Category Archives: Linux

OpenSUSE 11.1 for Vagrant

Seems that last week I needed an openSUSE 11.1  VM to test out some chef scripts.  Vagrant Cloud which is a great place to find Vagrant VMs didn’t have one, so I decided to create one.

Start first by downloading and installing packer an incredible tool for creating virtual machines from templates and scripts.  I used the Opscode bento project as a starting point and created my own packer template for opensuse 11.1.

First I had to find a place where I could get the IOSs and a repository.  Luckily there is still one available at:  http://ftp5.gwdg.de/pub/opensuse/discontinued/distribution/11.1/

After a couple of tries I figure out how to get the VM to boot from the IOS, enter the correct boot commands, provision the OS and run some setup scripts.  The biggest problem was figuring out that I had to reboot the VM after upgrading the kernel, or the Virtual Box Guest Additions would not install.  But packer can handle a reboot from a script, so it worked.

If you are interested the box can be used from Vagrant by doing:

vagrant init minesense/opensuse11.1

I’ve uploaded it to Vagrant Cloud at: https://vagrantcloud.com/minesense/opensuse11.1 and you can find and fork the source at: https://github.com/minesense/packer.

 

Fixing SELinux Content in a HTML directory

Unable to access web files in a directory under the /var/www/html becuase of a 403 forbidden might be a context problem.

Problem

Getting a 403 forbidden error message when accessing a new file or directory in /var/www/html.

Check /var/log/messages to see if there are any:

Sep 13 13:11:28 fserver02 kernel: audit(1221336688.892:14): avc:  denied  { getattr } for  pid=25036 comm=”httpd” name=”phpldapadmin” dev=dm-0 ino=2441537 scontext=root:system_r:httpd_t tcontext=root:object_r:user_home_t tclass=dir

Solution

First check the context on the root directory.

cd /var/www/html
ls -Z index.html
-rw-r–r–  root     root     root:object_r:httpd_sys_content_t index.html

Look at the context of the new directory or file

ls -Z index.php
-rw-r–r–  root     root     root:object_r:user_home_t index.php

Now change the file or directory to the correct context

chcon  root:object_r:httpd_sys_content_t . -Rc

Check the context of the file:

ls -Z index.php
-rw-r–r–  root     root     root:object_r:httpd_sys_content_t index.php

 

Setting up VNCServer

How to setup vncserver on a linux machine to run gnome or kde.

Initialize

Startup vncserver for the first time on port 5910 (:10) and set the password.

[root@localhost ~]# vncserver :10

You will require a password to access your desktops.

Password:
Verify:
xauth:  creating new authority file /root/.Xauthority

New 'localhost.localdomain:10 (root)' desktop is localhost.localdomain:10

Creating default startup script /root/.vnc/xstartup
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/localhost.localdomain:10.log

[root@localhost ~]#

Configure

Edit ~/.vnc/xstartup and change the session manager to

  • gnome-session – for Gnome
  • startkde – for KDE
#!/bin/sh

# Uncomment the following two lines for normal desktop:
# unset SESSION_MANAGER
# exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
gnome-session &

Restart vncserver

[root@localhost .vnc]# vncserver -kill :10
Killing Xvnc process ID 2844
[root@localhost .vnc]# vncserver :10

New 'localhost.localdomain:10 (root)' desktop is localhost.localdomain:10

Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/localhost.localdomain:10.log

[root@localhost .vnc]#

Configure IPTables

Edit /etc/sysconfig/iptables and add

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5910 -j ACCEPT

Restart iptables

[root@localhost ~]# /etc/init.d/iptables restart
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: filter                    [  OK  ]
Unloading iptables modules:                                [  OK  ]
Applying iptables firewall rules:                          [  OK  ]
Loading additional iptables modules: ip_conntrack_netbios_n[  OK  ]
[root@localhost ~]#

Accessing

Open a VNC client and go to <machine>:10

Enter the password.

Setting up ntpd

A quick way to setup ntpd to set the system and hardware clock

On a Redhat system (Redhat, CentOS, Fedora or Oracle Linux) edit the /etc/sysconfig/ntpd file:

  • Change:

SYNC_HWCLOCK=no

to

SYNC_HWCLOCK=yes

  • Add:

-x to OPTIONS so that the clock will be set every time ntpd is started

OPTIONS=”-u ntp:ntp -p /var/run/ntpd.pid -x”

Now make sure that ntpd is running

/sbin/chkconfig –level 2345 ntpd on

/sbin/service ntpd start

Setup LDAP with Openfiler

How to configure LDAP so that Windows shares will work with Openfiler.

Configure LDAP for Samba

The assumption is that LDAP is already up and running with user accounts with the posixAccount object classes.

Add samba.schema to LDAP

Copy samba.schema from /usr/share/doc/samba-3.0.10/LDAP to /etc/openldap

Add the samba.schema to slapd.conf

include         /etc/openldap/schema/samba.schema

Install smbldap-tools

Copy all the *.pl and *.pm scripts from /usr/share/doc/samba-3.0.10/LDAP/smbldap-tools to /usr/local/sbin

Configure smbldap_config.pm for your LDAP server.

Run make in the mkntpwd directory and copy mkntpwd to /usr/local/sbin

Add sambaSamAccount to all existing users

For each user in LDAP run:

/usr/local/sbin/smbldap-usermod.pl -a <username>

This will add the sambaSamAccount class to the user.

Change each users password

Each user will need to have their password reset so that the Samba password values match the ldap password values.

For each user in LDAP run:

/usr/local/sbin/smbldap-passwd.pl <username>

(make sure ldappasswd is in your path)

Configure OpenFiler

On the Accounts -> Authentication screen:

Check Use Ldap and fill in the following fields:

  • Server
  • Base DN
  • Authenticated Base DN
  • Authenticated bind password
  • Root Bind DN
  • Root bind password

Check Login SMB server to root DN

LDAP users and groups will now show up under the Users and Group tabs

Disk Performance

Using hdparm to measure a hard disks performance.

To measure the current performance of your disk run:

hdparm -tT /dev/sda

You will get something like:

/dev/sda:
Timing cached reads:   896 MB in  2.01 seconds = 446.06 MB/sec
Timing buffered disk reads:  168 MB in  3.01 seconds =  55.77 MB/sec

Setting up VMware Server on Linux

Instructions on how to setup VMware server on linux and access it from a windows machine.

Pre-Setup

Download VMware server rpm for Linux from http://www.vmware.com and register for a free serial number.  The current version is 1.0.3.

Setup access to the server. See Installing Cygwin for Windows XP for instructions on how to setup access to the linux server.

Installation

Log into the linux server

ssh linux01
cd /media/usbdisk/source/vmware/server/linux/1.0.3
su

Install the RPM

rpm -ivh VMware-server-1.0.3-44356.i386.rpm

Configure VMware

As root run:

/usr/bin/vmware-config.pl

Accept the End User License.
Accept the default directory for mime type icon.
Accept the default desktop menu entry files
Accept the default for application's icons
Networking for Virtual Machines: yes
Ethernet network: eth0
NAT networking: yes
Probe for private subnet: yes
Host-only network: yes
Probe for private subnet: yes
Accept default for remote console connections
Accept default direction for virtual machine files
Enter the VMware serial number you received when you downloaded vmware server.

Verify that vmware will startup when the server reboots.  As root run:

/sbin/chkconfig --list vmware
vmware          0:off   1:off   2:on    3:on    4:off   5:on    6:off

Install VMware Console on Windows

Download VMware console for windows from http://www.vmware.com

On the windows workstation install the server:

Double click on VMware-console-1.0.3-44356.exe
Accept the End User Agreement.
Accept the default installation location.

Configure the Console

Double click on the VMware Server Console icon on the windows desktop.

In the Connect to Host dialog box enter the hostname, username and password.