Pretty good Bacula How-To
Found this Bacula how to while browsing around. Enjoy.
My yammerings…
Found this Bacula how to while browsing around. Enjoy.
Sweet and Simple. Should be OK on CentOS 4, I’d imagine too.
The following will force SSL for ftp connections. Also, passive connections will be required as well.
1 – Add the following to your vsftpd.conf file:
pasv_address=192.168.1.1
pasv_min_port=40000
pasv_max_port=40100
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=NO
force_local_logins_ssl=YES
ssl_tlsv1=NO
ssl_sslv2=NO
ssl_sslv3=YES
rsa_cert_file=/etc/ssl/your_cert.pem
Restart vsftpd: service vsftpd restart
2 – If you have iptables setup on your box add the following to your /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -p TCP --dport 40000:40100 -j ACCEPT
Restart Iptables: service iptables restart
That should be it.
It was surprisingly easy to get the Airport card working. First download and install the firmware files in a deb package format from:
http://ubuntu.cafuego.net/dists/dapper-cafuego/bcm43xx/
It puts firmware files in /lib/firmware.
Next create a little script such as:
#!/bin/bash
interface=eth0 #interface of your wireless card
#Turning off wired network...
ifconfig eth1 down
modprobe bcm43xx
#Starting up wireless network...
ifconfig $interface up
iwconfig $interface essid MY_ESSID
iwconfig $interface mode managed
iwconfig $interface key off
dhclient $interface
You can also use the Network Settings tools to manage the wireless connection. A thread at Ubunt Forums, http://www.ubuntuforums.org/showthread.php?t=142727 was a good source of information.
I came upon the need to attempt data recovery on a broken Raid5 array. Long story short, my client had a server with no backup at a data center. At the DC, an electrician was working on the breakers, to which our clients rack is connected, and took down power multiple times, probably a slew of surges too! :-@ That’s another story. I did not have any commercial tools that would reconstruct a set of RAID5 images, so off I went a Googling. What I found was an interesting solution created by Edmundo Carmona and can be found at Free Software Magazine. I’m not going to go into details here, but it worked pretty well, although we could not get any data recovered, as the drives seemed to have been totally hosed by the power issues. We eventually did try commercial tools, which yielded the same results. Anyway, some may find tool useful, but I hope you don’t have a need for this.
A quick and dirty howto for CentOS 4.
yum update
krb5-server krb5-workstation
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = ADS.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
ADS.LOCAL = {
kdc = ads.local
admin_server = 192.168.0.1:749
default_domain = ads.local
}
[domain_realm]
.ads.local = ADS.LOCAL
ads.local = ADS.LOCAL
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
[global]
dns proxy = no
log file = /var/log/samba/%m.log
load printers = no
netbios name = Samba
server string = Samba Server
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
workgroup = ADS
realm = ADS.LOCAL
os level = 20
encrypt passwords = yes
security = ADS
preferred master = no
max log size = 50
disable spoolss = yes #Enabled if you will not server printers off this server
template shell = /bin/false
template homedir = /home/%D/%U
idmap uid = 10000-20000
idmap gid = 10000-20000
enhanced browsing = no
winbind use default domain = yes
Run testparm to make sure you do not have any typos or errors.
passwd: files winbind
group: files winbind
service smb restart
net ads join -U Administrator@ADS.LOCAL
service smb restart
service winbind start
wbinfo -u to see if user accounts on the 2003 Server are seen.net ads infoacl to the file system that will hold any directories shared by Samba. For example:
/dev/md2 / ext3 defaults,acl 1 1
mount -n -o remount,defaults,acl /chkconfig smb on
chkconfig winbind on
[Backups]
comment = Backups
wide links = no
writeable = yes
create mode = 644
path = /home/BACKUPSsetfacl -m u:"ADS\\Administrator":rwx /home/BACKUPS
getfacl /home/BACKUPS You should see something like the following:
getfacl /home/BACKUPS
getfacl: Removing leading '/' from absolute path names
# file: home/BACKUPS
# owner: foo
# group: foo
user::rwx
user:administrator:rwx
group::rwx
mask::rwx
other::rwx
Enter your AD server’s FQDN after the first server entry in ntp.conf
### Begin /etc/ntp.conf ###
restrict default nomodify notrap noquery
restrict 127.0.0.1
server 2003server.ads.local
server 1.pool.ntp.org
server 2.pool.ntp.org
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10
driftfile /var/lib/ntp/drift
broadcastdelay 0.008
keys /etc/ntp/keys
### END /etc/ntp.conf
—
List the three servers in /etc/ntp/step-tickers that are in /etc/ntp.conf.
### BEGIN /etc/ntp/step-tickers
2003server.ads.local
1.pool.ntp.org
2.pool.ntp.org
This will enable the Samba server to sync it’s time to the the AD server.
Powered by WordPress