Zimbra - Distribution list control by Milter server

Enable Milter server

from web admin console:
Configure - Global Settings - MTA
check Enable milter server

by command:
[root@mail ~]$ su - zimbra
[zimbra@mail ~]$ zmprov ms `zmhostname` zimbraMilterServerEnabled TRUE
[zimbra@mail ~]$ zmmailboxdctl restart
Stopping mailboxd...done.
Starting mailboxd...done.

[zimbra@mail ~]$ zmmtactl restart
Rewriting configuration files...done.
postfix/postfix-script: refreshing the Postfix mail system Stopping saslauthd...done.
Starting saslauthd...done.
Stopping opendkim... done.
Started opendkim: pid 12355

[zimbra@mail ~]$ zmmilterctl start Starting milter server...done.
[zimbra@mail ~]$ zmmilterctl status Milter server is running.

Specific senders for a distribution list
zmprov grr dl distributionlist@yourdomain.dom usr user@yourdomain.dom SendToDistList

Allow specific domain to send to a distribution list 
zmprov grr dl distributionlist@yourdomain.dom dom thedomain.dom SendToDistList

Deny specific domain to send to a distribution list 
zmprov grr dl distributionlist@yourdomain.dom dom thedomain.dom -SendToDistList

CA management - tinyca

TinyCA is a program with a simple graphical user interface that makes managing a small CA (Certification Authority) easy.  TinyCA works as a frontend for openssl and can deal with several independent CAs.
With TinyCA you can create and manage x509 and S/MIME server and client certificates.  You can choose between RSA and DSA keys, as well as between different digest algorithms.
The certificates can be exported as PEM, DER, TXT and PKCS#12 or as a convenient archive containing both key and certificate.  Certificates can be revoked by adding them to a certificate revocation list.

RHEL6 disable ipv6

Edit /etc/sysconfig/network
Change the following:
NETWORKING_IPV6=yes to NETWORKING_IPV6=no

Add a new file /etc/modprobe.d/ECS.conf containing
alias net-pf-10 off
alias ipv6 off

Stop the ipv6tables service
service ip6tables stop

Disable the ipv6tables service
chkconfig ip6tables off

After these changes, IPv6 will be disabled after the next reboot of your system.

verify ipv6 is disable
lsmod | grep ipv6
ifconfig

netstat

ref.: http://linuxnet.ch/groups/linuxnet/revisions/5b3a1/6/

Delete comment using grep

grep -v ^\# myfile.conf | grep . > nocommentfile.conf

Samba join domain win2008 + squid authentication with ntlm_auth

Step:

1. upgrade samba to 3.5 (for win2008)
2. edit /etc/samba/smb.conf
3. edit /etc/krb5.conf
4. edit /etc/pam.d/system-auth
5. add winbind option in /etc/nsswitch.conf
6. config iptables to allow 139,445,389 port, or allow all for testing
7. change selinux to permissive or disable just for testing
8. setup time, ensure no more than 5 min different with your DC 
9. startup smb, winbind, oddjobd
10. join domain
11. test with wbinfo, kinit, ntlm_auth, check if your linux host appear in AD\computer ou
12. edit /etc/squid/squid.conf
13. make sure squid group have permission to access /var/lib/samba/winbindd_privilege folder
14. Startup squid
15. client pc proxy config
16. client pc edit group policy, change Network security: LAN Manager authentication level:Send LM & NTLM - use NTLMv2 
17. client pc test to access internet with user authentication

For detail please check here:

Desktop enhancement - Macubuntu

Extending LVM disks in Linux using Vmware virtual disks

Here is the current file system. It needs another 3Gb on the LogVol00 filesystem. The Linux system is a VMware virtual system with Virtual disks.

[root@dbvrac1 ~]# df -k
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
9127580 6692828 1971088 78% /
/dev/sda1 101086 12651 83216 14% /boot
none 596544 0 596544 0% /dev/shm

The partitions are as follows

[root@dbvrac1 ~]# sfdisk -s
/dev/sda: 10485760
/dev/sdb: 10485760
/dev/sdc: 10485760
/dev/sdd: 10485760
/dev/sde: 10485760
/dev/sdf: 10485760

First the Vmware virtual disks needs to increase. 13Gb is the new size. Shutdown the Vmware guest and resize the disk on the Vmware host:

# vmware-vdiskmanager -x 13GB dbvrac1.vmdk
Using log file /tmp/vmware-root/vdiskmanager.log
The old geometry C/H/S of the disk is: 1305/255/63
The new geometry C/H/S of the disk is: 1697/255/63
Disk expansion completed successfully.

Start up the Vmware guest again.
This has added space on the /dev/sda partition. This can be seen by running sfdisk -s again:

[root@dbvrac1 ~]# sfdisk -s
/dev/sda: 13631488
/dev/sdb: 10485760
/dev/sdc: 10485760
/dev/sdd: 10485760
/dev/sde: 10485760
/dev/sdf: 10485760

To use the space, a partition first has to be created on /dev/sda

[root@dbvrac1 ~]# ls -al /dev/sda*
brw-rw---- 1 root disk 8, 0 Jun 29 2009 /dev/sda
brw-rw---- 1 root disk 8, 1 Jun 29 2009 /dev/sda1
brw-rw---- 1 root disk 8, 2 Jun 29 2009 /dev/sda2

The new partition will be /dev/sda3.

[root@dbvrac1 /]# fdisk /dev/sda

Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 3
First cylinder (1306-1697, default 1306):
Using default value 1306
Last cylinder or +size or +sizeM or +sizeK (1306-1697, default 1697):
Using default value 1697

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

Validate that the new partition has been created

[root@dbvrac1 ~]# ls -al /dev/sda*
brw-rw---- 1 root disk 8, 0 Jun 29 2009 /dev/sda
brw-rw---- 1 root disk 8, 1 Jun 29 2009 /dev/sda1
brw-rw---- 1 root disk 8, 2 Jun 29 2009 /dev/sda2
brw-rw---- 1 root disk 8, 2 Jun 29 2009 /dev/sda3

/dev/sda3 is the new partition.
Reboot to load the new partition into the kernel.

Create a physical volume for LVM:

[root@dbvrac1 ~]# pvcreate /dev/sda3
Physical volume "/dev/sda3" successfully created

Add the new physical volume to the volume group:

[root@dbvrac1 ~]# vgextend VolGroup00 /dev/sda3
Volume group "VolGroup00" successfully extended

Extend the logical volume over the new space in the volume group.
Find out how much more space can be added:

[root@dbvrac1 ~]# vgdisplay
--- Volume group ---
VG Name VolGroup00
System ID
Format lvm2
Metadata Areas 2
Metadata Sequence No 4
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 2
Open LV 2
Max PV 0
Cur PV 2
Act PV 2
VG Size 12.88 GB
PE Size 32.00 MB
Total PE 412
Alloc PE / Size 315 / 9.84 GB
Free PE / Size 97 / 3.03 GB
VG UUID 7yenoW-lzsd-xK8a-j2Vj-qgty-TFXK-L0lhTL

There is 3.03Gb available.
Extend the volume:

[root@dbvrac1 ~]# lvextend -L+3.03G /dev/VolGroup00/LogVol00
Rounding up size to full physical extent 3.03 GB
Extending logical volume LogVol00 to 11.88 GB
Logical volume LogVol00 successfully resized

Resize the filesystem:

[root@dbvrac1 ~]# resize2fs /dev/VolGroup00/LogVol00
resize2fs 1.35 (28-Feb-2004)
/dev/VolGroup00/LogVol00 is mounted; can't resize a mounted filesystem!

Cannot use resize2fs as it is online. Use ext2online instead.

[root@dbvrac1 ~]# ext2online /dev/VolGroup00/LogVol00
ext2online v1.1.18 - 2001/03/18 for EXT2FS 0.5b

Check file system:

[root@dbvrac1 ~]# df -k
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
12256820 6695112 4940796 58% /
/dev/sda1 101086 12651 83216 14% /boot
none 596544 0 596544 0% /dev/shm

ref.: Extending LVM disks in Linux using Vmware virtual disks - Dbvisit Community

Creating a DVD Slideshow Using Imagination

The name of the program is Imagination which is available in repository
Export video format: VOB, FLV, 3GP, OGV

Install X server via YUM on Redhat/CentOS

First you can see all the yum groups available with the command:

yum grouplist

You can install X and Gnome or KDE like this:

yum groupinstall "X Window System" "GNOME Desktop Environment"

or

yum groupinstall "X Window System" "KDE (K Desktop Environment)"

You may also want to add some other groups from the list like "Graphical Internet" or "Office/Productivity"
ref: http://wikinux.wetpaint.com/page/Install+X+server+via+YUM+on+Redhat%2FCentOS

Migrate user accounts from linux server to another linux server

ref.: http://www.cyberciti.biz/faq/howto-move-migrate-user-accounts-old-to-new-server/

Backup
# mkdir /root/move/
# export UGIDLIMIT=500

# awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/passwd > /root/move/passwd.mig
# awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/group > /root/move/group.mig
# awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534) {print $1}' /etc/passwd | tee - |egrep -f - /etc/shadow > /root/move/shadow.mig
# cp /etc/gshadow /root/move/gshadow.mig
# tar -zcvpf /root/move/home.tar.gz /home
# tar -zcvpf /root/move/mail.tar.gz /var/spool/mail

Restore

# mkdir /root/newsusers.bak
# cp /etc/passwd /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak
# cd /path/to/location
# cat passwd.mig >> /etc/passwd
# cat group.mig >> /etc/group
# cat shadow.mig >> /etc/shadow
# /bin/cp gshadow.mig /etc/gshadow
# cd /
# tar -zxvf /path/to/location/home.tar.gz


# cd /
# tar -zxvf /path/to/location/mail.tar.gz
# reboot

Linux delete large number files (argument list too large when using rm)

ref.: http://linux.byexamples.com/archives/326/rm-complains-argument-list-too-long/

There is a limitation of rm command, where you can’t delete a large groups of files with *. For examples,

rm -rf something*

If there are large amount of files initiate with something, rm will fails and complains

/bin/rm: Argument list too long.

The solution is to make use of find, xargs and rm.

find . -name 'something*' -print0 | xargs -0 rm -rf  

Data Recovery with Linux

https://help.ubuntu.com/community/DataRecovery

http://www.cgsecurity.org/wiki/TestDisk

http://www.cgsecurity.org/wiki/PhotoRec

Full backup NTFS partition using Linux

Backup:
Suppose backup partition is sda1 (The first partition on master HD) and the backup data will store on another system/drive

0. Optional step, backup boot menu if your using multiboot. Do it in windows: bcdedit /export "C:\bcdbackup\bcdbackup"
1. Bootup with rescue CD
2. mount another location to place the backup data, as example we use sda2
> mkdir /mnt/backup
> mount /dev/sda2 /mnt/backup
> dd if=/dev/sda of=sda.mbr bs=512 count=1    <----Backup MBR
> sfdisk -l /dev/sda > sda.sf         <---Backup partition status
> ntfsclone --save-image -o - /dev/sda1 | gzip > sda1.pimg.gz <---Wait with coffee
3. Verify the backup data with "ls /mnt/backup"

Restore:
1. Bootup with rescue CD
2. Start to restore mbr, partition status and partition
> mkdir /mnt/backup
> mount /mnt/backup /dev/sda2
> cd /mnt/backup
> dd of=/dev/sda if=sda.mbr bs=512 count=1
> sfdisk -f /dev/sda < sda.sf
> mknod /dev/sda1 b 8 1     <------create special or ordinary file for sda1, so you need to check major and minor number
> gunzip < sda1.pimg.gz | ntfsclone -r -O /dev/sda1 -
3. Optional step, do it in windows: bcdedit /import "C:\bcdbackup\bcdbackup"

Ubuntu Document search

Good stuff for ubuntu player:
http://people.canonical.com/~kirkland/search.html

Tomcat5 + Apache on Centos

Install Tomcat5:
    The easy way is yum install tomcat5 tomcat5-webapps

Testing:
    netstat -ntlp  <-----------Check the default 8080 port is ready
    http://localhost:8080/   <------Test the url

If you don't wanna join tomcat to apache2 you can stop here.

Join Tomcat to Apache2
There are several ways to join tomcat to apache2

• jk  (mod_jk)
• http_proxy   (mod_proxy)
• proxy_ajp    (mod_proxy_ajp)

Now I use the easiest way - ajp_proxy:

vi /etc/httpd/conf.d/proxy_ajp.conf

LoadModule proxy_ajp_module modules/mod_proxy_ajp.so

ProxyPass /tomcat/ ajp://localhost:8009/

Double check the proxy_ajp.conf have included in httpd.conf

restart httpd and test with url "http://localhost/tomcat/"

Clamav install with yum in Centos

1: Create yum repository file
vi /etc/yum.repos.d/dag.repo
[dag]
name=Dag RPM Repository for RHEL5
baseurl=http://ftp.riken.jp/Linux/dag/redhat/el5/en/$basearch/dag/
enabled=1
gpgcheck=1

2: Download and import the key
wget http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt
rpm --import RPM-GPG-KEY.dag.txt

3: yum install clamd

Apache htaccess Digest Authentication config

Suppose the http document directory is /var/www/html
Step 1
Then create .htaccess file in it
vi /var/www/html/.htaccess
AuthName  "myauth"
Authtype  Digest
AuthDigestProvider file
AuthUserFile /etc/httpd/conf.d/.digpass
Require valid-user

Step 2
issue the follow command to create login account
htdigest -c /etc/httpd/conf.d/.digpass myauth tom

ps.: Don't forget to change "AllowOverride AuthConfig" in httpd.conf

Apache+SSL in Centos

1. Install package
yum install mod_ssl openssl

2. Create CA and generate Cert
# Generate private key 
openssl genrsa -out ca.key 1024 

# Generate CSR 
openssl req -new -key ca.key -out ca.csr

# Generate Self Signed Key
openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

# Move the files to the correct locations
mv ca.crt /etc/pki/tls/certs
mv ca.key /etc/pki/tls/private/ca.key
mv ca.csr /etc/pki/tls/private/ca.csr

3. Config SSL for httpd
Setup the path for the cert and ca key
vi /etc/httpd/conf.d/ssl.conf 
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key

4. Setup Virtual Host in Apache

<virtualhost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
<Directory /var/www/vhosts/yoursite.com/httpsdocs>
AllowOverride All
</directory>
DocumentRoot /var/www/vhosts/yoursite.com/httpsdocs
ServerName yoursite.com
</virtualhost>

/etc/init.d/httpd restart

Apache htaccess simple config

AllowOverride AuthConfig - Provide login screen before view the web site
Sample config:
httpd.conf

====================================
    Options FollowSymLinks
    AllowOverride AuthConfig
    Order allow,deny
    Allow from all

AccessFileName .htaccess

====================================

/var/www/html/.htaccess

====================================

AuthName     "htaccess protect"
Authtype     Basic
AuthUserFile /var/www/.htpasswd <---the .htpasswd file will be created later
require      valid-user
(or you can change to specify user "require user     tom")
====================================

Create .htpasswd file:
htpasswd -c /var/www/.htpasswd owner

Add another account:htpasswd /var/www/.htpasswd tom

Ubuntu 內的千千靜聽 － amarok

apt-get install amarok

https://help.ubuntu.com/community/Amarok