 52
weekly
missingok
notifempty
compress
}

/var/log/mail.log {
rotate 52
weekly
missingok
notifempty
compress
}

/var/log/messages {
rotate 52
weekly
missingok
notifempty
compress
postrotate
/etc/init.d/syslog-ng reload >/dev/null
endscript
}

Please notice the postrotate part at the end of the file. It forces syslog-ng to writo to the new files.

Third - logcheck

Why would we need to have nicely divided logs without automated monitoring - here comes the logcheck. Here the only worth to mention change is a list of monitored files:

comp# cat /etc/logcheck/logcheck.logfiles
# these files will be checked by logcheck
# This has been tuned towards a default syslog install
/var/log/mesages
/var/log/kernel.log
/var/log/ssh.log
/var/log/mail.log
/var/log/auth.log

Don’t forget to teach your antispam filter to accept logcheck’s reports!

Technorati Tags: Debian, syslog-ng, logrotate, logcheck

I’m writing this post after recently having some problems with Indian programmers hired by my client to be my coworkers. My filings were so bad that I started to ask my Indian friends what do they think about their countrymen. Things I have heard made my hair gray instantly. Here are two examples what you can expect.

Fake experience

Sandhya (one of my Indian friends) said that about 70% of Indian programmers put a lot of fake experience in their resumes. So when you came to the point of reviewing ones:

• sum the years of experience. If it turns out that the guy started to work as a programmer when he was 8 years old, the big red lamp should go off in your head. Off course it is possible that he was working for couple companies at the same time - but it also isn’t good forecast of good cooperation.
• Always, I repeat always, check that experience with their employers. 5 minutes spent on a phone call can save you a lot of nerves in the future.
• Ask about examples of their work. They usually are very cooperative and show you a lot of code. I won’t tell you how the good code should look like - if you have any good programmer you know - compare the styles.

Switching people during phone interview

So you think you are smart, because you called him and from what he told he it looks like he is a good programmer? Are you sure that you were talking with the person you want to hire?

And finally remember the golden rule:

Only poor people can afford cheap things.

Technorati Tags: Indian programmers, bad, Fake

As I said before - I can’t imagine working without Zend Studio now. So I decided to install server part of the package on one of my Debian powered servers.

So here we go. First we have to download correct package. As you can see on Zend’s site you have wide choice of versions:

-r– 1 25335043 Jan 15 17:20 ZendStudioServer-5.1.0a-Windows-i386.exe
-r– 1 23302044 Jan 15 17:21 ZendStudioServer-5.1.0a-darwin7.8-ppc.tar.gz
-r– 1 21371695 Jan 15 17:23 ZendStudioServer-5.1.0a-freebsd5.4-i386.tar.gz
-r– 1 22451335 Jan 15 17:21 ZendStudioServer-5.1.0a-linux-glibc21-i386.tar.gz
-r– 1 24682987 Jan 15 17:21 ZendStudioServer-5.1.0a-linux-glibc23-x86_64.tar.gz
-r– 1 23703327 Jan 15 17:21 ZendStudioServer-5.1.0a-sunos5.8-sparc.tar.gz

So I downloaded one

comp# wget -c http://downloads…..-glibc21-i386.tar.gz

and then as the README file says

comp# cd ZendStudioServer-5.1.0a-linux-glibc21-i386
comp# ./install-tty

All ther rest of the process was quick and easy with one note: when the instalator was looking for a php.ini fond one in /usr/lib directory.

Trying to determine the version of PHP.
Please wait… (this may take a few seconds)

Detecting … \ [100%]

Confirm the location of your php.ini file [/usr/local/lib]: /etc/php5/apache

So remember to make sure which php.ini is your Apache using and ajust that path accordingly. If you are not sure - call the phpinfo() function on any of your sites and check. It can save your day :-)

Technorati Tags: Zend Studio, Debian, linux

I think almost all programmers, and web developers aren’t any different kind of them, come at one point to the situation when they have to build their work environment. From what you can see on various web sites usually they divide into two groups:

• Vim advocates
• IDE fans

I have to admit that for a long time I belonged to the first part - I was using basic text editor, all I needed was syntax coloring and ftp features. Then one day I started to work for Foothold and they wanted me to use Zend Studio. They even were so generous that they provided the license at no cost to me :-).

At the beginning it was pretty hard to get used to that system. It was written in Java. As you know the only advantage of Java (especially on slower machines) is it’s cross-platform nature. It took me almost three months to finally get all thing working, including the finally bought secondary monitor and faster computer with more RAM (if you don’t have at least 768MB it will freeze from time to time). But now the work is almost a pleasure.

More - I can’t imagine developing ANY more complicated site (like CMS or mentioned above A.W.A.R.D.S system) without the variable watchers, breakpoints, step by step debugging.

It’s like Polish way of driving cars - everybody prefer stick shift until they actually try the automatic one.

Technorati Tags: IDE, text editor, Foothold, Zend Studio

Recently I have the questionable pleasure to work with some Indian programmers who were hired to help our team with getting thing wrapped up before deadlines. I won’t describe results, but will throw some thoughts about Indian programmers.

Indian programmers are proud. They are so proud the even the smallest suggestion that they are doing something wrong sounds to them as huge affront.

Indian programmers have perfect memory. They can remember every single line of the code they ever wrote so there is no need to write documentation or even comments in the code.

Indian programmers work is faultless. If something does not work it’s for sure because of that stupid Polish programmer who dares to tell them what they should do.

And last but not least. They are childish.

There is though one big advantage - they are cheap.

As usually - the choice is yours.

Disclaimer: I have nothing in general against Indian people - I know many of them and they are ok. All except the programmers.