Puma förtydligar vad de accepterar och inte i sin återvinningslåda. Vilken tur. (à ION Orchard)

Det är inte alltid så classy på Hilton. (à Zeta Bar)

Aaron James Draplin på #yayfestival

Sitter framför datorn…

Halloween!

Nu är det dags igen! Yey!!

Street Art #paris (Pris avec Instagram)

creativemornings:

artcollage:

Anna Garforth

---

This seems to epitomize what CreativeMornings is all about.

Paris in the morning #nofilter #nopeople (Pris avec Instagram)

Sthlm! (Pris avec Instagram à Monteliusvägen)

creativemornings:

In this CreativeMornings/Stockholm talk, Julia Hoffmann, Creative Director at the MoMA speaks about working with one of the world’s most important brands for art. From type decisions to a recently launched iPad App, Julia walks us through the branding decisions and design work that goes on behind the scenes at this iconic museum.

Cheers to Nisse Axman & Oskar Törnros for filming and Nisse Axman for editing!

I Paris täcker man en hel bro, I Stockholm är det en klase… (Pris avec instagram)

Instagram old school

Fint mitt i city. (Taken with Instagram at Jarlaplan)

Recently I was faced with the task of upgrading OpenSSH on an old Fedora 9 Linux system. This is the tale of how it is done.

I will not address the issue of why we do not just upgrade our Fedora 9 (the current version is 16 or 17)  that is a totally different story…

The problem with installing the latest version of ssh on an old system is that no prebuilt rpms exists. And since I was preforming the upgrade remotely (using ssh) I wasn’t too happy about having to build the server from source. Luckily some Googeling provided a golden mean.

This blog-post explained how to build custom rpm’s using redhat’s contributed presets:

http://wiki.xdroop.com/space/Linux/Building+OpenSSH-Portable+for+CentOS

First the basics. Install development packages needed to compile OpenSSH.

# yum install gcc
# yum install openssl-devel
# yum install pam-devel
# yum install rpm-build

To install OpenSSH 5.9 you also need tcp_wrappers_devel

# yum install tcp_wrappers-devel

Then download the latest tar-ball from here. Extract it somewhere, eg. /usr/local/src. Then copy the files into the redhat rpm build tree:

# tar zxvf openssh-5.9p1.tar.gz
# cp openssh-5.9p1/contrib/redhat/openssh.spec /usr/src/redhat/SPECS/
# cp openssh-5.9p1.tar.gz /usr/src/redhat/SOURCES/
# cd /usr/src/redhat/SPECS

The blog-post then suggested running a perl hack to remove som unwanted configuration options. This hack wan’t compatible with the newer version of the openssh.spec file. Instead just edit the file by hand using your editor of choice. I used vi.

The following changes are needed:

1. Change “no_x11_askpass” from 0 to 1
2. Change “no_gnome_askpass” from 0 to 1
3. Remove WARNING* from the line begining with %doc
   

I added the last change to solve a problem when building the docs, no files named WARNING* exists resulting in a failed build.

Now build the rpms.

# rpmbuild -bb openssh.spec

Before you install the rpms there is one last very important step. The new rpms will replace the /etc/pam.d/sshd file with an updated incorrect version. Make a backup copy of this file before you install. If you do not replace the file after the install logging in to the server will NOT work!

# cp /etc/pam.d/sshd /etc/pam.d/sshd.bak

Then install your new rpm from the /usr/src/redhat/RPMS/<architecture>/ folder

# rpm -Uvh openssh*rpm
 Preparing… ############################ [100%]
 1:openssh ############################ [ 33%]
 2:openssh-clients ####################### [ 67%]
 3:openssh-server ####################### [100%]

And then re-replace your pam-config

# cp /etc/pam.d/sshd.bak /etc/pam.d/sshd

The last step is to restart sshd and test logging in to your server.

# /etc/init.d/sshd restart

Now try logging in to your server using ssh. If it does not work you need to reinstall the old ssh-rpms. Download them from the Fedora site and use the same command as above (Use —force to allow downgrading) then restart again and see that everything works.

If you missed the step of replacing the pam-configuration and login does not work. You will see an error message like this one in your logs (/var/log/security)

PAM unable to dlopen(/lib64/security/pam_stack.so): /lib64/security/pam_stack.so: cannot open shared object file: No such file or directory

This is because the config wrongly is pointing to pam_stack.so that does not exist on Fedora 9. The correct pam-config should look like this:

#%PAM-1.0
auth       include      system-auth
account    required     pam_nologin.so
account    include      system-auth
password   include      system-auth
session    optional     pam_keyinit.so force revoke
session    include      system-auth
session    required     pam_loginuid.so