What more could you want?
Web
Configuring Simple Virtual FTP Users in vsftpd using PAM
Jul 29th
This tutorial will set up a basic virtual user config for vsftpd on a RHEL5-based system. I recommend that you make backups of existing config files before implementing this solution, in case you need to revert. This allows virtual “guest” users to log in with individual usernames and passwords and have access to a base directory.
I suggest building the initial files in a directory of their own first, and the steps below outline copying the files into place.
Six simple steps:
Step 1: Create the virtual user database.
Create a text file with each username/password pair on two lines, i.e:
# cat /etc/logins.txt
username
password
username2
password2Then, use BerkleyDB to has the file, and change its permissions:
# db_load -T -t hash -f logins.txt /etc/vsftpd_login.db
# chmod 600 /etc/vsftpd_login.db
Step 2: Create a PAM file which uses your new database.
# cat > vsftpd.pam
auth required /lib/security/pam_userdb.so db=/etc/vsftpd_login
account required /lib/security/pam_userdb.so db=/etc/vsftpd_login# cp vsftpd.pam /etc/pam.d/vsftpd
Step 3: Set up the location of the files for the virtual users by creating a “wrapper user”.
# useradd -d /home/ftpsite virtual
Step 4: Create your vsftpd.conf config file.
# cat > vsftpd.virtusr.conf
anonymous_enable=NO
local_enable=YES
write_enable=NO # change to YES if you want uploads available
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
chroot_local_user=YES
guest_enable=YES
guest_username=virtual
listen=YES
listen_port=10021 # optional
pasv_min_port=30000 # optional
pasv_max_port=30999 # optional# cp /etc/vsftpd.conf /etc/vsftpd.conf.orig
# cp vsftpd.virtusr.conf /etc/vsftpd.conf
Step 5: Restart vsftpd.
# /etc/init.d/vsftpd restart
Step 6: Test. I think you can figure this one out on your own.
Hold on to the logins.txt file, and simply update it and rebuild the DB when you need to add a user. This allows several users access to the same directory and files. Only give access to people you trust.
/cs
Goosh.org – What more could you want?
Jun 4th
I have found search engine heaven in the form of Goosh.org.
Basically, it is a UNIX-shell-styled google page, that returns listings to the “standard output” of the page.
The beauty of it is that Google’s page has always been so simple and elegant, but Goosh takes these to the next level, making searching the web as easy as administering a Linux server, uh, sort of.
There are simple shell-like commands that you can use to manipulate the search in different ways:
web [keywords] – google web search (default if no command given)
images [keywords] – google images search
wiki [keywords] – Wikipedia search
news [keywords] – google news search
blogs [keywords] – google blog search
feeds [keywords] – google feed search
video [keywords] – google video search
place [keywords] – google maps search
translate [lang1] [lang2] <words> – goog
le translation
Those commands are modes, and you can use the “cd” command to change the default behaviour. So, if you need a translator, simply type:
cd translate
and you have a nice translator.
Other commands available include:
open <url> – open a URL in a new page
in (site) [keywords] – in-site searches
lucky [keywords] – the “Feelin’ Lucky” button
The best part, though, is this command:
addengine
This command adds Goosh to Firefox (or Icecat, in my case!) so that you can use it as your default search engine! A simple Ctrl-K will put me in the search box, and Alt-Enter opens the results in a new tab.
I think this will be a great addition to the Google Application Suite someday, kind of like a Crazy Uncle Ned or something!
/cs
Flash and Java plugins in Icecat
May 30th
So, I needed a flash and a java plugin for Icecat, once I got it installed.
On Ubuntu, installing the Flash player is easy:
$ sudo apt-get install flashplugin-nonfree
What’s not so easy is getting Icecat to use it.
I installed Icecat in /usr/local/src, and symlinked “icecat” to the actual directory. So, my Icecat plugins are in /usr/local/src/icecat/plugins. Here’s how I linked the flash plugin in:
$ cd /usr/local/src/icecat/plugins
$ ln -s /usr/lib/flashplugin-nonfree/libflashplayer.so libflashplayer.so
I did this while Icecat was running, and immediately had flash capability. I confirmed by typing “about:plugins” into the URL box.
For the Java plugin, I downloaded j2se 1.4 (which is EoL’d, by the way!!) from here:
http://java.sun.com/j2se/1.4.2/index.jsp
In much the same fashion, I cd’d to /usr/local/src, and moved the binary there. I ran this:
$ sudo sh j2re-1_4_2_18-linux-i586.bin
to extract the files. Then I ran the following commands:
$ sudo ln -s j2re1.4.2_18 java
$ cd /usr/local/src/icecat/plugins/
$ sudo ln -s /usr/local/src/java/plugin/i386/ns610-gcc32/libjavaplugin_oji.so libjavaplugin_oji.so
Keep in mind that this is for my previous icecat install. For firefox, the plugin will go in /usr/lib/firefox-3.0/plugins, and for Iceweasel on Debian, it will go in /usr/lib/iceweasel/plugins.
This was also done while Icecat was running, without issue. Now, I can surf Hulu and YouTube and play java applet games at work! Shh, don’t tell!
/cs
Need FF2 in Hardy? Try GNU’s IceCat.
Apr 18th
OK, so I have a special requirement for using Firefox 2. However, I run Hardy, and it has a default install of (i can’t believe it) the BETA version of Firefox 3.0b5. Golly.
So, I tried installing the firefox2 package from the Ubuntu repos, and had issues with some of the addons I use. I tried the “binary” tarball from the Firefox website. No go – it still wants to revert to FF3. As any seasoned Ubuntu user knows, don’t eff with Ubuntu. Going around making things work can sometimes cause problems with things, well, working.
After some research, I found IceCat.
IceCat is “the GNU version of the Firefox browser.” Basically, the GNU guys took Mozilla’s code, and compiled it without using the “proprietary” parts, meaning the Logo and the name, among other things.
So, I downloaded the IceCat tarball. I unpacked it, expecting it to whigh out on me, as the Firefox tarball did, and low and behold! Right there next to my FF3 window was IceCat 2.0.0.13, running at the same time!
I figured it had to be too good to be true, and went about installing my needed Firefox extensions. AND THEY WORKED! HooRAH!
So, needless to say, I’m sold on IceCat as a GREAT replacement/addendum to Firefox. Get it. Use it. Love it.
/cs
Superbugs and You
Apr 13th
So, I read an article that is both sensical and scary:
Flaming Mountainside: Breeding Internet Superbugs
I get a LOT of junk mail in my USPS mailbox in front of my house, and I pretty much ignore it, as long as it doesn’t look terribly important. It goes right into the trash.
I have to agree with vixie in the above article; the issue is not being solved, just pushed away.
In the Linux Admin world, currently, in order to have a mail server that will send to Yahoo! and AOL, among others, you already have to jump through plenty of hoops:
- Email DNS – Forward and reverse DNS entries for the IP and A record.
- SPF – Sender Policy Framework
- DomainKeys - By far, the worst, in my opinion.
These are just a few things to try, and still, the spam keeps flowing, because the spammer has a need to get his message through. I suppose I could try Spamassassin or Postini. Some companies even offer to manage the spam problem for you (and they do a pretty darn good job of it, too!).
As the old saying goes, “Necessity is the mother of invention.” Continuing to “fix” the spam issue will cause the number of spammers fluent in loopholes to exceed the number of hackers available to fix the problem.
All in all, how do we fix the spam issue? The same way we fix the junk mail issue: The delete key.
/cs