Friday, July 29, 2011

Debian Lenny - Update PHP 5.2 to 5.3

It must be added the new source to apt-source. Edit the file /etc/apt/sources.list:

vim /etc/apt/sources.list

and add these lines to it:

deb stable all
deb-src stable all

 Download and import the dotdeb key:

cat dotdeb.gpg | sudo apt-key add -

Then remove all php packages from the system. For example in my case:

apt-get remove php5 libapache2-mod-php5 php5-gd php5-mysql
apt-get remove php5-curl php5-tidy php5-dev php-pear php5-cli
apt-get remove php5-common php5-suhosin

Update your sources:

apt-get update

and reinstall PHP packages:

apt-get install php5 libapache2-mod-php5 php5-gd php5-mysql
apt-get install php5-curl php5-tidy php5-dev php-pear php5-cli
apt-get install php5-common php5-suhosin

now the following command will show you the new PHP version:

php -v


because no longer has lenny packages, we install the PHP 5.3 manually:

mkdir /tmp/php5
cd /tmp/php5

download all PHP5 packages from (our example is PHP 5.3.10) :

wget -r -l 1

remove old version:

apt-get remove php5 libapache2-mod-php5  
apt-get remove php5-gd php5-mysql php5-curl 
apt-get remove php5-tidy php5-dev php-pear 
apt-get remove php5-common php5-mcrypt php5-cli

and install new PHP packages:

dpkg -i php5-common_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i libapache2-mod-php5_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php5_5.3.10-1~dotdeb.0_all.deb
dpkg -i php5-mysql_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php5-curl_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php5-cli_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php-pear_5.3.10-1~dotdeb.0_all.deb
dpkg -i php5-curl_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php5-mcrypt_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php5-tidy_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php5-gd_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php5-dev_5.3.10-1~dotdeb.0_amd64.deb

restart the apache:

/etc/init.d/apache2 restart

Wednesday, July 27, 2011

Amazon AWS resize the Volume for a Linux instance

Follow these steps:Stop the instance
  • Make a snapshot (MySnap) from volume.
  • Create new volume with new size from your snapshot (MySnap).
  • Detach the old volume
  • Attach the new volume as /dev/sda1
  • Start the instance
  • in terminal resize the partition:
resize2fs -p /dev/xvda1 (see fdisk -l for your partition name)

Tuesday, July 19, 2011

VPN Server on Debian

Install the pptp server package:

sudo apt-get install pptpd

Edit the “/etc/pptpd.conf” configuration file:

sudo vim /etc/pptpd.conf

Add to it:



that means Clients will get the IPs from 100 to 200.

Edit the “/etc/ppp/pptpd-options” configuration file:

sudo vim /etc/ppp/pptpd-options

Append to the end of the file, the following directives:




mtu 1490

mru 1490

Where the IP used for the ms-dns directive is the DNS server for the local network your client will be connecting to and, again, it is your responsibility to adjust this to your network’s configuration.

Edit the chap secrets file:

sudo vim /etc/ppp/chap-secrets

Add to it the authentication credentials for a user’s connection, in the following syntax:

username * users-password *

Restart the connection’s daemon for the settings to take affect:

sudo /etc/init.d/pptpd restart

If you don’t want to grant yourself access to anything beyond the server, then you’re done on the server side.

Enable Forwarding (optional)

While this step is optional and could be viewed as a security risk for the extremely paranoid, it is my opinion that not doing it defeats the purpose of even having a VPN connection into your network.

By enabling forwarding we make the entire network available to us when we connect and not just the VPN server itself. Doing so allows the connecting client to “jump” through the VPN server, to all other devices on the network.

To achieve this we will be flipping the switch on the “forwarding” parameter of the system.

Edit the “sysctl” file:

sudo vim /etc/sysctl.conf

Find the “net.ipv4.ip_forward” line and change the parameter from 0 (disabled) to 1 (enabled):


You can either restart the system or issue this command for the setting to take affect:

sudo sysctl -p

Add these rules to Firewall (IPTABLES):

iptables -A FORWARD -m state --state ESTABLISHED,RELATED,NEW -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

now all the server side settings are prepared.