I've been using CVS for a few days now to keep track of my revisions in my Django scripts. Prior to CVS, I've mostly been making copies/annotating/numbering my scripts before doing any modifications (very tedious, very unwieldy). So setting up CVS repo took out the grunt work of tracking my code.
CVS compared to it's more illustrious counterparts, is old school if not the most ancient revision control system of the lot. But for on-and-off weekend coding projects that need simple versioning system, CVS it is.
Anyways, all nice and good, except that I've been getting this irritating error messages every time I cvs into my repository:
Error Messages when trying to run "cvs update" from another user.
cvs update: Updating CVSROOT
cvs update: failed to create lock directory for `/cvs/CVSROOT' (/cvs/CVSROOT/#cvs.lock): Permission denied
cvs update: failed to obtain dir lock in repository `/cvs/CVSROOT'
cvs [update aborted]: read lock failed - giving up
Turns out that when I first "cvs import" my files, the default permission was set to the user who initially created the repository. So the problem is really of 'gene' user not having write access to the files 'owned' by the first user who created the repo. The solution I found here and here indicated that you need to setup proper group ownership for the repo. That means make 'gene' user and all other users who'll be using cvs be part of the group that will owned the repo. In this case, just create a group called 'developers' or any other group name, and have all subdirectories beneath the root CVS directory owned by this group then setgid all the subdirectories (ie. chmod -R g+ws). VoilĂ ! works beautifully.
There's heaps of open-source software revision control system, if you want a Fedora/CVS setup, here's a good tutorial.
Monday, December 15, 2008
Saturday, November 15, 2008
How to convert different video file format to MP4 format for your PSP/Ipod
So we're going out-of-town this weekend, it's a two-hour drive and my two nephews, 5 and 6 years old, are coming with us.
Question: What are the odds that these two boys will willingly share and wait for their turn for their PSP toy.
Answer: Yeah, right. Battle royal, wailing and crying is more like it for that 2 hours long drive.
So what's an intrepid uncle ought to do? Why find a reasonable middle-ground that both these boys can agree on, of course.
And how do you propose to do that? Hehe, 'got a plan, boy. Get their favorite movies/TV shows from bittorrent (ie. boy with a tacky watch and that small Japanese robot boy that can fly) and put them on their PSP. Tada! Good, no?
Now this is more like Part II of my last blog (ie. how to rip videos from your DVDs), since you can also use dvdrip to encode the file to different format except that I couldn't find a container format for H.264/MPEG-4 (which is the format of choice for handheld devices). I tried mencoder like real men do, but it was effin messy and couldn't get the command-line options right :-( There has to be easier to do it.
As always, I assume you're using your friendly Fedora Linux distro. Also, bear in mind that every time you convert from one format to another, the quality of your video gradually degrades (not that you'll notice it when watching it on your PSP).
And so without further ado, here's how you can convert those avi/wmv/mpeg files from TPB into something you can watch on your PSP/iPhone or any handheld devices.
Avidemux rock!!
===
Step 1: Log in as root and from the console, run the following command:
# yum -y install avidemux
Step 2: Log in as regular user and from the console, run the following command:
$ rpm -q avidemux
$ avidemux
You should see the following Avidemux window:
Step 3: Open the file video file you wish to encode to another format. In the menu, click File->Open and then look for the video file you would like to convert.
Note: If you get a message that says something like "Index is not up date: You should use Tool->Rebuild frame. Do it now?". Just click "Yes".
Step 4: In the menu, click Auto->PlayStation Portable(H.264). You should see the following window:
Don't forget to
Step 5: Save the file, click File->Save (or just click the Save button). The Save window should pop up.
Type the name of your new video file. Don't forget to include the .mp4 extension to the name of the file.
Step 6: Once you click on the Save button, encoding should now start, you can now sit back and wait. Depending on fast your workstation is, and how large the file you want encode, this might take a while.
Once it finished, you should get the following pop-up message box.
Step 7: Now you can hook-up your PSP to your computer and copy the .mp4 file to the Video folder of your PSP.
If you're video editing needs are modest, you can also use Avidemux for cutting/deleting some scene, or join two or more video clips into a single video file, or add borders and subtitles to your videos.
Enjoy!!
Question: What are the odds that these two boys will willingly share and wait for their turn for their PSP toy.
Answer: Yeah, right. Battle royal, wailing and crying is more like it for that 2 hours long drive.
So what's an intrepid uncle ought to do? Why find a reasonable middle-ground that both these boys can agree on, of course.
And how do you propose to do that? Hehe, 'got a plan, boy. Get their favorite movies/TV shows from bittorrent (ie. boy with a tacky watch and that small Japanese robot boy that can fly) and put them on their PSP. Tada! Good, no?
Now this is more like Part II of my last blog (ie. how to rip videos from your DVDs), since you can also use dvdrip to encode the file to different format except that I couldn't find a container format for H.264/MPEG-4 (which is the format of choice for handheld devices). I tried mencoder like real men do, but it was effin messy and couldn't get the command-line options right :-( There has to be easier to do it.
As always, I assume you're using your friendly Fedora Linux distro. Also, bear in mind that every time you convert from one format to another, the quality of your video gradually degrades (not that you'll notice it when watching it on your PSP).
And so without further ado, here's how you can convert those avi/wmv/mpeg files from TPB into something you can watch on your PSP/iPhone or any handheld devices.
Avidemux rock!!
===
Step 1: Log in as root and from the console, run the following command:
# yum -y install avidemux
Step 2: Log in as regular user and from the console, run the following command:
$ rpm -q avidemux
$ avidemux
You should see the following Avidemux window:
Step 3: Open the file video file you wish to encode to another format. In the menu, click File->Open and then look for the video file you would like to convert.
Note: If you get a message that says something like "Index is not up date: You should use Tool->Rebuild frame. Do it now?". Just click "Yes".
Step 4: In the menu, click Auto->PlayStation Portable(H.264). You should see the following window:
Don't forget to
Step 5: Save the file, click File->Save (or just click the Save button). The Save window should pop up.
Type the name of your new video file. Don't forget to include the .mp4 extension to the name of the file.
Step 6: Once you click on the Save button, encoding should now start, you can now sit back and wait. Depending on fast your workstation is, and how large the file you want encode, this might take a while.
Once it finished, you should get the following pop-up message box.
Step 7: Now you can hook-up your PSP to your computer and copy the .mp4 file to the Video folder of your PSP.
If you're video editing needs are modest, you can also use Avidemux for cutting/deleting some scene, or join two or more video clips into a single video file, or add borders and subtitles to your videos.
Enjoy!!
Monday, November 3, 2008
How to rip video CD/DVDs using dvdrip tool
First a few rants...
Don't you hate it when you commissioned someone to video tape an event and all they give you is a DVD copy of the event. What if you wanted your friends and relatives to watch this video, do you give each one of them a DVD copy? Or what if you want to store it on your handheld devices like mobile phone or PSP? Or as is most likely the case, you just want to post it on Youtube and share it? What do you do? No can do?
I mean, it's your wedding day or your first childs' baptismal or any of those special events, you definitely want someone professional to do it right? You'd even be glad to pay for it. But then, you'd also want to share the finish product with as many friends/relatives/colleagues as you can.
I suppose these folks also want to protect their intellectual property rights, and I don't begrudge them that (never mind those DVD movies you legally paid for). But since it's a personal video of you/your friends/relatives, and that you're paying for it, then it's only fair that you should be able to ask for a mpeg/avi file version of it that you can easily distribute to others.
Hehe, I'm so emo, I don't even know why I'm so work up over DVD movies when ripping them is dead easy, if you have the right tool that is. Eniways, here's how you would rip your DVD movies.
Step 1: Log in as root and run the following command:
# yum -y install dvdrip ffmpeg
Step 2: As regular user, type the following from the command line:
$ rpm -q dvdrip ffmpeg
$ dvdrip &
Note: The first time you run the dvdrip utility, it will prompt you to set your preferences.
Step 3: Notice the red highlighted text that says ".../dvdrip-data not found: NOT OK"? Well, you need create this directory. The quickest would be jump back in to your command-line prompt and type the following:
$ mkdir ~/dvdrip-data
Restart your dvdrip app and you should now get the following window image:
There's a number of settings you can fine-tuned but for now stick with the default. It works fine.
Step 4: Now you need to create a new project.
You should now get this window:
Don't forget to click on the "+ Create project" button.
Step 5: In the section "Choose a ripping mode", make sure that you check "Copy data from DVD to hard disk before encoding".
Step 6: You should now go to the tab "RIP Title".
Step 7: Rip 'em boy!
That's it. Now wait and sit back as this might take a while depending on how large DVD movie is and how fast your computer is.
Step 7: The avi file that you rip from your DVD should be in your ~/dvdrip-data/project-name/avi/ directory. Where the 'project-name' is that name you used during the initial setup.
Success!!
Use your VLC, Mplayer, Totem Movie Player, or even Xine to watch your newly ripped avi file.
Don't you hate it when you commissioned someone to video tape an event and all they give you is a DVD copy of the event. What if you wanted your friends and relatives to watch this video, do you give each one of them a DVD copy? Or what if you want to store it on your handheld devices like mobile phone or PSP? Or as is most likely the case, you just want to post it on Youtube and share it? What do you do? No can do?
I mean, it's your wedding day or your first childs' baptismal or any of those special events, you definitely want someone professional to do it right? You'd even be glad to pay for it. But then, you'd also want to share the finish product with as many friends/relatives/colleagues as you can.
I suppose these folks also want to protect their intellectual property rights, and I don't begrudge them that (never mind those DVD movies you legally paid for). But since it's a personal video of you/your friends/relatives, and that you're paying for it, then it's only fair that you should be able to ask for a mpeg/avi file version of it that you can easily distribute to others.
Hehe, I'm so emo, I don't even know why I'm so work up over DVD movies when ripping them is dead easy, if you have the right tool that is. Eniways, here's how you would rip your DVD movies.
Step 1: Log in as root and run the following command:
# yum -y install dvdrip ffmpeg
Step 2: As regular user, type the following from the command line:
$ rpm -q dvdrip ffmpeg
$ dvdrip &
Note: The first time you run the dvdrip utility, it will prompt you to set your preferences.
Step 3: Notice the red highlighted text that says ".../dvdrip-data not found: NOT OK"? Well, you need create this directory. The quickest would be jump back in to your command-line prompt and type the following:
$ mkdir ~/dvdrip-data
Restart your dvdrip app and you should now get the following window image:
There's a number of settings you can fine-tuned but for now stick with the default. It works fine.
Step 4: Now you need to create a new project.
- In menu, click File->New Project. Type your project name, in my case it's skydiving. The rest of text field (ie. VOB directory, AVI directory, etc) will be automatically filled up.
You should now get this window:
Don't forget to click on the "+ Create project" button.
Step 5: In the section "Choose a ripping mode", make sure that you check "Copy data from DVD to hard disk before encoding".
Step 6: You should now go to the tab "RIP Title".
- In this tab, there's a button called "Read DVD Table of Contents", click this button to scan the files in your DVD.
- Once it finished scanning, below that, there should be a button called "RIP Selected Titles(s)/Chapter(s)". Click that button.
Step 7: Rip 'em boy!
- Click on the "Transcode" Tab
- Now, there's probably hundred of buttons and settings here that you can tuned and play around with. But only one setting is of really practical use to us. That's the "Container Options" which is already set to AVI container which is almost always what you want since this probably the de-facto video format in computers.
- Find the 'Operate' section and then click on the "Transcode" button. And off you go!
That's it. Now wait and sit back as this might take a while depending on how large DVD movie is and how fast your computer is.
Step 7: The avi file that you rip from your DVD should be in your ~/dvdrip-data/project-name/avi/ directory. Where the 'project-name' is that name you used during the initial setup.
Success!!
Use your VLC, Mplayer, Totem Movie Player, or even Xine to watch your newly ripped avi file.
Friday, October 17, 2008
Setting up Fedora Directory
An old colleague from my Sykes call center days ask me if I can set up a Fedora Directory Server and walk through his team through the whole installation and configuration. This was last Feb or March, I thought I'd gather up the notes I wrote and put them here. This will make a nice blog entry, hehe. Besides, you never know when you'll be ask to setup another Directory server and I'd hate start from scratch again. Just a heads-up though, this is long entry!
====
Distro: Fedora 8
Server: Fedora Directory Server 1.1
I. First off, some really basic intro:
LDAP (Lightweight Directory Access Protocol) is client-server protocol for accessing directory service. A directory server provides a centralized directory service for your network that can integrate wide variety of information.
Fedora Directory Server is a secure, highly scalable, robust LDAP server implementation of Red Hat and was derived from the original slapd directory server work done by UM.
II. Installation and General Fedora Directory Server Usage
Roles mechanism is generally more efficient to use for applications as it reduce client complexity but it is more resource-intensive on the server side.
VII. Access Control
Fedora Directory Access Control defines the mechanism on how a user can access
Directory information. Access Control Instructions (ACI) are defined as attributes of entries. The three main parts of ACI are:
1. Servers and Applications ->Directory Server->Open->Directory.
2. Choose the object you wish to create an ACI
3. Right click and choose Set Access Permission
4. In the Access Control Editor, set the name for ACI entry
5. In the 'Users' tab, add members (could be individual/group/roles)
VIII. Centralized Linux Authentication
Additional Notes:
Tools under openldap-clients are not supported for Directory Server
operations. For best results with Directory Server, use tools in
mozldap-tools. Tools in this package are found in /usr/lib/mozldap
directory.
Alternatively, you can use Kontact, a GUI tool for accessing LDAP server.
Kontact is included in the kdepim rpm package.
Directory Server Gateway/Phonebook is simple web-based application that
provides search/query/update interface for directory server data but is
currently not available for version 1.1 Fedora DS.
====
Distro: Fedora 8
Server: Fedora Directory Server 1.1
I. First off, some really basic intro:
LDAP (Lightweight Directory Access Protocol) is client-server protocol for accessing directory service. A directory server provides a centralized directory service for your network that can integrate wide variety of information.
Fedora Directory Server is a secure, highly scalable, robust LDAP server implementation of Red Hat and was derived from the original slapd directory server work done by UM.
II. Installation and General Fedora Directory Server Usage
- Clean installation of Fedora 8.
Note: most packages required for installing Fedora Directory Server are hosted in Fedora Repository and would require Internet access on the server. - Install a Java JRE, on Fedora 8 you can use IcedTea Java
yum -y install java-1.7.0-icedtea - Setup Fedora DS yum repo,
cd /etc/yum.repos.d/
wwget http://directory.fedoraproject.org/sources/idmcommon.repo
wget http://directory.fedoraproject.org/sources/dirsrv.repo - Install Fedora Directory,
yum -y install fedora-ds - Initial setup to create an instance of the directory server
cd /usr/sbin/
./setup-ds-admin.pl
Note: Choose "Typical Installation". Also, most installation setup options
are reasonably set, so you can accept default options. - Install the remote management console for managing Fedora Administration
Server.
yum -y install fedora-idm-console - Install the command line tools for accessing Fedora Directory Server
yum -y install mozldap-tools
Note: The openldap-clients package provide similar tool functionality for
accessing traditional OpenLDAP servers. - Starting the Fedora Directory Server and Administration Server
service dirsrv start
service dirsrv-admin start
Note: When starting the dirsrv the first time, specify the directory
instance. To automatically start the directory services, run the following
command:
chkconfig dirsrv on
chkconfig dirsrv-admin on
Files for Fedora Directory Server can be found at,
Log Files: /var/log/dirsrv
Config Files: /etc/dirsrv/
Database: /var/lib/dirsrv/slapd-instance
Client Tools: /lib/usr/mozldap
- The directory information tree (DIT) mirror the tree model used by most
filesystem, with the tree's root appearing on top of the hierarchy. - The entry is an object that represent a particular information in directory tree (ie. person in your organization, printer in network). It is stored in a hierarchical structrue in the directory tree. An entry is defined in LDIF file.
- LDIF file is standard text-based format. Each entry in LDIF file is represented by attributes and their values.
- Schema defines the attributes type that each entries can contain. Standard schema can be found in /etc/dirsrv/schema directory.
- Starting the Fedora Server Console
fedora-idm-console -a http://localhost:9830 - Create Organizational Unit under root directory
1. Servers and Applications ->Directory Server-> Directory
2. Choose the root suffix and right click.
3. Choose New->Organizational Unit - Adding 'Users' in Organizational Unit
1. Servers and Application->Directory Server-> Directory
2. Right click the appropriate Organizational Unit
3. Choose New->User - Importing data from the Directory Server Console
1. Servers and Applications ->Directory Server->Open->Task
2. In the Import Database dialog box, enter full path
3. Go to Directory tab to verify if data was successfully imported. - Modifying entries in the Directory
1. Servers and Applications->Directory Server->Open->Directory
2. Right click on the entry you wish to modify
3. Choose Advanced Properties
4. Choose Attribute you wish to modify - Deleting entries in the Directory
1. Servers and Applications->Directory Server->Open->Directory
2. Right click on the entry you wish to delete
3. Choose delete option
- Create Organizational Unit under root directory
ldapmodify -v -a -D "cn=directory manager" -h <hostname> -p <port> -f
<file.ldif> -w - - Create user account under Organization Unit
ldapmodify -v -a -D "cn=directory manager" -h <hostname> -p <port> -f
<users.ldif> - To delete Directory entries
ldapdelete -D "cn=directory manager" -h <hostname> -p <port>
"uid=u1research,ou=research,dc=example,dc=com" -w -
Note: You can only delete entries at the end of branch. You cannot delete
entried that have sub-entries. - Modify Directory entries
ldapmodify -v -D "cn=directory manager" -h <hostname> -p <port> -f
<file.ldif> -w -
- Groups are mechanism for associating entries into a list.
- Roles is another entry grouping mechanism, it enables you to determined role
membership as soon as an entry is retrieved from the directory. - Creating Groups:
1. Servers and Applications ->Directory Server->Open->Directory.
2. In Menu, Object->New->Group
3. Add group name in General folder and members in Member folder.
To list down members for certain group,
ldapsearch -v -D "cn=directory manager" -h <host> -p <port> -b
"dc=example,dc=com" "cn=<name>" -w - - Creating Roles:
1. Servers and Applications ->Directory Server->Open->Directory.
2. In Menu, Object->New->Roles
3. Add group name in General folder and members in Member folder.
To list specific Roles for user,
ldapsearch -v -D "cn=directory manager" -h <host> -p <port> -b
"dc=example,dc=com" "uid=<userid>" \* nsRole -w -
To find all members of a particula role,
ldapsearch -v -D "cn=directory manager" -h <host> -p <port> -s sub -b
"dc=example,dc=com" "(nsRole=cn=,dc=<name>,dc=lt;name>)" dn -w -
Roles mechanism is generally more efficient to use for applications as it reduce client complexity but it is more resource-intensive on the server side.
VII. Access Control
Fedora Directory Access Control defines the mechanism on how a user can access
Directory information. Access Control Instructions (ACI) are defined as attributes of entries. The three main parts of ACI are:
- Target, specify the entry, attributes for which you want to control access.
- Permission, specify the type of access that is allowed or denied.
- Bind Rule, identify the set of users to which ACI applies.
1. Servers and Applications ->Directory Server->Open->Directory.
2. Choose the object you wish to create an ACI
3. Right click and choose Set Access Permission
4. In the Access Control Editor, set the name for ACI entry
5. In the 'Users' tab, add members (could be individual/group/roles)
VIII. Centralized Linux Authentication
- A more robust and secure alternative to using centralized authentication system through NIS.
- User accounts information are stored in Directory server for retrieval during authentication from client side.
- Home directories of the user resides in the Directory server and exported to the client side.
- To setup Fedora Directory as authentication server for client.
- Create the Linux user account in the server. Take note of uid and gid and /home directory for the account.
- In the Directory, go to "Users and Group" tab.
- Click on Create->User
- Select the Organizational Unit to put the user in and create the user account.
- In the "Posix User", fill in the account info based with UID, GID, Home Directory.
- Export(NFS) the home directory.
- In client side, configure authentication to use the Directory server.
- In the client side, edit /etc/auto.master file and add the following:
/home /etc/auto.guests --timeout=60 - In the client side, edit /etc/auto.guests file and add the following:
* -rw,soft,intr:/home/& - Set autofs to automount home directories from the server
chkconfig autofs on
chkconfig nfs on
service autofs start
service nfs start
Additional Notes:
Tools under openldap-clients are not supported for Directory Server
operations. For best results with Directory Server, use tools in
mozldap-tools. Tools in this package are found in /usr/lib/mozldap
directory.
Alternatively, you can use Kontact, a GUI tool for accessing LDAP server.
Kontact is included in the kdepim rpm package.
Directory Server Gateway/Phonebook is simple web-based application that
provides search/query/update interface for directory server data but is
currently not available for version 1.1 Fedora DS.
Friday, October 3, 2008
Python Script to Pull Out MP3 Metadata
I have these number of MP3 files all lump together in a single directory that I was going to categorize and sort out over the weekend. Easy does it really, just create the directories (ie. Acoustic, Rock, RnB, etc) and then move them over to these directories.
Problem is, I have over 700~ mp3 files, and most of them have non-descriptive one word title. Some I knew right off the bat, but most of them I don't (I use 'random' mix option when playing them). Now, for me to listen to each one of them and categorize them to properly would've taken me more than one weekend.
And so I thought, wouldn't it be cool to write a small Python script to pull out the meta data (ie. artist, album, year, etc) and just based it from there? Yep, what a better way brush up on your non-existent programming fu than to write a small Pytho utility :-) And so here's the script I wrote, not the most elegant but it works (sorta :-))
Note: For reference, check out Dive Into Python book (chapter 5-6). That's where I got the baseline code. But now (except for stripnull function), the code hardly resemble the original one.
Problem is, I have over 700~ mp3 files, and most of them have non-descriptive one word title. Some I knew right off the bat, but most of them I don't (I use 'random' mix option when playing them). Now, for me to listen to each one of them and categorize them to properly would've taken me more than one weekend.
And so I thought, wouldn't it be cool to write a small Python script to pull out the meta data (ie. artist, album, year, etc) and just based it from there? Yep, what a better way brush up on your non-existent programming fu than to write a small Pytho utility :-) And so here's the script I wrote, not the most elegant but it works (sorta :-))
Note: For reference, check out Dive Into Python book (chapter 5-6). That's where I got the baseline code. But now (except for stripnull function), the code hardly resemble the original one.
#!/usr/bin/python
# Author: Gene Ordanza
# Email: gene.ordanza AT gmail.com
# Description: Ugly hack on how to pull the metadata out of mp3 files that uses
# the ID3v1 TAG formatting scheme. mp3meta will also create a file called
# MetaFile.txt in your current directory.
# Usage: mp3meta<directory> <directory>
# Where:is optional. If no directory was given, mp3meta
# looks in the current directory and walks through all subdirectory.
# Note: A great reference on how to pull ID3v1 data from mp3 file can be
# found on Chap 5-6 Dive Into Python book Chap 5-6, you can also find it online
# at http://diveintopython.org/
import sys
import os
def stripnulls(data):
string = data.replace('\00','').strip()
return string[:23]
def writeMetatoFile(mp3ObjectList):
filename = 'MetaFile.txt'
line_width = 80
field_data = '%-5s%-24s%-24s%-24s%-4s\n'
f1, f2, f3, f4, f5 = ('\nNo.', 'Title', 'Artist', 'Album', 'Year\n')
if os.path.exists(filename):
file = open(filename, 'a')
else:
file = open(filename, 'w')
file.write('%s%s' % (' '*31, 'MP3 File Metadata\n'))
file.write('=' * line_width)
file.write(field_data % (f1, f2, f3, f4, f5))
file.write('-' * line_width)
file.write('\n')
for mp3file in mp3ObjectList:
file.write(field_data % (mp3file['count'], mp3file['Title'],\
mp3file['Artist'], mp3file['Album'], mp3file['Year']))
file.close()
class MP3Meta(dict):
count = 0
def __init__(self, name):
self['name'] = name
self.__class__.count += 1
self['count'] = MP3Meta.count
metaData = { 'Title' : (3, 33, stripnulls),
'Artist': (33, 63, stripnulls),
'Album' : (63, 93, stripnulls),
'Year' : (93, 97, stripnulls),
'Comment': (97, 126, stripnulls),
'Genre' : (127, 128, ord)}
def usage():
sys.stderr.write("""
Usage: mp3meta [directory]
Where [directory] is optional. If you did not specify one, it will
start at your current directory and traverse all subdirectory.
""")
def getMetaData(listofMP3):
mp3ObjectList = []
for filename in listofMP3:
mp3file = MP3Meta(filename)
try:
metafile = open(filename, 'rb', 0)
metafile.seek(-128, 2)
mp3data = metafile.read(128)
if mp3data[:3] == 'TAG':
for tag, (start, end, cleanup) in mp3file.metaData.items():
mp3file[tag] = cleanup(mp3data[start:end])
mp3ObjectList.append(mp3file)
else:
(null, title) = os.path.split(filename)
(truncated, null) = os.path.splitext(title)
mp3file['Title'] = truncated[:23]
mp3file['Artist'] = ''
mp3file['Album'] = '** Non-ID3v1.0 Format **'
mp3file['Year'] = ''
mp3file['Comment'] = ''
mp3file['Genre'] = ''
mp3ObjectList.append(mp3file)
metafile.close()
except IOError: pass
writeMetatoFile(mp3ObjectList)
def findMP3(dummy, dirname, fnames):
extension = '.mp3'
mp3List = []
for fname in fnames:
if fname.endswith(extension):
path = os.path.join(dirname, fname)
mp3List.append(path)
getMetaData(mp3List)
def main():
if len(sys.argv) == 1:
directory = os.path.abspath('.')
os.path.walk(directory, findMP3, None)
if len(sys.argv) == 2:
directory = sys.argv[1]
if os.path.isdir(directory):
os.path.walk(directory, findMP3, None)
else:
usage()
if __name__ == '__main__':
main()
Friday, September 26, 2008
Quickie Mail Server Setup - Part II
We'll continue were we left off from Part 1, make sure that the www.exampledns.com and the "mx" record for the "exampledns.com" domain is resolving properly. We'll be setting up a secure IMAP server accessible either through any of the mail user agents (ie. Thunderbird, Evolution, etc) or a Web-based email system.
We'll be using OpenSSL package (should be installed by default) in our mail server setup. OpenSSL comes with a versatile tool for generating private/public keys and certificates. The idea is to encrypt (and sign) our data packets using OpenSSL cryptographic libraries before sending them over the network . OpenSSL is an implementation of SSL/TLS functionality, it mostly gained prominence for securing transaction for e-commerce web sites (ie. banks and web retailers like Amazon) but can also be use for host of other services.
SSL/TLS protocol works by means of PKI (Public Key Infastructure). Basically, in PKI, you have a private key and certificate/public key, PKI enables users to exchange these keys and certificates securely (the server initially send a certificate to the user to be authenticated, usually via third-party Certificate Authority CA). Once both sides have verified and exchange keys, communication is encrypted using these certificates.
NOTE: When dealing with PKI setup and to fully appreciate how SSL/TLS works, make sure that you have a passing familiarity on how asymmetric cryptography works.
There a 3 ways we can setup PKI
Step 1: Generate a self-signed certificate. We have two option here. We can use the Dovecot script /usr/libexec/dovecot/mkcert.sh or the Fedora /etc/pki/tls/certs/Makefile config (both script uses openssl behind the scene). Both automate the whole process of creating self-signed certificate for us but the Fedora Makefile script gives us more flexibility in creating certificates.
Step 2: Dovecot Configuration. Edit the /etc/dovecot.conf file and add the path for your private key and your certificate.
Save and exit and then restart the Dovecot service. That's it!
Step 3: Test your encrypted IMAP service. Point your email client to your newly encrypted mail server, and that's it. I used claws-mail, it auto-negotiate the exchange of certificates. If you're using Thunderbird, Evolution or Kmail, you might need to manually enable the settings for SSL/TLS.
Step 4: Setting up Web-Mail. This is one of the few times that we'll install from the source rather than 'yum' install the package from Fedora repo (I still get a kicked out of installing from the source from time to time).
Unpack the Squirrelmail source and run the Squirrelmail config tool:
Step 5: Setup Apache. In your /etc/httpd/conf/httpd.conf file, add the following settings:
Note 1: Squirrelmail is written in Php . If you're encountering Php-related errors, check if Php package is installed.
Note 2: To avoid overly-complex, error-prone, multiple certificate-enabled server, revert Dovecot daemon back to using simple imap/pop3 protocol before setting-up an "https://" web server.
Step 6: Generate a server key and certificate for your web server (mod_ssl module handle the encryption for Apache and is normally bundled in).
But first, note that Fedora already comes with it own private key and certificate for Apache out of the box. And also Makefile generate them in pre-define directory (ie. /etc/pki/tls/{private/certs}/ ). If you would like to generate a new key/cert, you either have to rename/delete/move these old files.
In Part III, we'll setup SpamAssassin and Anti-Virus using Clamav and Mimedefang.
We'll be using OpenSSL package (should be installed by default) in our mail server setup. OpenSSL comes with a versatile tool for generating private/public keys and certificates. The idea is to encrypt (and sign) our data packets using OpenSSL cryptographic libraries before sending them over the network . OpenSSL is an implementation of SSL/TLS functionality, it mostly gained prominence for securing transaction for e-commerce web sites (ie. banks and web retailers like Amazon) but can also be use for host of other services.
SSL/TLS protocol works by means of PKI (Public Key Infastructure). Basically, in PKI, you have a private key and certificate/public key, PKI enables users to exchange these keys and certificates securely (the server initially send a certificate to the user to be authenticated, usually via third-party Certificate Authority CA). Once both sides have verified and exchange keys, communication is encrypted using these certificates.
NOTE: When dealing with PKI setup and to fully appreciate how SSL/TLS works, make sure that you have a passing familiarity on how asymmetric cryptography works.
There a 3 ways we can setup PKI
- Using commercial Certificate Authority (CA) such as VeriSign, Thawte (there's free trial version available from VeriSign if you want to use one).
- Web of Trust popularize by PGP/GnuPG. You can get free certificates from organization such as CAcert, a community-driven CA. If you don't mind the hassle (ie. users are verified) this is a good alternative to commercial CA.
- Generate our self-signed certificate. Since this is the most convenient for us, we'll simply generate our own certificate.
Step 1: Generate a self-signed certificate. We have two option here. We can use the Dovecot script /usr/libexec/dovecot/mkcert.sh or the Fedora /etc/pki/tls/certs/Makefile config (both script uses openssl behind the scene). Both automate the whole process of creating self-signed certificate for us but the Fedora Makefile script gives us more flexibility in creating certificates.
cd /etc/pki/tls/certsUsing make utility, we generated the dovecot.pem file that contains the private key and the certificate.
make dovecot.pem
Step 2: Dovecot Configuration. Edit the /etc/dovecot.conf file and add the path for your private key and your certificate.
protocols = imaps pop3s
ssl_cert_file = /etc/pki/tls/certs/dovecot.pem
ssl_key_file = /etc/pki/tls/certs/dovecot.pem
Save and exit and then restart the Dovecot service. That's it!
Step 3: Test your encrypted IMAP service. Point your email client to your newly encrypted mail server, and that's it. I used claws-mail, it auto-negotiate the exchange of certificates. If you're using Thunderbird, Evolution or Kmail, you might need to manually enable the settings for SSL/TLS.
Step 4: Setting up Web-Mail. This is one of the few times that we'll install from the source rather than 'yum' install the package from Fedora repo (I still get a kicked out of installing from the source from time to time).
- Get the Squirrelmail source here.
- Install the Squirrelmail source.
mkdir /usr/local/src/squirrelmailNote: Traditionally, /usr/local/src/ directory is where you install 'source' programs. The 'data' and 'temp' directory is where Squirrelmail will place your data and email attachment. And finally, 'apache' should be set as the group owner of the these directories.
cd /usr/local/src/squirrelmail
mkdir data temp
chgrp apache
Unpack the Squirrelmail source and run the Squirrelmail config tool:
mv squirrelmail-X.Y.Z-tar.gz /usr/local/squirrelmail
cd /usr/local/squirrelmail
tar -xzvf squirrelmail-X.Y.Z-tar.gz
mv squirrelmail.X.Y.Z www
cd www/config
./conf.pl
Step 5: Setup Apache. In your /etc/httpd/conf/httpd.conf file, add the following settings:
Alias /webmail /usr/local/src/squirrelmail/wwwRestart the Apache httpd service. Fire up your browser, point it to http://www.exampledns.com/webmail website and log in.
<Directory /usr/local/src/squirrelmail/www>
Options Indexes
AllowOverride none
Order allow,deny
allow from all
</Directory>
Note 1: Squirrelmail is written in Php . If you're encountering Php-related errors, check if Php package is installed.
Note 2: To avoid overly-complex, error-prone, multiple certificate-enabled server, revert Dovecot daemon back to using simple imap/pop3 protocol before setting-up an "https://" web server.
Step 6: Generate a server key and certificate for your web server (mod_ssl module handle the encryption for Apache and is normally bundled in).
But first, note that Fedora already comes with it own private key and certificate for Apache out of the box. And also Makefile generate them in pre-define directory (ie. /etc/pki/tls/{private/certs}/ ). If you would like to generate a new key/cert, you either have to rename/delete/move these old files.
By default, when you created the localhost.key it will prompt you for a pass phrase which is very annoying when you need to restart your Apache. To remove this pass phase after generating a new localhost.key,
rm -f /etc/pki/tls/certs/localhost.crt
rm -f /etc/pki/tls/private/localhost.key
cd /etc/pki/tls/certs
make genkey
cd /etc/pki/tls/private
We then create the certificate:
cd /etc/pki/tls/private
cp localhost.key localhost.key-copy
openssl rsa -in localhost.key-copy -out localhost.key
cd /etc/pki/tls/certsA new localhost.crt will be generated. Restart you Apache and that's it! Point your browser to your new certificate-enabled web server and your browser should prompt you whether to accept
make testcerts
In Part III, we'll setup SpamAssassin and Anti-Virus using Clamav and Mimedefang.
Saturday, September 6, 2008
Quickie Mail Server Setup Tutorial using Sendmail, Dovecot, SquirrelMail, SpamAssassin on Fedora 8 (Part I)
Note: Make sure to check the conventions I use before going through the tutorial.
Hullo world! For this post, we'll setup a quickie mail server. The idea here as with most other post, is to setup basic mail server to get you going, so you can spend your time fiddling with advance setting rather than groping your way on how setup mail server. Note that a critical component (that we won't tackle here) is a working DNS setup. It's crucial that you have an MX record pointing to working domain. If you haven't setup one up yet, check this quickie post. Otherwise, you need to set one up before proceeding.
Also, we'll use the "exampledns.com" previously setup as example domain. Hostname of the machine that you working on is "node1.exampledns.com". You also have local user 'gene' and 'user1'
For this series of post, we'll setup the following:
- Sendmail
- Dovecot
- SquirrelMail
- SpamAssassin
Basic Setup of Sendmail:
Step 1: Log in as root and install all the necessary packages:
# yum -y install M4 sendmail sendmail-cf sendmail-doc dovecot
Step 2: By default, Sendmail only accept connection from loopback device or 127.0.0.1, you need to enable Sendmail to accept connection to your other network interface. To do this, edit /etc/mail/sendmail.mc (make sure to create a backup first), look for the following entry,
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
And change it to,
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
Step 3: Edit /etc/mail/local-host-names and list all hostnames in your network that is acting as MX recipient. In my case, I have the following:
exampledns.com
node1.exampledns.com
mail.exampledns.com
Note that you might have a different settings here.
Step 4: Update the sendmail.cf config file and restart Sendmail service and then send test mail.
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
Hullo world! For this post, we'll setup a quickie mail server. The idea here as with most other post, is to setup basic mail server to get you going, so you can spend your time fiddling with advance setting rather than groping your way on how setup mail server. Note that a critical component (that we won't tackle here) is a working DNS setup. It's crucial that you have an MX record pointing to working domain. If you haven't setup one up yet, check this quickie post. Otherwise, you need to set one up before proceeding.
Also, we'll use the "exampledns.com" previously setup as example domain. Hostname of the machine that you working on is "node1.exampledns.com". You also have local user 'gene' and 'user1'
For this series of post, we'll setup the following:
- Sendmail
- Dovecot
- SquirrelMail
- SpamAssassin
Basic Setup of Sendmail:
Step 1: Log in as root and install all the necessary packages:
# yum -y install M4 sendmail sendmail-cf sendmail-doc dovecot
Step 2: By default, Sendmail only accept connection from loopback device or 127.0.0.1, you need to enable Sendmail to accept connection to your other network interface. To do this, edit /etc/mail/sendmail.mc (make sure to create a backup first), look for the following entry,
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
And change it to,
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
Step 3: Edit /etc/mail/local-host-names and list all hostnames in your network that is acting as MX recipient. In my case, I have the following:
exampledns.com
node1.exampledns.com
mail.exampledns.com
Note that you might have a different settings here.
Step 4: Update the sendmail.cf config file and restart Sendmail service and then send test mail.
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# service sendmail restart
# su - gene
[gene]$ echo | mail -s "test email from gene" user1@exampledns.com
[gene]$ su - user1
[user1]$ mail
Note: From local user gene, you should be able to see emails from root account.
Step 5a: By default, Sendmail doesn't use 'write' your domain name to outgoing email. The above email from gene would show on user1 as coming from gene@localhost.localdomain. To write the '@exampledns.com' domain to outgoing emails, edit /etc/mail/sendmail.mc and find the following settings:
dnl MASQUERADE_AS(`domain-name.com')dnl
dnl FEATURE(masquerade_entire_domain)dnl
dnl FEATURE(masquerade_envelope)dnl
Step 5b: Remove the prefix dnl, so you have something similar below. And specify the domain name you wish that your outgoing emails will use. Edit /etc/mail/sendmail.mc and add the following settings:
MASQUERADE_AS(`exampledns.com')dnl
FEATURE(masquerade_entire_domain)dnl
FEATURE(masquerade_envelope)dnl
Step 5c: Update sendmail config file and restart your Sendmail service
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
Step 6b: Restart Sendmail:
# service sendmail restart
or
# newaliases
Step 9: Setup your imap server using Dovecot. Log in as root, edit /etc/dovecot.conf and add the following:
# cp /etc/dovecot.conf /etc/dovecot.conf-original
# vi /etc/dovecot.conf
protocols = imap pop3
# service dovecot start
Note: In future post, we'll setup a more secure IMAP server using certificates.
Step 10: Test your imap server using your email client (ie. kmail, thunderbird, evolution, etc)
Watch out for the continuation of this Quickie Mail Server Setup Tutorial using Sendmail, Dovecot, SquirrelMail, SpamAssassin on Fedora 8.
# su - gene
[gene]$ echo | mail -s "test email from gene" user1@exampledns.com
[gene]$ su - user1
[user1]$ mail
Note: From local user gene, you should be able to see emails from root account.
Step 5a: By default, Sendmail doesn't use 'write' your domain name to outgoing email. The above email from gene would show on user1 as coming from gene@localhost.localdomain. To write the '@exampledns.com' domain to outgoing emails, edit /etc/mail/sendmail.mc and find the following settings:
dnl MASQUERADE_AS(`domain-name.com')dnl
dnl FEATURE(masquerade_entire_domain)dnl
dnl FEATURE(masquerade_envelope)dnl
Step 5b: Remove the prefix dnl, so you have something similar below. And specify the domain name you wish that your outgoing emails will use. Edit /etc/mail/sendmail.mc and add the following settings:
MASQUERADE_AS(`exampledns.com')dnl
FEATURE(masquerade_entire_domain)dnl
FEATURE(masquerade_envelope)dnl
Step 5c: Update sendmail config file and restart your Sendmail service
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# service sendmail restart
Your outgoing mail should now look like gene@exampledns.com.
Miscellaneous Setup of Sendmail:
Step 6a: Set-up your aliases. For example, all inquiries sent to inquiry@exampledns.com will be forwarded to gene@exampledns.com. Edit /etc/aliases file and add the following entry at the bottom of the file:
inquiry: gene@exampledns.com
Your outgoing mail should now look like gene@exampledns.com.
Miscellaneous Setup of Sendmail:
Step 6a: Set-up your aliases. For example, all inquiries sent to inquiry@exampledns.com will be forwarded to gene@exampledns.com. Edit /etc/aliases file and add the following entry at the bottom of the file:
inquiry: gene@exampledns.com
Note: To refer to a filename for a list of user that will resolve to an alias (ie. mailing list setup), use the following format:
alias: :include:/path/to/file
So you could have something like:
company-announcement: :include:/etc/mail/staff-list
Step 6b: Restart Sendmail:
# service sendmail restart
or
# newaliases
Step 7a: To accept or reject mails coming from selected users or domain, edit the /etc/mail/access file and add something along the lines of:
spammer@spam.com REJECT
192.168.3.200 DISCARD
sendmail.com REJECT
(RELAY reject the sender or recipient with general purpose error message. DISCARD drop the mail without any error message or notification to the sender or recipient.)
Step 7b: Rebuild the access file database and restart the Sendmail program:
# makemap hash /etc/mail/access.db < /etc/mail/access
# service sendmail restart
Step 8a: Set a cap the size of email attachment. Add the following entries to sendmail.mc
define(`confMAX_MESSAGE_SIZE', `size-in-bytes')dnl
Step 8b: Update sendmail config file and restart your Sendmail service
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# service sendmail restart
Step 9: Setup your imap server using Dovecot. Log in as root, edit /etc/dovecot.conf and add the following:
# cp /etc/dovecot.conf /etc/dovecot.conf-original
# vi /etc/dovecot.conf
protocols = imap pop3
# service dovecot start
Note: In future post, we'll setup a more secure IMAP server using certificates.
Step 10: Test your imap server using your email client (ie. kmail, thunderbird, evolution, etc)
Watch out for the continuation of this Quickie Mail Server Setup Tutorial using Sendmail, Dovecot, SquirrelMail, SpamAssassin on Fedora 8.
Thursday, September 4, 2008
Creating Yum Repository on Fedora 9
Note: Make sure to check the conventions I use before going through the tutorial.
Creating your own private yum repository is useful especially if you wish to conserve bandwidth or you have your own packages you wish to distribute through yum (I used it for my class since Internet access it always available). Creating one in Fedora is fairly straight-forward.
Step 1 (server side): Log in as root and install the necessary packages (these can also be found on your F9 DVD or iso) , and start the httpd service.
# yum -y install createrepo httpd
# rpm -q createrepo httpd
# service httpd start
# chkconfig --level 35 httpd on
Step 2 (server side): Log in as root and assuming that you've already downloaded the official Fedora 9 iso image, then mount the iso and copy the rpm packages in iso image to your Apache directory.
# mkdir /var/www/html/f9repo
# mkdir /mnt/iso
# mount -o loop Fedora-9-i386-DVD.iso /mnt/iso
# cp -av /mnt/iso/Packages/* /var/www/html/f8repo
# cd /var/www/html/f9repo
# createrepo -v .
# service httpd restart
Note: You can also check your yum repo via web by visiting http://localhost/f8repo
Step 3 (client side): Log in as root, and create private.repo file to point your Fedora 9 client to the local yum repository server.
# cd /etc/yum.repo.d/
# vi private.repo
[LocalRepo]
name=Local Yum Repository
baseul=http://192.168.0.2/f9repo
enabled=1
gpgcheck=0
Note: For testing purposes, also edit /etc/yum.repo.d/fedora.repo file. Look for "enabled=1" and change it to "enabled=0". This would disable yum from fetching packages from Fedora repository (Internet).
Step 4: Log in as root and test your local yum repository. By default, 'nano' text editor is installed. Remove this package and try to install them again.
# yum -y remove nano
# yum -y install nano
Note: You should see a message where is getting it's package from the LocalRepo.
Optional package I find useful on the client side (but you need to download the Internet):
# yum -y install yumex yum-fastestmirror yum-skip-broken
I hope you find this post "Creating Yum Repository on Fedora 9" useful!
Creating your own private yum repository is useful especially if you wish to conserve bandwidth or you have your own packages you wish to distribute through yum (I used it for my class since Internet access it always available). Creating one in Fedora is fairly straight-forward.
Step 1 (server side): Log in as root and install the necessary packages (these can also be found on your F9 DVD or iso) , and start the httpd service.
# yum -y install createrepo httpd
# rpm -q createrepo httpd
# service httpd start
# chkconfig --level 35 httpd on
Step 2 (server side): Log in as root and assuming that you've already downloaded the official Fedora 9 iso image, then mount the iso and copy the rpm packages in iso image to your Apache directory.
# mkdir /var/www/html/f9repo
# mkdir /mnt/iso
# mount -o loop Fedora-9-i386-DVD.iso /mnt/iso
# cp -av /mnt/iso/Packages/* /var/www/html/f8repo
# cd /var/www/html/f9repo
# createrepo -v .
# service httpd restart
Note: You can also check your yum repo via web by visiting http://localhost/f8repo
Step 3 (client side): Log in as root, and create private.repo file to point your Fedora 9 client to the local yum repository server.
# cd /etc/yum.repo.d/
# vi private.repo
[LocalRepo]
name=Local Yum Repository
baseul=http://192.168.0.2/f9repo
enabled=1
gpgcheck=0
Note: For testing purposes, also edit /etc/yum.repo.d/fedora.repo file. Look for "enabled=1" and change it to "enabled=0". This would disable yum from fetching packages from Fedora repository (Internet).
Step 4: Log in as root and test your local yum repository. By default, 'nano' text editor is installed. Remove this package and try to install them again.
# yum -y remove nano
# yum -y install nano
Note: You should see a message where is getting it's package from the LocalRepo.
Optional package I find useful on the client side (but you need to download the Internet):
# yum -y install yumex yum-fastestmirror yum-skip-broken
I hope you find this post "Creating Yum Repository on Fedora 9" useful!
Wednesday, September 3, 2008
Fedora 8 Quickie Apache Server Setup (Part II)
Note: Make sure to check the conventions I use before going through the tutorial.
Hello! For second part of our web server setup, we'll setup CGI script and Virtual Hosting. As with previous post you can use http://localhost for testing if you haven't setup local DNS from here
Running CGI Scripts
CGI scripts are a way for you to run external program and dynamic content on your Apache web server. For this post, we'll only run very basic BASH shell script but note that there are a number of scripting language you can use. Perl (forever classic way to run cgi), Php (popular but on it's way out), Python (slowly inching it's way to being the de-facto scripting language of choice among the geeky crowd), Ruby (distant cousin of Python) and host of other non-open-source languages.
By default, all CGI scripts are place in /var/www/cgi-bin directory. This is sufficient for our testing. However, if you need to change them, then look for following parameters in /etc/httpd/conf/httpd.conf file and change them to your preferred settings:
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
Step 1: Log in as root, and create a basic cgi BASH script.
# cd /var/www/cgi-bin/
# nano test.sh
#!/bin/bash
echo Content-Type: text/html
echo
echo "<pre>"
echo "Hello, this is test cgi script and my username is `whoami`"
echo "My id is `id`"
echo "Today is `date`"
echo "</pre>"
Step 2: Set the execute permission for the script
# chmod 755 test.sh
Step 3: Log in as local user (ie. gene) and test the cgi script
$ firefox http://localhost/cgi-bin/test.sh
or
$ firefox http://www.exampledns.com/cgi-bin/test.sh
Setting Virtual Host
Virtual Hosting refers to the feature of Apache to host multiple domain from a single web server. So you have something like a www.company1.com and ww.company2.com hosted on a single server. There are two way to implement virtual hosting, IP-based and Name-based. For our setup, we'll use Name-based as it's generally more straight-forward.
Note: Before taking it for a test drive, make sure to setup a domain for www.company1.com and www.company2.com. We'll use these for our virtual domain. You can follow a quick DNS setup here.
Step 1: Do a quick dig if the test domains are properly resolving.
$ dig www.company1.com
$ dig www.company2.com
Step 2: Log in as root and create the appropriate subdirectory and test page for "www.company1.com" and "www.company2.com".
# cd /var/www
# mkdir virtual
# mkdir virtual/company1
# mkdir virtual/company2
# echo "Welcome to Company1" > virtual/company1/index.html
# echo "Welcome to Company2" > virtual/company2/index.html
Step 2: As root, edit /etc/httpd/conf/httpd.conf file and add the following settings at bottom of of the file.
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.company1.com
DocumentRoot /virtual/company1
ErrorLog logs/company1_error_log
CustomLog logs/company1-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerName www.company2.com
DocumentRoot /virtual/company2
ErrorLog logs/company2_error_log
CustomLog logs/company2-access_log common
</VirtualHost>
Step 3: Restart the Apache web server and point your web browser to the virtual domain.
# service httpd restart
# firefox http://www.company1.com
# firefox http://www.company2.com
You now should have a rudimentary virtual hosting setup, enough to get you started.
Hello! For second part of our web server setup, we'll setup CGI script and Virtual Hosting. As with previous post you can use http://localhost for testing if you haven't setup local DNS from here
Running CGI Scripts
CGI scripts are a way for you to run external program and dynamic content on your Apache web server. For this post, we'll only run very basic BASH shell script but note that there are a number of scripting language you can use. Perl (forever classic way to run cgi), Php (popular but on it's way out), Python (slowly inching it's way to being the de-facto scripting language of choice among the geeky crowd), Ruby (distant cousin of Python) and host of other non-open-source languages.
By default, all CGI scripts are place in /var/www/cgi-bin directory. This is sufficient for our testing. However, if you need to change them, then look for following parameters in /etc/httpd/conf/httpd.conf file and change them to your preferred settings:
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
Step 1: Log in as root, and create a basic cgi BASH script.
# cd /var/www/cgi-bin/
# nano test.sh
#!/bin/bash
echo Content-Type: text/html
echo
echo "<pre>"
echo "Hello, this is test cgi script and my username is `whoami`"
echo "My id is `id`"
echo "Today is `date`"
echo "</pre>"
Step 2: Set the execute permission for the script
# chmod 755 test.sh
Step 3: Log in as local user (ie. gene) and test the cgi script
$ firefox http://localhost/cgi-bin/test.sh
or
$ firefox http://www.exampledns.com/cgi-bin/test.sh
Setting Virtual Host
Virtual Hosting refers to the feature of Apache to host multiple domain from a single web server. So you have something like a www.company1.com and ww.company2.com hosted on a single server. There are two way to implement virtual hosting, IP-based and Name-based. For our setup, we'll use Name-based as it's generally more straight-forward.
Note: Before taking it for a test drive, make sure to setup a domain for www.company1.com and www.company2.com. We'll use these for our virtual domain. You can follow a quick DNS setup here.
Step 1: Do a quick dig if the test domains are properly resolving.
$ dig www.company1.com
$ dig www.company2.com
Step 2: Log in as root and create the appropriate subdirectory and test page for "www.company1.com" and "www.company2.com".
# cd /var/www
# mkdir virtual
# mkdir virtual/company1
# mkdir virtual/company2
# echo "Welcome to Company1" > virtual/company1/index.html
# echo "Welcome to Company2" > virtual/company2/index.html
Step 2: As root, edit /etc/httpd/conf/httpd.conf file and add the following settings at bottom of of the file.
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.company1.com
DocumentRoot /virtual/company1
ErrorLog logs/company1_error_log
CustomLog logs/company1-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerName www.company2.com
DocumentRoot /virtual/company2
ErrorLog logs/company2_error_log
CustomLog logs/company2-access_log common
</VirtualHost>
Step 3: Restart the Apache web server and point your web browser to the virtual domain.
# service httpd restart
# firefox http://www.company1.com
# firefox http://www.company2.com
You now should have a rudimentary virtual hosting setup, enough to get you started.
Sunday, August 31, 2008
Fedora 8 Quickie Apache Web Server Setup (Part I)
Note: Make sure to check the conventions I use before going through the tutorial.
The Apache is default web server bundled in Fedora and other Linux distribution. There's a number of popular runner-up web server such as lighttpd and litespeed but by and large the de-facto web server of choice is Apache.
For this quickie Apache Web Server tutorial, we'll setup the following configuration:
- Home Page for Local users
- Basic User Authentication
- Running CGI Scripts
- Virtual Hosting
Installation Apache web server packages:
# yum install -y httpd httpd-tools
# rpm -q httpd httpd-tools
Test Apache web server:
# firefox http://localhost &
or
# firefox http://www.exampledns.com &
# cd /var/www/html
# echo "Hello world! I'm test driving Apache!" > index.html
# firefox http://localhost &
or
# firefox http://www.exampledns.com &
Note: The http://www.exampledns.com refers to the local DNS domain we've setup here for testing local networking. If you have not setup any, use http://localhost only.
Home Page for Local users
Step 1: Log in as root user, make a backup of httpd.conf and then edit httpd.conf and modify the UserDir parameter, save and exit. Then restart the httpd server.
# cd /etc/httpd/conf
# cp httpd.conf httpd.conf-original
# nano httpd.conf
Find the following line:
UserDir disable
Change it to:
UserDir public_html
# service httpd restart
Step 2: Log in as local user (ie. 'gene') and create the public_html subdirectory. And then change the default permissions:
$ mkdir public_html
$ chmod 711 /home/gene
$ chmod 755 /home/gene/public_html
$ cd public_html
$ echo "This is the homepage of user gene!" > index.html
$ firefox http://localhost/~gene
or
$ firefox http://www.exampledns.com/~gene
Basic User Authentication
Note: In this case, we'll set a password for the home page of local user 'gene'
Step 1: As root, edit the /etc/httpd/conf/httpd.conf file, add parameters for authentication and then restart httpd server:
# cd /etc/httpd/conf/
# nano httpd.conf
AllowOverride AuthConfig
</Directory>
# service httpd restart
Step 2: As root, set the password authentication for the local user (ie. gene).
# cd /etc/httpd/conf
# htpasswd -mc webpasswd gene
# chgrp apache webpasswd
# chmod 640 webpasswd
Step 3: Create the .htaccess config file in the directory where the web page is located.
$ cd /home/gene/public_html
$ nano .htaccess
AuthName "Secret Web Page"
AuthType Basic
AuthUserFile /etc/httpd/conf/webpasswd
require valid-user
Step 4: Test the web page.
$ firefox http://localhost/~gene
or
$ firefox http://www.exampledns.com/~gene
Due to limited space here, this Fedora 8 Quickie Apache Web Server Setup will come in various installment. Refer to the next post setting up CGI and Virtual Hosting.
The Apache is default web server bundled in Fedora and other Linux distribution. There's a number of popular runner-up web server such as lighttpd and litespeed but by and large the de-facto web server of choice is Apache.
For this quickie Apache Web Server tutorial, we'll setup the following configuration:
- Home Page for Local users
- Basic User Authentication
- Running CGI Scripts
- Virtual Hosting
Installation Apache web server packages:
# yum install -y httpd httpd-tools
# rpm -q httpd httpd-tools
Test Apache web server:
# firefox http://localhost &
or
# firefox http://www.exampledns.com &
# cd /var/www/html
# echo "Hello world! I'm test driving Apache!" > index.html
# firefox http://localhost &
or
# firefox http://www.exampledns.com &
Note: The http://www.exampledns.com refers to the local DNS domain we've setup here for testing local networking. If you have not setup any, use http://localhost only.
Home Page for Local users
Step 1: Log in as root user, make a backup of httpd.conf and then edit httpd.conf and modify the UserDir parameter, save and exit. Then restart the httpd server.
# cd /etc/httpd/conf
# cp httpd.conf httpd.conf-original
# nano httpd.conf
Find the following line:
UserDir disable
Change it to:
UserDir public_html
# service httpd restart
Step 2: Log in as local user (ie. 'gene') and create the public_html subdirectory. And then change the default permissions:
$ mkdir public_html
$ chmod 711 /home/gene
$ chmod 755 /home/gene/public_html
$ cd public_html
$ echo "This is the homepage of user gene!" > index.html
$ firefox http://localhost/~gene
or
$ firefox http://www.exampledns.com/~gene
Basic User Authentication
Note: In this case, we'll set a password for the home page of local user 'gene'
Step 1: As root, edit the /etc/httpd/conf/httpd.conf file, add parameters for authentication and then restart httpd server:
# cd /etc/httpd/conf/
# nano httpd.conf
AllowOverride AuthConfig
</Directory>
# service httpd restart
Step 2: As root, set the password authentication for the local user (ie. gene).
# cd /etc/httpd/conf
# htpasswd -mc webpasswd gene
# chgrp apache webpasswd
# chmod 640 webpasswd
Step 3: Create the .htaccess config file in the directory where the web page is located.
$ cd /home/gene/public_html
$ nano .htaccess
AuthName "Secret Web Page"
AuthType Basic
AuthUserFile /etc/httpd/conf/webpasswd
require valid-user
Step 4: Test the web page.
$ firefox http://localhost/~gene
or
$ firefox http://www.exampledns.com/~gene
Due to limited space here, this Fedora 8 Quickie Apache Web Server Setup will come in various installment. Refer to the next post setting up CGI and Virtual Hosting.
Thursday, August 28, 2008
Fedora 8 Quickie DNS Setup Tutorial
Note: Make sure to check the conventions I use before going through the tutorial.
Since a working DNS is necessarily for most of the Linux stuff I need to setup, I reckon this should be my first blog on Linux. For those following this quickie tutorial, note that DNS setup although straight-forward is still moderately complex. This post is meant as companion text for other more comprehensive DNS tutorial. Also, that while I try to step through all the commands, I won't be able able to display the output of these commands. On some part of this tutorial, you'd have to feel your way through the setup.
That said, let happiness begin!
The Domain Name System (DNS) is way for you to associate cryptic IP address into a more human-friendly domain name. To have a valid and usable Internet DNS, you need to register your domain and host it somewhere. In our case, we'll only setup one that is sufficient for testing other network configuration. For this setup, we'll create exampledns.com domain.
Step 1: Install all the necessary packages.
# yum -y install bind bind-utils bind-chroot
# rpm -q bind bind-utils bind-chroot
Note: The yum utility will automatically resolve and install all the dependency packages (you need Internet connection). Use 'rpm' command to quickly verify if the packages was successfully installed on your system.
Step 2: Make a backup of /etc/named.conf configuration file. Edit /etc/named.conf and add the settings below for exampledns.com domain name.
# cp /etc/named.conf /etc/named.conf-original
# cd /etc/
# vi named.conf
Step 3: Create the zone file for your exampledns.com domain.
# cd /var/named/chroot/var/named
# vi exampladns.db
Note: Carefully take note of the dot or period in ns.exampledns.com. and root.exampledns.com. lines. If it's a fully qualified domain, make sure to put a dot at the end. Or just simply copy and paste the configuration file.
# service named start
Step 6: Create the a reverse DNS.
# cd /var/named/chroot/var/named
# vi exampladns.reverse
$TTL 1H
@ SOA ns.exampledns.com. root..exampledns.com. (
2;
3H;
1H;
1W;
1H; )
NS ns.example.com.
2 PTR exampledns.com.
# service named restart
Note: If everything went well, you should see the following display
Starting named: [ OK ]
If you encounter any problems (ie. syntax errors, etc), the best place to start troubleshooting is the /var/log/messages.
Step 7: Since this is only local domain for testing networking setup, you need to point your resolver back to your local machine. Edit /etc/resolv.conf file and insert the following settings on the first line of the file.
nameserver 192.168.0.2
Step 8: Test your local DNS setup.
$ dig any exampledns.com (testing the information on your exampledns.com domain)
$ dig mx exampledns.com (testing MX record for mail server setup later on)
$ dig -x 192.168.0.2 (test reverse lookup for DNS)
$ ping ftp.exampledns.com (testing domain using ping)
For setting up local DNS for testing, this ought to do it. Also, this Fedora 8 Quickie DNS Setup Tutorial is meant to compliment the more detailed DNS howto found here.
Happy hacking!
Since a working DNS is necessarily for most of the Linux stuff I need to setup, I reckon this should be my first blog on Linux. For those following this quickie tutorial, note that DNS setup although straight-forward is still moderately complex. This post is meant as companion text for other more comprehensive DNS tutorial. Also, that while I try to step through all the commands, I won't be able able to display the output of these commands. On some part of this tutorial, you'd have to feel your way through the setup.
That said, let happiness begin!
The Domain Name System (DNS) is way for you to associate cryptic IP address into a more human-friendly domain name. To have a valid and usable Internet DNS, you need to register your domain and host it somewhere. In our case, we'll only setup one that is sufficient for testing other network configuration. For this setup, we'll create exampledns.com domain.
Step 1: Install all the necessary packages.
# yum -y install bind bind-utils bind-chroot
# rpm -q bind bind-utils bind-chroot
Note: The yum utility will automatically resolve and install all the dependency packages (you need Internet connection). Use 'rpm' command to quickly verify if the packages was successfully installed on your system.
Step 2: Make a backup of /etc/named.conf configuration file. Edit /etc/named.conf and add the settings below for exampledns.com domain name.
# cp /etc/named.conf /etc/named.conf-original
# cd /etc/
# vi named.conf
options { listen-on port 53 { 127.0.0.1; 192.168.0.2; }; directory "/var/named"; allow-query { localhost; 192.168.0.0/24; }; allow-transfer { localhost; 192.168.0.0/24; }; recursion yes; }; zone "exampledns.com" IN { type master; file "exampledns.db"; }; zone "0.168.192.IN-ADDR.ARPA." IN { type master; file "exampledns.reverse"; }; |
Step 3: Create the zone file for your exampledns.com domain.
# cd /var/named/chroot/var/named
# vi exampladns.db
$TTL 1D @ IN SOA ns.exampledns.com. root.exampledns.com. ( 001 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum @ IN NS ns.exampledns.com. ns.exampledns.com. IN A 192.168.0.2 exampledns.com. IN A 192.168.0.2 www IN A 192.168.0.2 ftp IN A 192.168.0.2 mail IN A 192.168.0.2 pop IN CNAME mail imap IN CNAME mail |
Note: Carefully take note of the dot or period in ns.exampledns.com. and root.exampledns.com. lines. If it's a fully qualified domain, make sure to put a dot at the end. Or just simply copy and paste the configuration file.
# service named start
Step 6: Create the a reverse DNS.
# cd /var/named/chroot/var/named
# vi exampladns.reverse
$TTL 1H
@ SOA ns.exampledns.com. root..exampledns.com. (
2;
3H;
1H;
1W;
1H; )
NS ns.example.com.
2 PTR exampledns.com.
# service named restart
Note: If everything went well, you should see the following display
Starting named: [ OK ]
If you encounter any problems (ie. syntax errors, etc), the best place to start troubleshooting is the /var/log/messages.
Step 7: Since this is only local domain for testing networking setup, you need to point your resolver back to your local machine. Edit /etc/resolv.conf file and insert the following settings on the first line of the file.
nameserver 192.168.0.2
Step 8: Test your local DNS setup.
$ dig any exampledns.com (testing the information on your exampledns.com domain)
$ dig mx exampledns.com (testing MX record for mail server setup later on)
$ dig -x 192.168.0.2 (test reverse lookup for DNS)
$ ping ftp.exampledns.com (testing domain using ping)
For setting up local DNS for testing, this ought to do it. Also, this Fedora 8 Quickie DNS Setup Tutorial is meant to compliment the more detailed DNS howto found here.
Happy hacking!
Monday, August 25, 2008
Conventions
When stepping through the quickie tutorial, here are the conventions and assumptions I used:
- These quickie tutorial are targeted for Linux users that is cross between a newbie and intermediate users. A working knowledge of Linux is assume ie. proficiency in editor of your choice, basic permissions, or navigate through Linux files system.
- I use vi editor but but note that vi is not newbie-friendly editor, if your fairly new in Linux editors using nano might be more appropriate for you.
- Before going through the tutorial, I assumed that you've already read through some of the more detailed, theoretical and in-depth articles/howtos on the subject.
- Lines that are prefix with # denotes administrative commands that needs to be run on the console as root user.
- Lines that are prefix with $ are regular commands and can be run on the console as regular/local user.
- Bold and italics letters means that you need to insert these in a file or create the file with these contents.
- I assume that your local IP address on eth0 (network card) is 192.168.0.2 and that you have an Internet connection for downloading packages (unless you've setup your own yum repo which I've also tackled in other post).
- While I try to step through all the commands, I won't be able able to display the output of these commands. On some part of the tutorial, you'll have to feel your way through the setup.
Subscribe to:
Posts (Atom)
