If you try to setup your own CA, you might notice that not all applications support your new, self signed certificate out of the box. One example I like to show here is Apache AuthLDAP.
- installed your certificates in /etc/ssl/certs/
- run c_rehash
Insert the following line into /etc/ldap.conf :
…and the following lines in /etc/openldap/ldap.conf :
To test if everything works as expected, run the following command (use your own options instead):
ldapsearch -ZZ -x uid=foo -b dc=example,dc=com
My topic for today was to migrate a MySQL server with some databases on it from MyISAM to InnoDB. In the end (after having some backups, of course), I wrote the little script below:
for database in $(echo "show databases;" | mysql); do
case $database in
echo "Skipping database $database"
echo "Converting database $database"
for i in $(echo "show tables;" | mysql $database;); do
case $i in
echo "....converting $i"
echo "ALTER TABLE $i ENGINE = INNODB;" | mysql $database;
Just remember to have a file .my.cnf in your home directory containing the username and password of your database administrator.
Providing important services as redundant as possible is always a good idea. Providing a fail-over and load-balancing solution for DHCP if the most parts of your DHCP configuration is stored inside an LDAP database is a bit tricky, but if you know how it works it’s easy again…
As I need to learn LDAP for my LPI-3 exam, I think this is also a good learning example – but I did not manage it without using some workarounds yet.
lm-sensors hardware monitoring
I’m currently using sensors version 3.3.2 on my ASRock P67 Professional mainboard. To get informed once one of the 3 fans die or the temperature or voltage is getting critical, I use the Nagios plugin “check_sensors”, which is part of the official Nagios plugins.
The setup is very easy: first run the script sensors-detect, which is part of the sensors package. Just press [Enter] all the time and in the end you should get a first working /etc/sensors3.conf configuration file and can start the daemon with rclm_sensors start.
But this is just the initial starting point: if you execute the command sensors now, you’ll see some “ALARMS” after the values for some sensors. In my case, this affected the “in1”, “in4”, “in5”, “fan1” – “fan5”, “intrusion0″, intrusion1” and the “SYSTIN” sensors. So how to proceed? Continue reading
As I always forget the steps to bring a serial console “online” for all boot steps, here’s a try to summarize…
- Serial device is /dev/ttyS0
- Port speed is 115200
- no parity
- 8 data bits
In the end you should be able to follow your system from the boot menu of your grub bootloader until the login prompt. The only steps missing are the ones you need to do in the BIOS of your mainboard – just refer to the BIOS manual (and keep in mind that a “redirect after POST” is not needed any more with this guideline below). Continue reading
Sometimes live can be so easy: running a cyrus IMAP server on a small box normally includes that you set and maintain Quotas for your customers. Normally everything runs fine – until someone is unable to receive any Emails because his Quota reached the limit. I wrote a small script for this which sends me an Email every time it is executed (via cron): Continue reading
Today my mom got a new toy: the Kindle Fire HD. One of the first things I wanted to do was filling up the Tablet with some music and videos. As the Webinterface from Amazon does not work with the Firefox under Linux, I connected the device via USB to my Laptop and the device was recognized by the kernel:
[ 4820.437790] usb 2-1.2: new high speed USB device number 3 using ehci_hcd
[ 4820.536159] usb 2-1.2: New USB device found, idVendor=1949, idProduct=0007
[ 4820.536162] usb 2-1.2: New USB device strings: Mfr=2, Product=3, SerialNumber=4
[ 4820.536164] usb 2-1.2: Product: Kindle
[ 4820.536166] usb 2-1.2: Manufacturer: Amazon
[ 4820.536167] usb 2-1.2: SerialNumber: D059A0A024460GEB
but surprise, surprise: nothing else happened. Neither the automounter pops up nor running
fdisk -l shows any device. I learned that the Kindle is using MTP (Media Transfer Protocol) – so I need a special tool that allows me to access the device. Thankfully Malcolm Lewis already packaged a tool for openSUSE: “jmtpfs”, providing a FUSE based MTP filesystem. Continue reading