Monday, March 31, 2008

Remote access via ssh without Password

On the Client, at the /root/.ssh/, run the following command to build keys:

ssh-keygen -t rsa

that builds two files:

id_rsa.pub and id_rsa

Copy id_rsa.pub to Remote Computer:

scp id_rsa.pub root@ip.for.remote.computer:/root/.ssh/

Then execute this command on Remote:

cat id_rsa.pub >> authorized_keys

and:

chmod 644 authorized_keys

Tuesday, March 25, 2008

Open port in SuSE

edit /etc/sysconfig/SuSEfirewall2,

change this line:

#FW_TRUSTED_NETS="local.netzwork.ip.no,tcp,portno"

the restart Firewall service:

SuSEfirewall2 start

Thursday, March 20, 2008

Sharing Samba Printer with Windows Clients

Connect printer to Samba server.

Add printer in SMB.CONF:

[printers]

comment = Alle Drucker
path = /var/spool/samba
browseable = no
public = yes
guest ok = yes
writeable = no
printable = yes
printer admin = root, @ntadmins

restart samba service.

Edit the file:

/etc/cups/cupsd.conf

and change the following part:

# Show shared printers on the local network.
Browsing On
BrowseOrder allow,deny
BrowseAllow @LOCAL, @users
BrowseAddress @LOCAL

@users is nt users group map

sudo /etc/init.d/cupsys restart

Now Windows clients can see the printer.

Wednesday, March 19, 2008

Restore ACL or copy file with ACLs

First copy the ACLs:

getfacl --omit-header /your/file/or/directory /here > file.txt

this command store the current ACLs in file.txt.

Then run:

setfacl -M file.txt /your/file/or/directory/here

this command sets the ACLs same as the stroed file.

To copy the file or directory while preserving ACLs, use the -p or -a command option (-R means recursive and that means with all subdirectories):

copy -R -p /your/source/dir your/teraget/dir

or

copy -R -a /your/source/dir your/teraget/dir

To copy files with ACLs from one computer to another use RSYNC:

rsync -avrzA /source/dir user@target.host.address.or.IP:/target/dir

-A parameter means:
preserve ACLs (implies -p).
-a: Archive
-r: Recursive
-v: Verbose
-z: compress during copy

Tuesday, March 18, 2008

Opening Port in SME Server

Install the following package:

rpm -Uvh http://sme.swerts-knudsen.dk/downloads/dmc-mitel-portopening-0.0.1-4.noarch.rpm

then run:

/etc/e-smith/events/actions/navigation-conf

and restart the server.
In server-manager -> Configuration menu you can see Port Opening.

Friday, March 14, 2008

Install OPENVPN Client on SME Server

mkdir /etc/openvpn
cd /etc/openvpn

wget http://sme.swerts-knudsen.com/downloads/OpenVPN/SME7/lzo-1.08-4.2.el4.rf.i386.rpm
wget http://sme.swerts-knudsen.com/downloads/OpenVPN/SME7/openvpn-2.0.2-1.2.el4.rf.i386.rpm
wget http://sme.swerts-knudsen.com/downloads/OpenVPN/smeserver-openvpn-0.0.1-2.noarch.rpm


rpm -Uvh *.rpm



config set openvpn service status enabled access public UDPPort 1194
signal-event remoteaccess-update

Build keys on server and copy them into /etc/openvpn/keys


correct the client.conf setting file

Start the OPENVPN service:

service openvpn start

Wednesday, March 12, 2008

Install Bacula BWEB

Go to bweb under bacula-gui-xxx directory,

cd /var/www/bacula-gui-2.2.8/bweb

run:

perl Makefile.PL
make install

mkdir -m 755 /usr/lib/cgi-bin/bweb
install -m 755 -o root -g root bweb/cgi/*.pl /usr/lib/cgi-bin/bweb
chown www-data /etc/bacula/bweb.conf

mkdir -p /usr/share/bweb/tpl
install -m 644 -o root -g root bweb/tpl/*.tpl /usr/share/bweb/tpl

mkdir /var/www/bweb
install -m 644 -o root -g root bweb/html/*.{js,png,css,gif,ico,html} /var/www/bweb

download the font and copy to /root folder:
wget http://trac.mapnik.org/browser/trunk/fonts/
dejavu-ttf-2.14/DejaVuSerif.ttf?format=raw]


go to:
http://your-server/cgi-bin/bweb/bweb.pl

and config the bweb as follow:

DBI => DBI:mysql:database=bacula;host=localhost;port=3306
user => bacula
password =>
email => your@email
graph_font => /root/DejaVuSerif.ttf

save the configuration and enjoy bweb!!

Tuesday, March 11, 2008

Install Bacula-Web

Install following packages:

apt-get install apache2 php5 gettext php5-gd php-db php5-mysql

download last version of bacula-gui.xxxx.gz and unzip it in:
/var/www

move bacula-web folder in bacula-gui-xxx folder to /var/www

change bacula.conf in bacula-web:
* When bacula user has not password in mysql, change this line:
pass =

to :

# pass =

We need to enable gd and mysql modules:
add or uncomment the following lines in /etc/php5/apache2/php.ini:

extension=mysql.so
extension=gd.so



Give the write access to the required config file:

chmod 777 -R /var/www/bacula-web/templates_c

restart apache server:
/etc/init.d/apache2 restart



Enjoy Bacula-Web!!

Monday, March 10, 2008

OpenVPN - Clients's Static IP

In server.conf add this line:

client-config-dir /etc/openvpn/ccd

In directory /etc/openvpn/ccd has files named with the CN of the cert for each client, e.g. for gull.riseup.net, create a file gull.riseup.net, containing something like this:

for Windows Clients:
#ifconfig-push clientIP serverIP

ifconfig-push 10.8.0.3 10.8.0.1


for Ubuntu Clients:
#ifconfig-push clientIP Netmask

ifconfig-push 10.8.0.3 255.255.255.0

Restart OpenVPN Server and Client services.