Moved : http://linuxpoison.blogspot.com/2007/10/squid-password-authentication-using-pam.html
Recent Comments
Squid Password Authentication Using PAM
May 29, 2007 — Nikeshdownload.microsoft.com and search.microsoft.com is running on Linux –> WOW :)
May 28, 2007 — NikeshCheck this : http://searchdns.netcraft.com/?host=microsoft.com&position=limited&lookup=Wait..
Looks like they don’t trust windows 2003 server.
Anyways, It’s never too late to switch to Linux 
Get Hardware Information
May 11, 2007 — NikeshIf you need information on system’s hardware like vendor, manufacturer, product, S/N, etc. you can use:
dmidecode
The dmidecode command reads the information from the system BIOS, see also http://www.nongnu.org/dmidecode/.
There are a few other commands you might want to check out which list installed hardware components:
dmesg
lsdev
lshal
lspci
lsusb
lsscsi
OpenSUSE vs Ubuntu
May 11, 2007 — Nikesh
Abhay Srivastava at Techzone has written an interesting article on his experiences with openSUSE from the point of view of an Ubuntu user:
“I have used Ubuntu for almost 2 years and was completely in love with Ubuntu. One fine day my UPS gave up and my lazy self never allowed me to buy another. The result, after 5-6 power offs, my root file system was corrupted. I had to do a manual “fsck -y” to bring it up. I thought all is normal now, but after the second normal reboot, the files system completely gave up and no amount of fsck would help. It clearly means a re-install. It should have been OK in normal circumstances, but I was in the middle of a release at office and had no time for even small configurations. Hence instead of using my favorite Automatix, I went ahead with Ubuntu Mint. Oh that was a changing point. Mint is Ubuntu modified and Mint’ified. I have KDE on my Arch Thinkpad, so the greenish theme of mint was a welcome change from the brown Ubuntu. Mint had installed almost all the required software and codecs for me and enjoyed Mint for one month. I thought now I have Ubuntu + all the codecs, without and configurations. What else could I ask for ?”
VitrualBox installation and Configuration on OpenSuse 10.2
May 11, 2007 — NikeshOpenSUSE 10.3 Roadmap
May 9, 2007 — NikeshopenSUSE 10.3 is the next release that incorporates new features from both the community and Novell internal development. The distribution will be build for the x86, x86-64 and Power PC platforms.
Major *planned* enhancements are:
* 1 CD install (network at install)
* Installation of a Linux system on HD directly from a Live-CD image
* UMTS support
* Enhance zypper
* Migration assistant instlux
* Integration of external repositories
* Dynamic update mirrors
* Edu Add-on CD (done largely by the community)
* GNOME 2.20
* KDE4 preview
* Reduction of boot time
* Reduced package dependencies, smaller minimal system
Most important dates of the schedule are:
Wed, May 16 openSUSE 10.3 Alpha4 release
Thu, Jun 14 openSUSE 10.3 Alpha5 release
Thu, Jul 19 openSUSE 10.3 Alpha6 release
Thu, Aug 9 openSUSE 10.3 Beta1 release
Thu, Aug 23 openSUSE 10.3 Beta2 release
Thu, Sep 6 openSUSE 10.3 Beta3 release
Thu, Sep 20 openSUSE 10.3 Release Candidate 1 release
Thu, Sep 27 openSUSE 10.3 Goldmaster release (internal)
Thu, Oct 4 openSUSE 10.3 public release
The detailed schedule – including internal test releases – is available at:
http://en.opensuse.org/Roadmap/10.3
May 2007 Web Server Survey
May 4, 2007 — NikeshIn May 2007 survey we received responses from 118,023,363 sites, an increase of nearly 4.4 million sites from last month. The Internet has added 12.8 million web sites thus far in 2007, roughly on pace with growth in 2006, when the Web gained a record 30.9 million sites.
[Read]
Debugging Scripts
May 4, 2007 — NikeshA script that is executed by an application or another script is failing. Executing the script manually doesn’t provide more clues since it’s only failing when invoked by another program. Also, you don’t want to redirect the output of the script each time you execute it. And you want to see more debugging information like line numbers.
Adding the following lines at the beginning of the script will help:
export PS4='$0.$LINENO+ '
exec > /tmp/script.log
exec 2>&1
set -x
Example:
$ cat test
#!/bin/bash
export PS4='$0.$LINENO+ '
exec > /tmp/script.log
exec 2>&1
set -x
ls -ld /etc
ls -ld /boot
echo "This is a test"
$ ./test
$ cat /tmp/script.log
./test.6+ ls -ld /etc
drwxr-xr-x 83 root root 7512 2006-07-22 16:49 /etc
./test.7+ ls -ld /boot
drwxr-xr-x 5 root root 1960 2006-07-22 15:30 /boot
./test.8+ echo 'This is a test'
This is a test
$
These lines will turn on debugging and all information will be redirected to the log file. So you won’t have to redirect the output each time you run the script, e.g. “./script > /tmp/script.log 2>&1″. In some cases you can’t do that if the script is invoked by an application.
The PS4 builtin shell variable describes the prompt seen in debug mode. The $0 variable stands for the name of the script file itself. $LINENO shows the current line number within the script. The exec command redirects I/O streams. The first exec command redirects stdout stream 1 to /tmp/script.log. 2>&1 redirects stderr stream 2 to stdout stream 1. And “set -x” enables debugging.
Dynamic DNS Setup
May 4, 2007 — Nikesh- Generating Secure DNS Keys
- named.conf
- Grant Authority
- nsupdate
- Automate
On the home/client machine:
# mkdir /etc/bind/tsig
# cd /etc/bind/tsig
# dnssec-keygen -a HMAC-MD5 -b 128 -n HOST host.domain.tld.
Note the “.” after the tld. This generates the public and the private keys.
On the remote server:
Edit “/etc/named.conf” and add the generated key to the conf. (Note the trailing dot):
key host.domain.tld. {
algorithm hmac-md5;
secret "qUSfVtkYf7WLxiZaOTN3Ua==";
};
Still on the remote server:
Edit the “/etc/bind/zone.domain.tld” file, and modify the current allow-update line to include the key.
allow-update { key "default_key."; key "host.domain.tld."; };
This allows full authority to modify any record within the domain (Be Warned).
Restart named and make sure nothing is broken.
Back to the client machine:
Run nsupdate to test that the client can now make updates.
# nsupdate -k /etc/bind/tsig/Khost.domain.tld.*.key
> update delete host.domain.tld A
> update add host.domain.tld. 600 A 1.2.3.4
> send
> quit
It first deletes host.domain.tld if it already exists, then recreates it with the given TTL, type, and IP address. The TTL is the time-to-live, which is a value used by other DNS servers to determine how often they refresh the entry for this host. A smaller values means they’ll refresh more often, which is what you want for a dynamic entry. “send” tells nsupdate to send the updates to the server.
Create a script and put it in a 10 minute cron to check for changes in the wan ip address and run nsupdate automagically.
# cat /etc/cron.d/ddns
SHELL=/bin/sh
*/10 * * * * root /etc/bind/ddns
Below is an example script that gets the info from a Belkin wireless router within the home lan.
#!/bin/bash
# ddnsHOSTNAME="host.domain.tld"
KEYFILE="/etc/bind/tsig/Khost.domain.tld.*.key"
TTL=600
#LOG="/tmp/ddns_log"
LOG="/dev/null"
IP_FILE="/tmp/ddns_ip"
NEW_IP=`wget -q -O - 192.168.2.1 | grep "Up.*dw" | tr "n" " " | awk -F "'" '{print $12}'`
function do_nsupdate {
echo "New IP address (${NEW_IP}) found. Updating..." >> $LOG
echo $NEW_IP > $IP_FILE
nsupdate -k $KEYFILE >> $LOG
update delete $HOSTNAME A
update add $HOSTNAME $TTL A $NEW_IP
send
quit
EOF
}
if [ ! -f $IP_FILE ]; then
echo "Creating $IP_FILE..." >> $LOG
do_nsupdate
else
OLD_IP=`cat $IP_FILE`
if [ "$NEW_IP" = "$OLD_IP" ]; then
echo "new and old IPs (${OLD_IP}) are same. Exiting..." >> $LOG
exit 0
else
do_nsupdate
fi
fi
exit 0
Installing A Linux Distro to An USB Drive
May 4, 2007 — Nikesh
Let me begin with emphasizing what is an USB device. Generally, it will be an USB stick, but it could be as well an ordinary MP3 player, an iPod, an external HDD, a Smartphone, a PDA or who knows what else. The important thing is that it acts as a storage device. It is important that you u … [read more >>]
