The RoarinPenguin Techiezone

Ext2/Ext3 Support on MAC OS X Lion

As usual, not that immediate to find a proper answer on the ‘Net, hence I’m providing one here.

While in Snow Leopard was quite easy to see your ext2/ext3 formatted disks via MacFuse and ext2-fuse, in Lion you need to install another fuse fork and select a special option. That new fork is OSXFUSE, which latest release at the time of this post if from December 2011.

The most common symptom indicating you need this is to try mounting an ext2/3 formatted drive and see the following error:

fuse-ext2 /dev/disk3s1 /Volumes/Movies
dyld: Library not loaded: /usr/local/lib/libfuse.2.dylib
 Referenced from: /usr/local/bin/fuse-ext2
 Reason: image not found

During the installation of OSXFUSE, you need to enable MacFuse Compatibility Layer by flagging the appropriate checkbox as shown below:

click to zoom

Once you’re done with this, replug your ext2/3 formatted drive and it’ll automagically mount it in Finder, giving your deserved magnificent user experience of a Mac user

Posted in linux, Mac | No Comments »

Change Root DN Password on OpenLDAP

Took me BIG time, some hack and research on the internet to find the information contained in this post.

Don’t want to redo it again therefore I “took note” in my universally accessible internet notepad

The problem is the following: when I installed OpenLDAP, I have set a password for my OpenLDAP administrator that I would like to change. Admin account is normally NOT stored in the main LDAP bridge where other accounts are stored, and it is particularly difficult to find good documentation about how to do it.

If you find yourself in the same situation, here a working procedure you can follow (which at least worked on my OpenLDAP running on Ubuntu 10.10).

Although you can type in the password straight in a certain file in cleartext if you have root access to the machine, the more “elegant” way is to use the proper ldapmodify command.

First, we need to find a way to locate the credentials information of the administrator account in the correct database within the LDAP tree.

This can be done using the command:

ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b  cn=config olcRootDN=cn=admin,dc=example,dc=com dn olcRootDN olcRootPW

(replace olcRootDN value highlighted in blue with the correct value to match your configuration)

This command will return:

SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
dn: olcDatabase={1}hdb,cn=config
olcRootDN: cn=admin,dc=example,dc=com
olcRootPW: {SHA}ksixAVfgRXavGCpkPefc6hRHL4X=

There are two interesting information we know now:

1. we need to modify the entry “dn: olcDatabase={1}hdb,cn=config“
2. the current password is hashed with SHA1 algorythm.
   Therefore we need to generate our new password with the same algorythm using the command slappasswd using the syntax

slappasswd -h <the hashing scheme we want to use - for example {SHA}>

The system will then prompt us twice for the new password to use and will finally display the hashed value we’re interested in (example below with password = password)

root@testbox:~# slappasswd -h {SHA} New password:
Re-enter new password:
{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=

Then we’ll proceed to modify the entry we’ve identified above using the command:

root@testbox:~# ldapmodify -Y EXTERNAL -H ldapi:///

The system will start the listening mode for modifying commands:

SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0

First, we enter the entry we want to modify:

dn: olcDatabase={1}hdb,cn=config

Second, we type in the parameter we want to modify:

replace: olcRootPW

Third, we type in the new password generated above (copy and paste is MUCH less error prone than manual typing at this point )

olcRootPW: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=

Hit Enter another time to commit the modification and the following line will appear:

modifying entry "olcDatabase={1}hdb,cn=config"

After this, you can exit the listening mode with CTRL+C and restart the LDAP database service using

service slapd stop

service slapd start

and login now with the new password set.

Posted in OpenLDAP | 1 Comment »

Format file in FAT32 on a Mac

Had a need, found a solution, reporting the procedure here.

First, you need to understand what is the disk name of the device you want to format.

For example, if you have a MacBook Pro and a SD card, this is done using disk utility, selecting the card reader where you inserted the SD card and clicking on Info button to get information about the storage.

Click to enlarge the picture below.

Even with an italian screenshot, you can grab that in my example the device name is disk4.

Open Terminal and type the command reported below to proceed with the format:

diskutil partitionDisk /dev/disk4 MBRFormat “MS-DOS FAT32” “2G” 2Gb

This will create on /dev/disk4 a FAT 32 (MS-DOS FAT16 will do a 16bit one) partition labeled 2G of 2 Gb in size.

Enjoy.

Posted in Mac | No Comments »

Move running processes to another tty or screen

How many times I did find myself launching a script, or worst, seeing a process running on a system and wishing to take control over it… the answer is too many

Today I’ve found a nice solution at least for Linux systems with the utility reptyr.

While I’m writing this post the package is still in unstable dist, hence not part of the “standard” repositories for a Debian Linux system.

But you can download it using command:

wget http://http.us.debian.org/debian/pool/main/r/reptyr/reptyr_0.3-2_i386.deb

for i386 architecture.

Then, to install

qpkg -i reptyr_0.3-2_i386.deb

And finally you run it.

For example, to bring a process with pid 4242 to your running tty you type:

reptyr 4242

Enjoy!

Posted in linux | No Comments »

How to exit screen terminal emulator in Mac

Since I always fail to remember this…

Control+A ==> send commands to screen

Control+A, followed by Control+\ exit the session

Posted in Mac | No Comments »

Getting ATEN USB-to-Serial to work (again) on MAC OS X Lion

This awesome USB to Serial adapter was working perfectly in MAC OS X Snow Leopard, but it did stop when I upgraded to Lion.

Luckily I’ve found good hints on few websites and because I’ve been able to fix it and now I have this working again, I’ve decided to document here how to make it working.

First, you need to download the drivers for MAC OS X 10.6 provided by the vendor.

Then, use the application USB Prober in Mac to find out what is the Vendor ID and Product ID of the adapter you are using.

The screenshot below shows example in my case (click to zoom):

Take not of the decimal values and go edit (with sudo) the file /System/Library/Extensions/ProlificUsbSerial.kext/Contents/Info.plist

Locate the keywords described below:

<key>idProduct</key>
<integer>xxxx</integer>
<key>idVendor</key>
<integer>xxxx</integer>

Replace the xxxx values with the numbers indicated below:

<key>idProduct</key>
<integer>8200</integer>
<key>idVendor</key>
<integer>1367</integer>

Save and close the file.

Execute the following commands:

sudo kextunload ProlificUsbSerial.kext

Posted in Mac | No Comments »

How to Create a Bootable Image of Ubuntu (or any bootable ISO) on a Mac

Found this process well described on Ubuntu website, hence thought it was a good idea to report here also, for future usage.

Note: this procedure requires an .img file that you will be required to create from the .iso file you download.

TIP: Drag and Drop a file from Finder to Terminal to ‘paste’ the full path without typing and risking type errors.

1. Download the desired file

2. Open the Terminal (in /Applications/Utilities/ or query Terminal in Spotlight)

3. Convert the .iso file to .img using the convert option of hdiutil (e.g.,hdiutil convert -format UDRW -o ~/path/to/target.img ~/path/to/ubuntu.iso)

4. Note: OS X tends to put the .dmg ending on the output file automatically.

5. Run diskutil list to get the current list of devices

6. Insert your flash media

7. Run diskutil list again and determine the device node assigned to your flash media (e.g. /dev/disk2)

8. Run diskutil unmountDisk /dev/diskN (replace N with the disk number from the last command; in the previous example, N would be 2)

9. Execute sudo dd if=/path/to/downloaded.img of=/dev/rdiskN bs=1m (replace /path/to/downloaded.img with the path where the image file is located; for example,./ubuntu.img or ./ubuntu.dmg).

▪ Using /dev/rdisk instead of /dev/disk may be faster.

▪ If you see the error dd: Invalid number ’1m’, you are using GNU dd. Use the same command but replace bs=1m with bs=1M.

▪ If you see the error dd: /dev/diskN: Resource busy, make sure the disk is not in use. Start the ‘Disk Utility.app’ and unmount (don’t eject) the drive.

10. Run diskutil eject /dev/diskN and remove your flash media when the command completes

11. Restart your Mac and press alt while the Mac is restarting to choose the USB-Stick

Posted in linux, LiveCD and Bootable USB, Mac | No Comments »

Nice way to generate a password

Nice way, grabbed from a discussion, to generate a password.
You should have a Linux console available or an MD5 hashing utility.

Console Linux:

$ echo “nel mezzo del cammin di nostra vita” | md5sum
5b14c45d2ae299904da0c4c8e251a05f

Posted in authentication, security | No Comments »

HowTo add Radius Authentication to Apache2

Few notes to myself, to avoid forgetting a cool thing I’ve just learned.

The need is to implement radius based authentication to access a directory on Apache2 Web server.

Here’s how to proceed (instructions have been tested on an Ubuntu 10.10).

First, you need to install the needed module for Radius authentication on Apache2, using the command:

apt-get install libapache2-mod-auth-radius

Then, you need to enable it with command:

a2enmod auth_radius

You need now to make your apache web server aware of where to send authentication requests for Radius. There are two ways, depending if you want to make this configuration apache-wide (therefore edit /etc/apache2/http.conf) or if you want to limit it to a specific virtual host (thus you’ll edit /etc/apache2/sites-enabled/<yoursitename>.conf).

Add the line:

AddRadiusAuth <IP address of the Radius server>:<port where Radius service is listening> <shared secret> [timeout [:retries]]

Assuming you want to protect a specific directory called auth-test, you can insert the following directive in your site/virtualhost configuration file (/etc/apache2/sites-enabled/<yoursitename>.conf):

<Directory “/var/www/testmyauth”>
Options Indexes FollowSymlinks
AuthType Basic
AuthName “Roarin RADIUS Authentication”
AuthBasicAuthoritative Off
AuthBasicProvider radius
AuthRadiusAuthoritative on
AuthRadiusActive On
Require valid-user
</Directory>

Naturally you might add the above directives also in a .htaccess file in the directory you want to protect with Radius based authentication…

Finally, restart or reload you apache2 using one of the commands:

service apache2 reload

service apache2 restart

Enjoy

Posted in apache, authentication, security | No Comments »

Print from PHP on a Linux system printer

Suppose you have a script in PHP and you want to print on the system’s default printer, you can use the function

system (<command>, $retval)

The following example shows the printing of a content including a variable coming from the PHP script:

system('echo "'.$message.'"|lpr -o page-left=35 ', $retval );

Posted in linux, PHP, shell scripting | No Comments »