Here, I’ll admit it. One of the things I’ve always been a little scared of, in terms of Linux server administration, is LDAP. It’s obviously incredibly useful in many ways, not the least of which, it’s the most current and secure way of centralizing user, group and system configuration information, even across the web. And it offers great inter-operability with other types of systems, whether big-blue Unices, things that Came from Redmond, or even those slick little units that are Designed in California.

But, the nomenclature and concepts can be rather slippery at first, to the young mind (but here is a good intro). And while there is tons of documentation out there, it is not easy reading in general. In fact, it will guarantee to cure insomnia.

This guide is the result of an attempt to get user authentication sharing working via LDAP. After many false starts, it boils down to something pretty simple really. This won’t really be useful in a enterprise production system, but is a good way to get your feet wet.

Read the rest of this post »

NIS is a bit of an old-school solution on UNIX systems for sharing user information, including logins, across systems. This allows administrators to centralize all user account information, as well as home directories, across any number of physical machines. There are some security implications (like having to disable iptables on the server, see below), and maybe LDAP would be a better choice. But for a home or small organization behind a good firewall, an NIS system could be a lot simpler to create.

Read the rest of this post »

This seems to be a very popular subject to write about for those of us with the fix-it-and-forget-it mentality. But everything I dug up either contained outdated information or set up too unnecessary hoops (like this Redhat KB article for instance). So as my attempt to better the world today (and make a record for my own reference), here is a simple and robust way to export NFS shares from a Redhat/Fedora system with iptables enabled.
Read the rest of this post »

The ASUS Eee 1008HA is the latest in the popular line of ‘netbooks’ that are reportedly taking over the world, or at least the consumer electronics portion thereof. We picked one up from Amazon for about $419 as a way to keep in touch during summer travels (because, really, what good is a vacation if you can’t have a daily internet fix), and keep our darling 2-year-old entertained with some pre-recorded digital media during a 5-hour plane trip.
Read the rest of this post »

lifted from here

This howto will show you how to setup an SSL certificate on a Plesk server so that it will be used when people connect through secure pop, smtp and imap.

To do the following, you need a certificate. It can be self signed or CA signed. Using a self-signed cert will of course result in some browser warnings for those who have not added the certificate as locally trusted on their computer.

Read the rest of this post »

Installing rssh to allow scp/sftp sessions only for user accounts is a breeze. Getting them into a chroot jail took a bit more reseach, but in the end turned out to be pretty easy.

This is on CentOS 4.6, but this technique should work almost identically for any Linux system thanks to the l2chroot script.

Read the rest of this post »

Set this up late last year, and just documenting now in case I forget, or if any of my legions of readers are curious.

Galleon is a open-source java client/server app that uses Tivo’s Home Media Engine system to allow all sorts of file and application sharing between a Tivo and other networked entities. It more or less works to transfer files between the main Linux fileserver and our TiVo (we have an old Series 2 with a 40G drive - I was an early adopter in 2003 and I’m too cheap to upgrade). The main steps in setting it up and my experience are as follows.

Read the rest of this post »

The proper CLI incantation to get mplayer/mencoder to clockwise rotate, apply an autolevels filter and re-sample an AVI video is:

mencoder dscf5432.avi -vf rotate=1,pp=al -ovc xvid -xvidencopts pass=1:bitrate=687 -oac copy -o out.avi

Allow me to join the hordes who are saying “about time” to the announcement that Adobe will support Flash 10 for 64-bit Linux. Although it makes little practical difference it will be one less wart on the Linux desktop experience.