mardi 16 février 2016

Create a server that relay to a Exchange Server masquerading the username

You want to connect your linux app to your company exchange server, but you server does not allow the unauthenticated mail submission. You can implement it by using a nintermediate mail relay, that will transform your mail so it can be submitted to the mail server.

yum install postfix
You must install SASL.
yum install cyrus-sasl cyrus-sasl-lib cyrus-sasl-plain cyrus-sasl-ntlm

In the /etc/postfix/main.cf

For having your mail relayed, add the line:

relayhost = [myexchangeserver.mycompany.com]:587
smtp_sasl_mechanism_filter = login ntlm
smtp_tls_session_cache_database = btree:/var/run/smtp_tls_session_cache
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous


In the sasl_password put your password
[myexchangeserver.mycompany.com]:587  myuser:mypassword

Then build the hash for it to be used by postfix.

postmap /etc/postfix/sasl_passwd


For rewriting the mail address:

sender_canonical_classes = envelope_sender, header_sender
sender_canonical_maps =  regexp:/etc/postfix/sender_canonical_maps
header_checks = regexp:/etc/postfix/header_checks


in /etc/postfix/header_checks
/From:.*>/ REPLACE From: My Name

lundi 8 février 2016

Setup backup for SVN

Backup overview:

  • The maximum amount of work that you can afford to loose:
  • To define a backup policy you must define the maximum downtime:

 Backup specifics for source referential:

 When defining a backup policy, it is important to have some figures on the volume of data that you will generate, the data that you keep should be relevant, and best is to optimize the amount of data. Regarding this the configuration management has some specific because keeping a reasonable history is interesting.

 To setup a backup for SVN, there are basically two options
  • Generate an export from you repository using the svn export command. It has the advantage not to consider the big files that has been committed by error into the repository, but has the disadvantage to loose the history, but also duplicate all the information that has to do with the creation of branches or tags, resulting sometimes in making file bigger.
  • On the other hand you could use the svn dump functions svnadmin dump, that will keep the history and keep the links between the revision of trunk, but maybe this could be bigger in size (for instance if you did an import just at the beginning of the project and then you removed it), you do not want those file to consume some space. 
So the best option is to keep some of the history of the project, bu not all.
Here is a simple script that does it.


vi /etc/cron.daily/backup-svn-daily.sh

#/bin/sh
SVN_REPO_LOCATION=/var/svn-repo
rm -rf /tmp/svn/*>/dev/null
mkdir /tmp/svn

# Getting information on the last revision, filtering on line
# and cttuing the results
for i in $( find $SVN_REPO_LOCATION/* -maxdepth 0 -type d -printf "%f\n" ); do
        revmax=`svn info file://$SVN_REPO_LOCATION/$i/|grep Révision|cut -d ' ' -f 2|sed s/[a-z]*//`
        echo Revision max=$revmax
        revmin=$(expr $revmax - 100)
        revmin=$(( $revmin < 0 ? 0 : $revmin ))
        svnadmin dump -r$revmin:$revmax $SVN_REPO_LOCATION/$i>/tmp/svn/$i
        tar -czf /var/backup/$i-day-`date +%Y%m%d`.tgz /tmp/svn/$i
done
rm -rf /tmp/svn/*


find $BACKUP_LOCATION -name *day* -mtime +7 -exec grep rm -f {} \;


vi /etc/cron.weekly/backup-svn-weekly.sh
#/bin/sh
SVN_REPO_LOCATION=/var/svn-repo
BACKUP_LOCATION=/var/backup
rm -rf /tmp/svn/*>/dev/null
mkdir /tmp/svn
for i in $( find $SVN_REPO_LOCATION/* -maxdepth 0 -type d -printf "%f\n" ); do
        svnadmin dump $SVN_REPO_LOCATION/$i>/tmp/svn/$i
        tar -czf $BACKUP_LOCATION/$i-weekly-`date +%Y%m%d`.tgz /tmp/svn/$i
done
rm -rf /tmp/svn/*
find $BACKUP_LOCATION -name *weekly* -mtime +80 -exec grep rm -f {} \;



 vi /etc/cron.daily/clean-old-backup.sh
#!/bin/sh
find /var/backup/ -name *-day-* -mtime +7|xargs rm -f
find /var/backup/ -name *-week -mtime +30 |xargs rm -f



vendredi 5 février 2016

ApacheDS Guide

I had couple of issue removing a partition on apacheds. It seems that if you do not perform the operations in the right order you could crash you server and it would not start again. Here are the steps I performs to successfully remove a partition.

Remove the organization node


Connect to the configuration panel

Go to the advanced partition editor


Remove the partition

Delete the indexes on the partion:


Restart the server.
It should be ok

Connect from command line:

ldapsearch -x -H ldap://localhost:10399 -D"uid=admin,ou=system" -wXXXXX  -s sub "(cn=Soullard)" -LLL +