|
<h3>jonen's notes - 2003-02</h3> |
|
| 1 |
<hr/> |
<hr/> |
| 2 |
|
|
| 3 |
- Unix-Systems |
- Unix-Systems |
| 7 |
x build small systool script 'apt-get_remote.pl' which do a cronly 'apt-get --dry-run upgrade' and send output via mail |
x build small systool script 'apt-get_remote.pl' which do a cronly 'apt-get --dry-run upgrade' and send output via mail |
| 8 |
o review 'apt-get_remote.pl' |
o review 'apt-get_remote.pl' |
| 9 |
o what's about parsing some response for comand like installing some marked packages |
o what's about parsing some response for comand like installing some marked packages |
| 10 |
FreeBSD(stable): |
|
|
o read more about BSD package systems (pkg, cvsup) |
|
|
x for simple package installation/de-installation use pkg |
|
|
x install downloaded package: |
|
|
:# pkg_add <package>-<version>.tgz |
|
|
x install package via remote server(only if package is available as *latest*): |
|
|
pkg_add -r <package>.tgz |
|
|
x using cvsup |
|
|
x newbies could use cvsupit (not what it really does..) |
|
|
:# pkg_add -r cvsupit.tgz |
|
|
- cvsupit will proberly ask you for the default values it |
|
|
place at /etc/cvsupfile, which is used by cvsup |
|
|
- after that it will start cvsup to update your system |
|
|
x if /etc/cvsupfile already exists and you know what you do, |
|
|
this command will update your system (maybe run it via cron...): |
|
|
:# /usr/local/bin/cvsup -g -L 2 /etc/cvsupfile |
|
|
o whats about daemon start-stop scripts (like at linux: /etc/init.d/) ? |
|
|
x configure and compile custom kernel: |
|
|
x read http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-building.html |
|
|
x create custom kernel conf-file |
|
|
- cd usr/src/sys/i386/conf/ |
|
|
- copy default kenrnel GENERIC to eg MYKERNEL |
|
|
- edit/modify MYKERNEL |
|
|
x configure sources(really?) |
|
|
- run /usr/sbin/config MYKERNEL |
|
|
x build kernel |
|
|
- cd ../../MYKERNEL |
|
|
- make depend |
|
|
- make |
|
|
- make install |
|
|
x use packet fiters (firewall): |
|
|
x read http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html |
|
|
x some options at the kernel have to be enabled: |
|
|
- options IPFIREWALL |
|
|
Compiles into the kernel the code for packet filtering. |
|
|
- options IPFIREWALL_VERBOSE |
|
|
Enables code to allow logging of packets through syslogd. |
|
|
Without this option, even if you specify that packets should be logged in the filter rules, |
|
|
nothing will happen. |
|
|
- options IPFIREWALL_VERBOSE_LIMIT=10 |
|
|
Limits the number of packets logged through syslogd on a per entry basis. |
|
|
You may wish to use this option in hostile environments in which you want to log firewall activity, |
|
|
but do not want to be open to a denial of service attack via syslog flooding. |
|
|
When a chain entry reaches the packet limit specified, logging is turned off for that particular entry. |
|
|
To resume logging, you will need to reset the associated counter using the ipfw(8) utility: |
|
|
:# ipfw zero 4500 |
|
|
Where 4500 is the chain entry you wish to continue logging. |
|
|
- options IPFIREWALL_DEFAULT_TO_ACCEPT |
|
|
This changes the default rule action from ``deny'' to ``allow''. |
|
|
This avoids the possibility of locking yourself out if you happen to boot a kernel with IPFIREWALL support but have not configured your firewall yet. |
|
|
It is also very useful if you often use ipfw(8) as a filter for specific problems as they arise. |
|
|
Use with care though, as this opens up the firewall and changes the way it works. |
|
|
x firewall is enabled at /etc/rc.conf (or /etc/rc.conf.local) |
|
|
firewall_enabled = "YES" |
|
|
firewall_type = "<firewall_type>" |
|
|
x <firewall_type> is either a case at /etc/rc.firewall (/etc/rc.firewall6 for ipv6) |
|
|
or some custom file to read rules from. |
|
|
x Use firewall_type = "OPEN" for default policy 'OPEN' (allow all) |
|
|
|
|
|
|
|
| 11 |
|
|
| 12 |
- QoS (Quality of Services) |
- QoS (Quality of Services) |
| 13 |
o check it out ! |
o check it out ! |
| 31 |
x integrated new FormProcessing classes from phphtmllib (released one day after interface to binaryclouds Formbuilder was written ;) |
x integrated new FormProcessing classes from phphtmllib (released one day after interface to binaryclouds Formbuilder was written ;) |
| 32 |
x refactored DataItem to use now phphtmllib form processing instead of interface to binarycload |
x refactored DataItem to use now phphtmllib form processing instead of interface to binarycload |
| 33 |
o review code and move to phphtmllib |
o review code and move to phphtmllib |
|
|
|
| 34 |
o XOOPS (http://xoops.org) |
o XOOPS (http://xoops.org) |
| 35 |
XOOPS is a dynamic OO (Object Oriented) based open source portal script written in PHP. |
XOOPS is a dynamic OO (Object Oriented) based open source portal script written in PHP. |
| 36 |
It is the ideal tool for developing small to large dynamic community websites, intra company portals, |
It is the ideal tool for developing small to large dynamic community websites, intra company portals, |
| 61 |
- ldap will check your ticket pricipial against its acl's ! |
- ldap will check your ticket pricipial against its acl's ! |
| 62 |
o 'libpam-ldap' from Turbo is bad, don't use it !! (remember at 'apt-get upgrade' !!) |
o 'libpam-ldap' from Turbo is bad, don't use it !! (remember at 'apt-get upgrade' !!) |
| 63 |
o write this down in some (existing e.g. sendmail?) howto |
o write this down in some (existing e.g. sendmail?) howto |
| 64 |
|
|
| 65 |
- Sendmail |
- Sendmail |
| 66 |
o research some about sendmail-cluster, 2 mx records, howto to set up second mx/cluster? |
o research some about sendmail-cluster, 2 mx records, howto to set up second mx/cluster? |
| 67 |
x backup mx: |
x backup mx: |
| 91 |
- Create Database |
- Create Database |
| 92 |
:# mysqladmin create <database> |
:# mysqladmin create <database> |
| 93 |
- Set Privileges on databases(creates user too, if not exists...): |
- Set Privileges on databases(creates user too, if not exists...): |
| 94 |
mysql>grant all on <database>.* to <user> identified by "<pass>"; |
mysql>grant all on {database}.* to {user} identified by "{pass}"; |
| 95 |
mysql>grant all on <database>.* to <user>@<domain> identified by "<pass>"; |
mysql>grant all on {database}.* to {user}@{domain} identified by "{pass}"; |
| 96 |
|
|
| 97 |
|
|
| 98 |
- Document saving: |
- Document saving: |
| 105 |
o convert all howto's to LaTex format ( look at 'nfo/doc/computing/sysadmin/linux/example_latex_howto.lyx' ) |
o convert all howto's to LaTex format ( look at 'nfo/doc/computing/sysadmin/linux/example_latex_howto.lyx' ) |
| 106 |
|
|
| 107 |
|
|
| 108 |
|
- news.netfrag.org: |
| 109 |
|
o create remote functions to implement e.g.: |
| 110 |
|
o a mozilla button for creating new newsgroups |
| 111 |
|
|
| 112 |
|
|
| 113 |
|
|
| 114 |
|
|
| 115 |
future: |
future: |
Parent Directory
| 
Revision Log
| 
Patch
