mathz.nu Asterisk Blacklist Hobby webbhotell

2012/08/21

OSX Lion on ESXI 5

Filed under: OsX — Mathz @ 09:25

OS X 10.7


OS X 10.7 documentation covers information on how to install the operating system in a virtual machine. For additional information about the operating system, refer to the instructions included in the installation media.

OS X 10.7 documentation includes the following topics:

Installation Instructions for ESXi 5.x

You can install the OS X 10.7 in a virtual machine using the installation media.

Prerequisites

Before you begin, verify that the following tasks are complete:

  • Read General Installation Instructions for All VMware Products.
  • Download Install Mac OS X Lion.app from the App Store.
  • Obtain the necessary product keys for installation in a virtual machine.
  • You must have an Apple-labeled computer to install OS X 10.7 in a virtual machine.
  • Virtual machine. 2GB or more of RAM.

Installation Steps

  1. Create a new virtual machine and select the Apple Mac OS X 10.7 option.
    If the Apple Mac OS X 10.7 option is not available, select the Apple Mac OS X 10.6 option instead.
  2. Use the virtual machine CD/DVD Drive for installation.
  3. To connect the CD/DVD Drive to a datastore ISO image file, complete the following steps:
    1. Add the Install Mac OS X Lion.app to a datastore that the virtual machine can access.
    2. Set the CD/DVD Drive to connect to the Install Mac OS X Lion.app/Contents/SharedSupport/InstallESD.dmg image file.
  4. If the CD/DVD Drive is set as a client type device, complete the following steps:
    1. Copy Install Mac OS X Lion.app to a Mac OS X physical machine.
    2. Convert the .dmg image file to an .iso image file.
      hdiutil convert "Install Mac OS X Lion.app/Contents/SharedSupport/InstallESD.dmg" -format UDTO -o "Install Mac OS X Lion.app/Contents/SharedSupport/InstallESD.iso"
    3. Copy the Install Mac OS X Lion.app/Contents/SharedSupport/InstallESD.iso image file from the Mac OS X physical machine to your local machine.
    4. Set the CD/DVD Drive to connect to the InstallESD.iso image file on your local machine.
  5. Power on the virtual machine.
  6. Follow the prompts until you are prompted to select the hard disk to install OS X 10.7.
  7. Select the hard disk and follow the prompts to complete the installation.
  8. (Optional) If you do not find a hard disk, select Utilities > Disk Utility.
    1. In the left hand pane, select VMware Virtual Disk Media.
    2. Select the Erase tab and confirm that the Format drop-down menu includes the file system type and Name.
    3. Select Erase and wait for the process to complete.
    4. Exit the Disk Utility application.
    5. Select the hard disk that was erased.
    6. Click Install and follow the prompts to complete the installation.
  9. Install VMware Tools.

Installation Instructions for Fusion 4

You can install the OS X 10.7 in a virtual machine using the installation media.

Prerequisites

Before you begin, verify that the following tasks are complete:

Installation Steps

  1. Start VMware Fusion 4.
  2. Select File > New.
  3. Drag Install Mac OS X Lion.app and drop it into the New Virtual Machine Assistant window.
  4. Follow the prompts to complete the installation.
  5. Install VMware Tools.

Knowledge Base Articles for OS X 10.7 Guest

The following link refers to knowledge base articles on operating system specific issues.

See VMware knowledge base for a list of known issues about the operating system.

2012/08/09

Apache2 authentication using MySQL backend

Filed under: Apache — Mathz @ 08:35

this tutorial will explain how to use a MySQL backend in order to authentication users against your Apache website.

To achieve this we will use Apache2 and its auth_mysql module.

Here, we will assume that you already have a website configured, up and running and that you also have access to a mysql server. The only thing left is to set up authentication.

1. Packages requirements

We need to use a package called libapache2-mod-auth-mysql. If you are using Debian Etch, you will have to compile it yourself. this will not be covered in this tutorial.

On other distros, like ubuntu or debian lenny, simply run:

# apt-get install libapache2-mod-auth-mysql

2. Setting the system

We need to create a Database to host our users and group. Let’s create a user to handle authentication:

# mysql -u root -p

mysql >CREATE DATABASE httpauthdb;
mysql >GRANT USAGE ON *.* TO httpauth@localhost IDENTIFIED BY ‘httpauthpassword’;
mysql >GRANT ALL PRIVILEGES ON httpauthdb.* TO httpauth@localhost;

then, use the script below and save it as create_db.sql:

CREATE TABLE `groups` (
  `gid` int(10) unsigned NOT NULL auto_increment,
  `name` varchar(50) NOT NULL default '',
  PRIMARY KEY  (`gid`),
  UNIQUE KEY `name` (`name`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

CREATE TABLE `usergroup` (
  `uid` int(10) unsigned NOT NULL default '0',
  `gid` int(10) unsigned NOT NULL default '0',
  PRIMARY KEY  (`uid`,`gid`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

CREATE TABLE `users` (
  `uid` int(10) unsigned NOT NULL auto_increment,
  `login` varchar(40) NOT NULL default '',
  `pass` varchar(60) NOT NULL default '',
  `firstname` varchar(255) NOT NULL default '',
  `lastname` varchar(255) NOT NULL default '',
  `email` varchar(255) NOT NULL default '',
  PRIMARY KEY  (`uid`),
  UNIQUE KEY `login` (`login`),
  UNIQUE KEY `email` (`email`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

and inject it in your database using the following command:

# mysql -u root -p httpauth < create_db.sql

Now, your database is set up, we will need to create some users.

3. Creating users

Here we will be using sha1 password. To create a password, you can use the following command:

# echo ‘password’ | sha1sum
c8fed00eb2e87f1cee8e90ebbe870c190ac3848c –

thus, the SHA1 encrypted version of password password is c8fed00eb2e87f1cee8e90ebbe870c190ac3848c.

Now, lets create a user foobar with password ‘password’ and a group it will belong to called ‘foobargroup’.

mysql> USE httpauthdb;
mysql> INSERT INTO users (login, pass, firstname, lastname, email) VALUES ('foobar', 'c8fed00eb2e87f1cee8e90ebbe870c190ac3848c', 'foo', 'bar', 'foobar@example.com');
mysql> INSERT INTO groups (name) VALUES ('foobargroup');
mysql> INSERT INTO usergroup (uid, gid) VALUES (uid, gid);

Where uid and gid have to be replaced with the one created during the 2 first INSERTS.

4. Setting apache

Now, go to your site configuration edit it and add, in between your Directory tags for instance:

    ## mod auth_mysql
    AuthBasicAuthoritative Off
    AuthMYSQL on
    AuthMySQL_Authoritative on
    AuthMySQL_DB httpauthdb
    Auth_MySQL_Host localhost
    Auth_MySQL_User httpauth
    Auth_MySQL_Password httpauthpassword
    AuthMySQL_Password_Table users
    AuthMySQL_Username_Field login
    AuthMySQL_Password_Field pass
    AuthMySQL_Empty_Passwords off
    AuthMySQL_Encryption_Types SHA1Sum
    # Standard auth stuff
    AuthType Basic
    AuthName "restricted zone"

    Require valid-user

Now, after reloading apache you should be able to authenticate as user foobar with password password.

sudo a2enmod auth_mysql

sudo service apache2 restart

2012/08/07

subversion on Ubuntu

Filed under: Server — Mathz @ 14:15

Subversion


This wiki document explains how to setup Subversion alias SVN on Ubuntu. The intended audience is experienced Linux users and system administrators.

 

Introduction

If you are new to Subversion, this section provides a quick introduction.

Subversion is an open source version control system. Using Subversion, you can record the history of source files and documents. It manages files and directories over time. A tree of files is placed into a central repository. The repository is much like an ordinary file server, except that it remembers every change ever made to files and directories.

 

Assumptions

It is assumed that you are aware of how to run Linux commands, edit files, start/stop services in an Ubuntu system. It is also assumed that Ubuntu is running, you have sudo access and you want to use Subversion software.

It is also assumed you have an internet connection.

 

Scope of this document

To make an SVN repository available to access using the HTTP protocol, you must install & configure web server. Apache 2 is proven to work with SVN. The installation of Apache 2 Webserver is beyond the scope of this document. (See ApacheHTTPserver.) However, the configuration of Apache 2 Webserver for SVN is covered in this document.

To access an SVN repository using HTTPS protocol, you must install & configure digital certificate in your Apache 2 web server. The installation and configuration of digital certificate is beyond the scope of this document. (See forum/server/apache2/SSL.)

 

Installation

Subversion is already in the main repository, so to install Subversion you can simply install the subversion package (see InstallingSoftware).

If it fails reporting dependencies, please locate the packages and install them. If it reports any other issues, please resolve them. If you cannot resolve the issue, please refer the mailing list archive of those packages.

 

Server Configuration

This step assumes you have installed above mentioned packages on your system. This section explains how to create SVN repository and access the project.

 

Create SVN Repository

There are several typical places to put a Subversion repository; most common places are: /srv/svn, /usr/local/svn and /home/svn. For clarity’s sake, we’ll assume we are putting the Subversion repository in /home/svn, and your project’s name is simply ‘myproject’

There are also several common ways to set permissions on your repository. However, this area is the most common source of errors in installation, so we will cover it thoroughly. Typically, you should choose to create a new group called ‘subversion’ that will own the repository directory. To do this (see [AddUsersHowto] for details):

  1. Choose System > Administration > Users and Groups from your Ubuntu menu.
  2. Click the ‘Manage Groups’ button.
  3. Click the ‘Add’ button.
  4. Name the group ‘subversion’
  5. Add yourself and www-data (the Apache user) as users to this group
  6. Click ‘OK’, then click ‘Close’ twice to commit your changes and exit the app.

You have to logout and login again before you are a member of the subversion group, and can do check ins.

Now issue the following commands:

   $ sudo mkdir /home/svn
   $ cd /home/svn
   $ sudo mkdir myproject

The SVN repository can be created using the following command:

  $ sudo svnadmin create /home/svn/myproject

And use the following commands to correct file permissions:

   $ cd /home/svn
   $ sudo chown -R www-data:subversion myproject
   $ sudo chmod -R g+rws myproject

The last command sets gid for proper permissions on all new files added to your Subversion repository.

If you want to use WebDAV as an access method described below, repeat the chmod -R g+rws myproject command again. This is because svnadmin will create directories and files without group write access. This is no problem for read only access or using the custom svn protocol but when Apache tries to commit changes to the repository linux will deny it access. Also the owner and group are set as root. This can be changed by repeating the chown and chgrp commands listed above.

 

Access Methods

Subversion repositories can be accessed (checkout) through many different methods-on local disk, or through various network protocols. A repository location, however, is always a URL. The table describes how different URL schemas map to the available access methods.

Schema Access Method
file:/// direct repository access (on local disk)
http:// Access via WebDAV protocol to Subversion-aware Apache 2 web server
https:// Same as http://, but with SSL encryption
svn:// Access via custom protocol to an svnserve server
svn+ssh:// Same as svn://, but through an SSH tunnel

In this section, we will see how to configure SVN for all these access methods. Here, we cover the basics. For more advanced usage details, you are always recommended to refer the svn book.

 

Direct repository access (file://)

This is the simplest of all access methods. It does not require any SVN server process to be running. This access method is used to access SVN from the same machine. The syntax is as follows:

 

  $ svn co file:///home/svn/myproject
            or
  $ svn co file://localhost/home/svn/myproject

NOTE: Please note, if you do not specify the hostname, you must use three forward slashes (///). If you specify the hostname, you must use two forward slashes (//).

The repository permission is dependant on filesystem permission. If the user has read/write permission, he can checkout/commit the changes to the repository. If you set permissions as above, you can give new users the ability to checkout/commit by simply adding them to the Subversion group you added above.

 

Access via WebDAV protocol (http://)

To access the SVN repository via WebDAV protocol, you must configure your Apache 2 web server.

First install the following package libapache2-svn (see InstallingSoftware).

NOTE: If you have already tried to install the “dav” modules manually, package installation may fail. Simply remove all files beginning with “dav” from the mods-enabled directory, then remove and install the package again. Let the package put files in the correct place, then edit your configuration.

You must add the following snippet in your /etc/apache2/mods-available/dav_svn.conf file:

 

  <Location /svn/myproject>
     DAV svn
     SVNPath /home/svn/myproject
     AuthType Basic
     AuthName "myproject subversion repository"
     AuthUserFile /etc/subversion/passwd
     <LimitExcept GET PROPFIND OPTIONS REPORT>
        Require valid-user
     </LimitExcept>
  </Location>

NOTE: The above configuration assumes that all Subversion repositories are available under /home/svn directory.

TIP: If you want the ability to browse all projects on this repository by going to the root url (http://www.serveraddress.com/svn) use the following in dav_svn.conf instead of the previous listing:

 

  <Location /svn>
     DAV svn
     SVNParentPath /home/svn
     SVNListParentPath On
     AuthType Basic
     AuthName "Subversion Repository"
     AuthUserFile /etc/subversion/passwd
     <LimitExcept GET PROPFIND OPTIONS REPORT>
        Require valid-user
     </LimitExcept>
  </Location>

NOTE: If a client tries to svn update which involves updating many files, the update request might result in an error Server sent unexpected return value (413 Request Entity Too Large) in response to REPORT request, because the size of the update request exceeds the limit allowed by the server. You can avoid this error by disabling the request size limit by adding the line LimitXMLRequestBody 0 between the <Location…> and </Location> lines.

NOTE: To limit any connection to the SVN-Server (private SVN), remove the lines <LimitExcept …> and </LimitExcept> (i.e. leave only the “Require valid-user” line).

Alternatively, you can allow svn access on a per-site basis. This is done by adding the previous snippet into the desired site configuration file located in /etc/apache2/sites-available/ directory.

Once you add the above lines, you must restart apache2 web server. To restart apache2 web server, you can run the following command:

 

  sudo /etc/init.d/apache2 restart

Next, you must create /etc/subversion/passwd file. This file contains user authentication details.

If you have just installed SVN, the passwd file will not yet exist and needs to be created using the “-c” switch. Adding any users after that should be done without the “-c” switch to avoid overwriting the passwd file.

To add the first entry, ie.. to add the first user, you can run the following command:

 

  sudo htpasswd -c /etc/subversion/passwd user_name

It prompts you to enter the password. Once you enter the password, the user is added.

To add more users after that, you can run the following command:

 

  sudo htpasswd /etc/subversion/passwd second_user_name

If you are uncertain whether the passwd file exists, running the command below will tell you whether the file already exists:

 

  cat /etc/subversion/passwd

Now, to access the repository you can run the following command:

 

  $ svn co http://hostname/svn/myproject myproject --username user_name

It prompts you to enter the password. You must enter the password configured using htpasswd command. Once it is authenticated the project is checked out. If you encounter access denied, please remember to logout and login again for your memebership of the subversion user-group to take effect.

WARNING: The password is transmitted as plain text. If you are worried about password snooping, you are advised to use SSL encryption. For details, please refer next section.

 

Access via WebDAV protocol with SSL encryption (https://)

Accessing SVN repository via WebDAV protocol with SSL encryption (https://) is similar to http:// except you must install and configure the digital certificate in your Apache 2 web server.

You can install a digital certificate issued by Signing authority like Verisign. Alternatively, you can install your own self signed certificate.

This step assumes you have installed and configured digital certificate in your Apache 2 web server. Now to access SVN repository please refer the above section. You must use https:// to access the SVN repository.

 

Access via custom protocol (svn://)

Once the SVN repository is created, you can configure the access control. You can edit /home/svn/myproject/conf/svnserve.conf file to configure the access control.

NOTE: svnserve.conf is sensitive to whitespace, be sure not to leave any whitespace at the start of a line or it will not be able to read the file.

For example, to setup authentication you can uncomment the following lines in the configuration file:

 

  # [general]
  # password-db = passwd

After uncommenting the above lines, you can maintain the user list in passwd file. So, edit the file passwd in the same directory and add new user. The syntax is as follows:

 

  username = password

For more details, please refer the file.

Now, to access SVN via svn:// custom protocol either from the same machine or different machine, you can run svnserver using svnserve command. The syntax is as follows:

 

  $ svnserve -d --foreground -r /home/svn
    # -d -- daemon mode
    # --foreground -- run in foreground (useful for debugging)
    # -r -- root of directory to serve

  For more usage details, please refer,
  $ svnserve --help

Once you run this command, SVN starts listening on default port (3690). To access the project repository, you must run the following command:

 

  $ svn co svn://hostname/myproject myproject --username user_name

Based on server configuration, it prompts for password. Once it is authenticated, it checks out the code from SVN repository.

To synchronize the project repository with the local copy, you can run update sub-command. The syntax is as follows:

 

  $ cd project_dir
  $ svn update

For more details about using each SVN sub-command, you can refer the manual. For example, to learn more about co (checkout) command, please run:

 

  $ svn help co

 

Start svnserve at bootup

One can start the svnserve daemon at bootup using an initd script. Look at Micha? Wojciechowski Blog post for instructions and a good initd script for svnserve.

 

Start svnserve at bootup using xinetd

An alternative method to run svnserve at startup is to install xinetd, and then add the following line to /etc/xinetd.conf (replacing ‘svnowner’ and ‘/home/svn’ with appropriate values)

 

svn stream tcp nowait svnowner /usr/bin/svnserve svnserve -i -r /home/svn

 

Access via custom protocol with SSL encryption (svn+ssh://)

It is not necessary to run the SVN server (svnserve) in order to access SVN repositories on a remote machine using this method. However, it is assumed that the SSH server is running in the remote machine with the repository and it is allowing incoming connections. To confirm, please try to login to that machine using ssh. If you can login, then everything is perfect. If you cannot login, please address it before continuing further.

The svn+ssh:// protocol is used for accessing SVN repositories with SSL encryption for secure data transfer. To access a repository using this method, run the following command:

 

  $ svn co svn+ssh://hostname/home/svn/myproject myproject --username user_name

NOTE: You must use full path (/home/svn/myproject) to access an SVN repository using this method.

Based on the SSH server configuration, it prompts for password. You must enter the password you use to login via ssh. Once it is authenticated, it checks out the code from SVN repository.

You can also refer the SVN book for details about the svn+ssh:// protocol.

 

References


 


CategoryDocumentation CategoryDocumentation

Subversion (last edited 2012-03-18 07:20:28 by bradh)

2012/08/02

Backup and Restore a Subversion Repository

Filed under: Backup,Server — Mathz @ 13:34

Sometimes, you just have to do serious maintenance to a server, like install a new instance of your operating system from scratch with a new partition layout. If this server happens to be your Subversion server, you need to backup your repository and restore it once you’re done with the maintenance. Or maybe you just want to move your repository from one server to another. Here’s how to do it. The commands below need to be performed on the SVN server by a user who has write access to the repository (in theory any SVN admnistrator).

First, here’s how back up the repository to a compressed file:

$ svnadmin dump /path/to/repo | gzip > backup.gz

And how to restore it:

$ gunzip -c backup.gz | svnadmin load /path/to/repo

Those commands are meant for UNIX or Linux so you will have to adapt them if you are running Windows. It shouldn’t be too difficult to do so, especially if you are using Cygwin.

Powered by WordPress