 |
|
| vBuddy - check your reputation | Cheap Web Hosting - starting at $5 |
|
|
| Blogdate: 20050525 - Start 'O
The Blog [top | next] I suppose a number of people I know might consider me a bit of a guru when it comes to Windows but I'm certainly not fool enough to think I'm one of the best. And when it comes to Linux I might be a notch or so above "newbie". Never-the-less I need to start somewhere. And with that in mind I decided to begin my nightly hacking of Linux in the hopes of reaching complete cyber-nirvana. Unlike many posts that tend to show "newest first" I intend to keep this blog simple and sequencial. Primarily as a place to post my latest Linux adventures without having to think too much about layout. Also a a journal of material I can review later in case I need to recall an old hack. For those unfamiliar with the word "hack" or have heard it used incorrectly, the term "hacker" refers to someone who tinkers and figures things out. They have a tendency to probe things most folks wouldn't know exist in the computer universe. They ARE NOT thieves of your personal or financial information, nor are they the ones who crack the protection scheme of some computer software or other media. If you are in need of a term for THOSE particular individuals than the words "cracker" or "black hat hacker" would be better suited. So begins my Linux Blog. I'm hoping I'll be archiving many of these pages in the years to come. I've decided that I would like to begin studying and using Blender 3D as well as SoundTracker. Although I would prefer any other sound tracker (a reason I'll explain later). I've also decided I'd like to do this on Linux. I suppose Windows would be fine as Blender works on Windows and there are more trackers available for Windows than Linux but I wouldn't be getting the experience I want by using Windows. As I've discovered (and I'm sure you may also) it takes considerably more time to accomplish some things in Linux than in Windows - on the other hand I have more tools available to me in Linux and I'm not necessarily limited by what particular version I'm using (i.e. Server, Professional or Home editions). If I'm willing to hunker down and understand the software I can accomplish just about anything in Linux. After reviewing a number of Linux "flavors" I came across Knoppix via "DSL" (or DamnSmallLinux). I liked DSL but I had too much trouble configuring it for my low-budget Netgear USB wireless LAN device (the MA111 - version 1). I picked up two of them at Fry's Electronics for $15 each. I managed to create an Ad-Hoc network where ever I go using these two trinkets. The internet sharing computer was always Windows, my laptop had Fedora Core 3 installed. I had recompiled the kernel with the wlan-ng drivers available for my Netgear and managed to get it to work. Wireless scanning wasn't available unfortunately so I had to manually configure the Netgear for each network. I created wlan profile files for each network I wanted to connect to. That was all fine and dandy for Fedora -- but -- Fedora is so bloated. Being the newbie that I am I didn't want to figure out what I could remove from my Fedora install and I wanted to use flavor that didn't have all the extra baggage I wasn't using -- after all, one goal I have in mind is to escape the pre-packaged Windows dogma and use an operating system that will allow my older and slower computers to live long and prosper rather than take up space beneath a golf course somewhere. Speaking of which, at last check the recycle rate for most consumables in the U.S. was around 70%, excluding computer hardware which ranked in at 5%. So opting for an operating system that could run on slower machines is something I think we all could benefit from. I broke down and forked out $30 (+U.S. tax) for the book "Knoppix Hacks" by Kyle Rankin. Included was the Knoppix 3.4 CD which I tried out. I discovered much to my delight that my Netgear adapter works in this version (it has the 2.4.26 kernel). Unfortunately the wlan-ng drivers were removed from newer versions of Knoppix (2.6 kernel) as well as some of the wlan tools that I use to configure the adapter. I'll have to shake a stick at Klaus for that. At any rate I've stuck with the 3.4 version. On to my tasks... Netgear
MA111 Configuration: My first goal was simple enough. Since I don't have a wireless router I plugged my second Netgear into my Win2K Pro desktop and configured the PCI Ethernet as a shared adapter using ICS. Now the Netgear is working as a router of sorts. After a bit of futzing around with the wlan configs on Knoppix I configured the following scripts: /etc/sysconfig/network-scripts/ifcfg-wlan0 has: #Netgear MA111 USB Wireless /etc/wlan/wlan.conf has: #! /bin/sh /etc/wlan/wlancfg-somenet has: lnxreq_hostWEPEncrypt=true Now my next problem... Earlier I had done a little research on what wireless adapters work in Knoppix. The Netgear MA111 was listed here with a little catch that you had to restart wlan before it would function. This proved to be true. Well perhaps I can just restart wlan at boot time in some startup script, right? Now Knoppix is a Debian based flavor of Linux - and a pretty small one at that, fitting on a single 700MB CD. I was used to Fedora so I made startup changes in the rc.local script. Not so easy in Debian. This falls away from SysV policy but what I wound up doing was creating a little script called "wlanreset" and creating a link to it in /etc/rc5.d called "@S89wlanreset". This ensures it will execute just prior to KDE. It's not pretty but it works: /etc/rc5.d/@S89wlanreset has: #Wireless LAN reset Well, it feels like using bailing wire to hold a headlight in on your car but it works. I have internet and LAN access to my Windows shares and all that, so I can't complain. Windows
2000 IP forwarding configuration: Well, even though I mentioned that I have access to my Windows shares, originally I didn't. I thought adding entries to the routing table might work but nothing I tried did. Now that I've rebooted both the desktop and the laptop I can access the shares fine. I'll have to assume I made a change to the routing table that I don't remember. But I should note at least a couple of things: 1) I added routes in the laptop, destination being the 172.16 network / gateway of 192.168.0.1 and I added routes on the Win2K box. None of the routing changes in Win2K or the Linux laptop have stuck since reboot. How this is working I'm not sure. 2) Aside from using ICS for internet access I wanted my Win2K box to forward packets from the laptop to my LAN (they're on separate subnets, you see). In order to enable IP forwarding in my Win2K box I edited the following registry key in Win2K like so:
then rebooted the machine. I guess I just needed to reboot both machines twice, the Win2K box first then the laptop... go figure. Well, even though the routing issue solved itself AFTER this next issue I wanted to get thru writing up the networking project without jumping around. My next task was getting Blender 3D installed. That was easy. The current version is 2.36. I turned my browser to [www.blender3d.com] and downloaded both Linux tarballs (the static and the hardware accelerated version). I had assumed since the RAM in my video was so low that I didn't have hardware accelerated video, so I installed the "static" version. It worked but the interface was very slow. That made me worry so I thought I'd try the hardware accelerated just for the hell of it. It works great so far. The interface is fast and smooth and it renders fine. I'm still not sure if my video card is accelerated. I suppose I'll need to test an OpenGL game of some kind and find out -- or figure out how the other guys determine this. My next task is setting up the sound tracker. From what I can tell that's gonna involve a little work. The only tracker I can find that's compatible with the modules I want to create is "SoundTracker" available [here]. Unfortunately it was designed to work with Gnome so since I use KDE I've a number of libraries to install in my minimalist Knoppix install. Although I've downloaded a number of the files I need for the installation I've set the task aside for now in the hopes I can find a better solution for tracking. Blogdate:
20050528 - Changing from KDE to Fluxbox I watched Star Wars - Episode III tonite (or last night actually as it's in the A.M. now). I was pretty impressed. I discovered that when playing MP3s in KDE they skip. So I thought I'd try different window managers to see which might perform better. Just about all of them do but I seem to prefer Fluxbox so far. While looking for a way to set my default window manager to Fluxbox I stumbled across the option in the KDE login menu (KDM) under "options". Simple enough I suppose. At least the problem of skipping MP3s is solved. I'd like to replace the graphical login manager though, to increase boot time. I haven't installed my DVDCSS module yet so I haven't checked out my DVDs but I'm hoping for a performance improvement there as well (I buy all my DVDs by the way, something about owning an original copy). I should also note that while using XFce I discovered that it had its own file and network browsers called "xftree" and "xfsamba". xfsamba would connect immediately to any host I pointed it to on my LAN without having to configure the samba client or LISA. This little gem seems to be GTK based so it will run in any of the window managers. Unfortunately I can't seem to start xfsamba with command line parameters (that I'm aware of) so I'll probably continue to search for a more robust file manager. Starting a program with command line parameters is handy for creating custom desktop and panel icons. A down-side of Fluxbox is no desktop icons. But I did discover an add-on called "fbdesktop" that may solve the problem. I hope the add-on won't degrade the system performance much. I'll post an update when I find out. It would be worthy to note that Fluxbox starts up considerably faster than KDE. Although I've yet to discover what I can and can't do with this speedy desktop GUI. Ugh, it's late and I must sleep... Blogdate:
20050602 - Adding a
Desktop Manager During Memorial Day weekend I was house sitting for my boss. I set up my laptop in the living room and discovered I wasn't getting a wireless link to the office network in the garage. After some futzing around with wires to try to increase the signal (as well as a little web research for home-made antennas) I disconnected the office computer from the router and move the router up next to the office window. That helped reception a bit and I was able to get online to do a bit more hacking over the weekend. I've been using Fluxbox with pretty good success. I couldn't get fbdesktop to work primarily because I couldn't compile the source. I'm missing a number of source files that apparently don't come with Knoppix. I should note here that I did the following commands to get the latest install of Fluxbox as well as some other utilities that come with it in the hopes of having everything install and configure itself: apt-get update && apt-cache search fluxbox apt-get install fluxbox fluxconf fbpager fbdesk I don't recall what the result messages were but I think I recall warnings of some kind or another as well as considerable time installing for other languages. At any rate Fluxbox came up the same way it did before with no special eye-candy available. fbdesk came up same as before with one single empty icon on the desktop. I wasn't able to figure out how to configure fbdesk nor did I find any special utility to configure it. I'm either not in the know or some more development needs to take place here. After a bit of searching on the internet I discovered an icon manager called "DFM" (or Desktop File Manager). I downloaded a precompiled binary and installed it with "dpkg -i [filename]". That has been working pretty well so far. The only downside to it so far has been the file type for icons. It doesn't natively support .PNG or .BMP files so I've been selecting icons from "/usr/share/icons/crystalsvg/32x32/...", loading them in Gimp then resaving them under my user directory in .XPM format. Then I edit the properties for a particular desktop icon and point it's icon properties to the icon in my user directory. Tedious but it works. So far I have a desktop that looks like any "Windows" desktop, working icons and all. My only gripe at this point would be the "startup" file in the user .fluxbox directory doesn't seem to do anything. I put DFM there but the desktop won't come up until I console the command "dfm". When I do the desktop icons come up fast! At least there's no high resource overhead with the desktop manager. I'm assuming the problem might be related to the fact that KDM is being loaded at the beginning and KDM launches Fluxbox when I log in and somehow by-passes the startup file, or it's looking somewhere else for the startup file, perhaps a global directory of sorts. That or dfm is being loaded too quickly, not seeing a GUI to land on it might be aborting. I'll poke around with that and see what's the case. I was watching "Lord or the Rings - Return of the King" over Memorial Day weekend when my boss and his dad returned home early. It was late so I had to move to the spare apartment so his dad could sleep on the couch. I wanted to finish watching the movie so I fired up my laptop, installed LIBDVDCSS and popped in the DVD. No go -- the DVD wasn't comming up for some reason. Wasn't listed in fstab or anything. It wouldn't automount when I booted to KDE. It was frustrating. It was 2:30am and I had to get up fairly early so I put it aside till later. It does bother me though. I hope my DVD drive in the laptop hasn't gone bad. I haven't had time to look at it since because I'm moving and I've a lot to do before I can get back to my nightly hacks. I hope it's not broken and simply mis-configured somehow, that'll give me an opportunity to understand block devices and how they work. Blogdate:
20050604 - Missing CDROM/DVD block device
(fix) Okay, so I've managed to solve the DVD issue. I still don't know much about block devices, but after a bit of research on the www I found a reference to do the following: mount -t iso9660 /dev/sr0 /mnt/dvd I edited fstab and commented out the references to dvd and cdrom then added the following line: /dev/sr0 /mnt/dvd iso9660 defaults,ro,user,noexec,noauto 0 0 then rebooted the laptop. This seemed to get the CDROM drive up and I could also mount my DVD movies. I configured Xine to play them and all seems well except for excessive dropped frames during playback. I attempted to resolve the issue by increasing the video buffers and making other adjustments to xine's configuration but no-go. I believe I could handle this by using VLC instead. I did an "apt-get install vlc" but some packages came up missing. I'll try to download and manually install these later and see if that solves the problem. My Linux laptop also has a Windows 98 partition that I worked on a bit this evening. I installed some drivers and did some MS updates (primarily to get DirectX 9c). I noticed that my CDROM drive came up fine in Windows so I could assume there was a configuration issue with Linux. I don't know what happened to the configuration that caused the problem with the CDROM anyway. But it's fixed now so no-matter. Blogdate:
20050608 - Autostarting
the desktop manager for Fluxbox and configuring the desktop Okay! I found out how to start DFM in Fluxbox on startup. The startup script doesn't seem to do anything that I'm aware of. I thought I'd try to put it in /etc/X11/fluxbox but that didn't work. So... I tried editing the "init" script in the same directory and using the command "session.screen0.rootCommand: dfm" and THAT didn't work. But before giving up I tried the same thing in the home directory (~/.fluxbox) and edited the init file there and added the same command. THAT WORKED! Now DFM comes up automatically, plus I know how to add functions to Fluxbox on startup. Cool! I spent a little bit of time configuring the desktop layout. I noticed that by default the icons are a little too high on the desktop, appearing under the Fluxbox taskbar. All of the options for DFM are available by right-clicking an icon on the desktop (you have to be fairly exact about this or you simply get the Fluxbox menu). I click "DFM for X11" then "Desktop Options". Here I was able to adjust how the icons line up on the screen as well as the margins they use when they line up. I increased the top margin to 30 (the rest are 5) and selected "top->down, left->right". I applied and closed the Desktop Options dialog then right-clicked an icon and selected "arrange". That lined up the icons per my settings and now everything is visible and out from under the taskbar. Debating what to do next. Should I try iDesk and see if that offers a better desktop with easier to set up icons? Would be nice to know how to get fbdesktop to work also. I've tried it before but it seemed to complicated just setting up icons. When I attempted to add an fbdesk control panel I had a bit too much trouble. I suppose I'm like most folks -- if I can find an easier way to do something in a pinch then that's what I'll use. Just a reminder to those developers sitting around waiting until next boogadeeboo day to build that binary for that one particular distro: get a Debian package going will ya? Well, as many features as DFM lacks I may just stick with it for the time being. Noticed I couldn't connect to my home Ad-Hoc wireless network. I suppose it would be a good idea to change the SSID setting from my office network to my home network instead... (my brain must be dry). I added a Blender 2.36 icon to the desktop. Now that I've spent a good hour or so adding icons to the desktop this one only took a quick minute. After 1am again. Gotta get to bed. This staying up late isn't helping my work life much. My hours have been too low the last couple of weeks. Should also note: now that I've got Blender installed and working I may be spending my hack time studying that. Any mods I need to make to Linux in the meantime will still be posted here. Blogdate: 20050825
- Long time -- no type Some time since I made an entry in here -- almost three months. I've moved to Los Angeles and it's been taking a while to get things organized so I can get back to hacking. I have the computer space set up pretty much the way I want it, Linux laptop off to one side. It's just a matter of finding time. I've had to set hacking aside to handle other things. I should mention my new apartment is much roomier than my last place -- much more comfortable a space. I've also been mulling over the idea of switching my server box over to Linux. I think I'll need a bit more study on my laptop before I do so. Also, doing so will force me to stop using some programs. I'll need to conjure up some Linux alternatives I suppose. The setup has been a very stable one -- primarily because I don't use the server at all for anything except a server. I also tend to use Firefox or Mozilla for browsing plus I have some internet policies I follow that keep the crap off my systems. I've made a few changes to the blog page. Changed the background, added a penguin, stuff like that... I don't know how long it will be before I make another hack entry here. I'm hoping it won't be too long. I miss my hack-time ;)
Blogdate: 20050925 -
Switching Server to Linux & Preping for RAID - Removing old
Linux partitions Well, an interesting turn of events have given me an opportunity to add more to my linuxblog. It seems my Win2K server was having a little trouble. I narrowed it down to a running service that would freeze the system on occasion. Instead of trying to pinpoint the service and disable or repair it I opted to backup all the data on the server and install Knoppix on it instead. I made some hardware changes to the server box only to have the motherboard go out. After a small tantrum I decided to piece together another server box. While installing Knoppix I was doing a bit of reading in my Knoppix Hacks book and discovered that Linux has software RAID built into it. After the install finished and everything seem to look okay I installed a second drive of similar size but of a different brand to see if I could configure a RAID 1 setup. The first problem I ran into was deleting the old Linux partitions off the drives. To do this I used "qtparted" on the Knoppix CD. I could remove the first partition on the first drive but then the other drive would come up as "read-only" or "busy". I handled the second partition on the second drive by mounting it: sudo mount /dev/hdb1 /mnt/hda1 Notice I used the hda1 mount point as a arbitrary location for hdb1. Then unmounting it: sudo umount /mnt/hda1 When I refreshed "qparted" I was able to delete the first partition on the second drive. I handled the swap partitions by enabling swap (despite the fact "qtparted" said the drives were busy): sudo swapon -a then turning swap off: sudo swapoff -a I was then able to delete the swap partitions. Keep in mind this is the "short version" of what I went through. I've only mentioned the successful actions I took. I should also mention that when I made changes to the partitions to one of the drives, the other drive would change to "read-only" or "busy" status. If I couldn't find a successful way to change this status (such as mount and unmount or enable and disable swap) I usually restarted "qtparted" or rebooted and continued with my changes. But it is worth mentioning that the instructions mentioned above were successful. Setting
up a RAID 1 configuration: After I managed to delete the existing partitions I noticed the RAID configuration would abort if the partition sizes were different. I took a clue from the message which indicated a specific partition rather than an entire drive (hda1 as opposed to hda) and created primary partitions at the beginning of each drive that were exactly the same size. This configuration worked! So... Now that you know that you need to have exact same size partitions and you can use different hard drives if you like, I can continue with the description of setting up the RAID. I should note that I performed this configuration from the Knoppix CD. I had originally tried to configure it while booted from the hard drive ... "device is mounted" is the result of that and the RAID configuration aborts. After the partitions were created I created a file "/etc/raidtab" with the following configuration info: raiddev
/dev/md0 This particular configuration creates a RAID 1 setup which mirrors one drive after the other so there is always a backup of your system... ALWAYS! There are other RAID configurations you can use that are better than this but this one is better suited to my lack of resources (mainly the number of drives I have on hand). I saved this file then performed the command: sudo mkraid /dev/md0 The result message was favorable, so I checked the status of the RAID with this command: cat /proc/mdstat It showed me my RAID configuration, the partitions included in the RAID as well as the percentage completed of the mirror. The new RAID drive now comes up as device md0. Now that my RAID was configured and working I began the install process: sudo knoppix-installer The installer program displayed md0 as one of the devices I could use so I selected that one and let the install process begin. I've now yet to see if one of the swap partitions is being used. I configured one on each drive approximately 256 MB (hda2 and hdb2). Blogdate: 20051020 - Trying Fedora
Core 3's RAID capability for the new server Well, all the above sounds wonderful.... Doesn't work on boot-up though unless the MD driver is compiled into the kernel. I don't wanna do that. So... After some time of letting the server sit and having this site down I decided to check out Fedora Core 3 again and discovered it has built in RAID capability. While attempting to upgrade my tiny server box, it failed (dunno what I did). So I built another server box and successfully configured the RAID. But while at a computer show I found another just like "tiny" for $25. After a bit of futzing around with it I was able to install a Promise PCI IDE card. I had put one drive on each channel and had no luck brining up the Fedora Installer. I tried different drive configurations and discovered that both drives on the primary channel seems to work pretty good. I know this isn't ideal because both drives on the same channel causes slower writes but I won't knock it for the time being because I'm not pressed for drive speed. Anyway, after my first install attempt the RAID didn't come up like it should -- stating that it was "kicking" one of the drives because it was non-fresh. So now I've done a complete repartition of the system and am attempting another install. Hopefully repartitioning both drives and formatting all partitions will produce better results... Well, it turns out the repartition and formatting didn't help. I apparently became used to how Knoppix would automatically began a refresh of the drives if one wasn't updated. Fedora 3 doesn't do that so I had to do it manually. I found the following information on a RAID forum and applied it. So far it works great: 'non-fresh' means that it doesn't seem to up-to-date with respect to the other drives in the array. Use: mdadm --examine /dev/sda1 and compare that with: mdadm --examine /dev/sdc1 to see what the difference is. It is probably the Event count. To re-incorporate sda1 into the array, use: mdadm /dev/md0 -a /dev/sda1 Anway, I replace "sdc1" and "sda1" with my drive letters. After the last (above) command I used: watch cat /proc/mdstat and monitored the update status until it was finished. Everything has been working fine. Tip: to copy files without creating the top directory they are copied from try the following: cp -dRvp /mnt/hdx1/* /mnt/mountpoint Notice the slash "/*" after the first source file parameter (hdx1/*). This prevents an "hdx1" directory from being created. Blogdate:
20051121 - Setting up Fedora Core 4 on my personal desktop Well, it would seem I might be nearing the end of what I call "The Great Experiment". This being my attempt to migrate to Linux completely from Windows. Today I managed to get my Palm Pilot to sync with Evolution (after considerable hassle). This has probably been the most difficult part of the migration. I should also mention that despite my desire to migrate completely from Windows I am currently using Microsoft's FrontPage 2000 to edit this page at the moment (via WINE of course). I haven't been able to find a suitable WYSIWYG editor that will just let me write and give me a very close approximation of what the page looks like. Well... three cheers for WINE. It works pretty good. There's still some issues I need to handle with it but I have reached a point that it's usable for critical things I can't yet do in Linux (which isn't much -- I haven't used WINE or logged into my Windows partition for many days now). At any rate, I've fallen behind on my blogging. I've accomplished a number of things of which I've only manage to partially document. Hopefully I'll be able to give the full rundown of what I've managed to do:
There's a ways to go yet to complete my "Great Experiment" but so far I've manage to accomplish everything I've set out to do. At this point I think it's a good idea to learn something about backup programs and procedures for Linux so I can save all my wonderful work... Hasta siquiente tiempo! Blogdate: 20051202 - Partitioning
and installing Windows (before installing Linux - FC4) Well, since I consider myself still somewhat of a noob to Linux I thought it might be a good idea to have a Windows Partitions available just incase things didn't go as I hoped, then install Fedora Core 4. Fortunately for me Windows 2000 has a partitioning tool you can use when you install Windows -- it's always a good idea to install Window FIRST then install Linux later because Linux will see your Windows partition and create an entry for it in the boot-loader. Windows, on the other hand, will just wipe out your Linux boot-loader and just load Windows. I have an 80GB drive so I created two partitions, first a 65GB partition then a 15GB partition. Then I installed Windows on the 15GB partition. Everything went as usual and windows would come up fine. Later I installed Linux and created 3 partitions manually in the unused FREE SPACE: /dev/hda1 (the boot partition) -- 100MB in
size. You have the option to create the Linux partitions automatically but FC4 likes to use LVM for it's partitions and I was just getting used to ext3 journaling partitions. You can try automatic, just make sure it doesn't wipe out your Windows partition. In my configuration Windows comes up as /dev/hda4. I should also emphasize that you need to make sure the mount points are correct for each partition... For the 'boot' partition you must make sure the mount point is '/boot'. For the root partition you must make sure the mount point is '/' and for the swap partition you just make sure the filesystem type is 'SWAP' -- there is no mount point for SWAP partitions. Also, make sure the filesystem type is ext3 -- ext2 can be used on slower computer systems. If you want to use RAID, I'm not much help there. I managed to create a RAID 1 mirror on the server using the partitioning tools FC3 has available during installation then mount the RAID properly (as mentioned in the RAID section above). But for other RAID configurations you'll need to do a bit of web research -- hopefully the blog entry for RAID above will be of some help to you. I should note that the manual partition tool in the installer is very good at creating RAID filesystems. You may need to tinker with it to figure it out but it worked out very well for me. That aside once FC4 prepares the partitions it will allow you to edit your boot entries. At this point you can change 'other' to Windows 2000 (or whatever) and set the default boot entry to either Linux or Windows -- depending on what you plan to boot to the most frequently. Next, you can pick your packages and begin the installation process after that. If you're new to Linux you may want to make sure you've created a fairly large partition for Linux and install almost ALL of the packages available (excluding packages for the Window Managers {GUI} you don't plan to use -- and the development packages -- if you don't need them). The size of the installation can be anywhere from 2 to 3GBs. The more you have installed, the better, because the libraries will be available to you for other software you will want to upgrade or install later. This being the case, you may want to install the development packages as well because those will allow you to compile software for which there are no RPM packages for. I've been lucky in this respect so I haven't had to install most of the development packages. Once the software installation and configuration is complete you should reboot to a GRUB boot menu. The default boot O/S will be displayed with a count down timer. Press any key to see the other boot options available or to edit the the parameters for each option listed. Hopefully your Windows partition will be listed (if you chose to install a Windows partition). That's all for now -- it's late... I must sleep. Blogdate:
20060422 - Apache & SSL configuration Okay... Many moons since my last update and I'm sure I've skipped quite a bit of important stuff. I've not updated mainly because of a lack of a descent HTML editor for Linux. I've been using FrontPage via WINE but it's a bit quirky and slow to load. So today I installed Nvu HTML editor. It's pretty painless. I found the RPM for FC4 (no KDE stuff) on the website download section. The main site is here: http://www.nvu.com/. I've still to get a little used to the interface but it seems to work pretty smooth so far. Now... Recently I did a web project for somebody and discovered I was in need of security so passwords could be exchanged over the internet without peeping eyes seeing. I've had Apache configured and running on my server for some time now, just without SSL enabled. I'll try to make a long story short and go thru the steps I did to create a secure directory using self-signed certificates: Now I noticed when I was configuring the server that I would get a cert message from the browser indicating that the validity of the server could not be determined. This is because the cert is self-signed and not via VeriSign. That's normal, but the other problem was it was saying that the server was "localhost.localdomain". This isn't what I wanted so I used the FC4 network config GUI and removed the localhost entry and added my server name in it's place. This changes the "/etc/hosts" file and the "/etc/sysconfig/networking/profiles/default/hosts" file to the same contents consisting of: #
Do not remove the following line, or various programs Note that I added the last line myself just incase the server was looking for the domain name for the local static IP I was using. Now I had to generate a private key and a self-signed certificate. I used this command for the key: openssl genrsa -out mykeyfile.key 1024 And for the cert, this command: openssl req -new -key mykeyfile.key -x509 -out myselfsignedcert.crt Just as a side note: if you want to view the contents of these files, use this command for the keyfile: openssl rsa -noout -text -in mykeyfile.key And this command for the cert: openssl x509 -noout -text -in myselfsignedcert.crt Now these files need to be copied to their proper directories. You can put them anywhere and just tell SSL where to find them, but for the sake of conformity and collective thinking we'll put "mykeyfile.key" in "/etc/httpd/conf/ssl.key/" and "myselfsignedcert.crt" in "/etc/httpd/conf/ssl.crt/". Now we need to edit "/etc/httpd/conf/httpd.conf" file. Make a backup of the file before doing so. The following are the options that should be set for hosting SSL - and these are the ONLY changes I made for SSL only: Make certain your servername is set correctly: ServerName myserver.mydomain.org I use a restrictive set of <Directory> directives to begin with. These are set this way so I can have password protected directories set via the ".htaccess" file on a per-directory basis. This and the previous directive go near the top of the configuration file - actually replace the default info there with these: <Directory
/> <Directory
"/www/mydocumentroot"> DirectoryIndex index.html
index.htm AccessFileName .htaccess My service blocks the standard port 80 for web serving so I host sites on 81. I've also included the port 443 directive for SSL. These directives are near the bottom just prior to any <VirtualHost> directives: NameVirtualHost
*:81 Now with these options set I can create a directive for the directory I want to protect via SSL: <Directory
"/www/mydocumentroot/secure/testsite"> # This directive
indicates what file should be loaded initially,
AllowOverride None # This directive
indicates that this directory cannot # These three
<Files> directives tell the server that # The following
directives I usually keep in an </Directory> Now I'm using the <VirtualHost> directive for this domain on port 81, however since I'm using SSL I need to create another <VirtualHost> directive for this domain on port 443: <VirtualHost
*:443> # Note I've included the
port number following the domain name:
ServerAdmin admin@mydomain.org # Turn on SSL for this
domain: # You need to indicate
where your key and cert files are located. # If you have a valid
third party signed cert than you should # I've added a log
directive for SSL requests: # The following directive
is added for older IE browsers that have </VirtualHost> Now you need to restart the Apache server with the command: /etc/init.d/httpd restart If everything comes up "OK" then you can look at your "ssl_error" and "access" logs to check for any other issues that may occure with your server. Generally if you're using a self-signed cert than the only message you should get when browsing your SSL site is a message indicating that the browser is unable to verify the identity of your domain. This is normal for self-signed certs. You may also want to test your new SSL site for explicitly requested files that aren't indicated in the <Files> directives. You SHOULDN'T be able to access any other files. Blogdate:
20071111 - Website Up Again! Okay. So the website's been down for about a year now. Primarily because I took down the additional server I was running on my network. Now I've only the workstation running. The server was cool but it was also an additional responsibility I don't need right now. I posted this site again because I "had" a "myspace" page then decided to delete it. I got weird issues with myspace. Dunno why. But I didn't wanna drop my internet presence all together so I found a free hosting service and put up my old "gurulounge" page.... So... here I am again! Well, many moons since my last post. Since then I've dissed Knoppix and Fedora all together and switched to Debian. Mainly because it was one of the first flavors of Linux to be distributed plus it has some really good developer support. It hasn't all been a bed of roses tho. The latest WINE distro doesn't installed Office 2K like the old WINE 0.9.13 used to. That being the case I've had to opt for [VMWARE] and install Windows in a kind of "sandbox" which is TOTALLY fine with me considering the security issues Windows has. I can still do my stuff... that's all that matters at the moment. I'd love to type more but... again... it's late (almost 2 a.m. now) and I need to get up early. |