July 23, 2014, 09:48:04 PM

News : LinuxSolved.com Linux Help Community Forum..


Recent Posts

Pages: 1 ... 3 4 [5] 6 7 ... 10
41
Linux Servers Support / Transport openAM 9 configurations between environments
« Last post by kabu on January 23, 2013, 08:43:05 PM »
Hello,

 

I’m trying to find the least painful way of transporting config files between different environments and I have found many things that can break the system after the transport. I got a script that will keep the values for attributes correct for the ones that are depended on the environment but here is the list of couple of things that I’m not sure about. Maybe someone can shed some light on them.

What I want to do is to simply transport xml file based on the steps from the book for openAM 9 (simply export/import using ssoadm to xml file) but by analyzing the file in depth I find many differences that might break the system, so any help is appreciated.

 

1.

In every xml file we have sections for ‘iplanet-am-auth-ldap-bind-passwd’ with hash value under it but in one xml file we’re missing one line with hash. I was wondering if we add that line with the correct hash value will it break the system or it won’t matter as long as the hash matches target environment?

 

2.

Does the size of the ‘iplanet-am-logging-buffer-size’ has to match what was originally setup in the target environment or it will be ok if we overwrite the value from the source xml file?

 

3.

For some reason we have different links in delegation-rules with the same name, for example:

# environment1 - sms://dc=test-domain,dc=net/sunEntitlementService/1.0/application/ws/1/entitlement/entitlements

# environment2 - sms://dc=test-domain,dc=net/sunEntitlementService/1.0/application/ws/1/entitlement/decision

# environment3  - sms://*dc=test-domain,dc=net/sunIdentityRepositoryService/1.0/application/agent

 

It could be due the way the server was setup long time ago or due to development processes over time ( I don’t know) but my question is:

If the rule names are the same but some(or all) options/values are different between environments and we overwrite them with the source file from different environment, will this break things or it won’t matter ?

 

Thank you,
42
Forum Talk / remote logging problem with syslog utility
« Last post by shri_22ram on January 23, 2013, 11:30:28 AM »
I am using Two centOS linux machines. From the third machine (CentoOS_Main) i am redirecting syslog messages to centoOS_1 . After some time i am redirecting syslog messages to CentOS_2. It works fine. After sometime i rebooted my CentOS_Main machine and i am observing very few syslog messages sent to centOS_1. Actually nothing has to sent to centOS_1.
I have observed this by capturing packets by tcpdump.

In /etc/syslog.conf i have used the ip of the centOS_1 machine. After that manually edited the syslog.conf by deleting the centOS_1 ip and entering centOS_2 ip.

Thanks,
Shriram
43
Linux Servers Support / Block Email from postfix
« Last post by hungvx2 on January 23, 2013, 10:32:17 AM »
I'm using postfix to send and receive mail. I want to block Vietnamese Subject but do not know how to configure. Please help me!

Thank you,
44
Linux Kernel / debugfs : Unknown symbol debugfs_create_dir
« Last post by DAVER on January 17, 2013, 08:12:33 AM »
Hi,
    I'm using Ubuntu 12.04 and i was trying to debug the kernel using debugs. I have compiled the kernel with required options like,

Code: [Select]
Kernel hacking[*] Magic SysRq key
Kernel hacking[*] Debug filesystem

I have written a module which include kernel linked list and kernel threads. The module works fine. Then i have added the debugfs code in the same module and i got the following error while inserting the module(i.e. during insmod command),
Code: [Select]
insmod: error inserting 'kll.ko': -1 Unknown symbol in module
I have checked dmesg and i found that the debufs calls like debugfs_create_dir are said to be unknown...

Now I'm stuck at this point.

Any pointers or help is welcome!!
45
Linux Servers Support / Re: How to Map AD groups to Samba share
« Last post by sunnysthakur on January 16, 2013, 01:17:15 PM »
I am able to solve this issue now and AD groups are reflected with samba permissions.
46
Linux Servers Support / ldap restore from ldif file problem
« Last post by kabu on January 11, 2013, 04:01:06 PM »
Hello,
I have a problem with restoring from a ldiff backup file that I did just recently using this command:
Code: [Select]
$ ldapsearch -h localhost -p 1389 -D cn=admin -w somepassword -b "dc=somedomain,dc=com" "objectclass=*" |perl -p -0040 -e 's/\n //' >> 01102013.vl34.ldiff
I removed everything from ldap using Apache Directory Studio but when I tried using this command:

Code: [Select]
$ sudo ldapadd -h localhost -p 1389 -x -D cn=admin -w somepassword -f 01102013.vl34.ldiff
I get this:
Code: [Select]
adding new entry  "dc=somedomain,dc=com"
adding new entry "ou=services,dc=somedomain,dc=com"
....
  and couple of more lines like that but then I get this:

*** stack smashing detected ***: ldapadd terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x4d)[0x8fbfcd]
/lib/libc.so.6[0x8fbf7a]
ldapadd[0x8055614]
ldapadd[0x80541db]
ldapadd[0x804adef]
/lib/libc.so.6(__libc_start_main+0xe6)[0x819ce6]
ldapadd[0x804a6b1]
======= Memory map: ========
00110000-00111000 r-xp 00000000 00:00 0          [vdso]
00111000-0011d000 r-xp 00000000 fd:00 278303     /lib/libnss_files-2.12.so
0011d000-0011e000 r--p 0000b000 fd:00 278303     /lib/libnss_files-2.12.so
0011e000-0011f000 rw-p 0000c000 fd:00 278303     /lib/libnss_files-2.12.so
0011f000-00124000 r-xp 00000000 fd:00 261484     /lib/libnss_dns-2.12.so
00124000-00125000 r--p 00004000 fd:00 261484     /lib/libnss_dns-2.12.so
00125000-00126000 rw-p 00005000 fd:00 261484     /lib/libnss_dns-2.12.so
006df000-00728000 r-xp 00000000 fd:00 284863     /lib/libfreebl3.so
00728000-00729000 r--p 00048000 fd:00 284863     /lib/libfreebl3.so
00729000-0072a000 rw-p 00049000 fd:00 284863     /lib/libfreebl3.so
0072a000-0072e000 rw-p 00000000 00:00 0
00730000-00737000 r-xp 00000000 fd:00 284864     /lib/libcrypt-2.12.so
00737000-00738000 r--p 00007000 fd:00 284864     /lib/libcrypt-2.12.so
00738000-00739000 rw-p 00008000 fd:00 284864     /lib/libcrypt-2.12.so
00739000-00760000 rw-p 00000000 00:00 0
007aa000-007c7000 r-xp 00000000 fd:00 284837     /lib/libgcc_s-4.4.6-20120305.so.1
007c7000-007c8000 rw-p 0001d000 fd:00 284837     /lib/libgcc_s-4.4.6-20120305.so.1
007d4000-007d8000 r-xp 00000000 fd:00 284849     /lib/libplc4.so
007d8000-007d9000 r--p 00003000 fd:00 284849     /lib/libplc4.so
007d9000-007da000 rw-p 00004000 fd:00 284849     /lib/libplc4.so
007e1000-007ff000 r-xp 00000000 fd:00 284832     /lib/ld-2.12.so
007ff000-00800000 r--p 0001d000 fd:00 284832     /lib/ld-2.12.so
00800000-00801000 rw-p 0001e000 fd:00 284832     /lib/ld-2.12.so
00803000-0098f000 r-xp 00000000 fd:00 284833     /lib/libc-2.12.so
0098f000-00991000 r--p 0018c000 fd:00 284833     /lib/libc-2.12.so
00991000-00992000 rw-p 0018e000 fd:00 284833     /lib/libc-2.12.so
00992000-00995000 rw-p 00000000 00:00 0
00997000-0099a000 r-xp 00000000 fd:00 284840     /lib/libdl-2.12.so
0099a000-0099b000 r--p 00002000 fd:00 284840     /lib/libdl-2.12.so
0099b000-0099c000 rw-p 00003000 fd:00 284840     /lib/libdl-2.12.so
009b6000-009cd000 r-xp 00000000 fd:00 284838     /lib/libpthread-2.12.so
009cd000-009ce000 r--p 00016000 fd:00 284838     /lib/libpthread-2.12.so
009ce000-009cf000 rw-p 00017000 fd:00 284838     /lib/libpthread-2.12.so
009cf000-009d1000 rw-p 00000000 00:00 0
00aea000-00afc000 r-xp 00000000 fd:00 284835     /lib/libz.so.1.2.3
00afc000-00afd000 r--p 00011000 fd:00 284835     /lib/libz.so.1.2.3
00afd000-00afe000 rw-p 00012000 fd:00 284835     /lib/libz.so.1.2.3
00b21000-00b36000 r-xp 00000000 fd:00 284845     /lib/libresolv-2.12.so
00b36000-00b37000 ---p 00015000 fd:00 284845     /lib/libresolv-2.12.so
00b37000-00b38000 r--p 00015000 fd:00 284845     /lib/libresolv-2.12.so
00b38000-00b39000 rw-p 00016000 fd:00 284845     /lib/libresolv-2.12.so
00b39000-00b3b000 rw-p 00000000 00:00 0
00c7f000-00c8c000 r-xp 00000000 fd:00 261714     /lib/liblber-2.4.so.2.5.6
00c8c000-00c8d000 r--p 0000d000 fd:00 261714     /lib/liblber-2.4.so.2.5.6
00c8d000-00c8e000 rw-p 0000e000 fd:00 261714     /lib/liblber-2.4.so.2.5.6
05af8000-05b11000 r-xp 00000000 fd:00 43422      /usr/lib/libsasl2.so.2.0.23
05b11000-05b12000 r--p 00018000 fd:00 43422      /usr/lib/libsasl2.so.2.0.23
05b12000-05b13000 rw-p 00019000 fd:00 43422      /usr/lib/libsasl2.so.2.0.23
05b25000-05b70000 r-xp 00000000 fd:00 284874     /lib/libldap-2.4.so.2.5.6
05b70000-05b71000 r--p 0004a000 fd:00 284874     /lib/libldap-2.4.so.2.5.6
05b71000-05b72000 rw-p 0004b000 fd:00 284874     /lib/libldap-2.4.so.2.5.6
05bd2000-05bd5000 r-xp 00000000 fd:00 284850     /lib/libplds4.so
05bd5000-05bd6000 r--p 00002000 fd:00 284850     /lib/libplds4.so
05bd6000-05bd7000 rw-p 00003000 fd:00 284850     /lib/libplds4.so
05bd9000-05d0d000 r-xp 00000000 fd:00 43393      /usr/lib/libnss3.so
05d0d000-05d10000 r--p 00134000 fd:00 43393      /usr/lib/libnss3.so
05d10000-05d12000 rw-p 00137000 fd:00 43393      /usr/lib/libnss3.so
05d14000-05d4e000 r-xp 00000000 fd:00 284848     /lib/libnspr4.so
05d4e000-05d4f000 r--p 00039000 fd:00 284848     /lib/libnspr4.so
05d4f000-05d50000 rw-p 0003a000 fd:00 284848     /lib/libnspr4.so
05d50000-05d52000 rw-p 00000000 00:00 0
05d5f000-05d7b000 r-xp 00000000 fd:00 42912      /usr/lib/libnssutil3.so
05d7b000-05d7e000 r--p 0001c000 fd:00 42912      /usr/lib/libnssutil3.so
05d7e000-05d7f000 rw-p 0001f000 fd:00 42912      /usr/lib/libnssutil3.so
05d81000-05da9000 r-xp 00000000 fd:00 43395      /usr/lib/libsmime3.so
05da9000-05dab000 r--p 00027000 fd:00 43395      /usr/lib/libsmime3.so
05dab000-05dac000 rw-p 00029000 fd:00 43395      /usr/lib/libsmime3.so
05dae000-05de7000 r-xp 00000000 fd:00 43394      /usr/lib/libssl3.so
05de7000-05de9000 r--p 00038000 fd:00 43394      /usr/lib/libssl3.so
05de9000-05dea000 rw-p 0003a000 fd:00 43394      /usr/lib/libssl3.so
08048000-0805a000 r-xp 00000000 fd:00 43523      /usr/bin/ldapmodify
0805a000-0805b000 r--p 00011000 fd:00 43523      /usr/bin/ldapmodify
0805b000-0805c000 rw-p 00012000 fd:00 43523      /usr/bin/ldapmodify
0805c000-0809e000 rw-p 00000000 00:00 0          [heap]
b7fed000-b7ff2000 rw-p 00000000 00:00 0
b7ffc000-b8000000 rw-p 00000000 00:00 0
bffeb000-c0000000 rw-p 00000000 00:00 0          [stack]

I guess the process fails because not all data are imported, I did some research but can't seem to find

a real solution to that. I was hoping that someone could shed some light on that problem or maybe

solution if that happened to someone in the past?
I'm using CentOS 6.3 -  2.6.32-279.5.1.el6.i686 with OpenDS-2.2.1 for ldap.
Thanks
47
Linux Servers Support / Re: How to Map AD groups to Samba share
« Last post by sunnysthakur on January 09, 2013, 07:33:39 AM »
After changing the parameters in /etc/smb.conf i am able to view users/groups i created on AD.

/etc/samba/smb.conf

workgroup = QASLABS
server string = Samba Server Version %v
password server = adserver.qaslabs.net
realm = QASLABS.NET
preferred master = no
security = ADS
;idmap backend = ad
idmap uid = 500-20000000
idmap gid = 500-20000000
winbind separator = +
template shell = /bin/bash
winbind use default domain = true
winbind offline logon = false
preferred master = no
encrypt passwords = yes
log level = 3
log file = /var/log/samba/%m
max log size = 50
printcap name = cups
printing = cups
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind nested groups = yes
;netbios name = smbad
hosts allow = 127.0.0.1 192.16.17.0/24
passdb backend = tdbsam
template homedir = /home/%U
;winbind nss info = rfc2307

On executing the wbinfo i am able to view the AD users created by me.

[root@smbad samba]# wbinfo -u
administrator
guest
krbtgt
[COLOR="Blue"]tlit
usrit
tladmin
usradmin
tlcmt
usrcmt
tldev
usrdev
tlhr
usrhr
tlqa
usrqa
tlsupp
usrsupp[/COLOR]

and on executing the wbinfo with -g i am able to view the AD groups created by me.

[root@smbad samba]# wbinfo -g
BUILTIN+administrators
BUILTIN+users
domain computers
domain controllers
schema admins
enterprise admins
cert publishers
domain admins
domain users
domain guests
group policy creator owners
ras and ias servers
allowed rodc password replication group
denied rodc password replication group
read-only domain controllers
enterprise read-only domain controllers
dnsadmins
dnsupdateproxy
[COLOR="blue"]itadmin
ituser
admadmin
adminuser
cmtadmin
cmtuser
devadmin
devuser
hradmin
hruser
qaadmin
qauser
suppadmin
suppuser[/COLOR]

I am also able to test the ad users with password

[root@smbad samba]# wbinfo -a tladmin%Password1
plaintext password authentication succeeded
challenge/response password authentication succeeded

But now the issue is when i am accessing the samba share using these usernames i am not able to login to share and below error is coming in logs file.

[COLOR="Red"]  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2013/01/10 02:04:28, 3] smbd/sec_ctx.c:pop_sec_ctx(356)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2013/01/10 02:04:28, 2] auth/auth.c:check_ntlm_password(319)
  check_ntlm_password:  Authentication for user [itusr] -> [itusr] FAILED with error NT_STATUS_NO_SUCH_USER
[2013/01/10 02:04:28, 3] smbd/error.c:error_packet_set(106)
  error packet at smbd/sesssetup.c(105) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE
[2013/01/10 02:04:28, 3] smbd/process.c:timeout_processing(1382)
  timeout_processing: End of file from client (client has disconnected).
[2013/01/10 02:04:28, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0[/COLOR]

Also on login to the AD user from putty it is not accepting passwords.

[admin@smbad ~]$ su tladmin
Password:
su: incorrect password

Where as on login to AD user from putty from root account i am able to login [Password not prompted from switching from root user to AD user]

Please help me on this.

Thanks in advance..
48
Linux Servers Support / Group and user permissions on mediawiki
« Last post by sunnysthakur on January 07, 2013, 07:11:57 AM »
I am working on setup a wiki which should have users and group having read or write permission.
Before that we were using simple write to all methodology.

Now the challenge is this that i have created a 3 users and all of the 3 are able to write to wiki and update the page. Now what i what to do is that 2 users can write and one is able to view only.

I did a little bit R 'n' D but didn't success. Below were the things i did but didn't succeed.

By adding the below code in Localsettings.php 2 user can read [they are not able to edit] but one can write.

$wgGroupPermissions['Trusted'] = $wgGroupPermissions['user'];
$wgGroupPermissions['user'   ]['edit']          = false;
$wgGroupPermissions['Trusted']['edit']          = true;
$wgGroupPermissions['sysop'  ]['edit']          = true;

Another thing i did.

INSERT INTO user_groups (ug_user, ug_group) VALUES ('3', 'bureaucrat');
INSERT INTO user_groups (ug_user, ug_group) VALUES ('3', 'sysop');

Assign bureaucrat and sysop rights to user whose id is 3 but nothing happen.
Again userid 1 is able to edit but users having userid 3 again not able to edit, however both have same groups permissions now.

Please help me to resolve this issue.

Note :- I am using mediawiki 1.9.2
49
Linux Servers Support / Re: How to Map AD groups to Samba share
« Last post by sunnysthakur on January 07, 2013, 07:00:45 AM »
Any help on this will appreciate.
50
Linux Servers Support / Re: Difference between major distros and why?
« Last post by dalek on January 06, 2013, 02:33:36 PM »
If you want technical info, I would try the Redhat website.  You can most likely just search and find the answer but since I have never used Redhat, I have very little info.  I know what little I have read about it but not much else.  They also have a section for how to set up things and how it works.  At least they did the last time I looked.  For Ubuntu distros, I have found their documentation seriously lacking.  As bad as the docs are, the forums are as bad or worse.  I usually ask Kubuntu questions on the Gentoo mailing list where I am a frequent user/helper. 

When booting, it depends on what the system is set up to do.  If it is a headless server, then it boots and starts its services.  If it is a desktop, then it boots and loads the GUI part.  All this depends on what you have told it to do either during the install or when configuring the system.  With Linux, the possibilities are pretty much endless.

Each distro varies a little on boot sequence.  Mine for example doesn't require a initrd image tho you can use one or some setups may require it.  Mine goes like this:  BIOS screen, grub menu, loading kernel, starting init and then services.  As far as differences, basically none.  All Linux installs can be set up to do the same thing.  It's all about how it is configured. 

 :) :)
Pages: 1 ... 3 4 [5] 6 7 ... 10