The OS X Server would have 2 NICs with one on the WAN and the other on the LAN. The WAN would have the WAN IP and the LAN would run the LAN subnet. For this there would be no need for DNS or DHCP running on the remote box. The gateway setup assistant will config all of the conf files for you and then we would use the s2svpn command line utilities to configure an MD-5 CRAM hash to encrypt all data running over our custom tunnels. Then, we’d troubleshoot the connection. For more info on the specific command line utils,
It’s all CLI stuff. You can man s2svpnadmin for more info on the suite of options for the CLI. We would probably use shared secret rather than certificate based, unless I can get a CA to give me a cert which I’m currently working on getting for testing purposes. s2ssvpnadmin is an interactive CLI tool, so it goes through a q and a session with the admin and then sets its daemon (a combination of sshd and vpnd) to run per the steps we go through. Basically, we’ll feed it the two WAN IPs and a shared secret and then set some policies for how it communicates. This is something that is not documented anywhere on the net or in print at this point, so it’s fairly cutting edge as far as Open Source and OS X Server are concerned… The documentation of the CLI tools is also sparse.
The big thing is to get through the second phase and establish a connection and test the policies we build in the s2s. We’ll be exploring ppp and vpnd as far as ancillary CLI tools go. Probably be easy to give me TB2 or ARD or SSH access into the remote box and let me go to town. Once you see a bunch of XMen on your network we’re good (all my systems at home are named after XMen). One of my main goals is to discover the limitations behind using s2s in conjunction with AFP, FTP, SMB, mDNS, printing and finally the NetGear 318 router, which is compatible with the s2s options available to the Open Source community. NetGear is sending me an NFR through the Publisher.
Specific files we’ll be editing or running will be:
The other unknown is what happens once the VPN is configured if one of the servers needs a reboot. Do we have to start over? Can we do something like what they do on a Cisco and save the conf into NVRAM? Since this is all CLI, no one has explored the implicit limitations.
krypted November 19th, 2005
Posted In: Mac OS X Server
I originally posted this at http://www.318.com/TechJournal
1. Create a database in MySQL called wikidb.
2. Create a new user called wikiserver that has full priviledges to this database (the user does not need to be called wikiserver, but that is the username we will be using for this walkthrough).
3. Download the latest stable release of MediaWiki from http://mediawiki.sourceforge.net.
4. Extract the tar files into a new folder (for this example we are going to call it wiki to keep things easy). This can be done using the tar -xvzf mediawiki.tar.gz (or subsititute your file name for mediawiki.tar.gz
5. Make the configuration files writeable using the command chmod a+w config while in the new wiki folder
6. Move the wiki folder onto a web server
7. From your web server, visit the site 127.0.0.1/wiki or the subfolder that you placed the wiki files into
8. At the MediaWiki Installation page, you will either see a notice that you can install MediaWiki or a notice that your system does not meet the minimum requirements for installion. If your system does not meet the requirements, install the modules that are listed. If it does, move on to the next steps
9. At the MediaWiki Installation page, scroll down to the Site Config section. Here, fill in the fields for:
a. Wiki name: The name assigned to your wiki.
b. Conact e-mail: Displayed when error notices are encountered.
c. Language: The language to be used for your Wiki
d. Copyright: The copyright type, typically leave this as the default setting
e. Admin Username: The username to use for administering the Wiki
f. Admin Password: The password to use for administering the Wiki
g. Shared Memory caching: Decide whether to use memcached
10. Fill in the appropriate values for the Email and authentication setup section:
a. Email (General): Enable or disable the global use of email for your Wiki
b. User-to-User email: Allow users to email one another
c. Email Notification: Allows users to be notified if there is a change in a folder or page
d. Email Authentication: Enable email authentication for the wiki. Sends request for users to click a link to authenticate into the wiki.
11. Database Configuration options:
a. Database Type: Most users use MySQL, but Oracle is an option as well, although experimental.
b. SQLServerHost: The address of the MySQL Server. If MySQL is on the system you are currently using then leave this field as localhost.
c. Database Name: The name of the database you will be using in MySQL to store your wikiâ€™s data.
d. DB Username: If you used wikiserver in step 2 then use wikiserver here; otherwise use the username you chose in step 2.
e. DB Password: The password you assigned for your wikidb user.
f. Database Table Prefix: Use this option if you would like to share you will be using other tables within the wiki database for other applications.
g. Database Character set: leave this as defualt unless you will be using
h. Superuser account: The MySQL SuperUser account â€“ typically root
i. Superuser Password: The MySQL SuperUser or root account password
12. Click on Install MediaWiki!
13. Move the LocalSettings.php file from the /config directory of the wiki installation into the root directory of the wiki installation
14. Go to the http://127.0.0.1/wiki folder and the default Main MediaWiki page will open
15. Customize the wiki to work for your organization
krypted November 18th, 2005
Posted In: Mac OS X Server
install, Mac OS X Server, mediawiki
To disable oplocks in SMB, edit the /etc/smb.conf file, adding the following in the global section:
oplocks = False
level2 oplocks = False
krypted November 12th, 2005
Posted In: Mac OS X Server
From the /usr/local/mysql/bin directory you can use the following command:
./mysqldump --add-drop-table databasefilename > backup.sql
krypted November 11th, 2005
Posted In: Mac OS X Server, Unix
MySQL is a relational database management system. MySQL is a daemon, mysqld
, that can listen for network traffic on port 3306. That daemon runs a database (or a number of databases in most cases) that warehouse data for other applications to utilize.
krypted November 10th, 2005
Posted In: Mac OS X Server
daemon, MySQL, mysqld
They’re called the “Spinning beachball of death,” but unlike in Windows they don’t always mean the system is completely frozen (although a kernel panic traditionally does):
And then there’s the Windows version:
krypted November 9th, 2005
Posted In: Uncategorized
Next Page »
Here’s a lovely command for figuring out how much disk space each folder on a drive consumes. It is an excellent command to run if the currently logged in user does not have sufficient read permissions to view the used space on the directory in the Finder.
By default it runs on the current directory. So navigate to the hard drive’s root folder and run this command:
sudo du -xhd 1
In this case, the “x” instructs the system not to traverse file system mount points (so /Volumes is skipped), the “h” expresses results in human readable format (G for gigabytes, M for megabytes, K for kilobytes, B for bytes, etc.), and the “d -1” argument instructs the operation to only look to a depth of 1 folder (so child folders are not shown).
This is especially helpful for getting sizes for folders that the Finder normally ignores (etc, bin, private, etc.).
This command can also be handy in Apple Remote Desktop for looking at disk usage within user folders on client machines. Send the following Unix command to client machines:
du -xhd 1 ~/
… and run it as the logged-in console user (running as root will have the effect of looking at root’s home folder!). You can instantly see where users’ data is taking up the most space.
krypted November 3rd, 2005
Posted In: Mac OS X, Mac OS X Server, Unix