Remove embedded album art

May 13, 2010

To remove embedded album art from music files from Ubuntu or variants, you can use eyeD3 which is in repository.

To install:

    apt-get install eyed3

To remove embedded album art :

    eyeD3 –remove-images * *.mp3
    eyeD3 –remove-images * *.ANY_OTHER_FORMAT


Find out what version of Ubuntu you’re using

August 28, 2008

Use this command:

lsb_release -a

in terminal

Troubleshooting Mailman + Sendmail – No mail going out to list members

August 28, 2008

This article is converted from the Mailman FAQ Wizard

Jacinta Richardson , Duncan Drury, Mark Sapiro and the other good folks at mailman-users mailing list

Here are some common things to check when no mail is going out from your lists.

Also, do you get no mail at all from Mailman or just no posts? If you get no posts but you do get some notifications, still check everything but focus more on items 1), 2), 3), 5), 6), 7) and if applicable 9).

In this article it’s assumed that you are using Sendmail as the MTA.

1. Check_perms. In all cases you should start by checking the permissions on the files that were setup:


2. Cron/mailmanctl.
1. Mailman 2.0.x only – Make sure that the cron daemon is running

ps aux |grep cron |grep -v grep

This will print out the process information about the cron daemon. If it returns a blank line, then cron is NOT running. NOTE: Mailman 2.0.13 and lower does not run an independent daemon. The qrunner process is run via cron.
2. Mailman 2.1.x – Later versions of Mailman, versions 2.1 and above, need cron for certain support jobs, but not for normal mail delivery. In Mailman 2.1.x there is an independent daemon called mailmanctl. You need to make sure that the mailmanctl daemon is also running

ps auxww| grep mailmanctl |grep -v grep

If this returns a blank line then the Mailman daemon is not running! Also, do

ps auxww | egrep ‘p[y]thon’


ps -fAww | egrep ‘p[y]thon’

or however you might spell it on your system. This should show that mailmanctl and eight qrunner processes are all running. See item 5) below.
3. Aliases. To create a mailman list you ran “newlist” and it printed out four (or ten) lines that you needed to copy to the /etc/aliases file (or wherever your MTA goes to find its aliases). Check that the aliases are in /etc/aliases:

grep wrapper /etc/aliases

Note for version 2.1: “wrapper” has been replaced with “mailman”,

grep mailman /etc/aliases

Even if the aliases are there, you may still need to reset the aliases hash table so that it includes this new alias information:


Here is a typical alias listing for a group called “sys”:

## Mailman verion 2.0.x system mailing list
sys: “|/home/mailman/mail/wrapper post sys”
sys-admin: “|/home/mailman/mail/wrapper mailowner sys”
sys-request: “|/home/mailman/mail/wrapper mailcmd sys”
sys-owner: sys-admin

And here’s a typical list of aliases for the ‘mailman’ list in mailman 2.1.x.

## mailman mailing list
mailman: “|/usr/local/mailman/mail/mailman post mailman”
mailman-admin: “|/usr/local/mailman/mail/mailman admin mailman”
mailman-bounces: “|/usr/local/mailman/mail/mailman bounces mailman”
mailman-confirm: “|/usr/local/mailman/mail/mailman confirm mailman”
mailman-join: “|/usr/local/mailman/mail/mailman join mailman”
mailman-leave: “|/usr/local/mailman/mail/mailman leave mailman”
mailman-owner: “|/usr/local/mailman/mail/mailman owner mailman”
mailman-request: “|/usr/local/mailman/mail/mailman request mailman”
mailman-subscribe: “|/usr/local/mailman/mail/mailman subscribe mailman”
mailman-unsubscribe: “|/usr/local/mailman/mail/mailman unsubscribe mailman”

If you are using Sendmail with virtual domains, you will have to also add entries into the into the ‘virtusertable’ to make the mapping for the virtual domain to the local aliases previously setup, similiar to the following:

## mailman virtual mappings sys sys-admin sys-request sys-admin

then run ‘make’ or ‘makemap’ to rebuild the virtusertable.db file and restart sendmail. This solution is limited in that you can not have multiple virtual domain with the same local address/list name. NOTE: in mailman version 2.1 and above you may have a secondary aliases file that is used specifically for Mailman and the lists that it creates:


You will need to make sure that this alias file isrecognized by your MTA (postfix, sendmail, etc), and that it is up-to-date with your latest aliases. If you do not have integration turned on, or you do not have this alias file, then all your aliases must go in the standard /etc/aliases file as specified above.
4. Smrsh. Check to see if your MTA uses smrsh. Red Hat as well as a few other distributions automatically setup Sendmail to use smrsh. Smrsh stops Sendmail from running a script or other program that is included in an alias. Mailman uses a program called “wrapper” to run all of its aliases (see the alias examples above):

grep “smrsh”

If this comes up blank then Sendmail does not use smrsh and the rest of this section doesn’t apply – skip to 4); if not, then your server is probably running smrsh and you need to make sure that smrsh is setup to allow Mailman’s wrapper program to run. Locate the smrsh directory and do an ls -l of that directory. On Red Hat:

ls -l /etc/smrsh

and the output should be similar to:

wrapper -> /home/mailman/mail/wrapper

Note: some systems setup the smrsh directory in:


Note: to find the sm.bin directory try:

strings /usr/lib/smrsh | grep sm.bin

Note for version 2.1: the wrapper program is now simply called “mailman”,

mailman -> /var/mailman/mail/mailman

5. Interface. Some distributions in a noble “attempt” to limit the number of open relays on the internet, default Sendmail so that it listens to a limited number of interfaces. The default interface that Mailman list’s use is “localhost” ( – this is configurable in Mailman’s file. To check Sendmail’s configuration file:

grep “Port”

This will list out the DeamonPortOption and indicate the interfaces it listens on ( would mean all interfaces). You can also check out which interfaces your MTA is listening on by using:

netstat -na |grep “:25 ”

In a similar vein, some folks have reported that “localhost” is not defined in their /etc/hosts file (it should be set to Also make sure /etc/hosts is world readable. Also see 4.73 How do I debug smtp-failure problems – delivery to failed with code -1- and Low level smtp error-. The settings in ~mailman/Mailman/ (or that are used to set these “Delivery Defaults”:

MTA = ‘Manual’
SMTPHOST = ‘localhost’
SMTPPORT = 0 # default from smtplib
SENDMAIL_CMD = ‘/usr/lib/sendmail’

6. qrunner.
1. Mailman 2.0.x only – If you are running Mailman 2.0.x then qrunner is run every minute via a cron job (that is why cron must be running for Mailman to work). Try running the program by hand. The exact syntax can be found in Mailman’s cron jobs:

su mailman
crontab -l

Here is an example of running qrunner by hand:

su mailman
/usr/bin/python -S /home/mailman/cron/qrunner

If this generates any errors then send those to the list for diagnosis – or look at the last few lines of errors and search the list for key words from the error messages.
2. Mailman 2.1.x – If you are running Mailman 2.1.x then the qrunners are daemons that are started by $prefix/bin/mailmanctl, which itself may be being run via a ‘mailman’ startup script. This is described in the INSTALL document for the version of MM you are running. Note that there are eight qrunners. These runners and their functions are:

ArchRunner # messages for the archiver
BounceRunner # for processing of bounces
CommandRunner # commands and confirmations from the outside world
IncomingRunner # posts from the outside world
NewsRunner # outgoing messages to the nntpd
OutgoingRunner # outgoing messages to the smtpd
VirginRunner # internally crafted (virgin birth) messages
RetryRunner # retry temporarily failed deliveries

If you aren’t doing any gatwaying to usenet, you can do without NewsRunner, and if you aren’t archiving any lists, you can do without ArchRunner, but the other six are required to be running for normal Mailman operation. Also note that if any queues are ‘sliced’ there will be more than one runner for that queue, and you need them all. For example, if OutgoingRunner is set up for 4 slices, there will be four copies of OutgoingRunner processing slices 0:4, 1:4, 2:4 and 3:4. If any of these four is not running, its portion of the out queue will not be processed.
7. Locks. A errant lock file can stop a list from processing as Mailman waits for the lock to be removed. Since your list is not sending, we shall assume that no lock files should be on the list and that it is safe to delete any we find.
Note that we are talking here about locks with the list name as part of the lock file name. The master-qrunner locks are normal and are not the cause of non-delivery problems. On the contrary, if they
weren’t there it would indicate that the qrunners weren’t running.

ls -l ~mailman/locks

The output will be something like:

This indicates that process # 22845 created the lock. To look at this process and see what it is (if it still exists):

ps aux |grep 22845 |grep -v grep

8. Logs. If you don’t have any of the common problems above, then you should look for errors in your log files. First look for errors in your MTA log files. On Red Hat that would be in /var/log/maillog. Look in the log starting at the time you sent a test message. You should see your initial message come in and be passed on to your Mailman list, afterwards you may see warnings or errors caused by Mailman trying to send out mail to the members of the list.
Next look in Mailman’s logs. The files are in ~mailman/logs/ or usually /var/log/mailman on RedHat.
There are several logs to look in for problems:


Note: if you look in the qrunner log you may see several warnings about “Could not acquire qrunner lock”, these are actually normal and are NOT a problem, but other messages about qrunners terminating and being restarted or not do indicate a problem.
Every line in the log files is dated so you should be able to isolate the place in the log files to start looking, based on when your problem started.
* What do the logs and the times of the entries in your MTA show. Is it passing the mail into the mailman alias properly? Check the time.
* Now check the Mailman post log and when it shows the message accepted for posting. The time should be very close to the MTA’s time.
* Now back to the MTA, does it show the message going out to the various folks on the list?
9. Qfiles. You may have a malformed email (or one that is simply too big) clogging up the flow of mail to your lists. Mail that is queued up by Mailman is stored in the directory:


or in FHS compliant RedHat systems


Move any files out of the directory and into a temporary directory, then send a new test message to your list. If that works, then you can move some of the old queued up files back and let those process. If it stops working again then you have a bad message in that batch – delete them or copy them to a different temporary directory.
Note that files accumulating in a queue directory can also mean that its qrunner (or one of its slice qrunners) is not running. See 1b and 5b above
10. SMTPHOST Mailman would accept messages but they wouldn’t go anywhere. logs/smtp would just show “All recipients refused: (61, ‘Connection refused’)”. My mailserver is configured to listen only on its external IP address, no localhost or anything like that. I had to add to ~mailman/Mailman/


After that Mailman started working perfectly.
11. Sendmail + mm-handler If your mail is not getting to the mailing list then try testing mm-handler independently of sendmail:

echo “From:
Subject: Test
test mail body
” | /etc/mail/mm-handler \
-r testlist

To test with sendmail without your email client try:

echo “From:
Subject: Test
test mail body
” | /usr/sbin/sendmail \

Also try editing mm-handler and setting DEBUG=1 and rerun the sendmail command above and see if you get a bounce.
12. Topics If your list has topics defined, make sure users have appropriate settings to receive the posts they want.

If none of the above steps helps, then try seeking out help on the mailing list. When submitting your problem to the list please include the following information:

* version of mailman you are running,
* how it was installed (via rpm, apt-get, or source),
* version of OS your server is running,
* the MTA (sendmail, postfix, exim, qmail, etc) running on your server.

As a courtesy to the good folks on the list please use a Subject that describes your problem (and not simply the word “Help).

How to create a list of installed packages in Ubuntu / Debian

August 15, 2008

dpkg –get-selections

How to do a syntax check of proftpd.conf file after making an edit.

August 14, 2008

To perform a syntax check of your proftpd.conf file, you can use the following command

$sudo proftpd -td5

or if you are logged in as root

#proftpd -td5

Reset MySQL root password – Linux

August 6, 2008

1. Stop the MySQL service as root.

# /etc/init.d/mysql stop
#service mysql stop

2. Start MySQL in safe mode and skip “grant tables”:
# /usr/bin/mysqld_safe –user=mysql –socket=/var/lib/mysql/mysql.sock –pid-file=/var/run/mysqld/ –datadir=/var/lib/mysql –skip-grant-tables –skip-networking &
3. Now, reset the MySQL root password using mysqladmin
# mysqladmin -u root flush-privileges password new_password_here
4. Stop MySQL running in safe mode:
#kill `cat /var/run/mysqld/`
5. Start MySQL:
#/etc/init.d/mysql start
6. You can use the new MySQL root password now :
#mysql -u root -p
When prompted for the new password, enter the new password you have set using mysqladmin

Rails Error: Malformed header from script

August 6, 2008

If you are running your rails app on an Apache2+ mod_fcgid set up and you receive errors like

[Fri Aug 1 08:10:06 2008 [error] [client 111.222.333.444] malformed header from script. Bad header=*******: dispatch.fcgi

in the Apache error log, make sure you don’t have any output to console (like ‘puts’, added for debugging) left in the code.

Whatever the script output goes to the header section of the response and most of the times Apache won’t understand it.

Removing “puts” from the code helped me fix it.

Mount ISO image in Linux

July 22, 2008

Do you have the habit of storing files as ISO ? . In Windows you can read the contents of an ISO file by mounting it on a virtual drive using Daemontools. In Linux it’s pretty simple. You just have to mount the ISO as a loop device.

# mount -o loop filename.iso /path/to/some/directory

You need to be root to run this command. If you are a user with administrative privileges ( this will be the case if you are using the primary account in Ubuntu,Mint etc), you can try the command

# sudo mount -o loop filename.iso /path/to/some/directory

List all the loaded modules :: apache

June 12, 2008

You can use the following command to list all the loaded modules in apache (both DSO and Static)

apachectl -t -D DUMP_MODULES


The output will be something like
dir_module (static)
actions_module (static)
userdir_module (static)
alias_module (static)
rewrite_module (static)
so_module (static)
auth_passthrough_module (shared)
bwlimited_module (shared)
php5_module (shared)
fcgid_module (shared)
proxy_module (shared)

Mod Security 2 Default Rules and IDs

June 8, 2008

Here is the Mod Security 2 Default Rules and IDs. May be useful if you want to deactivate any specific rule.

10005 – Marketing Default Action
10006 – Google robot activity
10007 – Yahoo robot activity
10008 – MSN robot activity


60031 – HTTP Policy Default Action
60032 – Allow only POST,GET,HEAD Requests
60033 – Block CONNECT / TRACE Requests
60010 – Restrict Content Types For Posts
60034 – Restrict HTTP Protocol Versions
60035 – File extension request restrictions
60036 – Allow Only Certain Extensions


50002 – Generic Attacks Default Action
50009 – Session Fixation Cookie Mangling ?
50007 – Blind SQL Injection Attack
50903 – Blind SQL Injection Attack
50904 – Blind SQL Injection Attack
50001 – SQL Injection Attack
50905 – SQL Injection Attack
50906 – SQL Injection Attack
50004 – Cross-site Scripting (XSS) Attack
50005 – Remote File Access Attempt
50002 – System Command Access
50006 – System Command Injection
50008 – Injection of Undocumented ColdFusion Tags
50010 – LDAP Injection Attack
50011 – SSI injection Attack
50013 – PHP Injection Attack


90900 – Bad Robots Default Action
90002 – Block Known Bot Scanners
90901 – Block Known Bot Scanners
90902 – Block Known Bot Scanners
90012 – Rogue Site Crawlers
90011 – Automated Site Crawler


70001 – Outbound Filter Default Action
70002 – Statistic Software Information Leak
70003 – SQL Information Leakage
70004 – IIS Information Leakage
70007 – Zope Information Leakage
70008 – Cold Fusion Information Leakage
70009 – PHP Information Leakage
70010 – ISA server existence revealed
70012 – Microsoft Word document properties leakage
70013 – Directory Listings Turned OFF !!
70011 – File or Directory Names Leakage
70014 – ASP/JSP source code leakage
70903 – ASP/JSP source code leakage
70015 – PHP source code leakage
70016 – Cold Fusion source code leakage
70901 – IIS Application Not Available
70118 – IIS Application Not Available


60007 – Protocol Violations Default Action
60008 – Request Missing a Host Header
60009 – Request Missing a User Agent Header
60015 – Request Missing an Accept Header
60016 – Non Numeric Content-Length Header
60017 – Host header is a numeric IP address
60011 – Block GET or HEAD requests with bodies
60012 – POST request must have a Content-Length header
60013 – ModSecurity does not support transfer encodings
50107 – URL Encoding Abuse Attack
50801 – UTF8 Encoding Abuse Attack
60014 – Proxy access attempt
60015 – Request Missing an Accept Header Byte Range
60901 – Localized Byte Range Check


50920 – Trojans Default Action
50111 – Possible malicious file upload
50921 – Possible malicious file upload
50922 – Possible malicious file upload

Got root rule ids

Got Root Mod Security 2 Rules – /gotroot/


400050 – Apache 2 Rules Default Action


300051 – Just In Time Patches Default Action
390000 – probe
390080 – Tests For Valid X-Forwarded Header


300051 – Just In Time Patches Default Action
390000 – probe
390070 – Generic phpbb_root_path exploit
390075 – Generic mosConfig_absolute_path File Inclusion Vulnerability
390076 – Generic mosConfig_absolute_path File Inclusion Vulnerability
390083 – tikiwiki XSS Vulnerability
390082 – tikiwiki Remote File Inclusion Vulnerability
390039 – vwar_root remote/local file inclusion
390001 – aWebBB XSS attack on post.php
390002 – aWebBB XSS attack on editac.php
390003 – aWebBB XSS attack on register.php
390004 – aWebBB XSS attack / aWebBB SQL attack
390005 – aWebBB SQL attack
390006 – phpBB cur_password XSS attack
390007 – PHPNuke-Clan 3.0.1 Remote File Inclusion Exploit
390008 – Claroline <= 1.7.4 remote command vuln
390009 – Claroline <= 1.7.4 remote command vuln
390010 – Claroline <= 1.7.4 XSS attack
390011 – aWebNews XSS attack
390012 – aWebBBNewsSQL attack
390013 – aWebBBNewsSQL attack
390014 – aWebAPP XSS attack
390015 – qliteNEws SQL injection attack
390016 – RedCMS SQL Injection
390017 – RedCMS SQL Injection
390018 – RedCMS XSS attack
390019 – Oxygen SQL Injection
390020 – Mantis XSS attack
390021 – Oxygen SQL Injection
390022 – Mantis XSS attack
390023 – PHPCollab v2.x / NetOffice v2.x sendpassword.php SQL Injection
390024 – Sourceworkshop newsletter SQL Injection Vulnerability
390025 – X-Changer SQL Injection Vulnerability
390025 – X-Changer SQL Injection Vulnerability
390026 – X-Changer XSS Vulnerability
390027 – Null news Multiple SQL Injection Vulnerabilities
390028 – Null news Multiple SQL Injection Vulnerabilities
390029 – Null news Multiple SQL Injection Vulnerabilities
390030 – PHPLiveHelper 1.8 remote command execution Xploit
390031 – Pixel Motion Blog SQL Injection Vulnerabilities
390032 – Pixel Motion Blog SQL Injection Vulnerabilities
390033 – Nuked-Klan SQL Injection Vulnerability
390035 – TFT Gallery passwd Exposure of User Credentials
390036 – Nuked-Klan SQL Injection Vulnerability
390037 – WEBalbum Local File Inclusion Vulnerability
390038 – G-Book g_message Script Insertion Vulnerability
390039 – PHPMyChat exploit
390040 – Horde Help Module Remote Execution
390041 – Internet PhotoShow Remote File Inclusion Exploit
390042 – Censtore.cgi exploit
390043 – exploit
390044 – phpinfo.cgi command execution
390045 – phpRaid phpbb_root_path File Inclusion Vulnerability
390046 – openEngine template Parameter Local File Inclusion Vulnerability
390047 – ISPConfig go_info[server][classes_root] File Inclusion
390048 – ManageEngine OpManager searchTerm Cross-Site Scripting
390049 – AliPAGER ubild Cross-Site Scripting and SQL Injection
390050 – MxBB Portal pafileDB Module module_root_path File Inclusion
390051 – Jadu CMS register.php Cross-Site Scripting Vulnerabilities
390052 – OpenFAQ q Parameter Script Insertion Vulnerability
390053 – phpBB foing Module phpbb_root_path File Inclusion
390054 – Sugar Suite sugarEntry Parameter Security Bypass
390055 – Sugar Suite sugarEntry Parameter Security Bypass
390056 – Sugar Suite sugarEntry Parameter Security Bypass
390057 – Sugar Suite exploit
390058 – TikiWiki Multiple Cross-Site Scripting Vulnerabilities
390059 – TikiWiki Multiple Cross-Site Scripting Vulnerabilities
390060 – TikiWiki Multiple Cross-Site Scripting Vulnerabilities
390061 – TikiWiki Multiple Cross-Site Scripting Vulnerabilities
390062 – TikiWiki Multiple Cross-Site Scripting Vulnerabilities
390063 – TikiWiki Multiple Cross-Site Scripting Vulnerabilities
390095 – TikiWiki Multiple Cross-Site Scripting Vulnerabilities
390064 – WordPress shell injection Vulnerability
390065 – Nucleus arbitrary remote inclusion exploit
390066 – Horde passthru exploit
390067 – CMS-Bandits spaw_root File Inclusion Vulnerability
390068 – phpBB Blend Portal System Module phpbb_root_path File Inclusion
390069 – Admanager Pro exploit
390071 – Bible Portal Project destination File Inclusion Vulnerability
390072 – Flipper Poll root_path File Inclusion Vulnerability
390073 – PictureDis Products lang Parameter File Inclusion Vulnerability
390074 – Joomla/Mambo Weblinks blind SQL injection
390076 – Generic m2f_root_path File Inclusion Vulnerability
390077 – Generic PHP download incddir File Inclusion Vulnerability
390078 – SiteDepth CMS SD_DIR Parameter Handling Remote File Inclusion Vulnerability
390079 – PhpLinkExchange page Parameter Handling Remote File Inclusion Vulnerability
390080 – Tests For Valid X-Forwarded Header


350001 – Recons Default Action
350000 – Gravity Board Google Recon attempt
350001 – SilverNews Google Recon attempt
350002 – PHPBB 2.0 Google Recon attempt
350003 – PHPFreeNews Google Recon attempt
350004 – /cgi-bin/guery Google Recon attempt
350005 – tiki-edit Google Recon attempt
350006 – wps_shop.cgi Google Recon attempt
350007 – edit_blog.php Google Recon attempt
350008 – passwd.txt Google Recon attempt
350008 – admin.mdb Google Recon attempt


390143 – Root Kits Default Action
390144 – Generic Attempt to install rootkit in Horde
390145 – Generic Attempt to install rootkit


340001 – Got Root Rules Default Action
340000 – Enforce proper HTTP requests
340002 – Generic rule for allowed characters
340004 – Dis-allowed Transfer Encoding
340007 – deny TRACE method
300002 – XSS insertion into headers
300003 – Don’t accept chunked encodings
330003 – Code injection via content length
300004 – generic recursion signatures
300005 – generic recursion signatures
300006 – generic bogus path sigs
330001 – Generic PHP exploit signatures
330002 – Generic PHP exploit signatures
300008 – Generic PHP exploit pattern
300010 – generic XSS PHP attack types
300011 – Prevent SQL injection in cookies
300012 – Prevent SQL injection in UA
300013 – Generic filter to prevent SQL injection attacks
300014 – Generic SQL sigs
300015 – Generic SQL sigs
300016 – Generic SQL sigs
380015 – Meta character SQL injection
300017 – Generic command line attack filter
300018 – Generic PHP code injection protection via ARGS
300040 – Generic PHP code injection protection in URI


380001 – User Agents Default Action
380000 – Addresses With No HTTP_Accept