Explore Posterous

Use GMail's SMTP gateway using the command line from !Ubuntu without lots of config #tips

I'm writing a few little scripts at the moment, and one of them needed to be able to send an e-mail. I'd not got around to sorting out what my SMTP gateway was from my ISP - but I do tend to use GMail's SMTP gateway for non-essential stuff.

I thought I could easily setup sendmail, but no, that's SCARY stuff, and then I thought of Postfix, but that needs an awful lot of configuration for an TLS based SMTP connection, so I did a bit of digging.

Thanks to this post over at the Ubuntu Forums, I worked out how to get a local port 10025 to run, but PHP kept complaining, so I next looked for a "sendmail replacement", in comes nullmailer.

So, thankfully this is all rather easy.

• sudo apt-get install openssl xinetd nullmailer

• sudo tee /usr/bin/gmail-smtp <<EOF >/dev/null
  #!/bin/sh
  # Thanks to http://ubuntuforums.org/showthread.php?t=918335 for this install guide
  /usr/bin/openssl s_client -connect smtp.gmail.com:465 -quiet 2>/dev/null
  EOF
  sudo chmod +x /usr/bin/gmail-smtp

• sudo tee /etc/xinetd.d/gmail-smtp <<EOF >/dev/null
  # default: on
  # description: Gmail SMTP wrapper for clients without SSL support
  # Thanks to http://ubuntuforums.org/showthread.php?t=918335 for this install guide
  service gmail-smtp
  {
      disable         = no
      bind            = localhost
      port            = 10025
      socket_type     = stream
      protocol        = tcp
      wait            = no
      user            = root
      server          = /usr/bin/gmail-smtp
      type            = unlisted
  }
  EOF
  sudo /etc/init.d/xinetd reload

• sudo tee /etc/nullmailer/remotes <<EOF >/dev/null
  127.0.0.1 smtp --port=10025 --user=your@user.tld --pass=Y0urC0mp3xGM@ilP@ssw0rd
  EOF
  sudo /etc/init.d/nullmailer reload

Setting all this lot up was pretty easy with these guides. There's no reason why it wouldn't work on any other version of Linux (provided you can install all these packages).

Good luck with your project!

Loading mentions Retweet

Comment (0) »

Configuring Snow Leopard Server DNS

After a brief phone call with Apple Server Tech Support, I was introduced to a method for configuring the DNS services correctly during the installation of Apple Snow Leopard 10.6 Server. Since the introduction of SL Server, the DNS services attempt to auto-configure during the initial installation. After a few installations at different clients, I found this "automagic" configuration to be incorrect in most of my attempts until I learned of the following pre-installation configuration recommendation:

1. Connect the machine (Xserve, Mac Pro, Mac Mini, etc...) to an ethernet cable plugged into either another Mac or switch that is NOT connected to the internet or any router that may contain any DNS settings or DHCP

2. When prompted during the installation for the server's IP address, router, and DNS, enter the static IP address you plan on using for the server in ALL three fields (i.e. EN0 IP: 10.10.10.5, Router IP: 10.10.10.5, DNS Servers: 10.10.10.5)

3. After doing this and finishing the installation, go to Server Admin. You won't see the DNS service listed but, after enabling it, the records necessary for configuring this machine as the PRIMARY DNS server will already be configured and will show up after turning the DNS service on!

I will continue to update this blog as additional tips for configuring Apple servers find their way into my routine. Please visit my website for more information about my services and company at: www.sourcenetworks.com. Thanks!

Jason P. Bosket, MBA, MTM, ACSA, MCSE, CCNA
email: jason@sourcenetworks.com | phone: (847) 878-3747 | fax: (847) 669-0815
 Apple Consultants Network | www.sourcenetworks.com

Loading mentions Retweet

Comment (1) »

Supporting multiple machines in GNOME using VNC

I was recently asked how to configure VNC for user support across a series of machines running GNOME. I'm in the process of trying out a few different platforms at the moment, and didn't have my GNOME machine to hand and working right, so I decided to work it out from what I've done in the past. Here's the bulk of the e-mail I sent him to try and help him out. Maybe this will help you at some point.

If you find any errors (especially around the option names in the actual dialogue boxes) please post a note so I can correct this!

Thanks!

On most GNOME based systems (which includes Fedora), you can active "Remote Desktop Sharing" for users.

Go to System -> Preferences -> Remote Desktop Sharing (or something similar). I'm afraid I've just recently moved my systems to KDE, so I don't know the exact options, but I believe it'll say something like "Enable remote connections" (tick that), and "User is prompted to permit connection" (this will be down to policy) and "Remote user needs to enter a password" (this will need some text to be entered).

Once you have these for one system, you can automatically set this for all the other computers.

From the command line, type
  gconftool-2 -R /desktop/gnome/remote_access

This will return all the settings you have made. Here's mine:

 view_only = false                                         
 alternative_port = 5900                                   
 prompt_enabled = false                                    
 icon_visibility = client                                  
 lock_screen_on_disconnect = false                         
 disable_xdamage = false                                   
 mailto =                                                  
 use_alternative_port = false                              
 enabled = true                                            
 disable_background = false                                
 network_interface =                                       
 require_encryption = false                                
 authentication_methods = [vnc]                            
 vnc_password = &&&&&&&&&&&&                               
 use_upnp = false

(I've removed the password for my box)

You can use this gconftool to set the same variables on your computers you've already deployed, either per-user, as a default policy for each machine, or as a mandatory policy for each machine.

This article from Sun's GNOME configuration guide explains how to set variables: http://docs.sun.com/app/docs/doc/806-6878/6jfpqt2t5?a=view while this is an overview of all of the GNOME configuration tool (including that article): http://docs.sun.com/app/docs/doc/806-6878/6jfpqt2sv?a=view and lastly, this is how "Vino" the VNC client for GNOME works: http://www.gnome.org/~markmc/remote-desktop.html

I hope this helps you!

Loading mentions Retweet

Comment (0) »

Linq to SQL and connection string in the web.config file

Maybe you've never run into this problem before but I have. And it's a pain in the butt when it happens. When you create your .dbml file in Visual Studio the connection string to the database is stored in a couple of different locations and none of them are in the web.config or app.config file.

You're ready to test or launch the site and want to change the connection string, but it isn't centralized and isn't really that easy to find.

Take a look here (http://goneale.com/2009/03/26/untie-linq-to-sql-connection-string-from-application-settings/) for instructions on how to use the app.config or web.config file to store the connection string

Loading mentions Retweet

Comment (0) »

Tips to Speedup your website easily

If you use YSlow Firefox toolbar,  by now you should have a decent idea about why your website is slow or what you can do to get it up to speed. Here is a quick list of how to solve some of the problem that YSlow points out and others that I find useful.
1. Add Expires Headers
You need to set the expires headers in your .htaccess file in your web root or htdocs directory. For the beginners here is what I would suggest you to use:

2. Disable FileETag is you don't use it
ETag (entity tag) is an HTTP response header returned by an HTTP/1.1 compliant web server used to determine change in content at a given URL. ETags were added to provide a mechanism for validating entities that is more flexible than the last-modified date but If you’re not taking advantage of the flexible validation model that ETags provide, it’s better to just remove the ETag altogether. Removing the ETag reduces the size of the HTTP headers in the response and subsequent requests thus improving site performance.
Add the following to your .htaccess file to remove ETags:

3. Compress components with GZip
Compressing the content (html, js and css), is an important step in optimizing the performance of your site. Depending on the amount of content you have on your site, at a minimum it should give at least 10% improvement in speed.
The code below needs to be added to the .htaccess file in your docroot.

Loading mentions Retweet

Comment (0) »

Taking the config from a McAfee Sidewinder for use in *something else*

I'm really learning to love the Sidewinder product line. Don't get me wrong, it's still got it's foibles that make you go "Erm... OK", but it is quite a clear step up from the Cyberguard Classic and the Secure Computing TSP device. The one area that had people stumped (that I've spoken to) though was how to get the config out in a way that could be re-used. The Classics used pretty standard text files everywhere, and you could just pull those out... tada, instant config. TSP had a single XML file which made extensive use of GUIDs to link hosts to groups, services to groups, host groups and service groups to rules, and so on. When we got to the Sidewinder, I made the mistake of thinking you could just do the same thing here...

Nope, Sidewinder would only export it's policies in a securely encrypted format, that would only de-encrypt on another Sidewinder.

But hang on, what if someone wants to do a rule-base review on that box, and you don't want to give them access to *everything*... how do you get around that then?

The simplest way seems to be to use a couple of commands, wrapped up in the TCSH foreach command, but to figure out what to select, you need to know how I got here.

There's a command called cf which you run with administrator rights, by running srole - once you're an admin, run the command

cf help

and this returns a list of configuration details you can do stuff with. Let's pick one of these at random:

cf help ipaddr

This tells you that you can do cf ipaddr [add|delete|query] or at least something like that. The bit we're most interested in right now though is query because that'll give you some details. When I run cf ipaddr query or cf ipaddr q for short, it gives me back a bundle of lines like this:

ipaddr add name=I_Am_A_Name ipaddr=10.10.10.10 description='' \
last_changed_by='admin on Tue Jan 01 01:01:01 2001'

For those of you who know some unix syntax, you'll realise that the \ indicates "ignore (or do something special with) the next character" - in this case, ignore it, because it's the "New Line" character. You'll recognise here that it's saying you should add a new ipaddr object with a fixed name, fixed IP address and sets some other interesting data.

Not all of the list of things you can do stuff with is actually queryable though, so it might be worth picking and choosing what you do and don't query. For brevity sake, here's a list (space delimited) of the ones you can query:

accelerator acl adminuser agent antivirus appfilter audit auth burb burbgroup catgroups cert cluster cmd commandcenter config crontab daemond dhcrelay dns domain export failover fips fwregisterd gated geolocation host hostname ids ikmpd interface ipaddr iprange ips ipsec ipsresponse ipssig knownhosts lca license mvm netgroup netmap nss ntp package policy pool proxy qos reports routed server service servicegroup snmp ssl static subnet sysctl timeperiod timezone trustedsource udb ups urltranslation usergroup utt whitelist

Now, I don't know what *all* of those do, but if you've spent any time wandering around the Sidewinder GUI, then you'll recognise some of these terms - and that they participate in how the policy fits together. For a simple no-VPN policy, here's the list (again space delimted) of things that I was most interested in:

burb burbgroup interface ipaddr iprange netgroup netmap policy proxy service servicegroup subnet

So, let's do something useful here. We already know that we can run cf <object> query and it'll return some data, but how would we do that for a whole bundle of these things? Re-enter stage left the foreach command. Anyone who's done any programming knows about the for-next-loop style of loops, and some also know about the foreach loops. That's all we'll use here, and get something akin to a single config file (or multiple - you'll see why in a second).

foreach fe ( burb burbgroup interface ipaddr iprange netgroup netmap policy proxy service servicegroup subnet )
cf $fe q >> config_file
end

You'll notice that we're putting that previous list of config options into a foreach loop, and using the variable fe when we're using it against the cf command. You could replace config_file with config_file.$fe to ensure that you had a separate config file per object.

Run this little lot through a simple text processor (looking for the backslash character and then a new line, replace it with nothing) should give you an easy-to-parse list of objects and their variables. Of course, if you notice, those lines are also saying "add" - there's no reason why you shouldn't be able to prefix each of those <object> add lines with cf and paste that into your terminal to rebuild a firewall with a complete policy, but I'll leave that as an exercise for the reader :)

Loading mentions Retweet

Comment (0) »

iPhone, Google Calendars and Microsoft Exchange

So I have an iPhone, a Google Calendar and a Microsoft Exchange account at work. My goal was to have all of these calendars be in sync and ultimately come together on my iPhone. One phone to rule them all!  (Sorry JRR).

Setup Exchange on iPhone
Following instuctions on Apple's Support page (http://bit.ly/27IPx) I contacted the help desk at my new employer and got required information, plugged them in and walla my calendar, contacts and email were on my iPhone.

Synchronize Exchange and Google
Next I installed Google Calendar Sync (http://bit.ly/X6gn) on my PC at work.
 
And set it up for 2 way sync. So now my Google calendar and Work Exchange calendar are in sync!

Configuring CalDAV on iPhone 3.1 for Primary and secondary Google Calendars
I finished by setting up CalDav for Google Calendar. Note that you can't use google sync, because it uses a MS Exchange protocol and only one ActiveSync account can be on the iPhone at a time. So you must use the CalDav method.

1. On the iphone go to Settings>Mail, Contacts, Calendars
2. Tap "Add account", scroll down to bottom and tap "other"
3. Then under calendars tap "Add CalDav Account"
4. Enter your google information
        Server: google.com
        Username: [youronecoolgoogleusername]
        Password: [youronecoolgooglepassword]
        Description: [whateveryouwant]
5. Tap "next"
6. Now should have an account with your main google calendar
7. If you want to add in a secondary google calendar, go to Google Calendar, click "Settings" at top right of screen, Select "Calendars" tab, click on the Calendar of interest to you, scroll down to bottom and find the calendar ID

 
OK now the tricky part. Take this ID and plug it into this URL  https://www.google.com/calendar/dav/[CalendarID]/user in place of [CalendarID]. For example:

https://www.google.com/calendar/dav/50123456LEFJOPjadlfjaj@group.calendar.google.com/user Now cut and paste that URL and email it to your iPhone. On your iPhone open that email and copy it.

Now repeat the process documented in step 4 with following changes
        Description: [nameitsomethingelse]
        After you have created the account, select the newly created account. Scroll down to bottom and tap Advanced Settings.

        Delete the URL that is in the Account URL section and paste the URL you copied from the email.

Should be good to go!! Now I just have to figure out how to do the same with my contacts??

   

Click here to download:

iPhone_Google_Calendars_and_Mi.zip (55 KB)

Loading mentions Retweet

Comment (0) »

media.io is finally live!

I can’t believe it myself but, after 2 and a half months, media.io is finally live!

Check it out

I had to make some last-minute tweaks to get everything to work, including

• Migrating to Tomcat. Orion and lighttpd didn’t support streaming uploads.
• Rewriting some JavaScript.
• Changing the LAME configuration.

In the end, things finally worked out and media.io is finally here.

In the next weeks, I will concentrate on improving the user interface and adding the things you want most.

Post your ideas

If you would like me to add support for a specific audio format, please post a topic in the support forum. Posting is quick and can be made anonymously.

Loading mentions Retweet

Comment (0) »

How To Manage Your Configuration Files With Version Control

On Unix-based and Unix-inspired operating systems such as Linux, one often has hidden configuration files in his home directory. In most unices, your home directory is /home/username; on Apple Macintosh, it is /Users/username. These files are created by the operating system, applications, programs, and most often, manually. Dotfiles.org is a popular website for finding user-uploaded configuration files. Creating your own configuration files is tedious, error prone, and requires many hours or even days of reading documentation or man pages. It is best to embrace and extend by copying and pasting from Dotfiles.org.

Even though this article is primarily targeted at those which are comfortable with the command line since these configuration files are mostly for command line programs, it also benefits those that are not. For example, on Mac, most applications store their preference files in /Users/username/Library/Preferences. One could put said directory under version control. Should an option be changed in an Application for the worst, and the user does not remember how to change it back, all he must do is close the application, revert the directory to the base state and relaunch the application. 

Since creating these files is a labourious process, it is best to mange and store configuration files in a repository off site. You will be able to track changes and revert if a new configuration change breaks programs. Any version control system may be used. The most popular open-source systems are Subversion, Git, Mercurial, and Bazaar.

All have advantages and disadvantages. If you are on Ubuntu, you will most likely use Bazaar. It is developed by Canonical, the makers of Ubuntu, and you will use it with Launchpad. Support should be easy to find in the Ubuntu Forums. Mercurial is independently developed and the main competitor to Git. It is faster and more popular than Bazaar. The main hosting service is BitBucket. It has a decent interface. Even though it is more popular, there is less support for it than for Bazaar. It does not have a big community such as Ubuntu. Git was created for the Linux kernel by Linux Tovarlords. As such, it is very popular, not to mention, abnormally fast. Support can be easily found.  Though, it does not have the best CLI interface, and there is no decent GUI for it, you will love GitHub. Probably 70% of the Git repositories are hosted there.

For this tutorial, we will use Subversion, which has been in the wild for almost a decade. It is also pre-installed on Mac OS X 10.5 Leopard. There are many  graphical user interface clients for it. On Mac, there are Versions, which has recently received the Apple Design Award 2009, and Cornerstone, on Windows TortoiseSVN, on Linux eSVN, RapidSVN (cross platform), KDESvn, and many others. There are also many repository hosting companies with pretty and usable interfaces. Be aware that this article is not about version control. It discusses the bare minimum required for this tutorial to work. You may read a more in depth, but by no means comprehensive, tutorial on Subversion in an article written by Christ Nagele, one of the people behind Beanstalk, Subversion for Designers.

First, we will create a directory to store the configuration files. Traditionally, it is called etc, and Linux users may want to create /home/username/etc. I chose to call it Preferences since it better matches the Mac naming conventions: /Users/sorin/Preferences.

Next we have to move the configuration files from  /Users/sorin to /Users/Sorin/Preferences. We can use the command line or we can use Finder. Using Finder also requires the temporary use of the command line because Apple do not believe that Mac users should be able to easily access hidden files. Hidden files in Unix are called dot files because they begin with a dot: .bashrc. This is the configuration file for Bash, the shell that runs inside the Terminal. 

We must enable hidden files in Finder. Launch Applications > Utilities > Terminal and paste:

defaults write com.apple.finder AppleShowAllFiles TRUE; killall Finder

You can reverse the change later by pasting:

defaults write com.apple.finder AppleShowAllFiles FALSE; killall Finder

Once you have enabled hidden files, select the configuration files and folders you wish to put under version control and drag them to the Preferences folder. Then remove the dot from in front of the file to make them unhidden. From now own, you will not have to enable hidden files to easily find and edit them. They will also be displayed in Spotlight searches.

It is much easier to move and rename the files from the command line. Most likely you will not want to move all the hidden files and folders. There can be tens of them and not all are important. Select the ones you wan to move by appending file names before the semi-colon in the first line. Then paste this in Terminal.

for entry in .bashrc .vimrc .profile
do

new_name=`echo $entry | sed -e 's/\.//g'`
mv $entry Preferences/$new_name

done

Regardless of which methods you chose, the result should be similar to this screen-shot.

Next, we must create symbolic links, or shortcuts, in the home directory to point to the new location of the configuration files. I have written a script that automatically creates the symbolic links. It is safe to use. It backs up files that already exist in a directory called .deploy_backup in your home directory instead of overwriting. Just place deploy.rb in Preferences and execute it in Terminal by typing ./deploy.rb. Do not forget to change its permissions to an executable file first with chmod u+x deploy.rb.

You will see symbolic links in your home folder.

We have not taken such effort to just be able to easily edit and search configuration files with Spotlight; we want to store them offsite on someone else's server to make sure we never lose them. Get yourself a free Subversion repository hosting account at Beanstalk. It is a very easy to use application.

Once, you have created an account, you can access it online at http://username.beanstalkapp.com. Log-in then go to the Repositories tab and create a repository. I called mine personal. You may name it anything you wish. The repository is accessible via Subversion at http://username.svn.beanstalkapp.com/repositoryname. You will be prompted for your username and password. We have to import our Preferences folder into the repository. We will use the svn import command in Terminal to import all files into the repository.  Once the import process is done, unfortunately, due to the way Subversion works, our configuration files have been imported, but are not yet tracked. We have to check them out first. Since Subversion does not overwrite existing files, we have to check them out in a temporary location.  

cd ~/Preferences;

svn import http://username.svn.beanstalkapp.com/repositoryname -m "Initial import."

cd ..

svn checkout http://username.svn.beanstalkapp.com/repositoryname/ Preferences2
rm -rf Preferences
mv Preferences2 Preferences

Alternatively, in Versions, we can go to File > Import. Select the Preferences folder and click Import. Then click the Checkout icon to checkout our files to Preferences2. Do not forget to edit the bookmark created to point to Preferences and not Preferences2.

Versions makes it easy to import and checkout files.

Once your repository is set, you are free to modify the configuration files as you see fit and never have to worry about making detrimental changes. You can always revert to the older version. In the screen-shot bellow, I have modified vimrc to change the Terminal title to 'Shell' when it exists instead of 'Thanks for flying Vim'. This is reflected by the letter 'M' at the begging of the line. Versions reflects the change by displaying a pencil icon next to the file.

Loading mentions Retweet

Comment (0) »

masuidrive on rails - RailsでMemcachedが落ちていてもエラーにならない方法

Loading mentions Retweet

Comment (0) »