Tuesday, June 29, 2010

Solved : Lock table is out of available locker entries - Yum install, yum upgrade

Recently faced a issue while installing a package using yum


[root@back ~]# yum install mod-security
rpmdb: Lock table is out of available locker entries
rpmdb: Unknown locker ID: 3077
error: db4 error(22) from db->close: Invalid argument
error: cannot open Packages index using db3 - Cannot allocate memory (12)
error: cannot open Packages database in /var/lib/rpm
Traceback (most recent call last):
File "/usr/bin/yum", line 29, in ?
yummain.main(sys.argv[1:])
File "/usr/share/yum-cli/yummain.py", line 85, in main
base.getOptionsConfig(args)
File "/usr/share/yum-cli/cli.py", line 163, in getOptionsConfig
disabled_plugins=self.optparser._splitArg(opts.disableplugins))
File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 164, in _getConfig
self._conf = config.readMainConfig(startupconf)
File "/usr/lib/python2.4/site-packages/yum/config.py", line 685, in readMainConfig
yumvars['releasever'] = _getsysver(startupconf.installroot, startupconf.distroverpkg)
File "/usr/lib/python2.4/site-packages/yum/config.py", line 752, in _getsysver
idx = ts.dbMatch('provides', distroverpkg)
TypeError: rpmdb open failed


Googling and Searching on this topic got it resolved

[root@back ~]# ll /var/lib/rpm/
Basenames __db.000 __db.002 Dirnames Group Name Providename Pubkeys Requireversion Sigmd5
Conflictname __db.001 __db.003 Filemd5s Installtid Packages Provideversion Requirename Sha1header Triggername
[root@back ~]# ll /var/lib/rpm/
Basenames __db.000 __db.002 Dirnames Group Name Providename Pubkeys Requireversion Sigmd5
Conflictname __db.001 __db.003 Filemd5s Installtid Packages Provideversion Requirename Sha1header Triggername


[root@back ~]# rm /var/lib/rpm/_db.00*
rm: cannot lstat `/var/lib/rpm/_db.00*': No such file or directory
[root@back ~]# rm /var/lib/rpm/__db.00*
rm: remove regular empty file `/var/lib/rpm/__db.000'? y
rm: remove regular file `/var/lib/rpm/__db.001'? y
rm: remove regular file `/var/lib/rpm/__db.002'? y
rm: remove regular file `/var/lib/rpm/__db.003'? y

[root@back ~]# rpm --rebuilddb


[root@back ~]# yum install mod-security
utterramblings 100% |=========================| 951 B 00:00
primary.xml.gz 100% |=========================| 22 kB 00:00
utterrambl: ################################################## 64/64
extras 100% |=========================| 2.1 kB 00:00
primary.sqlite.bz2 100% |=========================| 184 kB 00:38
updates 100% |=========================| 1.9 kB 00:00
primary.sqlite.bz2 100% |=========================| 254 kB 00:28
base 100% |=========================| 2.1 kB 00:00
primary.sqlite.bz2 100% |=========================| 1.6 MB 00:17
c5-testing 100% |=========================| 1.9 kB 00:00
addons 100% |=========================| 951 B 00:00
Setting up Install Process
Parsing package install arguments
No package mod-security available.
Nothing to do
[root@back ~]# yum install mod_security
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package mod_security.i386 0:2.5.9-1.jason.1 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
mod_security i386 2.5.9-1.jason.1 utterramblings 1.2 M

Transaction Summary
=============================================================================
Install 1 Package(s)
Update 0 Package(s)
Remove 0 Package(s)

Total download size: 1.2 M
Is this ok [y/N]: y
Downloading Packages:
(1/1): mod_security-2.5.9 100% |=========================| 1.2 MB 00:03
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 0d4306ef
Importing GPG key 0x0D4306EF "Jason Litka (http://www.jasonlitka.com) " from http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: mod_security ######################### [1/1]

Installed: mod_security.i386 0:2.5.9-1.jason.1
Complete!


This problem occurs when rpm accesses the Berkeley database files, it makes temporary locker entries within the tables while it searches for data. If you control-c your rpm processes often, this issue will occur much sooner because the locks are never cleared.

Solved Lock table is out of available locker entries - Yum install, yum upgrade

Solved : Lock table is out of available locker entries - Yum install, yum upgrade

Recently faced a issue while installing a package using yum
[root@back ~]# yum install mod-security
rpmdb: Lock table is out of available locker entries
rpmdb: Unknown locker ID: 3077
error: db4 error(22) from db->close: Invalid argument
error: cannot open Packages index using db3 - Cannot allocate memory (12)
error: cannot open Packages database in /var/lib/rpm
Traceback (most recent call last):
File "/usr/bin/yum", line 29, in ?
yummain.main(sys.argv[1:])
File "/usr/share/yum-cli/yummain.py", line 85, in main
base.getOptionsConfig(args)
File "/usr/share/yum-cli/cli.py", line 163, in getOptionsConfig
disabled_plugins=self.optparser._splitArg(opts.disableplugins))
File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 164, in _getConfig
self._conf = config.readMainConfig(startupconf)
File "/usr/lib/python2.4/site-packages/yum/config.py", line 685, in readMainConfig
yumvars['releasever'] = _getsysver(startupconf.installroot, startupconf.distroverpkg)
File "/usr/lib/python2.4/site-packages/yum/config.py", line 752, in _getsysver
idx = ts.dbMatch('provides', distroverpkg)
TypeError: rpmdb open failed

Googling and Searching on this topic got it resolved
[root@back ~]# ll /var/lib/rpm/
Basenames __db.000 __db.002 Dirnames Group Name Providename Pubkeys Requireversion Sigmd5
Conflictname __db.001 __db.003 Filemd5s Installtid Packages Provideversion Requirename Sha1header Triggername
[root@back ~]# ll /var/lib/rpm/
Basenames __db.000 __db.002 Dirnames Group Name Providename Pubkeys Requireversion Sigmd5
Conflictname __db.001 __db.003 Filemd5s Installtid Packages Provideversion Requirename Sha1header Triggername

[root@back ~]# rm /var/lib/rpm/_db.00*
rm: cannot lstat `/var/lib/rpm/_db.00*': No such file or directory
[root@back ~]# rm /var/lib/rpm/__db.00*
rm: remove regular empty file `/var/lib/rpm/__db.000'? y
rm: remove regular file `/var/lib/rpm/__db.001'? y
rm: remove regular file `/var/lib/rpm/__db.002'? y
rm: remove regular file `/var/lib/rpm/__db.003'? y

[root@back ~]# rpm --rebuilddb

[root@back ~]# yum install mod-security

utterramblings 100% |=========================| 951 B 00:00

primary.xml.gz 100% |=========================| 22 kB 00:00

utterrambl: ################################################## 64/64

extras 100% |=========================| 2.1 kB 00:00

primary.sqlite.bz2 100% |=========================| 184 kB 00:38

updates 100% |=========================| 1.9 kB 00:00

primary.sqlite.bz2 100% |=========================| 254 kB 00:28

base 100% |=========================| 2.1 kB 00:00

primary.sqlite.bz2 100% |=========================| 1.6 MB 00:17

c5-testing 100% |=========================| 1.9 kB 00:00

addons 100% |=========================| 951 B 00:00

Setting up Install Process

Parsing package install arguments

No package mod-security available.

Nothing to do

[root@back ~]# yum install mod_security

Setting up Install Process

Parsing package install arguments

Resolving Dependencies

--> Running transaction check

---> Package mod_security.i386 0:2.5.9-1.jason.1 set to be updated

--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================

Package Arch Version Repository Size

=============================================================================

Installing:

mod_security i386 2.5.9-1.jason.1 utterramblings 1.2 M
Transaction Summary

=============================================================================

Install 1 Package(s)

Update 0 Package(s)

Remove 0 Package(s)
Total download size: 1.2 M

Is this ok [y/N]: y

Downloading Packages:

(1/1): mod_security-2.5.9 100% |=========================| 1.2 MB 00:03

warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 0d4306ef

Importing GPG key 0x0D4306EF "Jason Litka (http://www.jasonlitka.com) " from http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka

Is this ok [y/N]: y

Running rpm_check_debug

Running Transaction Test

Finished Transaction Test

Transaction Test Succeeded

Running Transaction

Installing: mod_security ######################### [1/1]
Installed: mod_security.i386 0:2.5.9-1.jason.1

Complete!

This problem occurs when rpm accesses the Berkeley database files, it makes temporary locker entries within the tables while it searches for data. If you control-c your rpm processes often, this issue will occur much sooner because the locks are never cleared.

Saturday, June 5, 2010

How to Install Mod Security on Linux Centos 5.4, Fedora 11-12

ModSecurity is a free open source Firewall for Web application which can help you to guard against Intrusion on your webservers like local file inclusion attacks, Cross Site Scripting, and SQL injection vulnerabilities and many more.

The easiest way to install mod_security is using yum, to get the latest package of modsecurity refer to jason litka rpms.
Lets Start

Install the gpg Key

You need to be Root to run this:

[ashwin@ashwin ~]$ rpm –import http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka


Create a File

[ashwin@ashwin ~]$ touch /etc/yum.repos.d/utterramblings.repo

Open the File using your favorite editor and add the contents

[ashwin@ashwin ~]$ vim /etc/yum.repos.d/utterramblings.repo

[utterramblings]
name=Jason’s Utter Ramblings Repo
baseurl=http://www.jasonlitka.com/media/EL$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka

Save the File and exit

Now you can Install Mod-Security

[root@ashwin ~]# yum install mod_security
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package mod_security.i386 0:2.5.9-1.jason.1 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
mod_security            i386       2.5.9-1.jason.1  utterramblings    1.2 M

Transaction Summary
=============================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)

Total download size: 1.2 M
Is this ok [y/N]: y
Downloading Packages:
(1/1): mod_security-2.5.9 100% |=========================| 1.2 MB    00:03
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 0d4306ef
Importing GPG key 0x0D4306EF "Jason Litka (http://www.jasonlitka.com) <jasonlitka@verizon.net>" from http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: mod_security                 ######################### [1/1]

Installed: mod_security.i386 0:2.5.9-1.jason.1
Complete!

Great You have installed mod security Restart HTTPD service and Roll. Check the Logs and you will find the magic.

Issues :

1. Starting httpd: httpd: Syntax error on line 210 of /etc/httpd/conf/httpd.conf: Syntax error on line 3 of /etc/httpd/conf.d/mod_security.conf: Cannot load /etc/httpd/modules/mod_security2.so into server: /etc/httpd/modules/mod_security2.so: undefined symbol: ap_get_server_banner

Solution :

[root@ashwin ~]#  yum remove httpd mod_perl mod_perl-devel mod_security
[root@ashwin ~]#  mv /etc/yum.repos.d/CentOS-Base.repo /tmp ( move base centos repo to /tmp )
[root@ashwin ~]#  yum install httpd ( This will install apache from utterramblings.repo )
[root@ashwin ~]#  yum install mod_perl mod_perl-devel
[root@ashwin ~]#  yum install mod_security