Saturday, 3 September 2011

DreamPlug HTTP Proxy

It looks like OpenVPN doesn't work too well with the iPhone so I'm going to try configuring an HTTP proxy so I can watch BBC iPlayer via my DreamPlug.

Since I have a fair amount of package manipulation to do, first I'm going to install Synaptic so I can use its GUI to see what's already installed and what's available.  This is pretty straightforward - apt-get install synaptic does the job.  And since I logged into the DreamPlug from my MacBook Air using ssh -X root@ I now just need to run synaptic to get going.  Excellent!

Next up, install the HTTP proxy.  I'm going to use Squid 2.7, though 3.0 is also available.  We also need apache2-utils to get the htpasswd program.

Now cd to /etc/squid and run htpasswd -c passwd to create a password for .

Now edit squid.conf and add these lines:
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
acl auth_user proxy_auth REQUIRED
acl localnet src 192.168.8.0/24
http_access allow auth_user
http_access allow localnet
cache_dir null /tmp
cache deny all

And it works!
Posted by at No comments:

Tuesday, 30 August 2011

DreamPlug -- openVPN

I want to install openVPN on my DreamPlug so I can connect to the net from my iPhone over an open WiFi connection in a hotel without having to worry about eavesdroppers.  Step 1 is to install the package:

apt-get -u install openvpn

That seemed to work okay.  Wait for the edit to see what happened next...
Posted by at No comments:
Labels:

DreamPlug -- first encounter

I bought a DreamPlug plug computer from www.newit.co.uk back in May and finally got round to plugging it in over the weekend.  The plug boots Ubuntu 9.04 Jaunty Jackalope from an internal uSD card, and starts up a WiFi AP straight away - SSID is DreamPlug-uAP-nnnn where nnnn is the last 4 digits of the MAC address.  After connecting to this you can ssh to the machine and login as root with a password of nosoup4u, and you can point a web broswer at the IP address to see the Lighttpd web server.

Forums are found at www.newit.co.uk/forum.  One handy post highlights a configuration problem with the package repository for Jaunty, which Canonical have moved.  It is fixed as follows:

cat > /etc/apt/sources.list << EOF
deb http://old-releases.ubuntu.com/ubuntu/ jaunty main restricted universe multiverse
deb http://old-releases.ubuntu.com/ubuntu/ jaunty-updates main restricted universe multiverse
deb http://old-releases.ubuntu.com/ubuntu/ jaunty-security main restricted universe multiverse
EOF

apt-get update

I tried that and it seemed to work okay.  (Incidentally, the URL was previously http://ports.ubuntu.com/).  Now for the tricky bit - update all the packages.  Here we go...

apt-get -u upgrade
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages will be upgraded:
  bzip2 cron dhcp3-client dhcp3-common dpkg file gzip language-pack-en
  language-pack-en-base libbz2-1.0 libcurl3-gnutls libgnutls26 libkrb53
  libldap-2.4-2 libmagic1 libnewt0.52 libpam-modules libpam-runtime libpam0g
  libsasl2-2 libsasl2-modules libsqlite3-0 libssl0.9.8 libvolume-id1 libxcb1
  lsb-base lsb-release ntpdate openssl perl perl-base perl-modules sudo udev
  whiptail
35 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 17.4MB of archives.
After this operation, 1528kB of additional disk space will be used.
Do you want to continue [Y/n]? y

That worked too!  Now, what shall I do next?
Posted by at No comments:

Wednesday, 18 May 2011

Modifying the UNIX environment in MacOS X

I wanted to tweak PATH and a few other environment variables after installing some software on my Macbook Air which runs MacOS X 10.6 Snow Leopard.  Here's what I discovered:

The environment is set up by /etc/profile.  This does 2 things: first it calls /usr/libexec/path_helper to set up PATH; then it calls /etc/bashrc to set up other environment variables for the shell.

The path_helper script works by first reading /etc/paths to get the default path elements (the file contains one directory path per line) and then by reading the files in /etc/paths.d (which are in the same format).

In the end I went for something simpler and put all my settings in $HOME/.bash_profile.  You should use this in preference to $HOME/.bashrc for setting your default environment because the latter file is run every time a shell starts, making things like export PATH="$HOME/bin:$PATH" have an undesired effect.
Posted by at No comments:

Saturday, 8 May 2010

Ubuntu Netbook Edition with Classic Desktop

My Sony Vaio VPC W12S1E netbook has a 1366x768 pixel screen,  so while I need Ubuntu Netbook Edition (known as Remix prior to 10.4 Lucid Lynx) for the Intel Atom processor support, I really don't need the netbook-specific desktop.

In the early days of UNR there was an applet called Desktop Switcher which let you jump between Desktop and Classic modes.  This was broken in 9.10 Karmic Koala and you had to jump through several hoops to get Classic back.

I was expecting similar difficulties with 10.4 Lucid Lynx and messed around uninstalling the ubuntu-netbook package and its dependencies to get what I wanted.  Having got it working I re-read the bug report and noticed the comment right at the top which said that 10.4
will come with the ability to choose a UNR or regular session at the  login screen as opposed to doing the switch live
 Sure enough, in the Session menu at the bottom of the login screen, you can select Gnome, UNE or xterm.  Doh!
Posted by at No comments:

Sunday, 7 March 2010

Restore your Windows MBR with a Linux live-CD

Ooops.  I crunched the MBR on my laptop so it wouldn't boot into Windows any more.  In fact it wouldn't boot into anything else either!  Something went wrong with an Ubuntu installation and Grub ended up somewhat confused.  The fix was relatively straightforward, once I stopped chasing the suggestions about using ms-sys, which appears to have disappeared from recent Ubuntu distros.  Instead I did this:-
  • boot from Ubuntu 9.10 (Karmic Koala) live-CD
  • connect to internet
  • sudo apt-get install lilo
  • sudo lilo -M /dev/sda mbr
On reboot, the laptop went into Windows once again.  Phew!

Many thanks to the contributors to this discussion.
Posted by at No comments:

Saturday, 9 January 2010

Git Daemon - "who's been sitting on my port?"

Stuck in Germany this weekend by the snow back home, I went into work today (Saturday) to make up some lost time (already!) and get an extra day's billing (yay contracting!!)

I've been doing some work on our SUSE9 servers with the Git DVCS, and I've had no trouble setting up the daemon process which is needed to allow external users access to your shared repositories - just run git daemon --detach and you're pretty much done.

Today I wanted to do the same thing on a SUSE10 server.  I'd had to build Git from source for SUSE9, but the opensuse website provided a pre-built RPM for version 10, which saved some messing around.  Unfortunately it caused some more as well...

The problem I had was that git daemon would run okay on the server, but git clone on the client kept telling me that the remote had closed the connection.  Even plumbing commands like git ls-remote failed.  Very strange.

Rolling up my sleeves, telnet server 9418 showed me that something was listening to the default Git port, but what?

I thought I would get the answer using the netstat program.  I usually run this with the -r (--route) flag to look at the routing table when I'm trying to work out why computers won't talk to each other, but today I used -l (--listening), -t (--tcp) and -p (--program) on the server to see who was listening to which ports.  It was partially successful, because one line identified the local address as *:git, but it listed the program name as "-".  Great - I already knew something was listening to the Git port!  Though it was interesting that the name "git" was listed rather than the port number "9418" as this showed that something had updated /etc/services to list the port name (in hindsight I suspect the RPM installer did it).

Google came to my aid, locating this post about auditing open ports.  The author talked about the netstat command which I already knew about, but also mentioned lsof, which was new to me.  Although the name stands for "list open files" it also list ports that are being listened to.  Piping the output through grep soon showed me that xinetd was listening to the Git port.  QED.  But why?  I hadn't set it up (or so I thought).

On SUSE10, xinetd is initialised from /etc/xinetd.conf which in turn reads all the configuration files in the /etc/xinetd.d directory.  And what should be there but a file called git, telling xinetd to listen to port 9418 and launch the git daemon process to handle requests.  This file was dropped in place by the git-daemon RPM I'd downloaded earlier.  Gotcha!

Not surprisingly the configutation didn't match my needs as it used the --base-path flag to limit the daemon to serving repositories under the /srv/git directory, which didn't exist on my system.  A quick edit with vi to correct the path, followed by service xinetd restart to load the new config, and everything was working.  Job done.

One good thing to come out of this is that I've seen how easy it is to set up git-daemon to run from xinetd, so I'll be able to do this on the SUSE9 machines too rather than messing around with a cron job to start and monitor the process.  This will save me more time than I lost investigating the problem.
Posted by at No comments:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)