Building a YUM repo
Yum is the application installer used by RedHat. It connects to various known repos to download requested software. To create a YUM repo simply drop all your rpm files into a directory on a web server and inform the RedHat system you wish to install them on by creating a file in /etc/yum.repos.d
The file should be called something.repo and the format follows the following:
name=My YUM repo baseurl=http://10.0.0.1/redhat5/myrpms/ enabled=1 gpgcheck=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
The gpgkey entry details a file with gpg auth details for the rpms in the repo, however, this will be disabled if gpgcheck is set to '0'.
SNAT – making IPs local
SNAT (Sender Network Address Translation) under IPtables on Linux. It's used where you need to change the IP address that the packet is seemingly coming from. Great for when you need to make traffic look local.
Picture a scenario where a company has two separate connections to the Internet (possibly via different suppliers):
A network using SNAT
Web traffic can happily arrive and exit via Router A as this is the default gateway for the Web Server. However rather than having two web servers with the same content, the intention is to have web traffic from Router B forwarded to the Web Server. The issue becomes the source IP address. The Web Server will happily accept the packets of data, but will then pass replies out via it's default gateway, namely Router A. Responses will never succeed and the connection will seemingly fail.
Cue SNAT!
It's possible to use SNAT to alter the source IP of the packet - in this case making the packet seemingly come from the Forwarder box. The Web Server will subsequently deem the packet as local and pass it back via it's local routes rather than it's default gateway. The Forwarder will then accept the packet and route it to the original IP that made the request via Router B.
In the above example, the forwarding and SNAT iptables rules for the Forwarder box would be as follows:
$ iptables -t nat -A PREROUTING -p tcp -d 9.8.7.7 --dport 80 -j DNAT --to-destination 10.0.0.1 $ iptables -t nat -A POSTROUTING -p tcp -o eth1 -j SNAT --to-source 10.0.0.2
Notice that the second ethernet card (eth1) was specified in the SNAT rule, and not an IP address, to ensure that ALL packets exiting this card are affected; this is because all traffic in the above example exiting eth1 is considered local traffic. However, it is possible to restrict exactly which IPs the rule should apply to if necessary.
Exporting printers under CUPS
CUPS appears to be quite standard as the Linux print server of most distros and is also featured in MacOSX. The following is a quick guide to exporting your printers, making them available to other CUPS computers on the network.
The file to edit is /etc/cups/cupsd.conf By default CUPS will only listen for requests on localhost so an entry must be added to enable local network connections. In the following example, the 10.0.0.1 network card on the server is added. Multiple Listen directives may be used, allowing for more IP addresses. The port number 631 is also specified (and is the CUPS default port):
Listen localhost:631 Listen /var/run/cups/cups.sock Listen 10.0.0.1:631
Next, browsing must be enabled. Edit the appropriate entry as follows:
Browsing On
finally, the printers directory must be made accessible. Following similar apache configuration, an allow entry must be specified as follows in the root Location directive. Following from earlier, the entry has been edited to allow the 10.0.0.* network:
<Location /> Order allow,deny Allow From 10.0.0.* </Location>
Finally, restart CUPS.
Mutt and mime types
As mutt is text based, it can often prove difficult to open up an attachment, a PDF for example. However, you can tell mutt to pass the attachment on to another application to resolve. In this way, you can pretty much do whatever you need remotely on the CLI. Other times you may need to inform mutt of what mime type an attachment is. Here's how...
Opening different mime type attachments
All attachments have a mime type which specifies what they are. At runtime mutt will read in ~/.mailcap if it exists. This is the file you can use to specify which applications are to be used to resolve specific mime types. So here's a simple example:
text/html; cat %s | w3m -T text/html application/pdf; pdftotext -layout %s - | less
As you can see, the text/html mime type is resolved by cating the file to the w3m text browser. For a PDF document, we pass it through pdftotext and then less it.
It may be important to note that mutt will wait for the application to exit before resuming normal operation.
You will also be pleased to know that there is no restriction to CLI based apps only - you can use GUI apps if you like running mutt in gnome or something similar.
Adding different mime type attachments
It is possible that mutt will not know what mime type to use with a file you wish to attach to an email; just look at what we've been doing so we can correctly open a file based on mime type. However, it is possible to give mutt a helping hand.
Mutt supports the use of a ~/.mime.types file where additional mime types can be specified. A simple example:
application/postscript ps eps application/pgp pgp audio/x-aiff aif aifc aiff
As you can see the file consists of lines containing a MIME type and a space separated list of extensions.
Multi mutt mailboxes
I access my email via the CLI. I don't need HTML and the like to make an email look pretty for me, I simply want to get to the email, read it, reply if necessary and carry on with my life. As such, I use mutt for all my email needs. So much so, that I use it to get my gmail emails too...
With some help from andre, I was able to set up two email accounts in mutt so that each email is sent via its own SMTP server - configured via a account-hook. Swicthing between them is a case of pressing <esc><1> or <esc><2> - allowing for more accounts to be assigned to other numbers.
Here's the example with one account for the domain example.com and another for gmail.com:
# clear any existing accounts account-hook . 'unset imap_user; unset imap_pass; unset tunnel' # home account setup account-hook imap://username@example.com/ 'set imap_user=username imap_pass="XXX"' folder-hook imap://username@example.com/ 'set folder=imap://username@example.com/ spoolfile=imap://username@example.com/INBOX from="username <username@example.com>" smtp_url="smtp://127.0.0.1/" record="=Sent"' # gmail account setup account-hook imaps://imap.gmail.com:993/ 'set imap_user=gmailuser imap_pass=XXX' folder-hook imaps://imap.gmail.com:993/ 'set folder=imaps://imap.gmail.com:993/ spoolfile=imaps://imap.gmail.com:993/INBOX from="gmailuser <gmailuser@gmail.com>" smtp_url="smtp://gmailuser@smtp.gmail.com:587/" smtp_pass="XXX" record="=[Gmail]/Sent Mail"' # set default account on startup set folder=imap://username@example.com/ set spoolfile=imap://username@example.com/INBOX # set mutt style and colors source ~/mutterings/style # macros to change profile macro index <esc>1 'c?c<kill-line>imap://username@example.com/<enter>/INBOX<enter><enter>' macro index <esc>2 'c?c<kill-line>imaps://imap.gmail.com:993/<enter>/INBOX<enter><enter>'
I have my stylesheet in a seperate file to keep ~/.muttrc detailing only account configurations, but this is a personal choice.
Debian cups-pdf
The Common UNIX Printing System (CUPS) has long been the standard of printing and print drivers for Linux. Having a PDF printer can be extremely useful - so here's how to set one up in Debian.
First, you have to install the CUPS PDF print driver
$ aptitude install cups-pdf
Next, we need to actually configure the printer itself for use. In CUPS this can be easily done via a URL and a browser of your choice (even a text based browser). Simply head over to http://localhost:631/ and in the following screen select the "Administration" option
CUPS default screen
Then select to "Add Printer"
CUPS printer administration
How you configure the printer name and details is up to you and your setup, but it is easiest to simply use "PDF" as the printer name
CUPS add printer
Next select the "Virtual PDF Printer" as the device
CUPS select device
For the make and manufacturer of printer select Generic
CUPS make and manufacturer
Finally, for the model select the "Generic CUPS-PDF Printer(en)" option
CUPS model
At this point you will now have a PDF printer. Some customisation is possible in the file /etc/cups/cups-pdf.conf - for example, the default location for creating PDF files is in a PDF directory in the user's home directory as identified by this entry:
Out ${HOME}/PDF
Clearly you can adjust this to suit your needs. To demonstrate the post processing options available, uncomment the PostProcessing option and alter to read as follows
PostProcessing /usr/local/bin/cups-pdf-renamer
Edit the file /usr/local/bin/cups-pdf-renamer to look as follows:
1 2 3 4 5 6 7 | #!/bin/bash FILENAME=`basename $1` DIRNAME=`dirname $1` DATE=`date +”%Y-%m-%d_%H:%M:%S”` mv $1 $DIRNAME”/”$DATE”.pdf” |
Make sure the file is executable
$ chmod +x /usr/local/bin/cups-pdf-renamer
Essentially this will rename the file to a date and time stamp. Clearly you can alter this to suit your needs. This example was taken from here
Anonymous Windows PDF generation via SAMBA
On Ubuntu I'm completely used to the idea of printing out a PDF document of what I want/need. It saves on paper and allows me to keep digital copies; it can also prove indispensable if I need to send a copy via email.
At work, on Microsoft Windows, I have struggled with trying to do this. The only products available for PDF generation appear to be commercial. Through some tinkering with a Ubuntu server in the office I setup a PDF printer for all to use anonymously. Here's how...
Configuring Samba and PDF
The important thing to remember is that PDF printer on the server produces PDF files locally, and therefore access to the produced PDFs must be via SAMBA too.
Samba is usually installed by default, but if not, run:
$ sudo apt-get install samba
Changes need to be made to the config file /etc/samba/smb.conf to allow printing. Uncomment/add the following entries:
printing = cups printcap name = cups
We now need a location that anybody can read or write to (which is where our PDFs will be placed for pickup). In this example I will use the /tmp directory. To do this we add the following entry to the samba config file:
[tmp] comment = Samba server's tmp directory locking = no path = /tmp guest ok = yes create mask = 0666 read only = no
Restart Samba
$ sudo /etc/init.d/samba restart
You may already have the PDF printer installed (as cups is installed by default) however, if you don't, simply run:
$ sudo apt-get install cups-pdf
We now need to tell the cups-pdf printer where to otput its files. System users have their files printed to the folder ~/PDF. This has implications for samba users too. If you mount samba shares as a system user on the server then your PDFs will be printed to that user's ~/PDF directory. This may be what you want.
The file we need to alter is /etc/cups/cups-pdf.conf, specifically the following two entries:
Out ${HOME}/PDF
The above entry details where PDFs are created for system users. Altering this affects all system users AND samba users who use system user credentials to mount drives. Change this to suit your needs. Next is the AnonDirName entry, change it to:
AnonDirName /tmp
Now any anonymous user will have their PDFs placed in /tmp to pickup via samba. Restart CUPS - on Hardy (and earlier?) this appears to be:
$ sudo /etc/init.d/cupsys restart
but on Jaunty (and later?) it may be:
$ sudo /etc/init.d/cups restart
Configuring Windows
The example here has been completed on a Windows Vista machine, but should be similar for other versions. First you need to browse to the computer:
Windows printers
and double-click the "PDF" printer, which will start to install the printer. A printer driver error message will be displayed indicating that the printer driver could not be found:
Windows printer driver error message
This is not a problem. Simply click "Ok" to continue the install. You will now need to select a printer driver to use with the printer. The printer works with PostScript documents so I selected a HP PostScript printer driver to use with it, the 'HP LaserJet Series 1200 PS' - CafeNinja tested with the 'IBM 4079 Color Jetprinter PS' driver and achieved successful results
Windows add printer wizard
Once the driver has been installed the printer's queue will be displayed. Don't worry about the "Access denied, unable to connect" message - this has never stopped it working for me:
Windows printer queue
From the printer queue window select Printer > Properties to get to the properties window. Then select to "Print Test Page" - closing any "sent test page" window box that may appear
Windows printer properties
Now browse to the /tmp directory and collect the Windows (recognisable) printed PDF. Take note that the output PDF is in color too!
Windows test page PDF
Caveats
A couple of things to remember...
- The PDF gets its name from the file that was being printed - this could lead to accidental overwrites
- The files do not get auto-deleted so you may wish to setup a cron job to do this periodically