Monday, January 14, 2008

OLPC Laptop in Ubuntu 7.10

This tutorial covers information on how to emulate XO on a typical Linux environment. I will be using Ubuntu Gutsy (7.10) and qemu for emulation.

First we need to get qemu.

sudo apt-get install qemu
sudo apt-get install kqemu-source
Then we need to prepare the module for using accelerated layer qemu (kqemu)
sudo module-assistant prepare
sudo module assistant auto-install kqemu
We make the udev rules so it automatically loads the module. Create the file /etc/udev/rules.d/60-kqemu.rules and write:
KERNEL=="kqemu", NAME="%k", GROUP="kqemu", MODE="0660"
appending a new line.

Add a new group and a new user:
sudo addgroup --system kqemu
sudo adduser $USER kqemu
    Login and logout for changes to take effect and then reload the udev daemon:
    sudo /etc/init.d/udev reload.
    Load the kqemu module itself:
    sudo update-modules
    sudo modprobe kqemu
    Now, get the XO image from the olpc site:

    wget http://olpc.download.redhat.com/olpc/streams/development/
    LATEST-STABLE-BUILD/devel_ext3/
    olpc-redhat-stream-development-devel_ext3.img.bz2
    and unpack it:
    bunzip2 olpc-redhat-stream-development-devel_ext3.img.bz2
    Now make your ram partition bigger
    sudo umount /dev/shm
    sudo mount -t tmpfs -o size=528m none /dev/shm
    And run it:
    qemu -m 512 -hda olpc-redhat-stream-development-devel_ext3.img

    Saturday, October 20, 2007

    Python Scripting Tutorial, Part two

    Here is my second part of the hands on tutorial on basic python script. It works in an interactive mode just like adduser on a linux system, only
    it sets a very strong random password (using a little utility called pwgen - you can install it from /usr/ports/sysutils/pwgen2) for the user, gives you
    the ability of making a system user, a ftp user or both. My pure-ftpd is based on MySQL table auth. It also makes a public_html for the user and
    build a virtual host for the user. Check the script out because I think it is pretty straightforward. Tweak it a bit so you can use it as your own.
    On the next tutorial we'll the users a mail with the password and also add them to an LDAP directory.
    PS: I'm aware that some things could be done more easily by using hefty tricks, but hey, I aimed for easy understanding.



    #/usr/local/bin/python

    import os
    import getopt
    import sys
    import MySQLdb

    # Where should i write the vhost details?
    VHOSTS_CONFIG = "/usr/local/etc/apache22/extra/httpd-vhosts.conf"

    # Init the variables
    user_flag = -1
    ftp_flag = -1

    # MySQL authentification variables
    mysql_user = "user"
    mysql_pass = "password"
    mysql_host = "localhost"
    mysql_database = "pureftpd"

    # The usage() function that gets used when we call the script with the -h option
    def usage():
    print """
    Usage: sudo python create_python.py : create a user in the system.
    You can create a ftp user only, a system user or both.
    It also adds the corresponding vhost to the configuration and builds the
    home directory. If run with no arguments it will go into interactive mode.

    create_user.py [-h]

    -h print this help
    """

    # Parse the command line arguments
    # Basicly this looks for the -h argument only but could be
    # easily extended to something else

    o, a = getopt.getopt(sys.argv[1:], 'h')
    opts = {}
    for k,v in o:
    opts[k] = v
    if opts.has_key('-h'):
    usage();
    sys.exit(0)

    # Check to see if we're running as superuser
    uid = `os.getuid()`
    if uid != "0":
    print "You must be superuser in order to run this program"
    sys.exit(1)

    # Make a system user?
    user_input = raw_input("Do you want to add a system user [n/Y]: ")
    if user_input.lower() == "y":
    user_flag = 1
    if user_input.lower() == "n":
    user_flag = 0
    else:
    user_flag = 1

    # Make a ftp user?
    ftp_input = raw_input("Do you want to add a ftp user [n/Y]: ")
    if ftp_input.lower() == "y":
    ftp_flag = 1
    if ftp_input.lower() == "n":
    ftp_flag = 0
    else:
    ftp_flag = 1

    # If you do not want a system user or a ftp user then ... you don't want anything
    if ftp_flag == 0 and user_flag == 0:
    print "Come back when you know what you want"
    sys.exit()

    # How do you want to name your user?
    user_name = raw_input("Username: ")

    # Try to figure out the shell or input another shell
    # something like /usr/local/bin/rssh
    if user_flag == 1:
    user_shell = raw_input("Shell [/usr/local/bin/bash]: ")
    # Make /usr/local/bin/bash the default shell if the user presses enter
    if user_shell == "":
    user_shell = "/usr/local/bin/bash"

    # Basicly we have to types of accounts
    # Those that are the system users with ssh account and those with only ftp access
    # System users have the /home/user directory
    # whilst the ftp users have /home/ftpusers/user

    if user_flag == 1:
    home = "/home/" + user_name
    else:
    home = "/home/ftpusers/" + user_name

    # But if you want you can input another directory as the home directory
    # We are making this script a little more interactive
    home_dir = raw_input("Home directory [" + home + "]: ")
    if home_dir == "":
    home_dir = home

    # We generate a new random password. This is based on the pwgen port
    # Please install it before if you don't have it:
    # cd /usr/ports/sysutils/pwgen2 && sudo make search install
    newpassword = os.popen("pwgen -s -n -B -c 12 1").readline().split()[-1]
    if user_flag == 1:
    # Add the new user using the randomly generated password earlier
    # This command enters:
    # echo pass | pw user add -d /home/user -m -s /usr/local/bin/bash -n user -g users -h 0
    # -d - home directory
    # -m - builds the home directory if it doesn't exist
    # -s - the shell to user
    # -n - the name of the user
    # -g - the original group for the user
    # -h 0 - get the password from stdin
    cmd = "echo " + newpassword + " | pw user add -d " + home_dir + " -m -s " + user_shell + " -n " + user_name + " -g users -h 0"
    os.system(cmd)
    # Save the new password somewhere as you don't want an inactive account or manually input another pasword
    f = open("/root/accounts", "a+")
    line = user_name + " " + newpassword + " " + `user_flag` + " " + `ftp_flag` + "\n"
    f.write(line)
    f.close()
    print "Details have been saved to /root/accounts. Please mail the information to the user and then delete the file"
    # Make the /home/user/public_html directory so the user can have his own web server
    # at the http://host/~user address
    os.mkdir(home_dir + "/public_html")
    # Change the vhost configuration to a new entry so
    # http://host/~user is mapped as http://user.host/
    # This is much more professional in my opinion
    f = open(VHOSTS_CONFIG, "a")
    vhost = """<VirtualHost *:80>
    ServerAdmin email@mail.com
    DocumentRoot """ + home_dir + """/public_html
    ServerName """ + user_name + """.host
    ErrorLog /var/log/httpd/""" + user_name + """-error_log
    CustomLog /var/log/httpd/""" + user_name + """-access_log combined
    </VirtualHost>
    """
    f.write(vhost)
    f.close()
    # Restart the Apache Webserver
    os.system("apachectl graceful")
    # For the ftp users only you should manage their accounts using the system account ftpusers
    if user_flag == 0 and ftp_flag == 1:
    group = "ftpusers"
    uid = "ftpusers"
    else:
    uid = user_name
    group = "users"
    # Add the ftp user to the existing MySQL table (I do MySQL auth to my ftp server)
    # with the same use
    so if you give ftp access to a system user he can login with
    # the same password
    You should only give a user access to the system with no ftp
    # access if you want him to make transactions
    only with ssh (through scp)
    if ftp_flag == 1:
    # Open the MySQL database
    db = MySQLdb.connect(mysql_host,mysql_user,mysql_pass,mysql_database)
    # Make a cursor (a pointer to that database)
    cursor = db.cursor()
    # Execute an insert query
    cursor.execute("INSERT INTO `pureftpd`.`users` (`User`, `Password`, `Uid`, `Gid`, `Dir`, `QuotaSize`) VALUES (\'%s', MD5(\'%s\'), \'%s\', \'%s\', \'%s\', \'%s\');" % (user_name,newpassword,uid,group,home_dir,100))
    cursor.close()
    if ftp_flag == 1 and user_flag == 0:
    os.mkdir(home_dir)


    Powered by ScribeFire.

    Monday, October 15, 2007

    Solved the PHP Segmentation Fault

    Ha. I figured it all out. After some exhausting work my apache+php installation is working okay.
    What I did is comment all lines in /usr/local/etc/php/extensions.ini and then uncommented line by line and testing php over and over again in cli mode. This took about 15 minutes of RSI-proof work. My error was due to the recode extension. I just commented the line and everything works okay. Unfortunately, reinstalling the extension just won't do the trick. As I see, there are some topics on this to be found on google but none have a solution. I'll have to look into it.

    Note to self: Stop installing every god damn tidbit in extensions. Use only what necessary fool!

    PHP annoying error

    I just installed apache on a new box using freebsd. Everything seems to work just fine. But i then tried to install php5 and php5 extensions and apache won't even start. /var/log/messages says something about a segmentation fault. php in the command line says core dumped. I'm getting frustated as this is surely an error related to the updated ports collection I have (as everything worked perfectly a few weeks ago).

    Saturday, October 13, 2007

    How to keep your FreeBSD box up to date

    Here is a quick but time-consuming way of keeping your ports up to date. First we will install portaudit to see what ports need upgrading because of vulnerability issues. Than we will install portupgrade which is a program for upgrading your system.

    Portaudit
    portaudit provides a system to check if installed ports are listed in a
    database of published security vulnerabilities.
    cd /usr/ports/ports-mgmt/portaudit
    make install clean
    portaudit -Fda



    Portupgrade
    Portupgrade is a tool to upgrade installed packages via ports or
    packages. You can upgrade installed packages without having to
    reinstall depending or dependent packages. It can automatically trace
    dependency chains up and down upgrading packages recursively.
    cd /usr/ports/ports-mgmt/portupgrade
    make install clean

    Let's now update the ports collection using the built in portsnap.

    portsnap fetch
    portsnap update



    After your ports collection update is completed you should run the following command and building a new database for the portupgrade program. Beware as this takes a LOT.

    portsdb -Uu

    The actual upgrading is done with:

    portupgrade -arR

    By the way to see what packages are outdated type at the command prompt:
    pkg_version -l "<"

    That's it. You should now have an up to date system. All you need to do now is automate this task by adding all the commands in a shell file and throwing it at cron.