To enable GUI on SLES VM in Citrix Xenserver, you need to edit /etc/xinit.d/vnc and change the Port from 5901 to 5900
service vnc1
{
type = UNLISTED
port = 5900
socket_type = stream
protocol = tcp
wait = no
user = nobody
server = /usr/bin/Xvnc
server_args = -noreset -inetd -once -query localhost -geometry 1024x768 -securitytypes none
disable = yes
Showing posts with label suse. Show all posts
Showing posts with label suse. Show all posts
Wednesday, April 18, 2012
Tuesday, August 17, 2010
Installing VirtualBox Guest addition on SUSE
When you try to run the installation script, you'll receive this error
"Your system does not seem to be set up to build kernel modules"
What you need to do is to install both GCC and the Kernel Source. You can do that by running YaST and install it using the Software Management.
Wednesday, July 22, 2009
Cloning SLES in Citrix Xen
Virtualisation is not only great in production environment but also the best way when it comes to development.
One of the most common and extremely useful feature is cloning of another virtual machine as it will save you a lot of time and also resources. However, when you clone using the the 'Fast' method, you will face problem with the network card as the MAC address will be similar. This affects mostly Linux distros as Windows will boot the NIC as a new card and take in the MAC address assigned by the XenServer.
For SLES, there are a couple of things you need to do overcome this. First, take note of the correct MAC address which is displayed at the network tab of the cloned VM.
Once you have the info, move the network card configuration file to reflect the right MAC address, eg
cd /etc/sysconfig/network/
mv ifcfg-eth-id-5e\:7f\:45\:e6\:46\:29 ifcfg-eth-id-aa\:fa\:53\:65\:40\:92
If you want to make the network card as a DHCP client, then edit the /var/lib/dhcpcd/dhcpcd-eth0.info file. At the bottom of the file, update the entry with the correct MAC address, eg
CLIENTID=AA:FA:53:65:40:92
Save the file, then run the network configuration wizard using YaST and you're good to go.
One of the most common and extremely useful feature is cloning of another virtual machine as it will save you a lot of time and also resources. However, when you clone using the the 'Fast' method, you will face problem with the network card as the MAC address will be similar. This affects mostly Linux distros as Windows will boot the NIC as a new card and take in the MAC address assigned by the XenServer.
For SLES, there are a couple of things you need to do overcome this. First, take note of the correct MAC address which is displayed at the network tab of the cloned VM.
Once you have the info, move the network card configuration file to reflect the right MAC address, eg
cd /etc/sysconfig/network/
mv ifcfg-eth-id-5e\:7f\:45\:e6\:46\:29 ifcfg-eth-id-aa\:fa\:53\:65\:40\:92
If you want to make the network card as a DHCP client, then edit the /var/lib/dhcpcd/dhcpcd-eth0.info file. At the bottom of the file, update the entry with the correct MAC address, eg
CLIENTID=AA:FA:53:65:40:92
Save the file, then run the network configuration wizard using YaST and you're good to go.
Friday, November 7, 2008
Creating FreeRADIUS 1.1.7 package with SLES 10 SP1
So you've been happily using FreeRADIUS to authenticate your Windows 802.1x clients. Thinking of upgrading to Vista or already did and things are not working? Then you've come to the right place.
As expected something will not work as usual in Vista. PEAP 802.1x authentication will fail in Vista unless you use FreeRADIUS version 1.1.4 and above.
SLES 10 SP1 do not have a FreeRADIUS rpm version 1.1.4 and above so you have to either compile from source or make yourself an rpm file. The latter is preferable with most users especially with SLES.
The steps below will show how to make an rpm package with FreeRADIUS 1.1.7 on your SLES. If they have a new release, just substitute the version number accordingly. This guide is based on one from Novell's Cool Solutions
1. download the latest FreeRADIUS
wget ftp://ftp.freeradius.org/pub/radius/freeradius-1.1.7.tar.gz
2. untar the file
tar -zxf freeradius-1.1.7.tar.gz
3. remove the file postgreslippool.conf from the folder raddb
rm freeradius-1.1.7/raddb/postgreslippool.conf
4. tar back the files
tar -cf freeradius-1.1.7.tar freeradius-1.1.7/*
5. move the new tar file to the SOURCES folder
mv freeradius-1.1.7.tar /usr/src/packages/SOURCES/
6. copy the SUSE spec file into the SPECS folder
cp freeradius-1.1.7/suse/freeradius.spec /usr/src/packages/SPECS/
7. edit the specs file and change the Source to simply .tar
vi /usr/src/packages/SPECS
8. create the package. It will fail because of dependencies issue. Resolve them by installing what is missing and then repeat the process.
rpmbuild -ba /usr/src/packages/SPECS/freeradius.rpm
9. install the rpm. Substitute the build accordingly eg i586. The right rpm for your build will be in the right RPMS folder
rpm -ivh /usr/src/packages/RPMS/build/freeradius-1.1.7-0.sles10.i586.rpm
As expected something will not work as usual in Vista. PEAP 802.1x authentication will fail in Vista unless you use FreeRADIUS version 1.1.4 and above.
SLES 10 SP1 do not have a FreeRADIUS rpm version 1.1.4 and above so you have to either compile from source or make yourself an rpm file. The latter is preferable with most users especially with SLES.
The steps below will show how to make an rpm package with FreeRADIUS 1.1.7 on your SLES. If they have a new release, just substitute the version number accordingly. This guide is based on one from Novell's Cool Solutions
1. download the latest FreeRADIUS
wget ftp://ftp.freeradius.org/pub/radius/freeradius-1.1.7.tar.gz
2. untar the file
tar -zxf freeradius-1.1.7.tar.gz
3. remove the file postgreslippool.conf from the folder raddb
rm freeradius-1.1.7/raddb/postgreslippool.conf
4. tar back the files
tar -cf freeradius-1.1.7.tar freeradius-1.1.7/*
5. move the new tar file to the SOURCES folder
mv freeradius-1.1.7.tar /usr/src/packages/SOURCES/
6. copy the SUSE spec file into the SPECS folder
cp freeradius-1.1.7/suse/freeradius.spec /usr/src/packages/SPECS/
7. edit the specs file and change the Source to simply .tar
vi /usr/src/packages/SPECS
8. create the package. It will fail because of dependencies issue. Resolve them by installing what is missing and then repeat the process.
rpmbuild -ba /usr/src/packages/SPECS/freeradius.rpm
9. install the rpm. Substitute the build accordingly eg i586. The right rpm for your build will be in the right RPMS folder
rpm -ivh /usr/src/packages/RPMS/build/freeradius-1.1.7-0.sles10.i586.rpm
Virus scanner for mail servers
There are tons of guides on this but hopefully mine is the easiest for you to follow
I am a SUSE fan, so this guide is based on the latest SLES10 which you can download from Novell. Everything you need is available in that distribution.
If you are new to SUSE, or even Linux, this distro is very easy to use. Just follow the guide and you will get it up and running in no time. If you just want to get to the configuration part then proceed straight there
1. INTRODUCTION
1.1 What's all this?
You'll get an SMTP server that can check for virus.
1.2 Why this set up?
This way, it will work with your current mail server. It will just be a firewall for your incoming/outgoing mails
1.3 Why use SUSE?
Because I am a SUSE fan and it is Linux which means it is free.
2. INSTALLATION
2.1 Components
You will need the following
SUSE 10 (any package, inclusive of SLES)
LDAP
Postfix
Amavisd
Clamd
2.1. Partitions
If you are using a new harddisk, then SLES will do the partition automatically for you. If you already have an existing partition, then maybe you want to customise it. The standard partitions by SLES are
partition 1 - swap = 1.5x of your available memory (if more than 256. Min 256MB, max 1GB
partition 2 - root directory = balance space
what I suggest is to divide the balance space to two and use the other half to mount a spare directory. This is where you can store junks and prevent your server from choking up if case space runs out
2.2 Package
Just choose default configuration and proceed with the installation.
2.3 Host Name / Domain
When prompted to enter machine and domain name, enter accordingly. The settings here will be used for your LDAP server.
2.4. Certificate Authority
If you want to customise your Certificate Authority, then maybe you want to change the settings when prompt to. Suggest you change to reflect your domain
2.5. LDAP
When prompted if you want to start OpenLDAP, then choose yes. Basic configuration are
Base DN - dc=yourdomain, dc=yourdomain
Administrator - cn=administrator (append DN)
When prompted to use LDAP for authentication, choose YES. Also choose Allow user to authenticate but disable login. It should choose localhost. Proceed with the installation.
2.6. Installation Source
If you have the ISO, it is time to copy it to one of the directories. It will help when it comes to installing additional feature so you do not need to insert the CDs or DVD everytime. To do this, you need to specify the location of the ISO. Once in X window, launch YAST and go to Software>Installation Source. Choose Add>Local Directory, tick ISO and browse to the CD1 file and click OK. Move the newly added source up and disable the existing one
3. CONFIGURATION
3.1 Mail Server
Run YaST and go to Software>Software Management. Search for yast2-mail-server and install it. It will ask you to remove yast2-mail. Do it.
Restart YaST and go to Network Services>Mail Server. It will prompt to enter LDAP password. Enter the password you entered earlier
Once in, go to Local Delivery and choose No Local Delivery.
Go to Mailserver Prevention and choose Start Virus scanner AMAVIS. You are done here.
3.2 Postfix
Edit /etc/postfix/main.cf
relay_domains=yourdomain
local_recipients_map - remove the whole subnet and put in your current mail server IP address.
Edit /etc/postfix/master.cf
change localhost to 127.0.0.1
restart postfix by running this command 'rcpostfix restart'
3.3 Amavisd
Edit file /etc/amavisd.conf. Look for the first instance of Clamd. Uncomment the following lines and change it to look like this. Those in italics are the one you should change. The rest, just uncomment it.
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/lib/clamav/clamd-socket"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
restart amavisd by running the command 'rcamavisd restart'
3.4 Clamd
Start clamd by running command 'rcclamd start'
Update the database by giving command 'freshclam'
You may want to update to the latest clamav. Current is 0.88.7. You can get it here
ftp://ftp.suse.com/pub/suse/update/10.0/rpm/
update it by running this command 'rpm -Fvh newrpm'
That is it! You can now forward your existing server mails to this server for your outgoing mails. You can also update your external DNS to point to this server for your incoming mails
I am a SUSE fan, so this guide is based on the latest SLES10 which you can download from Novell. Everything you need is available in that distribution.
If you are new to SUSE, or even Linux, this distro is very easy to use. Just follow the guide and you will get it up and running in no time. If you just want to get to the configuration part then proceed straight there
1. INTRODUCTION
1.1 What's all this?
You'll get an SMTP server that can check for virus.
1.2 Why this set up?
This way, it will work with your current mail server. It will just be a firewall for your incoming/outgoing mails
1.3 Why use SUSE?
Because I am a SUSE fan and it is Linux which means it is free.
2. INSTALLATION
2.1 Components
You will need the following
SUSE 10 (any package, inclusive of SLES)
LDAP
Postfix
Amavisd
Clamd
2.1. Partitions
If you are using a new harddisk, then SLES will do the partition automatically for you. If you already have an existing partition, then maybe you want to customise it. The standard partitions by SLES are
partition 1 - swap = 1.5x of your available memory (if more than 256. Min 256MB, max 1GB
partition 2 - root directory = balance space
what I suggest is to divide the balance space to two and use the other half to mount a spare directory. This is where you can store junks and prevent your server from choking up if case space runs out
2.2 Package
Just choose default configuration and proceed with the installation.
2.3 Host Name / Domain
When prompted to enter machine and domain name, enter accordingly. The settings here will be used for your LDAP server.
2.4. Certificate Authority
If you want to customise your Certificate Authority, then maybe you want to change the settings when prompt to. Suggest you change to reflect your domain
2.5. LDAP
When prompted if you want to start OpenLDAP, then choose yes. Basic configuration are
Base DN - dc=yourdomain, dc=yourdomain
Administrator - cn=administrator (append DN)
When prompted to use LDAP for authentication, choose YES. Also choose Allow user to authenticate but disable login. It should choose localhost. Proceed with the installation.
2.6. Installation Source
If you have the ISO, it is time to copy it to one of the directories. It will help when it comes to installing additional feature so you do not need to insert the CDs or DVD everytime. To do this, you need to specify the location of the ISO. Once in X window, launch YAST and go to Software>Installation Source. Choose Add>Local Directory, tick ISO and browse to the CD1 file and click OK. Move the newly added source up and disable the existing one
3. CONFIGURATION
3.1 Mail Server
Run YaST and go to Software>Software Management. Search for yast2-mail-server and install it. It will ask you to remove yast2-mail. Do it.
Restart YaST and go to Network Services>Mail Server. It will prompt to enter LDAP password. Enter the password you entered earlier
Once in, go to Local Delivery and choose No Local Delivery.
Go to Mailserver Prevention and choose Start Virus scanner AMAVIS. You are done here.
3.2 Postfix
Edit /etc/postfix/main.cf
relay_domains=yourdomain
local_recipients_map - remove the whole subnet and put in your current mail server IP address.
Edit /etc/postfix/master.cf
change localhost to 127.0.0.1
restart postfix by running this command 'rcpostfix restart'
3.3 Amavisd
Edit file /etc/amavisd.conf. Look for the first instance of Clamd. Uncomment the following lines and change it to look like this. Those in italics are the one you should change. The rest, just uncomment it.
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/lib/clamav/clamd-socket"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
restart amavisd by running the command 'rcamavisd restart'
3.4 Clamd
Start clamd by running command 'rcclamd start'
Update the database by giving command 'freshclam'
You may want to update to the latest clamav. Current is 0.88.7. You can get it here
ftp://ftp.suse.com/pub/suse/update/10.0/rpm/
update it by running this command 'rpm -Fvh newrpm'
That is it! You can now forward your existing server mails to this server for your outgoing mails. You can also update your external DNS to point to this server for your incoming mails
Subscribe to:
Posts (Atom)