Loading...
 

Greg`s Tech blog

My technical journal where I record my challenges with Linux, open source SW, Tiki, PowerShell, Brewing beer, AD, LDAP and more...

Using wget for DynamicDNS updates

Wednesday 06 of April, 2005


SEC="P@ssw0rd"
wget -O - http-user=username http-passwd=$SEC 'https://dynamic.zoneedit.com/auth/dynamic.html?host=linux2.gmartin.org'

wget -O - http-user=username http-passwd=$SEC 'https://dynamic.zoneedit.com/auth/dynamic.html?host=linux1.gmartin.org'

wget -O - http-user=username http-passwd=$SEC 'https://dynamic.zoneedit.com/auth/dynamic.html?host=ldap.gmartin.org'

MIIS Design

Wednesday 06 of April, 2005
MIIS design
Question today was whether we need to provide a MIIS environment for staging. After talking through we came up with the following:
  • There is no internal staging directory. There is only the etslan.org directory although we do have staging server defined
  • There is no need to performance test against the internal directory

With this in mind, we're thinking that we'll have a single MIIS server sync accounts into both the prod & stage directories


WebCalendar upgrade

Monday 27 of September, 2004
I upgraded WebCalendar to 0.9.44 (from .43). The process was painless. I:
  1. created a new directory /usr/local/WebCalendar-0.9.44
  2. Edited the includes/config.php to add the db password
  3. edit the Alias entry in httpfd.conf to point to the new directory

What's left:
  • zip the old directory
  • make any no db updates

\\Greg

sed (the stream editor)

Tuesday 07 of September, 2004
I've been using sed to modify the import files for the Exchange lab here are some tricks & links.

To match & replace a particular string:

"s/%Distribution Lists\/cn=[0-9][0-9][0-9][0-9]//ig" This matches "%Distribution Lists/cn=xxxx" where xxxx is four digits
s/ROSNT[0-9][0-9]/EAOEX1/gImatches ROSNTxx and replaces with EAOEX1
s/EWZNT[0-9][0-9]/EAOEX1/gImatches EWZNTxx
s/ou=ETS\//ou=ETSEXT\//gImatches ou=ETS\
s/o=ETS\//o=ETSEXT\//gImatches o=ETS\
s/ETS\//ETSEXT\//gImatches ETS\
s/p=ETS;/p=ETSEXT;/gImatches p=ETS;
s/o=ETS;/o=ETSEXT;/gImatches o=ETS;
s/ETS.ORG/etsext.ORG/gImatches ETS.ORG
sed -n -e "/\$:/p" <filename Prints only lines in filename containing "$:"
sed -e "/\$:/d" <filename Prints only lines not containing "$:"
sed -n -e "/^dn: CN=ets/,/^$/p" matches all the lines between one starting with ^dn: CN=ets and end a blank line (^$)


The general command line looks like:
sed -e "s/%Distribution Lists\/cn=[0-9][0-9][0-9][0-9]//ig" filename.
The quotes around the regex are required if there is a space in the regex. The regex can be added to a file and references with -f
sed -f sedscript.sed filename

  • The

PXE Server

Thursday 22 of April, 2004


We need three things:
  • DHCP server
  • TFTP server
  • NFS share

DHCP server

edit configure file:

option domain-name "linux.sun.com";
option domain-name-servers 172.16.13.2, 172.16.13.6;
option subnet-mask 255.255.0.0;

allow bootp;
allow booting;
option ip-forwarding false; # No IP forwarding
option mask-supplier false; # Don’t respond to ICMP Mask req
ddns-update-style = adhoc;
get-lease-hostnames on; # DNS lookup hostnames
use-host-decl-names on; # And supply them to clients
  1. WARNING: This is a default configuration — any system PXE booting will
  2. wipe out all existing data on the first hard disk and install
  3. RedHat Enterprise Linux AS
subnet 172.16.13.0 netmask 255.255.0.0 {
next-server 172.16.13.6; # name of your TFTP server
filename "/as-2.1/sun/pxelinux.bin"; # name of the boot-loader program
range 172.16.13.100 172.16.13.200; # dhcp clients IP range
}


- start dhcpd manually (added it to rc.local)

tftp server

  • create /var/tftp directory
  • Add files tp directory (pxelinux.bin)
  • startup using /usr/sbin/in.tftpd -c -l -v -s /var/tftp

NFS share

  • edit /etc/exports
  • add ' /var/tftp *(ro,sync) '
  • restart nfs 'rc.inet2 restart'




Turning on POP3 & other services

Monday 19 of April, 2004
Turning on POP3 & other services

I have sendmail working but couldn't connect to a mailbox using OE. Did some looking around and sure enough we weren't listening on port 110 - the POP3 port. More research and I found that I needed to edit etc/inetd.conf in order to have inetd start the pop3 service. While I was there I started imap2 and swat (for samba admin).

After saving the file I ran '/etc/rc.d/rc.inetd restart' to restart the daemon.

\\Greg

PS - what's left?
- Mail testing
- Mail migration for Priscilla & Caolinn
- Mailman install & migration

Compiling Sendmail

Wednesday 14 of April, 2004
Compiling Sendmail

  • Downloaded Sendmail 8.12.11
  • Created site.config.m4 file in sendmail/Site directory. Added following lines:
APPENDDEF(`confENVDEF', `-DSASL=2')
APPENDDEF(`conf_sendmail_LIBS', `-lsasl2')
APPENDDEF(`confLIBDIRS', `-L/usr/local/lib')
APPENDDEF(`confINCDIRS', `-I/usr/local/include/sasl')
APPENDDEF(`confMAPDEF', `-DNEWDB -DSTARTTLS -DTCPWRAPPERS_
-DNIS -DMAP_REGEX')
APPENDDEF(`confLIBS', `-lnsl -lssl -lcrypto -lwrap -lm -ldb -lresolv')

  • ran ./Build -c -n (to clear out old build)
  • Set authinfo file
Authinfo:outgoing.verizon.net "U:vze1jt1m" "I:vze1jt1m@verizon.net"_
"P:password" "R:outgoing.verizon.net" "M:PLAIN"
  • restart sendmail ('rc.sendmail restart')








References:
http://www.sendmail.org/~ca/email/auth.html (cache)




Adding SASL support

Wednesday 14 of April, 2004
Adding SASL support

I need to configure Sendmail. From my experience, I believe I will need SASL to support client authentication. The first step is to install SASL

  • I downloaded Cyrus-SASL v 2.1.18 from ftp.andrew.cmu.edu/pub/cyrus
  • Renamed file to *.tgz so it was compatible with the slackware installer
  • moved the subsequent directory to /tmp/sasl/cyrus-sasl-2.1.18

  • Ran ./configure without error
./configure enable-anon enable-plain enable-login disable-krb4 with-saslauthd=/var/run/saslauthd with-pam with-openssl=/usr/local/ssl with-plugindir=/usr/local/lib/sasl2 enable-cram enable-digest --enable-otp
References:
http://www.projektfarm.com/en/support/howto/sendmail_smtp_auth_tls/sendmail_smtp_auth_tls.html (cache)
http://www.sendmail.org/~ca/email/auth.html (cache)
http://www.jimohalloran.com/archives/000227.html (cache)

  • Ran make without error
  • Ran make install
  • Removed /tmp/sasl...

  • Start SASL ('saslauthd -a shadow")
  • added to rc.local



More Linux2 changes

Tuesday 13 of April, 2004

More Linux2 changes


I made some more changes tonight. Specifically

  • Copies over and configured zoneclient to update ddns automatically. See 'crontab -e' and /usr/local/zoneclient

  • Copied over myindex.html
  • Apache changes
    • Copied but have not configured phpMyAdmin. Added dbAdmin link. Still need to do .htaccess
    • Configured apache to listen on port 80 & 82 (Listen). Removed forward from port 82 to port 80.
    • Configured Servername and serveradmin in apache config (httpd.conf)
    • Changed UseCanonicalname to Off. Should fix some problems with mailman...

\\Greg

Tiki Move

Monday 12 of April, 2004
Tiki Move

Tiki was migrated to linux2.gmartin.org over easter weekend. The new server is twice the speed (400mhz) and 3x RAM (320MB). Pages load much faster and graphics are rendered quickly. John is testing externally.

I moved the data using mysqldump and mysql. The config looks like this


  • Tiki is installed to /usr/local/tiki-<version> with a link to /usr/local/tiki
  • Files are stored extrnal in /usr/local/tiki/files
  • Images in /usr/local/tiki/imagegal

Still to do:
  • Upgrade tiki to 1.7.7 or 1.8.4
  • Install phpMyAdmin (use webmin until then)
  • Configure Sendmail
  • Move mailboxes
  • Move Mailman

\\Greg

Fixing new Mailman Lists

Wednesday 25 of February, 2004

Fixing new Mailman Lists


Creating a new mailman list imbeds it with an improper hostname. The best way to create a list is the following.

run '/usr/local/mailman/bin/newlist'

Once crerated, fix the url by running:
'/usr/local/mailman/bin> ./withlist -l -r fix_url -u linux1.gmartin.org:81'


grabbing a single line of command output

Saturday 10 of January, 2004
grabbing a single line of command output

I wrote this Windows script (batch file) to grab a single line of output from a command

setlocal
set /a max=1
typeperf "\memory\Pages/sec" -f csv -sc 1 -o c:\temp\1.tmp -y
for /f "usebackq skip=1 tokens=1*" %%a in ("c:\temp\1.tmp") do (
call :onlyone %%a%%b)
goto :eof

:onlyone
set /a counter = NaV + 1
if /i NaV gtr NaV goto :EOF
echo %* >>c:\temp\2.tmp
goto :EOF
:end
endlocal

The for command reads the file line by lines and calls only one with parameters.
:onlyone does something (in this case echo), then increments a counter to keep track of how many it has done then returns
Next time onlyone is called the counter = max, so it returns without doing anything

Note: tried to execute typeperf from within the for command but the command must write directly to the screen on a non-line oriented mode. For could not capture the output correctly

Setting Linux Time

Monday 05 of January, 2004
Running gnome on Linux2 and the time was off. I tried to use gnome to set the time but it said no program was configured to change time. I don't get it.

Found a nice discussion on the clock here (cache)

Needed to use hwclock. Here are the commands

hwclock set date hh:mm:ss (to set the time)
hwclock --localtime (tells linux the rtc is set to local time)
hwclock --hctosys (to set system time from hwclock)


\\Greg



Smarthost Relaying

Friday 28 of November, 2003
in my last post I spent a lot of time discussing how to install SASL and configure Sendmail to do SMTP AUTH.
I was confusing smartthost authentication with user authentication. I found an article on comp.mail.sendmail
that hinted to the problem and directed me to the sendmail README in /usr/share/sendmail/cf/

All I needed to do was

  • configure the sendmail smarthost

    • in gmartin.mc
define(`SMART_HOST',`outgoing.verizon.net')dnl

  • tell sendmail where to relay mail

    • configure access.db to tell sendmail how & where to store access information.
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl


  • modify access.db
    • Edit /etc/mail/access
    • Add the login info:
    • Authinfo:outgoing.verizon.net "U:vze1jt1m" "I:vze1jt1m@verizon.net" "P:xxxxxx" "R:outgoing.verizon.net" "M:PLAIN"
    • Rebuld access.db
makemap hash access <access

Note: The other entries in access.db are the hosts to accept as relay hosts

Sendmail, SASL & Smarthost

Tuesday 25 of November, 2003

We need to start forwarding mail through verizon because sites like AOL are not accepting mail from mail servers on
soft-links(based on IP range). I started researching this and found that first I need:

  • SASL version of sendmail
  • sendmail configured with a smarthost
  • sendmail configured to do SMTP Auth

SASL & Sendmail

Found this page that lead me down the right path (cache)

So I downloaded SASL and followed the instructions to build it, but received and error during 'make':

"kerberos4.c:49:17: krb.h: No such file or directory "

This was resolved by modifying the ./configure step. I used this command-line based on a a link to
http://www.irbs.net/internet/info-cyrus/0207/0196.html (cache):
./configure with-saslauthd=/usr/lib/sasl2 enable-cram \
enable-digest enable-plain disable-anon disable-gssapi \
disable-krb4 disable-otp --with-openssl

Sendmail 8.12.10

Next I had to compile Sendmail. Based on the sendmail book I ran
./Build -c -n (create clean build, no make)
./Build -c
./Build install
Then I restarted sendmail and all was well
(Actually, I received an error:
"libsasl.so.7: cannot open shared object file: No such file or directory"
At this point I remembered that my SASL build had an error which I resolved and documented above).
Never stop in the middle of something!

Sendmail and SMTP AUTH

Useful links:
http://dbforums.com/arch/181/2002/12/574316 (cache)


Still not getting AUTH from EHLO command


Printing Exchange Distribution List Members

Thursday 15 of May, 2003
HOWTO Print Exchange 5.5 Distribution List Members

We had a need recently to print the contents of an Exchange 5.5 distribution list. We've looked in thre past for a tool to do this and never had any luck.
I found a python script that did this and since I don't know python(yet), I converted it to vbscript. Run the script (cscript getmembers.vbs) to see the Usage.
You'll need ADO & ADSI installed locally. E-mail with questions/bugs. Let me know if it works for Exch2k

I hope you'll find this of value. (save as getmembers.vbs)

'getmembers.vbs - Greg Martin - CSC May 2003
'Notes:
'If you use this regularly, you can define sUser & sPwd with a user from your local site
'Run with cscript to prevent a gazillion pop up windows
'
'
'
dim oIADs
dim MyContainer
dim objRecipients
dim item

CRLF = Chr(13) & Chr(10)


sUsage =    "Getmembers.vbs - Greg Martin, CSC  2003" & CRLF & CRLF
sUsage = sUsage & "Returns the entries of an Exchange distribution list and nested lists" & CRLF
sUsage = sUsage & "Usage:  cscript getmembers.vbs      " & CRLF & CRLF
sUsage = sUsage & "Where:" & CRLF  
sUsage = sUsage & "Servername is the name of an exchange server" & CRLF  & CRLF
sUsage = sUsage & "Listname is the alias of the list to be enumerated" & CRLF   & CRLF
sUsage = sUsage & "UserDN is the DN of an exchange user(used to login via LDAP)" & CRLF 
sUsage = sUsage & "Note: User DN typically looks like 'cn=alias, ou=site, o=org'" & CRLF
sUsage = sUsage & "      Specifying the recipients container is not necessary and does not work" & CRLF &CRLF
sUsage = sUsage & "Password is the password for user" & CRLF  & CRLF
sUsage = sUsage & "1 Recurses list members. 0 does not recurse (optional - must be supplied if CN|UID id specified) " & CRLF  & CRLF
sUsage = sUsage & "CN prints Exch CN of list member; UID prints Exch alias (optional)" & CRLF & CRLF
sUsage = sUsage & "Example: cscript getmembers.vbs Rosnt47 " & chr(34) & "cn=tcs_users,cn=Distribution_
Lists,ou=ets,o=ets" & chr(34) & " " & chr(34) & "cn=juser, ou=ETS, o=ETS" & chr(34) & " p@ssw0rd 1 CN" & CRLF & CRLF

'Todo
Set oArgs = WScript.Arguments


Tikiwiki 1.6 upgrade

Saturday 26 of April, 2003
coolHey, we upgraded the site to TikiWiki 1.6 back two weeks ago. A couple things to note. Pages (actualy templates) are compiled on first use. This speeds up access. However, it broke the Admin page. Had to grant php rights to use 32MB and 120 secs of run time. The Admin page is by far the most complex. After that compile, all was well and we're back to 24MB & 30 seconds

\Greg

Mailman running as the wrong user

Saturday 08 of March, 2003
Mailman errors
Had a problem posting to mailing lists. It would return an error saying the script ran as the wrong user.
The answer was adding 'mail' as the default user in sendmail.cf

\\Greg

Mailman URL Info

Monday 24 of February, 2003
Resetting URL for a mailing list


From the /usr/local/mailman/bin directory

'./withlist -l -r fix_url MOC -u www.gmartin.org'

(where MOC is the listname
and www.gmartin.org is the new URL)

Check it using bin/dumpdb ../lists/moc/config.pck

Look for web_page_url near the end of the dump

PHPMyAdmin

Saturday 22 of February, 2003

I loaded phpMyAdmin to manage MySql. Very slick

software: /usr/local/phpMyAdmin
link: /var/www/htdocs/dbAdmin
URL: /data

Directory is locked down using .htaccess


\\Greg

SNMP Trap daemon

Tuesday 04 of February, 2003
SNMP trap daemon:
/tmp/usr/local/sbin
./snmptrapd -P -F "%02.2h:%02.2j TRAPNo value assignedq from %A: %v \n" /var/log/snmp.log &