|
<h3>jonen's notes - 2003-02</h3> |
|
| 1 |
<hr/> |
<hr/> |
| 2 |
|
|
| 3 |
- Unix-Systems |
- Unix-Systems |
| 7 |
x build small systool script 'apt-get_remote.pl' which do a cronly 'apt-get --dry-run upgrade' and send output via mail |
x build small systool script 'apt-get_remote.pl' which do a cronly 'apt-get --dry-run upgrade' and send output via mail |
| 8 |
o review 'apt-get_remote.pl' |
o review 'apt-get_remote.pl' |
| 9 |
o what's about parsing some response for comand like installing some marked packages |
o what's about parsing some response for comand like installing some marked packages |
| 10 |
FreeBSD(stable): |
|
|
o read more about BSD package systems (pkg, cvsup) |
|
|
x for simple package installation/de-installation use pkg |
|
|
x install downloaded package: |
|
|
:# pkg_add {package}-{version}.tgz |
|
|
x install package via remote server(only if package is available as *latest*): |
|
|
pkg_add -r {package}.tgz |
|
|
x using cvsup |
|
|
x read http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html |
|
|
x newbies could use cvsupit: |
|
|
:# pkg_add -r cvsupit.tgz |
|
|
- cvsupit will proberly ask you for the default values it |
|
|
place at /etc/cvsupfile, which is used by cvsup |
|
|
- after that it will start cvsup to update your system |
|
|
x if /etc/cvsupfile already exists and you know what you do, |
|
|
this command will update your system (maybe run it via cron...): |
|
|
:# /usr/local/bin/cvsup -g -L 2 /etc/cvsupfile |
|
|
where '-g' tells cvsup not to use a GUI, '-L 2' sets default output level to 2 |
|
|
x for available cvs tags, look at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvs-tags.html |
|
|
o whats about daemon start-stop scripts (like at linux: /etc/init.d/) ? |
|
|
x configure and compile custom kernel: |
|
|
x read http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-building.html |
|
|
x create custom kernel conf-file |
|
|
- cd usr/src/sys/i386/conf/ |
|
|
- copy default kenrnel GENERIC to eg MYKERNEL |
|
|
- edit/modify MYKERNEL |
|
|
x configure sources(really?) |
|
|
- run /usr/sbin/config MYKERNEL |
|
|
x build kernel |
|
|
- cd ../../MYKERNEL |
|
|
- make depend |
|
|
- make |
|
|
- make install |
|
|
x use packet fiters (firewall): |
|
|
x read http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html |
|
|
x some options at the kernel have to be enabled: |
|
|
- options IPFIREWALL |
|
|
Compiles into the kernel the code for packet filtering. |
|
|
- options IPFIREWALL_VERBOSE |
|
|
Enables code to allow logging of packets through syslogd. |
|
|
Without this option, even if you specify that packets should be logged in the filter rules, |
|
|
nothing will happen. |
|
|
- options IPFIREWALL_VERBOSE_LIMIT=10 |
|
|
Limits the number of packets logged through syslogd on a per entry basis. |
|
|
You may wish to use this option in hostile environments in which you want to log firewall activity, |
|
|
but do not want to be open to a denial of service attack via syslog flooding. |
|
|
When a chain entry reaches the packet limit specified, logging is turned off for that particular entry. |
|
|
To resume logging, you will need to reset the associated counter using the ipfw(8) utility: |
|
|
:# ipfw zero 4500 |
|
|
Where 4500 is the chain entry you wish to continue logging. |
|
|
- options IPFIREWALL_DEFAULT_TO_ACCEPT |
|
|
This changes the default rule action from ``deny'' to ``allow''. |
|
|
This avoids the possibility of locking yourself out if you happen to boot a kernel with IPFIREWALL support but have not configured your firewall yet. |
|
|
It is also very useful if you often use ipfw(8) as a filter for specific problems as they arise. |
|
|
Use with care though, as this opens up the firewall and changes the way it works. |
|
|
x firewall is enabled at /etc/rc.conf (or /etc/rc.conf.local) |
|
|
firewall_enabled = "YES" |
|
|
firewall_type = "{firewall_type}" |
|
|
x where {firewall_type} is either a case at /etc/rc.firewall (/etc/rc.firewall6 for ipv6) |
|
|
or some custom file to read rules from. |
|
|
x Use firewall_type = "OPEN" for default policy 'OPEN' (allow all) |
|
|
|
|
|
|
|
|
- Backup: |
|
|
x bacula (http://www.bacula.org) |
|
|
Bacula is a set of computer programs that permit you (or the system administrator) to manage backup, |
|
|
recovery, and verification of computer data across a network of computers of different kinds. |
|
|
In technical terms, it is a network client/server based backup program. |
|
|
Bacula is relatively easy to use and efficient, while offering many advanced storage management features |
|
|
that make it easy to find and recover lost or damaged files. |
|
|
Bacula source code has been released under the GPL version 2 license. |
|
|
x created debian package, cause we can't found any other |
|
|
x wrote some notes about how to build an debian binary package |
|
|
http://www.netfrag.org/~jonen/computing/notes/build_bacula_deb.html |
|
|
o create 'postinst' and 'prerm' scripts for saving configs on update, etc. |
|
|
x tested network backup with Director, Storage Daemon and File Daemon(Client) |
|
|
at different hosts, works great! |
|
|
x tested backup to FileStorage, instead of using tapes drives |
|
|
(if someone would like to sponsor some tape drive, you're more than welcome!) |
|
|
notes: |
|
|
x remember to use different 'LabelFormat' filename at each pool ! |
|
|
x use compression at 'FileSet' definition, where GZIP is equal to GZIP6, means compression-level 6 (1-9) |
|
|
example: |
|
|
# ====== snip FileSet ============ |
|
|
FileSet { |
|
|
Name = "Full Set" |
|
|
Include = signature=MD5 compression=GZIP { |
|
|
/home |
|
|
} |
|
|
Exclude = { *.o } |
|
|
} |
|
|
# ====== snip FileSet ============ |
|
|
|
|
| 11 |
|
|
| 12 |
- QoS (Quality of Services) |
- QoS (Quality of Services) |
| 13 |
o check it out ! |
o check it out ! |
| 105 |
o convert all howto's to LaTex format ( look at 'nfo/doc/computing/sysadmin/linux/example_latex_howto.lyx' ) |
o convert all howto's to LaTex format ( look at 'nfo/doc/computing/sysadmin/linux/example_latex_howto.lyx' ) |
| 106 |
|
|
| 107 |
|
|
| 108 |
|
- news.netfrag.org: |
| 109 |
|
o create remote functions to implement e.g.: |
| 110 |
|
o a mozilla button for creating new newsgroups |
| 111 |
|
|
| 112 |
|
|
| 113 |
|
|
| 114 |
|
|
| 115 |
future: |
future: |
Parent Directory
| 
Revision Log
| 
Patch
