Monthly Archives: February 2013

How to install the same debian packages on another system

The approach is simple: generate a list of installed packages on Debian-based systems and install this list of packages on the new box. This approach is useful when you want to install the same packages on another fresh OS install for example.

1. To export the list of installed packages, proceed as follows:
[codesyntax lang="bash"]

dpkg --get-selections | grep -v deinstall > LIST_FILE

[/codesyntax]

The file LIST_FILE is small so it can be emailed to yourself by using:
[codesyntax lang="bash"]

dpkg --get-selections | grep -v deinstall > LIST_FILE && cat LIST_FILE | mailx -s "`hostname -f`: Package list" "user@test.org"

[/codesyntax]

2. Once you’ve got your server up and running with a fresh base install
[codesyntax lang="bash"]

apt-get update
apt-get dist-upgrade

[/codesyntax]

3. Move your LIST_FILE file into your home directory and run the following commands to recover the previous generated list:
[codesyntax lang="bash"]

dpkg --clear-selections
dpkg --set-selections < LIST_FILE

[/codesyntax]

4. Install the packages
[codesyntax lang="bash"]

aptitude install

[/codesyntax]

How to setup a VPN using ssh and pppd

This is a step by step guide for setting up a VPN using pppd and ssh. To accomplish this you will need two Linux boxes, one acting as server and the second one as client. The "server" must have a static IP address or dynamic dns name. The firewall on both boxes must allow traffic on port that sshd listens.

Server side

1. Install some package to make our job easier later

for deb based linux boxes:
[codesyntax lang="bash"]

apt-get install ipcalc

[/codesyntax]

for rpm based linux boxes:
[codesyntax lang="bash"]

yum install whatmask

[/codesyntax]

2. Create a local account on server to be used by the clients that are connecting.

[codesyntax lang="bash"]

adduser --system --group vpn

[/codesyntax]

3. Modify /etc/passwd file
[codesyntax lang="bash"]

vim /etc/passwd
:%s/\/home\/vpn:\/bin\/false/\/home\/vpn:\/bin\/bash/g
:wq

[/codesyntax]

4. Set a password for vpn account. The vpn account password will only be used while doing the initial configuration of your VPN clients, so I strongly recommend NOT to use a weak password.
[codesyntax lang="bash"]

passwd vpn

[/codesyntax]

5. This vpn account needs rights to bring the ppp connection up and down as well as modify the system routing table. Edit your sudoers file:
[codesyntax lang="bash"]

sudo visudo

[/codesyntax]

and append the following lines to the end of the file:

vpn ALL=NOPASSWD: /usr/sbin/pppd
vpn ALL=NOPASSWD: /sbin/route

6. Finally, we need to log in as the vpn and set up a few bits in its home folder.
[codesyntax lang="bash"]

sudo su - vpn
cd ~
mkdir .ssh

[/codesyntax]

Client side

1. Assuming eth0 is network interface connected to the network determine the local network details
[codesyntax lang="bash"]

CLIENT_LAN_IF="eth0"
LOCAL_IP=`ifconfig ${CLIENT_LAN_IF} | grep inet | awk '{print $2}' | sed 's/addr://'`
LOCAL_MASK=`ifconfig ${CLIENT_LAN_IF} | grep inet | awk '{print $4}' | sed 's/Mask://' | sed 's/Scope:Link//'`
LOCAL_NETWORK=`ipcalc $LOCAL_IP $LOCAL_MASK -n -b | grep Network | awk '{print $2}'`

[/codesyntax]

2. Start vpn to server
[codesyntax lang="bash"]

sudo /usr/sbin/pppd updetach noauth passive pty "/usr/bin/ssh -P host -lvpn -i id_rsa -o Batchmode=yes sudo /usr/sbin/pppd nodetach notty noauth" ipparam vpn 192.168.1.238:192.168.1.237

[/codesyntax]

Note:

  • local IP address 192.168.1.238
  • remote IP address 192.168.1.237

3. Make the server our gateway
[codesyntax lang="bash"]

sudo route add -net $LOCAL_NETWORK gw 192.168.1.238

[/codesyntax]

Links:
http://tuxnetworks.blogspot.ro/2011/05/howto-easiest-vpn-setup-ever.html

How to install TestLink on CentOS 6.3

Few days ago, QA guys asked me to install a tool that will make their work easier. This tool, Testlink, is an open-source management tool which includes test specification, planning, reporting, requirements tracking and collaborate with well-known bug trackers.

Below I will show you step-by-step how to install TestLink on CentOS 6.3, including the troubleshooting steps for most commonly faced issues.

1. Download Testlink. Check if a new version than I used bellow is available (http://sourceforge.net/projects/testlink/files/)
[codesyntax lang="bash"]

mkdir work
cd work
wget -c http://downloads.sourceforge.net/project/testlink/TestLink%201.9/TestLink%201.9.5/testlink-1.9.5.tar.gz
tar xfz testlink-1.9.5.tar.gz
mv testlink-1.9.5/* testlink-1.9.5/.[^.]* /var/www/html/
rm -fr ~/work/testlink-1.9.5
chown -R apache:apache /var/www/html/*

[/codesyntax]

2. Install required packages
[codesyntax lang="bash"]

yum install mysql-server php php-mysql php-gd

[/codesyntax]

Note: if you want authentication against ldap you will have to also install php-ldap package

3. Optimize php configuration for TestLink.
[codesyntax lang="bash"]

vim /etc/php.ini
:%s/max_execution_time = 30/max_execution_time = 120/g
:%s/session.gc_maxlifetime = 1400/session.gc_maxlifetime = 2400/g
:wq

[/codesyntax]

4. Set apache and mysql services to start at boot
[codesyntax lang="bash"]

chkconfig httpd on
chkconfig mysqld on

[/codesyntax]

5. Start apache and mysql services

[codesyntax lang="bash"]

service httpd start
service mysqld start

[/codesyntax]

6. Set mysql root password

[codesyntax lang="bash"]

mysqladmin -u root password YOURPASSWORD

[/codesyntax]

7. Open 80/tcp port in firewall. Add the following rule to /etc/sysconfig/iptables
[codesyntax lang="bash"]

vim /etc/sysconfig/iptables

[/codesyntax]
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
[codesyntax lang="bash"]

:wq

[/codesyntax]

My /etc/sysconfig/iptables on TestLink machine is:
[codesyntax lang="bash"]

cat /etc/sysconfig/iptables

[/codesyntax]

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

If you don't want to have firewall on TestLink machine you can disable it
[codesyntax lang="bash"]

chkconfig iptables off
service iptables stop

[/codesyntax]

8. Restart firewall in order to apply the new rule
[codesyntax lang="bash"]

service iptables restart

[/codesyntax]

9. Create directories used by TestLink for logs and to upload files
[codesyntax lang="bash"]

mkdir -p /var/testlink/logs/
mkdir -p /var/testlink/upload_area/
chown apache:apache -R /var/testlink/

[/codesyntax]

11. Assuming all steps were carried out on a machine called testlink.test.org then open a browser and navigate to TestLink page http://testlink.test.org and setup first configuration.

Note: if you don't have a working DNS or this machine doesn't have a proper record in DNS server then you should navigate by the machine's IP: http://x.x.x.x/

12. Click "New installation"

13. Check I agree to the terms set out in this license and click Continue

14. A new checking report will be displayed. In this report shouldn't be fatal errors (maybe some warnings at most). If so, press Continue

15. Fill database access form and press Process TestLink Setup! button

Database host: localhost
Database name: testlink
Database admin login: root
Database admin password: YOURPASSWORD TestLink DB login: testlink
TestLink DB password: TESTLINK_PASSWORD

16. Remove Install directory
[codesyntax lang="bash"]

rm -fr /var/www/html/install/

[/codesyntax]

17. Modify the email settings
[codesyntax lang="bash"]

vim /var/www/html/custom_config.inc.php
:%s/\[smtp_host_not_configured]\/localhost/g
:%s/\[testlink_sysadmin_email_not_configured\]/root/g
:%s/\[from_email_not_configured\]/root/g
:%s/\[return_path_email_not_configured\]/root/g
:wq

[/codesyntax]

19. Set an alias for root, so all emails to root to go the new alias - this step is optional
[codesyntax lang="bash"]

vim /etc/aliases
root: testlink_admin@test.org
:wq

[/codesyntax]

[codesyntax lang="bash"]

newaliases

[/codesyntax]

Note: In my case I have postfix configured as smarthost, so I going to use localhost as email server. I am not going to cover postfix configuration here.

20. Login into application using default credentials (user: admin / password: admin)

21. Change admin default password

22. If TestLink mailing functionality is not working and you see in logs some error like bellow it's very likely that selinux is the issue there. One possible approach is to disable it

[>>][510fe10b8186e953397877][DEFAULT][/lostPassword.php][13/Feb/4 16:25:47]
        [13/Feb/4 16:25:47][WARNING][<nosession>][GUI]
                E_WARNING
fsockopen(): unable to connect to 127.0.0.1:25 (Permission denied) - in /var/www/html/third_party/phpmailer/class.smtp.php - Line 132
        [13/Feb/4 16:25:47][WARNING][<nosession>][GUI]
                E_NOTICE
Undefined variable: note - in /var/www/html/lostPassword.php - Line 49

[codesyntax lang="bash"]

vim /etc/sysconfig/selinux
:%s/SELINUX=enforcing/SELINUX=disabled/g
:wq

[/codesyntax]

[codesyntax lang="bash"]

reboot

[/codesyntax]

Links: