Software, Photography, Madness.

OSX Trickery:
To stop OSX from pooping little ds_store files on network shares:

defaults write com.apple.desktopservices DSDontWriteNetworkStores true

Google file searching.
To find an MP3 file, try: -inurl:htm -inurl:html intitle:"index of" "Last modified" mp3 [song name]

STDERR redirection in SH 

I can never remember this syntax (I wonder why?)

To redirect STDERR only:
2> /dev/null

To redirect STDERR and STDOUT to /dev/null:
2>&1 > /dev/null

And, while we're here, how about for loop syntax:

for i in 1 2 3 4 5
do
  echo "Looping ... number $i"
done

CVS Notes
Notes for CVS:

  • to merge a branch with the trunk:
    • check out the trunk
    • merge the branch in with cvs update -j
    • fix any errors
    • commit the whole thing.
  • to tag something:
    • Get things to where you want them.

Slave LDAP redux

  1. checkout aria from cvs
    • setenv CVSROOT jeremyc@pollux:/cvs
    • setenv CVS_RSH ssh
    • cvs co -d radacct ssi/jeremyc/radacct
    • cd radacct/schema
    • cp aria.schema /usr/local/etc/openldap/schema
    • edit /usr/local/etc/openldap/slapd.conf
      • include /usr/local/etc/openldap/schema/core.schema
      • include /usr/local/etc/openldap/schema/sendmail.schema
      • include /usr/local/etc/openldap/schema/misc.schema
      • include /usr/local/etc/openldap/schema/RADIUS-LDAPv3.schema
      • include /usr/local/etc/openldap/schema/cosine.schema
      • include /usr/local/etc/openldap/schema/inetorgperson.schema
      • include /usr/local/etc/openldap/schema/nis.schema
      • include /usr/home/jeremyc/working/radacct/schema/aria.schema
  2. Install OpenSSL, bdb, and openldap
    • building bdb:
    • cd build_unix
    • ../dist/configure
    • make
    • Building openLDAP:
    • env CPPFLAGS="-I/usr/local/BerkeleyDB.4.1/include" LDFLAGS="-L/usr/local/BerkeleyDB.4.1/lib" LDFLAGS=-L/usr/local/BerkeleyDB.4.1/lib ./configure -enable-threads -enable-slapd --enable-bdb --disable-slurpd --with-tls --enable-wrappers --without-cyrus-sasl
    • make depend
    • make && make install
  3. edit /etc/hosts.allow to restrict access
    • slapd : 199.247.51.0/255.255.255.0 : allow
    • slapd : ALL : deny
  4. Export the current db
    • slapcat -b "dc=ssi" -c -l all.ldif
    • scp all.ldif admin@newserver.ssimicro.com:/tmp
    • rm all.ldif
    • (on new server)slapadd -l /tmp/all.ldif
  5. Now, build a cert for the new server
    • (in radacct)
    • openssl req -new -nodes -keyout boilermaker.key -out newreq.pem
    • /usr/local/ssl/misc/CA.sh -sign (pwd: ideat...)
    • mv newcert.pem boilermaker.pem
    • copy boilermaker.* and demoCA/cacert.pem to new machine 
    • replica host=phoenix.arctic.ca:389
tls=critical
binddn="cn=admin,dc=ssimicro.com,dc=ssi"
bindmethod=simple credentials=password
suffix="dc=arctic.ca,dc=ssi"
    • on master, make sure the cacert is referenced in /usr/local/etc/openldap/ldap.conf:
      TLS_CACERT /usr/local/etc/openldap/cacert.pem
    • Slave should have (in slapd.conf):
    • updatedn "cn=admin,dc=ssimicro.com,dc=ssi"

All content (c) 2002 J.Childs
jeremyc@ssimicro.com