Welcome to Planet openSUSE

This is a feed aggregator that collects what openSUSE contributors are writing in their respective blogs.

To have your blog added to this aggregator, please read the instructions.


Thursday
16 October, 2014


Jos Poortvliet: Release party time!

12:08 UTCmember

face

KDE Plasma 5.1

Plasma 5.1 was released yesterday and it is looking real good. I have been running the 'next generation' Linux desktop on my laptop, courtesy of openSUSE packages made out of regular git snapshots. It was surprisingly stable so I have little worries about the stability of the final 5.1 release and I recommend to check it out ;-)

Of course, we should have a Plasma release party! We haven't had release parties in our place for a while (can't believe that the last one is over 2 years ago...), so it's time to do that again.

Check the release party page for details. The short of it:
  • October 18, 19:00-22:00 or so
  • EldenaerStrasse 28a, Berlin, Germany
  • Bring Your Own Devices Drinks (there's a Spätie (24h convenience store) downstairs). Food is welcome, too.
  • Don't forget to bring your good mood and friends

Further notes:
  • I might do some demoing of what is new in Plasma 5.1, depending on interest.
  • Anybody is welcome, as always, irrespective of color, sex, occupation, shape - heck, even species - you're all super welcome! That means you have to play nice with each other, do I have to say that?
  • If you're afraid of dogs, Popcorn will teach you that you don't have to be. But really, if she freaks you out, we can put her in another room, don't say home out of fear for the hairy monster!
  • Let me know if you're coming - so we have some idea of how crowded our apartment will be!

openSUSE

For the geekos among you: 13.2 is coming SOON and boy, is it chock-full of awesomeness! I'm talking to the Berlin LUG, we will probably do a release party. If possible we'll do it on November 8, so keep that date free for now!

face

opensuseasiasummitThis weekend is the start of openSUSE’s first Asia Summit in Beijing.

The summit, which is a follow on to an open source summit SUSE sponsored in May, is expected to increase awareness in Asia about openSUSE and other Free and Open Source Software (FOSS).

Students, professors and computer technologists attending the summit will listen to several keynote speakers like Dr. Qiu Shanqin, Chairman of China Open Source Software Promotion Union, and Ralf Flaxa, Vice President of SUSE. Richard Brown, President of the openSUSE board, will also provide a keynote speech to attendees.

Noteable workshops scheduled for the conference on Day 1 are SUSE’s project manager Anja Stock’s about Bugzilla, FOSS community member Eleanor Chen, about Hands-on into Open Source Community, and Saurabh Sood, an engineer working with Unisys Corporation, about Programming with the Qt Framework.

Day 2 workshops include GNOME Foundation member Tong Hui’s discussion on Open Source Community Governance in China, Raghu Nayyar, an open-source Interaction Designer and Front-end Developer from India.givng a workshop on Build your First ownCloud App, and Meaglith Ma, founder of the Chinese community of Docker, providing a workshop about open platforms for distributing applications for developers and system administrators.

The summit gives attendees an opportunity to learn about related technologies and can help to unlock the large potiential of open source contributors and developers within Asia.

Interviews and recordings of openSUSE Asia Summit will be posted on SUSE’s YouTube, Youku and GooglePlus page.

HP, SUSE, Firefox, CODE, CSDN, BLUG, GNOME Summit, OwnCloud, BeiHang University and Beijing University all sponsored the event; openSUSE appreciates the companys’ contributions and willingness to make the first summit a success.

Members of the media are welcome to attend the summit and should email opensuse.asia@gmail.com.

Enjoy the Summit!

 


face

I want YOU!With less than three weeks from the release of our beloved green distro and the first release candidate already rocking, we can feel like we are almost there. This is exactly the right time to remember that there is still a lot of work to do and fun to have. Open source is awesome, but only as awesome as the people working on it. Nothing will happen unless YOU make it happen, so it’s time to get your hands dirty!

Testing

Every openSUSE release is tested using openQA, which saves developers from trivial and repetitive work. But in order to reach the quality level we all love from openSUSE stable releases much more testing is needed. We would like to test every single combination of hardware -from netbooks to supercomputers- and options -from default values to the most geeky weird configurations-. So please take a look to the online spreadsheet that has been created to organize the manual testing, read the instructions about coordinating the effort and hunt all those nasty bugs!

Celebrating awesomeness

We want to let the world know how awesome openSUSE 13.2 is. That means writing a public announcement, a features guide, a press kit, social messages… What do all those initiatives have in common? They are all based on the major features page at the openSUSE wiki. So please visit the wiki and add your favorite 13.2 feature to that page. What have you being working on since 13.1? What feature blew your mind when you saw it in action? Why were you waiting for that particular version of your favorite tool? If it’s not in the major features page, it didn’t happen.

Taking pictures

A picture is worth a thousand words. Release Candidate 1 already includes the final artwork for openSUSE 13.2, so it’s time to renew the screenshots in the corresponding openSUSE wiki page and to add new ones. You don’t even need to take the screenshots yourself, openQA is full of pictures you can grab. Say cheese!

Highlighting the strengths

The already mentioned announcement and features guide are both great to have a clear overview of what is coming with the new release. But those teams that have hit a major milestone in openSUSE 13.2 maybe want to ensure that the achievement is not lost in the stream of shiny new things. Before (and even after) every release we use to publish several sneak peaks focused on concrete highlights. Just think about a worthy topic you are familiar with (btrfs and snapper, desktop environments, xfs…) and the openSUSE Marketing Team will be glad to help you turning it into a nice article.

Documenting

Is always nice to have somebody to ask when you find a problem, but is even nicer if you have all the pitfalls and important changes documented in advance. That’s what our release notes are for. As explained by Karl in the Factory mailing list, the release notes are


Wednesday
15 October, 2014


Michael Meeks: 2014-10-15: Wednesday

21:00 UTCmember

face
  • Up early; mail chew, interesting breakfast with the Krita guy. Freshened up, met up with Eliane & Olivier, coach to the dam; got the booth setup; partner call. Lunch with Olivier; booth duty. Enjoyed the opening talks; back to the booth to re-charge. Out in the evening for dinner, kindly driven by Artur.

face

Following up on KDE’s announcement of the latest stable release, we have now packages available for 12.3 and 13.1 (a 13.2 repository will be made available after it is out). You will find them in the KDE:Current repository. Current users of this repository will get the new release automatically once they update.

Why you should upgrade? You can take a look at the list of changes to get an idea. These fixes touch many important KDE applications, including KMail, Okular and Dolphin.

Packages are also on their way to openSUSE Factory.

As usual, bugs with the packaging should be reported to openSUSE and upstream bugs should be reported to KDE.

Also, if you like what KDE is doing and you feel you can not contribute directly, you may want to support this end of year fundraiser.


Tuesday
14 October, 2014


Michael Meeks: 2014-10-14: Tuesday

21:00 UTCmember

face
  • Chewed some mail, great things going on while I'm asleep: seemingly I should sleep / wander off more often. Hacked a little on my backlog of things that need work.
  • Flight to FOZ, Brazil appears to be a lovely place; hacked on the flight, taxi to the hotel, hacked in the hotel at length - fun. Mail chew too; call with partner . Poked at tiled rendering foo until late; sleep.

face
2014IT鐵人賽-30-ACL


今天一樣使用 EasyCloud  雲端簡單龍的帳戶, 那就登入 https://gemini.nchc.org.tw/ 來開始練習openSUSE 基礎指令吧.


今天是鐵人賽的最後一天, 我們用 acl ( Access Control List ) 來達陣.


筆記部份:


ACL (Access Control List)
傳統的檔案權限針對的對象
  • 擁有者(owner)
  • 群組(group)
  • 其他(other)


倘若檔案或是資料夾的權限, 指定的方式超過三個以上
此時可以利用ACL 指定特定使用者/群組 所可以擁有的權限,來彌補傳統權限的不足


ACL(Access Control List)


  • 在file system 上面必須設定 acl的選項
  • 可以使用 setfacl 設定ACL
    • -m 編輯ACL設定
    • -x 移除單項 ACL 設定
    • -b 移除所有 ACL 設定
    • -d 設定Default ACL
    • -M 還原ACL設定
  • 可以使用 getfacl 觀察ACL設定


-rwxrw-r--+ 1 root users 0 2008-06-21 11:27 test
當設定ACL, 中間的 4-6的bit 就非原本的群組權限, 而是acl mask
  • acl mask --> 特定使用者或是特定群組可以使用的最大權限
  • default acl --> 針對資料夾設定default acl其子資料夾檔案可以繼承設定的acl



開始練習吧
Lab: Access Control List <ACL>

#mount |  grep   sda <請觀察資訊, 是否有acl>

#mkdir  /acl
#touch  /acl/test
#echo  "echo 1234"  >>  /acl/test
#chmod  700  /acl/test

#ls -l /acl
#su - max   -c "cat /acl/test" <以使用者max身份查看檔案>失敗
#su - john  -c "cat /acl/test" <以使用者john身份查看檔案>失敗

#getfacl  /acl/test <查看test資訊>
#setfacl -m  u:max:r /acl/test <設定acl, -m 編輯, FIELD:NAME:PERM>
#ls -l  /acl
#getfacl  /acl/test <查看test資訊>

#su - max  -c "cat /acl/test" <以使用者max身份查看檔案>成功
#su - john -c "cat /acl/test" <以使用者john身份查看檔案>失敗

#setfacl -x u:max /acl/test <設定acl, -x 移除, FIELD:NAME>
#ls -l   /acl
#getfacl  /acl/test
#setfacl -b  /acl/test <移除所有的ACL設定>
#ls -l  /acl

-------------------------------------------------------------------------

練習 acl mask

#ls -l  /acl
#chgrp users /acl/test
#chmod 764 /acl/test
#ls -l  /acl <請觀察資訊>
#su - max  -c "cat /acl/test" <以使用者max身份查看檔案>成功
#su - john -c "cat /acl/test" <以使用者john身份查看檔案>成功
#su - max  -c "/acl/test" <以使用者max身份執行檔案>失敗
#su - john -c "/acl/test" <以使用者john身份執行檔案>失敗
#ls -l  /acl
#setfacl -m user:john:rwx /acl/test
#ls -l  /acl <請觀察資訊,此時顯示的是ACL MASK>
#su - max  -c "/acl/test" <以使用者max身份執行檔案>失敗
#su - john -c "/acl/test" <以使用者john身份執行檔案>成功

#getfacl  /acl/test
#setfacl -m mask::r-- /acl/test <設定acl maskr-->
#getfacl  /acl/test

#su - john -c "/acl/test" <以使用者john身份執行檔案失敗,因受到acl mask 的限制>


-------------------------------------------------------------------------


練習 default acl

#mkdir /acl/dir
#setfacl -d -m u:john:rwx /acl/dir/ <設定default acl>
#getfacl /acl/dir/ <請觀察資訊>

#touch /acl/dir/test
#ls -l /acl/dir/ <請觀察資訊>

#getfacl /acl/dir/test <請觀察資訊>
#mkdir /acl/dir/john <請觀察資訊>

#ls -l /acl/dir/ <請觀察資訊>
#getfacl /acl/dir/john/ <請觀察資訊>




Fun with Day 30 ~

face

oSA14

Geckos are taking over China, at the openSUSE Asia Summit to be held this coming weekend in Beijing. It is the first time that an openSUSE event of this scale is being held so far east of the Geeko Meridian. The organizing committee has worked their socks off for the event, and things are shaping up well. The schedule is ready and their are some great talks lined up. Overall, it promises to be a great event. As for me, I am going to speak about the Google Summer of Code, openSUSE Activities in India and a workshop on the Qt Framework.So, see you in Beijing ;)

http://summit.opensuse.org

3654543066_2c8823cb03_o-e1363960517132



face

¿Tienes un portatil con una tarjeta Wifi Broadcom b4311? Así la hice funcionar yo en openSUSE

rescue_Geeko

Ingredientes: un viejo portátil HP compaq nc4600, una tarjeta interna Broadcom B4311, y openSUSE 13.2 instalada en su disco duro. Cocinar a fuego lento en un foro y saldrá un PC resultón!

En el trabajo dispongo de un portatil como el que he mencionado, que tiene ya bastante tiempo y adolece de RAM, ya que sólo dispone de 1Gb. Por cuestiones del trabajo le instalé un Windows XP desatendido.

Añadir que con este PC aunque tenga red, no me podré conectar a ella, ya que la red del trabajo está restringida, así que el único acceso que tenga a internet será usando mi móvil, y tirando de datos, así que nada de instalar software desde los repositorios ni actualizar!!

A veces tengo tiempo libre y un día me dió por trastear un poco, y quise instalarle una distribución de GNU/Linux de pocos recursos y que se moviera bien en el PC. Y así que leyendo la web del amigo Replicante, leo sobre unas versiones de Manjaro con Fluxbox y otra llamada Netbook edition.

Todo funcionaba “out of the box” que se dice. La instalación sencilla, y el escritorio tenía buena pinta. Y la red funcionaba sin problemas. Este PC tiene un pequeño botón para activarla y desactivarla. Así que probé y vió la red que le ofrecía mi teléfono, y sin complicaciones me conecté y a navegar (poco, para no derrochar datos!)

Otro día con más tiempo libre, me dió por renovar la distro y cambiarla. Siempre me ha parecido que Debian es una de las grandes en el mundo de GNU/Linux y oi hablar de CrunchBang #! Así que decidí descargarla y probarla, dicho y hecho!

Otra instalación sencilla, ambas me reconocieron el sistema de Microsoft sin problemas y me lo ofrecían en el Grub, ambas me reconocieron el hardware y también CrunchBang encendía la wifi con sólo apretar el botón sin problemas.

Ambas funcionaban bien en el portátil. Cierto que no le doy un uso intensivo, pero funcionaba de manera fluida y los escritorios eran atractivos visualmente, a pesar de su escasez de recursos.

Pero como sabéis soy un fan de openSUSE y no podía dejar de probarla también en el PC. Así que decidí descargar la nueva ISO de openSUSE 13.2 e instalarla. Así le echaba un vistazo a la nueva versión en fase Release Candidate.

Descargada la ISO, la quemé en una USB y la instalé en el PC. Pude “saborear” el nuevo theme del instalador de YaST, que por cierto me gustó. Como en las anteriores, la instalación transcurrió sin problemas, aunque al instalador de openSUSE ya estoy algo más acostumbrado. Y


face

你好 北京!

Hello Beijing and lovely people of openSUSE, I will be reaching there tomorrow, will be at Green Tree Inn close to the summit venue, packing some “sightseeing” before the event, if you are also there early drop me a line . There is a short talk about openSUSE Education scheduled on 19th. Check out the summit website to find out what other interesting stuff is on offer.

See you soon…

oSA14


Monday
13 October, 2014


face

Hey all, so I have been given the task of working on the 13.2 portal for the openSUSE wiki, and I need your help. If you know of any neat features, software or bug fixes that were included in 13.2 and deserve to be mentioned on the 13.2 Portal then please let me know by leaving a comment or emailing me at ushamim@linux.com (or you can always just add them in yourself ;) ) .

With that said, there is also a need for people who can contribute to the press kit, release marketing and 13.2 related wiki pages. If you have time please consider contributing.



Michael Meeks: 2014-10-13: Monday

21:00 UTCmember

face
  • Mail chew; call with Kendy, Laszlo, Tor; mail. Lunch with J. team call; more mail chewage, sync. with Matus & Andras. Hurried packing and dropped by J. for some train/plane/etc. to Brazil / LatinoWare.
  • Arrived rather early at LHR; had an interesting chat to a young movie maker off to Jordan; enjoyed rather a good sleep on a lengthy TAM flight to San Paolo.

face
2014IT鐵人賽-29-sudo 授權管理


今天一樣使用 EasyCloud  雲端簡單龍的帳戶, 那就登入 https://gemini.nchc.org.tw/ 來開始練習openSUSE 基礎指令吧.


今天練習用sudo 指令進行授權管理.


筆記部份:


**sudo**


管理者可以利用sudo 授權使用者去執行特定的指令
sudo, sudoedit - execute a command as another user


visudo 會編輯 /etc/sudoers 檔案來授權使用者可以變更其他使用者執行指令
語法如下
使用者 電腦=(使用者) 指令


另外在安全管理的部份, 有關於密碼的相關設定
利用chage 設定使用者的密碼相關設定
  • Minimum Password Age: 更改密碼後最少要過幾天才能再換密碼
  • Maximum Password Age: 密碼幾天之後一定要換
  • Password Expiration Warning: 密碼過期前幾天警告
  • Password Inactive: 密碼過期後幾天鎖定
  • Last Password Change: 上次修改密碼的日期
  • Account Expiration Date: 帳戶過期日


/etc/shadow 檔案存放密碼的相關設定
john:$2a$10$2jooBgXdcyVRORcTrOk6O.vgsBnufE.oEH366oSNUDf80oAjfz90y:14196:7:90:5:3:14244:
帳號:加密過後的雜湊值:上次修改密碼的日期:Min age:Max age:幾天前警告:幾天後鎖定:帳戶過期日


要求使用者下次登入必須更改密碼
  • 可以使用 #chage -d 0 使用者帳號
  • 或是使用 #passwd -e 使用者帳號



開始練習吧


Lab: sudo


目的: 授權max可以變更使用者的password, 除了變更root的密碼以外


#visudo
加入
#使用者 電腦=(使用者) 指令
max ALL = /usr/bin/passwd [a-Z]*, !/usr/bin/passwd root


並註解 35 行前後
#Defaults targetpw # ask for the password of the target user i.e. root
#ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!


測試
#su - max
>passwd john < 變更john的密碼, 失敗>
>sudo passwd john <要求輸入max的密碼, 即可變更使用者密碼>
>sudo passwd root <失敗, 不允許變更root 密碼>
>exit

目的:授權john可以變更使用者的password, 除了變更root的密碼以外,且不需輸入密碼


#visudo
加入
john ALL = NOPASSWD:/usr/bin/passwd [a-Z]*, !/usr/bin/passwd root


測試
#su - john
>passwd max
>sudo passwd max


Lab: 設定密碼的相關設定


#chage -l john <列出john密碼的相關設定>
#grep john /etc/shadow <請觀察相關資訊>
#chage john <設定john的密碼相關設定>
# grep john /etc/shadow <請觀察相關資訊>
#chage -d 0 john <設定john一登入必須更改密碼>
# grep john /etc/shadow <請觀察相關資訊>

測試:
#su - john
> < 一登入就被要求要更改密碼>



Fun with Day 29 ~




face

¿Quieres echar un vistazo al sitio donde trabajan desarrolladores de Linux? Pues ellos mismos nos los muestran

kernel_workstations

Desde la web de Linux.com siguen con sus esporádicas visitas a los sitios de trabajo de diferentes desarrolladores del kernel Linux.

Después de poder ver el sitio de trabajo de varios desarrolladores del kernel Linux, entre ellos el gran jefe Linus Torvalds hoy toca otra entrega más. Los anteriores han sido:

En esta ocasión John Linville, que trabaja en Red Hat es quien nos mostrará su desordenada oficina en casa y compartirá su afición por la retro-informática, otra de sus pasiones.

Gracias a Libby Clark por la entrevista y a la web Linux.com por permitir la traducción y difusión! Puedes ver el artículo original en este enlace:

John Linville es el ingeniero principal en Red Hat y mantenedor de redes inalámbricas LAN en el kernel de Linux. En este vídeo nos hace una visita guiada en la oficina de su casa, incluyendo sus estaciones de trabajo Fedora y Red Hat Enterprise Linux, su colección de hardware antiguo y algos proyectos en camino sobre retro-computación.

¿En qué área del kernel trabajas y en qué estás trabajando ahora?

Oficialmente soy el mantenedor del las redes LAN inalámbricas en el kernel. Pero más recientemente he estado en otros asuntos como los relacionados con la red en la nube y SDN.

¿Qué es lo que más te gusta de tu lugar de trabajo?

La mejor parte es que está en casa. Vivo a una hora de las oficinas de Red Hat, y ese tiempo de tránsito está desaprovechado cuando voy a la oficina. Además trabajar en casa hace más fácil la transición entre el trabajo, la casa y las aficiones.

¿Qué es lo que menos te gusta?

No me gusta lo desordenado que se vuelve. Comparto el espacio entre el trabajo y las aficiones, y de vez en cuando uno u otro causa algún revuelo en el espacio. Cuando el desorden se amontona mucho, eso empieza a afectar a mi humor. Así que no dejo que se amontone demasiado. ;)

¿Cual es el sitio de trabajo más extraño que has utilizado?

Al principio de i carrera trabajé en IBM. Durante esos primeros años, fui un poco como una máquina, constantemente estaba probando, intentando o lo que fuera. Pasé mucho tiempo en el laboratorio. Tenía una oficina pero estaba al otro extremo del edificio y me parecía que estaba muy lejos para ser productivo.

Poco después, el laboratorio se reformó tirando paredes de un recibidor anexo. Algunos de nosotros tomamos esa oportunidad para mover nuestros escritorios a esa expansión del laboratorio (conocido como recibidor) así podíamos ser productivos y además tener un escritorio propio


Sankar P: Technology Catchup

08:01 UTCmember

face
Coincidentally three different people asked me in the last month, to write about new technologies that they should be knowing, to make them more eligible to get a job in a startup. All these people have been C/C++ programmers, in big established companies, for about a decade now. Some of them have had only glimpses of any modern technologies.

I have tried a little bit (with moderate success) to work in all layers of programming with most of the popular modern technologies, by writing little-more-than-trivial programs (long before I heard of the fancy title "full stack developer"). So here I am writing a "technology catchup" post, hoping that it may be useful for some people, who want to know what has happened in the technologies in the last decade or so.

Disclaimer 1: The opinions expressed are totally biased as per my opinion. You should work with the individual technologies to know their true merits.

Disclaimer 2: Instead of learning everything, I personally recommend people to pick whatever they feel they are connected to. I, for example, could not feel connected to node-js even after toying with it for a while, but fell in love with Go. Tastes differ and nothing is inferior. So give everything a good try and pick your choice. Also remember what Donald Knuth said, "There is difference between knowing the name of something and knowing something". So learn deeply.

Disclaimer 3: From whatever I have observed, getting hired in a startup is more about being in the right circles of connection, than being a technology expert. A surprisingly large number of startups start with familiar technology than with the right technology, and then change their technology, once the company is established.

Disclaimer 4: This is actually not a complete list of things one should know. These are just things that I have come across and experimented a little bit at least. There are a lot more interesting things that I would have have missed. If you need something must have been in the list, please comment :-)

With those disclaimers away, let us cut to the chase.


Version Control Systems

The most prominent change in the open source arena, in the last decade or so, is the invention of Git. It is a version controlled system initially designed for keeping the kernel sources and has since then become the de-facto VCS for most modern companies and projects.

Github is a website that allows people to host their open source projects. Often startups recruit people based on their github profile. Even big companies like microsoft, google, facebook, twitter, dropbox etc. have their own github accounts. I personally have received more job queries through my github projects than via my linkedin profile in the last year.

bitbucket is another site that allows people to host code and give even private repos. A lot of the startups that I know of use this, along with the jira project management software. This is your equivalent of MS Project in

face
2014IT鐵人賽-28-透過 rsync進行異地備份


今天一樣使用 EasyCloud  雲端簡單龍的帳戶, 那就登入 https://gemini.nchc.org.tw/ 來開始練習openSUSE 基礎指令吧.


今天練習用rsync 指令進行異地備份吧, 所以要使用我們之前所建立的另外一台虛擬機器.
上次的練習我們已經介紹過備份的範圍以及使用 tar 指令來進行備份, 今天我們來進行兩台電腦的異地備援.

開始練習吧


Lab: rsync 異地備援




Server /tmp/test 目錄 ---------rsync同步-----------------> Client  

Server:

#mkdir /root/.ssh <建立~/.ssh  目錄,供日後存放金鑰使用>
#rpm -q rsync <檢查是否安裝rsync套件>
#chkconfig  rsync --list                                        
#chkconfig  rsync on <啟動 rsync 服務>
#chkconfig  rsync --list                                        
#rcxinetd restart <重新啟動xinetd>
#mkdir  /tmp/test                                               


Client:

#mkdir /root/.ssh <建立~/.ssh  目錄,供日後存放金鑰使用>
#ssh-keygen -d <建立金鑰,設定存放目錄,不設定密碼>
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa): <請輸入Enter 確認存檔位置>        

Enter passphrase (empty for no passphrase): <請輸入Enter 不使用密碼>
Enter same passphrase again:         <請輸入Enter 不使用密碼>

#ls /root/.ssh <請觀察資訊, 會出現公/私鑰>
#scp /root/.ssh/id_dsa.pub  伺服器的IP:/root/.ssh/authorized_keys         
<將公鑰id_dsa.pub scp方式 傳送到同學的/root/.ssh/並命名為authorized_keys>
The authenticity of host '192.168.3.130 (192.168.3.130)' can't be established.
RSA key fingerprint is 4e:52:bf:ad:59:bf:59:33:af:62:d2:c7:72:40:78:e0.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.3.130' (RSA) to the list of known hosts.
Password: <請輸入對方root 密碼>

#ssh 伺服器的IP <此時登入不需要密碼,即可登入>
遠端#exit <登出遠端>



撰寫一個shell script 來利用rsync 同步server

#vi /root/sync.sh <撰寫一個shell 同步目錄>       
       
#!/bin/bash
# 使用 rsync                   來源目錄                目的地目錄
rsync  -alvR --delete -e ssh 伺服器的IP:/tmp/test    /

<rsync同步使用ssh方式 server上的/tmp/test 到本機上>     


測試1:

請於 Client 上面
#rm  /tmp/test <如果有之前練習的 test 檔案先刪除>
#ls  /tmp <請觀察 /tmp目錄>
#sh  /root/sync.sh <執行剛剛的 shell script>
#ls  /tmp <請觀察是否有同步 /tmp/test 目錄到client>
------------------------------------------------------------------------------

測試2:
請於Server上面建立三個檔案
#touch  /tmp/test/file1
#touch  /tmp/test/file2
#touch  /tmp/test/file3


請於 Client 上面
#sh /root/sync.sh <執行剛剛的 shell script>
#ls /tmp/test <請觀察是否有同步 /tmp/test 目錄到client>
------------------------------------------------------------------------------

測試3:
請於Server上面刪除 其中一個檔案
#rm  /tmp/test/file2

請於 Client 上面
#sh /root/sync.sh <執行剛剛的 shell script>
#ls /tmp/test <請觀察是否有同步 /tmp/test 目錄到client>

Fun with Day 28 ~



face

Hari Rabu dan Kamis, 15-16 Oktober 2014, rencananya Excellent akan mengadakan training untuk cPanel/WHM. cPanel/WHM adalah salah satu aplikasi control panel populer yang banyak digunakan untuk mengelola domain dan hosting. 1 WHM bisa memuat banyak domain dan masing-masing domain memiliki 1 control panel yang memudahkan user untuk melakukan pengelolaan domain dan hosting masing-masing.

Saya pribadi menggunakan cPanel sejak sekitar tahun 2005 dan saat kemudian memiliki beberapa domain dan hosting yang dikelola, saya mengembangkannya dengan mengambil paket reseller di hostgator sejak tahun 2008-2009 hingga akhirnya beberapa tahun terakhir saya mengelola sendiri paket domain dan hosting klien dengan melakukan instalasi cPanel/WHM pada VPS yang saya kelola.

Training cPanel ini sangat bermanfaat bagi rekan-rekan di perusahaan/lembaga yang memiliki banyak domain/sub domain dan berniat menyatukan pengelolaannya dalam 1 infrastruktur server namun disisi lain memberikan keleluasaan bagi para PIC masing-masing domain untuk secara independen mengelolanya. Misalnya ada suatu group perusahaan yang memiliki banyak anak perusahaan. Group perusahaan tersebut bisa melakukan instalasi WHM untuk kemudian memberikan account cPanel untuk masing-masing anak perusahaan. IT pada anak perusahaan bisa leluasa melakukan pengelolaan untuk domainnya dan disisi lain IT group perusahaan bisa mudah melakukan manajemen terpusat.

cpanel-whm-logo (1)

Contoh diatas bisa diadaptasi pada suatu kementerian yang memiliki banyak unit/lembaga/dirjen. Bisa juga diterapkan pada sekolah-sekolah atau pada lembaga yang memiliki unit/cabang independen.

Benefit lain adalah untuk para freelancer/web desainer yang mengelola banyak domain dan hosting milik klien. Daripada menyerahkannya pada pihak ketiga, mengapa tidak sekalian saja mengelolanya sendiri.

Contoh benefit lainnya lagi adalah untuk para staff IT yang tertarik pada dunia web dan ingin menghasilkan tambahan pendapatan. Ia bisa membuat semacam perusahaan hosting kecil-kecilan yang mudah dikelola dan kemudian bisa menghidupi/memenuhi kebutuhannya dalam beronline ria dari penghasilan yang ia dapatkan.

Awalnya training cPanel/WHM ini didesain untuk selesai dalam 1 hari, namun atas pertimbangan perluasan materi dan agar pembahasannya lebih mendalam, training ini diset menjadi 2 hari, dengan materi pertama membahas mengenai konsep DNS, domain dan hosting public yang dilanjutkan dengan instalasi dan setup cPanel, kemudian dilanjutkan dengan pembahasan mengenai konfigurasi awal dan pengelolaan mendasar. Materi pembahasan pada hari kedua dititik beratkan pada pengelolaan manajemen hosting, termasuk mekanisme packaging, reseller, kuota, bandwidth, instalasi addon dan lain-lain.

Semua materi yang dibahas sebenarnya merupakan pengalaman saya pribadi dalam melakukan pengelolaan domain dan hosting selama kurun waktu 2005-2014. Penjelasan mengenai konsep DNS public, termasuk forward DNS, PTR Records/Reverse DNS, child name server dan lain-lain misalnya, jarang saya temukan di tutorial yang ada di internet dan agak membingungkan saat saya melakukan setup DNS public/domain/hosting sendiri.

Karena terkait dengan pengelolaan domain secara public, training ini nantinya menggunakan infrastruktur VPS/cloud milik Excellent dengan dedicated IP address saat melakukan instalasi cPanel/WHM. Semua proses instalasi dan pengelolaan dilakukan secara online menggunakan jalur internet Excellent yang saat ini menggunakan FO dengan kecepatan 10 Mbps.

Jika berminat mengikutinya, silakan baca informasi detail mengenai training disini : Training Web Hosting (cPanel, WHM & DNS Hosting), 15-16 Oktober 2014


Sunday
12 October, 2014


Michael Meeks: 2014-10-12: Sunday

21:00 UTCmember

face
  • Off to NCC, extremely tired; Tony spoke. Back for a roast lunch; applied slugging, put up some lights & a clock in H's room, fixed M's cupboard. Dinner, showed Babes some Ball Brothers, put babes to bed. Sermon; sleep early.

Saturday
11 October, 2014


Michael Meeks: 2014-10-11: Saturday

21:00 UTCmember

face
  • Lie-in, large breakfast: porridge & boiled egg; off to Brandon for a wander through the forest, and play in the playground. Home for a fine pizza lunch. Dropped E. off at a sleep-over.
  • Plugged away at E-mail, and worked late on a profiling problem.

face

As of October 11th, a bunch of new rpm for FGLRX has been released for openSUSE 11.4 to 13.1 including Tumbleweed.
a special patch has been added for supporting up to kernel 3.17

Installation / update

Please refer to the wiki page SDB:AMD_fgrlx_legacy

Notice radeon HD5xxx or above only

This release concern only owners of radeon HD5xxx or above.
For older gpu, the fglrx-legacy is still 13.1, and thus didn’t work with openSUSE 12.3 or above.
SDB:AMD_fgrlx_legacy
Beware of that, and prefer the free open-source radeon driver which came out of the box from your openSUSE distribution.
For 12.3 and especially 13.1 the free radeon often offer a better experience than the old fglrx-legacy, especially for HD2xxx-HD4xxx range.

openSUSE Factory / 13.2

Dear fellow, unfortunately an still open bug at AMD is not yet resolved to make FGLRX working under newer xorg version.
There’s also a re-organization of how xorg files will be placed in the file system. Once both of them will be fixed Sebastian will produce a newer script.
If those appear soon we perhaps will see rpm fglrx for 13.2.

Release note about 14.9

AMD Full release note

New Features:
The following section provides a summary of new features in this driver version.

   AMD Radeon™ R9 285
   Ubuntu 14.04  support
   RHEL 7.0 support
   Install improvements
      Package and distribution generation options; recommend options set by default
           Help user install generated distribution package once created
      Pop-up messages to help guide users through the install process
           Identifying and installation of pre-requisites 

Resolved Issues:
This section provides information on resolved known issues in this release of the AMD Catalyst Linux Software Suite.

  Witcher 2 random lock-up seen when launching the application
  Screen corruption when connecting an external monitor to some PowerXpress AMD GPU + Intel CPU platforms
  Intermittent X crash when the user does a rotation with Tear Free Desktop enabled
  Failure on exit of OpenGL programs
  Error message being displayed when a user does run clinfo in console mode
  Blank screen when hot plugging an HDMI monitor from a MST hub
  System hang after resume from S3/S4 in High Performance mode on PowerXpress AMD GPU + Intel CPU platforms
  Corruption or artifacting on the bottom right corner of the screen before booting into login UI during restart
  Occasional segmentation fault when running ETQW
  xscreensavers test failing with multi-GPU Crossfire™ configurations
  Motion Builder severe flickering while toggling full screen
  Intermittent crashing and corruption observed while running X-Plane
  Some piglit and Khronos OpenGL conformance test failures
  Displays occasionally going black when startx is run on Ubuntu 14.04 after switching to integrated GPU on PowerXpress AMD GPU + Intel Haswell CPU system platforms
  A connected external display getting disabled when unplugging AC power from laptop platforms
  An auto log out when double clicking the picture under desktop server times on PowerXpress AMD GPU + Intel CPU platforms

Known Issues:
The following section provides a summary of open issues that may be


face
2014IT鐵人賽-27-透過 tar進行備份


今天一樣使用 EasyCloud  雲端簡單龍的帳戶, 那就登入 https://gemini.nchc.org.tw/ 來開始練習openSUSE 基礎指令吧.


今天練習用tar 指令進行備份吧

筆記部份:


資料的備份在系統是很重要的, 在備份之前我們可以先討論一下也許是常用的備份策略
*備份範圍


Full backup (完整備份)
System backup (系統備份, 以下為可能備份的目錄)
  • /etc system config
  • /var
  • /root: personal script, work-notes
  • /home: optional ( if it is a file sharing server )
  • /usr/local: optional (自己裝的套件, scripts)
  • /boot: optional ( 如果有自己編譯過核心 )
  • /srv: optional ( 如果有提供服務


Data backup (資料備份)
Case by case optional (看分享那些目錄,提供那些服務 )


一般常見用 tar 指令來進行備份, 常見的參數如下


tar – The GNU version of the tar archiving utility
  • -c 建立
  • -v 顯示資訊
  • -f 檔案名稱
  • -x 解開
  • -z *.gz 格式
  • -j *.bz2格式
  • -t 列出
  • -C 指定目的地資料夾


開始練習吧
Lab: tar


練習 Full Backup
#ls /tmp <請觀察資訊>
#tar czvf /tmp/htdocs.tar.gz /srv/www/htdocs/ <備份 /srv/www/htdocs >
#ls /tmp <請觀察資訊>
#rm -r /srv/www/htdocs <刪除 /srv/www/htdocs >
#ls /srv/www <請觀察資訊>
#tar zxvf /tmp/htdocs.tar.gz -C / <解開tar -C 指定解開的目的地資料夾>
#ls /srv/www <請觀察資訊>


練習 Incremental Backup
#tar czv -g /tmp/snapshot_file -f /tmp/htdocs_full.tar.gz /srv/www/htdocs/
<建立 full backup >
#touch /srv/www/htdocs/incremental <建立一個空檔案>
#tar czv -g /tmp/snapshot_file -f /tmp/htdocs_incremental.tar.gz /srv/www/htdocs/
<建立 incremental backup >
#tar tzf /tmp/htdocs_incremental.tar.gz <請觀察資訊>
#rm -r /srv/www/htdocs <刪除 /srv/www/htdocs >
#ls /srv/www <請觀察資訊>
#tar xzf /tmp/htdocs_full.tar.gz -C / <解開tar -C 指定解開的目的地資料夾>
#ls /srv/www <請觀察資訊>
#ls /srv/www/htdocs <請觀察資訊>
#tar xzf /tmp/htdocs_incremental .tar.gz -C / <解開tar -C 指定解開的目的地資料夾>
#ls /srv/www/htdocs <請觀察資訊>



Fun with Day 27 ~


face
Naturally, if it were so simple one would not need an article. There has been a lot of news floating around about +Netflix finally being available natively for +Linux. In case you are not aware, getting Netflix on Linux was a labored and complicated process requiring all sorts of WINE hacking or virtualization. +Microsoft had announced that its strategy would be changing away from Silverlight which Netflix has depended on for their DRM content delivery. Netflix then announced they would be dropping Silverlight in favor of +HTML5 once some DRM framework was developed so they could secure their licensed content. Naturally this announcement was greeted with excitement from Linux desktop users all over, excepting of course those whom are absolutely opposed to DRM.



In the last couple of days, there has been a flurry of articles and tutorials on how to get Netflix to work natively. Most of these of course are claiming that it is +Ubuntu only, though this is absolutely false. The new HTML5 DRM video delivery is enabled by Network Security Services which have been around for a long time, but have only recently acquired the Encrypted Media Extensions for the sort of secured DRM necessary for Netflix. While +Android and Chrome OS had Netflix, this left people wondering why not desktop Linux since the two other operating systems use the Linux kernel too. On Chrome, Google developed a special plugin to provide the DRM to allow Netflix to work, while on Android this was facilitated by an app that had the DRM built in.

So now we have working DRM thanks to Google, Mozilla, and many other parties. Firstly, you need NSS 3.16.2 or greater and the +Google Chrome browser version 37 or higher. You will need to go into your Netflix settings and tell it you'd prefer the HTML5 player. Upto very recently you'd need to have your browser falsely identify itself as another browser to get it to work, but this is no longer necessary. At present Chromium and Firefox cannot run Netflix. +Mozilla Firefox will be getting support as well, but it'll be reliant on a proprietary Content Decryption Module or CDM from +Adobe beyond their more conservative approach with a greater focus on privacy and security. This module would most likely be delivered in the same fashion as the +Adobe Flash Player.

face

Been a long time since the last post but have found some time and energy to make a post. As per the roadmap RC1 was released yesterday! With all the nice changes I have seen in Factory, people should definitely be excited for this next release.

For starters, YaST seems to be much faster and stable which is to be expected as the new Ruby code gets more mature. For example, while the UI looks the same, everything seems to be much more responsive than it was in 13.1.

a

13.2 also comes with a new color scheme the project has adopted for this release. To me, while the old color scheme is not necessarily bad, this new color scheme is a step in the right direction. Below you can see the new colors that will be used, for more information please check out the opensuse-artwork mailing list archive.

21839723

13.2 also comes with some shiny new improvements:

  • GNOME 3.14, bringing new animations, hotspot management improvements as well as improved GNOME applets.
  • Firefox 32, with several security fixes, new HTTP cache to improve performance and crash recovery plus more support for HTML5
  • KDE 4.14, featuring improvements for lots of KDE applications, and tons of bugfixes

On my current system (running openSUSE Factory which openSUSE 13.2 has been branched off of), I have been really impressed with how stable everything has been for me. All the people working to support the distro have done a really fantastic job and should be proud of themselves!



Friday
10 October, 2014


Michael Meeks: 2014-10-10: Friday

21:00 UTCmember

face
  • Mail; admin, booked hack-fest flights for Toulouse and Munich.
  • Dead pleased with CloudOn's Teaser Video of their LibreOffice based product for iOS - coming exciting.

face
2014IT鐵人賽-26-排程工作


今天一樣使用 EasyCloud  雲端簡單龍的帳戶, 那就登入 https://gemini.nchc.org.tw/ 來開始練習openSUSE 基礎指令吧.


今天練習排程工作 cron / at 的管理吧

筆記部份:


針對一些週期性的工作或是一些突發的工作, 一般我們會撰寫 shell script 然後搭配 cron 或是 at 這樣的排程指令來達成, 所以今天我們就來練習排程相關指令吧.
**cron 定時排程**


cron 符合條件就執行


crontab -e 語法


星期幾 指令
* * * * * <代表每分鐘執行>
0 * * * * <每小時執行, 分針為0時>
*/5 * * * * <每五分鐘執行一次>


/var/spool/cron/tabs/ 存放cron 的排程工作(個人
/etc/crontab 系統的排程工作
  • 利用 /usr/lib/cron/run-crons 檢查相關工作是否被執行
  • /etc/cron.hourly 小時要做的排程工作(預設沒有工作)
  • /etc/cron.daily/ 要做的排程工作
  • /etc/cron.weekly 要做的排程工作(預設沒有工作)
  • /etc/cron.monthly 要做的排程工作(預設沒有工作)

**at 在指定的時間執行一次**


針對突發的工作, 來進行工作的安排
/var/spool/atjobs 存放 at 工作


開始練習吧
Lab: Cron job


I.每兩個小時監控
1.磁碟使用空間
2.記憶體使用量
II.每天早上九點 max Mail 要收到前一天的 Report


#vi /usr/local/bin/task.sh <編輯一個shell script 來執行>
#!/bin/bash <宣告執行的shell >
date >> /tmp/report.txt <將系統時間 以附加的方式寫入>
df -h >> /tmp/report.txt <將系統空間 以附加的方式寫入>
free >> /tmp/report.txt <將記憶體用量 以附加的方式寫入>


#chmod a+x /usr/local/bin/task.sh <給予執行的權限>
#ls /tmp | grep report <請觀察資訊 無report.txt>
#/usr/local/bin/task.sh <執行剛剛的shell script 測試>
#ls /tmp <請觀察資訊 有無report.txt>
#cat /tmp/report.txt <請觀察資訊>
#ls /var/spool/cron/tabs <執行crontab 前 請觀察資訊>


#crontab -e <編輯crontab>
0 */2 * * * /usr/local/bin/task.sh
0 9 * * * mail -s "Report" max < /tmp/report.txt
5 9 * * * rm -rf /tmp/report.txt


#ls /var/spool/cron/tabs <執行crontab 後 請觀察資訊>


#crontab -l <列出crontab -l 列出>
#crontab -r <移除crontab -r 移除>


#ls /var/spool/cron/tabs <請觀察資訊>


Lab: at
#rcatd status <觀察atd的資訊>
#rcatd start <啟動atd>
#at now +2min
at>wall /etc/fstab <廣播/etc/fstab給全體人員>
Ctrl + D <結束編輯>
#atq <列出at的工作>



Fun with Day 26 ~


face

As you might know, due to invasive changes in PackageKit, I am currently rewriting the 3rd-party application installer Listaller. Since I am not the only one looking at the 3rd-party app-installation issue (there is a larger effort going on at GNOME, based on Lennarts ideas), it makes sense to redesign some concepts of Listaller.

Currently, dependencies and applications are installed into directories in /opt, and Listaller contains some logic to make applications find dependencies, and to talk to the package manager to install missing things. This has some drawbacks, like the need to install an application before using it, the need for applications to be relocatable, and application-installations being non-atomic.

Glick2

There is/was another 3rd-party app installer approach on the GNOME side, by Alexander Larsson, called Glick2. Glick uses application bundles (do you remember Klik from back in the days?) mounted via FUSE. This allows some neat features, like atomic installations and software upgrades, no need for relocatable apps and no need to install the application.

However, it also has disadvantages. Quoting the introduction document for Glick2:

“Bundling isn’t perfect, there are some well known disadvantages. Increased disk footprint is one, although current storage space size makes this not such a big issues. Another problem is with security (or bugfix) updates in bundled libraries. With bundled libraries its much harder to upgrade a single library, as you need to find and upgrade each app that uses it. Better tooling and upgrader support can lessen the impact of this, but not completely eliminate it.”

This is what Listaller does better, since it was designed to do a large effort to avoid duplication of code.

Also, currently Glick doesn’t have support for updates and software-repositories, which Listaller had.

Combining Listaller and Glick ideas

So, why not combine the ideas of Listaller and Glick? In order to have Glick share resources, the system needs to know which shared resources are available. This is not possible if there is one huge Glick bundle containing all of the application’s dependencies. So I modularized Glick bundles to contain just one software component, which is e.g. GTK+ or Qt, GStreamer or could even be a larger framework (e.g. “GNOME 3.14 Platform”). These components are identified using AppStream XML metadata, which allows them to be installed from the distributor’s software repositories as well, if that is wanted.

If you now want to deploy your application, you first create a Glick bundle for it. Then, in a second step, you bundle your application bundle with it’s dependencies in one larger tarball, which can also be GPG signed and can contain additional metadata.

The resulting “metabundle” will look like this:

glick-libundle

 

 

 

 

 

 

 

 

 

This doesn’t look like we share resources yet, right? The dependencies are still bundled with the application requiring them. The trick lies in the “installation” step: While the application above can be executed right away without installing it, there will also be an option to install it. For the user


face

Německá města jdou příkladem pro celý svět, tím jak začínají používat openSource produkty. Po Mnichovském úspěchu další Německé město migrovalo na operační systém Linux. Gummersbach město které má přes 50 tisíc obyvatel úspěšně dokončilo svou migraci z už nepodporovaného systému Windows XP na SUSE Linux.
Vlastní migrace započala už v roce 2007, kdy město mělo jasnou vizi vyměnit dosluhující a brzy nepodporované Windows XP za openSource alternativu.

Proč Linux a Libre Office?

Existuje mnoho důvodů, proč by se místní úřady i státní správy měli přesunout na openSource technologie. Jedním z největších důvodů je cena. Narozdíl od MS Windows a MS Office není potřeba platit za licenční poplatky, atak utrácet peníze daňových poplatníků.
Soukromé technologie, „zamknuté“ v jedné americké společnosti Microsoft, dost snižují možnost pro místní podnikatelskou činnost, stejně jako možnost inovace: místní hráč může pouze přeprodávat, nebo sloužit jako prostředník.
V openSource technologiích mohou schopní lidé budovat společnosti na zdrojovém kódu.
Zadní vrátka v proprietárních řešeních, vrátka která dávají možnost americkým autoritám přímého přístupu k vašim uživatelským datům.
Existují zprávy, že data byla zneužita v korporátní špionáži. Otázka zní - Bude vládám příjemné, že někdo jiný by mohl mít přímý přístup k datům všech lidí?
Další důležitý důvod proč používat linuxové technologie je ten, že organizace už není závislá na prodejci.

Nesnášející se s konkurencí

Poslední a nejdůležitější důvod je fakt že jste „zamknutí“ a nekompatibilní.
Microsoft záměrně vytváří nekompatibilnosti, takže je ještě těžší dostat se k datům pomocí konkurenčních produktů.
Vina však padá na konkurenční produkty, že právě ony nejsou kompatibiní.
Fakt je ten "nekompatibilnosti jsou část strategie, aby uživatelé byly odrazeni od migrace".

Mnichov a Gummersach nám ukázali, napříč masivní PR kampani společnosti Microsoft, že openSource je ta jediná možnost jak vytvářet trvale udržitelnou IT infrastrukturu.

Zdrojový článek


Thursday
09 October, 2014


Michael Meeks: 2014-10-09: Thursday

21:00 UTCmember

face
  • Plugged at mail, partner call, more mail. Lunch, mgmt team call, wrote a LXF column on open source civility. ESC call, merged some patches & back-ported some others.

face
Cliquez sur l'image pour l'afficher en taille normale

Nom : Testing-Group-Logo-300x275.png 
Affichages : 1585 
Taille : 55.1 Ko 
ID : 2769

Un peu plus de deux semaines après la sortie de la première (et unique) bêta, c'est au tour de la Release Candidate de faire son apparition.

face
2014IT鐵人賽-25-syslog


今天一樣使用 EasyCloud  雲端簡單龍的帳戶, 那就登入 https://gemini.nchc.org.tw/ 來開始練習openSUSE 基礎指令吧.


今天練習log的管理吧

筆記部份:


當事件發生時, 最重要的是取得充足的資訊, 所以如何觀察系統的資訊以及管理system log也是一個重要的課題, 今天就來進行相關的練習吧.
如何取得開機的相關訊息呢?
#dmesg | grep 關鍵字 觀察相關訊息


有關 log 的儲存位置
系統內大部分的log皆存放於 /var/log 目錄

Log Server
常見的套件有 syslog 以及 syslog-ng , 今天要介紹的是 syslog-ng
套件: syslog-ng
相關設定檔:
  • /etc/syslog-ng/syslog-ng.conf
  • /etc/syslog-ng/syslog-ng.conf.in
  • /etc/sysconfig/syslog


如果要更換 log 管理的套件
可以藉由修改 /etc/sysconfig/syslog 內的
  • SYSLOG_DAEMON="syslog-ng" 來指定要使用syslog-ng 還是傳統的syslogd


log 的傳遞分為兩個部份
Facilities 從哪一個服務或是設備傳來
Priorities log level, 優先性


log 的優先等級
Priorities
  • debug
  • info
  • notice
  • warning
  • err
  • crit
  • alert
  • emerg/panic

有關於 log 的封存, 我們可以藉由 log rotate 來達成


**logrotate**
/etc/logrotate.conf log封存的設定檔(Global)
  • weekly 每週封存
  • rotate 4 保留4份
  • create 封存完建立空檔
  • include /etc/logrotate.d/ 相關要封存的log 設定存放目錄


開始練習吧


Lab: 取得系統資訊


#dmesg | more <觀察開機資訊>
#uname -r <觀察 kernel 版本>
#chkconfig --list <觀察系統服務>
#cat /etc/*release <觀察系統版本資訊>
#uptime <觀察系統loading>
#lscpu <觀察 CPU 資訊>
#netstat -tupln <觀察 network port>

Lab: Syslog-ng


目的: 指定pure-ftpd的記錄檔存檔路徑


#netstat -tupln | grep :21 <觀察port 21有沒有服務>
#grep -i syslog /etc/pure-ftpd/pure-ftpd.conf <觀察Facilityftp>
SyslogFacility ftp
#rcpure-ftpd start <啟動pure-ftpd 服務>
#netstat -tupln | grep :21 <觀察port 21有沒有服務>
#ftp 127.0.0.1 <請嘗試以ftp登入, 輸入bye -->離開>
#tail /var/log/messages <請觀察資訊>


修改syslog-ng的設定, 新增以下設定
#vi /etc/syslog-ng/syslog-ng.conf


filter f_ftp { level(debug .. emerg) and facility(ftp); }; <指定FacilityPriorities>


destination ftpall { file("/var/log/ftpmesg"); }; <指定log檔的位置>


log { source(src); filter(f_ftp); destination(ftpall); };


#rcsyslog restart <重新啟動syslog服務>
#ftp 127.0.0.1 <請嘗試以以ftp登入, 輸入bye -->離開>
#ls /var/log <請觀察資訊>
#cat /var/log/ftpmesg <請觀察資訊>

Lab: logrotate


目的: 備份pure-ftpd 的紀錄檔


要求如下
1.每天備份一次
2.紀錄檔要壓縮
3備份上限5,封存完建立空檔案


#vi /etc/logrotate.d/ftp


/var/log/ftpmesg{
daily
compress
rotate 5
create
postrotate
/etc/init.d/syslog reload
endscript
}


#ls /var/log <請觀察資訊>
#logrotate -f /etc/logrotate.d/ftp <強制作logrotate動作>
#ls /var/log <請觀察資訊>


optional Lab: Log Server


Server :
加入以下設定 允許 UDP 514 port 傳送log


#vi /etc/syslog-ng/syslog-ng.conf


source s_udp { udp( ip("0.0.0.0") port(514) ); };
destination s_udp { file("/var/log/from_net"); };
log { source(s_udp); destination(s_udp); };


#rcsyslog restart <重新啟動syslog服務>


Client:


修改設定檔, log 傳到 log server
#vi /etc/syslog-ng/syslog-ng.conf


destination logserver { udp("伺服器IP" port(514)); };
log { source(src); destination(logserver); };


#rcsyslog restart <重新啟動syslog服務>


測試


Server:
#ls /var/log <請觀察資訊>


Client:
#rcsyslog restart <重新啟動syslog服務>


Server:
#ls /var/log <請觀察資訊>



Fun with Day 25 ~

<- Current blog entries