Monday, December 23, 2013

A look back to 2013

On this place a small review of 2013:
- Debian 7 Release Party done and installed on the desktops.
- After closer look decieded to switch back to Debian squeeze
- Get Asus laptop and installed Debian
- Installed Caldav Server on Debian at the company
- Installed Jabber Server on Debian at the company
- Bought a Fujitsu/Siemens Futro and installed Debian on USBStick
- Installed a own jabber server on the Futro
- Onlineshop created
- Developd project and time-management software for tablet pc.
- Get Android 2.3 smartphone, installed xabber and told many people
  to use xabber instead whatsapp
Not a bad year

Wednesday, November 6, 2013

Jabber / XMPP server with Debian 6

Here a small HowTo for a Jabber/XMPP server using Debian 6.0 Squeeze:

First i install the jabber-server with aptitude.
aptitude install ejabberd

After this i edit the config file:

/etc/ejabberd/ejabberd.conf



and modified this entries:

{hosts, [”domain”]}.
{acl, admin, {user, “adminuser”, “domain”}}.


For domain i use the ip-adress of the server. Because the server is
behing a router, i use the permanent internet-ip adress and not the local one. The local ip-adress would not work after a router.
The username for adminuser you can choose whatever you want.
Then i restart the daemon:

/etc/init.d/ejabberd restart


The user i added with this command:

ejabberdctl register username domain password

Here you replace username with the name you want, for domain i write the ip-adress of the server and password you can choose free.
Important is that you must add the admin account (you added in the config file) too.

After this i restart the daemon again.
At the router i create a port-forwarding for this ports:
5222, 5223

Tuesday, November 5, 2013

TLS not available due to temporary reason

During sending emails with thunderbird on a windows pc this error message appears:

TLS not available due to temporary reason




The Error appears, if a antivirus-programm is installed and try's to scan the message before sending.
After disable this function, the sending works without error.

Wednesday, October 9, 2013

Set new UUID for Swap

I restore my old Debian 6 after testing Debian 7 i notice that
the swap partition is not used any more.

Debian 7 has created a new swap partition with new UUID during the installation.
I look for the old UUID at the /etc/fstab file and use this for creating
a new swap partition.

swapoff -v /dev/sdaX
mkswap -U NEW_UUID /dev/sdaX
swapon -v /dev/sdaX


with bulkid i check the result.


Wednesday, August 28, 2013

New Diaspora Pod

Hello,
after the closing of ilikefreedom.org i searched for
a new diaspora pod.
Now you can find me here:
https://pod.geraspora.de/

Thursday, August 1, 2013

Deleting Mailqueue from Postfix

With this command you can delete all mails in the Postfix Mailqueue:

postsuper -d ALL

Wednesday, July 17, 2013

Backup with Partimage

For a complete backup of the system i use partimage.
It don't work with btrfs or ext4, but for all systems i use
jfs (realy great filesystem) and here i can backup it with partimage
very good.

The partition layout is:
/dev/sda1 -> restore
/dev/sda2 -> worksystem
/dev/sda3 -> swap
/dev/sda4 -> data

On sda1 i install a minimal system with partimage, at sda2 the
normal system. Now i can boot into sda1 and backup or restore the
whole system. This is very fast, and i need no boot-cdrom anymore.
The image is stored at sda4.

This script i put into /bin/res on sda1 so i can restore a whole system
with starting one script.

#!/bin/sh
partimage -b restore /dev/sda2 /backup/images/debian700.000
sync
reboot

Thursday, July 4, 2013

PPTP and Debian 7

I know about the security problems with pptp and vpn.
For those who still want to use it with Debian 7,
here a short description how to solve the problem,
that the daemon hangs during restart.

After
/etc/init.d/pptpd restart

the pptp daemo was freeze.
I found this solution:
Adding a blank line at the end of this file:
/etc/pptpd.conf

After this it works fine.

Age of Empires and Debian 7

With Debian 7 / Wheezy the support of Age of Empires 1 & 2
becomes much better.
The only thing to do is:
Installing winetricks :

aptitude install winetricks

and then install directplay with winetricks:

winetricks directplay

After this, you can play Age of Empires with Multiplayer, the sound works
and graphics works much better than with Debian 6.

The only problem is, when disconnecting multiplayer the programm frozen.
Best way is to open a shell before starting the game and then you can
kill it after getting the processnumber with ps -A .

Monday, May 13, 2013

Wheezy hdd bug

Still existing:
The hdd-bug at wheezy.
During normal work the hdd goes into the park
position every 4 seconds and then back to work.
Cause this the Load Cycle Count gets very high during a short
time and the hdd is aging very quick.
You can check it with this command (after installing the smartmontools)
smartctl -A /dev/sdX | grep -E "(Load_Cycle_Count|ID)"

To avoid it you must modify those files:

 /usr/lib/pm-utils/sleep.d/95hdparm-apm
(deleting all lines at this file!)

/etc/rc.local
(adding: hdparm -B 254 /dev/sda)

/etc/pm/sleep.d/10_unattended-upgrades-hibernate
(adding: hdparm -B 254 /dev/sda)

After this the problem should be solved

Sunday, May 5, 2013

Debian Wheezy

Now for downloading:
Debian Wheezy is complete!
www.debian.org

Monday, April 15, 2013

Age of Empires 1 & 2 playing on Wine with Debian

Nice problem is playing Age of Empires on Debian with wine.
First i download this file:
http://www.findthatzipfile.com/search-38788730-hZIP/winrar-winzip-download-dplaydlls-win98se.tar.bz2.htm
and expand it to this directories:
windows, system, system32

Then i start winecfg and set the emulation mode to win98.
At "Libraries" i add
dplay, dplayx, dpnet, dpnhpast, dpwsockx

For accesing to the cdrom i add a drive-letter to the cd path at winecfg,
like: e: for /media/cdrom0
So the programs find the cdrom and i need no patch for the game.


Wednesday, March 20, 2013

Installation of davical on debian 6.0 squeeze

First i install the packages with aptitude:
aptitude install apache2 php5 postgresql davical davical-doc

For using you need Apache, PHP 5 and PostgresSQL . These are part of the official Debian repositories.

The next step is to create the configuration file:
/etc/apache2/conf.d/davical.conf

The file is created with this values, it is used from apache as alias file, so
that the path to the davical files is found: (File is without encryption)

Alias /davical /usr/share/davical/htdocs
<Directory /usr/share/davical/htdocs>
Options Indexes
DirectoryIndex index.php
php_flag magic_quotes_gpc Off
php_flag register_globals Off
php_value include_path /usr/share/awl/inc
</Directory>


Restarting Apache.
/etc/init.d/apache restart

Now we do the database configuration. This configuration is for apache and database is
on the same server. This file is created with the chmod 644.
/etc/davical/config.php'

I put this lines into the config.php file:

<?php
$c->default_locale = de_DE.UTF-8;
$c->pg_connect[] = 'dbname=davical user=davical_app';
?>

Next step is to create two database users. For this we change to the user "postgres" with the su command and create the accounts:

su postgres
createuser davical_app
createuser davical_dba


The question for superuser, roles and databases we answer with no.

Now we edit this file:
/etc/postgresql\8.4\main\pg_hba.conf

And add this two lines:

local davical davical_dba trust
local davical davical_app trust

Now we must restart the postgresql database:
/etc/init.d/postgresql restart

The davical package come with a shell script, that creates the database. We start it as postgres user  again:
su postgres
/usr/share/davical/dba/vreate-database.sh


Important: After finnishing the script the admin password is shown, you must note it !!

Now we can access to the installation with a webbrowser:
ipadresse/davical

Note for installing thunderbird lightning:

The address for the caldav account looks like this:

http://IP-ADRESSE/davical/caldav.php/USERNAME/home/

Tuesday, March 12, 2013

Safer internet for children


A good project for safer internet:
www.kinderserver-info.de
It is simple used as proxy, so it works on debian too.
Installation:
Proxy: proxy.kinderserver.eu Port: 3128
After this children only get pages shown,
that were visited from the project before and are clean.
The project works together with the children search engine fragfinn:
www.frag-finn.de





My identi.ca account

I want to remember to my identi.ca account:
http://identi.ca/gnude

Tuesday, February 5, 2013

Apache with ssl

For a homepage i want a https access with apache.
This is the way i solved it:

mkdir /etc/apache2/myssl
cd /etc/apache2/myssl
openssl req -new > server.cert.csr
openssl rsa -in privkey.pem -out server.cert.key
openssl x509 -in server.cert.csr -out server.cert.crt -req -signkey server.cert.key -days 365
nano /etc/apache2/ports.conf
nano /etc/apache2/httpd.conf
a2enmod ssl
/etc/init.d/apache2 force-reload


This is the code i added to the httpd.conf:

<VirtualHost ******:443>
ServerName ******
SSLEngine on
SSLCertificateKeyFile /etc/apache2/myssl/server.cert.key
SSLCertificateFile /etc/apache2/myssl/server.cert.crt
</VirtualHost>


 And this i add to the ports.conf:

Listen 443 http

That the site is correctly found i hat to modify / create the
/etc/apache2/conf.d/default-documentroot

Adding:
DocumentRoot /var/www

At the file /etc/apache2/sites-available/default-ssl i had to change the file paths like this:

SSLCertificateKeyFile /etc/apache2/myssl/server.cert.key
SSLCertificateFile /etc/apache2/myssl/server.cert.crt


Finnising i aktivate and reload the changes:
a2enmod ssl
/etc/init.d/apache2 restart


Error with fetchmail and ssl certificate

After adding a new pop3 mailserver to my .fetchmailrc i get with every mailexchange this errors in my logfile:

Jan 20 01:57:35 server2 fetchmail[27210]: Warnung: Die Verbindung ist unsicher, mache trotzdem weiter. (Nehmen Sie lieber --sslcertck!)
Jan 20 01:57:35 server2 fetchmail[27210]: Fehler bei Server-Zertifikat-Überprüfung: self signed certificate


There is a SSL problem when retrieving the mails.
To solve this i first see what ssl fingerprints the pop3 server has.
For this i start fetchmail from shell:
fetchmail -v -f /etc/.fetchmailrc

And add the shown fingerprints to my .fetchmailrc.
After every user i put this line:
options ssl sslfingerprint "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00"

Wednesday, January 30, 2013

replace uw-imapd with dovecot

Because of the problems with corrputed mailboxes or mails when accesing the debian mailserver with uw-imapd from the iPhone i decieded to switch to dovecot.

The installation was easy. After starting aptitude i chose dovecot-imapd and aptitude removed the old uw-imapd automatical.
For authentication the dovecot uses linux logins and passwords, so nothing must be changed.
The mails were stored from uw-imapd here:

/var/mail/%user%
/home/%user%/

So the mails were directly in the home directory.
I creat a subdirectory called "mail" and moved every directory and mbox file into it.
Now the mails were here:

/home/%user/mail/

Then i modified these two lines at /etc/dovecot/dovecot.conf:

mail_location = mbox:~/mail/:INBOX=/var/mail/%u
mail_full_filesystem_access = yes

After this the eMail Server works fine with dovecot.

Sunday, January 20, 2013

iPhone corrupts mbox file of uwimap

Using a debian mailserver (postfix and uwimap) with the iPhone
corrupt the mbox file of the user.
The first bytes of the file are overwritten and sometimes
deleted mails appears again.

The problem is the imap implementation of apple (iPhone, MacOS >=10.5) and a bug in the uwimapd. It searchs for the mlock in the wrong directory.

I try to fix the problem this way:
chmod -R 01777 /var/mail/
cp /usr/bin/mlock /usr/sbin/

The damaged file i open with a textedtior like joe
and fixed the overwritten mail header. After this i export
it with achmbox into a new file.
The old mbox i replace with the new file.

Please no comments to the security of the chmod !