Archive for the ‘time saver’ Category

firefox 31 + self-signed certificate = sec_error_ca_cert_invalid

July 23rd, 2014 No comments

If you are trying to access site with self-signed certificate with Firefox 31 (or later) and get Issuer certificate is invalid error (sec_error_ca_cert_invalid), you have to disable new mozilla::pkix certificate verification.

In about:config set

security.use_mozillapkix_verification = false


To find out more about mozilla::pkix and why your firefox just got so super secure and paranoid, that it doesn’t allows you to access you own site without googling see I’m only wondering why did they renamed it from insanity::pkix to mozilla::pkix – do they confess that ‘mozilla’ is slowly becoming a synonym for ‘insane’ ?-) Throwing such an error without any hint or possiblity to add an exception (as usual) is IMHO insane – but, who cares about power users today…



Categories: admin, how-to, security, time saver Tags:

Simple XSLT ifnull for numbers

June 19th, 2014 No comments

Answer to question how to display zero instead of NaN in XSLT for non existing node containing number values (kind of ifnull or coallesce functions that are available in SQL).

You can do it by standard expressive XSLT way, with using variable and <xsl:choose>, or abuse built-in sum() function and do whole thing in one line.

Standard way:

<!– read the value –>
<xsl:variable name=”val”>
<xsl:when test=”//number[1]“><xsl:value-of select=”//number[1]“/></xsl:when>
<!– print the value out –>
<xsl:value-of select=”$val“/>


Quick way:

<!– read and printout –>
<xsl:value-of select=”sum(//number[1])“/>


Both codes will print value of first node named number or zero if the node is not present.  Because it is a sum() function, it’s a good idea to limit nodeset only to first one, otherwise you will get a sum of all existing number nodes.

Btw. do you know the best XSLT reference out there ? No ? Look at ZVON XSLT reference.


Categories: how-to, time saver, xsl Tags:

Fixing pg_dump invalid memory alloc request size

May 19th, 2012 No comments

I’ve encountered unusual problem while dumping one postgresql database. Every try to run pg_dump resulted in this:

sam@cerberus:~/backup$ pg_dump -v -c js1 >x
pg_dump: Error message from server: ERROR: invalid memory alloc request size 18446744073709551613
pg_dump: The command was: COPY job.description (create_time, job_id, content, hash, last_check_time) TO stdout;
pg_dump: *** aborted because of error

or this

sam@cerberus:~/backup$ pg_dump -v -c --inserts js1 >x
pg_dump: Error message from server: ERROR: invalid memory alloc request size 18446744073709551613
pg_dump: The command was: FETCH 100 FROM _pg_dump_cursor
pg_dump: *** aborted because of error

Few weeks ago I’ve encountered almost fatal failure of two(!) disks in my RAID5 array – well really funny situation, and a bit uncomfortable way how to find out why not having monitoring and alarming system is a really bad idea ;)
Fortunately no serious data damage happened, postgresql seemed to recover from this, without any problems and my databases worked fine – until I’ve tried to perform a database dump.

And now comes the important question, how to find out which table rows are incorrect (and pg_filedump says everything is OK) ?
And the answer is, use custom function:

find_bad_row(tableName TEXT)
as $find_bad_row$
result tid;
row1 RECORD;
row2 RECORD;
tabName TEXT;
count BIGINT := 0;
SELECT reverse(split_part(reverse($1), '.', 1)) INTO tabName;
OPEN curs FOR EXECUTE 'SELECT ctid FROM ' || tableName;
count := 1;
FETCH curs INTO row1;
result = row1.ctid;
count := count + 1;
FETCH curs INTO row1;
EXECUTE 'SELECT (each(hstore(' || tabName || '))).* FROM '
|| tableName || ' WHERE ctid = $1' INTO row2
USING row1.ctid;
IF count % 100000 = 0 THEN
RAISE NOTICE 'rows processed: %', count;
CLOSE curs;
RETURN row1.ctid;
RETURN result;
LANGUAGE plpgsql;

It goes over all records in given table, expands them one by one – what will results in exception if some expansion occurs. Exception will also contain CTID of last correctly processed row. And next row with higher CTID will be the corrupted one.
Like this:

js1=# select find_bad_row('public.description');
NOTICE: LAST CTID: (78497,6)
NOTICE: XX000: invalid memory alloc request size 18446744073709551613
(1 row)
js1=# select * from job.description where ctid = '(78498,1)';
ERROR: invalid memory alloc request size 18446744073709551613
js1=# delete from job.description where ctid = '(78498,1)';
js1=# select find_bad_row('job.description');
NOTICE: rows processed: 100000
NOTICE: rows processed: 200000
NOTICE: rows processed: 300000
NOTICE: rows processed: 400000
NOTICE: rows processed: 500000
NOTICE: rows processed: 600000
NOTICE: rows processed: 700000
NOTICE: rows processed: 800000
(1 row)


Note: this function requires hstore postgresql extension – it is part of postgresql distribution, you may need to create it with:



Records in this table are not that important, and I can restore them from external source – so I could delete this corrupted row. If you can’t you will have to play directly with data files – like described here – good luck :)

Categories: admin, rdbms, time saver Tags:

Monitoring disk drives via collectd

April 17th, 2012 No comments

I’ve made two simple (but useful) disk drive monitoring scripts for collectd exec plugin. You can find them on

This script monitors SMART attributes of given disks using smartctl (smartmontools).

This one monitors some interesting values of MegaRaid adapter physical drives using MegaCli tool.


Description how to use them can be found within scripts itself – enjoy ;)

Categories: admin, devel, time saver Tags:

windows – exporting non-exportable private key

April 5th, 2012 No comments

If you are trying to export windows certificate with private key, and windows export wizard provides no such possibility (export with private key is grayed out) because private key has been install as non-exportable (what is the default when importing, what almost nobody changes), there is a great tool mimikatz that makes this possible.

Download it from

And follow this procedure:

  1. crypto::patchcapi (or crypto::patchcng if previous did not work)
  2. crypto::listKeys (or crypto::listCertificates) to list keys/certificates
  3. crypto::exportKeys (or crypto::exportCertificates) to export what you want

That’s all. Exported keys will be protected with password ‘mimikatz‘ – you will need to enter it when importing certificate again.


Categories: admin, how-to, security, time saver Tags: