Fedora directory server

Yesterday evening I start playing with Fedora Directory Server

So first I setup Fedora Core 8 as a VMWare-instance… But after some playing around, I had the next message:

“Server failed to start !!! Please check errors log for problems”

And guess what… no information at all in the logs :-( So removed the packages and the next directories:

/etc/dirsrv
/etc/sysconfig/dirsrv
/var/lock/dirsrv
/var/lib/dirsrv

So no information… then strace will be your best friend :-D

So I started:

[root@fedora-ds debug]# strace -o ~/debug/setup -ff /usr/sbin/setup-ds.pl

And guess what… I had the error again… So I went to the ~/debug folder on another terminal and did:

[root@fedora-ds debug]# grep “failed” *
setup.31676:read(4, “Server failed to start !!! Pleas”…, 4096) = 64
setup.31676:write(2, “Server failed to start !!! Pleas”…, 64) = 64
setup.31711:write(1, “Server failed to start !!! Pleas”…, 64) = 64
[root@fedora-ds debug]#

When I digged into setup.31711 I found:
read(255, “if test ! -f $STARTPIDFILE ; the”…, 2220) = 663
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
stat64(“/var/run/dirsrv/slapd-fedora-ds.startpid”, 0xbfcd8eb8) = -1 ENOENT (No such file or directory)
rt_sigprocmask(SIG_SETMASK, [], NULL, 8-) = 0
fstat64(1, {st_mode=S_IFIFO|0600, st_size=0, …}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f7c000
write(1, “Server failed to start !!! Pleas”…, 64) = 64

So this is a nice clue… /var/run/dirsrv… and guess what… the owner of this directory was fedora-ds (a user I set up initially for testing purposes for the Directory Server :-( ) With the comment chown I corrected the owner of this folder… and now service dirsrv start works :-P

Conclusion… strace is your best friend :-D

Gentoo Firefox phones home

Some while ago, I submitted a bug to the Gentoo Bug-trac. I had trouble with Firefox 2.0.0.2 when switching from non-proxy to a proxy-network.

http://bugs.gentoo.org/show_bug.cgi?id=169155

I found that when starting firefox (note: not firefox-bin) the proces wants to connect to www.gentoo.org :-(

Now someone found the issue:

I have the same problem with mozilla-firefox-2.0.0.13.
Firefox tries to connect to the page mentioned in
/usr/lib/mozilla-firefox/defaults/pref/all-gentoo.js:
pref("browser.startup.homepage", "http://www.gentoo.org/");
If DNS or the page itself is unreachable firefox waits until the request
timeouts.

I haven’t test it yet… but it might solve the issue… ;-)

Make it virtual

At this moment, I have at home a FreeBSD server named tank.adslweb.net. This Server is acting as backup dns/mta/backup for the fileserver. But this ‘server’ is actually my oldlaptop So recently it came up into my mind to virtualize some services…..

Did pass ITIL, LPIC201 and LPIC202

As I wrote before, I did pass RHCE, RHCT and LPIC1. After a few weeks of study I also passed LPIC2 and ITIL :-P

The results for ITIL:


Passing score: 65
Your score…: 67
Grade……..: PASSED

Section Title                          Score
————————————– —–
General                                 66
Service Desk                            66
Incident Management                     25
Problem Management                      80
Change Management                       80
Configuration Management                75
Release Management                     100
Service Level Management                66
Availability Management                  0
Capacity Management                     50
IT Service Continuity Management       100
Financial Management for IT Services   100
Other ITIL Topics                      100
Relationships                           50


During the exam I start mixing up ‘Availability management’ and ‘IT Service Continuity Management’, which resulted into a score of 0 for Availability management :-|

But I also passed LPIC 201 en LPIC 202.

LPIC 201 results:


Required score: 500
Your score….: 750
Status……..: PASS

Section                              Percent Correct
———————————— —————
Linux Kernel                               90%
System startup                             87%
Filesystem                                100%
Hardware                                   75%
File and Service Sharing                   87%
System Maintenance                         83%
System Customization & Automation          66%
Troubleshooting                            50%


LPIC 202 results:


Required score: 500
Your score….: 740
Status……..: PASS

Section                              Percent Correct

———————————— —————
Networking configuration                 85%
Mail & News                              92%
DNS                                      80%
Web Services                            100%
Network Client Management                66%
System Security                          80%
Network Troubleshooting                 100%


Dynamic DNS update via ISC-DHCPD

For a long time, I had on my whishlist the dynamic updating of DNS via DHCP. The MS Windows servers usually do it out-of-the box… but I don’t want to bring a Windows-server into my private network. So after some google-work on the Internet I found this website.

All I need to do, was allow updates in the zones and tell isc-dhcpd how to do it.

So in the main settings I added the next lines (please note, I have a 172.16.3.0/24 subnet for my LAN):


ddns-update-style interim;
update-static-leases on;
key dhcpupdate
{
algorithm hmac-md5;
secret “YOURSECRETKEY”;
}

zone 3.16.172.in-addr.arpa {
primary 172.16.3.250;
key dhcpupdate;
}

zone lan.example.com {
primary 172.16.3.250;
key dhcpupdate;
}


Now we also have to update the BIND-config:


key dhcpupdate
{
algorithm HMAC-MD5;
secret “YOURSECRETKEY”;
};

zone “3.16.172.in-addr.arpa” {
type master;
file “master/3.16.172.in-addr.arpa-zone”;
allow-update { key dhcpupdate; };
};

zone “lan.example.com” {
type master;
file “master/lan.example.com-zone”;
allow-update { key dhcpupdate; };
};


Please note, that you have to make sure that the user bind is able to write/create files into the /var/named/etc/namedb/master
(chown bind /var/named/etc/namedb/master).

Now you have to restart the dhcpd and bind daemons.

Please substitute YOURSECRETKEY for your key, you can create this key with the command:

$ dnssec-keygen -a HMAC-MD5 -b 128 -n HOST dnsupdates

This command will generate two files and one with the extension .private and grep the part after the ‘Key: ‘ line.