Miscellaneous Knowledge

For the past two years, my main desktop which is designed for high performance gaming (and occasionally, work) has had hard drives running in a RAID0 array. A RAID0 array takes two hard drives and combines them to form one larger drive, it also splits the data evenly across them

RAID0 Data Striping

Image from http://en.wikipedia.org/wiki/File:RAID_0.svg

However, by using RAID0 with two drives you automatically double the chance of failure. In a simple RAID0 array, failure of one drive leaves you with exactly half your data, pieces A2, A4, A6 and A8 in the diagram. You’ve got half the data, but it’s not usable in any shape or form (imagine reading a book with every other page missing).

Now after two years, one drive has finally failed – without warning. No smart errors, nothing. For a few days before, I had been receiving I/O related bluescreens however and I should have taken this chance to backup the entire drive.

Thankfully, most of my data is stored on a local storage server, running FreeNAS. The drives in here are thankfully RAID1 – where the data is equal on both disks so if one drive fails you have an identical set of data on the second. Therefore, the only thing i’ve really lost is installed programs, easy to replace.

I’ve now ordered a new single drive (750GB Western Digital Caviar Black). I’m done with RAID0!

The Network Time Protocol is, as the name implies, a standard for syncronising time across networks. This is extremely useful as it allows all computer clocks to be syncronised to a common, correct time rather than being “around” a certain time. It’s especially useful on servers, where co-ordinating events or tracing failures needs precision and accuracy.

So how can you sync your computer with a NTP time server? It’s actually quite simple;

• Windows – Windows XP and higher already sync out of the box to time.windows.com, however time.windows.com may be very far from you and hence there is a delay in the time making it less accurate. If you want to change the server, double click the clock (XP, on Vista double click and select “Change Time and Date Settings”), then click the Internet time tab, enter the server (XP, on Vista click Change Settings) and click Update Now to sync.
• Linux – Use the command ntpdate followed by the NTP server you want to sync with

So, how do you go about choosing a better NTP source for windows and a source for linux? Enter the NTP Pool.

There are quite a few “Stratum 1″ NTP servers, which get their time directly from cesium clocks or GPS satelits, these are the most accurate sources of time available. However, if we all synced with a stratum 1 server, they would quickly be overloaded. Most people don’t need that kind of precision, so enter “Stratum 2″ servers. Stratum 2 servers NTP sync with “Stratum 1″ servers, so while they are not as exact as they are, they are only different by a few milliseconds – hadrly a problem. Hence, you should sync with a “Stratum 2″ server. But how do you find one? The NTP pool is a pool, a collection of NTP servers intended for the masses to sync with. Either use 0.pool.ntp.org as your NTP sync source, or if you want extra accuracy select your continent, then country from the right to get a server closer to you. Now you can enjoy accurate time!

However, the demands upon the NTP pool grow daily, but not it’s supply of pooled servers. If you have a server with some spare bandwidth and a static ip address that is available 24/7, donate a server to the pool. You can adjust the amount of NTP traffic you get by setting your bandwidth in the control panel, even home users can participate as long as they meet the requirements!

OpenTTD, as it’s name implies, is an open-source remake of 1995 game Transport Tycoon Deluxe. Back when I had my first computer, TTD was one of my favourite games. So what was Transport Tycoon all about? Basically, you have to build a transport network, using Trains, Planes, Trucks, Buses, Boats etc and earn as much money as possible, sounds simple but when you start building huge networks, all that can go out of the window!

OpenTTD has taken the original game, made for DOS and hence incompatible with 2000, XP and so on and re-written it completely in C. However, it dosen’t stop there – as it’s open source many enhancements have been made which hugely enhance the game experience. For example, trains are the major network tool, able to carry large amounts of cargo at high speeds. However, with large networks and large numbers of trains comes problems – signalling, platforming and so on. The original TTD only allowed for a maximun of 4 platforms at a station – hardly a huge amount when dealing with large towns or industry, signals where very basic and had little logic, no custom graphics could be added and so on.

One thing I always found lacking, even in OpenTTD however was passenger destinations – passengers would just turn up at stations and you could deliver them absolutely anywhere, giving you no incentive to link up every town. This is in stark constrast to the real world (I presume!) where people have all different destinations, and may need to take several modes of transport to reach their final destination. Again however, the open source nature of OpenTTD trumphs again – a Passengers & Cargo destinations version of OpenTTD is in developement, and once complete will be merged into the main version of the game. This adds another dimension to the game, ensuring that certain key routes are not overloaded which can often be an interesting problem to solve.

If you’re looking for an interesting game, which runs on pretty much anything and will keep you entertained and thinking then go give OpenTTD a try. The only restriction is that you will require the graphics from the original TTD, which can’t be distributed for legal reasons, however they are easily found with a bit of searching.

On my cPanel server, I noticed that users where being given the incorrect FQDN (Fully Qualified Domain Name, e.g example.com) for mail.root as the SSL address for the mail server. This is odd, since there is no where to actually configure the SSL host address. After a bit of poking around, it seems it sets the address based upon the address of your SSL cert. In my case, I was using a Wildcard SSL certificate from CACert (free SSL certificates). However, as the certificate was a wildcard certificate, it had no idea what the actual FQDN you wanted was! After purchasing a cheap RapidSSL cert for £10 and installing it, the SSL Host FQDN displayed correctly for users. Plus they won’t get any certificate warnings any more!

I somehow broke the default WordPress theme, so I decided to install a new one rather than fix it. Enjoy!

SuPHP is an option during compiling PHP to run all scripts under the owner of the folder. Traditionally on shared hosting accounts, PHP scripts are run as “nobody” to prevent them from causing havoc with the system. However, this still leaves a few vulnerabilities where a PHP script from one user might be able to access other user’s files. By running the script as the owner, the Linux user permissions system is correctly invoked – users can only edit and effect their own files.

However, having recently recompiled PHP and Apache on cPanel to enable suexec support, I came across a problem where pages would give an internal server error (Error 500). This was caused by one of the following;

• php_flag in .htaccess
• php_value in .htaccess
• Permissions on PHP scripts not set to 644
• Permissions on public_html folder not set to 771

Due to the nature of suexec, php_flag and php_value will not work! Instead you need to set suPHP_ConfigPath in your htaccess to the path where your own php.ini can be found (Note, this is just the path to php.ini, not the full location of php.ini).

suexec will also not execute any scripts with insecure permissions, such as 777. Set all PHP scripts to 644.

Once you’ve taken into account these issues, your PHP should be running in a more secure fashion. Under cPanel/WHM you can enable suphp by going to the EasyApache option which will recompile PHP and Apache – this is not a task to be taken lightly ensure you know what you are doing before, during and after using EasyApache to recompile PHP and Apache. If after recompiling you encounter errors caused by the above you can temporarily set the PHP handler to dao on cPanel instead of suphp.