SWAT Blog

Archive for the ‘Linux’ Category

Setting up Glassfish Server Behind Apache https

Thursday, May 7th, 2015

Installing Glassfish and Deploying one sample.war application:

After you unzip Glassfish, you can start the server by running this command:


mint-pc~#GLASSFISH_HOME/glassfish/bin/./asadmin start-domain

This command will start the default domain included in the server, which is called domain1.
After a few seconds, you should be able to browse to its default page at http://server-ip:8080 or the Web Admin Panel at http://server-ip:4848.

After this, we’ll use the asadmin commnad to to add an http listener called jk-connector-8009, which will listen on port 8009 for AJP connections.
This is the port that Apache will use to redirect requests from port 80 to Glassfish, and back to Apache.

Create the listener:

mint-pc~#GLASSFISH_HOME/glassfish/bin/./asadmin --user admin --host localhost --port 4848 create-http-listener --listeneraddress 0.0.0.0 --listenerport 8009 --defaultvs server jk-connector-8009

Activate the listener:

mint-pc~#GLASSFISH_HOME/glassfish/bin/./asadmin --user admin --host localhost --port 4848 setconfigs.config.server-config.network-config.network-listeners.network-listener.jk-connector-8009.jk-enabled=true

Finally, restart the Glassfish Server:

mint-pc~#GLASSFISH_HOME/glassfish/bin/./asadmin stop-domain

mint-pc~#GLASSFISH_HOME/glassfish/bin/./asadmin start-domain

Configuring Apache:
Installing and configure Apache2 and mod_jk:–

mint-pc~#apt-get install libapache2-mod-jk

Installing mod_jk this way will ensure that the mod_jk module is enabled for Apache2. You can check and verify that with:-

mint-pc~#ls -l /etc/apache2/mods-enabled/jk.load (Should show like below line)

lrwxrwxrwx 1 root root 25 2009-08-12 14:18 /etc/apache2/mods-enabled/jk.load -> ../mods-available/jk.load

In case the module is missing from the monds-enabled directory, enable it with:

mint-pc~#a2enmod jk

Run this command on terminal:-

mint-pc~#grep -r JkWorkersFile /etc/apache2 (Default workers.properties file path)

/etc/apache2/mods-available/jk.conf: JkWorkersFile /etc/libapache2-mod-jk/workers.properties

Put Below mentioned text in workers.properties file.
# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
worker.worker1.lbfactor=50
worker.worker1.cachesize=10
worker.worker1.cache_timeout=600
worker.worker1.socket_keepalive=1
worker.worker1.socket_timeout=300

A file called /etc/apache2/mods-available/jk.conf (Should have below text)
# Where to find workers.properties
JkWorkersFile /etc/libapache2-mod-jk/workers.properties
# Where to put jk logs
JkLogFile /var/log/apache2/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel info

The only thing to do is to specify which URL paths should be redirected to mod_jk.
I added these lines to /etc/apache2/sites-enabled/000-default.conf within the <VirtualHost></VirtualHost> tags:

# Send everything for context /examples to worker named worker1 (ajp13)
JkMount /* worker1

Finally restart apache2:-

mint-pc~#/etc/init.d/apache2 restart

Tested in Firefox and Chrome working:-
http://localhost/sample/
http://localhost:8080/sample/

Create a SSL Certificate on Apache for Ubuntu 14.04

mint-pc~#apt-get update

mint-pc~#apt-get install apache2

Activate the SSL Module:-

mint-pc~#a2enmod ssl

mint-pc~#service apache2 restart

Create a Self-Signed SSL Certificate:-

mint-pc~#mkdir /etc/apache2/ssl

Now that we have a location to place our key and certificate, we can create them both in one step by typing:

mint-pc~#openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

Hit “ENTER”, you will be asked a number of questions:-
The questions portion looks something like this:
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:U.P.
Locality Name (eg, city) []:Noida
Organization Name (eg, company) [Internet Widgits Pty Ltd]:SW-AT
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:www.curowin.com
Email Address []:admin@sw-at.com

The key and certificate will be created and placed in your /etc/apache2/ssl directory:-

Configure Apache to Use SSL:-

mint-pc~#gedit /etc/apache2/sites-available/000-default.conf

<VirtualHost *:443>
#ServerName www.example.com

ServerAdmin webmaster@localhost
ServerName 127.0.0.1:443 #(or your domain name:443)
DocumentRoot /var/www/html

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

#Send everything for context /examples to worker named worker1 (ajp13)
JkMount /* worker1

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key

</VirtualHost>
#vim: syntax=apache ts=4 sw=4 sts=4 sr noet


mint-pc~#service apache2 restart

https://localhost/sample/

Extend and Remove the Logical Volume (LVM)

Tuesday, February 12th, 2013

Advantage of LVM is that we can Extend Reduce or Remove volumes any time.

Extend logical volume:-

Here we extend 500MB in Logical Volume lv0

[root@localhost ~]#lvextend -L +500 /dev/vg0/lv0

Extending logical volume lv0 to 1.49 GiB
Logical volume lv0 successfully resized

[root@localhost ~]#resize2fs /dev/vg0/lv0

resize2fs 1.41.12 (17-May-2010)
Filesystem at /dev/vg0/lv0 is mounted on /lvm-disk; on-line resizing required
old desc_blocks = 1, new_desc_blocks = 1
Performing an on-line resize of /dev/vg0/lv0 to 390144 (4k) blocks.
The filesystem on /dev/vg0/lv0 is now 390144 blocks long.

Remove logical volume:-
Make sure the volume is unmounted and no data in logical volume:-

[root@localhost lvm-disk]# lvdisplay

— Logical volume —
LV Path /dev/vg0/lv0
LV Name lv0
VG Name vg0
LV UUID 5oGJ4c-In6O-gJsl-2bT1-QLNV-f5sw-wHwswe
LV Write Access read/write
LV Creation host, time localhost.localdomain, 2013-02-11 14:14:00 +0530
LV Status available
# open 0
LV Size 500.00 MiB
Current LE 125
Segments 1
Allocation inherit
Read ahead sectors auto
– currently set to 256
Block device 253:0

— Logical volume —
LV Path /dev/vg0/lv1
LV Name lv1
VG Name vg0
LV UUID 835410-RrAU-EMCK-qSL2-GsPC-3AR7-goalKl
LV Write Access read/write
LV Creation host, time localhost.localdomain, 2013-02-12 09:44:42 +0530
LV Status available
# open 0
LV Size 2.00 GiB
Current LE 512
Segments 1
Allocation inherit
Read ahead sectors auto
– currently set to 256
Block device 253:1

[root@localhost lvm-disk]# lvremove /dev/vg0/lv0

Do you really want to remove active logical volume lv0? [y/n]: y
Logical volume “lv0″ successfully removed

[root@localhost lvm-disk]# lvdisplay

— Logical volume —
LV Path /dev/vg0/lv1
LV Name lv1
VG Name vg0
LV UUID 835410-RrAU-EMCK-qSL2-GsPC-3AR7-goalKl
LV Write Access read/write
LV Creation host, time localhost.localdomain, 2013-02-12 09:44:42 +0530
LV Status available
# open 1
LV Size 2.00 GiB
Current LE 512
Segments 1
Allocation inherit
Read ahead sectors auto
– currently set to 256
Block device 253:1

Done…

Logical Volume Management Linux (LVM)

Monday, February 11th, 2013

To View All Existing Disk Partitions:-

[root@localhost ~]#fdisk -l

Disk /dev/sda: 80.0 GB, 80026361856 bytes
255 heads, 63 sectors/track, 9729 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0006e148

Device Boot Start End Blocks Id System
/dev/sda1 * 1 77 614400 83 Linux
Partition 1 does not end on cylinder boundary.
/dev/sda2 77 6451 51200000 83 Linux
/dev/sda3 6451 6834 3072000 82 Linux swap / Solaris

Note:- In this disk I have 20 GB disk space left as unallocated
Now Create a New Disk Partition with Specific Size:-

[root@localhost ~]#fdisk /dev/sda

Command (m for help): n
First cylinder (6834-8139, default 6834):
Using default value 6834
Last cylinder, +cylinders or +size{K,M,G} (6834-8139, default 8139): +10G

Note:-If you want to use up all available space after the initial sector, just press Enter.

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table. The new table will be used at
the next reboot or after you run partprobe(8) or kpartx(8)
Syncing disks.

Repeate above Steps for second partition.
Two partition of 10GB, 10GB is created, format it using the mkfs command

[root@localhost ~]#partprobe /dev/sda (Run Partprobe or Reboot the system)

Warning: WARNING: the kernel failed to re-read the partition table on /dev/sda (Device or resource busy). As a result, it may not reflect all of your changes until after reboot.

Formate the partitions /dev/sda5 and /dev/sda6 one by one:-

[root@localhost ~]#mkfs.ext4 /dev/sda5

mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
305824 inodes, 1222602 blocks
61130 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=1254096896
38 block groups
32768 blocks per group, 32768 fragments per group
8048 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 32 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.

Create Physical Volume by pvcreate command:-

[root@localhost ~]#pvcreate /dev/sda5 /dev/sda6

Writing physical volume data to disk “/dev/sda5″
Physical volume “/dev/sda5″ successfully created
Writing physical volume data to disk “/dev/sda6″
Physical volume “/dev/sda6″ successfully created

Create Volume Group by vgcreate command:-


[root@localhost ~]#vgcreate vg0 /dev/sda5 /dev/sda6

Volume group “vg0″ successfully created

[root@localhost ~]#vgdisplay

(Display Volume Group)
— Volume group —
VG Name vg0
System ID
Format lvm2
Metadata Areas 2
Metadata Sequence No 1
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 0
Open LV 0
Max PV 0
Cur PV 2
Act PV 2
VG Size 18.64 GiB
PE Size 4.00 MiB
Total PE 4772
Alloc PE / Size 0 / 0
Free PE / Size 4772 / 18.64 GiB
VG UUID uKm3bZ-2uHb-0DJe-hur5-vbm3-pI8O-L2kL10

Create Logical Volume by lvcreate command:-

[root@localhost ~]#lvcreate -L 1024MB -n /dev/vg0/lv0

Logical volume “lv0″ created

[root@localhost ~]#lvdisplay    (Display Logical Volume)

— Logical volume —
LV Path /dev/vg0/lv0
LV Name lv0
VG Name vg0
LV UUID 5oGJ4c-In6O-gJsl-2bT1-QLNV-f5sw-wHwswe
LV Write Access read/write
LV Creation host, time localhost.localdomain, 2013-02-11 14:14:00 +0530
LV Status available
# open 0
LV Size 1.00 GiB
Current LE 256
Segments 1
Allocation inherit
Read ahead sectors auto
– currently set to 256
Block device 253:0

Formate the Logical Volume by mkfs command:-

[root@localhost ~]#mkfs.ext4 /dev/vg0/lv0

mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
65536 inodes, 262144 blocks
13107 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=268435456
8 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376

Writing inode tables: done
Creating journal (8192 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 29 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.

Create a Directory and mount the LVM Partiotion:-

[root@localhost ~]#mkdir /lvm-disk
[root@localhost ~]#mount /dev/vg0/lv0 /lvm-disk

Enter fstab entry for permanent mount:-

[root@localhost ~]#vi /etc/fstab

/dev/vg0/lv0 /lvm-disk ext4 defaults 0 0

[root@localhost ~]#df -h

Filesystem Size Used Avail Use% Mounted on
/dev/sda2 49G 2.7G 45G 6% /
tmpfs 939M 88K 939M 1% /dev/shm
/dev/sda1 591M 90M 472M 16% /boot
/dev/mapper/vg0-lv0 1008M 34M 924M 4% /lvm-disk

NFS Server Setup on Ubuntu server and Desktop

Friday, December 28th, 2012

Server side Configuration–

root@server-desktop:~#apt-get install nfs-kernel-server portmap nfs-common nfswatch

 

root@server-desktop:~#mkdir /srv/nfs

 

root@server-desktop:~#chown nobody:nogroup /srv/nfs/

 

root@server-desktop:~#vi /etc/exports

#ADD BELOW LINES IN exports FILE save and exit.(Ip address of the server system)

/srv/nfs 172.17.0.20/255.255.0.0(rw,sync,no_subtree_check)

#Then Run this command on Terminal–


root@server-desktop:~#exportfs -a

#Then restart nfs and portmap services


root@server-desktop:~#/etc/init.d/nfs-kernel-server restart

* Stopping NFS kernel daemon [ OK ]

* Unexporting directories for NFS kernel daemon… [ OK ]

* Exporting directories for NFS kernel daemon… [ OK ]

* Starting NFS kernel daemon [ OK ]


root@server-desktop:~#/etc/init.d/portmap restart

Rather than invoking init scripts through /etc/init.d, use the service(8)

utility, e.g. service portmap restart

Since the script you are attempting to invoke has been converted to an

Upstart job, you may also use the stop(8) and then start(8) utilities,

e.g. stop portmap ; start portmap. The restart(8) utility is also available.

portmap stop/waiting

portmap start/running, process 3784

#To check nfs folder run showmount command–


root@server-desktop:~#showmount -e

#Above command show nfs folder–

Export list for server-desktop:

/srv/nfs 172.17.0.20/255.255.0.0

Ubuntu Client side Configuration–


root@desktop:~#apt-get install nfs-common portmap

#Now make a folder in /mnt.


root@desktop:~#mkdir /mnt/nfs

 


root@desktop:~#mount 172.17.0.20:/srv/nfs /mnt/nfs

#Below command will show all mounted folders.


root@desktop:~#df -h

Fedora 17 Client side Configuration–


[root@administrator ~]#yum -y install nfs-utils

Loaded plugins: fastestmirror, langpacks, presto, refresh-packagekit

Loading mirror speeds from cached hostfile

* fedora: mirror.cse.iitk.ac.in

* rpmfusion-free: mirror.cse.iitk.ac.in

* rpmfusion-free-updates: mirror.cse.iitk.ac.in

* rpmfusion-nonfree: mirror.cse.iitk.ac.in

* rpmfusion-nonfree-updates: mirror.cse.iitk.ac.in

* updates: mirrors.ustc.edu.cn

Resolving Dependencies

–> Running transaction check

—> Package nfs-utils.i686 1:1.2.6-6.fc17 will be installed

–> Processing Dependency: quota for package: 1:nfs-utils-1.2.6-6.fc17.i686

–> Processing Dependency: libnfsidmap.so.0 for package: 1:nfs-utils-1.2.6-6.fc17.i686

–> Processing Dependency: libnfsidmap for package: 1:nfs-utils-1.2.6-6.fc17.i686

–> Running transaction check

—> Package libnfsidmap.i686 0:0.25-3.fc17 will be installed

—> Package quota.i686 1:4.00-5.fc17 will be installed

–> Processing Dependency: quota-nls = 1:4.00-5.fc17 for package: 1:quota-4.00-5.fc17.i686

–> Running transaction check

—> Package quota-nls.noarch 1:4.00-5.fc17 will be installed

–> Finished Dependency Resolution

Dependencies Resolved

=========================================================================

Package Arch Version Repository Size

=========================================================================

Installing:

nfs-utils i686 1:1.2.6-6.fc17 updates 319 k

Installing for dependencies:

libnfsidmap i686 0.25-3.fc17 updates 33 k

quota i686 1:4.00-5.fc17 updates 162 k

quota-nls noarch 1:4.00-5.fc17 updates 74 k

Transaction Summary

=========================================================================

Install 1 Package (+3 Dependent packages)

Total download size: 588 k

Installed size: 2.0 M

Downloading Packages:

(1/4): libnfsidmap-0.25-3.fc17.i686.rpm | 33 kB 00:01

(2/4): nfs-utils-1.2.6-6.fc17.i686.rpm | 319 kB 00:01

(3/4): quota-4.00-5.fc17.i686.rpm | 162 kB 00:02

(4/4): quota-nls-4.00-5.fc17.noarch.rpm | 74 kB 00:01

——————————————————————————–

Total 83 kB/s | 588 kB 00:07

Running Transaction Check

Running Transaction Test

Transaction Test Succeeded

Running Transaction

Installing : 1:quota-nls-4.00-5.fc17.noarch 1/4

Installing : 1:quota-4.00-5.fc17.i686 2/4

Installing : libnfsidmap-0.25-3.fc17.i686 3/4

Installing : 1:nfs-utils-1.2.6-6.fc17.i686 4/4

Verifying : libnfsidmap-0.25-3.fc17.i686 1/4

Verifying : 1:nfs-utils-1.2.6-6.fc17.i686 2/4

Verifying : 1:quota-4.00-5.fc17.i686 3/4

Verifying : 1:quota-nls-4.00-5.fc17.noarch 4/4

Installed:

nfs-utils.i686 1:1.2.6-6.fc17

Dependency Installed:

libnfsidmap.i686 0:0.25-3.fc17

quota.i686 1:4.00-5.fc17

quota-nls.noarch 1:4.00-5.fc17

Complete!


[root@administrator ~]#mount 172.17.0.20:/srv/nfs /mnt/nfs

Enabling the NFS client on Windows 7 Ultimate/Enterprises system:

  1. Select Control Panel.
  2. Select Programs.
  3. Select Programs and Features.
  4. Select Turn Windows Features on or off.
  5. Select Services for NFS.
  6. Select the check box Client for NFS and click OK.

Run Below Command On Command Prompt:-

mount -o //172.17.0.20:/srv/nfs z:

Dia Diagram Editor

Wednesday, February 1st, 2012

The Dia Diagram Editor is very good Microsoft Visio alternative, it can be used to draw different types of diagrams, includes support for UML static structure diagrams (class diagrams), entity relationship modeling, and network diagrams.  It has special objects which let you draw many types of diagrams.

Install Dia Editor in Ubuntu, open the terminal and run the following command.

[root@ubuntu ~]#sudo apt-get install dia

Install Dia Editor in Fedora, open the terminal and run the following command.

[root@fedora16 ~]#yum install dia

Installing Alfresco 4.0.C on Ubuntu Server 11.10 (32bit)

Monday, January 23rd, 2012

Alfresco is the open source Enterprise Content Management (ECM), alternate to Microsoft Sharepoint, providing Document Management, Collaboration, Records Management, Knowledge Management, Web Content Management, and Imaging.

You need to login as root or run the commands below as sudo.

Ensure that you have latest version of linux packages.

root@ubuntu:~#apt-get update
root@ubuntu:~#apt-get upgrade

Create an installation directory for Alfresco:

root@ubuntu:~#mkdir /opt/alfresco40c

Alfresco runs in a Java Servlet container/J2EE server. In this guide we will use Tomcat, which is one of the most popular Servlet container. Servlet container requires a Java VM. We begin with installing Java.

Installing Java
Download JDK in /opt directory and run the installation:

root@ubuntu:~#cd /opt/
root@ubuntu:/opt#wget http://download.oracle.com/otn-pub/java/jdk/6u30-b12/jdk-6u30-linux-i586.bin
root@ubuntu:/opt#chmod a+x jdk-6u30-linux-i586.bin
root@ubuntu:/opt#./jdk-6u30-linux-i586.bin

Installation crates a new directory called jdk1.6.0_30.
Rename jdk1.6.0_30 folder to java.

root@ubuntu:/opt#mv jdk1.6.0_30/ java

Now set JAVA_HOME environment variable in /etc/profile to do so:

root@ubuntu:~#vi /etc/profile

Insert below code in the end of the profile file and Restart the server:

export JAVA_HOME=/opt/java/
export PATH=$JAVA_HOME/bin:$PATH
export CLASSPATH=$JAVA_HOME/lib:$CLASSPATH

Verify the Java installation, responds with something like below result:

root@ubuntu:~#java -version

java version “1.6.0_30″
Java(TM) SE Runtime Environment (build 1.6.0_30-b12)
Java HotSpot(TM) Client VM (build 20.5-b03, mixed mode, sharing)

MySQL Installation

root@ubuntu:~#apt-get install mysql-server mysql-client

Remember the root password you set when you install the mysql-server.You will need it later on.

Verify the MySQL installation:

root@ubuntu:~#mysql -u root -p

Something like following must be diplayed on the terminal:

Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 45
Server version: 5.1.58-1ubuntu1 (Ubuntu)
Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL v2 license
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

mysql>show databases;

MySQL responds with:
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
+--------------------+
2 rows in set (0.05 sec)
mysql>exit

ImageMagick, SWFTools, FFMpeg and LiberOffice
ImageMagick is used to convert and scale images. FFMpeg is needed if you store video in your repository and want to use the audio video player plugin for Alfresco Share.

root@ubuntu:~#apt-get install imagemagick ffmpeg liberoffice

Verify the installation.

root@ubuntu:~#whereis convert

convert: /usr/bin/convert /usr/share/man/man1/convert.1.gz

root@ubuntu:~#whereis ffmpeg

ffmpeg: /usr/bin/ffmpeg /usr/share/ffmpeg /usr/share/man/man1/ffmpeg.1.gz

root@ubuntu:~#whereis soffice.bin

soffice: /usr/bin/soffice

SWFTools is used to create flash from pdf documents, to allow previews of documents in Share. This tool does not exist in the 32bit repositories of Ubuntu 11.10. Download older 32bit version of this tool and dependency libart-2.0-2 2.3.20-2 from https://launchpad.net/ubuntu/lucid/i386/swftools/0.9.0-0ubuntu1.

root@ubuntu:~#wget http://launchpadlibrarian.net/14367554/libart-2.0-2_2.3.20-2_i386.deb
root@ubuntu:~#wget http://launchpadlibrarian.net/27270379/swftools_0.9.0-0ubuntu1_i386.deb

Give execute permission and install both .deb packages.

root@ubuntu:~#chmod a+x libart-2.0-2_2.3.20-2_i386.deb
root@ubuntu:~#chmod a+x swftools_0.9.0-0ubuntu1_i386.deb
root@ubuntu:~#dpkg -i libart-2.0-2_2.3.20-2_i386.deb
root@ubuntu:~#dpkg -i swftools_0.9.0-0ubuntu1_i386.deb

Verify the correct installation.

root@ubuntu:~#whereis pdf2swf

pdf2swf: /usr/bin/pdf2swf /usr/share/man/man1/pdf2swf.1.gz

Tomcat Installation.

Download the Tomcat 6 from http://tomcat.apache.org/download-60.cgi and unpack Tomcat.

root@ubuntu:~#cd /opt/
root@ubuntu:/opt#wget http://mirror.nyi.net/apache/tomcat/tomcat-6/v6.0.35/bin/apache-tomcat-6.0.35.tar.gz

Give Execute Permission and Extract.

root@ubuntu:/opt#chmod a+x apache-tomcat-6.0.35.tar.gz
root@ubuntu:/opt#tar -xvf apache-tomcat-6.0.35.tar.gz

Rename apache-tomcat-6.0.35 to tomcat, and move it to where it should.

root@ubuntu:/opt#mv apache-tomcat-6.0.35 /opt/alfresco40c/tomcat

Verify, Tomcat is installed correctly, let’s start Tomcat.

root@ubuntu:/opt#cd /opt/alfresco40c/tomcat/bin
root@ubuntu:/opt/alfresco40c/tomcat/bin#./startup.sh

Using CATALINA_BASE: /opt/alfresco40c/tomcat
Using CATALINA_HOME: /opt/alfresco40c/tomcat
Using CATALINA_TMPDIR: /opt/alfresco40c/tomcat/temp
Using JRE_HOME: /opt/java/
Using CLASSPATH: /opt/alfresco40c/tomcat/bin/bootstrap.jar

And check a process that running contains ‘java’ in its signature.

root@ubuntu1:/opt/alfresco40c/tomcat/bin#ps -ef |grep java

root 7156 1 2 12:12 pts/0 00:00:02 /opt/java//bin/java
-Djava.util.logging.config.file=/opt/alfresco40c/tomcat/conf/logging.properties
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
-Djava.endorsed.dirs=/opt/alfresco40c/tomcat/endorsed -classpath
/opt/alfresco40c/tomcat/bin/bootstrap.jar
-Dcatalina.base=/opt/alfresco40c/tomcat
-Dcatalina.home=/opt/alfresco40c/tomcat
-Djava.io.tmpdir=/opt/alfresco40c/tomcat/temp
org.apache.catalina.startup.Bootstrap start

root 7174 908 0 12:14 pts/0 00:00:00 grep –color=auto java

Done, that works. Now,  shutdown Tomcat.

root@ubuntu:/opt/alfresco40c/tomcat/bin#./shutdown.sh

Using CATALINA_BASE: /opt/alfresco40c/tomcat
Using CATALINA_HOME: /opt/alfresco40c/tomcat
Using CATALINA_TMPDIR: /opt/alfresco40c/tomcat/temp
Using JRE_HOME: /opt/java/
Using CLASSPATH: /opt/alfresco40c/tomcat/bin/bootstrap.jar

Verify.

root@ubuntu:~#ps -ef | grep java

root 7201 908 0 12:21 pts/0 00:00:00 grep –color=auto java

There is no process running that contains ‘java’ Good.

Add additional folders for use with Alfresco.

root@ubuntu:~#mkdir /opt/alfresco40c/tomcat/shared
root@ubuntu:~#mkdir /opt/alfresco40c/tomcat/shared/classes
root@ubuntu:~#mkdir /opt/alfresco40c/tomcat/shared/lib
root@ubuntu:~#mkdir /opt/alfresco40c/tomcat/endorsed

Edit Tomcat’s catalina.properties to tell Tomcat to actually use the added directories under ‘tomcat/shared’.

root@ubuntu:~#vi /opt/alfresco40c/tomcat/conf/catalina.properties

Change the value of the shared.loader=property to the following:

shared.loader=${catalina.base}/shared/classes,${catalina.base}/shared/lib/*.jar

Save and Exit.
By default,Tomcat uses ISO-8859-1 character encoding when decoding URLs that are received from a browser. This may cause problems when creating, uploading, and renaming files with international characters. Edit the server.xml file.

root@ubuntu:~#vi /opt/alfresco40c/tomcat/conf/server.xml

Locate the Connector section, and then add the URIEncoding=”UTF-8″ property.

<Connector port="8080" protocol="HTTP/1.1" URIEncoding="UTF-8"
connectionTimeout="20000" redirectPort="8443" >

Save and Exit.
Download the JDBC driver belonging to MySQL instance. http://www.mysql.com/downloads/connector/j/

Give Execute Permission and Extract the archive.

root@ubuntu:~#chmod a+x mysql-connector-java-5.1.18.tar.gz
root@ubuntu:~#tar -xvf mysql-connector-java-5.1.18.tar.gz

Copy the driver to Tomcat.

root@ubuntu:~#cp mysql-connector-java-5.1.18/mysql-connector-java-5.1.18-bin.jar /opt/alfresco40c/tomcat/lib

Download Alfresco Community Edition.
Download the Alfresco-community-4.0.c.zip from:https://process.alfresco.com/ccdl/?file=release/community/build-3979/alfresco-community-4.0.c.zip

root@ubuntu:~#wget http://dl.alfresco.com/release/community/build-3979/alfresco-community-4.0.c.zip

Give Execute Permission and Unzip the archive.

root@ubuntu:~#chmod a+x alfresco-community-4.0.c.zip
root@ubuntu:~#apt-get install unzip
root@ubuntu:~#unzip alfresco-community-4.0.c.zip

This will give you 3 folders; licenses, bin and web-server. Distribute as follows.

root@ubuntu:~#mv bin /opt/alfresco40c/
root@ubuntu:~#mv licenses /opt/alfresco40c/
root@ubuntu:~#mv web-server/endorsed/* /opt/alfresco40c/tomcat/endorsed
root@ubuntu:~#mv web-server/shared/* /opt/alfresco40c/tomcat/shared
root@ubuntu:~#mv web-server/lib/* /opt/alfresco40c/tomcat/lib
root@ubuntu:~#mv web-server/webapps/* /opt/alfresco40c/tomcat/webapps/

Create a folder to store database scripts.

root@ubuntu:~#mkdir /opt/alfresco40c/extras

Create the sql-script to create a database.

root@ubuntu:~#vi /opt/alfresco40c/extras/db_setup.sql

This file has the contents.

create database alfresco default character set utf8 collate utf8_bin;
grant all on alfresco.* to 'alfresco'@'localhost' identified by 'alfresco' with grant option;
grant all on alfresco.* to 'alfresco'@'localhost.localdomain' identified by 'alfresco' with grant option;

Create the sql-script to drop the database.

root@ubuntu:~#vi /opt/alfresco40c/extras/db_remove.sql

This file has the contents:

drop database alfresco;
revoke all privileges, grant option from 'alfresco'@'localhost';
drop user 'alfresco'@'localhost';
root@ubuntu:~#mysql -u root -p < /opt/alfresco40c/extras/db_setup.sql

You need your root password after executing above script.

Now Create a file to start Alfresco.

root@ubuntu:~#vi /opt/alfresco40c/alfresco.sh

Fill below code in alfresco.sh.

#!/bin/sh
# Start or stop Alfresco server
# Set the following to where Tomcat is installed
ALF_HOME=/opt/alfresco40c
cd "$ALF_HOME"
APPSERVER="${ALF_HOME}/tomcat"
export CATALINA_HOME="$APPSERVER"
# Set any default JVM values
#export JAVA_OPTS='-Xms512m -Xmx1024m -Xss1024k -XX:MaxPermSize=256m -XX:NewSize=256m -server'
export JAVA_OPTS='-Xms512m -Xmx768m -Xss768k -XX:MaxPermSize=256m -XX:NewSize=256m -server'
export JAVA_OPTS="${JAVA_OPTS} -Dalfresco.home=${ALF_HOME} -Dcom.sun.management.jmxremote"
#
if [ "$1" = "start" ]; then
"${APPSERVER}/bin/startup.sh"
# if [ -r ./virtual_start.sh ]; then
# sh ./virtual_start.sh
# fi
# if [ -r ./start_oo.sh ]; then
# sh ./start_oo.sh
# fi
elif [ "$1" = "stop" ]; then
"${APPSERVER}/bin/shutdown.sh"
# if [ -r ./virtual_start.sh ]; then
# sh ./virtual_stop.sh
# fi
# if [ -r ./start_oo.sh ]; then
# killall soffice.bin
# fi
fi

Give execute permission to the script.

root@ubuntu:~#chmod ug+x /opt/alfresco40c/alfresco.sh

Now we need valid alfresco-global.properties, we should be able to start and stop Alfresco.

root@ubuntu:~#cd /opt/alfresco40c
root@ubuntu1:/opt/alfresco40c#./alfresco.sh start

OR

root@ubuntu1:/opt/alfresco40c#./alfresco.sh stop

Check if your action was successful by validating if the process is running (or has stopped. Remind, stopping Alfresco might take a while).

root@ubuntu:~#ps -ef |grep java

root 7710 1 99 15:24 pts/0 00:02:37 /opt/java//bin/java
-Djava.util.logging.config.file=/opt/alfresco40c/tomcat/conf/logging.properties
-Xms512m -Xmx768m -Xss768k -XX:MaxPermSize=256m -XX:NewSize=256m -server
-Dalfresco.home=/opt/alfresco40c -Dcom.sun.management.jmxremote
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
-Djava.endorsed.dirs=/opt/alfresco40c/tomcat/endorsed -classpath
/opt/alfresco40c/tomcat/bin/bootstrap.jar -Dcatalina.base=/opt/alfresco40c/tomcat
-Dcatalina.home=/opt/alfresco40c/tomcat
-Djava.io.tmpdir=/opt/alfresco40c/tomcat/temp
org.apache.catalina.startup.Bootstrap start

root 7736 908 0 15:26 pts/0 00:00:00 grep –color=auto java

Alfresco-global.properties

alfresco-global.properties may look like store in tomcat/shared/classes/alfresco-global.properties.

root@ubuntu:~#vi /opt/alfresco40c/tomcat/shared/classes/alfresco-global.properties

This file has the contents.

###############################
 Common Alfresco Properties
###############################
 #
 # Sample custom content and index data location
 #
 dir.root=/opt/alfresco40c/alf_data
 #
 # Sample database connection properties
 #
 db.name=alfresco
 db.username=alfresco
 db.password=alfresco
 db.host=localhost
 db.port=3306
 #
 # External locations
 #-------------
 ooo.exe=/usr/bin/soffice
 ooo.enabled=true
 jodconverter.officeHome=/usr/lib/libreoffice
 jodconverter.portNumbers=8101
 jodconverter.enabled=true
 img.root=/usr
 swf.exe=/usr/bin/pdf2swf
 ffmpeg.exe=/usr/bin/ffmpeg
 #
 # Property to control whether schema updates are performed automatically.
 # Updates must be enabled during upgrades as, apart from the static upgrade scripts,
 # there are also auto-generated update scripts that will need to be executed. After
 # upgrading to a new version, this can be disabled.
 #
 db.schema.update=true
 #
 # MySQL connection
 #
 db.driver=org.gjt.mm.mysql.Driver
 db.url=jdbc:mysql://${db.host}:${db.port}/${db.name}
 #db.driver=org.gjt.mm.mysql.Driver
 #db.url=jdbc:mysql://localhost/alfresco340?useUnicode=yes& amp;characterEncoding=UTF-8
 # ALTER DATABASE alfresco SET ALLOW_SNAPSHOT_ISOLATION ON;
 #
 #db.driver=net.sourceforge.jtds.jdbc.Driver
 #db.url=jdbc:jtds:sqlserver://localhost:1433/alfresco
 #db.txn.isolation=4096
 #PostgreSQL connection (requires postgresql-8.2-504.jdbc3.jar or equivalent)
 #db.driver=org.postgresql.Driver
 #db.url=jdbc:postgresql://localhost:5432/alfresco

 # Index Recovery Mode
 #-------------
 index.recovery.mode=AUTO

 # Outbound Email Configuration
 #-------------
 #mail.host=
 #mail.port=25
 #mail.username=anonymous
 #mail.password=
 #mail.encoding=UTF-8
 #mail.from.default=alfresco@alfresco.org
 #mail.smtp.auth=false
 #
 # Alfresco Email Service and Email Server
 #-------------
 # Enable/Disable the inbound email service. The service could be used by processes other than
 # the Email Server (e.g. direct RMI access) so this flag is independent of the Email Service.
 #-------------
 #email.inbound.enabled=true
 # Email Server properties
 #-------------
 #email.server.enabled=true
 #email.server.port=25
 #email.server.domain=alfresco.com
 #email.inbound.unknownUser=anonymous
 # A comma separated list of email REGEX patterns of allowed senders.
 # If there are any values in the list then all sender email addresses
 # must match. For example:
 # .*@alfresco.com, .*@alfresco.org
 # Allow anyone:
 #-------------
 #email.server.allowed.senders=.*
 #
 # The default authentication chain
 # To configure external authentication subsystems see:
 # http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems
 #-------------
 authentication.chain=alfrescoNtlm1:alfrescoNtlm
 # The password for the default principal (only used for LDAP sync)
 #ldap.synchronization.java.naming.security.credentials=secret
 #
 # URL Generation Parameters (The ${localname} token is replaced by the local server name)
 #-------------
 #alfresco.context=alfresco
 #alfresco.host=${localname}
 #alfresco.port=8080
 #alfresco.protocol=http
 #
 #share.context=share
 #share.host=${localname}
 #share.port=8080
 #share.protocol=http
 cifs.enabled=true
 ftp.enabled=true
 cifs.serverName=${localname}
 cifs.hostannounce=true
 imap.server.enabled=false
 #imap.server.port=143
 #imap.server.host=
 # Default value of alfresco.rmi.services.host is 0.0.0.0 which means 'listen on all adapters'.
 # This allows connections to JMX both remotely and locally.
 #
 alfresco.rmi.services.host=0.0.0.0
 #
 # RMI service ports for the individual services.
 # These seven services are available remotely.
 # Assign individual ports for each service for best performance
 # or run several services on the same port. You can even run everything on 50500 if needed.
 # Select 0 to use a random unused port.
 #avm.rmi.service.port=50501
 #avmsync.rmi.service.port=50502
 #attribute.rmi.service.port=50503
 #authentication.rmi.service.port=50504
 #repo.rmi.service.port=50505
 #action.rmi.service.port=50506
 #wcm-deployment-receiver.rmi.service.port=50507
 #monitor.rmi.service.port=50508

Stop and start Alfresco:

root@ubuntu1:/opt/alfresco40c#./alfresco.sh stop
root@ubuntu1:/opt/alfresco40c#./alfresco.sh start

Now, It’s Time To Check alfresco and share pages in the browser.

http://your_ipaddress:8080/share
http://your_ipaddress:8080/alfresco

See, if your installation was successful!

Default Login Details For alfresco and share:-
Default username=admin
Default password=admin

Convert CRLF to LF line endings recursively

Friday, January 20th, 2012

dos2unix utility converts a file from dos to unix format, i.e replaces CRLF line endings to LF line endings.

This utility can be installed on any *nix environment using apt, yum, ports, etc.

To install on Mac:

sudo port -d selfupdate
sudo port install dos2unix

To install on Debian/Ubuntu/Mint:

apt-get install dos2unix

To run this utility recursively in a directory (excluding subdirectories) cd to the directory and then run following command:

find . -name *.* -exec dos2unix {} ;

To run this utility recursively (including subdirectories) cd to the directory and then run following command:

for file in `find . -type f`; do dos2unix $file $file; done

Dissecting Executable and Linking Format (ELF)

Friday, April 1st, 2011

ELF: Executable and Linking Format
ELF is a portable object file format defining the composition and organization of the object file. Kernel and binary loader looks at this format to know how to load this file and find various pieces of information like code, initialized data, dependencies on shared libraries etc.

Types of Object files

  1. Relocatable files – holds code and data suitable to link with other object files
  2. Executable files – suitable for execution
  3. Shared object files – holds code and data suitable to link with other relocatable object or shared objects
    Object files are created by the assembler and link editor, object files are binary representations of programs intended to execute directly on a processor. 

    File Format

    Object files participate in program linking (building a program) and program execution (running a program). For convenience and efficiency, the object file format provides parallel views of a file’s contents, reflecting the differing needs of these activities.

    • ELF Header: Holds the roadmap describing the file’s organization
      Sections: Holds code/instructions, data, symbol table, relocation information, etc.
    • Program header table: Holds information to create a process image.Program header table is an array of structures, each describing a segment or other information the system needs to prepare the program for execution. An object file segment contains one or more sections
    • Section Header table: Section is an area in the object file that contains information which is useful for linking: program’s code, program’s data (variables, array, string), relocation information and other. So, in each area, several information is grouped and it has a distinct meaning: code section only hold code, data section only holds initialized or non-initialized data, etc.
    • Segments: An object file segment contains one or more sections. Segements are of variuos types – loadable, dynamic, etc.

    Dissecting an ELF

    We will start with a small C program to dissect ELF.

    #include <stdio.h>
    #include <stdlib.h>
    
    int globalVariableAssigned = 10;
    int globalVariableUnassigned;
    
    int main(int argc, char **argv){
    	int localVariable = 100;
    	printf("ELF test Coden");
    	printf("globalVariableAssigned = %dn", globalVariableAssigned);
    	printf("globalVariableUnassigned = %dn", globalVariableUnassigned);
    	printf("localVariable = %dn", localVariable);
    	return EXIT_SUCCESS;
    }

    Compile the above program

    $ gcc -o elf.o elf.c

    Now we’ll use readelf to look into the object file elf.o in more detail.

    • Looking at the ELF Header
      $ readelf -h elf.o
      • ELF Header: Holds the roadmap describing the file’s organization
        Sections: Holds code/instructions, data, symbol table, relocation information, etc.
      • Program header table: Holds information to create a process image.Program header table is an array of structures, each describing a segment or other information the system needs to prepare the program for execution. An object file segment contains one or more sections
      • Section Header table: Section is an area in the object file that contains information which is useful for linking: program’s code, program’s data (variables, array, string), relocation information and other. So, in each area, several information is grouped and it has a distinct meaning: code section only hold code, data section only holds initialized or non-initialized data, etc.
      • Segments: An object file segment contains one or more sections. Segements are of variuos types – loadable, dynamic, etc.
        • The executable is created for Advanced Micro Devices X86-64 (Machine field)
        • The object is a relocatable object file (Type field)
        • The program has 25 sections
      • Looking at the ELF Header

        $ readelf -h elf.o

        Thue output is as follows on my 64 bit machine:

        ELF Header:
          Magic:   7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
          Class:                             ELF64
          Data:                              2's complement, little endian
          Version:                           1 (current)
          OS/ABI:                            UNIX - System V
          ABI Version:                       0
          Type:                              REL (Relocatable file)
          Machine:                           Advanced Micro Devices X86-64
          Version:                           0x1
          Entry point address:               0x0
          Start of program headers:          0 (bytes into file)
          Start of section headers:          22296 (bytes into file)
          Flags:                             0x0
          Size of this header:               64 (bytes)
          Size of program headers:           0 (bytes)
          Number of program headers:         0
          Size of section headers:           64 (bytes)
          Number of section headers:         25
          Section header string table index: 22

        Few interesting things that the header highlights:

      • Listing sections
        Below is the stripped out version of the output listing all 25 sections:

        Section Headers:
          [Nr] Name              Type             Flags  Link  Info  Align
          [ 0]                   NULL             	   0	 0     0
          [ 1] .text             PROGBITS         AX       0     0     4
          [ 2] .rela.text        RELA                     23     1     8
          [ 3] .data             PROGBITS         WA       0     0     4
          [ 4] .bss              NOBITS           WA       0     0     4
          [ 5] .debug_abbrev     PROGBITS                  0     0     1
          [ 6] .debug_info       PROGBITS                  0     0     1
          [ 7] .rela.debug_info  RELA                     23     6     8
          [ 8] .debug_line       PROGBITS                  0     0     1
          [ 9] .rela.debug_line  RELA                     23     8     8
          [10] .debug_macinfo    PROGBITS                  0     0     1
          [11] .rodata           PROGBITS         A       0     0     8
          [12] .debug_loc        PROGBITS                  0     0     1
          [13] .debug_pubnames   PROGBITS                  0     0     1
          [14] .rela.debug_pubna RELA                     23    13     8
          [15] .debug_aranges    PROGBITS                  0     0     1
          [16] .rela.debug_arang RELA                     23    15     8
          [17] .debug_str        PROGBITS         MS       0     0     1
          [18] .comment          PROGBITS         MS       0     0     1
          [19] .note.GNU-stack   PROGBITS                  0     0     1
          [20] .eh_frame         PROGBITS          A       0     0     8
          [21] .rela.eh_frame    RELA                     23    20     8
          [22] .shstrtab         STRTAB                    0     0     1
          [23] .symtab           SYMTAB                   24    17     8
          [24] .strtab           STRTAB                    0     0     1

        Most notable are:

        • “.text” which has a “X” or executable flag against it.
          To find out what is contained in this section we can take an object dump of this section

          $ objdump -d -j .text elf.o

          And the output is indeed the machine code of main() function. see partial output below:

          0000000000000000 <main>:
             0:	55                   	push   %rbp
             1:	48 89 e5             	mov    %rsp,%rbp
             4:	48 83 ec 20          	sub    $0x20,%rsp
             8:	89 7d ec             	mov    %edi,-0x14(%rbp)
             b:	48 89 75 e0          	mov    %rsi,-0x20(%rbp)
             f:	c7 45 fc 64 00 00 00 	movl   $0x64,-0x4(%rbp)
            16:	bf 00 00 00 00       	mov    $0x0,%edi
          ...
          ...
            66:	e8 00 00 00 00       	callq  6b <main+0x6b>
            6b:	b8 00 00 00 00       	mov    $0x0,%eax
            70:	c9                   	leaveq
            71:	c3                   	retq   
        • “.data” section hold all the initialized global variables inside the program that do not live inside the stack.
          To find out what is contained in this section we can take an object dump of this section

          $ objdump -d -j .data elf.o

          And output shows one assigned variable, which actually is variable globalVariableAssigned in the test program

          Disassembly of section .data:
          
          0000000000000000 <globalVariableAssigned>:
             0:	0a 00 00 00                                         ....
        • “.bss” – BSS (Block Started by Symbol) is a section where all unitialized variables are mapped. You can find out the content of this section using objdump. I am not going to to save some formatting on the blog. :)

SAMBA PDC SERVER ON UBUNTU 10.04

Friday, March 25th, 2011

Primary Domain Controller
First, install Samba,

[root@linux10 ~]#apt-get install samba

Configure Samba by editing /etc/samba/smb.conf.
My smb.conf file is shown below. Make changes according to your requirement.

[root@linux10 ~]#vi /etc/samba/smb.conf

#======================= Global Settings =======================

[global]

## Browsing/Identification ###

# Change this to the workgroup/NT-domain name your Samba server will part of
workgroup = TVIN

# server string is the equivalent of the NT Description field
server string = %h server (Samba, Ubuntu)

# Windows Internet Name Serving Support Section:
# WINS Support – Tells the NMBD component of Samba to enable its WINS Server
# wins support = no

# WINS Server – Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z

# This will prevent nmbd to search for NetBIOS names through DNS.
dns proxy = no

# What naming service and in what order should we use to resolve host names
# to IP addresses
; name resolve order = lmhosts host wins bcast

#### Networking ####

# The specific set of interfaces / networks to bind to
# This can be either the interface name or an IP address/netmask;
# interface names are normally preferred
; interfaces = 127.0.0.0/8 eth0

# Only bind to the named interfaces and/or networks; you must use the
# ‘interfaces’ option above to use this.
# It is recommended that you enable this feature if your Samba machine is
# not protected by a firewall or is a firewall itself. However, this
# option cannot handle dynamic or non-broadcast interfaces correctly.
; bind interfaces only = yes

#### Debugging/Accounting ####

# This tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/log.%m

# Cap the size of the individual log files (in KiB).
max log size = 1000

# If you want Samba to only log through syslog then set the following
# parameter to ‘yes’.
# syslog only = no

# We want Samba to log a minimum amount of information to syslog. Everything
# should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log
# through syslog you should set the following parameter to something higher.
syslog = 0

# Do something sensible when Samba crashes: mail the admin a backtrace
panic action = /usr/share/samba/panic-action %d

####### Authentication #######

# “security = user” is always a good idea. This will require a Unix account
# in this server for every user accessing the server. See
# /usr/share/doc/samba-doc/htmldocs/Samba3-HOWTO/ServerType.html
# in the samba-doc package for details.
security = user

# You may wish to use password encryption. See the section on
# ‘encrypt passwords’ in the smb.conf(5) manpage before enabling.
encrypt passwords = true

# If you are using encrypted passwords, Samba will need to know what
# password database type you are using.
passdb backend = tdbsam

obey pam restrictions = yes

# This boolean parameter controls whether Samba attempts to sync the Unix
# password with the SMB password when the encrypted SMB password in the
# passdb is changed.
unix password sync = yes

# For Unix password sync to work on a Debian GNU/Linux system, the following
# parameters must be set (thanks to Ian Kahan < for
# sending the correct chat script for the passwd program in Debian Sarge).
passwd program = /usr/bin/passwd %u
passwd chat = *Entersnews*spassword:* %nn *Retypesnews*spassword:* %nn *passwordsupdatedssuccessfully* .

# This boolean controls whether PAM will be used for password changes
# when requested by an SMB client instead of the program listed in
# ‘passwd program’. The default is ‘no’.
pam password change = yes

# This option controls how unsuccessful authentication attempts are mapped
# to anonymous connections
map to guest = bad user

########## Domains ###########

# Is this machine able to authenticate users. Both PDC and BDC
# must have this setting enabled. If you are the BDC you must
# change the ‘domain master’ setting to no
#
domain logons = yes
domain master = yes
local master = yes
preferred master = yes
os level = 64

#
# The following setting only takes effect if ‘domain logons’ is set
# It specifies the location of the user’s profile directory
# from the client point of view)
# The following required a [profiles] share to be setup on the
# samba server (see below)
; logon path = \%Nprofiles%U
# Another common choice is storing the profile in the user’s home directory
# (this is Samba’s default)
logon path = \%N%Uprofile

# The following setting only takes effect if ‘domain logons’ is set
# It specifies the location of a user’s home directory (from the client
# point of view)
logon drive = H:
logon home = \%N%U

# The following setting only takes effect if ‘domain logons’ is set
# It specifies the script to run during logon. The script must be stored
# in the [netlogon] share
# NOTE: Must be store in ‘DOS’ file format convention
; logon script = logon.cmd

# This allows Unix users to be created on the domain controller via the SAMR
# RPC pipe. The example command creates a user account with a disabled Unix
# password; please adapt to your needs
; add user script = /usr/sbin/adduser –quiet –disabled-password –gecos “” %u

# This allows machine accounts to be created on the domain controller via the
# SAMR RPC pipe.
# The following assumes a “machines” group exists on the system
add machine script = /usr/sbin/useradd -g machines -c “%u machine account” -d /var/lib/samba -s /bin/false %u

# This allows Unix groups to be created on the domain controller via the SAMR
# RPC pipe.
; add group script = /usr/sbin/addgroup –force-badname %g

########## Printing ##########

# If you want to automatically load your printer list rather
# than setting them up individually then you’ll need this
# load printers = yes

# lpr(ng) printing. You may wish to override the location of the
# printcap file
; printing = bsd
; printcap name = /etc/printcap

# CUPS printing. See also the cupsaddsmb(8) manpage in the
# cupsys-client package.
; printing = cups
; printcap name = cups

############ Misc ############

# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting
; include = /home/samba/etc/smb.conf.%m

# Most people will find that this option gives better performance.
# See smb.conf(5) and /usr/share/doc/samba-doc/htmldocs/Samba3-HOWTO/speed.html
# for details
# You may want to add the following on a Linux system:
# SO_RCVBUF=8192 SO_SNDBUF=8192
# socket options = TCP_NODELAY

# The following parameter is useful only if you have the linpopup package
# installed. The samba maintainer and the linpopup maintainer are
# working to ease installation and configuration of linpopup and samba.
; message command = /bin/sh -c ‘/usr/bin/linpopup “%f” “%m” %s; rm %s’ &

# Domain Master specifies Samba to be the Domain Master Browser. If this
# machine will be configured as a BDC (a secondary logon server), you
# must set this to ‘no'; otherwise, the default behavior is recommended.
# domain master = auto

# Some defaults for winbind (make sure you’re not using the ranges
# for something else.)
; idmap uid = 10000-20000
; idmap gid = 10000-20000
; template shell = /bin/bash

# The following was the default behaviour in sarge,
# but samba upstream reverted the default because it might induce
# performance issues in large organizations.
# See Debian bug #368251 for some of the consequences of *not*
# having this setting and smb.conf(5) for details.
; winbind enum groups = yes
; winbind enum users = yes

# Setup usershare options to enable non-root users to share folders
# with the net usershare command.

# Maximum number of usershare. 0 (default) means that usershare is disabled.
; usershare max shares = 100

# Allow users who’ve been granted usershare privileges to create
# public shares, not just authenticated ones
usershare allow guests = yes

#======================= Share Definitions =======================

# Un-comment the following (and tweak the other settings below to suit)
# to enable the default home directory shares. This will share each
# user’s home directory as \serverusername
[homes]
comment = Home Directories
browseable = no
writeable = yes

# By default, the home directories are exported read-only. Change the
# next parameter to ‘no’ if you want to be able to write to them.
; read only = yes

# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
; create mask = 0700

# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
; directory mask = 0700

# By default, \serverusername shares can be connected to by anyone
# with access to the samba server. Un-comment the following parameter
# to make sure that only “username” can connect to \serverusername
# This might need tweaking when using external authentication schemes
; valid users = %S

# Un-comment the following and create the netlogon directory for Domain Logons
# (you need to configure Samba to act as a domain controller too.)
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = yes
read only = yes
share modes = no

# Un-comment the following and create the profiles directory to store
# users profiles (see the “logon path” option above)
# (you need to configure Samba to act as a domain controller too.)
# The path below should be writable by all users so that their
# profile directory may be created the first time they log on
[profiles]
comment = Users profiles
path = /home/samba/profiles
guest ok = no
browseable = no
create mask = 0600
directory mask = 0700

[printers]
comment = All Printers
browseable = no
path = /var/spool/samba
printable = yes
guest ok = no
read only = yes
create mask = 0700

# Windows clients look for this share name as a source of downloadable
# printer drivers
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
# Uncomment to allow remote administration of Windows print drivers.
# You may need to replace ‘lpadmin’ with the name of the group your
# admin users are members of.
# Please note that you also need to set appropriate Unix permissions
# to the drivers directory for these users to have write rights in it
; write list = root, @lpadmin

# A sample share for sharing your CD-ROM with others.
;[cdrom]
; comment = Samba server’s CD-ROM
; read only = yes
; locking = no
; path = /cdrom
; guest ok = yes

# The next two parameters show how to auto-mount a CD-ROM when the
# cdrom share is accesed. For this to work /etc/fstab must contain
# an entry like this:
#
# /dev/scd0 /cdrom iso9660 defaults,noauto,ro,user 0 0
#
# The CD-ROM gets unmounted automatically after the connection to the
#
# If you don’t want to use auto-mounting/unmounting make sure the CD
# is mounted on /cdrom
#
; preexec = /bin/mount /cdrom
; postexec = /bin/umount /cdrom

Save the file.
Then create a group named machines.

[root@linux10 ~]#groupadd -g 201 machines

Create the netlogon directory for Domain Logons.

[root@linux10 ~]#mkdir -m 0775 /home/netlogon

Create the profiles directory to store users profiles.

[root@linux10 ~]#mkdir /home/samba /home/samba/profiles

Set permission on profiles directory.

[root@linux10 ~]#chmod 1757 /home/samba/profiles

Create users, passwords and smbpasswords.

[root@linux10 ~]#useradd -m tactical
[root@linux10 ~]#passwd tactical
[root@linux10 ~]#smbpasswd -a tactical
[root@linux10 ~]#useradd -m swat
[root@linux10 ~]#passwd swat
[root@linux10 ~]#smbpasswd -a swat

Set root password for samba authentication while matchine joininig the domain.

[root@linux10 ~]#smbpasswd -a root

Final Step to Restart Samba Service.

[root@linux10 ~]#service smbd restart
[root@linux10 ~]#service nmbd restart

Samba Primary Domain Controller is ready to accept client requests.
Joining a Windows machine to Samba PDC.
1.Right Click on Mycomputer.
2.Go to Properties select the Computer Name tab.
3.Click Change.
4.Click Domain radio button, enter the Domain name like TVIN, then click ok.
5.At the prompt, enter the user name root and root smbpassword and then click OK.
6.Click OK twice to return to the System Properties dialog box.
7.Click OK, and then click Yes to restart the computer.

Windows xp is ready to login with samba user and make sure you should use smbpassword while user login.

Process Address Space – Code, gvar, BSS, Heap & Stack

Wednesday, March 23rd, 2011

Almost all modern operating systems implement Memory Protection to protect access to a private address allocated to a process by other processes to avoid storage violation. this private space is called Process Address Space.

Process Address Space partitioned into various memory areas or segments based on the functional differences.

Text/Code Segment

This segment, also known as the code segment, holds the executable instructions of a program.

  • execute-only
  • fixed size

Data Segment

The data area contains global and static variables used by the process that are initialized. This segment can be further classified into initialized read-only area and initialized read-write area.

  • Gvar Section
    A global variable that is initialized and stored in the data segment. This section has read/write attributes but cannot be shared among processes running the same program.
  • BSS Section
    This section holds uninitialized data. This data consists of global variables that the system initializes with 0s upon program execution. Another name for this section is the zero-initialized data section.
  • Heap Section
    This is used to grow the linear address space of a process. When a program uses malloc() to obtain dynamic memory, this memory is placed in the heap.The heap area begins at the end of the BSS segment and “grows up” to larger addresses from there. The Heap area is shared by all shared libraries and dynamically loaded modules in a process.

    • read/write
    • variable size
    • dynamic allocation by request

Stack Segment

This contains all the local variables that get allocated. When a function is called, the local variables for that function are pushed onto the stack. As soon as a function ends, the variables associated with the function are popped from the stack. Other information, including return addresses and parameters, is also stored in the stack. The stack is a LIFO structure, typically located in the higher parts of memory. It usually “grows down” with every register, immediate value or stack frame being added to it.

  • read/write, variable size
  • automatic growth/shrinkage
  • © 2004-2015 Special Work & Technology Limited