Well I found what I thought was a really handy way of easily mounting an .iso image on your Linux machine.
Check this out..
sudo mkdir -p /media/cdrom
sudo mount -o loop ~/Desktop/name_of_iso_file.iso /media/cdrom
You should now be able to access the .iso file data as if it was a physical CD-ROM 
Hope someone finds this post useful
Ok well I have read many articles and a couple of times installed tools like Macbuntu which offer a complete transformation of Ubuntu GUI but I have never been happy with just how flaky these tools can be and how they can screw up your OS so I decided to make some simple graphical changes to make my Ubuntu Netbook look more prettier 
I thought I’d also share it with you all too (incase your interested)..
So this is what it looks like (its a small resolution screenshot as my Netbook has a small screen, imagine how nice it would look with a large desktop monitor ):-
Firstly you should download FaenzaMac.tar.gz this files contains all the icons and some other bits and bobs…
We now have to install ‘Aurora’ and the gtk2-engines-aurora packages…
sudo apt-get update
sudo apt-get install aurora
sudo apt-get install gtk2-engines-aurora
Next open up the System Settings applicaiton in Ubuntu and then click on Appearance
Now drag and drop the FaenzaMac.tar.gz file into the Appearance Preferences window, it will then install the theme for you…
Now choose Radiance as the theme you want to use (the screen should now update) then click on the Customise button.
Under the Controls tab in the Customise Theme window, scroll up and select Aurora.
Now choose the tab named Icons and now select the icon set named ‘FaenzaMac‘.
Now you can close the windows! – Where all done!
I personally like this theme better than Macbuntu as it does not alter core system files and is much more light weight and not as buddy, this is a simple change but personally I think makes a nice improvement to how my Netbook looks
Added:
I have now also added some extra stuff to my theme but adding the following two ‘Window Borders‘ which allow you to have the nicely styled MacOSX window borders (install in the same way, drag the two tar.gz files below into the Appearance Window and then select the new Mac OSX Window theme from the ‘Window Border’ tab).
Here is also a Pointer theme too that looks simular to make, install in the same way as above
I recently wanted to syncronise the contents of our backup VPS (for the ZPanel project) that we used to backup all of our servers and services that we use (MySQL databases, websites and SVN data) from multiple servers to a server sitting at my house – just for double protection as our backup VPS is donated to use free of charge .
The solution had to be secure and be able to run automatically from a CRON job on my home server at regular intervals without the need for human interaction. I also wanted to be able to archive daily data to another part of the system (as Rysnc synchronises data, it should not be relied upon as the total backup solution!)
The solution was to use Rsync over SSH whilst using a private/public key pair for authentication (thus not requiring password prompting for SSH access)..
So here is how I did it…
Firstly we need to generate a public/private key pair on your local server (in this case, my server at home), to generate the key pair use the following command:-
ssh-keygen -t rsa -b 4096 -f $HOME/homeserver-rsync-key
The above will create a 4096 strengh RSA public/private key pair located in your home directory, hence ($HOME) called homeserver-rsync-key – obviously you can chance this is you’d like.
Now we need to copy the public key (the file in your home directory ending in .pub) to the remote host (the server which holds the data you want to backup) you wish to automate your logon to. scp (Secure copy) the file to remoteuser@remotehost:~/.ssh/authorized_keys. If you do not wish to overwrite the existing authorized_keys file on the remote host, then, copy the .pub file to a new file on the remote host and append the contents to authorized_keys with the command:-
cat homeserver-rsync-key.pub >> ~/.ssh/authorized_keys
You can now use the ‘-i’ option in the ssh command line utility to login to the remote host without having to supply a password.
ssh -i homeserver-rsync-key remoteuser@remotehost
If everything has worked correctly to this point you will be given a command line prompt without having to enter the password for the remote system. It is also recommended to add a password to the private key when it is generated. This will stop anyone from using the private key for authentication, should it fall into the wrong hands. However, because the idea behind this is to automate your rsync remote backups with cron, you will not want to enter the password every time. This situation can be resolved by using the ssh-agent utility that ships with OpenSSH. You can add the password for a private key to the ssh-agent with the ssh-add commmand. When the ssh-agent is running on the system public/private key authentication will be password protected, but passwords will not be prompted for. However, the ssh-agent and ssh-add commands must be re-entered after each reboot of the back-up server.
NOTE: This is very insecure, never distribute the private key for any reason, as it will enable anyone to gain access to your system. It is recommended to add a password to the private key and use the ssh-agent utility provided with OpenSSH.
So now you can autoamte your backups via. RSYNC using the following command: (which ofcourse is then intended to be added to the cron job – In this example the files and folders are Rsync’d remotely every hour, on the hour)
0 * * * * rsync -avz -e "ssh -i /root/homeserver-rsync-key" root@remoteserver.com:/remote/file/path/* /local/folder/to/copy/to/
On the server at home, you’ll then want to create anoter cronjob that will archive the current data into a tar.gz file (dated!) using a shell script that I have written, the contents of the crontab would like as follows (in the example the data is archived every day at midnight)…
0 0 * * * /root/makeback.sh /path/to/rsync_folder /path/to/place/to/store/backups
You can download the shell script if you’d like to use it too from here (remember to chmod +x the file before attempting to run it!).
If you would have asked me several years ago what I thought of Apple Mac’s I would have pretty much spat at you, I found them to be a ‘kiddies toy’ that designers used (to be fair at the time it was OS9) or maybe I was just blind!??!!!?!??
….However, since which time I have started to really love the eye candy that Mac OSX has to offer and if you have been reading my other blog posts you will have found that I am very much a Linux/Windows man myself and never really played with OSX…. until this weekend….
I found several articles online how to install OSX on an Intel based PC (this method has been named ‘Hackintosh’) so I thought whats all the hype about, I was bored and therefore thought I’d give it ago…..
After getting everything prepared and installing it I was in LOVE!!! – And thats only with the OSX software!!! – Gees, the actual Mac hardware is gorgeous so if I could afford to go out and buy a MacPro or iMac tomorrow I most certainly would!!! – But truth is that at over £1000 (almost and upto £2500) it really is way too steep for me at the moment unfortunetly but a brand new iMac or MacPro is certainly on my wishlist now!!!
So what and why do I love it??
Well several reasons really….
I have used it for a couple of days now and it basically JUST WORKS!!! – Its easy to use and I LOVE ‘Time Machine’ – I think this is a really great feature, these days I don’t really want to be messing around with Mico$oft Windows, its too flakey, boring to use and to be honest requires alot of effort keeping it patched and virus free!
I want a computer to work, be fun to use, and be secure… The way I look at this is…. Its a Mac, Its a UNIX based operating system that looks amazing… The best of both worlds….
Right… Its time I start saying up for a new Mac and get rid of all my PC junk
Well the last month has been very eventful with regards to the projects that I have been running/involved in….
I have released ZPanel 6.0.0 Alpha1 on Sunday for testing and so far so good so hopefully a full upgrade release will be released as stable very soon as soon as everyone from the ZPanel team is happy.
I have also been working on my own Linux distrubution (something that I have wanted to do for years) which is based on Ubuntu LTS releases and is targetted as a free alternative to a propertiarial operating system which uses the code names of animals for their releases (you should be able to get it from that clue) but if not work out which one is missing from this list… (Windows, Linux, Unix, ***)? – Hopefully you get it now
The Linux distrubution that I am making is attempting to be easy on the eyes (eye candy from the start), Fast and stable when in use.
I have removed many of the default applications from Ubuntu 10.04 (LTS); The reason that I am using the LTS version is that the distrubution is then officially supported for three years meaning that non-technical users don’t have to worry about upgrading every six months.
As well as the operating system myself and a small team (team not yet setup) will be creating a cloud service that is linked from the OS (using Dock icons and desktop icons) that enables new users to register an account and then give them webmail, POP3 email and file sharing.
I hope that the new distrubution will encourage users to switch to the OS as it is provided free of charge and will be a stable platform for their home PC/laptop or netbook. – Ofcourse there is nothing stopping people using this in the office either but our initial market for users will be home users.
You never know, in the future we may also bring out a Server version too
…All very exciting times
In this guide I will be explaining how you can create a PPTP (Point to point tunnelling protocol) VPN using Ubuntu Server 10.04 LTS release, this should also work for other versions of Ubuntu Server too!
Ok so there are many types of VPN’s (PPTP, L2TP etc. etc.) PPTP is not the most secure type of VPN but is proberbly the easiest to setup and therefore I will be using this method (its only a home VPN after all!) Also…. you donât need to mess with certificates (like with L2TP+IPsec or SSL VPNs) on both sides of the connection.
VPN-ing into your server will allow you to connect to every possible service running on it, as if you were sitting next to it on the same network, without individually forwarding every port combination for every service you would like to access remotely.
Using a VPN connection also has the upshot of, if desired, granting access to other computers on the network as if you where in it locally from anywhere across the internet.
So lets get going….
Ok firstly we must install pptpd to install the daemon on your Ubuntu server, from the command line (logged in as root) execute the following command:-
apt-get install pptpd
Once installed we have a few configuration files we need to change…
we need to edit the main pptpd configuration…
nano /etc/pptpd.conf
and now add the following lines to it…
localip 192.168.0.2
remoteip 192.168.0.30,192.168.0.245
Where the âlocalipâ is the address of the server, and the remoteip are the addresses that will be handed out to the clients, it is up to you to adjust these for your networkâs requirements.
Now we need to edit the â/etc/ppp/pptpd-optionsâ configuration file:
nano /etc/ppp/pptpd-options
Append to the end of the file, the following directives:
ms-dns 192.168.0.1
nobsdcomp
noipx
mtu 1490
mru 1490
Where the IP used for the ms-dns directive is the DNS server for the local network your client will be connecting too and, again, it is your responsibility to adjust this to your networkâs configuration.
Edit the chap secrets file:-
nano /etc/ppp/chap-secrets
Add to it the authentication credentials for a userâs connection, in the following syntax:-
username <TAB> * <TAB> users-password <TAB> *
Restart the connectionâs daemon for the settings to take affect:
/etc/init.d/pptpd restart
If you donât want to grant yourself access to anything beyond the server, then your done on the server side. – Your PPTP Server is setup and ready to go!
Don’t forgot to port forward port number 1723 on your router to point to the Ubunut Linux Server
You want more (Enable forwarding)??
While this step is optional and could be viewed as a security risk for the extremely paranoid, it is my opinion that not doing it defeats the purpose of even having a VPN connection into your network.
By enabling forwarding we make the entire network available to us when we connect and not just the VPN server itself. Doing so allows the connecting client to âjumpâ through the VPN server, to all other devices on the network.
To achieve this we will be flipping the switch on the âforwardingâ parameter of the system.
Edit the âsysctlâ file:
nano /etc/sysctl.conf
Find the ânet.ipv4.ip_forwardâ line and change the parameter from 0 (disabled) to 1 (enabled):
net .ipv4.ip_forward=1
You can either restart the system or issue this command for the setting to take affect:
sysctl -p
With forwarding enabled, all the server side settings are prepared.
I would recommend using a âSplit Tunnelâ connection mode for the VPN client.
A more in depth explanation about the recommended âSplit Tunnelâ mode, as well as instructions for Ubuntu Linux users can be found in the âSetting up a âSplit Tunnelâ VPN (PPTP) Client on Ubuntu 10.04â guide.
This guide originated from http://sysadmingeek.com/articles/setting-up-a-vpn-pptp-server-on-debian/Â - I wouldn’t want to see a good tutorial dissapear! – So I’m mirroring it
Hi all,
Another feature that I needed for my project over at zpanel.co.uk was an SVN server so that other members of my team can download the source code, make changes and upload it back to the master server.
So this quick tutorial will show you the basics of how to setup an SVN server with public read access but authenticated write access.
Ok so first of all you’ll need Ubuntu Server 10.04 installed on your server…
Now we’ll install SVN, Apache and the SVN library for Apache…
apt-get install apache2 subversion libapache2-svn
and now we’ll create our repository like so..
svnadmin create /svn
In the above example I have called the repository ‘svn’ but obviously you can substitute ‘/svn’ for ‘/{yourprojectname}’ if you’d like.
Now what we’ll do is edit the configuration file for subversion…
nano /etc/apache2/mods-enabled/dav_svn.conf
The Location element in the configuration file dictates the root directory where subversion will be acessible from, for instance: http://www.server.com/svn
<Location /svn>
The DAV line needs to be uncommented to enable the dav module
# Uncomment this to enable the repository,
DAV svn
The SVNPath line should be set to the same place your created the repository with the svnadmin command.
# Set this to the path to your repository
SVNPath /svn
The next section will let you turn on authentication. This is just basic authentication, so donât consider it extremely secure. The password file will be located where the AuthUserFile setting sets it toâ¦Â probably best to leave it at the default.
# Uncomment the following 3 lines to enable Basic Authentication
AuthType Basic
AuthName âSubversion Repositoryâ
AuthUserFile /etc/apache2/dav_svn.passwd
To create a user on the repository use, the following command:
sudo htpasswd -cm /etc/apache2/dav_svn.passwd <username>
Note that you should only use the -c option the FIRST time that you create a user. After that you will only want to use the -m option, which specifies MD5 encryption of the password, but doesnât recreate the file.
Example:
sudo htpasswd -cm /etc/apache2/dav_svn.passwd ballen
New password:
Re-type new password:
Adding password for user ballen
Restart apache by running the following command:
/etc/init.d/apache2 restart
Now if you go in your browser to http://www.server.com/svn, you should see that the repository is enabled for anonymous read access, but commit access will require a username.
If you want to force all users to authenticate even for read access, add the following line right below the AuthUserFile line from above. Restart apache after changing this line.
Require valid-user
Now if you refresh your browser, youâll be prompted for your credentials:
So that is now it, you now have a working Linux Subversion server!
You can also create additonal respositories with different access rights by simply duplicating and renaming this file /etc/apache2/mods-enabled/dav_svn.conf. – Just use your head, you’ll figure it out!
Remember if you make changes to SVN you MUST restart apache for the changes to become active!
Happy coding!
This month on my ‘main’ project (ZPanel) I have changed the download mirror network system, previously I wrote a PHP mirror syncronisation web app which would syncronise files to all pulic mirrors but after about 3 years of it being in use and the main repository getting rather full and slowing everything down I have decided to use rsync…
The concept here is to have a master server that stores the actual files BUT NOT used as a download server but runs rysnc to allow the download node servers to ‘pull’ the files and folders from the master server….
I thought I’d share with you how I got this configured on a Ubuntu 10.04 server…
Ok so first of all, you need Ubuntu server installed…. duhh
Next, as rysnc is already installed on Ubuntu there is no need for us to install anything etc. so lets move streight on…
The configuration is simple, we just create 2 files and edit one file and then restart the rsyncd service, so the first file we are going to create is the main rsync service configuration file…
I used nano to create the file with the following command:-
nano /etc/rsyncd.conf
Then we populate it with the following…
motd file = /etc/rsyncd.motd
[zdds]
path = /home/zpanel/mirrorfs
comment = ZPanel master mirror controller. (ZDDS)
uid = zpanel
gid = zpanel
read only = true
I hope you can work out for yourself what is happening above but just incase I’ll give you a quick breakdown, the [zdds] is the ‘module’ name that you’ll use on the remote client/server to ‘pull’ and syncronise the data, the path is the path in the file system to where the files and folders are that you want to mirror. The comment is self explainatory – The uid and gid is the user and group for access rights, I set these to zpanel as that is the home directory in which the files are located. I have the repository read only as the download nodes will connect and ‘pull’ the data to their server which will actually be used by the public to download the files.
You can setup username and password access if you like but I don’t need it so I didnt bother but search google if you want to know how to do it!
Save the file and now create the (M)essage (O)f (T)he (D)ay file like so..
nano /etc/rsyncd.motd
Then pop a quick message in the file, for example:
Hello this is the Message of the day text on this Rsync server!
Now we just need to edit /etc/default/rsync edit and enable Rsync as a service…
So using Nano again…
nano /etc/default/rsync
and set the RSYNC_ENABLE to true and then save…
Then simply restart rsyncd by doing this…
/etc/init.d/rsyncd restart
Then now your download node servers will be able to syncronise with your master server, using the below command:
rsync -a -r –delete –delete-before example.com::zdds/ /path/to/local/folder
Hope you found this useful
As you can proberbly tell from my other blog posts I really do like Ubuntu although I also admire CentOS/Redhat but for sheer simplicity and non-bloat installation I do like this awesome distrubution.
Ok so nowadays more and more people have more than one PC or network device at home and therefore it would be benefical to setup a shared storage device (A home file server basically)… So this is what I’m going to run through…
Firstly let me say that this is a very basic file server that can be accessed from pretty much all operating systems… eg. Microsoft Windows, Linux, UNIX, MacOSX and even XBox’s etc….
In this tutorial we’ll setup a single shared folder on a Ubuntu Server, the shared folder will not require any username or password to access it (its a home network after all!) If you wanted to add more security or more advanced features to your File (and even Print) server check out this page from the Ubuntu Server Guide: https://help.ubuntu.com/10.04/serverguide/C/samba-fileprint-security.html
Lets begin…
If you don’t already have Ubuntu Server installed, grab the ISO from the Ubuntu website, burn it to a CD and then install it on an PC. (this is very easy indeed!)
Login to your newly installed server as the ‘root‘ user and now we will install samba as follows:-
apt-get install samba
Thats all there is to it really, so now we can get streight on with configuring Samba….
The main Samba configuration file is located in /etc/samba/smb.conf . The default configuration file has a significant amount of comments in order to document various configuration directives.
Firstly, edit the following key/value pairs in the [global] section of /etc/samba/smb.conf:
workgroup = EXAMPLE
…
security = user
The securityparameter is farther down in the [global] section, and is commented by default. Also, change EXAMPLE to better match your environment.
Create a new section at the bottom of the file, or uncomment one of the examples, for the directory to be shared:
[shared]
comment = Ubuntu File Server Share
path = /srv/samba/share
browsable = yes
guest ok = yes
read only = no
create mask = 0755
Now that Samba is configured, the directory needs to be created and the permissions changed. Enter the following:
sudo mkdir -p /srv/samba/share
sudo chown nobody.nogroup /srv/samba/share/
The -p switch tells mkdir to create the entire directory tree if it doesn’t exist. Change the share name to fit your environment.
Finally, restart the samba services to enable the new configuration:
/etc/init.d/samba restart
From a Windows client you should now be able to browse to the Ubuntu file server and see the shared directory. To check that everything is working try creating a directory from Windows.
To create additional shares simply create new [dir] sections in /etc/samba/smb.conf, and restart Samba. Just make sure that the directory you want to share actually exists and the permissions are correct.
I hope this helps, you make find the following links of interest if you want to further build on your new file server:-
A recently I have been playing around with Ubuntu Server 10.04 and various little projects etc. I thought I’d write a tutorial on how you can create a network accessable or local Ubuntu package repository.
For this tutorial I am using Ubuntu 10.04 Server release on an old Compaq Proliant DL320.
The sole purpose of having such a setup is to enable all your Ubuntu machines (Desktops and Server) to be able to update and install software packages using a local server which saves your internet bandwidth
I assume that you already have Ubuntu installed and ready to go…
So lets get started…
Firstly we need to install apt-mirror, apt-mirror is the software that we will use to syncronise the data from the internet package repository servers on to our own server.
So lets install it now…
apt-get install apt-mirror
After the package has downloaded you can now move on to the part where we will edit the configuration file for apt-mirror so we can add or remove other versions of Ubuntu, artitectures and/or repository types…
nano /etc/apt/mirror.list
By default the file will show you that it will get both the binaries (deb …..) and source (deb-src….) packages for main, restricted and universe.
I want to mirror the main, restricted, and universe sections of Ubuntu Lucid Lynx, but I don’t want to mirror the security updates as these should be downloaded directly from the internet. Also, I don’t want to mirror the source packages because in 95% of all installations you don’t need source packages, and they need a lot of space on the hard disk. So my /etc/apt/mirror.list looks like this:
############# config ##################
#
# set base_path   /var/spool/apt-mirror
#
# set mirror_path $base_path/mirror
# set skel_path   $base_path/skel
# set var_path    $base_path/var
# set cleanscript $var_path/clean.sh
# set defaultarch <running host architecture>
# set postmirror_script $var_path/postmirror.sh
# set run_postmirror 0
set nthreads    20
set _tilde 0
#
############# end config ##############deb http://archive.ubuntu.com/ubuntu lucid main restricted universe
#deb http://archive.ubuntu.com/ubuntu lucid-security main restricted universe multiverse
#deb http://archive.ubuntu.com/ubuntu lucid-updates main restricted universe multiverse
#deb http://archive.ubuntu.com/ubuntu lucid-proposed main restricted universe multiverse
#deb http://archive.ubuntu.com/ubuntu lucid-backports main restricted universe multiverse#deb-src http://archive.ubuntu.com/ubuntu lucid main restricted universe multiverse
#deb-src http://archive.ubuntu.com/ubuntu lucid-security main restricted universe multiverse
#deb-src http://archive.ubuntu.com/ubuntu lucid-updates main restricted universe multiverse
#deb-src http://archive.ubuntu.com/ubuntu lucid-proposed main restricted universe multiverse
#deb-src http://archive.ubuntu.com/ubuntu lucid-backports main restricted universe multiverseclean http://archive.ubuntu.com/ubuntu
Make note that I have removed multiverse from the end of the the first repository path and commented out ‘#’ the other repository paths.
Thats pretty much it! – Now you can run the apt-mirror tool using the following command:-
apt-mirror
The first time you run this it’ll take ages to download the inital data but each time after you’ll be able to run apt-mirror which will then update any new packages or cleanup ones that are no longer required so therefore will be much much faster! At the time of writing, the inital mirror to download was 28.3GB (29,434 files)
Making it download packages automatically
If you want to automate the task of the server downloading new and updated packages automatically you can add it as a daily cron job, sSimply edit /etc/cron.d/apt-mirror and uncomment the last line in it so that it looks like this:
nano /etc/cron.d/apt-mirror
#
# Regular cron jobs for the apt-mirror package
#
0 4 * * * apt-mirror /usr/bin/apt-mirror > /var/spool/apt-mirror/var/cron.log
This will make apt-mirror run at 4.00h each day, and it will log to /var/spool/apt-mirror/var/cron.log.
Enabling access to your repository over HTTP
Cherokee Server is a small and very fast, simple to manage and configure using a web configuration tool and traffic reports (run cherokee-admin from the console!), You can install it now using the following command:-
apt-get install cherokee libcherokee-mod-rrd
Or if your happy with Apache, the well known and very widely used, you can install it using:-
apt-get install apache2
So after you’ve choosen what Web server you want to use, lets move onto the next step…
The default web hosting document root under Ubuntu is /var/www, but our repositories are stored in /var/spool/apt-mirror/mirror. In order to make our repositories accessible by http://(server_ip)/ubuntu, we create a symlink for /var/www/ubuntu that point to the real repository:
ln -s /var/spool/apt-mirror/mirror/archive.ubuntu.com/ubuntu /var/www/ubuntu
Remember to adjust these commands if you use different mirrors than archive.ubuntu.com.
Thats it…. (on the server side!)
Configuring your client PC’s/Servers
To use the local ubuntu mirror you can replace the main restricted universe repository in /etc/apt/sources.list like this:
nano /etc/apt/sources.list
You should change the hostname to your server’s IP address simular to this…
[...]
deb http://192.168.0.100/ubuntu/ lucid main restricted universe
[...]
Save the changes and then run apt-get update to confirm you are now using the local mirror server:-
apt-get update
and your done!!!! – If you want to learn more about apt-mirror search it on Google!
