Installare su hdc per avviarlo come hda usando bios=

Lilo permette di mappare l’immagine del kernel da un disco e di istruire il BIOS perché la recuperi da un altro disco. Per esempio, a me capita spesso di installare Linux su un disco collegato come hdc (disco principale del controller secondario), e di avviarlo come sistema autonomo sul controller IDE primario di un altro computer. Ho fatto una copia del floppy di installazione in una piccola partizione, per poter installare su hdc eseguendo chroot su una console virtuale, continuando ad usare il sistema per fare altro.

Il file lilo.conf usato per installare Lilo ha questo aspetto:

# Questo file deve essere usato da un sistema che giri su /dev/hdcboot = /dev/hdc   # sovrascrive l'MBR di hdcdisk = /dev/hdc   # specifica come hdc verrà visto:  bios = 0x80    #  il bios lo vedrà come primo discodelay = 0vga = 0

image = /boot/vmlinux  # l'immagine risiede su /dev/hdc1 root = /dev/hda1     # ma all'avvio sarà su hda1 label = Linux read-only

Questo file di configurazione deve essere usato da un Lilo funzionante su /dev/hdc1. Le mappe di Lilo che vengono scritte nel settore di avvio (/dev/hdc) devono far riferimento ai file residenti in /boot (attualmente installati su hdc); questi file verranno letti da hda quando il disco verrà avviato come sistema autonomo.

Io chiamo questo file di configurazione /mnt/etc/lilo.conf.hdc (/mnt è dove viene montato hdc durante l’installazione). L’installazione di Lilo avviene invocando “cd /mnt; chroot . sbin/lilo -C /etc/lilo.conf.hdc”. Si faccia riferimento alla pagina di manuale di chroot se questo comando sembra una magia.

La direttiva “bios=” di lilo.conf si usa per dire a Lilo che cosa il BIOS pensa dei propri dispositivi. Le chiamate al BIOS identificano i floppy e i dischi rigidi con un numero: 0×00 e 0×01 selezionano i dischi floppy, 0×80 e i numeri successivi selezionano i dischi rigidi (i vecchi BIOS possono accedere solo a due dischi). Il significato di “bios = 0x80” usato nell’esempio precedente significa quindi “usa 0×80 nelle chiamate al BIOS per /dev/hdc”.

Questa direttiva di Lilo può essere utile in altre situazioni, per esempio quando il proprio BIOS è in grado di avviare il sistema da dischi SCSI piuttosto che da dischi IDE. Quando sono presenti sia dispositivi IDE che SCSI, Lilo non può sapere se 0×80 si riferirà all’uno o all’altro, poiché l’utente può scegliere quale usare tramite i menu di configurazione del BIOS, e non è possibile accedere al BIOS mentre Linux è in funzione.

Lilo, come comportamento predefinito, assume che i dischi IDE vengano mappati per primi dal BIOS. Si può annullare questo comportamento usando nel proprio /etc/lilo.conf istruzioni come queste:

disk = /dev/sda bios = 0x80

Installing PHP 5.2.x on RedHat ES5, CentOS 5, etc

I’ve had to follow this tutorial a few times myself now so decided I should share it with the world.

A few of our applications which make use of SOAP get a Segmentation Fault if run with PHP 5.1.x or lower. We believe this is due to a bug in PHP but can’t be sure, regardless it works fine in PHP 5.2.4 and above.

Problem is, RedHat ES5 does not have support at this time for anything higher than 5.1.6, and we didn’t want to break RPM dependancys etc by installing from source.

To install PHP 5.2.5 (Highest in repository at this time) you can make use of a RPM repository maintained by Remi:

http://blog.famillecollet.com/post/2005/10/02/8-telechargement-installation-et-yum

He has a repository for each distro, but to save you translating for the ES5 one I’ll give you the commands here. Run the following to get up and running:
wget http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-2.noarch.rpm
wget http://rpms.famillecollet.com/el5.i386/remi-release-5-4.el5.remi.noarch.rpm
rpm -Uvh remi-release-5*.rpm epel-release-5*.rpm

You now have the Remi repository on your system, however it is disabled by default. Obviously you don’t want all of your packages been effected by this repository, however to enable it for a specific package, run the following:
yum –enablerepo=remi update php

You should now have the latest PHP5 installed:
# php -v
PHP 5.2.5 (cli) (built: Nov 10 2007 10:52:30)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies

You should make sure that you have Priorities installed.

yum-priorities is available in the CentOS 5 repositories:

yum install yum-priorities

Plugins are enabled in CentOS 5 by default.

Make sure that yum-priorities is enabled by editing the /etc/yum/pluginconf.d/priorities.conf file, and ensuring that it contains the following lines:

[main]enabled=1

Edit the .repo files in /etc/yum.repos.d/ and set up priorities by adding the line:

priority=N

to a repository entry, where N is an integer number from 1 to 99.

The recommended settings are:

[base], [addons], [updates], [extras] ... priority=1[centosplus],[contrib] ... priority=2Third Party Repos such as rpmforge ... priority=N  (where N is > 10 and based on your preference)

1.2. RPMforge

Download the rpmforge-release package. Choose one of the two links below, depending on your architecture. If you are unsure of which one to use you can check your architecture with the command uname -i

• i386 http://apt.sw.be/redhat/el5/en/i386/RPMS.dag/rpmforge-release-0.3.6-1.el5.rf.i386.rpm

• x86_64 http://apt.sw.be/redhat/el5/en/x86_64/RPMS.dag/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm

(You can find a complete list of rpmforge-release package packages at http://dag.wieers.com/packages/rpmforge-release/ but it is recommended that you use one of the two listed above).

Install DAG’s GPG key

rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt

Verify the package you have downloaded

rpm -K rpmforge-release-0.3.6-1.el5.rf.*.rpm

Security warning: The rpmforge-release package imports GPG keys into your RPM database. As long as you have verified the package and trust Dag then it should be safe.

Install the package

rpm -i rpmforge-release-0.3.6-1.el5.rf.*.rpm

This will add a yum repository config file and import the appropriate GPG keys. At this point, you can set the priority of the RPMForge repository, and also of the CentOS repositories if you have not done so yet.

Fatto questo occorre aggiungere un altro repository:

[root@vmonitor-pub ~]# cat /etc/yum.repos.d/alcancelibre.org.repo
[AL-Desktop]
name=Enterprise Linux $releasever – $basearch – AL Desktop
mirrorlist=http://www.alcancelibre.org/al/el5/al-desktop
gpgkey=http://www.alcancelibre.org/al/AL-RPM-KEY
priority=11

wget http://www.alcancelibre.org/al/webapps/AL-RPM-KEY
rpm –import AL-RPM-KEY

Test with this command:

yum check-update

It should output these two lines:

Loading "priorities" plugin...76 packages excluded due to repository priority protections

The number above may differ, but there should be several packages shown as being excluded.

If so then it looks like things are working so try installing something like this

yum install mysql.i386 mysql-devel.i386 mysql-server.i386 mysql-test.i386 php-mysql.i386 php-pear-MDB2-Driver-mysql.noarch

yum install snort-mysql+flexresp.i386 snort-rep.i386 snort-snmp+flexresp.i386 php-acid.noarch mysql-server

wget http://www.andrew.cmu.edu/user/rdanyliw/snort/acid-0.9.6b23.tar.gz
wget http://heanet.dl.sourceforge.net/sourceforge/adodb/adodb505.tgz

tar -zxvf acid-0.9.6b23.tar.gz
tar -zxvf adodb505.tgz

alias cp=cp
cp -r acid/ /var/www/
cp -r adodb5/ /var/www/acid/
alias cp="cp -i"

mysqladmin create snort
mysql snort < /usr/share/doc/snort-2.6.1.1/create_mysql
mysql snort < /var/www/acid/create_acid_tbls_mysql.sql

edit /var/www/acid/acid_conf.php

cp /etc/snort/snort.conf /etc/snort/snort.conf.ORIG
edit /etc/snort/snort.conf

download rules http://www.snort.org/vrt/

....

5.3 What VESA modes are available to me?

This really depends on the type of VESA 2.0 compliant graphic card that you have in your system, and the amount of video memory available. This is just a matter of testing which modes work best for your graphic card.

The following table shows the mode numbers you can input at the VGA prompt or for use with the LILO program. (actually these numbers are plus 0×200 to make it easier to refer to the table)

Colours   640x400 640x480 800x600 1024x768 1152x864 1280x1024 1600x1200 --------+-------------------------------------------------------------- 4 bits |    ?       ?     0x302      ?        ?        ?         ? 8 bits |  0x300   0x301   0x303    0x305    0x161    0x307     0x31C 15 bits |    ?     0x310   0x313    0x316    0x162    0x319     0x31D 16 bits |    ?     0x311   0x314    0x317    0x163    0x31A     0x31E 24 bits |    ?     0x312   0x315    0x318      ?      0x31B     0x31F 32 bits |    ?       ?       ?        ?      0x164      ? 

Key: 8 bits = 256 colours, 15 bits = 32,768 colours, 16 bits = 65,536 colours, 24 bits = 16.8 million colours, 32 bits – same as 24 bits, but the extra 8 bits can be used for other things, and fits perfectly with a 32 bit PCI/VLB/EISA bus.

Non mi funzionava con
vga=791
ho provato con
vga=0×317
Tutto ok

Per trasferire fra 2 pc le impostazioni del putty occorre esportare e
reimportare la seguente chiave di registro:
HKEY_CURRENT_USER\Software\SimonTatham

Nel caso in cui, durante l’installazione di squidguard si riceve il
seguente errore:

[root@proxy squidGuard-1.3]# make
making all in squidGuard-1.3
make[1]: Entering directory `/root/sw/squidGuard-1.3/src’
making all in src
gcc -I.. -I. -I. -I/usr/local/BerkeleyDB/include -DHAVE_CONFIG_H -g -O2
-I/usr/local/BerkeleyDB/include -c main.c
gcc -I.. -I. -I. -I/usr/local/BerkeleyDB/include -DHAVE_CONFIG_H -g -O2
-I/usr/local/BerkeleyDB/include -c sgLog.c
gcc -I.. -I. -I. -I/usr/local/BerkeleyDB/include -DHAVE_CONFIG_H -g -O2
-I/usr/local/BerkeleyDB/include -c sgDb.c
gcc -I.. -I. -I. -I/usr/local/BerkeleyDB/include -DHAVE_CONFIG_H -g -O2
-I/usr/local/BerkeleyDB/include -c sgDiv.c
gcc -I.. -I. -I. -I/usr/local/BerkeleyDB/include -DHAVE_CONFIG_H -g -O2
-I/usr/local/BerkeleyDB/include -c sgFree.c
yacc -d sg.y || (cp y.tab.c.bison y.tab.c && cp y.tab.h.bison y.tab.h)
/bin/sh: yacc: command not found
gcc -I.. -I. -I. -I/usr/local/BerkeleyDB/include -DHAVE_CONFIG_H -g -O2
-I/usr/local/BerkeleyDB/include -c y.tab.c
: sg.l || cp lex.yy.c.flex lex.yy.c
gcc -I.. -I. -I. -I/usr/local/BerkeleyDB/include -DHAVE_CONFIG_H -g -O2
-I/usr/local/BerkeleyDB/include -c lex.yy.c
gcc: lex.yy.c: No such file or directory
gcc: no input files
make[1]: *** [lex.yy.o] Error 1
make[1]: Leaving directory `/root/sw/squidGuard-1.3/src’
make: *** [all] Error 1

La soluzione è semplice:
[root@proxy squidGuard-1.3]# yum install flex byacc
[root@proxy squidGuard-1.3]# make clean
[root@proxy squidGuard-1.3]# ./configure
[root@proxy squidGuard-1.3]# make
[root@proxy squidGuard-1.3]# make install

Problema risolto!!!

PEr inserire del codice che non venga interpretato dal browser possiamo seguire uno dei tanti esempi descritti qui:
http://www.learningmovabletype.com/a/000235display_code/

Un metodo che ho testato è quello di sostituire i codici ascii dei caratteri che compongono i tag.

Quindi al posto di < usare &lt;
e al posto di > usare &gt;

Questi sono i passaggi necessari:

BUILD AND SIGN A CERTIFICATE SIGNING REQUEST USING ALOCALLY INSTALLED ROOT CERTIFICATE/KEY -- thisscript generates and signs a certificate in one step,but it requires that the generated certificate andprivate key files be copied to the destination hostover a secure channel. 1. ./build-key mycert (no password protection)2. OR ./build-key-pass mycert (with password protection)3. OR ./build-key-pkcs12 mycert (PKCS #12 format)4. OR ./build-key-server mycert (with nsCertType=server)5. mycert.crt and mycert.key will be built in your   KEY_DIR directory, and mycert.crt will be signed   by your root CA. If ./build-key-pkcs12 was used a   mycert.p12 file will also be created including the   private key, certificate and the ca certificate. 

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Dalla guida:
http://openvpn.net/howto.html#pki

Generate certificates & keys for 3 clients

Generating client certificates is very similar to the previous step. On Linux/BSD/Unix:

./build-key client1 ./build-key client2 ./build-key client3

On Windows:

build-key client1 build-key client2 build-key client3

If you would like to password-protect your client keys, substitute the build-key-pass script.

Remember that for each client, make sure to type the appropriate Common Name when prompted, i.e. “client1″, “client2″, or “client3″. Always use a unique common name for each client.

To solve this problem with
Atheros Communications, Inc. AR5006EG 802.11 b/g Wireless PCI Express
Adapter (rev 01)
i installed
http://snapshots.madwifi.org/madwifi-ng/madwifi-ng-r3067-20071220.tar.gz
then, in the file
/etc/modprobe.d/blacklist
add the following line:
blacklist ath5k
and reboot.

Bye