If you often mount and access a remote NFS share on your system, you will probably want to know how to improve NFS file access performance. One possibility is using file caching. In Linux, there is a caching filesystem called FS-Cache which enables file caching for network file systems such as NFS. FS-Cache is built into the Linux kernel 2.6.30 and higher. ...
Development travis cordova build ...
Writing shell scripts leaves a lot of room to make mistakes, in ways that will cause your scripts to break on certain input, or (if some input is untrusted) open up security vulnerabilities. Here are some tips on how to make your shell scripts safer. Don't The simplest step is to avoid using shell at all. Many higher-level languages are both easier to write the code in in the first place, and avoid some of the issues that shell ...
Windows system administration is very mouse driven and to reach all tools you need to browse through Windows explorer. If you are like me and prefer to log on a limited privilege account and use Runas to perform admin tasks, you can open these consoles with the .msc file names. Here is a list of admin tools with their .msc file names. domain.msc: AD Domains and Trusts ...
This article goes over how to implement Single-Sign-On on Linux. It goes over the integration around the Kerberos service and the applications, like for example FireFox. Pre-requisites ...
This is a service that let's you get SSL certificates for HTTPS. These certificates are trusted by major browsers. See Let's Encrypt This is a barebones howto to get SSL certificates: git clone https://github.com/letsencrypt/letsencrypt cd letsencrypt This contains the client software for let's encrypt. ./letsencrypt-auto certonly --manual This will start by updating and getting any needed dependencies and then jump to a wizard like configuration to get this done. Follow the prompts and pay special attention on the prompt used to validate your domain. (You need to create a couple of folders and a file with the right content). Afterwards your certificates will be in: ...
This simple mini how-to goes over the configuration of a linux system so it can use a Kerberos Realm server for authentication. Make sure you have the pam_krb5 rpm files installed. You can check this by running the rpm -qa | grep pam command and seeing whether the pam_krb5 rpm files are listed. If they aren't, you can typically download them in an update of the Linux or Unix operating system that you are running. ...
I bought a HP Envy 4504. Overall I am happy with it. This is how I configure it so I can use with Linux. This mini howto applies to ArchLinux, void linux and Centos/RedHat distributions. Installation Archlinux: cups, hplip, python2, sane ...
In Linux, there is a caching filesystem called FS-Cache which enables file caching for network file systems such as NFS. FS-Cache is built into the Linux kernel 2.6.30 and higher. In order for FS-Cache to operate, it needs cache back-end which provides actual storage for caching. One such cache back-end is cachefiles. Therefore, once you set up cachefiles, it will automatically enable file caching for NFS shares. ...
Testing, code coverage, style enforcement are all check-in and merge requirements that can be automated and driven from Git. If you're among the rising number of Git users out there, you're in luck: You can automate pieces of your development workflow with Git hooks. Hooks are a native Git mechanism for firing off custom scripts before or after certain operations such as commit, merge, applypatch, ...
So last weekend finally had some time to work with a Askozia Desktop Appliance. It actually arrived much earlier but without a Power Supply. Initially I though, "this is strange; I didn't know this supported PoE". (Power Over Ethernet). It turns out it didn't and there was a shipping mistake. After contacting the vendor, they sent me the required Power Supply. Overall I think the product is quite nice. It has a very nice User Interface that is quite easy to use. Simple configurations are indeed very easy to set-up. My feeling is that, as with any GUI, it usually trades user-friendly with expressiveness. So while I could configure most of the things I wanted from the UI, it did not support my home network topology fully. Initially, I had a DMZ vs Home-LAN configuration, with the Askozia box in the DMZ. Because the separation between the DMZ and the Home-LAN was through the router, it considered all the IP phones (in the Home-LAN) on the other side of the NAT, so things did not work properly. ...
I am still to test this recipe Server Configuration First of all, we must install the following components: A DHCP server to assign IP addresses to our diskless nodes. A TFTP server to transfer the boot image (a requirement of all PXE option roms). ...
Some useful tidbits to use when using the OpenWRT embedded web server (uHTTPD). Embedded Lua uHTTPd supports running Lua in-process, which can speed up Lua CGI scripts. It is unclear whether LuCI supports running in this embedded interpreter. LuCI seems to work fine (if not better) with the embedded ...
Sometimes we need to connect two or more geographically distrubuted ethernet networks to one broadcast domain. There can be two different office networks of some company which uses smb protocol partially based on broadcast network messages. Another example of such situation is computer cafes: a couple of computer cafes can provide to users more convinient environment forr playing multiplayer computer games without dedicated servers. Both sample networks in this article need to have one *nix server for bridging. Our networks can be connected by any possible hardware that provides IP connection between them. Connecting Two Remote Local Networks With Transparent Bridging Technique Short description In described configuration we are connecting two remote LANs to make them appearing as one network with 192.168.1.0/24 address space (however physically, presense of bridges in network configuration is not affecting IP protocol and is fully transparent for it, so you can freely select any address space). Both of the bridging servers has two network interfaces: one (as eth0 in our example) connested to the LAN, and second (eth1) is being used as transport to connect networks. When ethernet tunnel between gateways in both networks will be bringed up we will connect tunnel interfaces with appropriate LAN interfaces with bridge interfaces. Schematically this configuration can be following: +-------+ +-------+ | br0 | | br0 | ...
This article is about integrating OpenSSH in a kerberos environment. Allthough OpenSSH can provide passwordless logins (through Public/Private keys), it is not a true SSO set-up. This article makes use of Kerberos TGT service to implement a true SSO configuration for OpenSSH. Pre-requisites First off, you'll need to make sure that the OpenSSH server's Kerberos configuration (in /etc/krb5.conf) is correct and works, and that the server's keytab (typically /etc/krb5.keytab) contains an entry for host/fqdn@REALM (case-sensitive). I won't go into details on how this is done again; instead, I'll refer you to any one of the recent Kerberos-related articles (like this one, this one, or even this one). Just be sure that you can issue a kinit -k host/fqdn@REALM and get back a Kerberos ticket without having specify a password. (This tells you that the keytab is working as expected.) ...
Kerberos is a network authentication protocol which works on the basis of "tickets" to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. (Source Kerberos_(protocol) ) Backups Create backup: ...
A bunch of recipes useful for an ArchLinux system environment. Mostly around system administration. Custom Repos and Packages In the repo directory, put all the packages in there. repo-add ./custom.db.tar.gz ./* ...
This article describes how you creeate hyperlinks within Wordpress. There are a number of ways to do this, depending on the configuration and the types of data we are linking to. Linking Without Using Permalinks This actually works whether or not Permalinks are active. Using the numeric values found in the ID column of the Posts, Categories, and Pages Administration, you can create links as follows. Posts ...
Use DVCS as backend (GIT) Output html markdown Prefer perl/python Mostly RO so to avoid merge conflicts. ...
When using virtualisation it is very common to create template VMs that can be cloned from. This makes deployment much easier than having to install a new VM from scratch. Unfortunately, the cloned VMs lack any Active Directory memberships and the VMs have to be manually added to the AD domain. For automated deployment scenarios this is less than desirable. This recipe intends to solve that issue in a ...