Originally published at ScummBlog. You can comment here or there.

Recently a couple of Linode VMs were acquired by my employer. It was decided that these would host OpenVPN, OpenLDAP, PostgreSQL and a couple more services in a HA cluster. This seemed like a great idea, and much congratulating occurred.

Little did we know what awaited us.

Read the rest of this entry » )

Originally published at ScummBlog. You can comment here or there.

I am here, people, to save you from LDAP. Unless you have to use it, in which case you are already lost. Like me. But here are some pro tips to make connecting clients a bit easier!

1) TLS in Ubuntu is seriously broken. Like, terribly broken. GnuTLS looks like it’s to blame, and from the bugs that I’ve looked at nobody wants to actually acknowledge that the problem belongs to them. So you’d think that would nix using LDAP over a secure connection, right? Wrong! You can use stunnel to create a SSL-encrypted listener on port 636 (LDAP’s secure port) and have it dump the incoming connection to 389 (the un-encrypted local listening port). This lets your clients use LDAPS:// properly. Don’t ask me why this works, but I’m damned glad it does.

2) Just apt-get installing libnss-ldap on a client doesn’t bring in everything you’ll need for proper LDAP logins. You’ll also want to make sure that libpam-modules is already installed (for pam_mkhomedir.so) and nscd (Name Service Cache Daemon) otherwise you’ll run into lovely “I have no name!” issues on login.

3) Some handy things you’ll want to check in /etc/ldap.conf: make sure the port is 636, ssl is on and tls_checkpeer is no.

4) Make a local recovery account with a *really* secure password, and *DON’T* disable local login in PAM, otherwise you are SOL if LDAP ever breaks.

So there you go, somewhat painless LDAP authentication! The TLS thing alone resulted in a tonne of swearing yesterday, before I found the myriad of bugs filed against it.

scumm_boy: (Default)
( Jun. 18th, 2010 07:54 pm)

Originally published at ScummBlog. You can comment here or there.

So thanks to a friend’s awesomeness, I have access to a proper Linux VM kicking it in a real datacenter! This means I can finally move the content off of my home server!

So Bung (the VM) will now serve my static content for the various sites I host, and Pants (local server) will be for services. This should simplify a lot of things, and give me a bit more experience with a) Ubuntu as a server and b) running a VM server.

In addition to switching up hosts, I’m also switching up HTTPD services. I’ve dealt exclusively with Apache (1.3 and 2) in the past. The same friend that is providing the VM also convinced me to give Nginx (wiki.nginx.org) a shot. It’s taken quite a bit of getting used to, but it does seem to be crazy fast, and the config gets a lot easier as you go along.

I have already migrated the sites under the scummbox.org umbrella, and am just rsync-ing the content for the other domains that I host. Hopefully the remainder of the sites will be relocated by this weekend!

scumm_boy: (Default)
( Jun. 18th, 2010 07:54 pm)

Originally published at ScummBlog. You can comment here or there.

So thanks to a friend’s awesomeness, I have access to a proper Linux VM kicking it in a real datacenter! This means I can finally move the content off of my home server!

So Bung (the VM) will now serve my static content for the various sites I host, and Pants (local server) will be for services. This should simplify a lot of things, and give me a bit more experience with a) Ubuntu as a server and b) running a VM server.

In addition to switching up hosts, I’m also switching up HTTPD services. I’ve dealt exclusively with Apache (1.3 and 2) in the past. The same friend that is providing the VM also convinced me to give Nginx (wiki.nginx.org) a shot. It’s taken quite a bit of getting used to, but it does seem to be crazy fast, and the config gets a lot easier as you go along.

I have already migrated the sites under the scummbox.org umbrella, and am just rsync-ing the content for the other domains that I host. Hopefully the remainder of the sites will be relocated by this weekend!

Originally published at ScummBlog. You can comment here or there.

First, an aside: Today I am a real Blogger. I am posting this from a coffee shop in Toronto!

January 10th (or thereabouts) marks the 1 year anniversary of me getting bored with a Windows XP workstation and installing Linux for the first time in many years. Since then I’ve added a wee Ubuntu box and a PowerMac G4 running OS X Leopard (a topic for a different post) to my managre,  and I haven’t missed having a Windows OS machine yet!

The Gentoo machine (Rands) has been running like a champ for over a year, with only a couple foibles (all my fault) ruining it’s uptime. Since I posted about setting it up I’ve migrated to the unstable AMD 64 branch (~amd64) and had nary a problem. A memorable futz-up on my part was me un-emerging coreutils after a package blocking problem… leaving me with no basic Linux utilitys (like LS or RM!) Thankfully, some kind soul on the Gentoo Forums saved me with a tar of his AMD 64-compiled coreutils!

I loved my year with Gentoo, and look forward to many more!

Originally published at ScummBlog. You can comment here or there.

First, an aside: Today I am a real Blogger. I am posting this from a coffee shop in Toronto!

January 10th (or thereabouts) marks the 1 year anniversary of me getting bored with a Windows XP workstation and installing Linux for the first time in many years. Since then I’ve added a wee Ubuntu box and a PowerMac G4 running OS X Leopard (a topic for a different post) to my managre,  and I haven’t missed having a Windows OS machine yet!

The Gentoo machine (Rands) has been running like a champ for over a year, with only a couple foibles (all my fault) ruining it’s uptime. Since I posted about setting it up I’ve migrated to the unstable AMD 64 branch (~amd64) and had nary a problem. A memorable futz-up on my part was me un-emerging coreutils after a package blocking problem… leaving me with no basic Linux utilitys (like LS or RM!) Thankfully, some kind soul on the Gentoo Forums saved me with a tar of his AMD 64-compiled coreutils!

I loved my year with Gentoo, and look forward to many more!

scumm_boy: (Default)
( Feb. 1st, 2007 09:18 am)

Originally published at ScummBlog. You can comment here or there.

I usually leave my computer on over night, for seeding purposes. When I went to wake it up this morning, I noticed that I had no keyboard activity. No num lock, ctrl+alt+backspace (Kills the X Windows session) wasn’t working… nor was ctrl+alt+F12 (the DMESG view). The monitor came on to a black screen (power saving mode.) The thing was hung. My keyboard has an LCD built into it, which shows the system time. It was stopped at 3:15 AM. So, I reboot.

On reboot I see that there are several major errors: Udev wasn’t loading properly, the System Clock cannot be accessed, ALSA (Advanced Linux Sound Architecture) won’t load, nor will my network card. Crap.

What did I do last night? I ran a deep system update based on a new portage listing. What was updated? Umm… my Vorbis libraries… oh, the Linux Kernel Headers. Well, that might have something to do with it. So, genkernel -all, wait 30 minutes, reboot… success! I don’t know if the kernel rebuild was strictly necessary, but it seems to have done the trick.

Going through the logs from last night, all I can see is the cron agent running at 3:00, and then some NTFS checks happening. Nothing that *should* have caused a major freak out. We’ll see how things go tonight.

*Update*

After posting on the Gentoo forums, it turns out the issue had to do with my NTFS driver and my localization settings. Two commands and my system hasn’t seized in days!

Tags:
scumm_boy: (Default)
( Feb. 1st, 2007 09:18 am)

Originally published at ScummBlog. You can comment here or there.

I usually leave my computer on over night, for seeding purposes. When I went to wake it up this morning, I noticed that I had no keyboard activity. No num lock, ctrl+alt+backspace (Kills the X Windows session) wasn’t working… nor was ctrl+alt+F12 (the DMESG view). The monitor came on to a black screen (power saving mode.) The thing was hung. My keyboard has an LCD built into it, which shows the system time. It was stopped at 3:15 AM. So, I reboot.

On reboot I see that there are several major errors: Udev wasn’t loading properly, the System Clock cannot be accessed, ALSA (Advanced Linux Sound Architecture) won’t load, nor will my network card. Crap.

What did I do last night? I ran a deep system update based on a new portage listing. What was updated? Umm… my Vorbis libraries… oh, the Linux Kernel Headers. Well, that might have something to do with it. So, genkernel -all, wait 30 minutes, reboot… success! I don’t know if the kernel rebuild was strictly necessary, but it seems to have done the trick.

Going through the logs from last night, all I can see is the cron agent running at 3:00, and then some NTFS checks happening. Nothing that *should* have caused a major freak out. We’ll see how things go tonight.

*Update*

After posting on the Gentoo forums, it turns out the issue had to do with my NTFS driver and my localization settings. Two commands and my system hasn’t seized in days!

Tags:

Originally published at ScummBlog. You can comment here or there.

First things first. man emerge. Seriously. You’ll be using it a *lot*

Read the rest of this entry » )
Tags:

Originally published at ScummBlog. You can comment here or there.

First things first. man emerge. Seriously. You’ll be using it a *lot*

Read the rest of this entry » )
Tags:
scumm_boy: (Default)
( Jan. 10th, 2007 01:26 am)

Originally published at ScummBlog. You can comment here or there.

2006 was a topsy-turvy year… I went from XP installs to Vista installs then back to XP installs… but I was feeling very *meh* towards my computer. It was boring. No umph.

So a new year has started, and a friend managed to get me interested in Desktop Linux again. I’ve run a couple day-to-day Linux installs, but they never lasted for one reason or another. The last one was probably in the very early 2000’s.

Read the rest of this entry » )
Tags:
scumm_boy: (Default)
( Jan. 10th, 2007 01:26 am)

Originally published at ScummBlog. You can comment here or there.

2006 was a topsy-turvy year… I went from XP installs to Vista installs then back to XP installs… but I was feeling very *meh* towards my computer. It was boring. No umph.

So a new year has started, and a friend managed to get me interested in Desktop Linux again. I’ve run a couple day-to-day Linux installs, but they never lasted for one reason or another. The last one was probably in the very early 2000’s.

Read the rest of this entry » )
Tags:
.

Syndicate

RSS Atom

Most Popular Tags

Powered by Dreamwidth Studios

Style Credit

Expand Cut Tags

No cut tags