Category: Hosting

Gnome 3 autocomplete crash, Filezilla drag&drop crash and shutdown without admin password

June 2, 2012 /

Since I'm using those hints from time to time, I've decided to put them here, so I don't need to google everytime I need them.

Gnome 3 autocomplete crash fix

Well to me honest, this isn't a fix but just a workaround, but hey! Wokrs for me ;)

sudo chattr +i ~/.local/share/recently-used.xbel

Filezilla drag&drop crash

sudo apt-get install curl
curl http://apt.wxwidgets.org/key.asc | sudo apt-key add -

Now let's add to /etc/apt/sources.list file:

deb http://apt.wxwidgets.org/ natty-wx main
deb-src http://apt.wxwidgets.org/ natty-wx main

and then:

sudo apt-get update
sudo apt-get install python-wxgtk2.8 python-wxtools wx2.8-i18n

Ubuntu shutdown without admin password

To do this, we just need to change the policy for shutting down. Edit the /usr/share/polkit-1/actions/org.freedesktop.consolekit.policy file and replace:

<action id="org.freedesktop.consolekit.system.stop-multiple-users">
  <description>Stop the system when multiple users are logged in</description>
  <message>System policy prevents stopping the system when other users are logged in</message>
  <defaults>
    <allow_inactive>no</allow_inactive>
    <allow_active>auth_admin_keep</allow_active>
  </defaults>
</action>

to:

<action id="org.freedesktop.consolekit.system.stop-multiple-users">
  <description>Stop the system when multiple users are logged in</description>
  <message>System policy prevents stopping the system when other users are logged in</message>
  <defaults>
    <allow_inactive>no</allow_inactive>
    <allow_active>yes</allow_active>
  </defaults>
</action>

Same for rebooting:

<action id="org.freedesktop.consolekit.system.restart-multiple-users">
  <description>Restart the system when multiple users are logged in</description>
  <message>System policy prevents restarting the system when other users are logged in</message>
  <defaults>
    <allow_inactive>no</allow_inactive>
    <allow_active>auth_admin_keep</allow_active>
  </defaults>
</action>

to:

<action id="org.freedesktop.consolekit.system.restart-multiple-users">
  <description>Restart the system when multiple users are logged in</description>
  <message>System policy prevents restarting the system when other users are logged in</message>
  <defaults>
    <allow_inactive>no</allow_inactive>
    <allow_active>yes</allow_active>
  </defaults>
</action>

Simplifying iptables management on a Debian (Squeeze) server

February 4, 2012 /

My basic management concept for iptables (easy to maintain when you're the owner and administrator of a server). I don't like native iptables management way, so with little help from Google I've recently figured out an alternative way to handle rules loading and applying. Here's how it's done.

First, create (as a su) iptables file which will contain all our rules. File must be executable:

# Rules from this file will be applied on system boot
touch /etc/iptables.rules
chmod +x /etc/iptables.rules

Stuff from the file above will be loaded on system boot. To tell the OS, that he needs to load them, lets use /etc/network/interfaces file. Edit it and paste:

# vim /etc/network/interfaces
# Load our rules automatically
pre-up iptables-restore < /etc/iptables.rules

Now still as a su, create in your home dir file called iptables.rules. Yup - with the same name (but different directory!) as a first one:

touch /home/mylogin//iptables.rules
chmod +x /home/mylogin//iptables.rules

Now let's put our rules into /home/mylogin/iptables.rules:

# vim ~/iptables.rules
# Reset all (block all) and start from zero
# Warning! If you apply only those 3, you're screwed! So watch out!
iptables -F INPUT
iptables -F FORWARD
iptables -F OUTPUT
 
# Reject incoming traffic
iptables -P INPUT DROP
 
# Reject forwarded traffic
iptables -P FORWARD DROP

# Accept loopback traffic
iptables -A INPUT -i lo -j ACCEPT
iptables -A FORWARD -o lo -j ACCEPT

# Accept all connections started by us 
# (this can be dangerous if you install shitty stuff on your server)
iptables -P OUTPUT ACCEPT
 
# Accept data related to our requests 
iptables -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED
iptables -A FORWARD -j ACCEPT -m state --state ESTABLISHED,RELATED
  
# http port can be setup with limits or without - here's the example with:
# (not used right now so commented out - 2 lines, should be in 2):
# iptables -A INPUT -p tcp --dport 80 -m state --state NEW 
# -m limit --limit 50/minute --limit-burst 5 -j ACCEPT

# Open ports related to our services (http, https, ssh, etc)
iptables -A INPUT -p tcp --dport 10000 -j ACCEPT # Example: webmin port
iptables -A INPUT -p tcp --dport 22 -j ACCEPT # Example: ssh port
iptables -A INPUT -p tcp --dport 80 -j ACCEPT # Example: http port

# After executing and checking, to save rules, perform (as su) command:
# iptables-save > /etc/iptables.rules

In order to check your settings. you can use nmap, a simple (yet powerful) port scanner:

sudo apt-get install nmap
nmap IP/domain

Starting Nmap 5.21 ( http://nmap.org ) at 2012-02-04 15:17 CET
Nmap scan report for domain (IP)
Host is up (0.032s latency).
Not shown: 998 filtered ports
PORT      STATE  SERVICE
80/tcp    open   http

Nmap done: 1 IP address (1 host up) scanned in 8.89 seconds

If everything is ok, save your rules permanently (execute as su):

iptables-save > /etc/iptables.rules

Copyright © 2025 Closer to Code

Theme by Anders NorenUp ↑