Linux.com

Community Blogs



Midnight Commander Notes

Midnight commander is a popular file manager available from repositories in almost all major Linux distributions. Many new users find it difficult to work on servers only from command line so midnight commander is a welcomed help. Here are some tips and notes how to use this tool together with my most used shortcuts that I used to give users that never worked with it before. As always for a complete list of keyboard shortcuts and much more man mc or info mc should work.

 

Usage tips

To start midnight commander simply type mc.

[podlevak@55cent:~]$ mc

 

If you want the panels pointing to some specific directories append a path (or two) after the mc:

[podlevak@55cent:~]$ mc /etc/httpd/ /var/log/

 

To go back to command line you don't have to quit midnight commander with F10 - on most shells, here bash is used, ctrl-z will put mc into background and it can be put back to foreground with fg command.

[podlevak@55cent:~]$ mc /etc/httpd/ /var/log/

[1]+  Stopped                 /usr/bin/mc -P "$MC_PWD_FILE" "$@"

[podlevak@55cent:~]$ fg

Another way is using the ctrl-o shortcut for hiding the panels; to show them press ctrl-o again.

 

Midnight commander comes with an integrated editor and viewer - you can use them also directly:

[podlevak@55cent:~]$ mcview /etc/hosts

[podlevak@55cent:~]$ mcedit new_file

 

Shortcuts

I've divided the shortcuts into three groups according to their usage. A little note on how to use them:

  1. when using a shortcut like ctrl-r, hold down the control key and then press the r key
  2. for shortcut like ctrl-x-o hold down the control key and then press the x key, let go and press the o key

File manipulation and shell commands

  • ctrl-x-c change permissions
  • ctrl-x-o change owner
  • ctrl-x-s create symlink
  • ctrl-x-ctrl-s edit symlink
  • esc-tab completion, like tab in shell
  • alt-s search in active panel, after pressing keys just write
  • alt-p previous entered command
  • alt-n next entered command
  • ctrl-space show directory size
  • ctrl-x-i shows file / directory info, press again to return to panel
  • ctrl-x-q quick view - view content of files in a preview window (F7 for search works), press again to return to panel

Displaying content

  • ctrl-o turn off/hide the panels, 2x turns them on
  • ctrl-r rescan (refresh active panel)
  • ctrl-u flip panels
  • alt-o open path in other panel
  • ctrl- frequently used directories, directory hot-list

Selecting

  • Insert select single file
  • * (asterisk) select all files, 2x un-selects if all files were selected, or inverts selection if files were selected (using a mask or insert)
  • + (plus) select mask, regular expression can be used
  • - (minus) un-select mask, regular expression can be used
 

VPN-O-Rama : IPCop to PFSense with IPSec

Introduction

Here's another episode of my VPN saga, this time we'll connect IPCop to PFSense with IPSec.

Just few words about PFSense (http://www.pfsense.org/) if you don't know it; I've always used BSD and I'm a big fan of it, OK we're in a Linux site but many of you may possibly argue about BSD proof of scalability, stability, security, simplicity (IMHO) and networking capabilities (even after recent events, fake or not).

BSD PF (http://www.openbsd.org/faq/pf/) (Packet Filter) if a great technology and I totally love it, I don't want to start a flame war between Packet Filter and IPTables, this article is just focused on building an IPSec connection between Linux and a particular BSD distro (PFSense). I've done some research after dealing with M0n0wall, Smoothwall and so on and I've decided to give PFSense a try. It's one of my favorite firewall distributions, SOHO installations but even heavy duty connections and features (NAT traversal or load balancing for example), it's not a project for hobbyists, it may scale to business class installations easily.

Following this “VPN by examples” guide I'll connect PFSense to IPCop with an IPSec connection, both machines have static IP addresses, in later examples I'll use even dynamic IPs; I didn't find anything related to IPCop to PFSense available on the web so I've decided to publish my documentation with a lot of screenshots as usual.

 

This article will follow my previous “VPN-O-Rama: IPCop to IPCop with IPSec” (http://www.linux.com/community/blogs/vpn-o-rama-ipcop-to-ipcop-with-ipsec.html) and I'll add a new machine to the same network, so it will be:

 

Network topology:

 

Office

Network

Subnet

Headquarter (Coruscant)

10.0.2.0

255.255.255.0

Subsidiary 1 (Alderaan)

10.0.3.0

255.255.255.0

Subsidiary 1 (Tatooine)

10.0.4.0

255.255.255.0

 

 

Firewalls:

 

Location/Name

Firewall Distro

Private IP (LAN)

Public IP (WAN)

Coruscant

IPCop v1.4.21

10.0.2.94

10.0.0.94

Alderaan

IPCop v1.4.21

10.0.3.95

10.0.0.95

Tatooine

PFSense v1.2.3

10.0.4.96

10.0.0.96

 

 

I've skipped PFSense installation process to focus on a ready new installed PFSense machine named Tatooine, let me know if you need an article on it.

 

My Goal

 

I'd like to achieve an IPSec connection between two static machines (Tatooine and Coruscant), no firewalls or other port blocking rules on public WAN between these two firewalls, variations on this task may follow on following articles

 

PFSense Configuration

Here's PFSense main GUI in the private network example:

 

WARNING:

Before every configuration please consider we're creating an example and we're using private networks (10.0.0.0 Class A IPs on WAN), on PFSense there's an option made for blocking private network traffic on WAN, before starting with our example you need to disable this rule ! Under Menu Interfaces / WAN there's an option named “Block private networks”. Just forget it if you're using a real network on public classes (on WAN), see screenshot and disable this rule if you're in my case

 

Now go under VPN menu, option IPSec

Enable “Enable IPSec” check box and hit “Save” button, see:

 

then click the “Add tunnel” icon on the right side of the page, now you've a new page where you can specify VPN tunnel options. Here's what I've done:

General parameters (PFSense related)

  • Tunnel enabled, so disable this tunnel check box is unchecked

  • Interface WAN, in my case I need to use WAN to reach remote subnet

  • DPD interval (dead peer detection), in my case 60 seconds (it should be enough for everyone)

  • Remote Subnet, in this example is 10.0.2.0 (Coruscant network) with a 24 bit mask (255.255.255.0)

  • Remote Gateway, in this example is 10.0.0.94 (Coruscant firewall on public network)

 

VPN Phase 1 Authentication (VPN Parameters for phase 1)

  • Negotiation Mode, set to “main

  • My Identifier, left as it is (my IP address). In my case I've a quite easy network connection with two static IP addresses, no NAT traversal or other stuff around. We'll see advanced configurations with NAT and dynamic IP addresses the next time

  • Encryption algorithm, I'm using Blowfish, much better than 3DES. Please remember all your parameters, they must match settings chosen on the remote side

  • Hash algorithm, MD5 for hashing, I've chosen MD5 here and on IPCop side

Let me show you first page with parameters from above

 

Let's go on with:

  • DH key group, select option “5” (on IPCop I've chosen 1536 bits)

  • Lifetime, set it to 3600 seconds (1 hour)

  • Authentication Method, I'm now using “pre-shared key”, CA (Certification Authorities) are not available as native services on PFSense. Developers are focusing their software on firewall features and I respect their ideas related on keeping CAs outside even if it would be great to have something inside (like IPCop and other Linux distros). Creating a CA from scratch on an another PC requires a lot of time and it's out of this article tasks, I'll write down some notes on it if you need it. To keep things as simple as I can I've chosen to use Pre Shared Key, this is not a roadwarrior connection but a connection between two offices so it's something a common user never see

  • Pre-Shared Key, I'm using “12345” (“I've got the same combination on my luggage” cit.: http://en.wikiquote.org/wiki/Spaceballs )

And here's another shot:

 

VPN Phase 2 proposal (SA/Key Exchange)

Here's the second round of a VPN connection: key proposal and exchange, here are my parameters:

  • Protocol: ESP, encryption

  • Encryption algorithms, I'm using Blowfish, I've disabled everything else to avoid confusion so VPN server avoids even their proposal

  • Hash algorithms, SHA1 and MD5, keep them as they are

  • PFS key group, we're using 1536 bit so option “5” is the way to go

  • Lifetime, is 28800 (8 hours)

No keep alive host, use something if you detect drops on your line

Here's my shot:

I'll repeat it again, please keep in mind all these parameters are mandatory , you need to fill them even if PFSense tells you they're optionals and even more important: write them to a notepad and report them as they are on the IPCop side.

 

Finally hit SAVE button to create your VPN connection, now on the VPN:IPSec page hit Apply Changes button to confirm your new VPN connection.

 

IPCop Configuration

Now it's time to create the VPN connection on the IPCop side, back again on Coruscant, you'll probably see past article information (http://www.linux.com/community/blogs/vpn-o-rama-ipcop-to-ipcop-with-ipsec.html) but we don't care.

On VPNs menu, VPNs option here's the situation:

now press “Add” button in the middle of the screen to create a new PSK VPN connection with IPSec and select Net-to-Net Virtual Private Network to continue, we want to connect these two nets, then press Add to go on (see screenshot)

Here are the parameters for this VPN connection:

  • Name, Tatooine. The name of your VPN connection, choose the name you want, it really doesn't matter

  • Host IP Address: 10.0.0.94. Where VPN starts: red interface, WAN (see previous information about it)

  • Remote Host/IP: 10.0.0.96. Where your remote firewall (Tatooine) is, static IP address in my case

  • Local Subnet: 10.0.2.0/255.255.255.0 It should be already set to your own subnet LAN on Coruscant network

  • Remote Subnet: 10.0.4.0/255.255.255.0 Tatooine network information for our example

  • Check “Edit advanced settings when done” check box because you need to deal with Phase 1 & 2 advanced parameters for VPN settings, important

  • In authentication window below select “Use a Pre-Shared key” and enter “12345” as the PSK password (please choose a different one on real cases, we already have Spaceballs http://en.wikiquote.org/wiki/Spaceballs)

Here's another shot

 

Then hit Save on the bottom of the page to edit advanced settings.

Now You're in the advanced settings page where you can specify connection parameters for phase 1 & 2 (VPN)

Here you need to set:

Phase 1

  • IKE Encryption to Blowfish (both 256bit and 128bit)

  • IKE Integrity to SHA1 and MD5

  • IKE Grouptype to MODP-1536 (remember 1536 bit above ???)

  • IKE Lifetime to 1 hour

Phase 2

  • ESP Encryption to Blowfish (both 256bit and 128bit)

  • ESP Integrity to SHA1 and MD5

  • ESP Grouptype to MODP-1536

  • ESP Keylife to 8 hours

Keep additional parameters (checkboxes below) as they are, so everything unchecked except "Perfect Forward Secrecy (PFS)"

See screenshot for details

Now under main VPN menu on IPCop wait for a while (how much ? a while...) and you'll probably see something like that (open status is green)


 

On PFSense side you need to go to Status menu, IPSec option and in the Overview tab you'll see this (status with green arrow is for the on line link):

 

As you may see from this example all efforts are related to match proper VPN parameters, phase 1 and phase 2 settings needs to have same values on both sides, it's also important to mention IKE lifetime and keylife, if they don't match you don't even have the connection.

 

I hope this guide could be pretty clear for anyone, I've tried to search something like that when I was dealing with my first connection but unlikely I didn't found anything on the web.

 

Please let me know if you need further details on this connection, in the next episodes I'll show you some variations of this Config and I'll connect new distros as well, share your comments if any

 

Previous:
VPN-O-Rama: VPNs intro, practical HOWTOs
VPN-O-Rama: IPCop to IPCop with IPSec

Next:
IPSec connection between a static and dynamic IP Address



Regards

Andrea (Ben) Benini

 

 

HOWTO MySQL: Reset root password

Few days ago I've had in front of me a Gentoo installation with a MySQL Daemon, no documentation provided with the machine and absolutely no root password for the DB. I've tried to obtain the root password for MySQL and that's what I've done. These instructions are valid for every linux distro, no matter about the release or flavor.

First of all, you need to stop mysql daemon and all running instances of mysql, something like that:

~# /etc/init.d/mysql stop
* Stopping mysql ...
* Stopping mysqld (0)                                                    [ ok ]

Starting/stopping services may vary according to your linux distribution documentation, make a double check to remove even zombie processes or mysql opened instances (ps aex|grep mysql) and kill them if any

Now you can run this command to start the daemon with full privileges and no authentication:

mysqld_safe --skip-grant-tables &

Even if not reported in the man page or not documented with:

~# mysqld_safe --help
Usage: /usr/bin/mysqld_safe [OPTIONS]
  --no-defaults              Don't read the system defaults file
  --defaults-file=FILE       Use the specified defaults file
  --defaults-extra-file=FILE Also use defaults from the specified file
  --ledir=DIRECTORY          Look for mysqld in the specified directory
  --open-files-limit=LIMIT   Limit the number of open files
  --core-file-size=LIMIT     Limit core files to the specified size
  --timezone=TZ              Set the system timezone
  --mysqld=FILE              Use the specified file as mysqld
  --mysqld-version=VERSION   Use "mysqld-VERSION" as mysqld
  --nice=NICE                Set the scheduling priority of mysqld
  --skip-kill-mysqld         Don't try to kill stray mysqld processes
  --syslog                   Log messages to syslog with 'logger'
  --skip-syslog              Log messages to error log (default)
  --syslog-tag=TAG           Pass -t "mysqld-TAG" to 'logger'

All other options are passed to the mysqld program.

you can find more info on it at http://dev.mysql.com/doc/refman/5.0/en/resetting-permissions.html (wish to have this link or just read the doc before doing it...)

Now enter in the DB with root privileges:

mysql -u root

and locate mysql default schema

use mysql;

"user" table is where you can find/reset/update information related to mysql users (not that strange...)

mysql> show columns from user;
+-----------------------+-----------------------------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-----------------------+-----------------------------------+------+-----+---------+-------+
| Host | char(60) | NO | PRI | | |
| User | char(16) | NO | PRI | | |
| Password | char(41) | NO | | | |
| Select_priv | enum('N','Y') | NO | | N | |
| Insert_priv | enum('N','Y') | NO | | N | |
| Update_priv | enum('N','Y') | NO | | N | |
| Delete_priv | enum('N','Y') | NO | | N | |
| Create_priv | enum('N','Y') | NO | | N | |
| Drop_priv | enum('N','Y') | NO | | N | |
| Reload_priv | enum('N','Y') | NO | | N | |
| Shutdown_priv | enum('N','Y') | NO | | N | |
| Process_priv | enum('N','Y') | NO | | N | |
| File_priv | enum('N','Y') | NO | | N | |
| Grant_priv | enum('N','Y') | NO | | N | |
| References_priv | enum('N','Y') | NO | | N | |
| Index_priv | enum('N','Y') | NO | | N | |
| Alter_priv | enum('N','Y') | NO | | N | |
| Show_db_priv | enum('N','Y') | NO | | N | |
| Super_priv | enum('N','Y') | NO | | N | |
| Create_tmp_table_priv | enum('N','Y') | NO | | N | |
| Lock_tables_priv | enum('N','Y') | NO | | N | |
| Execute_priv | enum('N','Y') | NO | | N | |
| Repl_slave_priv | enum('N','Y') | NO | | N | |
| Repl_client_priv | enum('N','Y') | NO | | N | |
| Create_view_priv | enum('N','Y') | NO | | N | |
| Show_view_priv | enum('N','Y') | NO | | N | |
| Create_routine_priv | enum('N','Y') | NO | | N | |
| Alter_routine_priv | enum('N','Y') | NO | | N | |
| Create_user_priv | enum('N','Y') | NO | | N | |
| ssl_type | enum('','ANY','X509','SPECIFIED') | NO | | | |
| ssl_cipher | blob | NO | | NULL | |
| x509_issuer | blob | NO | | NULL | |
| x509_subject | blob | NO | | NULL | |
| max_questions | int(11) unsigned | NO | | 0 | |
| max_updates | int(11) unsigned | NO | | 0 | |
| max_connections | int(11) unsigned | NO | | 0 | |
| max_user_connections | int(11) unsigned | NO | | 0 | |
+-----------------------+-----------------------------------+------+-----+---------+-------+
37 rows in set (0.00 sec)

Now update your password with something like that:

update user set password=PASSWORD("rememberyournewpassword") where User='root';

And don't forget to flush privileges to have everything updated

flush privileges;

and quit from DB

quit;

then stop/kill the running daemon and restart it in "normal" mode

/etc/init.d/mysql stop
## Even stop running daemons if any
ps aex |grep mysqld # to find sockets
kill -SIGKILL <pid> # to kill running mysqld pid's

Now test your new password with something like that

mysql --host=127.0.0.1 --user=root -p

and insert your new password

 

that's it

Ben

 

 

Error: Could not stat() command file '/var/lib/nagios3/rw/nagios.cmd'!

Here's a viable solution on my debian server:

dpkg-statoverride --update --add nagios www-data 2710 /var/lib/nagios3/rw dpkg-statoverride --update --add nagios nagios 751 /var/lib/nagios3

And... et voilà!

The proper permissions have been set and everything should work as expected

Regards
 

2 Cent Tip - Extend (resize) a whole device partition.

Occasionally I have to resize partitions on iSCSI or Fiber-Channel attached SAN storage.  Both technologies allow you to easily extend the available storage for a host by extending LUNs, or volumes.  A common problem after extending the size of the LUN, or volume, is resizing partitions to fill out the new size.

 

For the most part, I usually fire up PartedMagic  and its a snap, even with Fiber-Channel attached enterprise storage.  Once the HBA's have been zoned to Fiber-Channel switches, then the HBAs do all the heavy lifting.  In other words on Fiber-Channel, it doesn't matter if you're using PartedMagic, or Knoppix, the server just knows where the storage is, and that its certainly attached.  The only dependency for this working on a Live boot disk are drivers for the HBA cards.

 

iSCSI is a bit different.  Because, iSCSI relies on commodity Network Interface Cards, this technology is largely implemented in software.  One perceived advantage is iSCSI may seem less complicated to use than Fiber-Channel storage.  Unfortunately, in this case, PartedMagic did not have open-iscsi software, and I could install open-iscsi in the Knoppix Live ramdisk. However, because Knoppix came with an outdated iSCSI kernel module, it was not new enough to inter-operate with the open-iscsi software.

 

Furthermore, the version of parted that shipped with RHEL 5 threw an incompatible filesystem error, refusing to modify the filesystem. So, in the end, I twiddled some bits on the partition table with fdisk, and used resize2fs to extend the partition.

 

Assuming you have a backup of the filesystem you are working on, you can proceed with the following steps to extend a single partition to the end of the extended volume.  If you have multiple partitions on a volume, you may want to stick to more reliable methods of resizing and extending.  If you screw up the cylinder boundaries on a device with multiple partitions, you'll definitely lose data.  A single partition, in this example, is a much simpler scenario.

 

The device name in this example is /dev/mapper/u02, the first partition is /dev/mapper/u02p1:

  • Run fdisk -l /dev/mapper/u02 to get the starting cylinder.
Disk /dev/mapper/u02: 100.9 GB, 108340550042 bytes

255 heads, 63 sectors/track, 13171 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System
/dev/mapper/u02p1 1 13171 26450329 83 Linux

  • Reboot the server, after extending the volume or LUN on your SAN, and before proceeding to extend the partition in your Operating System.  The Operating System needs to re-read sector 0 on the extended SAN volume, before continuing. Note, that fdisk will report 26109 cylinders instead of 13171, after I rebooted the server.
  • Next, we will run: fdisk /dev/mapper/u02, and then hit the keys: d, n, p, 1, [enter], [enter], w
WARNING: DOS-compatible mode is deprecated. It's strongly recommended to
switch off the mode (command 'c') and change display units to
sectors (command 'u').

Command (m for help): d
Selected partition 1

Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-26109, default 1):
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-26109, default 26109):
Using default value 26109

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.
  • Finally, run resize2fs on /dev/mapper/u02p1. If you are using ext3, you can do an on-line resize while the volume is mounted.  It is probably safest to umount the partition to be re-sized, however.
resize2fs 1.39 (29-May-2006)
Filesystem at /dev/mapper/u02p1 is mounted on /u02; on-line resizing required
Performing an on-line resize of /dev/mapper/u02p1 to 52430127 (4k) blocks.
The filesystem on /dev/mapper/u02p1 is now 52430127 blocks long.


Refer to the resize2fs for more information on the command, and its proper usage.

 

Analyzing Apache Logs interactively from the terminal with GoAccess

I have always been analyzing my Apache logs with the popular tail -f, which to a certain point is quite neat that you can see the whole request in real time. However, there is a point where you may be interested to know more details about your web logs.

Here it is where I find really interesting GoAccess. Whilst Awstats, Analog, Webalizer all generate HTML statistics, this application will let you analyze your Apache Web server logs straight from the terminal. It generates statistics really fast and it displays them in a nice ncurses interface.

More information about this project at: http://goaccess.prosoftcorp.com/

 

RAID Disk Configuration (mdadm.conf)

Back again with a very quick tip: RAID disk array configuration.

After few articles like:
Installing GRUB on the other disks
Replacing faulted raid drive
I'm just adding my configuration related to one of my RAID installations on a linux server.

Machine has Gentoo Linux (current portage, AMD64 arch) and a RAID system with only two SATA drives with a simple RAID1 config. Nothing more, nothing less

Quite easy config to have a virtual disk composed like this:

Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/md2 4806824 997012 3809812 21% /
tmpfs 449108 0 449108 0% /lib/init/rw
udev 10240 144 10096 2% /dev
tmpfs 449108 0 449108 0% /dev/shm
/dev/md0 90195 11088 79107 13% /boot
/dev/mapper/storage-storage 306966528 82096984 224869544 27% /home

I've a boot partition (md0), a swap partition (md1), root partition (md2) and a logical volume manager (LVM) on /dev/md3

Nothing strange, nothing spectacular, every configuration is maded by hand, no fancy graphical tools involved. Config related to RAID5 installations have the same layout

Here's the array configuration file (mdadm.conf)

# scan all partitions (/proc/partitions) for MD superblocks.
DEVICE partitions

# auto-create devices
CREATE owner=root group=disk mode=0660 auto=yes

# tag arrays as belonging to the local system
HOMEHOST
# Monitoring daemon instructions
MAILFROM FileServer Administrator
MAILADDR This e-mail address is being protected from spambots. You need JavaScript enabled to view it

# MD array
ARRAY /dev/md0 level=raid1 num-devices=2 UUID=d4eb97cf:da422dd0:36eb05f3:bbd531f4
ARRAY /dev/md1 level=raid1 num-devices=2 UUID=a614ae3f:a9afcbfc:91f980c8:762e06bc
ARRAY /dev/md2 level=raid1 num-devices=2 UUID=19d6f845:358ff0a9:188cf822:397115dc
ARRAY /dev/md3 level=raid1 num-devices=2 UUID=24346f3b:bad36d8b:961a4a14:4eae9079

# Modified by Ben

Again, nothing strange here, hope it helps newbies or contributors interested in a RAID installation, please share your thoughts if this simple config can be better

Next step: LVM configuration sample

 

Hope it helps you
Glad to read your comments

 

Andrea (Ben) Benini

 

Creating XLS file on the fly from a PHP application

Here's a quick and dirty solution for a common problem, if you've a web application used by common Windows users and you publish data on it sometimes you receive this kind of question:

"Are your information exportable into an XLS (Excel) file ?"

For example I've an accounting application exporting some data on a web page, the user just wants to download an Excel file or open it directly from the web page, there's no rocket science here, this is just what I've done, let's roll some php code:

Create an header section (adapted from http://www.php.net/manual/en/function.header.php):

$export_file = "my_name.xls";
ob_end_clean();
ini_set('zlib.output_compression','Off');
header('Pragma: public');
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past header('Last-Modified: '.gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate'); // HTTP/1.1
header('Cache-Control: pre-check=0, post-check=0, max-age=0'); // HTTP/1.1
header("Pragma: no-cache");
header("Expires: 0");
header('Content-Transfer-Encoding: none');
header('Content-Type: application/vnd.ms-excel;'); // This should work for IE & Opera
header("Content-type: application/x-msexcel"); // This should work for the rest
header('Content-Disposition: attachment; filename="'.basename($export_file).'"');

Put your data in a string (of course init it first):

$sBuffer = "";

Then start adding your data in a loop

for (...your loop statement goes here...) {
    $sBuffer .= "column1column2column3column4 ";
}

Example above creates 4 columns with your raw data, quite easy to adapt to your own needs. Then finally output your data with this:

echo($sBuffer);

put this final part after the header section expressed above and that's it ! nothing spectacular I mean but it works fine with every computer with an office automation suite. When the user press your button it gets an XLS sheet and he can open it with Office or OpenOffice as well, it doesn't matter client or server operating system, this trick follows just Excel v1 and v2 specs (very acient but still working).

Please don't deal with ActiveX, proprietary grids or closed source solutions, this is just what you need to keep it simple

 

Hope it helps
Glad to hear your comments

 

Andrea (Ben) Benini

 

Management and economics issues of hosting virtual private email servers

After I published "Wanted: Virtual Personal Email Servers (VPES)" I got lots of feedback. Among others, John made very interesting comments, for example:

  • ... The most user friendly free email management interface is from Zimbra, but the setup is a bear and the system requirements are huge for what it provides
  • ...I (John) spent 20 min earlier today considering whether I could make any profit creating an easy VPES setup script with a fairly low monthly price point.
  • ... BTW, the laws for email metadata retention are different in the EU than in the USA...

The summary of this discussion is at Virtual Personal Email Servers: legal, management and economics issues.

 

Installing rssh in Linux Server

Here are the steps to install rssh in the linux server :
Follow the below steps to install if your linux os is 32 bit :
Step 1: cd /usr/src
Step 2: wget http://dag.wieers.com/rpm/packages/rssh/rssh-2.3.2-1.2.el4.rf.i386.rpm
Step 3: rpm -ivh rssh-2.3.2-1.2.el4.rf.i386.rpm
If your linux os is 64 bit then follow these steps:
Step 1: cd /usr/src
Step 2: wget http://dag.wieers.com/rpm/packages/rssh/rssh-2.3.2-1.2.el5.rf.x86_64.rpm
Step 3: rpm -ivh rssh-2.3.2-1.2.el5.rf.x86_64.rpm

For queries @ Linux Server

 

Set up OSOL 2010-03 (build 134) PV Guest at Xen 4.0 Dom0 (2.6.32.10 pvops kernel) on top of Ubuntu Karmic Koala Server

Due to absence in meantime pygrub support for ZFS 24 in Xen 4.0 proceed as usual and copy unix kernel and boot_archive off the disk to Dom0 :


mount -o loop,ro osol-134-dev-x86.iso /mnt
cp /mnt/platform/i86pc/amd64/boot_archive  /home/boris/osol134
cp /mnt/platform/i86xpv/kernel/amd64/unix /home/boris/osol134

In my case OSOL 134 PV DomU was able to obtain IP address just once after first boot up configuring SMF . Afterwards it required restarting ( or reenabling)  service svc:/network/physical:nwam, what finally brought me to accomplish this procedure as OSOL service , because no analog of /etc/rc.local exists on OSOL.


  Two steps in procedure bellow make Xen default Hypervisor on Ubuntu 9.10. First is commenting out (xend-unix-server yes) in /etc/xen/xend-config.sxp, second export variable export VIRSH_DEFAULT_CONNECT_URI=”xen:///” in root’s .bashrc.Then run:-
# apt-get install ubuntu-virt-server ubuntu-virt-mgmt


Create installation XML profile create_osol134.xml as follows :-


<domain type='xen'>
  <name>osol134</name>
  <uuid>f80856df-3180-acc5-931d-32190cfe4062</uuid>
  <memory>1048576</memory>
  <currentMemory>1048576</currentMemory>
  <vcpu>2</vcpu>
  <bootloader></bootloader>
  <os>
    <type>linux</type>
    <kernel>/home/boris/osol134/unix</kernel>
    <initrd>/home/boris/osol134/boot_archive</initrd>
    <cmdline>/platform/i86xpv/kernel/amd64/unix - nowin -B install_media=cdrom</cmdline>
  </os>
  <clock offset='utc'/>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>destroy</on_reboot>
  <on_crash>destroy</on_crash>
  <devices>
    <disk type='block' device='disk'>
      <driver name='phy'/>
      <source dev='/dev/sdb5'/>
      <target dev='xvda' bus='xen'/>
    </disk>
    <disk type='file' device='cdrom'>
      <driver name='file'/>
      <source file='/root/MyDownloads/osol-dev-134.iso'/>
      <target dev='xvdc' bus='xen'/>
      <readonly/>
    </disk>
    <interface type='bridge'>
      <mac address='00:16:3e:72:da:33'/>
      <source bridge='eth0'/>
      <script path='/etc/xen/scripts/vif-bridge'/>
      <target dev='vif7.0'/>
    </interface>
    <console type='pty' tty='/dev/pts/1'>
      <source path='/dev/pts/1'/>
      <target port='0'/>
    </console>
  </devices>
</domain>


and run


# virsh create create_osol134.xml
# virsh console osol134
At this point activate VNC connection to DomU via script

domid=`virsh domid osol134`
ip=`/usr/bin/xenstore-read /local/domain/$domid/guest/ipv4/0/address`
echo $ip
port=`/usr/bin/xenstore-read /local/domain/$domid/guest/vnc/port`
echo $port
/usr/bin/xenstore-read /local/domain/$domid/guest/vnc/passwd
vncviewer $ip:$port


and go through normal install. Now define new domain via profile :


<domain type='xen'>
  <name>osol34</name>
  <uuid>0b9a31cc-13c2-065b-e64d-4ba1a042dedc</uuid>
  <memory>1048576</memory>
  <currentMemory>1048576</currentMemory>
  <vcpu>2</vcpu>
  <bootloader></bootloader>
  <os>
    <type>linux</type>
    <kernel>/home/boris/osol134/unix</kernel>
    <initrd>/home/boris/osol134/boot_archive</initrd>
    <cmdline>/platform/i86xpv/kernel/amd64/unix -B zfs-bootfs=rpool/ROOT/opensolaris,bootpath=/xpvd/xdf@51712:a</cmdline>
  </os>
  <clock offset='utc'/>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>destroy</on_reboot>
  <on_crash>destroy</on_crash>
  <devices>
    <disk type='block' device='disk'>
      <driver name='phy'/>
      <source dev='/dev/sdb5'/>
      <target dev='xvda' bus='xen'/>
    </disk>
    <interface type='bridge'>
      <mac address='00:16:3e:4d:60:e3'/>
      <source bridge='eth0'/>
      <script path='/etc/xen/scripts/vif-bridge'/>
      <target dev='vif8.0'/>
    </interface>
    <console type='pty' tty='/dev/pts/1'>
      <source path='/dev/pts/1'/>
      <target port='0'/>
    </console>
  </devices>
</domain>


# virsh  define osol134-def.xml
# virsh start osol134
# virsh console osol134


In my case after first reboot configuring SMF OSOL 134 stopped obtain IP address via DHCP and required every time commands bellow :-


$ pfexec su -
# svcadm restart svc:/network/physical:nwam
Due /etc/rc.local doesn't exist on OSOL new service to restart NWAM was
implemented. First i created script /bin/dhcp_again.sh to add as service to SMF


root@opensolaris:~# cat /bin/dhcp_again.sh
svcadm restart svc:/network/physical:nwam


Created XML bellow per [1]:


<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<!--Script name goes here-->
<service_bundle type='manifest' name='SUNWcsr:dhcp_again'>

<!--Script name goes here too-->
<service
name='site/dhcp_again'
type='service'
version='1'>

<create_default_instance enabled='false' />

<single_instance/>

<!--If your script needs to run after a certain milestone has been met
you can specify that here, otherwise delete this bit.
Replace value for milestone you need to meet-->
<dependency
name='milestone'
grouping='require_all'
restart_on='none'
type='service'>
<service_fmri value='svc:/milestone/network' />
</dependency>

<!--Script to run goes here-->
<exec_method
type='method'
name='start'
exec='/usr/bin/bash /bin/dhcp_again.sh'
timeout_seconds='60' />

<exec_method
type='method'
name='stop'
exec=':kill'
timeout_seconds='60' />

<!--This bit makes it run ONCE and makes sure it is NOT restarted!-->
<property_group name='startd' type='framework'>
<propval name='duration' type='astring' value='transient' />
</property_group>

<template>
<common_name>
<loctext xml:lang='C'>
<!--Script name goes here-->
DHCP_AGAIN
</loctext>
</common_name>
<documentation>
<manpage title='' section=''
manpath='' />
</documentation>
</template>
</service>

</service_bundle>


Next step:-


# cd /var/svc/manifest/site
XML above saved in this directory as dhcp_again.xml
# svccfg validate dhcp_again.xml
# svccfg import dhcp_again.xml
# svcadm enable dhcp_again
#root@opensolaris:~# svcs -a|grep dhcp
online         19:37:20 svc:/site/dhcp_again:default


At this point activate GDM remote login via Xvnc :

root@opensolaris:~# cat /etc/gdm/custom.conf
# Custom Configuration file.
# overrides: /usr/share/gdm/defaults.conf
[daemon]
RemoteGreeter=/usr/lib/gdmgreeter
[security]
DisallowTCP=false
# AllowRoot=true
# AllowRemoteRoot=true
[xdmcp]
Enable=true
[gui]
[greeter]
[chooser]
[debug]
[servers]

Then re-enable services :

svcadm disable xvnc-inetd gdm
svcadm enable xvnc-inetd gdm
Runtime snapshots


Runtime snapshots





References
1. http://www.hashbang0.com/blog/2010/03/26/making-a-script-run-on-startup-on-opensolaris/

 
Page 3 of 8

Upcoming Linux Foundation Courses

  1. LFS426 Linux Performance Tuning
    21 Apr » 24 Apr - Virtual
    Details
  2. LFS520 OpenStack Cloud Architecture and Deployment
    05 May » 09 May - Virtual
    Details
  3. LFD320 Linux Kernel Internals and Debugging
    12 May » 16 May - Virtual
    Details

View All Upcoming Courses


Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board