Edit /boot/grub/menu.lst (or grub.conf or lilo.conf) and add ramdisk_size=512000 to this line:
kernel /vmlinuz root=/dev/md1 ro console=tty0 console=ttyS0,57600
kernel /vmlinuz root=/dev/md1 ro ramdisk_size=512000 console=tty0 console=ttyS0,57600
it defines 512 MB Ramdisk.
Reboot system.
To create an ext2fs file system, the following command is used :
mke2fs -m 0 /dev/ram0
The -m 0 option keeps mke2fs from reserving any space on the file system for the root user. This makes the complete ramdisk space available to any regular user.
To mount the ramdisk :
mkdir /mnt/RAMDISK
mount /dev/ram0 /mnt/RAMDISK
Run mount to check whether the RAMDISK has been mounted.
Now the RAMDISK can be used as a regular directory. You can read, write, delete and modify files on the RAMDISK as if you are working on a regular hard disk. Linux would handle it as if it were handling a regular directory on the disk. The difference between RAMDISK and normal DISK would be invisible to a regular user.
The only problem is that if the system is either rebooted or crashes. In that case, all data in the RAMDISK is lost. You will need to recreate the RAMDISK and redo all that has been done.
Wednesday, December 31, 2008
Wednesday, November 26, 2008
Keyboard problem in VMware under Ubuntu 8.10
In VMWARE Server on my fresh install of Ubuntu 8.10,after powering on a Windows XP vm, I realized that I could not use the some keys properly. On hitting the left arrow key, start menu was being displayed and other arrow keys had similar issues. Also, using VMware player was completely impossible as ctrl-alt-del wasn’t working.
To fix this issue, you simply need to run the following command,
echo 'xkeymap.nokeycodeMap = true' > /etc/vmware/config
Thursday, November 13, 2008
Install Mysql Activity Report on Ubuntu
Install these two packages:
apt-get install librrd2-dev libmysqlclient15-dev
Download the Mysql Report Activity:
wget http://freshmeat.net/redir/mysqlard/...d-1.0.0.tar.gz
tar -xvzf mysqlard-1.0.0.tar.gz
cd mysqlard-1.0.0
./configure
make
make install
Edit /usr/local/share/mysqlard/mysqlar.php and change username and password for your Mysql Database.
Give access right to www-data user for vim /usr/local/share/mysqlard/ :
chown www-data.www-data /usr/local/share/mysqlard/mysqlar.php
Add the alias to apache config file ( I added a new conf file in /etc/apache2/conf.d/ ):
vim /etc/apache2/conf.d/mysqlard.conf
and add these lines to it:
Alias /mysqlard /usr/local/share/mysqlard
"Directory /usr/local/share/mysqlard"
php_flag register_globals off
Options Indexes FollowSymLinks
"IfModule mod_dir.c"
DirectoryIndex mysqlard.php
"/IfModule"
"/Directory"
(change "" with <>).
Create a user in MYSQL:
GRANT USAGE ON *.* TO mysqlar@localhost;
and then change the user in mysqlar.php.
Check too all paths in these files:
mysqlard.server
mysqlard.cnf
mysqlard_graph
Copy the following files in appropriate crontab folders:
mysqlar.daily
mysqlar.weekly
mysqlar.monthly
You need to add a cron job to generate the graphs. For example :
Restart apache2 service:
/etc/init.d/apache2 restart
You can access Mysql Activity Report with following url:
http://localhost/mysqlard/mysqlar.php
apt-get install librrd2-dev libmysqlclient15-dev
Download the Mysql Report Activity:
wget http://freshmeat.net/redir/mysqlard/...d-1.0.0.tar.gz
tar -xvzf mysqlard-1.0.0.tar.gz
cd mysqlard-1.0.0
./configure
make
make install
Edit /usr/local/share/mysqlard/mysqlar.php and change username and password for your Mysql Database.
Give access right to www-data user for vim /usr/local/share/mysqlard/ :
chown www-data.www-data /usr/local/share/mysqlard/mysqlar.php
Add the alias to apache config file ( I added a new conf file in /etc/apache2/conf.d/ ):
vim /etc/apache2/conf.d/mysqlard.conf
and add these lines to it:
Alias /mysqlard /usr/local/share/mysqlard
"Directory /usr/local/share/mysqlard"
php_flag register_globals off
Options Indexes FollowSymLinks
"IfModule mod_dir.c"
DirectoryIndex mysqlard.php
"/IfModule"
"/Directory"
(change "" with <>).
Create a user in MYSQL:
GRANT USAGE ON *.* TO mysqlar@localhost;
and then change the user in mysqlar.php.
Check too all paths in these files:
mysqlard.server
mysqlard.cnf
mysqlard_graph
Copy the following files in appropriate crontab folders:
mysqlar.daily
mysqlar.weekly
mysqlar.monthly
You need to add a cron job to generate the graphs. For example :
*/5 * * * * root hourly=1 daily=1 weekly=1 monthly=1\
/usr/bin/mysqlar_graph > /dev/nullRestart apache2 service:
/etc/init.d/apache2 restart
You can access Mysql Activity Report with following url:
http://localhost/mysqlard/mysqlar.php
Apache Server Status
The Status module allows a server administrator to find out how well their server is performing. A HTML page is presented that gives the current server statistics in an easily readable form. If required this page can be made to automatically refresh (given a compatible browser). Another page gives a simple machine-readable list of the current server state.
The details given are:
- The number of worker serving requests
- The number of idle worker
- The status of each worker, the number of requests that worker has performed and the total number of bytes served by the worker (*)
- A total number of accesses and byte count served (*)
- The time the server was started/restarted and the time it has been running for
- Averages giving the number of requests per second, the number of bytes served per second and the average number of bytes per request (*)
- The current percentage CPU used by each worker and in total by Apache (*)
- The current hosts and requests being processed (*)
ExtendedStatus is On.To enable status reports only for browsers from the foo.com domain add this code to your /etc/apache2/apache2conf configuration file:
"Location /server-status"
Order Deny,Allow
Deny from all
Allow from foo.com
/Location
You can now access server statistics by using a Web browser to access the page http://your.server.name/server-status
You can get the status page to update itself automatically if you have a browser that supports "refresh". Access the page http://your.server.name/server-status?refresh=N to refresh the page every N seconds.
A machine-readable version of the status file is available by accessing the page http://your.server.name/server-status?auto. This is useful when automatically run, see the Perl program in the /support directory of Apache, log_server_status.
Wednesday, November 12, 2008
Mount a remote folder in Ubuntu
SSHFS (Secure SHell FileSystem) is a file system for Linux capable of operating on files on a remote computer.
apt-get install sshfs
(Remote host must run the ssh daemon)
sshfs remoteuser@remotehost:/path/to/remote_dir local_mountpoint
apt-get install sshfs
(Remote host must run the ssh daemon)
sshfs remoteuser@remotehost:/path/to/remote_dir local_mountpoint
Thursday, November 6, 2008
Zoneminder in Ubuntu
In Ubuntu run:
apt-get install zoneminder
apt-get -f install
modprobe -r zc0301
modprobe -r gspca
modprobe gspca
add this line to /etc/modprobe.d/blacklist:
blacklist zc0301
Give access right to Video Devices:
chmod 777 /dev/video(x)
apt-get install zoneminder
apt-get -f install
modprobe -r zc0301
modprobe -r gspca
modprobe gspca
add this line to /etc/modprobe.d/blacklist:
blacklist zc0301
Give access right to Video Devices:
chmod 777 /dev/video(x)
Thursday, October 23, 2008
Friday, October 17, 2008
Enable SSH in VMware ESX 3.x
ESXi 3.5 does ship with the ability to run SSH, but this is disabled by default (and is not supported). If you just need to access the console of ESXi, then you only need to perform steps 1 - 3.
1) At the console of the ESXi host, press ALT-F1 to access the console window.
2) Enter unsupported in the console and then press Enter. You will not see the text you type in.
3) If you typed in unsupported correctly, you will see the Tech Support Mode warning and a password prompt. Enter the password for the root login.
4) You should then see the prompt of ~ #.
Edit the file inetd.conf (enter the command vim /etc/inetd.conf).
5) Find the line that begins with #ssh and remove the #. Then save the file.
6) Once you've closed the vi editor, run the command /sbin/services.sh restart to restart the management services. You'll now be able to connect to the ESXi host with a SSH client.
Monday, September 22, 2008
Disable Beep in Ubuntu Hardy
Open the file /etc/modprobe.d/blacklist as root in a text editor:
vim /etc/modprobe.d/blacklist
Add this line to the end of the file:
blacklist pcspkr
The next time Ubuntu boots up pcspkr will be blocked from loading and you will no longer hear the beep. Peace and quiet at last!
But if you only need a temporary solution to disable the beep, just run this command (as root):
modprobe -r pcspkr
Thursday, September 18, 2008
Make Hostname permanent in Strato - Debian
Chnage this line in file /etc/hostname.sh:
[ -f /etc/hostname ] && HOSTNAME="$(cat /etc/hostname)"
to:
[ -f /etc/hostname ] && HOSTNAME="YOURHOSTNAME"
[ -f /etc/hostname ] && HOSTNAME="$(cat /etc/hostname)"
to:
[ -f /etc/hostname ] && HOSTNAME="YOURHOSTNAME"
Monday, September 15, 2008
Setting POP3 Connector & email server
Download and install these two patches from Microsoft:
http://www.microsoft.com/downloads/details.aspx?FamilyId=7B1FF109-092E-4418-AA37-A53AF7B8F6FC&displaylang=en
http://www.microsoft.com/downloads/details.aspx?FamilyID=206e4e32-1e37-4836-b4f7-8d6a543a7c7f&DisplayLang=en
Follow this link:
http://www.msexchange.org/tutorials/Configuring-Incoming-Outgoing-Email-Windows-Small-Business-Server-2003.html
http://www.microsoft.com/downloads/details.aspx?FamilyId=7B1FF109-092E-4418-AA37-A53AF7B8F6FC&displaylang=en
http://www.microsoft.com/downloads/details.aspx?FamilyID=206e4e32-1e37-4836-b4f7-8d6a543a7c7f&DisplayLang=en
Follow this link:
http://www.msexchange.org/tutorials/Configuring-Incoming-Outgoing-Email-Windows-Small-Business-Server-2003.html
Friday, August 29, 2008
Enable HTTPS in Debian
install this package:
apt-get install libapache-mod-ssl
Enable ssl mode in Apache:
a2enmod ssl
add port 443 in /etc/apache2/ports.conf:
Listen 443
Make certificate (after run this command you must answer some questions):
make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
add these lines to
/etc/apache2/sites-available/YOURSERVER.COM.conf:
>
. . .
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
. . .
>/VirtualHost>
restart Apache2.
To redirect HTTP to HTTPS add these lines to
/etc/apache2/sites-available/YOURSERVER.COM.conf under 443 options:
RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R]
RewriteLog "/var/log/apache2/rewrite.log"
RewriteLogLevel 2
and restart Apache2 again!
apt-get install libapache-mod-ssl
Enable ssl mode in Apache:
a2enmod ssl
add port 443 in /etc/apache2/ports.conf:
Listen 443
Make certificate (after run this command you must answer some questions):
make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
add these lines to
/etc/apache2/sites-available/YOURSERVER.COM.conf:
>
. . .
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
. . .
>/VirtualHost>
restart Apache2.
To redirect HTTP to HTTPS add these lines to
/etc/apache2/sites-available/YOURSERVER.COM.conf under 443 options:
RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R]
RewriteLog "/var/log/apache2/rewrite.log"
RewriteLogLevel 2
and restart Apache2 again!
ftp user in a jail
Edit vsftpd configuration file - /etc/vsftpd/vsftpd.conf and
make sure following line exists (and uncommented):
make sure following line exists (and uncommented):
chroot_local_user=YES
Save and close the file. Restart vsftpd.
Tuesday, August 19, 2008
Windows Vista - Clear cache for dead offline files
Add the FormatDatabase (DBWD) registry entry to the following registry subkey:
(First add Parameters under Csc, if doesn't exist)HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Csc\Parameters
Then, set the FormatDatabase registry entry to 1.
The restart your computer.
Monday, August 18, 2008
Bacula automatic startup
Create a bacula file in /etc/init.d/ :
#!/bin/sh
case "$1" in
'start')
/etc/bacula/bacula start
;;
'stop')
/etc/bacula/bacula stop
;;
*)
echo "Usage: $0 { start | stop }"
;;
esac
exit 0
add these links as follows:
ln -s /etc/init.d/bacula /etc/rc2.d/S90bacula
ln -s /etc/init.d/bacula /etc/rc3.d/S90bacula
ln -s /etc/init.d/bacula /etc/rc4.d/S90bacula
ln -s /etc/init.d/bacula /etc/rc5.d/S90bacula
ln -s /etc/init.d/bacula /etc/rc0.d/K90bacula
ln -s /etc/init.d/bacula /etc/rc1.d/K90bacula
ln -s /etc/init.d/bacula /etc/rc6.d/K90bacula
or simply run:
update-rc.d bacula defaults 90
#!/bin/sh
case "$1" in
'start')
/etc/bacula/bacula start
;;
'stop')
/etc/bacula/bacula stop
;;
*)
echo "Usage: $0 { start | stop }"
;;
esac
exit 0
add these links as follows:
ln -s /etc/init.d/bacula /etc/rc2.d/S90bacula
ln -s /etc/init.d/bacula /etc/rc3.d/S90bacula
ln -s /etc/init.d/bacula /etc/rc4.d/S90bacula
ln -s /etc/init.d/bacula /etc/rc5.d/S90bacula
ln -s /etc/init.d/bacula /etc/rc0.d/K90bacula
ln -s /etc/init.d/bacula /etc/rc1.d/K90bacula
ln -s /etc/init.d/bacula /etc/rc6.d/K90bacula
or simply run:
update-rc.d bacula defaults 90
Friday, August 15, 2008
Heartbeat - DRBD - MYSQL - APACHE - TYPO3
With two ubuntu (8.04) machine: ubuntu-five and ubuntu-six.
On both boxes exists two pure partitions: /dev/sdb and /dev/sdc
Install these packages on both:
apt-get install heartbeat-2 drbd8-utils stonith mysql-server apache2
apt-get install typo3-base typo3-env
apt-get install php5 php5-cgi php5-mysql typo3-site-installer
Here is my /etc/drbd.conf:
resource testing { # name of resources for mysql database
protocol C;
on ubuntu-five { # first server hostname
device /dev/drbd0; # Name of DRBD device
disk /dev/sdb1; # Partition to use, which was created using fdisk
address 10.66.66.22:7788; # IP addres and port number used by drbd
meta-disk internal; # where to store metadata meta-data
}
on ubuntu-six { # second server hostname
device /dev/drbd0;
disk /dev/sdb1;
address 10.66.66.26:7788;
meta-disk internal;
}
disk {
on-io-error detach;
}
net {
max-buffers 2048;
ko-count 4;
}
syncer {
rate 10M;
al-extents 257;
}
startup {
wfc-timeout 0;
degr-wfc-timeout 120; # 2 minutos.
}
}
resource typo3 { # name of resources apache2 and typo3
protocol C;
on ubuntu-five { # first server hostname
device /dev/drbd1; # Name of DRBD device
disk /dev/sdc1; # Partition to use, which was created using fdisk
address 10.66.66.22:7789; # IP addres and port number used by drbd
meta-disk internal; # where to store metadata meta-data
}
on ubuntu-six { # second server hostname
device /dev/drbd1;
disk /dev/sdc1;
address 10.66.66.26:7789;
meta-disk internal;
}
disk {
on-io-error detach;
}
net {
max-buffers 2048;
ko-count 4;
}
syncer {
rate 10M;
al-extents 257;
}
startup {
wfc-timeout 0;
degr-wfc-timeout 120; # 2 minutos.
}
}
Here is my /etc/ha.d/ha.cf:
logfile /var/log/ha-log
keepalive 2
deadtime 30
udpport 695
bcast eth0
auto_failback off
stonith_host ubuntu-five meatware ubuntu-six
stonith_host ubuntu-six meatware ubuntu-five
node ubuntu-six ubuntu-five
and the /etc/ha.d/haresources:
ubuntu-five IPaddr::10.66.66.74/24/eth0\
drbddisk::testing Filesystem::/dev/drbd0::/var/lib/mysql::ext3\
drbddisk::typo3 Filesystem::/dev/drbd1::/data::ext3 mysql apache2
First make new Partitions on sdb and sdc on both boxes:
fdsik /dev/sdb
> n
> p
> 1
> enter
> enter
> w
fdsik /dev/sdc
> n
> p
> 1
> enter
> enter
> w
make drbd with these commands on both boxes:
drbdadm create-md testing
#mkfs.ext3 /dev/drbd0
drbdadm create-md typo3
(#mkfs.ext3 /dev/drbd1)
On ubuntu-five run:
drbdadm -- --overwrite-data-of-peer primary all
drbdadm connect all
On ubuntu-six run:
drbdadm -- --overwrite-data-of-peer secondary all
drbdadm connect all
Wait until new DRBD drive to syncing.
Now start ubutnu-six after the ubuntu-five completely came up.
End :)
On both boxes exists two pure partitions: /dev/sdb and /dev/sdc
Install these packages on both:
apt-get install heartbeat-2 drbd8-utils stonith mysql-server apache2
apt-get install typo3-base typo3-env
apt-get install php5 php5-cgi php5-mysql typo3-site-installer
Here is my /etc/drbd.conf:
resource testing { # name of resources for mysql database
protocol C;
on ubuntu-five { # first server hostname
device /dev/drbd0; # Name of DRBD device
disk /dev/sdb1; # Partition to use, which was created using fdisk
address 10.66.66.22:7788; # IP addres and port number used by drbd
meta-disk internal; # where to store metadata meta-data
}
on ubuntu-six { # second server hostname
device /dev/drbd0;
disk /dev/sdb1;
address 10.66.66.26:7788;
meta-disk internal;
}
disk {
on-io-error detach;
}
net {
max-buffers 2048;
ko-count 4;
}
syncer {
rate 10M;
al-extents 257;
}
startup {
wfc-timeout 0;
degr-wfc-timeout 120; # 2 minutos.
}
}
resource typo3 { # name of resources apache2 and typo3
protocol C;
on ubuntu-five { # first server hostname
device /dev/drbd1; # Name of DRBD device
disk /dev/sdc1; # Partition to use, which was created using fdisk
address 10.66.66.22:7789; # IP addres and port number used by drbd
meta-disk internal; # where to store metadata meta-data
}
on ubuntu-six { # second server hostname
device /dev/drbd1;
disk /dev/sdc1;
address 10.66.66.26:7789;
meta-disk internal;
}
disk {
on-io-error detach;
}
net {
max-buffers 2048;
ko-count 4;
}
syncer {
rate 10M;
al-extents 257;
}
startup {
wfc-timeout 0;
degr-wfc-timeout 120; # 2 minutos.
}
}
Here is my /etc/ha.d/ha.cf:
logfile /var/log/ha-log
keepalive 2
deadtime 30
udpport 695
bcast eth0
auto_failback off
stonith_host ubuntu-five meatware ubuntu-six
stonith_host ubuntu-six meatware ubuntu-five
node ubuntu-six ubuntu-five
and the /etc/ha.d/haresources:
ubuntu-five IPaddr::10.66.66.74/24/eth0\
drbddisk::testing Filesystem::/dev/drbd0::/var/lib/mysql::ext3\
drbddisk::typo3 Filesystem::/dev/drbd1::/data::ext3 mysql apache2
First make new Partitions on sdb and sdc on both boxes:
fdsik /dev/sdb
> n
> p
> 1
> enter
> enter
> w
fdsik /dev/sdc
> n
> p
> 1
> enter
> enter
> w
make drbd with these commands on both boxes:
drbdadm create-md testing
#mkfs.ext3 /dev/drbd0
drbdadm create-md typo3
(#mkfs.ext3 /dev/drbd1)
On ubuntu-five run:
drbdadm -- --overwrite-data-of-peer primary all
drbdadm connect all
On ubuntu-six run:
drbdadm -- --overwrite-data-of-peer secondary all
drbdadm connect all
Wait until new DRBD drive to syncing.
Move the mysql data files and test mounting on ubuntu-five:
/etc/init.d/mysql stop
mv /var/lib/mysql /var/lib/mysql.org
mkdir /var/lib/mysql
mount /dev/drbd0 /var/lib/mysql
mv /var/lib/mysql.org/* /var/lib/mysql/
chown -R mysql:mysql /var/lib/mysql
/etc/init.d/mysql start
On ubuntu-six do:
/etc/init.d/mysql stop
mv /var/lib/mysql /var/lib/mysql.org
Now start ubutnu-six after the ubuntu-five completely came up.
End :)
Thursday, August 14, 2008
Cloning typo3 Site
Copy the apache folder (/var/www/... or /var/srv/... to destination).
Make links for typo3 folders.
Backup database in source:
Make links for typo3 folders.
Backup database in source:
mysqldump -u {user} -p {databasename} > typo3_db.sql
Copy the file typo3_db.sql to destination.
Build new database in destination:
mysql -u root -p
mysql> grant all privileges on {datenbankname}.* \
to {username}@localhost identified by '{passwort}';
mysql> quit ;
mysql -u {username} -p
mysql> create database {databasename};
mysql> quit ;
mysql -u {username} -p {databaseame} < typo3_db.sql
Monday, August 11, 2008
Ubuntu - Change eth0 to eth1
Edit this file:
vim /etc/udev/rules.d/70-persistent-net.rules
# PCI device 0x1022:0x2000 (pcnet32)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:bf:c8:1b", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
# PCI device 0x1022:0x2000 (pcnet32)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:bf:c8:1b", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"
delete eth0 line, and change eth1 line to eth0:
vim /etc/udev/rules.d/70-persistent-net.rules
# PCI device 0x1022:0x2000 (pcnet32)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:bf:c8:1b", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
# PCI device 0x1022:0x2000 (pcnet32)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:bf:c8:1b", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"
delete eth0 line, and change eth1 line to eth0:
Tuesday, August 5, 2008
MySQL Clustering - Master / Slave
We will need two Ubuntu Servers.
for example:
hostname: IP
--------------------------------------
ubuntu-one: 10.66.66.36
ubuntu-two: 10.66.66.29
for example:
hostname: IP
--------------------------------------
ubuntu-one: 10.66.66.36
ubuntu-two: 10.66.66.29
To begin with we'll install and configure MySQL for normal use on each of the boxes.
sudo apt-get install mysql-server --yesSet a strong MySQL root password and wait for the packages to download and install, then edit /etc/mysql/my.cnf to make MySQL listen on all IP addresses.
bind-address = 0.0.0.0Now restart MySQL and fire up the MySQL command-line client to check all is good.
sudo /etc/init.d/mysql restart
mysql -u root -p
Enter password: [enter the MySQL root password you chose earlier]
mysql> If you got the mysql> prompt then MySQL is running. Try connecting to the other node across the network to see if the firewall is opened and MySQL is listening on the network interface.
From ubuntu-one run:
mysql -h ubuntu-two -u root -p
Enter password: [enter the MySQL root password you chose earlier]
ERROR 1130 (00000): Host 'db-01' is not allowed to connect to this MySQL serverThe first thing we want to do is setup a simple master-slave
replication to see that it's possible to replicate data from one
database host to the other. This requires a binary log so tell MySQL on
ubuntu-one to keep one. Edit /etc/mysql/my.cnf and set the following values under the replication section:server-id = 1
log_bin = /var/log/mysql/mysql-bin.log
expire_logs_days = 10
max_binlog_size = 100M
binlog_do_db = my_application <=== Database to replicate
binlog_ignore_db = mysql<=== Database to ignorebinlog_ignore_db = test<=== Database to ignoreOn ubuntu-one grant\
replication slave rights to ubuntu-two.
Changesome_passwordto a real, strong password.
Afterwards, make sure you restart MySQL.mysql -u root -p
Enter password: [enter the MySQL root password you chose earlier]
mysql> grant replication slave on *.* to 'replication'@'ubuntu-two' identified by 'some_password';
sudo /etc/init.d/mysql restart
Jump on to ubuntu-two and set it up to replicate data from ubuntu-one by editing /etc/mysql/my.cnf, again replacing the hostname, username and password with the values for ubuntu-one.
server-id = 2
master-host = ubuntu-one
master-user = replication
master-password = some_password
master-port = 3306One way replication should now be setup. Restart MySQL and check the
status of the slave on ubuntu-two. If the Slave_IO_State is "Waiting for
master to send event" then you've been successful.# Run this on ubuntu-two only
sudo /etc/init.d/mysql restart
mysql -u root -p
Enter password: [enter the MySQL root password you chose earlier]
mysql> show slave status ;
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event
Master_Host: 193.219.108.241
Master_User: replication
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: mysql-bin.000005
Read_Master_Log_Pos: 98
Relay_Log_File: mysqld-relay-bin.000004
Relay_Log_Pos: 235
Relay_Master_Log_File: mysql-bin.000005
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
Replicate_Do_DB:
Replicate_Ignore_DB:
Replicate_Do_Table:
Replicate_Ignore_Table:
Replicate_Wild_Do_Table:
Replicate_Wild_Ignore_Table:
Last_Errno: 0
Last_Error:
Skip_Counter: 0
Exec_Master_Log_Pos: 98
Relay_Log_Space: 235
Until_Condition: None
Until_Log_File:
Until_Log_Pos: 0
Master_SSL_Allowed: No
Master_SSL_CA_File:
Master_SSL_CA_Path:
Master_SSL_Cert:
Master_SSL_Cipher:
Master_SSL_Key:
Seconds_Behind_Master: 0
Monday, July 21, 2008
Change IP in SUSE
Change the content of this file:
/etc/sysconfig/network/ifcfg-(yourdevicename)
Example:
BOOTPROTO='static'
BROADCAST=''
IPADDR='192.168.1.65'
MTU=''
NAME='Intel PRO/1000 T Server Adapter'
NETMASK='255.255.255.0'
NETWORK=''
REMOTE_IPADDR=''
STARTMODE='auto'
UNIQUE='JNkJ.yxXKhRPGaBB'
USERCONTROL='no'
_nm_name='bus-pci-0000:00:09.0'
PREFIXLEN=''
See this file for more descriptions:
/etc/sysconfig/network/ifcfg.template
/etc/sysconfig/network/ifcfg-(yourdevicename)
Example:
BOOTPROTO='static'
BROADCAST=''
IPADDR='192.168.1.65'
MTU=''
NAME='Intel PRO/1000 T Server Adapter'
NETMASK='255.255.255.0'
NETWORK=''
REMOTE_IPADDR=''
STARTMODE='auto'
UNIQUE='JNkJ.yxXKhRPGaBB'
USERCONTROL='no'
_nm_name='bus-pci-0000:00:09.0'
PREFIXLEN=''
See this file for more descriptions:
/etc/sysconfig/network/ifcfg.template
Friday, July 18, 2008
Connect Outlook to Exchange over the Internet
Click Start, and then click Control Panel.
Click on Show Profiles.
- If you are viewing Control Panel in the default Category view, switch to Classic view, and then double-click Mail.
- If you are viewing Control Panel in Classic view, double-click Mail.
Click on Show Profiles.
- If you already have a profile:
- Highlight the profile you wish to use and click Properties.
- Click on E-mail Accounts.
- Make sure that the E-mail tab is selected, click New.
- Choose Microsoft Exchange, POP3, IMAP, or HTTP and click Next.
- If you do not have a profile:
- You will be prompted to create a profile, name it anything you would like.
- Click Manually configure server settings or additiona server types.
- In the Microsoft Exchange Server box, type the local name of the Exchange server:
be01.hosting01.fpweb.net - In the User Name box, type the full email address of the user. Do not click Check Name.
- In the Exchange Server settings page, click More Settings.
- You may get an error message that the name could not be found. Ignore the error and continue.
- Click Cancel in the next window.
- On the Connection tab, under Exchange over the Internet, select Connect to my Exchange mailbox using HTTP, and then click Exchange Proxy Settings. The Exchange Proxy Settings dialog box appears.
- Under Use this URL to connect to my proxy server for Exchange, type the following URL:
webmail.hosting01.fpweb.net - Select Connect using SSL only.
- Select On fast networks, connect using HTTP first, then connect using TCP/IP. Make sure On slow networks, connect using HTTP first, then connect using TCP/IP is selected.
- Under Proxy authentication settings, select Basic Authentication.
- Click OK, and then click OK again. Click Next, and then click Finish.
Friday, July 11, 2008
VmWare Server not starting after boot on my Ubuntu
I actually found out that this failure was actually due to an older installation of vmware-player. Even though I removed it at the time, vmware-player left /etc/init.d/vmware-player to start on boot up :s.... and as a result, messed everything up.
To sort this out, you need to remove vmware-player service simply run: sudo update-rc.d -f vmware-player remove
Don't forget to remove /etc/vmware/not_configured, if it is still there, before you reboot.
Friday, July 4, 2008
Thursday, June 26, 2008
Check Public IP from Command Line
run this command:
wget -q -O - checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<.*$//'
that's all!
wget -q -O - checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<.*$//'
that's all!
Wednesday, June 25, 2008
Remember Password for Map Network Drive
Create a Batch file with this line:
net use DRIVE: \\SERVERNAME\FOLDERNAME PASSWORD /user:USERNAME /persistent:yes
then put this file into startup!!
net use DRIVE: \\SERVERNAME\FOLDERNAME PASSWORD /user:USERNAME /persistent:yes
then put this file into startup!!
Wednesday, June 18, 2008
Enable M Drive in Exchange Server
You need to add a string value called DriveLetter, with a value of M, into the following location:
HKLM\System\CurrentControlSet\Services\ExIFS\Parameters
and change the Value of EnableMDLReads to 1.
Obviously, the value M means that drive M: will be used. You can change this to be a different value if you desire.
If you do re-enable the ExIFS drive letter, be careful out there!
Monday, June 9, 2008
Disable the system beep through in Windows
Right click My Computer>>Properties
Select the Hardware tab, click Device Manager
Go to View>>Show Hidden Devices
Wednesday, May 21, 2008
Install OPENVPN on Ubuntu Hardy (8.04)
Download openvpn-2.1_rc7.tar.gz from:
http://www.openvpn.net/index.php/downloads.html.
install these packages:
apt-get install liblzo2-dev
apt-get install libssl-dev
unzip the openvpn package and runs:
./configure
make
make install
With this error:
" Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)"
run these commands:
mknod /dev/net/tun c 10 200
modprobe tun
http://www.openvpn.net/index.php/downloads.html.
install these packages:
apt-get install liblzo2-dev
apt-get install libssl-dev
unzip the openvpn package and runs:
./configure
make
make install
With this error:
" Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)"
run these commands:
mknod /dev/net/tun c 10 200
modprobe tun
Tuesday, April 29, 2008
Mount ntfs external Hard disk in Ubuntu
mount -t ntfs-3g /dev/sdxx /folder -o force
folder is a folder in Ubuntu
/dev/sdxx is the attached device (look dmesg)
folder is a folder in Ubuntu
/dev/sdxx is the attached device (look dmesg)
Friday, April 25, 2008
Bacula Client - iptables
iptables -A INPUT -p tcp --dport 9102 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 9103 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 9103 -j ACCEPT
Thursday, April 24, 2008
Install Asus Onboard LAN in Ubuntu
Download the proper Driver:
http://atl1.sourceforge.net/
and unzip that.
install Linux-Headers:
apt-get install linux-headers-$(uname -r)
go to src folder of Driver:
make
make install
modprobe atl1
add eth1 to /etc/network/interface.
http://atl1.sourceforge.net/
and unzip that.
install Linux-Headers:
apt-get install linux-headers-$(uname -r)
go to src folder of Driver:
make
make install
modprobe atl1
add eth1 to /etc/network/interface.
Wednesday, April 16, 2008
OpenVPN with Dynamic IP
Create an account on DYNDNS.
Register a new Domain, for example: mytest.ath.cx
On Router define the Dynamic DNS with information above.
Put a free port for OpenVPN on Router: for example 1194
Install OpenVPN and ddclient on Server.
On OpenVPN Client's Config file put this line:
remote mytest.ath.cx 1194
Register a new Domain, for example: mytest.ath.cx
On Router define the Dynamic DNS with information above.
Put a free port for OpenVPN on Router: for example 1194
Install OpenVPN and ddclient on Server.
On OpenVPN Client's Config file put this line:
remote mytest.ath.cx 1194
Friday, April 11, 2008
Ubuntu - Share windows
Share the Folder in windows.
run this command on Ubuntu:
echo 0 > /proc/fs/cifs/LinuxExtensionsEnabled
Mount the share in Ubuntu:
mount -t cifs //win.ip.no.here/ShareName /Floder-in-Ubuntu -o username=administrator,password=password-for-admin,
uid=1000,umask=000
Mount permanently by add this line into /etc/fstab:
//win.ip.no.here/ShareName /Folder-in-ubumntu smbfs auto,username=Administrator,password=password 0 0
run this command on Ubuntu:
echo 0 > /proc/fs/cifs/LinuxExtensionsEnabled
Mount the share in Ubuntu:
mount -t cifs //win.ip.no.here/ShareName /Floder-in-Ubuntu -o username=administrator,password=password-for-admin,
uid=1000,umask=000
Mount permanently by add this line into /etc/fstab:
//win.ip.no.here/ShareName /Folder-in-ubumntu smbfs auto,username=Administrator,password=password 0 0
Thursday, April 10, 2008
Windows File Synchronization
Dimio's Site:
http://dimio.altervista.org/eng/
Dimio's Tools:
Dshutdown:
http://dimio.altervista.org/stats/download.php?id=2
DSynchronize:
http://dimio.altervista.org/stats/download.php?id=3
http://dimio.altervista.org/eng/
Dimio's Tools:
Dshutdown:
http://dimio.altervista.org/stats/download.php?id=2
DSynchronize:
http://dimio.altervista.org/stats/download.php?id=3
Tuesday, April 8, 2008
Dynamic and Static IP in Ubuntu
Edit the following file:
for Static IP:
/etc/network/interfacesfor Dynamic IP:
auto eth0
iface eth0 inet dhcp
for Static IP:
auto eth0
iface eth0 inet static
address 192.168.0.100
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
Monday, March 31, 2008
Remote access via ssh without Password
On the Client, at the /root/.ssh/, run the following command to build keys:
ssh-keygen -t rsa
that builds two files:
id_rsa.pub and id_rsa
Copy id_rsa.pub to Remote Computer:
scp id_rsa.pub root@ip.for.remote.computer:/root/.ssh/
Then execute this command on Remote:
cat id_rsa.pub >> authorized_keys
and:
chmod 644 authorized_keys
ssh-keygen -t rsa
that builds two files:
id_rsa.pub and id_rsa
Copy id_rsa.pub to Remote Computer:
scp id_rsa.pub root@ip.for.remote.computer:/root/.ssh/
Then execute this command on Remote:
cat id_rsa.pub >> authorized_keys
and:
chmod 644 authorized_keys
Tuesday, March 25, 2008
Open port in SuSE
edit /etc/sysconfig/SuSEfirewall2,
change this line:
#FW_TRUSTED_NETS="local.netzwork.ip.no,tcp,portno"
the restart Firewall service:
SuSEfirewall2 start
change this line:
#FW_TRUSTED_NETS="local.netzwork.ip.no,tcp,portno"
the restart Firewall service:
SuSEfirewall2 start
Thursday, March 20, 2008
Sharing Samba Printer with Windows Clients
Connect printer to Samba server.
Add printer in SMB.CONF:
[printers]
comment = Alle Drucker
path = /var/spool/samba
browseable = no
public = yes
guest ok = yes
writeable = no
printable = yes
printer admin = root, @ntadmins
restart samba service.
Edit the file:
/etc/cups/cupsd.conf
and change the following part:
# Show shared printers on the local network.
Browsing On
BrowseOrder allow,deny
BrowseAllow @LOCAL, @users
BrowseAddress @LOCAL
@users is nt users group map
sudo /etc/init.d/cupsys restart
Now Windows clients can see the printer.
Add printer in SMB.CONF:
[printers]
comment = Alle Drucker
path = /var/spool/samba
browseable = no
public = yes
guest ok = yes
writeable = no
printable = yes
printer admin = root, @ntadmins
restart samba service.
Edit the file:
/etc/cups/cupsd.conf
and change the following part:
# Show shared printers on the local network.
Browsing On
BrowseOrder allow,deny
BrowseAllow @LOCAL, @users
BrowseAddress @LOCAL
@users is nt users group map
sudo /etc/init.d/cupsys restart
Now Windows clients can see the printer.
Wednesday, March 19, 2008
Restore ACL or copy file with ACLs
First copy the ACLs:
getfacl --omit-header /your/file/or/directory /here > file.txt
this command store the current ACLs in file.txt.
Then run:
setfacl -M file.txt /your/file/or/directory/here
this command sets the ACLs same as the stroed file.
To copy the file or directory while preserving ACLs, use the -p or -a command option (-R means recursive and that means with all subdirectories):
copy -R -p /your/source/dir your/teraget/dir
or
copy -R -a /your/source/dir your/teraget/dir
To copy files with ACLs from one computer to another use RSYNC:
rsync -avrzA /source/dir user@target.host.address.or.IP:/target/dir
-A parameter means: preserve ACLs (implies -p).
-a: Archive
-r: Recursive
-v: Verbose
-z: compress during copy
getfacl --omit-header /your/file/or/directory /here > file.txt
this command store the current ACLs in file.txt.
Then run:
setfacl -M file.txt /your/file/or/directory/here
this command sets the ACLs same as the stroed file.
To copy the file or directory while preserving ACLs, use the -p or -a command option (-R means recursive and that means with all subdirectories):
copy -R -p /your/source/dir your/teraget/dir
or
copy -R -a /your/source/dir your/teraget/dir
To copy files with ACLs from one computer to another use RSYNC:
rsync -avrzA /source/dir user@target.host.address.or.IP:/target/dir
-A parameter means: preserve ACLs (implies -p).
-a: Archive
-r: Recursive
-v: Verbose
-z: compress during copy
Tuesday, March 18, 2008
Opening Port in SME Server
Install the following package:
rpm -Uvh http://sme.swerts-knudsen.dk/downloads/dmc-mitel-portopening-0.0.1-4.noarch.rpm
then run:
and restart the server.
In server-manager -> Configuration menu you can see Port Opening.
rpm -Uvh http://sme.swerts-knudsen.dk/downloads/dmc-mitel-portopening-0.0.1-4.noarch.rpm
then run:
/etc/e-smith/events/actions/navigation-confand restart the server.
In server-manager -> Configuration menu you can see Port Opening.
Friday, March 14, 2008
Install OPENVPN Client on SME Server
mkdir /etc/openvpn
cd /etc/openvpn
wget http://sme.swerts-knudsen.com/downloads/OpenVPN/SME7/lzo-1.08-4.2.el4.rf.i386.rpm
wget http://sme.swerts-knudsen.com/downloads/OpenVPN/SME7/openvpn-2.0.2-1.2.el4.rf.i386.rpm
wget http://sme.swerts-knudsen.com/downloads/OpenVPN/smeserver-openvpn-0.0.1-2.noarch.rpm
config set openvpn service status enabled access public UDPPort 1194
signal-event remoteaccess-update
Start the OPENVPN service:
service openvpn start
cd /etc/openvpn
wget http://sme.swerts-knudsen.com/downloads/OpenVPN/SME7/lzo-1.08-4.2.el4.rf.i386.rpm
wget http://sme.swerts-knudsen.com/downloads/OpenVPN/SME7/openvpn-2.0.2-1.2.el4.rf.i386.rpm
wget http://sme.swerts-knudsen.com/downloads/OpenVPN/smeserver-openvpn-0.0.1-2.noarch.rpm
rpm -Uvh *.rpm
config set openvpn service status enabled access public UDPPort 1194
signal-event remoteaccess-update
Build keys on server and copy them into /etc/openvpn/keys
Start the OPENVPN service:
service openvpn start
Thursday, March 13, 2008
Wednesday, March 12, 2008
Install Bacula BWEB
Go to bweb under bacula-gui-xxx directory,
cd /var/www/bacula-gui-2.2.8/bweb
run:
perl Makefile.PL
make install
mkdir -m 755 /usr/lib/cgi-bin/bweb
install -m 755 -o root -g root bweb/cgi/*.pl /usr/lib/cgi-bin/bweb
chown www-data /etc/bacula/bweb.conf
mkdir -p /usr/share/bweb/tpl
install -m 644 -o root -g root bweb/tpl/*.tpl /usr/share/bweb/tpl
mkdir /var/www/bweb
install -m 644 -o root -g root bweb/html/*.{js,png,css,gif,ico,html} /var/www/bweb
download the font and copy to /root folder:
wget http://trac.mapnik.org/browser/trunk/fonts/
dejavu-ttf-2.14/DejaVuSerif.ttf?format=raw]
go to:
http://your-server/cgi-bin/bweb/bweb.pl
and config the bweb as follow:
DBI => DBI:mysql:database=bacula;host=localhost;port=3306
user => bacula
password =>
email => your@email
graph_font => /root/DejaVuSerif.ttf
save the configuration and enjoy bweb!!
cd /var/www/bacula-gui-2.2.8/bweb
run:
perl Makefile.PL
make install
mkdir -m 755 /usr/lib/cgi-bin/bweb
install -m 755 -o root -g root bweb/cgi/*.pl /usr/lib/cgi-bin/bweb
chown www-data /etc/bacula/bweb.conf
mkdir -p /usr/share/bweb/tpl
install -m 644 -o root -g root bweb/tpl/*.tpl /usr/share/bweb/tpl
mkdir /var/www/bweb
install -m 644 -o root -g root bweb/html/*.{js,png,css,gif,ico,html} /var/www/bweb
download the font and copy to /root folder:
wget http://trac.mapnik.org/browser/trunk/fonts/
dejavu-ttf-2.14/DejaVuSerif.ttf?format=raw]
go to:
http://your-server/cgi-bin/bweb/bweb.pl
and config the bweb as follow:
DBI => DBI:mysql:database=bacula;host=localhost;port=3306
user => bacula
password =>
email => your@email
graph_font => /root/DejaVuSerif.ttf
save the configuration and enjoy bweb!!
Tuesday, March 11, 2008
Install Bacula-Web
Install following packages:
apt-get install apache2 php5 gettext php5-gd php-db php5-mysql
download last version of bacula-gui.xxxx.gz and unzip it in:
/var/www
move bacula-web folder in bacula-gui-xxx folder to /var/www
change bacula.conf in bacula-web:
* When bacula user has not password in mysql, change this line:
pass =
to :
# pass =
We need to enable gd and mysql modules:
add or uncomment the following lines in /etc/php5/apache2/php.ini:
extension=mysql.so
extension=gd.so
Give the write access to the required config file:
chmod 777 -R /var/www/bacula-web/templates_c
restart apache server:
/etc/init.d/apache2 restart
Enjoy Bacula-Web!!
apt-get install apache2 php5 gettext php5-gd php-db php5-mysql
download last version of bacula-gui.xxxx.gz and unzip it in:
/var/www
move bacula-web folder in bacula-gui-xxx folder to /var/www
change bacula.conf in bacula-web:
* When bacula user has not password in mysql, change this line:
pass =
to :
# pass =
We need to enable gd and mysql modules:
add or uncomment the following lines in /etc/php5/apache2/php.ini:
extension=mysql.so
extension=gd.so
Give the write access to the required config file:
chmod 777 -R /var/www/bacula-web/templates_c
restart apache server:
/etc/init.d/apache2 restart
Enjoy Bacula-Web!!
Monday, March 10, 2008
OpenVPN - Clients's Static IP
In server.conf add this line:
In directory /etc/openvpn/ccd has files named with the CN of the cert for each client, e.g. for gull.riseup.net, create a file gull.riseup.net, containing something like this:
client-config-dir /etc/openvpn/ccd In directory /etc/openvpn/ccd has files named with the CN of the cert for each client, e.g. for gull.riseup.net, create a file gull.riseup.net, containing something like this:
for Windows Clients:
#ifconfig-push clientIP serverIP
ifconfig-push 10.8.0.3 10.8.0.1
for Ubuntu Clients:
#ifconfig-push clientIP Netmask
ifconfig-push 10.8.0.3 255.255.255.0
Restart OpenVPN Server and Client services.
Friday, February 29, 2008
Configuration Bacula BAT in Ubuntu
Run in .../bacula-2.2.8/src/qt-console this file:
./build-depkgs-qt-console
then run in same directory:
make
Download qwt package for ubuntu:
qwt_5.0.1.orig.tar.gz
Unzip that and then under qwt-5.0.1.orig/qwt-5.0.1:
qmake
make
make install
add this line in user profile:
(for example for a user nemed UBUNTU => /home/ubuntu/.profile)
export LD_LIBRARY_PATH=/usr/local/qwt/lib:$LD_LIBRARY_PATH
Configure Bacula with option:
--with-qwt=/usr/local/qwt
--enable-bat
Copy BAT directory in /etc/bacula/:
cp -R /.../bacula-2.2.5/qt-console/ /etc/bacula/
/etc/bacula/qt-console/bat -c /etc/bacula/bconsole.conf
./build-depkgs-qt-console
then run in same directory:
make
Download qwt package for ubuntu:
qwt_5.0.1.orig.tar.gz
Unzip that and then under qwt-5.0.1.orig/qwt-5.0.1:
qmake
make
make install
add this line in user profile:
(for example for a user nemed UBUNTU => /home/ubuntu/.profile)
export LD_LIBRARY_PATH=/usr/local/qwt/lib:$LD_LIBRARY_PATH
Configure Bacula with option:
--with-qwt=/usr/local/qwt
--enable-bat
Copy BAT directory in /etc/bacula/:
cp -R /.../bacula-2.2.5/qt-console/ /etc/bacula/
Start BAT:
/etc/bacula/qt-console/bat -c /etc/bacula/bconsole.conf
Thursday, February 28, 2008
Bacula Configurations
Server configs:
bconsole.conf:
Director {
Name = ubuntu-dir
DIRport = 9101
address = your.ip.is.here
Password = "pUypIMLMok5sn0W4nFHi9n6fAi2LTFBBqrOwxsMOPF5C"
}
bacula-dir.conf:
Director { # define myself
Name = ubuntu-dir
DIRport = 9101 # where we listen for UA connections
QueryFile = "/etc/bacula/query.sql"
WorkingDirectory = "/var/bacula/working"
PidDirectory = "/var/run"
Maximum Concurrent Jobs = 1
Password = "pUypIMLMok5sn0W4nFHi9n6fAi2LTFBBqrOwxsMOPF5C"
Messages = Daemon
}
JobDefs {
Name = "DefaultJob"
Type = Backup
Level = Incremental
Client = ubuntu-fd
FileSet = "Full Set"
Schedule = "WeeklyCycle"
Storage = File
Messages = Standard
Pool = Default
Priority = 10
}
Job {
Name = "Client1"
JobDefs = "DefaultJob"
Write Bootstrap = "/var/bacula/working/Client1.bsr"
}
# Backup the catalog database (after the nightly save)
Job {
Name = "BackupCatalog"
JobDefs = "DefaultJob"
Level = Full
FileSet="Catalog"
Schedule = "WeeklyCycleAfterBackup"
# This creates an ASCII copy of the catalog
RunBeforeJob = "/etc/bacula/make_catalog_backup bacula bacula"
# This deletes the copy of the catalog
RunAfterJob = "/etc/bacula/delete_catalog_backup"
Write Bootstrap = "/var/bacula/working/BackupCatalog.bsr"
Priority = 11 # run after main backup
}
Job {
Name = "RestoreFiles"
Type = Restore
Client=ubuntu-fd
FileSet="Full Set"
Storage = File
Pool = Default
Messages = Standard
Where = /bacula-restores
}
FileSet {
Name = "Full Set"
Include {
Options {
signature = MD5
}
File = /home/
}
Exclude {
File = /proc
File = /tmp
File = /.journal
File = /.fsck
}
}
Schedule {
Name = "WeeklyCycle"
Run = Full 1st sun at 23:05
Run = Differential 2nd-5th sun at 23:05
Run = Incremental mon-sat at 23:05
}
Schedule {
Name = "WeeklyCycleAfterBackup"
Run = Full sun-sat at 23:10
}
FileSet {
Name = "Catalog"
Include {
Options {
signature = MD5
}
File = /var/bacula/working/bacula.sql
}
}
# Client (File Services) to backup. This Client is in server!!
Client {
Name = ubuntu-fd
Address = 10.66.66.31
FDPort = 9102
Catalog = MyCatalog
Password = "iBtT8iPwJUvgQDzx9NXYCgqpYqVJSZpfJaSPys2OFaUO" # password for FileDaemon
File Retention = 30 days # 30 days
Job Retention = 6 months # six months
AutoPrune = yes # Prune expired Jobs/Files
}
# Definition of file storage device
Storage {
Name = File
# Do not use "localhost" here
Address = 10.66.66.31 # N.B. Use a fully qualified name here
SDPort = 9103
Password = "GXbfLMxsWxQbhCQyYW5IZoDEISB/VEq6fdmNgR4AaTQh"
Device = FileStorage
Media Type = File
}
# Generic catalog service
Catalog {
Name = MyCatalog
dbname = bacula; user = bacula; password = ""
}
# Reasonable message delivery -- send most everything to email address
# and to the console
Messages {
Name = Standard
mailcommand = "/sbin/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula: %t %e of %c %l\" %r"
operatorcommand = "/sbin/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula: Intervention needed for %j\" %r"
mail = root@localhost = all, !skipped
operator = root@localhost = mount
console = all, !skipped, !saved
append = "/var/bacula/working/log" = all, !skipped
}
# Message delivery for daemon messages (no job).
Messages {
Name = Daemon
mailcommand = "/sbin/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula daemon message\" %r"
mail = root@localhost = all, !skipped
console = all, !skipped, !saved
append = "/var/bacula/working/log" = all, !skipped
}
# Default pool definition
Pool {
Name = Default
Pool Type = Backup
Recycle = yes # Bacula can automatically recycle Volumes
AutoPrune = yes # Prune expired volumes
Volume Retention = 365 days # one year
}
# Scratch pool definition
Pool {
Name = Scratch
Pool Type = Backup
}Console {
Name = ubuntu-mon
Password = "sHa1X/38oyCYM/oGkjW/WL4yY/fQF2vie/1dSm9HuuvD"
CommandACL = status, .status
}
#Ubuntu Client
Job {
Name = "Aspirin"
Type = Backup
Client = aspirin-fd
FileSet = "Full Set"
Schedule = "WeeklyCycle"
Storage = File
Messages = Standard
Pool = Default
Write Bootstrap = "/var/bacula/working/aspirin.bsr"
}
# Client (File Services) to backup
Client {
Name = aspirin-fd
Address = 10.66.66.41
FDPort = 9102
Catalog = MyCatalog
Password = "iBtT8iPwJUvgQDzx9NXYCgqpYqVJSZpfJaSPys2OFaUO" # password for
File Retention = 30d # 30 days
Job Retention = 180d # six months
AutoPrune = yes # Prune expired Jobs/Files
}
#Windows Client
Job {
Name = WinClient
Type = Backup
Client = winclient-fd
FileSet = WindowsFileSet
Schedule = WeeklyCycle
Storage = File
Messages = Standard
Pool = Default
Write Bootstrap = "/var/bacula/working/winclient.bsr"
}
# Client (File Services) to backup
Client {
Name = winclient-fd
Address = 10.66.66.50
FDPort = 9102
Catalog = MyCatalog
Password = "iBtT8iPwJUvgQDzx9NXYCgqpYqVJSZpfJaSPys2OFaUO"
File Retention = 30d # 30 days
Job Retention = 180d # six months
AutoPrune = yes # Prune expired Jobs/Files
}
#File set for WINDOWS
FileSet {
Name = WindowsFileSet
Enable VSS = yes
Include {
File = c:/programme/openvpn/config
Options {
}
}
}
bacula-sd.conf:
Storage { # definition of myself
Name = ubuntu-sd
SDPort = 9103 # Director's port
WorkingDirectory = "/var/bacula/working"
Pid Directory = "/var/run"
Maximum Concurrent Jobs = 20
}
Director {
Name = ubuntu-dir
Password = "GXbfLMxsWxQbhCQyYW5IZoDEISB/VEq6fdmNgR4AaTQh"
}
Director {
Name = ubuntu-mon
Password = "oazZu/8Zt0VL8W8SmfmdOAfp1fZcalzKgLyFXP8tCIQQ"
Monitor = yes
}
Device {
Name = FileStorage
Media Type = File
Archive Device = /backup #Target Directory or Device
LabelMedia = yes; # lets Bacula label unlabeled media
Random Access = Yes;
AutomaticMount = yes; # when device opened, read it
RemovableMedia = no;
AlwaysOpen = no;
}
Messages {
Name = Standard
director = ubuntu-dir = all
}
###########################
Configuration for windows Client:
bacula-fd.conf:
FileDaemon { # this is me
Name = winclient-fd
FDport = 9102 # where we listen for the director
WorkingDirectory = "C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Bacula\\Work"
Pid Directory = "C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Bacula\\Work"
Maximum Concurrent Jobs = 2
}
#
# List Directors who are permitted to contact this File daemon
#
Director {
Name = ubuntu-dir
Password = "iBtT8iPwJUvgQDzx9NXYCgqpYqVJSZpfJaSPys2OFaUO"
}
# Send all messages except skipped files back to Director
Messages {
Name = Standard
director = ubuntu-dir = all, !skipped, !restored
}
#######################
Configuration for Ubuntu Client:
bacula-fd.conf:
# List Directors who are permitted to contact this File daemon
#
Director {
Name = ubuntu-dir
Password = "iBtT8iPwJUvgQDzx9NXYCgqpYqVJSZpfJaSPys2OFaUO"
}
#
# "Global" File daemon configuration specifications
#
FileDaemon { # this is me
Name = aspirin-fd
FDport = 9102 # where we listen for the director
WorkingDirectory = /var/bacula/working
Pid Directory = /var/run
Maximum Concurrent Jobs = 20
}
# Send all messages except skipped files back to Director
Messages {
Name = Standard
director = ubuntu-dir = all, !skipped, !restored
}
bconsole.conf:
Director {
Name = ubuntu-dir
DIRport = 9101
address = your.ip.is.here
Password = "pUypIMLMok5sn0W4nFHi9n6fAi2LTFBBqrOwxsMOPF5C"
}
bacula-dir.conf:
Director { # define myself
Name = ubuntu-dir
DIRport = 9101 # where we listen for UA connections
QueryFile = "/etc/bacula/query.sql"
WorkingDirectory = "/var/bacula/working"
PidDirectory = "/var/run"
Maximum Concurrent Jobs = 1
Password = "pUypIMLMok5sn0W4nFHi9n6fAi2LTFBBqrOwxsMOPF5C"
Messages = Daemon
}
JobDefs {
Name = "DefaultJob"
Type = Backup
Level = Incremental
Client = ubuntu-fd
FileSet = "Full Set"
Schedule = "WeeklyCycle"
Storage = File
Messages = Standard
Pool = Default
Priority = 10
}
Job {
Name = "Client1"
JobDefs = "DefaultJob"
Write Bootstrap = "/var/bacula/working/Client1.bsr"
}
# Backup the catalog database (after the nightly save)
Job {
Name = "BackupCatalog"
JobDefs = "DefaultJob"
Level = Full
FileSet="Catalog"
Schedule = "WeeklyCycleAfterBackup"
# This creates an ASCII copy of the catalog
RunBeforeJob = "/etc/bacula/make_catalog_backup bacula bacula"
# This deletes the copy of the catalog
RunAfterJob = "/etc/bacula/delete_catalog_backup"
Write Bootstrap = "/var/bacula/working/BackupCatalog.bsr"
Priority = 11 # run after main backup
}
Job {
Name = "RestoreFiles"
Type = Restore
Client=ubuntu-fd
FileSet="Full Set"
Storage = File
Pool = Default
Messages = Standard
Where = /bacula-restores
}
FileSet {
Name = "Full Set"
Include {
Options {
signature = MD5
}
File = /home/
}
Exclude {
File = /proc
File = /tmp
File = /.journal
File = /.fsck
}
}
Schedule {
Name = "WeeklyCycle"
Run = Full 1st sun at 23:05
Run = Differential 2nd-5th sun at 23:05
Run = Incremental mon-sat at 23:05
}
Schedule {
Name = "WeeklyCycleAfterBackup"
Run = Full sun-sat at 23:10
}
FileSet {
Name = "Catalog"
Include {
Options {
signature = MD5
}
File = /var/bacula/working/bacula.sql
}
}
# Client (File Services) to backup. This Client is in server!!
Client {
Name = ubuntu-fd
Address = 10.66.66.31
FDPort = 9102
Catalog = MyCatalog
Password = "iBtT8iPwJUvgQDzx9NXYCgqpYqVJSZpfJaSPys2OFaUO" # password for FileDaemon
File Retention = 30 days # 30 days
Job Retention = 6 months # six months
AutoPrune = yes # Prune expired Jobs/Files
}
# Definition of file storage device
Storage {
Name = File
# Do not use "localhost" here
Address = 10.66.66.31 # N.B. Use a fully qualified name here
SDPort = 9103
Password = "GXbfLMxsWxQbhCQyYW5IZoDEISB/VEq6fdmNgR4AaTQh"
Device = FileStorage
Media Type = File
}
# Generic catalog service
Catalog {
Name = MyCatalog
dbname = bacula; user = bacula; password = ""
}
# Reasonable message delivery -- send most everything to email address
# and to the console
Messages {
Name = Standard
mailcommand = "/sbin/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula: %t %e of %c %l\" %r"
operatorcommand = "/sbin/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula: Intervention needed for %j\" %r"
mail = root@localhost = all, !skipped
operator = root@localhost = mount
console = all, !skipped, !saved
append = "/var/bacula/working/log" = all, !skipped
}
# Message delivery for daemon messages (no job).
Messages {
Name = Daemon
mailcommand = "/sbin/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula daemon message\" %r"
mail = root@localhost = all, !skipped
console = all, !skipped, !saved
append = "/var/bacula/working/log" = all, !skipped
}
# Default pool definition
Pool {
Name = Default
Pool Type = Backup
Recycle = yes # Bacula can automatically recycle Volumes
AutoPrune = yes # Prune expired volumes
Volume Retention = 365 days # one year
}
# Scratch pool definition
Pool {
Name = Scratch
Pool Type = Backup
}Console {
Name = ubuntu-mon
Password = "sHa1X/38oyCYM/oGkjW/WL4yY/fQF2vie/1dSm9HuuvD"
CommandACL = status, .status
}
#Ubuntu Client
Job {
Name = "Aspirin"
Type = Backup
Client = aspirin-fd
FileSet = "Full Set"
Schedule = "WeeklyCycle"
Storage = File
Messages = Standard
Pool = Default
Write Bootstrap = "/var/bacula/working/aspirin.bsr"
}
# Client (File Services) to backup
Client {
Name = aspirin-fd
Address = 10.66.66.41
FDPort = 9102
Catalog = MyCatalog
Password = "iBtT8iPwJUvgQDzx9NXYCgqpYqVJSZpfJaSPys2OFaUO" # password for
File Retention = 30d # 30 days
Job Retention = 180d # six months
AutoPrune = yes # Prune expired Jobs/Files
}
#Windows Client
Job {
Name = WinClient
Type = Backup
Client = winclient-fd
FileSet = WindowsFileSet
Schedule = WeeklyCycle
Storage = File
Messages = Standard
Pool = Default
Write Bootstrap = "/var/bacula/working/winclient.bsr"
}
# Client (File Services) to backup
Client {
Name = winclient-fd
Address = 10.66.66.50
FDPort = 9102
Catalog = MyCatalog
Password = "iBtT8iPwJUvgQDzx9NXYCgqpYqVJSZpfJaSPys2OFaUO"
File Retention = 30d # 30 days
Job Retention = 180d # six months
AutoPrune = yes # Prune expired Jobs/Files
}
#File set for WINDOWS
FileSet {
Name = WindowsFileSet
Enable VSS = yes
Include {
File = c:/programme/openvpn/config
Options {
}
}
}
bacula-sd.conf:
Storage { # definition of myself
Name = ubuntu-sd
SDPort = 9103 # Director's port
WorkingDirectory = "/var/bacula/working"
Pid Directory = "/var/run"
Maximum Concurrent Jobs = 20
}
Director {
Name = ubuntu-dir
Password = "GXbfLMxsWxQbhCQyYW5IZoDEISB/VEq6fdmNgR4AaTQh"
}
Director {
Name = ubuntu-mon
Password = "oazZu/8Zt0VL8W8SmfmdOAfp1fZcalzKgLyFXP8tCIQQ"
Monitor = yes
}
Device {
Name = FileStorage
Media Type = File
Archive Device = /backup #Target Directory or Device
LabelMedia = yes; # lets Bacula label unlabeled media
Random Access = Yes;
AutomaticMount = yes; # when device opened, read it
RemovableMedia = no;
AlwaysOpen = no;
}
Messages {
Name = Standard
director = ubuntu-dir = all
}
###########################
Configuration for windows Client:
bacula-fd.conf:
FileDaemon { # this is me
Name = winclient-fd
FDport = 9102 # where we listen for the director
WorkingDirectory = "C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Bacula\\Work"
Pid Directory = "C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Bacula\\Work"
Maximum Concurrent Jobs = 2
}
#
# List Directors who are permitted to contact this File daemon
#
Director {
Name = ubuntu-dir
Password = "iBtT8iPwJUvgQDzx9NXYCgqpYqVJSZpfJaSPys2OFaUO"
}
# Send all messages except skipped files back to Director
Messages {
Name = Standard
director = ubuntu-dir = all, !skipped, !restored
}
#######################
Configuration for Ubuntu Client:
bacula-fd.conf:
# List Directors who are permitted to contact this File daemon
#
Director {
Name = ubuntu-dir
Password = "iBtT8iPwJUvgQDzx9NXYCgqpYqVJSZpfJaSPys2OFaUO"
}
#
# "Global" File daemon configuration specifications
#
FileDaemon { # this is me
Name = aspirin-fd
FDport = 9102 # where we listen for the director
WorkingDirectory = /var/bacula/working
Pid Directory = /var/run
Maximum Concurrent Jobs = 20
}
# Send all messages except skipped files back to Director
Messages {
Name = Standard
director = ubuntu-dir = all, !skipped, !restored
}
Install Bacula Backup Software
1. Download these files from http://sourceforge.net/project/showfiles.php?group_id=50727
bacula-2.0.3.tar.gz
depkgs
2. run:
apt-get install g++
3. run:
ln -s make /usr/bin/gmake
4. Create a bacula directory, into which you will place both the Bacula source as well as the dependency package.
5. Detar the depkgs into the bacula directory.
6. cd bacula/depkgs
7. make
8. Configure and install MySQL
download and install mysql-server from www.mysql.com/downloads:
dpkg -i mysql-server-5.0_5.0.21-3ubuntu1_i386.deb
dpkg -i libmysqlclient15-dev_5.0.21-3ubuntu1_i386.deb
9. apt-get install zlib1g-dev
10. Detar the Bacula source code preferably into the bacula directory discussed above.
11. Configure Bacula:
./configure --with-mysql --enable-smartalloc --with-openssl
make
make install
12. from /etc/bacula run:
./grant_mysql_privileges
./create_mysql_database
./make_mysql_tables
13. Start Bacula:
/etc/bacula/bacula start
14. Interface with Bacula using the Console program:
/etc/bacula/bconsole
bacula-2.0.3.tar.gz
depkgs
2. run:
apt-get install g++
3. run:
ln -s make /usr/bin/gmake
4. Create a bacula directory, into which you will place both the Bacula source as well as the dependency package.
5. Detar the depkgs into the bacula directory.
6. cd bacula/depkgs
7. make
8. Configure and install MySQL
download and install mysql-server from www.mysql.com/downloads:
dpkg -i mysql-server-5.0_5.0.21-3ubuntu1_i386.deb
dpkg -i libmysqlclient15-dev_5.0.21-3ubuntu1_i386.deb
9. apt-get install zlib1g-dev
10. Detar the Bacula source code preferably into the bacula directory discussed above.
11. Configure Bacula:
./configure --with-mysql --enable-smartalloc --with-openssl
make
make install
12. from /etc/bacula run:
./grant_mysql_privileges
./create_mysql_database
./make_mysql_tables
13. Start Bacula:
/etc/bacula/bacula start
14. Interface with Bacula using the Console program:
/etc/bacula/bconsole
Wednesday, February 20, 2008
Useful Links for OpenVPN
http://www.windows-stupidities.com/Stupid13.htm
http://www.debian-administration.org/articles/35
http://www.djatlantic.net/?p=252
http://www.shorewall.net/OPENVPN.html
http://openvpn.net/index.php/documentation/howto.html
http://www.linuxjournal.com/article/7949
http://www.dd-wrt.com/wiki/index.php/OpenVPN
http://brneurosci.org/linuxsetup71.html
http://brneurosci.org/vpn.html
http://www.terminal23.net/2007/08/openvpn_20_on_ubuntu_704.html
http://howto.landure.fr/gnu-linux/debian-4-0-etch-en/
install-and-setup-openvpn-on-debian-4-0-etch
http://www.thebakershome.net/?q=node/56
http://halfy.wordpress.com/2007/10/12/
setting-up-openvpn-209-on-ubuntu-606/
http://www.debian-administration.org/articles/35
http://www.djatlantic.net/?p=252
http://www.shorewall.net/OPENVPN.html
http://openvpn.net/index.php/documentation/howto.html
http://www.linuxjournal.com/article/7949
http://www.dd-wrt.com/wiki/index.php/OpenVPN
http://brneurosci.org/linuxsetup71.html
http://brneurosci.org/vpn.html
http://www.terminal23.net/2007/08/openvpn_20_on_ubuntu_704.html
http://howto.landure.fr/gnu-linux/debian-4-0-etch-en/
install-and-setup-openvpn-on-debian-4-0-etch
http://www.thebakershome.net/?q=node/56
http://halfy.wordpress.com/2007/10/12/
setting-up-openvpn-209-on-ubuntu-606/
Tuesday, February 19, 2008
Set up OpenVPN GUI on Windows XP
1. Download openvpn.se gui
http://openvpn.se/files/install_packages/
openvpn-2.0.9-gui-1.0.3-install.exe
(at the time of writing)
2. Click on the file for installation:
- Make sure you select or deselect these times
ca.crt
home.crt
home.key
5. Edit the client.ovpn:
remote my-server-1 1194
to :
remote 10.66.66.47 1194 (The IP for server)
and:
ca ca.crt
cert home.crt
key home.key
to:
ca C:\\Programme\\OpenVPN\\config\\ca.crt
cert C:\\Programme\\OpenVPN\\config\\home.crt
key C:\\Programme\\OpenVPN\\config\\home.key
6. run Openvpn-gui.
http://openvpn.se/files/install_packages/
openvpn-2.0.9-gui-1.0.3-install.exe
(at the time of writing)
2. Click on the file for installation:
- Make sure you select or deselect these times
* deselect “AutoStart OpenVPN GUI”
* Select “My Certificate Wizard”
* Select “Hid the TAP-Win* Virtual Ethernet Adapter”
- Click Next or OK until installation is done
3. put “client.ovpn” in c:\Program Files\OpenVPN\config\
4. Copy these files from server to c:\program files\openvpn\config:ca.crt
home.crt
home.key
5. Edit the client.ovpn:
remote my-server-1 1194
to :
remote 10.66.66.47 1194 (The IP for server)
and:
ca ca.crt
cert home.crt
key home.key
to:
ca C:\\Programme\\OpenVPN\\config\\ca.crt
cert C:\\Programme\\OpenVPN\\config\\home.crt
key C:\\Programme\\OpenVPN\\config\\home.key
6. run Openvpn-gui.
You should see the a small icon with two red spots / retangular shapes on the notification area (bottom right of your screen). If you put your mouse cursor over it, a small tool tip would pop up indicating “OpenVPN GUI”.
To connect to VPN server:
1. Right click on the mentioned icon
2. Select Connect
To disconnect from VPN server:
1. Right click on the mentioned icon
2. Select Disconnect
Install OPENVPN on Ubuntu
Install the necessary software
I am going to configure openVPN as routing and not as Bridge.
Enter these commands on both the server and the client.
apt-get install openvpn openssl rdate
Now on the server side issue these commands
cd /usr/share/doc/openvpn/examples/easy-rsa/
cp * /etc/openvpn -R
cd /etc/openvpn
. ./vars (Be carefull there is a blank between two points)
./clean-all
./build-ca
Now create the certificates for the server
./build-key-server server
Now create the certificate for the client site
./build-key home
you can call it anything, I called it home
you can create as many keys as you need from this point for as many clients as you want, once you have finished issue this command.
./build-dh
Configure the server side
cd /usr/share/doc/openvpn/examples/sample-config-files/
cp server.conf.gz /etc/openvpn/
cd /etc/openvpn/
gunzip server.conf.gz
vim server.conf
Look for these lines
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh1024.pem
and change to these ones
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key # This file should be kept secret
dh /etc/openvpn/keys/dh1024.pem
uncomment the client-to-client directive to enable clients to be able to connect to each others through the VPN, and not only to the server.
Here is my SERVER.CONF:port 1194
;proto tcp
proto udp
dev tap
;dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key # This file should be kept secret
dh /etc/openvpn/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-to-client
;duplicate-cn
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
Configure the client
First you need to copy the certificates from the server to the client, be sure to make this in a secure way, either using scp or a USB Key in order to keep your files secure.
the needed files are:
ca.crt
home.crt
home.key (should be kept secret)
and they are in the server's directory /etc/openvpn/keys/
now you have copied all these files to the client open a console on the client and
cd /usr/share/doc/openvpn/examples/sample-config-files/
cp client.conf /etc/openvpn/
cd /etc/openvpn/
vi client.conf
Look for these lines
ca ca.crt
cert client.crt
key client.key
remote my-server-1 1194
and change them for these ones.
ca /etc/openvpn/keys/ca.crtthat is all, unless you have made some other changes on the server side, as for example change from UDP to TCP to the default port, so you will have to change that also on the client side.
cert /etc/openvpn/keys/home.crt
key /etc/openvpn/keys/home.key
remote [the.ip.of.server] 1194
Start the server
openvpn /etc/openvpn/server.conf
if everything goes ok, you should see something like this,
Sat Jul 14 11:12:11 2007 OpenVPN 2.0.9 i486-pc-linux-gnu [SSL] [LZO] [EPOLL] built on Jan 21 2007
Sat Jul 14 11:12:11 2007 Diffie-Hellman initialized with 1024 bit key
Sat Jul 14 11:12:11 2007 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Jul 14 11:12:11 2007 TUN/TAP device tun0 opened
Sat Jul 14 11:12:11 2007 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Sat Jul 14 11:12:11 2007 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Sat Jul 14 11:12:11 2007 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Jul 14 11:12:11 2007 GID set to nogroup
Sat Jul 14 11:12:11 2007 UID set to nobody
Sat Jul 14 11:12:11 2007 UDPv4 link local (bound): [undef]:1194
Sat Jul 14 11:12:11 2007 UDPv4 link remote: [undef]
Sat Jul 14 11:12:11 2007 MULTI: multi_init called, r=256 v=256
Sat Jul 14 11:12:11 2007 IFCONFIG POOL: base=10.8.0.4 size=62
Sat Jul 14 11:12:11 2007 IFCONFIG POOL LIST
Sat Jul 14 11:12:11 2007 Initialization Sequence Completed
Start the client
openvpn /etc/openvpn/client.conf
the output should look like this
Sat Jul 14 15:40:36 2007 OpenVPN 2.0.9 i486-pc-linux-gnu [SSL] [LZO] [EPOLL] built on Jan 21 2007
Sat Jul 14 15:40:36 2007 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Sat Jul 14 15:40:36 2007 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sat Jul 14 15:40:36 2007 LZO compression initialized
Sat Jul 14 15:40:36 2007 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Jul 14 15:40:36 2007 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Jul 14 15:40:36 2007 Local Options hash (VER=V4): '41690919'
Sat Jul 14 15:40:36 2007 Expected Remote Options hash (VER=V4): '530fdded'
Sat Jul 14 15:40:36 2007 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Sat Jul 14 15:40:36 2007 UDPv4 link local: [undef]
Sat Jul 14 15:40:36 2007 UDPv4 link remote: 200.87.61.90:1194
Sat Jul 14 15:40:36 2007 TLS: Initial packet from 200.87.61.90:1194, sid=408d696e 88814e22
Sat Jul 14 15:40:37 2007 VERIFY OK: depth=1, /C=bo/ST=bo/L=santacruz/O=go2linux.org/CN=OpenVPN-CA/emailAddress=gerencia@alketech.com
Sat Jul 14 15:40:37 2007 VERIFY OK: depth=0, /C=bo/ST=bo/O=go2linux.org/CN=server/emailAddress=gerencia@alketech.com
Sat Jul 14 15:40:38 2007 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Jul 14 15:40:38 2007 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Jul 14 15:40:38 2007 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Jul 14 15:40:38 2007 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Jul 14 15:40:38 2007 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Jul 14 15:40:38 2007 [server] Peer Connection Initiated with 200.87.61.90:1194
Sat Jul 14 15:40:39 2007 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Sat Jul 14 15:40:39 2007 PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.0 255.255.255.0,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Sat Jul 14 15:40:39 2007 OPTIONS IMPORT: timers and/or timeouts modified
Sat Jul 14 15:40:39 2007 OPTIONS IMPORT: --ifconfig/up options modified
Sat Jul 14 15:40:39 2007 OPTIONS IMPORT: route options modified
Sat Jul 14 15:40:39 2007 TUN/TAP device tun0 opened
Sat Jul 14 15:40:39 2007 /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500
Sat Jul 14 15:40:39 2007 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.5
Sat Jul 14 15:40:39 2007 GID set to nogroup
Sat Jul 14 15:40:39 2007 UID set to nobody
Sat Jul 14 15:40:39 2007 Initialization Sequence Completed
If you arrived to this point you have your VPN stablished.
Then, you need to make one machine (the remote machine you want to connect to) publically visible.
Go to that machine and connect to the Internet. Go to No-IP.com.
Open an account at No-IP (it's free). In the No-IP setup screens (on their web site),
set up the information for your machine (they call it a "host"). Give your host a name (such
as "MyOffice") and select an extension to be added after "No-IP".
If you selected ".biz", for example, your machine will have the public name "myoffice.no-ip.biz".
Since the name you choose must be unique, No-IP provides a number of different extensions;
keep trying until your name is approved.
Install ddclient and set it with No-IP account:
apt-get install ddclient
Then, you need to make one machine (the remote machine you want to connect to) publically visible.
Go to that machine and connect to the Internet. Go to No-IP.com.
Open an account at No-IP (it's free). In the No-IP setup screens (on their web site),
set up the information for your machine (they call it a "host"). Give your host a name (such
as "MyOffice") and select an extension to be added after "No-IP".
If you selected ".biz", for example, your machine will have the public name "myoffice.no-ip.biz".
Since the name you choose must be unique, No-IP provides a number of different extensions;
keep trying until your name is approved.
Install ddclient and set it with No-IP account:
apt-get install ddclient
Monday, February 11, 2008
LDAP Configuration
Module Config for LDAP-USERADMIN in Webmin:
given=0
imap_login=cyrus
alias_same=0
multi_fields=0
samba_def=1
mailfmt=0
other_class=top person posixAccount shadowAccount inetOrgPerson organizationalPerson
imap_def=0
samba_gclass=sambaGroupMapping
imap_folders=old public sent-mail
secmode=0
auth_ldap=/etc/libnss-ldap.conf
shells=fixed,passwd,shells
imap_class=SuSEeMailObject
samba_class=sambaSamAccount
slappasswd=/usr/sbin/slappasswd
md5=0
quota_support=0
default_min=
group_props=
addressbook=
random_password=
passwd_stars=
ldap_tls=0
default_warn=
group_fields=
charset=
login=cn=Manager,dc=copp,dc=net
imap_props=
pre_command=
base_gid=10001
user_files=
homedir_perms=0700
user_base=ou=Users,dc=copp,dc=net
domain=
default_inactive=
gother_class=
ldap_port=389
imap_folderalt=
pass=.
group_base=ou=Groups,dc=copp,dc=net
given_class=
fields=
imap_pass=
display_max=
home_style=0
group_mod_props=
ldap_host=127.0.0.1
default_max=
imap_host=
default_secs=
samba_props=
props=sn:${USER}
base_uid=10001
default_group=Domain Users
quota=
home_base=/data/home
default_shell=/bin/bash
samba_gid=
maillocaladdress=
default_other=1
noclash=
post_command=
samba_domain=S-1-5-21-1939531223-1054826667-1329343603
mod_props=
default_expire=
PS: The red items must be changed
given=0
imap_login=cyrus
alias_same=0
multi_fields=0
samba_def=1
mailfmt=0
other_class=top person posixAccount shadowAccount inetOrgPerson organizationalPerson
imap_def=0
samba_gclass=sambaGroupMapping
imap_folders=old public sent-mail
secmode=0
auth_ldap=/etc/libnss-ldap.conf
shells=fixed,passwd,shells
imap_class=SuSEeMailObject
samba_class=sambaSamAccount
slappasswd=/usr/sbin/slappasswd
md5=0
quota_support=0
default_min=
group_props=
addressbook=
random_password=
passwd_stars=
ldap_tls=0
default_warn=
group_fields=
charset=
login=cn=Manager,dc=copp,dc=net
imap_props=
pre_command=
base_gid=10001
user_files=
homedir_perms=0700
user_base=ou=Users,dc=copp,dc=net
domain=
default_inactive=
gother_class=
ldap_port=389
imap_folderalt=
pass=.
group_base=ou=Groups,dc=copp,dc=net
given_class=
fields=
imap_pass=
display_max=
home_style=0
group_mod_props=
ldap_host=127.0.0.1
default_max=
imap_host=
default_secs=
samba_props=
props=sn:${USER}
base_uid=10001
default_group=Domain Users
quota=
home_base=/data/home
default_shell=/bin/bash
samba_gid=
maillocaladdress=
default_other=1
noclash=
post_command=
samba_domain=S-1-5-21-1939531223-1054826667-1329343603
mod_props=
default_expire=
PS: The red items must be changed
Subscribe to:
Posts (Atom)