LDAP with TLS and CA certificates

If you try to setup your own CA, you might notice that not all applications support your new, self signed certificate out of the box. One example I like to show here is Apache AuthLDAP.


  • installed your certificates in /etc/ssl/certs/
  • run c_rehash

Insert the following line into /etc/ldap.conf :

tls_cacertdir /etc/ssl/certs

…and the following lines in /etc/openldap/ldap.conf :

TLS_CACERTDIR   /etc/ssl/certs/
TLS_REQCERT     allow 

To test if everything works as expected, run the following command (use your own options instead):
ldapsearch -ZZ -x uid=foo -b dc=example,dc=com

Posted in network, openSUSE, SUSE Linux Enterprise | Tagged , , | Leave a comment

Migrate from MyISAM to InnoDB

My topic for today was to migrate a MySQL server with some databases on it from MyISAM to InnoDB. In the end (after having some backups, of course), I wrote the little script below:


for database in $(echo "show databases;" | mysql); do
  case $database in
      echo "Skipping database $database"
      echo "Converting database $database"
      for i in $(echo "show tables;" | mysql $database;); do 
        case $i in 
            echo "....converting $i"
            echo "ALTER TABLE $i ENGINE = INNODB;" | mysql $database;

Just remember to have a file .my.cnf in your home directory containing the username and password of your database administrator.

Posted in openSUSE, SUSE Linux Enterprise | Tagged , , , , , , , | Leave a comment

DHCP failover with LDAP support

Providing important services as redundant as possible is always a good idea. Providing a fail-over and load-balancing solution for DHCP if the most parts of your DHCP configuration is stored inside an LDAP database is a bit tricky, but if you know how it works it’s easy again…

As I need to learn LDAP for my LPI-3 exam, I think this is also a good learning example – but I did not manage it without using some workarounds yet.
Continue reading

Posted in network, openSUSE, SUSE Linux Enterprise | Tagged , | Leave a comment

Short lm_sensors Howto

lm-sensors logo

lm-sensors hardware monitoring

I’m currently using sensors version 3.3.2 on my ASRock P67 Professional mainboard. To get informed once one of the 3 fans die or the temperature or voltage is getting critical, I use the Nagios plugin “check_sensors”, which is part of the official Nagios plugins.

The setup is very easy: first run the script sensors-detect, which is part of the sensors package. Just press [Enter] all the time and in the end you should get a first working /etc/sensors3.conf configuration file and can start the daemon with rclm_sensors start.

But this is just the initial starting point: if you execute the command sensors now, you’ll see some “ALARMS” after the values for some sensors. In my case, this affected the “in1”, “in4”, “in5”, “fan1” – “fan5”, “intrusion0″, intrusion1” and the “SYSTIN” sensors. So how to proceed? Continue reading

Posted in openSUSE, SUSE Linux Enterprise | Tagged , , , , , | 1 Comment

Serial console short HowTo

As I always forget the steps to bring a serial console “online” for all boot steps, here’s a try to summarize…


  • Serial device is /dev/ttyS0
  • Port speed is 115200
  • no parity
  • 8 data bits

In the end you should be able to follow your system from the boot menu of your grub bootloader until the login prompt. The only steps missing are the ones you need to do in the BIOS of your mainboard – just refer to the BIOS manual (and keep in mind that a “redirect after POST” is not needed any more with this guideline below). Continue reading

Posted in openSUSE, SUSE Linux Enterprise | Tagged , , , | 1 Comment

cyrus quota warner

cyrus logoSometimes live can be so easy: running a cyrus IMAP server on a small box normally includes that you set and maintain Quotas for your customers. Normally everything runs fine – until someone is unable to receive any Emails because his Quota reached the limit. I wrote a small script for this which sends me an Email every time it is executed (via cron): Continue reading

Posted in openSUSE, SUSE Linux Enterprise | Tagged , , , , | Leave a comment

Kindle Fire HD and openSUSE Linux

Today my mom got a new toy: the Kindle Fire HD. One of the first things I wanted to do was filling up the Tablet with some music and videos. As the Webinterface from Amazon does not work with the Firefox under Linux, I connected the device via USB to my Laptop and the device was recognized by the kernel:

[ 4820.437790] usb 2-1.2: new high speed USB device number 3 using ehci_hcd
[ 4820.536159] usb 2-1.2: New USB device found, idVendor=1949, idProduct=0007
[ 4820.536162] usb 2-1.2: New USB device strings: Mfr=2, Product=3, SerialNumber=4
[ 4820.536164] usb 2-1.2: Product: Kindle
[ 4820.536166] usb 2-1.2: Manufacturer: Amazon
[ 4820.536167] usb 2-1.2: SerialNumber: D059A0A024460GEB

but surprise, surprise: nothing else happened. Neither the automounter pops up nor running fdisk -l shows any device. I learned that the Kindle is using MTP (Media Transfer Protocol) – so I need a special tool that allows me to access the device. Thankfully Malcolm Lewis already packaged a tool for openSUSE: “jmtpfs”, providing a FUSE based MTP filesystem. Continue reading

Posted in openSUSE | Tagged , , , | Leave a comment