jonen/notes/notes_2003-02.twingle

<hr/>

  - Unix-Systems
    o learn howto move/maintain /etc of servers at cvs !!
    Debian:
      x search if new packages available, do 'apt-get --dry-run upgrade'! 
       x build small systool script 'apt-get_remote.pl' which do a cronly 'apt-get --dry-run upgrade' and send output via mail
       o review 'apt-get_remote.pl'
         o what's about parsing some response for comand like installing some marked packages
    FreeBSD(stable):
      o read more about BSD package systems (pkg, cvsup)
        x for simple package installation/de-installation use pkg
          x install downloaded package:
              :# pkg_add {package}-{version}.tgz
          x install package via remote server(only if package is available as *latest*): 
                pkg_add -r {package}.tgz
        x using cvsup
          x read http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html
          x newbies could use cvsupit:
              :# pkg_add -r cvsupit.tgz
            - cvsupit will proberly ask you for the default values it
              place at /etc/cvsupfile, which is used by cvsup
            - after that it will start cvsup to update your system
          x if /etc/cvsupfile already exists and you know what you do,
             this command will update your system (maybe run it via cron...):
              :# /usr/local/bin/cvsup -g -L 2 /etc/cvsupfile
             where '-g' tells cvsup not to use a GUI, '-L 2' sets default output level to 2
          x for available cvs tags, look at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvs-tags.html
      o whats about daemon start-stop scripts (like at linux: /etc/init.d/) ?
       x some daemons (only installed ports?) start-stop-scripts are placed at '/usr/local/etc/rc.d/'
       o how at '/etc/rc.conf' toogled start-up scripts can be run manually(e.g. /etc/rc.firewall)?
      x configure and compile custom kernel:
        x read http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-building.html
        x create custom kernel conf-file
          - cd usr/src/sys/i386/conf/
          - copy default kenrnel GENERIC to eg MYKERNEL
          - edit/modify MYKERNEL
        x configure sources(really?)
          - run /usr/sbin/config MYKERNEL
        x build kernel
          - cd ../../MYKERNEL
          - make depend
          - make
          - make install
      x use packet fiters (firewall):
        x read http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html
        x some options at the kernel have to be enabled:
          - options IPFIREWALL
           Compiles into the kernel the code for packet filtering.
          - options IPFIREWALL_VERBOSE
           Enables code to allow logging of packets through syslogd.
           Without this option, even if you specify that packets should be logged in the filter rules, 
           nothing will happen.
          - options IPFIREWALL_VERBOSE_LIMIT=10
           Limits the number of packets logged through syslogd on a per entry basis.
           You may wish to use this option in hostile environments in which you want to log firewall activity,
           but do not want to be open to a denial of service attack via syslog flooding.
           When a chain entry reaches the packet limit specified, logging is turned off for that particular entry.
           To resume logging, you will need to reset the associated counter using the ipfw(8) utility:
                  :# ipfw zero 4500
           Where 4500 is the chain entry you wish to continue logging.
          - options IPFIREWALL_DEFAULT_TO_ACCEPT
           This changes the default rule action from ``deny'' to ``allow''.
           This avoids the possibility of locking yourself out if you happen to boot a kernel with IPFIREWALL support but have not configured your firewall yet.
           It is also very useful if you often use ipfw(8) as a filter for specific problems as they arise.
           Use with care though, as this opens up the firewall and changes the way it works.
        x firewall is enabled at /etc/rc.conf (or /etc/rc.conf.local)
             firewall_enabled = "YES"
             firewall_type = "{firewall_type}"
          x where {firewall_type} is either a case at /etc/rc.firewall (/etc/rc.firewall6 for ipv6)
             or some custom file to read rules from.
          x  Use firewall_type = "OPEN" for default policy 'OPEN' (allow all)


  - Linux & Wireless Lan:
    x install modules:
      x prims2 chipset based:
        - if debian kernel-image is used
           :#apt-get install linux-wlan-ng-modules-{your_arch}
        - if not, cd to some temp dir and
           :#apt-get source linux-wlan-ng   or wget sources manually if other dist is used
           :#cd linux-wlan-ng-{version}
           :#./Configure
           :#make all install
    x configure at debian:
      x add SSID to dev at /etc/wlan/wlan.conf e.g.:
         SSID_wlan0="WGATEWAY"
         ENABLE_wlan0=y
      x create and edit cutom config related to SSID
        :#cp /etc/wlan/wlancfg-DEFAULT /etc/wlan/wlancfg-WGATEWAY
        :#nano /etc/wlan/wlancfg-WGATEWAY
    x notes!:
       - prism2-based USB devices mostly needs hardware reset to get changes work!
         this is caused of the firmware and could only be solved by a firmware-upgrade
         of the vendor responsible for these devices.
    o get WEP really work at heterogen enviroments(eg. between Win and Linux)
    o WEP is unsecure! (see http://wepcrack.sourceforge.net/)
      o use IPSEC
      o or some other ideas?

  - Linux & Bluetooth
  
    With some tweaking bluetooth works as expected.
    You will need the above mentioned patch patch-2.4.20-mh6 to have full functionality with 2.4.20. Then add

      deb http://bluez.sourceforge.net/download/debian/woody/ ./
      deb-src http://bluez.sourceforge.net/download/debian/woody/ ./

    to your /etc/apt/sources.list for woody and install at least the packages "bluez-bluefw" 
    for loading the firmware into the usb bluetooth device. You will need "bluez-utils" for hci and rfcomm communications.
    You need to add this line

      bluefw 0x0003 0x044e 0x3001 0x0000 0x0000 0x00 0x00 0x00 0x00 0x00 0x00 0x00000000

    to your /etc/hotplug/usb/bluefw.usermap to let the bluefw automatically load the appropriate firmware
    into your dongle once it shows up.

    I am using bluetooth with a Siemens S55, but e.g. Nokia 6310i goeas the same way.
    For an initial pairing you will need a pin in /etc/bluetooth/pin which at least needs to have 5 digits which is documented near nowhere.
    Once you do the pairing (Entered pin on the X requester popping up and on the cellphone) you can set your phone to not "Ask on connection".
    Afterwards i put the rfcomm config into the /etc/bluetooth/rfcomm.conf

    rfcomm0 {
            device 00:02:EE:B8:50:C5;
            channel 1;
            comment "S55 Dialup connection";
    }

    rfcomm1 {
            device 00:02:EE:B8:50:C5;
            channel 9;
            comment "S55 OBEX";
    }

    For dialing out via ppp you now can use /dev/rfcomm0 which should lead to your phone asking you to accept the connection.
    For debugging you can use these commands:

    :~$ sudo hcitool scan
    Scanning ...
        00:02:EE:B8:50:C5       6310i.rfc822
    :~$ sudo hcitool info 00:02:EE:B8:50:C5
    Requesting information ...
        BD Address:  00:02:EE:B8:50:C5
        Device Name: 6310i.rfc822
        LMP Version: 1.1 (0x1) LMP Subversion: 0x22c
        Manufacturer: Nokia Mobile Phones (1)
        Features: 0xbf 0x28 0x21 0x00
                <3-slot packets> <5-slot packets> <encryption> <slot offset>
                <timing accuracy> <role switch> <sniff mode> <SCO link>
                <HV3 packets> <CVSD>
    :~$ sudo sdptool browse
    Inquiring ...
    Browsing 00:02:EE:B8:50:C5 ...
    Service Name: Fax
    Service RecHandle: 0x10000
    Service Class ID List:
      "Fax" (0x1111)
      "Generic Telephony" (0x1204)
    Protocol Descriptor List:
      "L2CAP" (0x0100)
      "RFCOMM" (0x0003)
        Channel: 2
    Language Base Attr List:
      code_ISO639: 0x656e
      encoding:    0x6a
      base_offset: 0x100
    Profile Descriptor List:
      "Fax" (0x1111)
        Version: 0x0100

Service Name: OBEX Object Push
Service RecHandle: 0x10001
Service Class ID List:
  "OBEX Object Push" (0x1105)
Protocol Descriptor List:
  "L2CAP" (0x0100)
  "RFCOMM" (0x0003)
    Channel: 9
  "OBEX" (0x0008)
Language Base Attr List:
  code_ISO639: 0x656e
  encoding:    0x6a
  base_offset: 0x100
Profile Descriptor List:
  "OBEX Object Push" (0x1105)
    Version: 0x0100

Service Name: Audio Gateway
Service RecHandle: 0x10002
Service Class ID List:
  "Headset Audio Gateway" (0x1112)
  "Generic Audio" (0x1203)
Protocol Descriptor List:
  "L2CAP" (0x0100)
  "RFCOMM" (0x0003)
    Channel: 12
Language Base Attr List:
  code_ISO639: 0x656e
  encoding:    0x6a
  base_offset: 0x100
Profile Descriptor List:
  "Headset" (0x1108)
    Version: 0x0100

Service Name: COM 1
Service RecHandle: 0x10003
Service Class ID List:
  "Serial Port" (0x1101)
Protocol Descriptor List:
  "L2CAP" (0x0100)
  "RFCOMM" (0x0003)
    Channel: 3
Language Base Attr List:
  code_ISO639: 0x656e
  encoding:    0x6a
  base_offset: 0x100

Service Name: Voice Gateway
Service RecHandle: 0x10004
Service Class ID List:
  "" (0x111f)
  "Generic Audio" (0x1203)
Protocol Descriptor List:
  "L2CAP" (0x0100)
  "RFCOMM" (0x0003)
    Channel: 13
Language Base Attr List:
  code_ISO639: 0x656e
  encoding:    0x6a
  base_offset: 0x100
Profile Descriptor List:
  "" (0x111e)
    Version: 0x0100

Service Name: Dial-up networking
Service RecHandle: 0x10009
Service Class ID List:
  "Dialup Networking" (0x1103)
  "Generic Networking" (0x1201)
Protocol Descriptor List:
  "L2CAP" (0x0100)
  "RFCOMM" (0x0003)
    Channel: 1
Language Base Attr List:
  code_ISO639: 0x656e
  encoding:    0x6a
  base_offset: 0x100
Profile Descriptor List:
  "Dialup Networking" (0x1103)
    Version: 0x0100

    - Hardware Notes:
      x Broadcom 2033 chipset (tested with an ALLNET 7031 Class1 USB Adapter)
        - Make sure you have bluefw and hotplug installed, then everything works fine right out of the box.
         x on debian using default or for newer packages above sources:
           :#apt-get install bluez-bluefw
        - DO NOT enable the bluetooth.o module to avoid it being loaded by hotplug!!
         x this can be done by adding  'bluetooth' to '/etc/hotplug/blacklist'

           The Bluetooth device in this laptop is a USB Bluetooth device.
           By default, Linux provides two different device drivers for USB Bluetooth devices: bluetooth.o and hci_usb.o.
           The hci_usb.o is the correct driver for this device. Both drivers are loaded when the Bluetooth button is pushed
           but unfortunately bluetooth.o obtains the device first, not allowing hci_usb.o to use the device.
           In order for the Bluetooth device to be function, the bluetooth.o driver must not load. 
           One way to stop the bluetooth.o driver from loading is to remove the driver from the system. This is accomplished by doing:

           :#rm /lib/modules/2.4.18-14/kernel/drivers/usb/bluetooth.o
           :#depmod -a 

           Now, if inserting th usb device only the hci_usb.o should be loaded.

  - ACPI
    x get suspend work
      - compile kernel with 'Software Suspend Support'
      - some interesting post:
       from http://lists.debian.org/debian-laptop/2002/debian-laptop-200208/msg00349.html 
      #------- begin post -----------------------
      From: "Bem Ajani Jones-Bey" <ajani@OCF.Berkeley.EDU>
      > On Fri, Aug 23, 2002 at 01:14:06PM +0200, Erich Schubert wrote:
      > > Well, S1 is sleep mode, so your BIOS claims to not support sleep mode!
      > > Try getting a bios update, that might help.
      > > S5 is poweroff... S3 or S4 are suspend levels i think... one might be
      > > power-off, maybe that was S3...
      S4 is suspend-to-disk, S3 is suspend-to-RAM.
      > So, last I checked, Linux ACPI didn't support suspend to memory or
      > suspend to disk; the software suspend patch is the only way to get an
      > ACPI laptop to do anything resembling sleeping. I was also under the
      > impression that this wasn't going to work for awhile; at least until
      > 2.6. I admit I haven't looked at ACPI in a couple months, but last time
      > I looked, they were projecting that suspend./sleep wouldn't happen any
      > time soon.
      Last I checked, ACPI does suspend to memory or disk, using swsusp.  It's
      even all integrated into the 2.5 kernels (though the CONFIG_SWSUSP option is
      buried in the kernel hacking section rather than ACPI). If you don't want to
      run an experimental kernel, then you can patch 2.4.x from the acpi.sf.net site.
      #-------- end post -------------------------------


  - Backup:
    x bacula (http://www.bacula.org)
       Bacula is a set of computer programs that permit you (or the system administrator) to manage backup, 
       recovery, and verification of computer data across a network of computers of different kinds. 
       In technical terms, it is a network client/server based backup program. 
       Bacula is relatively easy to use and efficient, while offering many advanced storage management features 
       that make it easy to find and recover lost or damaged files.
       Bacula source code has been released under the GPL version 2 license.
      x created debian package, cause we can't found any other
        x wrote some notes about how to build an debian binary package
            http://www.netfrag.org/~jonen/computing/docs/build_bacula_deb.html
        o create 'postinst' and 'prerm' scripts for saving configs on update, etc.
      x tested network backup with Director, Storage Daemon and File Daemon(Client)
         at different hosts, works great!
      x tested backup to FileStorage, instead of using tapes drives
         (if someone would like to sponsor some tape drive, you're more than welcome!)
       notes:
        x remember to use different 'LabelFormat' filename at each pool !
        x use compression at 'FileSet' definition, where GZIP is equal to GZIP6, means compression-level 6 (1-9)
         example:
           # ====== snip FileSet ============
           FileSet {
             Name = "Full Set"
             Include = signature=MD5 compression=GZIP { 
             /home
             }
            Exclude = { *.o }
          }
           # ====== snip FileSet ============
         

  - QoS (Quality of Services)
    o check it out !

  - Apache/php:
    - apache aliases - redirect '/' to index.php (used for url catching/rewriting)

  - PHP:
    x search for php widget lib
     x APL (http://apl.sourceforge.net) 
       - huge lib in pure C
     x phphtmllib (http://phphtmllib.newsblob.com)
         a mainly widget/render lib, written in php, complete OO-based
         and with nice DataList rendering (abstract source API)
       x integrated with flib
       x wrote some classes to browse data-objects via class DataList (new classes flibRPCDataSource, ObjectList, TsBackend)
         o rename flibRPCDataSource (maybe rework to get more abstract)
         o review ObjectList amd move it to phphhtmllib
       x semi-integraded with class FormBuilder from binarycloud via interface class FormElementsInterface
         x new class DataItem, which render one data object for viewing/editing
       x integrated new FormProcessing classes from phphtmllib (released one day after interface to binaryclouds Formbuilder was written ;)
         x refactored DataItem to use now phphtmllib form processing instead of interface to binarycload
           o review code and move to phphtmllib
     o XOOPS (http://xoops.org)
         XOOPS is a dynamic OO (Object Oriented) based open source portal script written in PHP.
         It is the ideal tool for developing small to large dynamic community websites, intra company portals, 
         corporate portals, weblogs and much more.
     o binarycloud (http://binarycloud.com)
         binarycloud is an enterprise class web application platform. binarycloud shares many of the capabilities of products 
         like Oracle 9i AS (Application Server) and IBM's WebSphere:
         Proper definition of a framework: "A framework supplies the infrastructure and mechanisms that execute a policy for 
         interaction between abstract components with open implementations" 
        - benefits:
            x much code done yet!
        - drawbacks: 
             o not-really 100% clean code
             o complex app which gives you only limited possibilities to use only some classes, so not very modular
   

  - OpenLDAP:
    - Contacts:
      o Evolution: modify/create schema (map Attribute) so the field 'Note' and others can be used

    - PAM + SASL
      o seems pam will only works(will only be activated) if plain passwords are used
      o read more about PAM special in co-operate with SASL !! 

    - Kerberos V
      x use GQ LdapBrowser with SASL to authenticate against ldap
         - this requires a 'kinit <username>' at the shell to get the kerberos ticket
         - ldap will check your ticket pricipial against its acl's !
      o 'libpam-ldap' from Turbo is bad, don't use it !! (remember at 'apt-get upgrade' !!)
      o write this down in some (existing e.g. sendmail?) howto

    - Sendmail
      o research some about sendmail-cluster, 2 mx records, howto to set up second mx/cluster?
       x backup mx:
          - set up second mx at dns
          - add at backup mx place some like this at /etx/mail/mailtertable:
               domain.com     esmtp:[123.123.123.123]
             where the ip points to the system the real user accounts
            and add every domain to /etc/mail/relay-domains:
               domain.com
             o whats about these *open* relaying rules(security ?!?)
       x simple load balancing:
          - set up two(or more) mx records with same priority at dns
          - add at every mx place some like this at /etx/mail/mailtertable:
               domain.com     esmtp:[123.123.123.123]
             where the ip points to the system the real user accounts are
          note: this will do load balancing between eg 2 mail server, but if one fails,
                   there is only a 50% chance that sent messages would arrive
      o change '/etc/init.d/amavisd' to '/etc/init.d/amavis-milter' in howto
      o migrationtools:
        o patch migrationtools for sendmail aliases support (/usr/share/migrationtools/migrate_aliases.pl)
        o create, or search web for, migrationtool for sendmail virtusertable (/usr/share/migrationtools/migrate_virtuser.pl)
        o review patched kerberosV support at /usr/share/migrationtools/migrate_user.pl?
  

  - MySQL:
    o move this to mysql-common-tasks howto
       - Create Database
         :# mysqladmin create <database>
       - Set Privileges on databases(creates user too, if not exists...):
           mysql>grant all on {database}.* to {user} identified by "{pass}";
           mysql>grant all on {database}.* to {user}@{domain} identified by "{pass}";


  - Document saving:
    o remember *.doc is a non-standard, bloated Mircosoft format, use HTML instead !!
       see http://www.fsf.org/philosophy/no-word-attachments.html

  - my documents:
    o convert all howto's to SDF format ( look at 'nfo/doc/computing/sysadmin/linux/example_sdf_howto.sdf' )
    o learn more about Lyx/LaTex
      o convert all howto's to LaTex format ( look at 'nfo/doc/computing/sysadmin/linux/example_latex_howto.lyx' )


  - news.netfrag.org:
    o create remote functions to implement e.g.:
      o a mozilla button for creating new newsgroups


future:
  o build 'black box' to trace for 'spys' at a isdn/internet connection ;)

<hr/>
$Id: notes_2003-02.twingle,v 1.7 2003/03/13 22:42:31 jonen Exp $
     
1	jonen	1.1	<hr/>
2
3			- Unix-Systems
4			o learn howto move/maintain /etc of servers at cvs !!
5			Debian:
6			x search if new packages available, do 'apt-get --dry-run upgrade'!
7			x build small systool script 'apt-get_remote.pl' which do a cronly 'apt-get --dry-run upgrade' and send output via mail
8			o review 'apt-get_remote.pl'
9			o what's about parsing some response for comand like installing some marked packages
10			FreeBSD(stable):
11			o read more about BSD package systems (pkg, cvsup)
12			x for simple package installation/de-installation use pkg
13			x install downloaded package:
14	jonen	1.3	:# pkg_add {package}-{version}.tgz
15	jonen	1.1	x install package via remote server(only if package is available as latest):
16	jonen	1.3	pkg_add -r {package}.tgz
17	jonen	1.1	x using cvsup
18	jonen	1.3	x read http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html
19			x newbies could use cvsupit:
20	jonen	1.1	:# pkg_add -r cvsupit.tgz
21			- cvsupit will proberly ask you for the default values it
22			place at /etc/cvsupfile, which is used by cvsup
23			- after that it will start cvsup to update your system
24			x if /etc/cvsupfile already exists and you know what you do,
25			this command will update your system (maybe run it via cron...):
26			:# /usr/local/bin/cvsup -g -L 2 /etc/cvsupfile
27	jonen	1.3	where '-g' tells cvsup not to use a GUI, '-L 2' sets default output level to 2
28			x for available cvs tags, look at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvs-tags.html
29	jonen	1.1	o whats about daemon start-stop scripts (like at linux: /etc/init.d/) ?
30	jonen	1.8	x some daemons (only installed ports?) start-stop-scripts are placed at '/usr/local/etc/rc.d/'
31			o how at '/etc/rc.conf' toogled start-up scripts can be run manually(e.g. /etc/rc.firewall)?
32	jonen	1.1	x configure and compile custom kernel:
33			x read http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-building.html
34			x create custom kernel conf-file
35			- cd usr/src/sys/i386/conf/
36			- copy default kenrnel GENERIC to eg MYKERNEL
37			- edit/modify MYKERNEL
38			x configure sources(really?)
39			- run /usr/sbin/config MYKERNEL
40			x build kernel
41			- cd ../../MYKERNEL
42			- make depend
43			- make
44			- make install
45			x use packet fiters (firewall):
46			x read http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html
47			x some options at the kernel have to be enabled:
48	jonen	1.2	- options IPFIREWALL
49			Compiles into the kernel the code for packet filtering.
50			- options IPFIREWALL_VERBOSE
51			Enables code to allow logging of packets through syslogd.
52			Without this option, even if you specify that packets should be logged in the filter rules,
53			nothing will happen.
54			- options IPFIREWALL_VERBOSE_LIMIT=10
55			Limits the number of packets logged through syslogd on a per entry basis.
56			You may wish to use this option in hostile environments in which you want to log firewall activity,
57			but do not want to be open to a denial of service attack via syslog flooding.
58			When a chain entry reaches the packet limit specified, logging is turned off for that particular entry.
59			To resume logging, you will need to reset the associated counter using the ipfw(8) utility:
60			:# ipfw zero 4500
61			Where 4500 is the chain entry you wish to continue logging.
62			- options IPFIREWALL_DEFAULT_TO_ACCEPT
63			This changes the default rule action from ``deny'' to ``allow''.
64			This avoids the possibility of locking yourself out if you happen to boot a kernel with IPFIREWALL support but have not configured your firewall yet.
65			It is also very useful if you often use ipfw(8) as a filter for specific problems as they arise.
66			Use with care though, as this opens up the firewall and changes the way it works.
67	jonen	1.1	x firewall is enabled at /etc/rc.conf (or /etc/rc.conf.local)
68			firewall_enabled = "YES"
69	jonen	1.3	firewall_type = "{firewall_type}"
70			x where {firewall_type} is either a case at /etc/rc.firewall (/etc/rc.firewall6 for ipv6)
71	jonen	1.1	or some custom file to read rules from.
72			x Use firewall_type = "OPEN" for default policy 'OPEN' (allow all)
73	jonen	1.6
74
75	jonen	1.8	- Linux & Wireless Lan:
76			x install modules:
77			x prims2 chipset based:
78			- if debian kernel-image is used
79			:#apt-get install linux-wlan-ng-modules-{your_arch}
80			- if not, cd to some temp dir and
81			:#apt-get source linux-wlan-ng or wget sources manually if other dist is used
82			:#cd linux-wlan-ng-{version}
83			:#./Configure
84			:#make all install
85			x configure at debian:
86			x add SSID to dev at /etc/wlan/wlan.conf e.g.:
87			SSID_wlan0="WGATEWAY"
88			ENABLE_wlan0=y
89			x create and edit cutom config related to SSID
90			:#cp /etc/wlan/wlancfg-DEFAULT /etc/wlan/wlancfg-WGATEWAY
91			:#nano /etc/wlan/wlancfg-WGATEWAY
92			x notes!:
93			- prism2-based USB devices mostly needs hardware reset to get changes work!
94			this is caused of the firmware and could only be solved by a firmware-upgrade
95			of the vendor responsible for these devices.
96			o get WEP really work at heterogen enviroments(eg. between Win and Linux)
97			o WEP is unsecure! (see http://wepcrack.sourceforge.net/)
98			o use IPSEC
99			o or some other ideas?
100
101			- Linux & Bluetooth
102
103			With some tweaking bluetooth works as expected.
104			You will need the above mentioned patch patch-2.4.20-mh6 to have full functionality with 2.4.20. Then add
105
106			deb http://bluez.sourceforge.net/download/debian/woody/ ./
107			deb-src http://bluez.sourceforge.net/download/debian/woody/ ./
108
109			to your /etc/apt/sources.list for woody and install at least the packages "bluez-bluefw"
110			for loading the firmware into the usb bluetooth device. You will need "bluez-utils" for hci and rfcomm communications.
111			You need to add this line
112
113			bluefw 0x0003 0x044e 0x3001 0x0000 0x0000 0x00 0x00 0x00 0x00 0x00 0x00 0x00000000
114
115			to your /etc/hotplug/usb/bluefw.usermap to let the bluefw automatically load the appropriate firmware
116			into your dongle once it shows up.
117
118			I am using bluetooth with a Siemens S55, but e.g. Nokia 6310i goeas the same way.
119			For an initial pairing you will need a pin in /etc/bluetooth/pin which at least needs to have 5 digits which is documented near nowhere.
120			Once you do the pairing (Entered pin on the X requester popping up and on the cellphone) you can set your phone to not "Ask on connection".
121			Afterwards i put the rfcomm config into the /etc/bluetooth/rfcomm.conf
122
123			rfcomm0 {
124			device 00:02:EE:B8:50:C5;
125			channel 1;
126			comment "S55 Dialup connection";
127			}
128
129			rfcomm1 {
130			device 00:02:EE:B8:50:C5;
131			channel 9;
132			comment "S55 OBEX";
133			}
134
135			For dialing out via ppp you now can use /dev/rfcomm0 which should lead to your phone asking you to accept the connection.
136			For debugging you can use these commands:
137
138			:~$ sudo hcitool scan
139			Scanning ...
140			00:02:EE:B8:50:C5 6310i.rfc822
141			:~$ sudo hcitool info 00:02:EE:B8:50:C5
142			Requesting information ...
143			BD Address: 00:02:EE:B8:50:C5
144			Device Name: 6310i.rfc822
145			LMP Version: 1.1 (0x1) LMP Subversion: 0x22c
146			Manufacturer: Nokia Mobile Phones (1)
147			Features: 0xbf 0x28 0x21 0x00
148			<3-slot packets> <5-slot packets> <encryption> <slot offset>
149			<timing accuracy> <role switch> <sniff mode> <SCO link>
150			<HV3 packets> <CVSD>
151			:~$ sudo sdptool browse
152			Inquiring ...
153			Browsing 00:02:EE:B8:50:C5 ...
154			Service Name: Fax
155			Service RecHandle: 0x10000
156			Service Class ID List:
157			"Fax" (0x1111)
158			"Generic Telephony" (0x1204)
159			Protocol Descriptor List:
160			"L2CAP" (0x0100)
161			"RFCOMM" (0x0003)
162			Channel: 2
163			Language Base Attr List:
164			code_ISO639: 0x656e
165			encoding: 0x6a
166			base_offset: 0x100
167			Profile Descriptor List:
168			"Fax" (0x1111)
169			Version: 0x0100
170
171			Service Name: OBEX Object Push
172			Service RecHandle: 0x10001
173			Service Class ID List:
174			"OBEX Object Push" (0x1105)
175			Protocol Descriptor List:
176			"L2CAP" (0x0100)
177			"RFCOMM" (0x0003)
178			Channel: 9
179			"OBEX" (0x0008)
180			Language Base Attr List:
181			code_ISO639: 0x656e
182			encoding: 0x6a
183			base_offset: 0x100
184			Profile Descriptor List:
185			"OBEX Object Push" (0x1105)
186			Version: 0x0100
187
188			Service Name: Audio Gateway
189			Service RecHandle: 0x10002
190			Service Class ID List:
191			"Headset Audio Gateway" (0x1112)
192			"Generic Audio" (0x1203)
193			Protocol Descriptor List:
194			"L2CAP" (0x0100)
195			"RFCOMM" (0x0003)
196			Channel: 12
197			Language Base Attr List:
198			code_ISO639: 0x656e
199			encoding: 0x6a
200			base_offset: 0x100
201			Profile Descriptor List:
202			"Headset" (0x1108)
203			Version: 0x0100
204
205			Service Name: COM 1
206			Service RecHandle: 0x10003
207			Service Class ID List:
208			"Serial Port" (0x1101)
209			Protocol Descriptor List:
210			"L2CAP" (0x0100)
211			"RFCOMM" (0x0003)
212			Channel: 3
213			Language Base Attr List:
214			code_ISO639: 0x656e
215			encoding: 0x6a
216			base_offset: 0x100
217
218			Service Name: Voice Gateway
219			Service RecHandle: 0x10004
220			Service Class ID List:
221			"" (0x111f)
222			"Generic Audio" (0x1203)
223			Protocol Descriptor List:
224			"L2CAP" (0x0100)
225			"RFCOMM" (0x0003)
226			Channel: 13
227			Language Base Attr List:
228			code_ISO639: 0x656e
229			encoding: 0x6a
230			base_offset: 0x100
231			Profile Descriptor List:
232			"" (0x111e)
233			Version: 0x0100
234
235			Service Name: Dial-up networking
236			Service RecHandle: 0x10009
237			Service Class ID List:
238			"Dialup Networking" (0x1103)
239			"Generic Networking" (0x1201)
240			Protocol Descriptor List:
241			"L2CAP" (0x0100)
242			"RFCOMM" (0x0003)
243			Channel: 1
244			Language Base Attr List:
245			code_ISO639: 0x656e
246			encoding: 0x6a
247			base_offset: 0x100
248			Profile Descriptor List:
249			"Dialup Networking" (0x1103)
250			Version: 0x0100
251
252			- Hardware Notes:
253			x Broadcom 2033 chipset (tested with an ALLNET 7031 Class1 USB Adapter)
254			- Make sure you have bluefw and hotplug installed, then everything works fine right out of the box.
255			x on debian using default or for newer packages above sources:
256			:#apt-get install bluez-bluefw
257			- DO NOT enable the bluetooth.o module to avoid it being loaded by hotplug!!
258			x this can be done by adding 'bluetooth' to '/etc/hotplug/blacklist'
259
260			The Bluetooth device in this laptop is a USB Bluetooth device.
261			By default, Linux provides two different device drivers for USB Bluetooth devices: bluetooth.o and hci_usb.o.
262			The hci_usb.o is the correct driver for this device. Both drivers are loaded when the Bluetooth button is pushed
263			but unfortunately bluetooth.o obtains the device first, not allowing hci_usb.o to use the device.
264			In order for the Bluetooth device to be function, the bluetooth.o driver must not load.
265			One way to stop the bluetooth.o driver from loading is to remove the driver from the system. This is accomplished by doing:
266
267			:#rm /lib/modules/2.4.18-14/kernel/drivers/usb/bluetooth.o
268			:#depmod -a
269
270			Now, if inserting th usb device only the hci_usb.o should be loaded.
271
272			- ACPI
273			x get suspend work
274			- compile kernel with 'Software Suspend Support'
275			- some interesting post:
276			from http://lists.debian.org/debian-laptop/2002/debian-laptop-200208/msg00349.html
277			#------- begin post -----------------------
278			From: "Bem Ajani Jones-Bey" <ajani@OCF.Berkeley.EDU>
279			> On Fri, Aug 23, 2002 at 01:14:06PM +0200, Erich Schubert wrote:
280			> > Well, S1 is sleep mode, so your BIOS claims to not support sleep mode!
281			> > Try getting a bios update, that might help.
282			> > S5 is poweroff... S3 or S4 are suspend levels i think... one might be
283			> > power-off, maybe that was S3...
284			S4 is suspend-to-disk, S3 is suspend-to-RAM.
285			> So, last I checked, Linux ACPI didn't support suspend to memory or
286			> suspend to disk; the software suspend patch is the only way to get an
287			> ACPI laptop to do anything resembling sleeping. I was also under the
288			> impression that this wasn't going to work for awhile; at least until
289			> 2.6. I admit I haven't looked at ACPI in a couple months, but last time
290			> I looked, they were projecting that suspend./sleep wouldn't happen any
291			> time soon.
292			Last I checked, ACPI does suspend to memory or disk, using swsusp. It's
293			even all integrated into the 2.5 kernels (though the CONFIG_SWSUSP option is
294			buried in the kernel hacking section rather than ACPI). If you don't want to
295			run an experimental kernel, then you can patch 2.4.x from the acpi.sf.net site.
296			#-------- end post -------------------------------
297
298
299	jonen	1.4	- Backup:
300			x bacula (http://www.bacula.org)
301	jonen	1.5	Bacula is a set of computer programs that permit you (or the system administrator) to manage backup,
302			recovery, and verification of computer data across a network of computers of different kinds.
303			In technical terms, it is a network client/server based backup program.
304			Bacula is relatively easy to use and efficient, while offering many advanced storage management features
305			that make it easy to find and recover lost or damaged files.
306			Bacula source code has been released under the GPL version 2 license.
307	jonen	1.4	x created debian package, cause we can't found any other
308	jonen	1.6	x wrote some notes about how to build an debian binary package
309	jonen	1.7	http://www.netfrag.org/~jonen/computing/docs/build_bacula_deb.html
310	jonen	1.4	o create 'postinst' and 'prerm' scripts for saving configs on update, etc.
311			x tested network backup with Director, Storage Daemon and File Daemon(Client)
312			at different hosts, works great!
313			x tested backup to FileStorage, instead of using tapes drives
314			(if someone would like to sponsor some tape drive, you're more than welcome!)
315			notes:
316			x remember to use different 'LabelFormat' filename at each pool !
317			x use compression at 'FileSet' definition, where GZIP is equal to GZIP6, means compression-level 6 (1-9)
318			example:
319			# ====== snip FileSet ============
320			FileSet {
321			Name = "Full Set"
322			Include = signature=MD5 compression=GZIP {
323			/home
324			}
325			Exclude = { *.o }
326			}
327			# ====== snip FileSet ============
328
329	jonen	1.1
330			- QoS (Quality of Services)
331			o check it out !
332
333			- Apache/php:
334			- apache aliases - redirect '/' to index.php (used for url catching/rewriting)
335
336			- PHP:
337			x search for php widget lib
338			x APL (http://apl.sourceforge.net)
339			- huge lib in pure C
340			x phphtmllib (http://phphtmllib.newsblob.com)
341			a mainly widget/render lib, written in php, complete OO-based
342			and with nice DataList rendering (abstract source API)
343			x integrated with flib
344			x wrote some classes to browse data-objects via class DataList (new classes flibRPCDataSource, ObjectList, TsBackend)
345			o rename flibRPCDataSource (maybe rework to get more abstract)
346			o review ObjectList amd move it to phphhtmllib
347			x semi-integraded with class FormBuilder from binarycloud via interface class FormElementsInterface
348			x new class DataItem, which render one data object for viewing/editing
349			x integrated new FormProcessing classes from phphtmllib (released one day after interface to binaryclouds Formbuilder was written ;)
350			x refactored DataItem to use now phphtmllib form processing instead of interface to binarycload
351			o review code and move to phphtmllib
352			o XOOPS (http://xoops.org)
353			XOOPS is a dynamic OO (Object Oriented) based open source portal script written in PHP.
354			It is the ideal tool for developing small to large dynamic community websites, intra company portals,
355			corporate portals, weblogs and much more.
356			o binarycloud (http://binarycloud.com)
357			binarycloud is an enterprise class web application platform. binarycloud shares many of the capabilities of products
358			like Oracle 9i AS (Application Server) and IBM's WebSphere:
359			Proper definition of a framework: "A framework supplies the infrastructure and mechanisms that execute a policy for
360			interaction between abstract components with open implementations"
361			- benefits:
362			x much code done yet!
363			- drawbacks:
364			o not-really 100% clean code
365			o complex app which gives you only limited possibilities to use only some classes, so not very modular
366
367
368			- OpenLDAP:
369			- Contacts:
370			o Evolution: modify/create schema (map Attribute) so the field 'Note' and others can be used
371
372			- PAM + SASL
373			o seems pam will only works(will only be activated) if plain passwords are used
374			o read more about PAM special in co-operate with SASL !!
375
376			- Kerberos V
377			x use GQ LdapBrowser with SASL to authenticate against ldap
378			- this requires a 'kinit <username>' at the shell to get the kerberos ticket
379			- ldap will check your ticket pricipial against its acl's !
380			o 'libpam-ldap' from Turbo is bad, don't use it !! (remember at 'apt-get upgrade' !!)
381			o write this down in some (existing e.g. sendmail?) howto
382	jonen	1.4
383	jonen	1.1	- Sendmail
384			o research some about sendmail-cluster, 2 mx records, howto to set up second mx/cluster?
385			x backup mx:
386			- set up second mx at dns
387			- add at backup mx place some like this at /etx/mail/mailtertable:
388			domain.com esmtp:[123.123.123.123]
389			where the ip points to the system the real user accounts
390			and add every domain to /etc/mail/relay-domains:
391			domain.com
392			o whats about these open relaying rules(security ?!?)
393			x simple load balancing:
394			- set up two(or more) mx records with same priority at dns
395			- add at every mx place some like this at /etx/mail/mailtertable:
396			domain.com esmtp:[123.123.123.123]
397			where the ip points to the system the real user accounts are
398			note: this will do load balancing between eg 2 mail server, but if one fails,
399			there is only a 50% chance that sent messages would arrive
400			o change '/etc/init.d/amavisd' to '/etc/init.d/amavis-milter' in howto
401			o migrationtools:
402			o patch migrationtools for sendmail aliases support (/usr/share/migrationtools/migrate_aliases.pl)
403			o create, or search web for, migrationtool for sendmail virtusertable (/usr/share/migrationtools/migrate_virtuser.pl)
404			o review patched kerberosV support at /usr/share/migrationtools/migrate_user.pl?
405
406
407			- MySQL:
408			o move this to mysql-common-tasks howto
409			- Create Database
410			:# mysqladmin create <database>
411			- Set Privileges on databases(creates user too, if not exists...):
412	jonen	1.3	mysql>grant all on {database}.* to {user} identified by "{pass}";
413			mysql>grant all on {database}.* to {user}@{domain} identified by "{pass}";
414	jonen	1.1
415
416			- Document saving:
417			o remember *.doc is a non-standard, bloated Mircosoft format, use HTML instead !!
418			see http://www.fsf.org/philosophy/no-word-attachments.html
419
420			- my documents:
421			o convert all howto's to SDF format ( look at 'nfo/doc/computing/sysadmin/linux/example_sdf_howto.sdf' )
422			o learn more about Lyx/LaTex
423			o convert all howto's to LaTex format ( look at 'nfo/doc/computing/sysadmin/linux/example_latex_howto.lyx' )
424
425
426	jonen	1.8	- news.netfrag.org:
427			o create remote functions to implement e.g.:
428			o a mozilla button for creating new newsgroups
429	jonen	1.1
430
431			future:
432			o build 'black box' to trace for 'spys' at a isdn/internet connection ;)
433
434			<hr/>
435	jonen	1.8	$Id: notes_2003-02.twingle,v 1.7 2003/03/13 22:42:31 jonen Exp $
436	jonen	1.1
MailToCvsAdmin">MailToCvsAdmin	ViewVC Help
Powered by ViewVC 1.1.26