Introduction ~

Long back I edited initrd as  old linux (Ubuntu 6.06) box was not able to boot with SCSI hard disk? One of my friend wanted to do the same for other purpose. So got a chance to write article on the same? Let’s start with what is initrd?

What is initrd ?

initrd (Initial Ram Disk) is a temporary file system ( used as /) commonly used in the boot process of the Linux kernel. It is typically used for making preparations before the real root file system can be mounted.

Why someone want to edit/modify initrd ?

I assume that you all are familier with Linux booting process? Once Linux kernel loaded in to memory (RAM) it start init (father/mother of all  process) process. is that true? Let me ask you one question. Before loading actual physical root file system (/) how kernel access /sbin/init script? what is the use by specifying “initrd” file in GRUB ?  hold on!!

Suppose your root partion resides on some SCSI device and driver for this SCSI devices is compiled as a kernel module. Of course this module is required at boot time to have access to the root partion — but it is not in the kernel. Thus the need for an initrd image. Additionally after udev subsystem become common, somebody has to start udev to create device nodes. This is initrd’s duty too.

See the GRUB menu as shown below ~

title        Ubuntu 9.04, kernel 2.6.28-11-generic
kernel        /vmlinuz-2.6.28-11-generic root=/dev/sda3  ro quiet splash
initrd        /initrd.img-2.6.28-11-generic

GRUB loads  kernel and initrd image in to memory(RAM). When kernel boots  it checks for initrd image, and if it exists starts init script that resides on this image. init script is usually written in bash. When init script on initrd image is finished, kernel usually start standard init process ie /sbin/init

Step 1] Copy original initrd image file to temp location  ~

** Create temporary directory and copy initrd file in that temp directory

arunsb@laptop:~$ cp /boot/initrd.img-2.6.28-11-generic  /tmp/

arunsb@laptop:~$ mkdir /tmp/initrd-src

** Now extract “initrd” image -

arunsb@laptop:~$ cd /tmp/initrd-src

arunsb@laptop:/tmp/initrd-src$ gzip -dc  /tmp/initrd.img-2.6.28-11-generic  | cpio -id
38791 blocks
arunsb@laptop:/tmp/initrd-src$ ls -l
total 36
drwxr-xr-x 2 arunsb arunsb 4096 2009-07-12 16:32 bin
drwxr-xr-x 3 arunsb arunsb 4096 2009-07-12 16:32 conf
drwxr-xr-x 6 arunsb arunsb 4096 2009-07-12 16:32 etc
-rwxr-xr-x 1 arunsb arunsb 4825 2009-07-12 16:32 init
drwxr-xr-x 5 arunsb arunsb 4096 2009-07-12 16:32 lib
drwxr-xr-x 2 arunsb arunsb 4096 2009-07-12 16:32 sbin
drwxr-xr-x 8 arunsb arunsb 4096 2009-07-12 16:32 scripts
drwxr-xr-x 3 arunsb arunsb 4096 2009-07-12 16:32 usr
arunsb@laptop:/tmp/initrd-src$

** Check how “init” looks like ~

arunsb@laptop:/tmp/initrd-src$ head init
#!/bin/sh

echo “Loading, please wait…”

[ -d /dev ] || mkdir -m 0755 /dev
[ -d /root ] || mkdir -m 0700 /root
[ -d /sys ] || mkdir /sys
[ -d /proc ] || mkdir /proc
[ -d /tmp ] || mkdir /tmp
mkdir -p /var/lock
arunsb@laptop:/tmp/initrd-src$

Step 2] Edit/Modify as per your requirement

Step 3] How to create initrd image  ~

Create initrd image from scratch -

root@laptop:/home/arunsb# mkinitramfs  -v -o  /tmp/initrd-arun-$(uname -r)

root@laptop:/home/arunsb# ls -l /tmp/initrd-arun-2.6.28-11-generic
-rw-r–r– 1 root root 7536506 2009-07-12 17:11 /tmp/initrd-arun-2.6.28-11-generic

root@laptop:/home/arunsb# du -sh /tmp/initrd-arun-2.6.28-11-generic
7.2M    /tmp/initrd-arun-2.6.28-11-generic
root@laptop:/home/arunsb#

mkinitramfs ~ is the tool used to create initrd image. “initrd” image is a gzipped cpio archive.

** After all modifcation create initrd image as shown below…

arunsb@laptop:/tmp/initrd-src$ find . | cpio –quiet –dereference -o -H newc | gzip -9 > /tmp/initrd.img-2.6.28-11-arun
arunsb@laptop:/tmp/initrd-src$ ls -l /tmp/initrd.img-2.6.28-11-arun
-rw-r–r– 1 arunsb arunsb 7505955 2009-07-12 16:56 /tmp/initrd.img-2.6.28-11-arun
arunsb@laptop:/tmp/initrd-src$

* Enjoy !!

Regards,
Arun Bagul

Dear All,

We are pleased to announce that the openslm-0.99 development platform released on 10th Jun 2009. We are sure that  all contributor’s of openlsm and IndianGNU.org community will start coding for openlsm…

* Please don’t forget to test openlsm and give your valuable feedback/suggestion!

community Blog – http://www.indiangnu.org/

Download openlsm ~

* http://openlsm.sourceforge.net/
http://sourceforge.net/project/showfiles.php?group_id=211420

What is openLSM?

openLSM is web-based control panel designed to make administration of website, GNU/Linux and Unix based operating system easy! openLSM handles all aspects of administration in its interface. It is free/open source software under GPL.

How to install openlsm ~

step 1) cd to the source directory

   ./configure --prefix=/usr/local/openlsm
    OR
    ./configure --prefix=/usr/local/openlsm --with-mysql=/usr/bin/mysql_config --enable-internal-pcre
    --with-geoip=/usr --with-ldap=/usr 	

   make
   make install

step 2) openLSM is using 'openlsm' user and group. please create system user and group and set homedir
    /usr/local/openlsm or 'prefix' value. Confirm ownership/permission of '/usr/local/openlsm'
     directory after installation.

  addgroup --system openlsm
  adduser --system  --home /usr/local/openlsm --shell /bin/false --gid <gid_of_openlsm_group>  openlsm

step 3) How to create a self signed certificate for SSL/TLS

 dd if=/dev/random  of=/tmp/random.dat bs=1024 count=1

 $ openssl genrsa   -out  /usr/local/openlsm/etc/openlsm/ssl/openlsm-certificate.key
    -rand /tmp/random.dat 2048
 $ openssl req -new -key /usr/local/openlsm/etc/openlsm/ssl/openlsm-certificate.key
   -out /usr/local/openlsm/etc/openlsm/ssl/openlsm-certificate.csr

 #generate certificate
 $ openssl x509 -req -days 365 -set_serial 1 -in
  /usr/local/openlsm/etc/openlsm/ssl/openlsm-certificate.csr
   -signkey /usr/local/openlsm/etc/openlsm/ssl/openlsm-certificate.key
   -out /usr/local/openlsm/etc/openlsm/ssl/openlsm-certificate.crt

step 4) please check permission, ownership of /usr/local/openlsm directory and file
        path in openlsm.conf  configuration file...

start openlsm with script in  contrib directory…

./contrib/openlsm start

URL ~ http://<server_name_or_ip>:4050/ or

http://<server_name_or_ip>:4060/

enjoy !!

Regards,
IndianGNU & openlsm

What is Epoch time ?

Unix time, or POSIX time is also know as Epoch time. Linux/Unix operating systems maintain system time based on some starting time called the Epoch. In Linux/Unix and POSIX systems count time as seconds since midnight Coordinated Universal Time (UTC) of January 1, 1970, not counting leap seconds. It is widely used not only on Unix-like operating systems but also in many other computing systems. Epoch time is in seconds!!

1] How to get Epoch time ?

* Linux / Ubuntu

root@arun:~# date
Wed Jan 28 23:52:12 IST 2009

root@arun:~# date +%s
1233166934
root@arun:~#

* FreeBSD

root@arun:~# date
Wed Jan 28 11:07:10 IST 2009

root@arun:~# date  +%s
1233169634
root@arun:~#

2] How to convert Epoch time into Date format ?

* Linux / Ubuntu

arunsb@arun:~$ date -d ’1970-01-01 1233167307 sec’
Wed Jan 28 18:28:27 IST 2009
arunsb@arun:~$

* FreeBSD

arunsb@arun:~# date -r 1233169468
Wed Jan 28 11:04:28 IST 2009
arunsb@arun:~#

3] How to convert Date time into Epoch ?

* Linux / Ubuntu

arunsb@arun:~$ date ; date +%s
Thu Jan 29 00:26:48 IST 2009
1233169008
arunsb@arun:~$ date -d ‘Thu Jan 29 00:26:48 IST 2009′ +%s
1233169008
arunsb@arun:~$ date -d ‘Thu Jan 29 00:26:48 IST 2009′ +%s
1233169008
arunsb@arun:~$

* FreeBSD

root@arun:~#  date -j -f ‘%Y-%m-%d %H:%M:%S %Z’ ’2009-01-29 00:50:04 PST’ +%s
1233219004

root@arun:~#  date -j -f ‘%Y-%m-%d %H:%M:%S %Z’ ’2009-01-29 00:50:04 GMT’ +%s
1233190204
root@arun:~#

Thanks,
Arun Bagul

Introduction - To install WordPress, you should have Apache, MySQL, and PHP installed on your Linux server(typical LAMP server). If you don’t have LAMP server installed yet, then there are plenty of tutorials out there that will help you install them. Note that this walk through will probably also work for recent versions of Debian/Ubuntu Linux.

How to install the wordpress package using apt-get -

root@ravi:~# apt-get install wordpress

If you get an error message that the package wordpress cannot be found, it is most likely because you do not have multiverse servers enabled for apt-get. Here’s how to add them. First, edit /etc/apt/sources.list

root@ravi:~# vi /etc/apt/sources.list

Add the following two lines (it doesn’t particularly matter where you add them, or even if you have duplicate lines).

deb http://us.archive.ubuntu.com/ubuntu/ gusty main restricted universe multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ gusty main restricted universe multiverse

Now tell apt-get to update its package list and you should be able to find wordpress.

root@ravi:~# apt-get update

Now try to install WordPress as shown above.  Next we have to configure Apache  for WordPress -

root@ravi:~# vi /etc/apache2/apache2.conf

At the bottom of the file add the following lines:

Alias /blog /usr/share/wordpress
<Directory /usr/share/wordpress>
Options FollowSymLinks
AllowOverride Limit Options FileInfo
DirectoryIndex index.php
</Directory>

You can access WordPress  with URL http://yourdomain.com/blog/.  If you want it to go somewhere else, just adjust the path accordingly.

Now we have to tell Apache to reload its configuration files.

root@ravi:~# /etc/init.d/apache2 reload

Next, we are going to create a database in MySQL for WordPress to use. First, login to MySQL Server -

root@ravi:~# mysql -u root -p

If you have never used MySQL before, the default root password is blank. Now would be a good time to set one.

Next we are going to create a database for WordPress to use. I’m going to be very imaginative and name the database “wordpress”.

mysql> CREATE DATABASE wordpress;
Query OK, 1 row affected (0.00 sec)

Now we have to create a database user for wordpress. This part is important; you could just use the same user for all of your applications, but if something went wrong, you could lose all of your data. By creating a separate MySQL user for each application, you are limiting your damage. I’m going to be imaginative again and choose the name “wordpress_user” for the WordPress database user account. You might want to pick a better password than fluffy; that’s simply what I’m using for this demonstration.

mysql> GRANT ALL PRIVILEGES ON wordpress.* TO ‘wordpress_db_user’@'localhost’ IDENTIFIED BY ‘password’ ;
Query OK, 0 rows affected (0.00 sec)

Now let’s make sure that these changes took:

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

We are done with MySQL now, so let’s quit.

mysql> quit;
Bye

Next we are going to modify WordPress’s configuration file to tell it about the database and user we just created for it. But first, we have to deal with a little idiosyncrasy. The Ubuntu WordPress package creates a symbolic link to /etc/wordpress/ for its configuration file, but we aren’t going to be using anything in /etc/ for our installation. So first, get rid of the symbolic link. Don’t worry, this is just deleting a link, it’s not actually deleting any files. The default wp-config.php will remain in /etc/wordpress/ if you really want it.

root@ravi:~# rm  /usr/share/wordpress/wp-config.php

Now copy the sample configuration over to the main configuration location.

root@ravi:~# cp /usr/share/wordpress/wp-config-sample.php /usr/share/wordpress/wp-config.php

Now let’s edit the configuration.

root@ravi:~# vi /usr/share/wordpress/wp-config.php

Remember the database name, user account, and password that we just set in MySQL? We are going to input these into the configuration file and save it.

define(‘DB_NAME’, ‘wordpress’); // The name of the database
define(‘DB_USER’, ‘wordpress_DB_user’); // Your MySQL username
define(‘DB_PASSWORD’, ‘password’); // …and password
define(‘DB_HOST’, ‘localhost’); // 99% chance you won’t need to change this value

We’re almost done. Now we just use WordPress’s built-in installation script. Go to http://yourdomain.com/blog/wp-admin/install.php and follow the directions. Write down the auto-generated password it gives you.

Now we’re going to login to WordPress. Go to http://yourdomain.com/blog/wp-login.php and login with the account ‘admin’ and the password you just wrote down. Now everything is working! The first thing you should do is change the password to the admin account. This option can be accessed from the “Users” tab along the top of the screen.

We have one more thing to do. We’re going to install a plugin for WordPress called “Spam Karma”. This plugin will defend your site from comment spam, which is a much bigger problem than you’d realize, especially if your site starts getting really popular. Luckily, it’s very easy to install the plugin. Go to the plugins directory, download the plugin using wget, and unzip it.

root@ravi:~#cd /usr/share/wordpress/wp-content/plugins/
root@ravi:~#wget http://wp-plugins.net/sk2/sk2_final.zip
root@ravi:~#unzip sk2_final.zip

Now, go back into the admin console of your blog, go to the Plugins tab, and click on the Activate button next to Spam Karma.
That’s it; you’re done! Try writing your first post on WordPress, or configure your site’s look and feel.

Thanks
Ravi Bhure

Introduction -

Why we need to change MAC address? On one of our proxy server which is directly connected to internet. Due to some reason I have to assign MAC address to one of the Interface eth0! My ISP want unique MAC address to interface which is connected to there service.

Set MAC address to interface manually -

step(1) Edit the /etc/network/interfaces file. to modify the interface configuration on Ubuntu or Debian system…

root@arunbagul:~# vi /etc/network/interfaces
root@arunbagul:~#

See your network interface conf file. If you have dhcp enabled, it will look like this…

root@arunbagul:~# cat /etc/network/interfaces

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

root@arunbagul:~#

step(2) Now specify the MAC address as shown below…

root@arunbagul:~# cat /etc/network/interfaces

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp
hwaddress ether 01:06:03:04:0B:06

root@arunbagul:~#

step(3) Now restart your network service -

root@arunbagul:~# /etc/init.d/networking restart
* Reconfiguring network interfaces…
There is already a pid file /var/run/dhclient.eth0.pid with pid 4440
killed old client process, removed PID file
…
…..

DHCPACK from 192.168.1.10
bound to 192.168.1.89 — renewal in 3110 seconds.
[ OK ]
root@arunbagul:~#

step(4) macchanger - is the tool available for Ubuntu to change the MAC address -

How to install macchanger ?

root@arunbagul:~# apt-get install macchanger
Reading package lists… Done
Building dependency tree
…
…..
Setting up macchanger (1.5.0-1) …

root@arunbagul:~#

step(5) How to use this -

root@arunbagul:~# macchanger eth0
root@arunbagul:~#

Cheers,
Arun Bagul

Introduction -

SSH (Secure Shell) is mostly used to login to remote shell (Linux/Unix machine). SSH is protocol to transfer files securely like FTP, but more secure. Transferring files to an from an ssh account can be done using the scp command. What if you could mount a remote folder that you can access using ssh on your local computer? What if you could access files on an ssh account just like they were local files on your pc? Well now you can! mount a folder in an ssh account, edit the files locally and save the files, that’s it! The file will be saved on remote ssh server.

sshfs is a tool, which allow us to mount directory file systems over ssh on Ubuntu. sshfs is a filesystem client based on the SSH File Transfer Protocol.
Most SSH servers already support this protocol it is very easy to set up on the server side there’s nothing to do. On the client side mounting the filesystem is as easy as logging into the server with ssh.

How to install sshfs -

root@arunbagul:~# apt-get  install   sshfs
Reading package lists… Done
Building dependency tree
…
….
root@arunbagul:~#

This will also install fuse-utils and libfuse2, which are required.

What is required ?

fuse is the kernel module which need to loaded -

root@arunbagul:~# lsmod | grep fuse
fuse 47124 3
root@arunbagul:~#

If this module is not loaded, you will get following error-

fusermount: fuse device not found, try ‘modprobe fuse’ first

** Use below command to load ‘fuse’ module

root@arunbagul:~# modprobe fuse
root@arunbagul:~#

If you want to load ‘fuse’ modules on startup. Then edit the file /etc/modules and adding a ‘fuse’ on new line at the end.

** Now create a local directory where you want the files to be mounted…

root@arunbagul:~# mkdir /media/ssh_file_system
root@arunbagul:~#
root@arunbagul:~# chown arun:arun /media/ssh_file_system
root@arunbagul:~#

Once you have done the above, you can use sshfs to mount the remote directory to your local system!

Say I want to mount the “/var/www” directory on my remote server (192.168.0.1) I would do it by executing the following command…

root@arunbagul:~# sshfs root@192.168.0.1:/var/www /media/ssh_file_system
root@192.168.0.1′s password:
root@arunbagul:~#

** Check with mount command whether the file system is mounted or not

root@arunbagul:~# mount | grep sshfs
sshfs#root@192.168.0.1:/var/www on /media/ssh_file_system type fuse (rw,nosuid,nodev,max_read=65536)
root@arunbagul:~#

NOTE – Normal user should be in ‘fuse’ group to mount file system by using sshfs.

root@arunbagul:~# grep fuse /etc/group
fuse:x:106:
root@arunbagul:~#

** How to unmount the directory -

root@arunbagul:~# mount | grep sshfs
sshfs#root@192.168.0.1:/var/www on /media/ssh_file_system type fuse (rw,nosuid,nodev,max_read=65536)
root@arunbagul:~#

root@arunbagul:~# fusermount -u /media/ssh_file_system
root@arunbagul:~#

root@arunbagul:~# mount | grep sshfs
root@arunbagul:~#

done!

command(1) fusermount - mount FUSE filesystems. A virtual FUSE filesystem will be created on the mount point.

Options
-h print help

-V print version

-o opt[,opt...]
mount options

-u unmount

-q quiet

-z lazy unmount (works even if resource is still busy)

command(2) SSHFS - filesystem client based on SSH File Transfer Protocol

usage: sshfs [user@]host:[dir] mountpoint [options]

general options:
-o opt,[opt...]
mount options

-h –help
print help

-V –version
print version

-p PORT equivalent to ‘-o port=PORT’

Cheers,
Arun Bagul

Introduction -

SSH (secure shell) client can be used as “SSH tunneling for SOCK proxy port forwarding“.

ssh -D [bind_address:]port

* -D option in SSH can be used to specifies a local “dynamic” application-level port forwarding. This works by allocating a socket to listen to port on the local side, optionally bound to the specified bind_address(127.0.0.1). Whenever a connection is made to this port(8080), the connection is forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine. Currently the SOCKS4 and SOCKS5 protocols are supported, and ssh will act as a SOCKS server. Only root can forward privileged ports. Dynamic port forwarding can also be specified in the configuration file….

** How to use SSH tunneling for SOCK port forwarding -

root@arunbagul:~# ssh -D 8080 arun@192.168.0.1
arun@192.168.0.1′s password:
…
….

arun@server:~$
** Check the 8080 port is open or your local system -

root@arunbagul:~# netstat -nlp | grep 8080
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN -
tcp6 0 0 ::1:8080 :::* LISTEN -
root@arunbagul:~#

** 8080 is the SOCKS proxy port of your local system. This is a tunnel to the server(192.168.0.1). Now all you have to do is got to set the preference in Firefox browser and use a SOCKS proxy. The proxy is, of course, “localhost”, with the port 8080. Now whenever you browse, all the connections you make to websites will seem to originate from the server to which you SSH-ed(192.168.0.1). In addition, all outgoing and incoming data for the browsing session will be encrypted since it passes through the SSH connection…

Find out what is possible with ssh ?

Cheers,
Arun Bagul