Category Archives: Uncategorized

Moved to Openshift

3 Replies

Really more out of curiosity than need I have migrated my WordPress instance to Openshift (Freeshift).

There are lots of how-tos already available. The deployment was very quick, and painless. While I do not feel the need to copy the howto verbatim I will include a couple of things unique to WordPress and Openshift. Continue reading

The Nexus 7 and Fedora 17

Leave a reply

Fedora support MTP, but the Nexus 7 is not recognised.

But it is fairly straight forward to get ADB, if your using the Developer Tools, and MTP mounting working.

  1. Create the file /etc/udev/rules.d/99-android.rules

    # Google Nexus 7 16 Gb
    SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e41", MODE="0666", OWNER="your-login" # MTP media (multimedia device)
    SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e42", MODE="0666", OWNER="your-login" # MTP media with USB debug on(multimedia device)
    SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e43", MODE="0666", OWNER="your-login" # PTP media (camera)
    SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e44", MODE="0666", OWNER="your-login" # PTP media with USB debug on (camera)
    SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e40", MODE="0666", OWNER="your-login" # Bootloader
    SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="d001", MODE="0666", OWNER="your-login" # Recovery
    # MTP Support
    ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e41", SYMLINK+="libmtp-%k", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1"
    ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e42", SYMLINK+="libmtp-%k", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1"

  2. Restart udev

    # systemctl restart udev.service

  3. Install required software

    # yum install mtpfs libmtp

Done.
You should now be able to mount your device:

$ mtpfs /home/user/some_mount_point

The existing help I have found on MTP failed to include both Product IDs. Meaning if USB debugging was enabled on the device libmtp would not recognise your device.

Centos 6, Corosync and Pacemaker for a simple Active/Passive cluster

1 Reply

Just playing with Corosync so I thought I would include a simple howto. For examples sake, we will setup an OpenVPN server with a fail-over.

I set this up on 2 KVM guests using the default network configuration. In the examples I will use the ip addresses of my guests, change them to match your setup.

Continue reading

Offline cached ldap and krb logins with SSSD and Active Directory

Leave a reply

SSSD from the Fedora Project provides NSS and PAM mechanisms for cached network credentials (Notebook users can still login when disconnected). SSSD is available in the main repos for both Fedora and Ubuntu.

The following sssd.conf worked for our environment. (Making it work with FreeIPA or Open LDAP and Kerberos is far less fiddly).

[sssd]
domains = MYDOMAIN
services = nss, pam
config_file_version = 2
sbus_timeout = 30
 
[pam]
offline_credentials_expiration = 0
 
[domain/MYDOMAIN]
description = MYDOMAIN AD Server
#debug_level = 9
enumerate = true
ldap_referrals = false
min_id = 1000
 
access_provider = permit
 
id_provider = ldap
chpass_provider = krb5
 
ldap_uri = ldap://my.ldap.server
ldap_search_base = dc=my,dc=ad,dc=domain
 
ldap_id_use_start_tls = False # TLS/SSL is supported

# If you do not have anonymous binds enabled 
# User that can read from AD, any normal user should work. Update as necessary
ldap_default_bind_dn = user@my.ad.domain
# Leave this as password
ldap_default_authtok_type = password
 
# The ldap users actual password, update as necessary
ldap_default_authtok = password

# This is the important stuff for making AD LDAP work 
ldap_schema = rfc2307bis
ldap_user_principal = userPrincipalName
ldap_user_fullname = displayName
ldap_user_name = sAMAccountName
ldap_user_object_class = user
ldap_user_home_directory = unixHomeDirectory
ldap_user_shell = loginShell
ldap_user_principal = userPrincipalName
ldap_group_object_class = group
ldap_force_upper_case_realm = True

# I love this setting
override_homedir = /home/%u
 
# kerberos config
auth_provider = krb5
krb5_server = dc.my.ad.domain
krb5_realm = MY.AD.DOMAIN
# This will probably not work for changing passwords
krb5_changepw_principle = kadmin/changepw
krb5_ccachedir = /tmp
krb5_ccname_template = FILE:%d/krb5cc_%U_XXXXXX
krb5_auth_timeout = 15
cache_credentials = True

Exim/Gmail/Fedora

Leave a reply

Ever since working with Debian I have wondered why more Linux distros don’t ship with exim on as the default mail client.

“exim -bt email@address” is reason enough

It is simpler to setup and easier to administer. If you want your fedora machine to send local email via Gmail, here is a guide.

One point to add, if you want root mail delivered somewhere, edit /etc/aliases and set an alias for root. Don’t forget to run “newaliases” when your done.

Changing the default Calendar app in gnome-shell

1 Reply

For various reasons I use Thunderbird as my calendaring app. One of Gnome-shells most obvious features is it’s clock applet front and centre on the screen, with it’s built in calendar. It pulls this information from Evolution.

This config change will get the applet to launch Thunderbird (or any  other app), but it will still not populate the calendar with entries from Thunderbird. But this single line, will mean that Thunderbird launches when you click on the in-built calendar.

$ gsettings set org.gnome.desktop.default-applications.office.calendar 
exec 'thunderbird'

To populate the calendar widget there is an extension for Thunderbird called: Evolution Mirror which should populate the evolution db with your Thunderbird data. You will need to install a couple of additional packages to make it work, in F16:

$ sudo yum install gnome-python2-extras gnome-python2-evolution