New Beowulf Cluster at EDF (200 Tflops) Based on Debian 6.0 Squeeze

View the original article here

Using Version Control For Your /etc Directory With etckeeper And Bazaar On Debian Squeeze

This tutorial explains how you can store the contents of your /etc directory in a version control system (VCS) with the help of etckeeper on Debian Squeeze. etckeeper hooks into Debian's package manager apt so that whenever you install/remove a package with apt, etckeeper will commit all changes to the /etc directory to your VCS; it also tracks file metadata such as permissions which is important for files such as /etc/shadow. Using etckeeper, you can go back to a previous version of /etc if an update has overwritten valuable configuration files. Not only will etckeeper track apt's changes to /etc, it will also do a daily auto-commit so that your manual changes go to VCS as well; in addition to that, you can do commits at any time manually.

Comments (0)
You must be logged in to post a comment. Please register if you do not have an account yet.

View the original article here

Debian Squeeze, Squid, Kerberos/LDAP Authentication, Active Directory Integration And Cyfin Reporter

This document covers setup of a Squid Proxy which will seamlessly integrate with Active Directory for authentication using Kerberos with LDAP as a backup for users not authenticated via Kerberos. Authorisation is managed by Groups in Active Directory. This...

This document covers setup of a Squid Proxy which will seamlessly integrate with Active Directory for authentication using Kerberos with LDAP as a backup for users not authenticated via Kerberos. Authorisation is managed by Groups in Active Directory. This is especially useful for Windows 7 clients which no longer support NTLMv2 without changing the local computer policy. It is capable of using white lists and black lists for site access and restrictions.

View the original article here

Tiny Web Proxy And Content Filtering Appliance (Version 1.2) With Debian Squeeze

This small HOWTO will show you how to set up a small virtual machine to speed up and secure your home / small enterprise web surfing network using Debian 6, Squid 3.1 and QuintoLabs Content Security 1.2 applications deployed in a VMWare Virtual Player running on Windows 7 x64 as a host operating system. This howto is targeted at novice users and may sometimes seem too thorough for more advanced gurus.

While preparing this howto I have tried several different Linux distributions to act as the base for the virtual appliance we are going to create and found out that the one easiest to deploy, having smallest memory footprint and latest packages available is Debian Linux 6. In case you disagree please adjust the instructions of this howto for your favorite distribution and mention the needed changes in comments. I will try to integrate them into the next version of the howto.

Go to http://www.debian.org/ and get the smallest ISO image of the latest version of Debian 6 32-bit. The site says the recommended version for a modern server is x64 bit but as we are trying to create a small virtual machine the 32bit will suffice for our purposes.

Start up the VMWare Virtual Player and create a new virtual machine with the following hardware parameters: name - virtual-proxy, hard disk - 8Gb. Press the "Customize the hardware" button and delete the floppy, USB controller, printer and sound card, set the amount of memory to 256Mb. Switch the network adapter from "NAT" mode into "Bridged". Point the virtual CDROM to the ISO image that you have downloaded earlier and start the virtual machine.

Follow the steps of the Debian install wizard mostly accepting the defaults. Deselect all packages in the "Software Selection" wizard step except for "SSH server" and "Standard system utilities". Configure machine hostname as "proxy" and root password as "P@ssw0rd" (without quotation marks). Now wait a little until the installation is complete and then reboot the system.

The following screenshots of the installation show most important steps of the installation process.

 

After reboot check the amount of free memory available and note that it is around 200Mb (kind of cool comparing to default CentOS 5 installation with 140Mb of free memory available after similar install).

 

The IP address of the network interface card of our freshly installed Debian server is set to DHCP. While it is possible to leave it like this it means that every time the server is restarted it may be assigned a different IP address so accessing this server later by IP address may become a little irritating. The easiest way is to set the IP address to static one. To do it we must change the file located at /etc/network/interfaces by typing the following in the terminal

# nano /etc/network/interfaces

Find the line with iface eth0 inet dhcp in the file, remove or comment it out and add the following:

# iface eth0 inet dhcpiface eth0 inet static address 192.168.1.2 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 gateway 192.168.1.1

NOTE: The provided above settings (IP addresses) are valid for my environment that connects to the ISP using the LinkSys Wireless N Broadband Router (with custom dd-wrt firmware) that has a DHCP server build in that gives out internal IP addresses from the 192.168.1.* private subnet. Your router may give other addresses so please beware :) !

One more thing left to do is adjust the DNS settings. Run the following command in the terminal and add the IP address of the DNS server that runs on router:

# nano /etc/resolv.conf

nameserver 192.168.1.1

Now restart your networking by typing #/etc/init.d/networking in the root terminal or just restarting the virtual machine. After restart confirm that the networking functions correctly by typing in the terminal (there should not be any errors in the outputs on these commands):

ping -c 3 192.168.1.1
nslookup google.com

Next small step prior to installing squid is to update the system to the latest version of packages. This will require disabling Debian repositories that refer to CDROM that we used to install the system from and enabling the online repositories.

Type the following in the root terminal #nano /etc/apt/sources.list then find and comment all lines that start with deb cdrom:. Save the file by pressing CTRL+o followed by CTRL+x and exit nano. Then perform system update by typing

# apt-get update && apt-get upgrade

in the root terminal. Wait until the system downloads all the updates.

Next we need to install the latest version of the squid proxy server. In order to do that type the following in the root terminal:

# apt-get install squid3

The squid packages is downloaded from the Internet and installed automatically. The only thing to do is to let the external users from our network access the squid. Open the squid configuration file by typing

# nano /etc/squid3/squid.conf

and uncomment the following lines: acl localnet src 192.168.0.0/16 (approximately line 651) and http_access allow localnet (approximately line 786).

Save the file and restart the squid by typing

# service squid3 restart

To verify that squid runs correctly point your browser to the IP address of the proxy server (192.168.1.2) and surf to some of your favorite websites.

Tiny Web Proxy And Content Filtering Appliance (Version 1.2) With Debian Squeeze - Page 2

View the original article here

Installing Cherokee With PHP5 And MySQL Support On Debian Squeeze

Cherokee is a very fast, flexible and easy to configure Web Server. It supports the widespread technologies nowadays: FastCGI, SCGI, PHP, CGI, TLS and SSL encrypted connections, virtual hosts, authentication, on the fly encoding, load balancing, Apache compatible log files, and much more. This tutorial shows how you can install Cherokee on a Debian Squeeze server with PHP5 support (through FastCGI) and MySQL support.

I do not issue any guarantee that this will work for you!

In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100. These settings might differ for you, so you have to replace them where appropriate.

First we install MySQL 5 like this:

apt-get install mysql-server mysql-client

You will be asked to provide a password for the MySQL root user - this password is valid for the user root@localhost as well as root@server1.example.com, so we don't have to specify a MySQL root password manually later on:

New password for the MySQL "root" user: <-- yourrootsqlpassword
Repeat password for the MySQL "root" user: <-- yourrootsqlpassword

Cherokee is available as a Debian package, therefore we can install it like this:

apt-get install cherokee

Now direct your browser to http://192.168.0.100, and you should see the Cherokee placeholder page:

 

Cherokee can be configured through a web-based control panel which we can start as follows:

cherokee-admin -b

(By default cherokee-admin binds only to 127.0.0.1 (localhost), which means you can only connect to it from the same system. With the -b parameter you can specify the network address to listen to. If no IP is provided, it will bind to all interfaces.)

Output should be similar to this one:

root@server1:~# cherokee-admin -b

Login:
User:              admin
One-time Password: 1Kkcc58atG8DNIM7

Web Interface:
URL:               http://localhost:9090/

[11/04/2011 12:14:18.622] (error) rrd_tools.c:120 - Could not find the rrdtool binary.
Cherokee Web Server 1.0.8 (Jan 11 2011): Listening on port ALL:9090, TLS
disabled, IPv6 enabled, using epoll, 4096 fds system limit, max. 2041
connections, caching I/O, single thread

You need the username and password to log into the web interface which can be found on http://192.168.0.100:9090/:

This is how the web interface looks:  

To stop cherokee-admin, type CTRL+C on the shell.

We can make PHP5 work in Cherokee through FastCGI. Fortunately, Debian provides a FastCGI-enabled PHP5 package which we install like this:

apt-get install php5-cgi

We must modify /etc/php5/cgi/php.ini and uncomment the line cgi.fix_pathinfo=1:

vi /etc/php5/cgi/php.ini

[...]; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting; of zero causes PHP to behave as before. Default is 1. You should fix your scripts; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.; http://php.net/cgi.fix-pathinfocgi.fix_pathinfo=1[...]

Then we restart Cherokee:

/etc/init.d/cherokee restart

Installing Cherokee With PHP5 And MySQL Support On Debian Squeeze - Page 2

View the original article here