Matteo Mattei

Hello, my name is Matteo Mattei and this is my personal website. I am computer engineer with a long experience in Linux system administration and web software development.

linkedin rss twitter google+ github facebook

How to really erase an Hard Drive

Since a REALLY secure Hard Disk erase procedure does not exist, the only way to clean every private data from a storage device is to use a powerful tool. Today we experimented the secure data cleaning on a 2.5” HD with an hammer. Yes, you have understood, an HAMMER!!! What’s more powerful than an hammer?!

This is the result of our experiment:

Broken HD

Any further feedback is really appreciated!


Shrink Ext4 partition on VMware player

VMWARE Few days ago I spent some times trying to shrink my Ubuntu 11.04 appliance with root partition formatted with EXT4 filesystem.

The main problem is that the current VMware tools (8.4.6, build-385536) does not support the ext4 shrink. If you run sudo vmware-toolbox, your root partition is formatted in ext4 and you try to execute the shrink, an error message like the following could appear.

VMWARE SHRINK ERROR

Anyway there is a trick to streamline the final vmdk size. Run this command within a shell into the guest system:

sudo dd if=/dev/zero of=/zero.raw bs=20480
rm -f /zero.raw

Then, shutdown the virtual image and download the vdiskmanager tool from VMware website.

Now run the vmware-vdiskmanager with the -k parameter:

vmware-diskmanager -k /path/to/image.vmdk

This operation will take a while, but at the end you will get a considerable smaller vmdk image file.


How to implement MAC_X919 algorithm in Python

Today with my friend Nicola, we were looking in Internet for the implementation of the X9.19 algorithm in Python. Unfortunately we didn’t find it anywhere, so we made it ourself:


How to clone MySQL database schema in PHP

phpmysql

For my client I needed to create a PHP script that can export a full MySQL database schema in another database. This script also need to keep and set constraints.

You only need to configure $DB_SRC_* and $DB_DST_* variables to fit your environment.

Here below you can find the code I created for this purpose:

Update 2016-10-14: The code below has been rewritten using PHP mysqli driver (thanks to Richard Maurer).


Virtual users on vsftpd

VSFTPD logo I am usually to configure vsftp on web servers to allow FTP access based on domains. Few days ago my client asked me to create multiple FTP users for a single domain every one with a different root folder into that domain.

This is my usual configuration of my /etc/vsftpd.conf

listen=YES
anonymous_enable=NO
local_enable=YES
virtual_use_local_privs=YES
write_enable=YES
connect_from_port_20=YES
xferlog_enable=YES
pam_service_name=vsftpd
guest_enable=YES
guest_username=www-data
user_sub_token=$USER
local_root=/var/www/$USER
chroot_local_user=YES
hide_ids=YES
force_dot_files=YES
ftpd_banner=Welcome to my private FTP service.
local_umask=022

and this is my /etc/pam.d/vsftpd

auth required pam_pwdfile.so pwdfile /etc/ftpd.passwd
account required pam_permit.so

The first time I have created the file /etc/ftpd.passwd in this way:

htpasswd -c -d -b /etc/ftpd.passwd domain1.com <password>

For the next users simply avoid the “-c” parameter:

htpasswd -d -b /etc/ftpd.passwd domain2.com <password>

With this simple configuration all users have these credentials:

  • host: domain1.com
  • username: domain1.com
  • password: password
  • port: 21
  • Root folder: /var/www/domain1/

Now the point is: how can we create multiple users for a single domain each one with a different root folder? The answer is pretty simple, follow me!

Create the folder /var/www/users and add the following line at the end of /etc/vsftpd.conf

user_config_dir=/var/www/users

Inside the folder /var/www/users create a file for each virtual user (for example the user user1.domain1.com) containing a line with the root directory for that user:

echo "local_root=/var/www/domain1.com/pub/user1" > /var/www/users/user1.domain1.com

Now add the new user/password in /etc/ftpd.passwd as usual:

htpasswd -d -b /etc/ftpd.passwd user1.domain1.com <password>

Restart vsftpd server and test your new configuration!


How to use google apps in WordPress on Bluehost

In these days I spent a lot of time looking for a solution of changing the admin email address in Bluehost and I found a working solution! The problem is that Bluehost uses Exim as mail server that is configured to require a valid and registered email address.

This is my scenario:

  • Some domains with mx record pointed to google apps (I will take myprivatedomain.com as example).
  • No mailbox created on Bluehost because I have already created some mailboxes with google apps.
  • myprivatedomain.com with info@myprivatedomain.com as admin email set in Settings -> General inside Bluehost panel.

At this point, every email sent from any comments has this header:

user <user@boxXXX.bluehost.com>

I want to change it in order to have this address in my comments:

info <info@myprivatedomain.com>

These are the steps to follow:

  1. Log-in to Bluehost cpanel and go to Mail -> MX Entry. Here select your host (myprivatedomain.com), add these MX records as in the picture below and make sure to set Remote Mail Exchanger:
    • 1 ASPMX.L.GOOGLE.COM.
    • 5 ALT1.ASPMX.L.GOOGLE.COM
    • 5 ALT2.ASPMX.L.GOOGLE.COM
    • 10 ASPMX2.GOOGLEMAIL.COM
    • 10 ASPMX3.GOOGLEMAIL.COM

    MX Google Bluehost

  2. Now the e-mail delivery should just work. However, if you want to change the “From email” field, install the mail from plugin and configure it in this way:
    • Sender Name -> YourName
    • User Name -> info
    • Domain Name -> myprivatedomain.com

    Wordpress Mail From Plugin

That’s all! Now try to post a comment and look at your mailbox.

Update 2013/11/02: As Amanda highlited in the comments below, it’s also necessary to add an account for each address set up in Google Apps. So, go to Bluehost’s cPanel > Email Accounts, then add an account for each address. Adding the addresses to your Bluehost accounts, even though they won’t actually work there, seems to make them trusted, and allows you to send with those addresses.