View Free Disk Space on a Vserver
Edit /etc/mtab to contain the line:
/dev/hdv1 / ext3 defaults 1 1
Then df -h can show the free disk space.
Edit /etc/mtab to contain the line:
/dev/hdv1 / ext3 defaults 1 1
Then df -h can show the free disk space.
To have a Debian installation auto-login a certain user on the console on bootup, install the mingetty package and change this line in /etc/inittab:
1:2345:respawn:/sbin/getty 38400 tty1
to
1:2345:respawn:/sbin/mingetty --autologin root tty1
Here’s what I do to backup my Debian box to a FTP server without temporarily occupying local disk space:
tar cf - --exclude '/var/cache' --exclude '/var/lib/apt' --exclude '/var/lib/dpkg' --exclude '/var/tmp' /etc /root /home /var /usr/lib/cgi-bin /usr/local/sbin | bzip2 | curl -n -T - ftp://ftp.server.com/backup.tar.bz2
Wake on LAN with the reverse-engineered forcedeth driver on Gentoo Linux amd64 does not work for me. I enabled the Wake up setting in the BIOS and ethtool as well as editing the shutdown script to enable WOL prior to shutdown doesn’t help, see here. The PC won’t wake up, neither on magic packet nor on link change.
So I decided to use NVIDIA’s binary nvnet driver. Wake on LAN works fine with this one, as it is enabled by default. No more fiddling with ethtool and the shutdown scripts. But there is a problem: nvnet sets the network adapter not only to wake on magic packets, but also to wake on link change (e.g. cable disconnects or router reboot). As I’m having my router rebooted every 24h my PC turns on in the middle of the night.
Here’s a fix: extract the NVIDIA nforce drivers with
./NFORCE-Linux-x86_64-1.0-0310-pkg1.run -x
and open the file NFORCE-Linux-x86_64-1.0-0310-pkg1/nvnet/nvenet.c in your favourite editor and search for this line:
power_state.ulLinkChangeWakeUpFlags = POWER_STATE_ALL;
and change it to:
power_state.ulLinkChangeWakeUpFlags = 0;
Now run NFORCE-Linux-x86_64-1.0-0310-pkg1/nforce-installer -s, load the module, restart networking and shut down. Your PC will only wake upon receiving a magic packet!
Create CA:
openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
Create certificate:
openssl genrsa -des3 -out server.key 4096
openssl req -new -key server.key -out server.csr
Make sure you enter different things for organization, unit and common name! Don’t use the IP address as CN, as Konqueror cannot verify it.
Sign the certificate:
sign.sh server.csr
Create passphrase-less key file for Apache, Postfix and Courier:
openssl rsa -in server.key -out server.key.insecure
mv server.key server.key.secure
mv server.key.insecure server.key
Create a file combining certificate and key for Courier and Postfix:
cat server.key server.crt > courier_postfix.pem
(strip out everything before the BEGIN CERTIFICATE line)
openssl gendh >> courier_postfix.pem
Don’t forget to:
chmod -R 0600 *
and copy the CRT, KEY and PEM files to Apache’s, Courier’s and Postfix’ config dir.
Backupninja has a MySQL backup feature, which dumps each database to a separate file. To restore, each database has to be created manually and each file needs to be imported. This backupninja action dumps all databases and their CREATE statements into a single file and backs it up:
mysqldump -u backup -p[passwd], --all-databases > /var/backups/mysql/all-databases.sql
gzip -f /var/backups/mysql/all-databases.sql
To start screen just type screen and then you’ll be in your new terminal. To detach, hit CTRL+A and D.
Reattach to a screen:
If only one screen is open:
screen -R
If more than one:
screen -list
Get the terminal ID and then:
screen -R [terminal_id]
To debug TLS and AUTH in exim, run mailq to check if there are any undelivered mails and run exim -qff -d+all to see what’s happening during the delivery attempt.
Insert this into the transport section of exim.conf to force TLS and AUTH on all accounts:
remote_smtp:
driver = smtp
remote_smtp_smarthost:
driver = smtp
hosts_require_auth = ${if exists {/etc/exim/passwd.client}\
{${lookup{${address:$h_from:}}lsearch*\
@{/etc/exim/smarthosts}}}{}}
hosts_require_tls = ${if exists {/etc/exim/passwd.client}{${lookup{${address:$h_from:}}\
lsearch*@{/etc/exim/smarthosts}}}{}}
tls_tempfail_tryclear = false
Setup the authenticators cram_md5 and plain like this:
cram_md5:
driver = cram_md5
public_name = CRAM-MD5
client_name = ${extract{1}{:}{${lookup{$host}lsearch*\
{/etc/exim/passwd.client}{$value}fail}}}
client_secret = ${extract{2}{:}{${lookup{$host}lsearch*\
{/etc/exim/passwd.client}{$value}fail}}}
plain:
driver = plaintext
public_name = PLAIN
client_send = "^${extract{1}{::}{${lookup{$host}lsearch*\
{/etc/exim/passwd.client}{$value}fail}}}^${extract{2}{::}\
{${lookup{$host}lsearch*\
{/etc/exim/passwd.client}{$value}fail}}}"
Add this router:
smarthost:
debug_print = "R: smarthost for $local_part@$domain"
driver = manualroute
domains = ! +local_domains
transport = remote_smtp_smarthost
route_list = * ${lookup{${address:$h_from:}}lsearch*\
@{/etc/exim/smarthosts}} byname
host_find_failed = defer
same_domain_copy_routing = yes
no_more
And don’t forget to create passwd.client like this:
mailserver.de:user@domain.de:passwd
and smarthosts file:
user@domain.de: mailserver.de
The correct university mail server name is: m1.informatik… (mail.informatik… points to that one).
To get my Towitoko Chipdrive micro running in Debian, I had to install libtowitoko2 (and create a symlink libtowitoko.so), libchipcard2 and libchipcard2-tools. The chipdrive and the card server can be configured in /etc/chipcard2-server/chipcardd2.conf , the client’s way to connect to the card server is set in /etc/chipcard2-client/chipcard2.conf. Running chipcardd2 -f –logtype console –loglevel info shows if the chipdrive is configured properly. After starting the chipcardd2 daemon, aqbanking can be installed. Insert a HBCI card and run geldkarte2 loaded to see if aqbanking can access the card.
To setup the accounts see aqhbci-tool’s README or use the GUI tool (available from within any app supporting HBCI over aqbanking).
To manage bank accounts and transfer money, several applications are available. It could be done using aqbanking-tool at the command line, which is less comfortable than a GUI solution. Qbankmanager works great, but is still in a beta stage. KMyMoney2 has more features, but also more bugs. It has to be <= 0.8 and configured with --enable-kbanking. GNUCash needs tons of additional libs, looks rather outdated and is overloaded with features I never use. Compiling it from source in Ubuntu failed. The best feature of HBCI in Linux is libchipcard2's card server. It allows you to share a HBCI card for multiple clients over a TCP/IP connection. Now I can do homebanking from anywhere without the need to carry around a chipcard + reader or a PIN/TAN list!
When booting from a 64bit Linux live CD and chrooting into my Debian AMD64 I get a segfault in Grub. I run the grub shell and enter:
root (hd0,4)
setup (hd0)
To prevent the setup command from segfaulting Grub, the live Linux needs to be booted with the following kernel parameter:
noexec=off
This seems to be a bug in Grub.