Category: Computers

Using the recursive_import.php script for importing photos to the #Horde module Ansel with subdirectories

JonTheNiceGuy Leave a comment

I have a problem with the excellent Horde module “Ansel” – their photo
display and manipulation application – which I’m
documenting-until-I-fix-it.

If you have a lot of photos and you want to import the lot in one go,
there’s a script called recursive_import.php – you’ll find this under
/path/to/your/horde/install/ansel/scripts/recursive_import.php and it
takes the following arguments: -d /path/to/directory -u USERNAME -p
PASSWORD

I’d been using it thinking it would handle directory navigation a bit
better than it did, by running it as follows:

php recursive_import.php -d import_dir -u fred -p bloggs

Infact, I needed to do it like this:

php recursive_import.php -d `pwd`/import_dir -u fred -p bloggs

This is because the script navigates up and down the directory
structure as it works out the contents of each directory, instead of
handling the referencing properly. I plan to look at this properly
tomorrow when I’ve got a day off, but if I don’t, or if the patch
doesn’t get accepted, at least you know how to fix it now! :)

Posted via email from Jon’s posterous

Use GMail’s SMTP gateway using the command line from Ubuntu without lots of config tips

JonTheNiceGuy 1 Comment

I’m writing a few little scripts at the moment, and one of them needed to be able to send an e-mail. I’d not got around to sorting out what my SMTP gateway was from my ISP – but I do tend to use GMail’s SMTP gateway for non-essential stuff.

I thought I could easily setup sendmail, but no, that’s SCARY stuff, and then I thought of Postfix, but that needs an awful lot of configuration for an TLS based SMTP connection, so I did a bit of digging.

Thanks to this post over at the Ubuntu Forums, I worked out how to get a local port 10025 to run, but PHP kept complaining, so I next looked for a “sendmail replacement”, in comes nullmailer.

So, thankfully this is all rather easy.

  • sudo apt-get install openssl xinetd nullmailer
  • sudo tee /usr/bin/gmail-smtp <<EOF >/dev/null
#!/bin/sh
# Thanks to http://ubuntuforums.org/showthread.php?t=918335 for this install guide
/usr/bin/openssl s_client -connect smtp.gmail.com:465 -quiet 2>/dev/null
EOF
sudo chmod +x /usr/bin/gmail-smtp
  • sudo tee /etc/xinetd.d/gmail-smtp <<EOF >/dev/null
# default: on
# description: Gmail SMTP wrapper for clients without SSL support
# Thanks to http://ubuntuforums.org/showthread.php?t=918335 for this install guide
service gmail-smtp
{
    disable         = no
    bind            = localhost
    port            = 10025
    socket_type     = stream
    protocol        = tcp
    wait            = no
    user            = root
    server          = /usr/bin/gmail-smtp
    type            = unlisted
}
EOF
sudo /etc/init.d/xinetd reload
  • sudo tee /etc/nullmailer/remotes <<EOF >/dev/null
127.0.0.1 smtp --port=10025 --user=your@user.tld --pass=Y0urC0mp3xGM@ilP@ssw0rd
EOF
sudo /etc/init.d/nullmailer reload

Setting all this lot up was pretty easy with these guides. There’s no reason why it wouldn’t work on any other version of Linux (provided you can install all these packages).

Good luck with your project!

Posted via web from Jon’s posterous

Locally Monitoring Interfaces on Nokia Firewalls (and – by a link – McAfee Sidewinders) for Failover

JonTheNiceGuy Leave a comment

I recently wrote a document on http://jon.spriggs.org.uk/blog explaining how to monitor the interface of a McAfee sidewinder to see when it failed over. I don’t know why I didn’t write it on Posterous, but if you’re following me on Posterous, and you think that you might want to know how to use Perl to repeatedly loop over the same command, and show the results with a date stamp underneath it (a bit like the watch command) then you’ll find this page really useful. In the mean time, I’ve also written the same script for the CSH shell, which is used, amongst other places, on Nokia Firewalls.

Introduction

One of our requirements with one of our customers is to perform regular and routine failover tests. As the interface is not responsive to providing information about when service has failed from Primary to Secondary and back again, I re-wrote the script I adjusted for McAfee Sidewinders to run on the SECONDARY NODE to show the interface address of one NIC every 5 seconds. I’ll also show how to slightly modify the script with different time delays and interface names. Please note, there may be much better ways of doing this. I needed something in a hurry, and this gave me what I needed. If you’ve got any better ideas, please drop me a note at jon@spriggs.org.uk or note below how to do it :)

Steps to perform

  1. SSH to the Secondary node.
  2. Check you’re not already primary with the command ifconfig eth-s1p1c0 | grep inet this should return one line showing something like inet mtu 1500 1.2.3.4/24 broadcast 1.2.3.255
  3. Type this
    while (-e /bin/csh)
    ifconfig eth-s1p1c0 | grep inet
    date
    sleep 5
    end
  4. Perform your action to provoke fail-over, which may be to unplug an interface attached to the primary firewall, reboot the firewall or unplug a switch directly attached to the firewall. In response (and after approx 1 minute, based on your HA configuration) you should now see in the script’s output, it now shows two lines (or maybe three) – as follows:

    inet mtu 1500
    inet 1.2.3.4/24 broadcast 1.2.3.255
    inet 1.2.3.5/24 broadcast 1.2.3.255     vrrpmac 0:0:aa:bb:cc:dd
  5. Perform your failback and after 1 minute or so, it should revert to just the single line – 1.2.3.4 or equivelent for your network.

Tweaks

In the bold section above, replace the interface name identified (here it’s eth-s1p1c0) with an interface you know will fail over, you can also make bigger or smaller the sleep command – here it’s 5 seconds, but there’s probably no reason why it couldn’t be 1 or 10.

Posted via web from Jon’s posterous

Supporting multiple machines in GNOME using VNC

JonTheNiceGuy Leave a comment

I was recently asked how to configure VNC for user support across a series of machines running GNOME. I’m in the process of trying out a few different platforms at the moment, and didn’t have my GNOME machine to hand and working right, so I decided to work it out from what I’ve done in the past. Here’s the bulk of the e-mail I sent him to try and help him out. Maybe this will help you at some point.

If you find any errors (especially around the option names in the actual dialogue boxes) please post a note so I can correct this!

Thanks!

On most GNOME based systems (which includes Fedora), you can active “Remote Desktop Sharing” for users.

Go to System -> Preferences -> Remote Desktop Sharing (or something similar). I’m afraid I’ve just recently moved my systems to KDE, so I don’t know the exact options, but I believe it’ll say something like “Enable remote connections” (tick that), and “User is prompted to permit connection” (this will be down to policy) and “Remote user needs to enter a password” (this will need some text to be entered).

Once you have these for one system, you can automatically set this for all the other computers.

From the command line, type
  gconftool-2 -R /desktop/gnome/remote_access

This will return all the settings you have made. Here’s mine:

 view_only = false                                         
 alternative_port = 5900                                   
 prompt_enabled = false                                    
 icon_visibility = client                                  
 lock_screen_on_disconnect = false                         
 disable_xdamage = false                                   
 mailto =                                                  
 use_alternative_port = false                              
 enabled = true                                            
 disable_background = false                                
 network_interface =                                       
 require_encryption = false                                
 authentication_methods = [vnc]                            
 vnc_password = &&&&&&&&&&&&                               
 use_upnp = false

(I’ve removed the password for my box)

You can use this gconftool to set the same variables on your computers you’ve already deployed, either per-user, as a default policy for each machine, or as a mandatory policy for each machine.

This article from Sun’s GNOME configuration guide explains how to set variables: http://docs.sun.com/app/docs/doc/806-6878/6jfpqt2t5?a=view while this is an overview of all of the GNOME configuration tool (including that article): http://docs.sun.com/app/docs/doc/806-6878/6jfpqt2sv?a=view and lastly, this is how “Vino” the VNC client for GNOME works: http://www.gnome.org/~markmc/remote-desktop.html

I hope this helps you!

Posted via web from Jon’s posterous

Watching an interface on McAfee’s Sidewinder with Perl

JonTheNiceGuy Leave a comment

Introduction

One of our requirements with one of our customers is to perform regular and routine failover tests. As the interface is not responsive to providing information about when service has failed from Primary to Secondary and back again, I have found [1] and modified this perl script to run on the SECONDARY NODE to show the interface address of one NIC every 5 seconds. I’ll also show how to slightly modify the script with different time delays and interface names. Please note, there may be much better ways of doing this. I needed something in a hurry, and this gave me what I needed. If you’ve got any better ideas, please drop me a note at jon@spriggs.org.uk or update this script yourself :)

Steps to perform

  1. SSH to the Secondary node.

  2. Check you’re not already primary with the command ifconfig em0 | grep inet this should return one line showing something like inet 1.2.3.4 netmask 0xffffff00 broadcast 1.2.3.255

  3. Please note the exact syntax of this command – perl is a tricky beast at the best of times, and if you don’t have your apostrophies and backticks in the right place, it won’t run right!

    Type this command: perl -e ‘for (;1;) {print `ifconfig em0 | grep inet`; print `date`; sleep 5}’ and press return. This loops until you press Ctrl+C, showing the line, like I showed you before starting inet and then the next line shows a date and time – this is so you don’t go crazy and think the process has stopped…

  4. Perform your action to provoke fail-over [2], which may be to unplug an interface attached to the primary firewall, reboot the firewall or unplug a switch directly attached to the firewall. In response (and after approx 1 minute, based on your HA configuration) you should now see in the script’s output, it now shows two lines – as follows:

    inet 1.2.3.4 netmask 0xffffff00 broadcast 1.2.3.255
    i    net 1.2.3.5 netmask 0xffffff00 broadcast 1.2.3.255

  5. Perform your failback and after 1 minute or so, it should revert to just the single line – 1.2.3.4 or equivelent for your network.

Breaking down the script

Here, I’ve broken down the command before with short blocks of information about each part of the command you’re running.

perl (which is a scripting language) -e (which means “evaluate the following string in quotes”) (that’s an apostrophy – the symbol on my keyboard at least, below the @ character) for (;1;) (note, those are normal brackets – shift+9 and shift+0, which, in combination with the for and ;1; bits, means loop around the following commands forever, or until the break command is sent) { (that’s a curled brace symbol – shift and the character next to the letter P) print (sends the following string) ` (backtick – the character to the left of the 1 key – which means execute the command between two of these symbols and return the result) ifconfig em0 (get the interface configuration for the interface em0) | (the pipe or bar character – next to the letter Z) grep inet (grep is a unix command to search for strings – in this case, the string inet which identifies the IP address) `; (backtick again and then a semicolon to say stop running that command and start doing the next thing) print `date`; (print the response from the command “date” – which returns a date string – and then do the next command) sleep 5 (the sleep command waits integer X number of seconds – here 5, but you could easily say 2 or 10 here – depends on how impatient you and the project manager are!) } (curly brace – meaning to close the for loop from near the beginning) (apostropy – which instructs it to close the string that the perl interpreter is evaluating)

Notes

[1] from http://stackoverflow.com/questions/555116/repeat-a-unix-command-every-x-seconds-forever – sadly, we can’t use the watch command on a Sidewinder, as it doesn’t have it installed.
[2] Assuming your firewall is in a Primary/Standby configuration (not Standby/Standby), has enabled “Monitor link status” and has addresses to monitor with – presumably the non-HSRP addresses of your attached routers attached to that interface.

XRDP

JonTheNiceGuy Leave a comment

I recently was asked how to provide an RDP session to a Linux Machine. Phoowey! I replied, you can’t RDP to a Linux box, and yet, someone I work with pointed me in the direction of XRDP – a package on Sourceforge.

I performed the following steps on a VMWare host running Ubuntu 8.10, but there’s no reason why it shouldn’t work on 9.04 or even 8.04.

Why would you want to RDP to a Linux machine? If you’ve got a windows host, you don’t always want to be running more and more different software to access that remote host – like VNC or X over SSH, so this seems like an effective solution if you don’t want your client machines to need additional software.

Some people don’t like to permit SSH through their firewalls as you can do an awful lot with a badly configured SSHd. In another situation, we have been using a device (which I don’t manage I should add) to access a development network. This device acts as a reverse proxy, and permits access to various websites, but most importantly, also proxies access to RDP systems, so this request was driven by that need.

Here’s what I did to configure up the XRDP on this Ubuntu 8.10 desktop

# apt-get install build-essential libpam0g-dev libssl-dev tightvncserver

Visit https://sourceforge.net/projects/xrdp/ then click on Download, Browse all packages, click on the latest release (currently 0.4.1), Copy the link for filename xrdp-x.x.x.tar.gz

# wget http://path/to/file/xrdp-x.x.x.tar.gz
# tar xfz xrdp-x.x.x.tar.gz
# cd xrdp-x.x.x
# make
# sudo make install
# cp /usr/local/xrdp/xrdp_control.sh /etc/init.d/
# update-rc.d -f xrdp_control.sh defaults