Here, I’ll admit it. One of the things I’ve always been a little scared of, in terms of Linux server administration, is LDAP. It’s obviously incredibly useful in many ways, not the least of which, it’s the most current and secure way of centralizing user, group and system configuration information, even across the web. And it offers great inter-operability with other types of systems, whether big-blue Unices, things that Came from Redmond, or even those slick little units that are Designed in California.

But, the nomenclature and concepts can be rather slippery at first, to the young mind (but here is a good intro). And while there is tons of documentation out there, it is not easy reading in general. In fact, it will guarantee to cure insomnia.

This guide is the result of an attempt to get user authentication sharing working via LDAP. After many false starts, it boils down to something pretty simple really. This won’t really be useful in a enterprise production system, but is a good way to get your feet wet.

Read the rest of this post »

NIS is a bit of an old-school solution on UNIX systems for sharing user information, including logins, across systems. This allows administrators to centralize all user account information, as well as home directories, across any number of physical machines. There are some security implications (like having to disable iptables on the server, see below), and maybe LDAP would be a better choice. But for a home or small organization behind a good firewall, an NIS system could be a lot simpler to create.

Read the rest of this post »

Something I found out today when I decided to make a quick edit to a video taken on my cellphone:  Newer GSM cell phones and devices (such as my now-dated Android G1) now tend to save video in 3GP format. This shiny new multimedia format may have many advantages, but it is not widely supported yet on mainstream desktop software, and also may encapsulate certain codecs that are not free to use. This includes the AMR audio codec, which is patent-encumbered and cannot be freely distributed. Since this is what Android and many others use in their 3GP video output, it has become a common issue.

So, apparently there are people under the impression that you can only read and edit these videos using proprietary software such as Quicktime Pro, sketchy shareware or dodgy apps from questionable code houses. For just making the very occasional simple edit to a cheesy cellphone video, it’s a lot to ask.

Fortunately, there is a good alternative. All you need  little command-line mojo and some patience.

Read the rest of this post »

Add a Comment

A minor UI detail in development required that we include the width and height of certain images in the HTML and XML views. Since we were using the file_column plugin, which doesn’t normally save any image information besides the file name, this turned out to require some hacking.
Read the rest of this post »

This seems to be a very popular subject to write about for those of us with the fix-it-and-forget-it mentality. But everything I dug up either contained outdated information or set up too unnecessary hoops (like this Redhat KB article for instance). So as my attempt to better the world today (and make a record for my own reference), here is a simple and robust way to export NFS shares from a Redhat/Fedora system with iptables enabled.
Read the rest of this post »

The ASUS Eee 1008HA is the latest in the popular line of ‘netbooks’ that are reportedly taking over the world, or at least the consumer electronics portion thereof. We picked one up from Amazon for about $419 as a way to keep in touch during summer travels (because, really, what good is a vacation if you can’t have a daily internet fix), and keep our darling 2-year-old entertained with some pre-recorded digital media during a 5-hour plane trip.
Read the rest of this post »

lifted from here

This howto will show you how to setup an SSL certificate on a Plesk server so that it will be used when people connect through secure pop, smtp and imap.

To do the following, you need a certificate. It can be self signed or CA signed. Using a self-signed cert will of course result in some browser warnings for those who have not added the certificate as locally trusted on their computer.

Read the rest of this post »

Installing rssh to allow scp/sftp sessions only for user accounts is a breeze. Getting them into a chroot jail took a bit more reseach, but in the end turned out to be pretty easy.

This is on CentOS 4.6, but this technique should work almost identically for any Linux system thanks to the l2chroot script.

Read the rest of this post »

Yep, I’m trying to git on the bandwagon too. Last fall I dropped a small set of plugin files into github as a test, which was easy enough. But never had the time to figure out how to get all the other plugins, libraries and frameworks we use in there without moving everything over, including all the client project code.

So in the last few months I have been making commits via svn as usual, ignoring the old github account entirely. It was pretty simple to get all those interim svn commits into github though, here’s how:

Read the rest of this post »

Set this up late last year, and just documenting now in case I forget, or if any of my legions of readers are curious.

Galleon is a open-source java client/server app that uses Tivo’s Home Media Engine system to allow all sorts of file and application sharing between a Tivo and other networked entities. It more or less works to transfer files between the main Linux fileserver and our TiVo (we have an old Series 2 with a 40G drive - I was an early adopter in 2003 and I’m too cheap to upgrade). The main steps in setting it up and my experience are as follows.

Read the rest of this post »