Linux Servers FAQ

• Fedora 16
• Fedora 15
• Fedora 14
• Fedora 13
• Fedora Core 5
• Fedora Core 4
• Fedora Core 3
• Fedora Core 2
• Fedora Core 2 accessing Windows NTFS
• HTTPS Redirect
• Fetchmail
• ECN Explicit Congestion Notification Signalling
• Mime Types & Mozilla
• Unicode files from Windows 2000/XP

Fedora 16

Installing
I have installed Fedora 16 with great sucess on my main desktop Intel Quad Core 6GB RAM and a Toshiba Laptop A100
With the Toshiba A100 the BFO and network install versions failed to recognise the network even though it should have found the Intel PRO/100VE 10/100baseT. In the end I had to use the I686 full DVD to get it working, the Intel Mobile 945GM graphics only works in Gnome fallback mode.
With the main desktop I used the X86_64 Network install and did a clean install, full Gnome 3.2 grahics works with the Radeon 3650.
Fedora 16 has been smooth and getting everything working was great.

Using the adobe repository I have installed flash-plugin and AdobeReader_enu so I had the latest AdobeReader and Flash for firefox. Adding the rpmfusion and livna repository's I was able to get DVD playback and web video playback working:-
yum install xine*
yum install gstreamer*
yum install gnome-mplayer*
yum install totem*
yum install audacious*
Yum install libdvdcss

Email
Email is as before using Postfix and Dovecot with Spamassassin and Clamav scanning implemented via clamassassin in procmailrc:-

#Uncomment the following lines to allow for logging
#
#LOGFILE=/var/log/procmail
#VERBOSE=ON
# The condition line ensures that only messages smaller than 250 kB
# (250 * 1024 = 256000 bytes) are processed by SpamAssassin. Most spam
# isn't bigger than a few k and working with big messages can bring
# SpamAssassin to its knees.
#
:0fw
| /usr/local/bin/clamassassin

:0fw
* < 256000

| /usr/bin/spamc

:0e
{
EXITCODE=$?
}

I using fetchmail to actually receive email. Evolution then fetches email via Dovecot from the local system, Sending is via my local ISP directly.
Having the local smtp server postfix allows me to receive emails from local machines and use users .promailrc to redirect spam emails to a separate local account.

Skype
On the Toshiba A100 laptop I686 fedora I now have Skype working with video. To get the Creative Live IM USB webcam to work I had to use this command to get it to work:-
"LD_PRELOAD=/usr/lib/lib4l/v4l1compat.so skype"
If your using it on 64bit Fedora 16 then use:-
"LD_PRELOAD=/usr/lib32/libv4l/v4l1compat.so skype"

Apache
Best way to install Apache Web Server is to do "yum groupinstall "Web Server". I wanted it for "squirrelmail" and https access, so I needed to setup SSL. Create self sign certificates for SSL acces go to "/etc/pki/tls/certs" and run "make your-host-name.key" and "make your-host-name.crt" then move "your-host-name.key" to /etc/pki/tls/private/. Now edit "/etc/httpd/conf.d/ssl.conf and enter you *.key and *.crt for the localhost versions. If you entered a pass phrase creating the certificates rather than using "" for the passphrase, you will need to enter it every time you start httpd.

TV Reception
Using a Pinnacle 72E Freeview USB stick and VLC I have TV playback on Fedora 16. The Pinnacle USB was recognised without problem, then using VLC and opening [Media][Open Capture Device] then choosing DVB for capture mode, then select play. DVB type seems to be for the UK DVB-S. When you hit play it then scans the frequencies to find the channels and finally starts on one channel. The [View][Playlist] shows the channels found a clicking on one plays that channel.

Gnome 3.2 clock setting
Found I needed to have the Gnome 3.2 top bar clock showing seconds and the date and the default gui under the full Gnome 3.2 doesn't give the option. So do it you have to use these commands

gsettings set org.gnome.shell.clock show-date true
gsettings set org.gnome.shell.clock show-seconds true

Fedora 15

Installing
Installed Fedora 15 on both by Mesh laptop and main desktop Intel Quad Core 6GB RAM raid 0 600GB Radeon 3650I. On the laptop I used the fedora BFO disk successfully, but on the main desktop the Fedora BFO failed and rebooted having fetched the initrd, in the end I used the Live Fedora 15 Gnome CD and the installed it on the hard disk.
The old Mesh laptop with its openchrome graphics uses the non-3D basic Gnome 3 desktop. The main desktop with radeon 3650I has the full Gnome 3 active desktop.
Now have been using Fedora 15 for nearly month and really enjoy the new Gnome 3 active desktop.
Found JAVA wasn't working in the browser had to install java-1.6.0-openjdk-plugin to get JAVA working in the browser.

ADOBE FLASH
Adobe have now released 64bit flash with working sound with no clicks:-
http://www.adobe.com/

Disabling IPV6
Found log files filling up with named errors trying to resolve all DNS lookups in ipv6 as well as ipv4, resulting in slow lookups. On by ipv4 only network. I have now disabled ipv6 and dns lookups are alot faster, this how:-

Hardware Inventory Tools

Fedora 14

Corrupted sound in FLASH playback in a web browser
I have Adobe flashplayer10_2_p3_64bit_linux_111710 installed it gives distorted sound in most flash movies.
The bugzilla https://bugzilla.redhat.com/show_bug.cgi?id=638477#c38 describes the problem.
To solve the problem until Adobe fixes the problem, I installed memcpy-1.1-1.fc14.x86_64.rpm from the URL above.
Then created a application short cut to run "/usr/bin/memcpy-preload.sh google-chrome".
This patch works for me. You can also create a short cut for firefox.

Email Setup
You may be interested how I check and clean up email.
Evolution
Dovecot
Postfix
spamassassin
razor2
fetchmail

Email is fetched via "fetchmail" from multiple accounts and fed to "postfix" through a script /etc/procmailrc that passes the emails through "spamd" and "razor2". Individual /home/user/.procmailrc files move any emails labelled as spam to a separate "spam" account. Therefore each user has cleaned email for "Evolution" to fetch via IMAP from "dovecot". Evolution sends emails directly via the ISPs email servers (not local postfix). The separate "spam" account has all the spam emails. Evolutions own spamassassin checking uses the spam users .spamassassin so having labelled new emails in Evolution it updates the same spam filters using spamassassin before the emails enter their mailbox. All spam therefore ends up in a separate account. Having backed up my previous user/.spamassassin and user/.razor even though I reformatted by system with a clean install having reinstated them my spam checking is a good as ever.

Installing
I have now reinstalled my main desktop Intel Quad Core 6GB RAM raid 0 600GB Radeon 3650 with Fedora 14, previously Fedora 13. Tried "preupgrade" but that complain of not enough space in /boot. I therefore downloaded the Fedora 14 x86_64 net install CD. From previous installs I chose basic video install. Anaconda numbered Eth0 and Eth1 differently to the installed Fedora 14 so configuring the right Ethernet interface was problematic and eventually done by trial and error. Otherwise everything seems to be working in Fedora 14. Using the "radeon" driver for my Radeon 3650 I get 1780 fps in glxgears, everything graphically looks great. I don't play games

I have also installed Fedora 14 x86_64 on my Mesh Pegasus 15 Althon 64 +3400 1GB laptop as a clean install. Only problem I had was Anaconda didn't recognise the laptop's Openchrome LCD graphics and thus used an inappropriate Vesa Mode. Had to boot to init 3 and create a /etc/X11/xorg.conf to complete graphical install. Should have chosen"basic" graphics mode at install!

On my main desktop and backup server the easiest way to install Fedora is the boot.fedoraproject.org http://boot.fedoraproject.org/index CD, It requires a Internet connection but always gets the latest bits. I can highly recommend the boot disk for install or diagnostics.

Also preformed a upgrade from Fedora 13 I386 to fedora 14 I386 on by basic backup server very few services. I did this via the net install CD. All went well this server was last clean installed at fedora 9. Only had problem with NFS permissions see below.

Got DVD playback working:-

Added rpmfusion yum repository then
yum install xine*
yum install gstreamer*
yum install gnome-mplayer*
yum install totem*
yum install audacious*

Yum install libdvdcss

NFS between two servers
I have been using NFS between two before Fedora 14 servers no NIS domain but the same uid and gid on both servers. With the upgrade to Fedora 14 all users over NFS mounts were being squahed to "nobody"!. Turns out for NFS version 4 you need to setup /etc/idmapd.conf and setup the local domain name so both server trust each other. User and groups now preserved!

Looks Great and no other problems as yet.

Fedora 13

Using fedora 13 x86_64 as my main desktop and Windows Domain Controller for windows PC, proving very stable. Thanks to all the fedora developers.

Tend to find I need to restart "named" and "ntpd" on each restart as they start before NetworkManager brings up the default Ethernet connection, thus fail to bind. If you note you can't access the internet on a restart, restart "named".

Selinux Configuration
How to configure Selinux to work with programs throwing access denied in messages or audit:-

yum install checkpolicy ;to get checkmodule

#grep avc /var/log/audit/audit.log > avm
#audit2allow -M local < avm
#semodule -i local.pp

Don't show login names assuming your using GDM:-

Found I had to show login names on install else couldn't login in!

gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --type bool --set /apps/gdm/simple-greeter/disable_user_list true

Kernel lockups
Had a complete lockup removed power but corrupted "/dev/mapper/vg_lquad-lv_root on / type ext4 (rw)"
Had to manually run fsck in recovery console

#fsck -rf -t ext4 dev/mapper/vg_lquad-lv_root

Had to manually answer yes to fixed errors.

Filesystem Check at Boot
To force a filesystem check at boot create empty file:-

touch /forcefsck

The file is removed once the filesystem check produces a clean volume.

Concatenating PDF files and adding security

pdftk file1.pdf file2.pdf file3.pdf cat output finished.pdf owner_pw {password} allow Printing

This producing a PDF file anyone can open and print but nothing else.

GMIXER
Installed gmixer ALSA audio mixer to get the ability to play the radio (on Line-in).

The gnome-sound-properties doesn't support Line-in on by Creative sound card !

SYSLOG
How to get syslog looging separate machines in separate log files

/etc/rsyslog.conf :-

# Don't log your systems own messages add your own IP address as it will now be logged separately!

*.info;mail.none;authpriv.none;cron.none,192.168.191.1 Vigor.none /var/log/messages

$template DynaFile,"/var/log/system-%HOSTNAME%.log" *.* -?DynaFile

/etc/logrotate.conf

/var/log/system-lquad.log {
rotate 4
weekly
postrotate
# /usr/bin/killall -HUP syslogd
endscript
}

Cron tab GUI editor

http://piki.org/patrick/gat/

Fedora Core 5

If you have enjoyed Fedora Core 4, I can higly recommend upgrading to Fedora 5 and have been using it myself from a week after it's release.

To enable RTSP real audio streaming protocol to use realplay in firefox. Open firefox and about:config then create a "new string" of network.protocol-handler.app.rtsp with value "/usr/bin/realplay".

I have had problems with the 2.6.17 kernels and RAID arrays on Promise FastTrak 20376 as boot devices. But rebuilding initrd for the particular 2.6.17 kernel on your system seems to fix the problem:-

Fedora Core 4

If you have enjoyed Fedora Core 3, I can higly recommend upgrading to Fedora 4 and have been using it myself from a week after it's release.

Fedora Core 3

If you have enjoyed Fedora Core 2, I can higly recommend upgrading to Fedora 3

Fedora Core 2

While Fedora Core 2 is not recommended for production enviroments I can confirm it is proving very reliable and use it for my own dektop. Below is some of the workarounds and extras you may need:-

Fedora Core 2 accessing Windows NTFS

The Fedora Core 2 like other Redhat releases doesn't include support for accessing Windows NTFS partitons as standard. You can add the Open Source NTFS driver support by recompling the kernel with NTFS enabled, or download precomplied versions from below:-
http://linux-ntfs.sourceforge.net/rpm/fedora2.html

Note at present the NTFS linux support only allows read-only access so you may want to also create a Windows FAT32 partition on a dual boot system for the common interchange of files between Windows NT/2000/XP NTFS partitions and Linux. Please see full Linux NTFS detials on:-
http://linux-ntfs.sourceforge.net/info/ntfs.html

HTTPS Redirect

To intercept all requests and redirect them to HTTPS port 443, use the following rewrite script in the Apache httpd.conf:-

What this does is act on any connection which does not come in on port 443. The neat thing is that it then takes everything in the URL after the first slash with the (.*) and remembers it as $1. By "after the first slash" I mean after the slash at the end of http://www.domain.com/ <-- that last slash. So everything after that slash, that is the internal URL, is memorized. The URL is then rewritten as https://www.domain.com/$1 where "www.domain.com" came from the SERVER_NAME httpd variable and $1 is the internal URL as memorized earlier.

Fetchmail

The ideal way of your email server receiving Email is to have a permanent connection to the Internet with SMTP [tcp port 25] open so other Email servers can automatically send you any mail for your domain. Unfortunately in the real world many users only have slow connections to the Internet so SMTP mail retrieval is not a practical option

With linux being used more and more for small email servers and embedded Internet appliances such as the Cobalt Qube3, many users are forced to use POP3 to retrieve email from a global POP account. Fetchmail is the common utility used for this purpose even if hidden by a user interface as in many Internet appliances

Fetchmail is a remote-mail retrieval and forwarding utility intended to be used over dial up TCP/IP links. It supports every remote-mail protocol now in use on the Internet: POP2, POP3, RPOP, APOP, KPOP, all flavours of IMAP, ETRN, and ODMR. Fetchmail retrieves mail from remote mail servers and forwards it via SMTP, to the normal linux SMTP servers agents such as postfix, sendmail, mutt, elm(1) or BSD Mail.

While Fetchmail is a excellent utility it can have one notably problem/feature that needs to be taken into account, when configuring how often Fetchmail polls the remote mail box. Most POP3 accounts don't allow multiple connections yet alot of early linux distributions will automatically start another Fetchmail access if the poll time has expired since the last POP3 access started. If the previous remote mail access hasn't completed yet due to an excess of email waiting at the ISP, and the next Fetchmail access starts this often aborts the previous access. The result is all the email the previous access fetched before being aborted is not deleted from the remote ISP. The next access again fails to fetch all the email within the interval before the next access starts so the same email is read time and time again without removing it from the remote ISP. It is therefore important to consider the speed of your Internet connection and performance of your remote ISP mail server when determining how often to poll the remote mail box. This problem can also occur if your ISP disconnects you due to say a 2 hour limit. See the following example for 64Kbps slow internet:-

Slow internet and Fetchmail Poll Rates

If you inadvertently end up with a dead lock with mail being continually read multiple times, the answer is to increase the Fetchmail poll interval to something very large, allow all the waiting email to be retrieved in one go without another access starting. Clear the remote mailbox in this way, then reset the poll interval once your sure all the email has been successfully retrieved and removed from the remote ISP mailbox

Mime Types & Mozilla

Having problems with mime types and Mozilla and trying to get it play multimedia like Real Audio. You need to check out the following three files:-

Unicode text files from Windows 2000/XP

Have you downloaded log files or the like from Windows 2000/XP servers to your linux system only to find they appear unreadable and double spaced with control characters. The file will be in Unicode UTF-16 format where your Linux system is almost certainly wants ISO-8859-1 or UTF-8 character encoding.

You can use "iconv" to convert files between differnet character formats. On our Red Hat system the command syntax is as below, on others check your man pages:-

Send mail to with any comments about this web site.
Last modified: 01 February 2012

www.linnetsol.co.uk © 2012 Linnet Solutions Ltd
All Rights Reserved