Chris’ Blog

I am in the process of writing a guide detailing how it is possible to install Ubuntu 7.04 (yet to be released) on to a hard disc for a laptop or another computer without the use of any CDs or temporary partitions to hold to root partition while you encrypt what will be the root partition which most other guides demonstrate, this is fine if you want to keep the partition say for /home or something but my laptops hard drive is not big enough for that sort of segregation. I use debootstrap to install Ubuntu on the laptop hard disc mounted on another Ubuntu machine. My method has huge advantages, you don’t need to burn any CDs, its far quicker because it is more direct.

I will be tidying this up and possibly turning it into a automated script. I must admit this has not been easy no one guide has got it going it has taken multiple HOWTOs to inch every step of the way, but now I have it done I am happy, the gotchas were rather frustrating at time due to the difficulty of easily debugging the initial ram image when the machine is booting.

To get glxgears to display FPS with X.org versions greater than 7.0 you need to execute it with an under-documented parameter, either:

$ glxgears -iacknowledgethatthistoolisnotabenchmark

or

$ glxgears -printfps

will do.

I will be performing some administration tasks which will means killing the RAID array which serves most of my data, temporarily, so, expect evident breakage.

My two new bits of hardware for my server, one I will be using to record the television programmes I like to watch the other monitor what goes on in my room while I am away (stuff is disappearing!)

The PVR-150 took most of the day to configure, I almost had it done when it decided that it liked to be mute, that was solved after reading some additional instructions (it uses a different audio decoder.) If you want to find detailed instructions on the setup sorry, I am going to include links to what worked for me.

• PVR-150 Setup Guide - Solved the audio problem
• Firmware Drivers for Hauppage PVR’s
• ivtv Setup Guide - With some PVR-150 notes
• Ubuntu Edgy Setup Guide for ivtv - This does the proper Ubuntu/Debian way install

The Quickcam was installed using a non Debian packaged driver as it was the only thing that worked:

• http://home.mag.cx/messenger/

Well I was trying to play around with some groovy new features in OpenSSH, namely its ability to create a secure VPN connection between two points. Its a fairly new feature so howto’s are thin on the ground, anyway I was persisting to make it work. I had multiple remote sessions open up on my server and a few to my PC here at uni, and anyway. I wrote out a command to alter the routing tables to hopefully allow me to connect, it was totally wrong, but I sent it to the wrong machine, the remote one.

Pop …

… my server disappeared off the internet, I had told it to route all traffic bound for external addresses down the SSH tunnel which had also died. I managed to solve the problem by divulging my password and SSH keys to my brother at home who ran the appropriate command to fix the routing table.

I think I am just gonna stick with local port forwarding over SSH, I could really do with another host running at home. You learn the hard way I guess.

I spent a goodly while reconfiguring my email services on Friday and Saturday, then to find the script I wrote Saturday night went bye bye in the powercut I had all of Sunday Anyhow.

I know have this sorta layout for my incoming mail:

                       |--> Sieve Rules -->|
                       |                   |
Postfix (SMTP, MTA) => Dovecot Deliver (LDA) => Maildir (storage) => Dovecot (IMAP & IMAPs)

The new bit is the Sieve Rules and Dovecot Deliver as my LDA, the motivation behind this was my dependance on Thunderbird rules which are of course client side. So, when I read my mail in webmail it was not sorted for me Postfix’s LDA had to go and in came Dovecot’s which interfaced with sieve using some experimental code *quivers*. But it works and I am dead happy The script I mentioned was a walk around to a problem in the experimental code where the from address is not passed correctly to sendmail, my script fixes this (if anyone wants it post a comment).

I could not have accomplised this without help from the following resources:

• http://wiki.dovecot.org/LDA
• http://www.faqs.org/faqs/mail/addressing/ (todo)
• http://sieve.info/documents
• http://wiki.fastmail.fm/index.php/SieveExamples
• http://wiki.fastmail.fm/index.php/BasicSieve
• http://wiki.fastmail.fm/index.php/SieveFAQ
• http://wiki.fastmail.fm/index.php/AdvancedOptionInRules
• http://www.securityfocus.com/infocus/1593 (procmail)

Also dead handy for the SQL adjustments I made to my postfix table, also used the MySQL string reference a lot.

I use Firehol to firewall my server from the outside world, I have noticed packets being dropped coming in on correct ports. After a little investigation it turns out the netblocks these packets were coming from have recently been made available to registires, Firehol didn’t have an up to date list of the reserved ips and so was blocking these connections. On my debian system I modified the RESERVED_IPS variable to be as below, instead of the current value.

0.0.0.0/7 2.0.0.0/8 5.0.0.0/8 7.0.0.0/8 23.0.0.0/8 27.0.0.0/8 31.0.0.0/8 36.0.0.0/7 39.0.0.0/8 42.0.0.0/8 77.0.0.0/8 78.0.0.0/7 92.0.0.0/6 96.0.0.0/4 112.0.0.0/5 120.0.0.0/8 127.0.0.0/8 173.0.0.0/8 174.0.0.0/7 176.0.0.0/5 184.0.0.0/6 197.0.0.0/8 223.0.0.0/8 240.0.0.0/4

I installed mod_security on this server yesterday for a bit of extra umm security. Hopefully it made nothing go wonky, fingers crossed. Debian packages were supplied by: debian-unofficial.org and found using apt-get.org.

When I get a chance I am going to use these rules.

My blog is back, yes it was offline yesterday and much of Friday, this is because I took delivery of two new hard discs to create a nice shiney RAID-1 array for my piece of mind the geek factor. Well anyway I have rebuilt my server up slowly ensuring I don’t screw too much up and make any of the mistakes I made last time. I am slowly bringing services back online, it took me until 3AM yesterday to get Debian GNU/Linux installed, mainly due to my in experience with RAID and not knowing the best way to go about the partitioning. But anyway I did it! Then the initial RAID sync took a good 3 hours to complete! So I went to sleep, woke up this morning and got cracking. Got DNS up first so all my domain names would resolve, got some basic services like SSH installed and then proceeded to take a copy of the old HDD contents for reference and use of configuration files. Next came e-mail because e-mails destined for my Inbox were floating aimlessly around in cyberspace trying to get in only to be told that nobody was here. Got version control (SVN) restored next so my fellow developers could actually do something! Then around to the rest of my sites, which are sitll not fully transferred but I am getting there.

I still have a fair bit to do such as, UPS monitoring, administration web, my cron jobs, locking down the firewall, installing eAccelerator for PHP, plus various tweaks and adjustment that come to mind. Until the next time, which will be shortly, got two videos to post