Tuesday, June 26, 2007

Qmail

mkdir /downloads
wget http://www.qmailrocks.org/downloads/qmailrocks.tar.gz
tar -zxvf qmailrocks.tar.gz
cd /downloads/qmailrocks/scripts/install/
./qmr_install_linux-s1.script
--> /var/qmail
--> users and groups
--> /usr/src/qmail
--> untars qmail and ucspi-tcp in /usr/src/qmail
--> untars daemontools in /package
--> /var/log/qmail
--> creates dir qmail-send qmail-smtpd qmail-pop3d under /var/log/qmail
--> /var/qmail/supervise
--> qmail-smtpd/log qmail-send/log qmail-pop3d/log

cd /downloads/qmailrocks/scripts/util/
./qmail_big_patches.script
--> jumbo patches for qmail

=========================
BUILD QMAIL
=========================

hostname --fqdn
cd /usr/src/qmail/qmail-1.03
make man && make setup check
--> populates /var/qmail
./config-fast linux.box.com
--> populates /var/qmail/control

=========================
build ucspi-tcp
=========================

cd /usr/src/qmail/ucspi-tcp-0.88/
patch < /downloads/qmailrocks/patches/ucspi-tcp-0.88.errno.patch
output: patching file error.h
make && make setup check

=========================
build daemontools.
=========================
cd /package/admin/daemontools-0.76/src
patch < /downloads/qmailrocks/patches/daemontools-0.76.errno.patch
output: patching file error.h
cd /package/admin/daemontools-0.76
package/install

/command/svscanboot
svscan /service

========================
Autoresponder
========================

cd /downloads/qmailrocks
tar zxvf autorespond-2.0.5.tar.gz
cd autorespond-2.0.5
make && make install

========================
Vpopmail
========================

cd /downloads/qmailrocks
tar zxvf vpopmail-5.4.13.tar.gz
cd vpopmail-5.4.13
./configure --enable-logging=p
make && make install-strip

========================
Vqadmin
========================

cd /downloads/qmailrocks
tar zxvf vqadmin-2.3.6.tar.gz
cd vqadmin-2.3.6
./configure --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/html
make && make install-strip

mkdir /var/www/cgi-bin/vqadmin

httpd.conf
-------------------------------------------------------

deny from all
Options ExecCGI
AllowOverride AuthConfig
Order deny,allow


vi /var/www/cgi-bin/vqadmin/.htaccess
-------------------------------------------------------
AuthType Basic
AuthUserFile /var/www/vqadmin.passwd
AuthName vQadmin
require valid-user
satisfy any

htpasswd -c /var/www/vqadmin.passwd admin
chmod 644 /var/www/vqadmin.passwd
chown vpopmail:vchkpw /var/www/cgi-bin/vqadmin/vqadmin.cgi

http://10.5.1.100/cgi-bin/vqadmin/vqadmin.cgi

/home/vpopmail/bin/vadddomain anecho.net

========================
Maildrop
========================

cd /downloads/qmailrocks
tar zxvf maildrop-1.6.3.tar.gz
cd maildrop-1.6.3

./configure --prefix=/usr/local --exec-prefix=/usr/local --enable-maildrop-uid=root --enable-maildrop-gid=vchkpw --enable-maildirquota

make && make install-strip && make install-man

========================
Qmailadmin
========================

cd /downloads/qmailrocks
tar zxvf qmailadmin-1.2.9.tar.gz
cd qmailadmin-1.2.9
./configure --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/html
make && make install-strip

http://10.5.1.100/cgi-bin/qmailadmin
fpostmaster account and password for the domain that you created a while back using Vqadmin


========================
Finalizing Qmail
========================

/downloads/qmailrocks/scripts/finalize/linux/finalize_linux.script

vi /var/qmail/supervise/qmail-pop3d/run
change "mail.example.com" to linux.box.com

vi /var/qmail/supervise/qmail-smtpd/run
change "mail.example.com" to linux.box.com

qmailctl stop

echo '127.:allow,RELAYCLIENT=""' >> /etc/tcp.smtp
qmailctl cdb


-----------------------
system aliases
-----------------------
echo mailadm > /var/qmail/alias/.qmail-root
echo mailadm > /var/qmail/alias/.qmail-postmaster
echo mailadm > /var/qmail/alias/.qmail-mailer-daemon
ln -s /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-anonymous
chmod 644 /var/qmail/alias/.qmail*

=========================
Disabling Sendmail
=========================
service sendmail stop
mv /usr/lib/sendmail /usr/lib/sendmail.old
mv /usr/sbin/sendmail /usr/sbin/sendmail.old
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail

=========================
Starting qmail
=========================
- checking the installation
/downloads/qmailrocks/scripts/util/qmr_inst_check
you should get "congratulations" message

qmailctl start

=========================
Courier-imap/imaps
=========================

Courier-imap along with Courierpassd, Courier-authlib

Courier IMAP authentication with "vchkpw"
Courierpassd is a utility that allows users to change their mailbox passwords remotely.

-----------------------
courier-authlib
-----------------------
cd /downloads/qmailrocks/
tar jxvf courier-authlib-0.55.tar.bz2
cd courier-authlib-0.55
./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat

make && make check
make install-strip && make install-configure

vi /etc/rc.local
Add the following line:
/usr/local/sbin/authdaemond start

-----------------------
Courier IMAP
-----------------------
cd /downloads/qmailrocks/
tar jxvf courier-imap-4.0.2.tar.bz2
useradd lino
chown -R lino:root courier-imap-4.0.2
cd /downloads/qmailrocks/courier-imap-4.0.2
su lino
./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat
make && make check


Now we will exit out of our NON-ROOT USER and go back to being root...
exit
make install-strip && make install-configure

==>
-----------------------
SSL certificate for the IMAP-SSL server
-----------------------

vi /usr/local/etc/imapd.cnf
emailAddress=postmaser@linux.box.com

/usr/local/sbin/mkimapdcert
--> it creates /usr/local/share/imapd.pem

vi /usr/local/etc/imapd
IMAPDSTART=YES

vi /usr/local/etc/imapd-ssl
IMAPDSSLSTART=YES
TLS_CERTFILE=/usr/local/share/imapd.pem

vi /usr/local/etc/authlib/authdaemonrc
# Comment out this line
# authmodulelist="authuserdb authpam authcustom authvchkpw"
# copy the below line
authmodulelist="authvchkpw"

cp /usr/local/libexec/imapd.rc /etc/rc.d/init.d/imap
cp /usr/local/libexec/imapd-ssl.rc /etc/rc.d/init.d/imaps

Now let's start up Authdaemond, IMAP and IMAPS.

/usr/local/sbin/authdaemond stop
/usr/local/sbin/authdaemond start
/etc/rc.d/init.d/imap stop
/etc/rc.d/init.d/imaps stop
/etc/rc.d/init.d/imap start
/etc/rc.d/init.d/imaps start


If you run
# nmap localhost
you should see both 143 and 993 now open and listening.
Now let's test it...

# telnet localhost 143
a login madunix@box.com madunix
a OK LOGIN Ok. (successful login!)
a logout

you can configure a mail client such as Outlook to test both the IMAP and IMAP-SSL connetion to your server.

------------------------------
Courierpassd
------------------------------

Note: Courierpassd will require that port 106 be open to at least local traffic (traffic from 127.0.0.1)

# cd /downloads/qmailrocks
# tar zxvf courierpassd-1.1.0-RC1.tar.gz
# cd courierpassd-1.1.0-RC1
# ./configure
==>
# make && make install

We are going to configure Xinetd to run courierpassd.

# cd /etc/xinetd.d
# vi courierpassd
service courierpassd
{
port = 106
socket_type = stream
protocol = tcp
user = root
server = /usr/local/sbin/courierpassd
server_args = -s imap
wait = no
only_from = 127.0.0.1
instances = 4
disable = no
}


# vi /etc/services
courierpassd 106/tcp #for /etc/xinetd.d/courierpassd

# /etc/rc.d/init.d/xinetd restart

# telnet localhost 106
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
200 courierpassd v0.30 hello, who are you?
user madunix@box.com
200 Your password please.
pass madunix
200 Your new password please.
newpass n0uresh
200 Password changed, thank-you.
quit
200 Bye.
Connection closed by foreign host.

------------------------------
Squirrelmail
------------------------------

--> check whether PHP is installed

# cd /var/www/html
# vi test.php
phpinfo();
?>

http://10.5.1.100/test.php

search for these options:
--enable-track-vars
--enable-force-cgi-redirect
--with-gettext
--with-mysql

vi /etc/php.ini
# search for this string
file_uploads = On

# rpm -evv squirrelmail
# cd /downloads/qmailrocks
# tar -jxvf squirrelmail-1.4.8.tar.bz2
# mv squirrelmail-1.4.8 webmail
# mkdir /var/sqattachements
# chown -R apache:apache /var/sqattachements
# cd webmail
# chown -R apache:apache data
# cd config
# ./conf.pl

--> For 2. Server Settings
Command>> 2

1. Domain : 10.5.1.100
2. Invert Time : false
3. Sendmail or SMTP : SMTP

--> For IMAP settings
Command>> A

4. IMAP Server : localhost
5. IMAP Port : 143
6. Authentication type : login
7. Secure IMAP (TLS) : false
8. Server software : other
9. Delimiter : detect

--> B. Update SMTP Settings
Command>> B

4. SMTP Server : localhost
5. SMTP Port : 25
6. POP before SMTP : false
7. SMTP Authentication : login
8. Secure SMTP (TLS) : false

--> Save data
Command >> S

# mv webmail/ /var/www/html

# http://10.5.1.100/webmail

--> download change_password plugin from squirrelmail.org

# tar -zxvf change_pass-2.7-1.4.x.tar.gz
# cd /var/www/html/webmail/plugins
# cp -r /downloads/qmailrocks/change_pass .
# cd /var/www/html/webmail/config
# ./conf.pl

Choose the option for "plugins".
--> add plugin "change_pass"

=======================
Checking/Installing Perl Modules
=======================

You will need these Perl Modules to work for Spamassassin and Qmail-Scanner
Digest::SHA1
Digest::HMAC
Net::DNS
Time::HiRes
HTML::Tagset
HTML::Parser
Pod::Usage
Parse::Syslog
Statistics::Distributions

You will also need these other packages:
perl-suidperl
unzip

How do I know if my server has these perl modules?
/downloads/qmailrocks/scripts/util/check_perlmods.script


==========================
Clam Anti Virus
==========================
cd /downloads/qmailrocks/
rpm -Uvh clamav-0.87-1.i386.rpm
rpm -Uvh clamav-devel-0.87-1.i386.rpm

# vi /etc/clamd.conf
LogFile /var/log/clamav/clamd.log
"LogTime" - should be uncommmented.
"LogSyslog" - should be uncommented.
#User clamav --> Comment it out, add the below
User qscand
"ScanMail" - should be uncommented.

Now we are going to create the qscand user that ClamAV

# useradd -c "Qmail-Scanner Account" -s /bin/false qscand
# chown -R qscand:qscand /var/log/clamav/
# /etc/init.d/clamd stop
# /etc/init.d/clamd start

--> Update with the latest virus definiations

# touch /var/log/clamav/clam-update.log
# chown -R qscand:qscand /var/log/clamav/
# /usr/bin/freshclam -l /var/log/clamav/clam-update.log

ClamAV update process started at Sun Oct 24 23:36:22 2004
main.cvd is up to date (version: 27, sigs: 23982, f-level: 2, builder: tomek)
daily.cvd is up to date (version: 549, sigs: 1583, f-level: 3, builder: ccordes)


--> run update of virus definitions at 1:25 am
# crontab -e
25 1 * * * /usr/bin/freshclam --quiet -l /var/log/clamav/freshclam.log

--. Clam AV quarantines the e-mail in /var/spool/qmailscan/quarantine
--> Clamd runs on port 3310

==================
Spamassassin
==================
--> Spamassassin utilizes port 783

# rpm -e spamassassin

# cd /downloads/qmailrocks/perlmods/rpms/
# rpm -Uvh perl-Mail-SpamAssassin-3.0.2-1.i386.rpm

--> Now let's install the Spamassassin RPMs
# cd /downloads/qmailrocks/
# rpm -Uvh spamassassin-3.0.2-1.i386.rpm
# rpm -Uvh --nodeps spamassassin-tools-3.0.2-1.i386.rpm

# groupadd spamd
# useradd -g spamd -s /home/spamd spamd

# vi /etc/sysconfig/spamassassin
SPAMDOPTIONS="-x -u spamd -H /home/spamd -d"

# vi /etc/mail/spamassassin/local.cf
required_hits 5

# /etc/rc.d/init.d/spamassassin start
# ps aux | grep spamd

# chkconfig --level 35 clamd on
# chkconfig --level 35 spamassassin on

====================================
qmail-scanner w/qms-analog
====================================

. Qms-analog incorporated the widely used qmail-scanner-st patch but it also adds some cool reporting functionality as well which we will utilize later in this installation guide

# cd /downloads/qmailrocks
# tar zxvf qmail-scanner-1.25.tgz
# tar zxvf qms-analog-0.4.2.tar.gz
# cd qms-analog-0.4.2
# make all

# cp qmail-scanner-1.25-st-qms-20050219.patch /downloads/qmailrocks/qmail-scanner-1.25/
# cd /downloads/qmailrocks/qmail-scanner-1.25
# patch -p1 qmail-scanner-1.25-st-qms-20050219.patch

Monday, June 25, 2007

Adding common MS Windows Fonts to 10g Reports server on UNIX OS

Cross-Platform issues when you develop Reports on Windows AS ,
and deploy it on Linux AS.

Backup the files/direcories before your work with it

$ORACLE_HOME/guicommon/tk/admin/AFM
$ORACLE_HOME/guicommon/tk/admin/TTF
-------------------------------------------------------------------
Modifies the following files:

$ORACLE_HOME/guicommon/tk/admin/uiprint.txt
dummy:PostScript:2:dummy printer for PDF output:default.ppd:
----------------------------------------------------
$ORACLE_HOME/guicommon/tk/admin/uifont.ali
Comment out any font aliases found under the sections [ Global ] , [ Printer:PostScript1 ] and [PDF] e.g.
The order here is important, the plain font alias must be last in the PDF subset list)
[ PDF:Subset ]
Arial..Italic.Bold.. = "arialbi.ttf"
Arial...Bold.. = "arialbd.ttf"
Arial..Italic... = "ariali.ttf"
Arial..... = "arial.ttf"
-----------------------------------------

$ORACLE_HOME/guicommon/tk/admin/PPD/datap462.ppd
*DefaultFont: Arial
*%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
*%Font Arial: Standard "(001.004)" Standard ROM
*%Font Arial-Italic: Standard "(001.004)" Standard ROM
*%Font Arial-Bold: Standard "(001.004)" Standard ROM
*%Font Arial-BoldItalic: Standard "(001.004)" Standard ROM
*%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
*Font Arial: Special "(001.001)" Special ROM
*Font Ariali: Special "(001.001)" Special ROM
*Font Arialbd: Special "(001.001)" Special ROM
*Font Arialbi: Special "(001.001)" Special ROM
----------------------------------------------------

screenprinter.ppd
*DefaultFont: Arial
*Font Arial: Standard "(001.001)" Standard ROM
*Font Ariali: Standard "(001.001)" Standard ROM
*Font Arialbd: Standard "(001.001)" Standard ROM
*Font Arialbi: Standard "(001.001)" Standard ROM

---------------------------------------------------
$ORACLE_HOME/bin/reports.sh
make sure you define REPORTS_PATH=$REPORTS_PATH:$ORACLE_HOME/guicommon/tk/admin/TTF; export REPORTS_PATH

RW=$ORACLE_HOME/reports; export RW
#REPORTS_PATH=$REPORTS_PATH:$ORACLE_HOME/guicommon/tk/admin/TTF:$ORACLE_HOME/reports/templates:$ORACLE_HOME/reports/samples/demo:$ORACLE_HOME/reports/integ:$ORACLE_HOME/reports/printers:${REPORTS_PATH}; export REPORTS_PATH
#REPORTS_PATH=$REPORTS_PATH:$ORACLE_HOME/guicommon/tk/admin/TTF; export REPORTS_PATH
#REPORTS_PATH=$ORACLE_HOME/guicommon/tk/admin/TTF; export REPORTS_PATH
REPORTS_PATH=$ORACLE_HOME/reports/templates:$ORACLE_HOME/reports/samples/demo:/home/oracleas/OraHome_1/guicommon/tk/admin/PPD:/home/oracleas/OraHome_1/guicommon/tk/admin/AFM:$REPORTS_PATH:$ORACLE_HOME/guicommon/tk/admin/TTF:$ORACLE_HOME/reports/integ:$ORACLE_HOME/reports/printers:${REPORTS_PATH}; export REPORTS_PATH
REPORTS_TMP=/tmp; export REPORTS_TMP
REPORTS_NO_DUMMY_PRINTER=TRUE; export REPORTS_NO_DUMMY_PRINTER
REPORTS_TAGLIB_URI=/WEB-INF/lib/reports_tld.jar; export REPORTS_TAGLIB_URI
REPORTS_CLASSPATH=$ORACLE_HOME/reports/jlib/rwbuilder.jar:$ORACLE_HOME/reports/jlib/rwrun.jar:$ORACLE_HOME/jlib/zrclient.jar:$ORACLE_HOME/j2ee/home/oc4j.jar:$ORACLE_HOME/j2ee/home/lib/ojsp.jar; export REPORTS_CLASSPATH
#NLS_LANG=AMERICAN_AMERICA.WE8ISO8859P1; export NLS_LANG
#NLS_LANG=AMERICAN_AMERICA.AR8MSWIN1256; export NLS_LANG
NLS_LANG=ARABIC_*.AR8MSWIN1256; export NLS_LANG
## Icon variable for Solaris platform
TK_ICON=$ORACLE_HOME/reports/plugins/resource; export TK_ICON
#PRINTER=fontprinter;export PRINTER
#TK_PRINT_STATUS=echo;export TK_PRINT_STATUS
TK_PRINTER=dummy ; export TK_PRINTER
TK_PRINT_STATUS='echo %n is valid'; export TK_PRINT_STATUS
DEBUG_SLFIND=/tmp/reports.log export DEBUG_SLFIND
#PRINTER=fontprinter;export PRINTER
#TK_PRINT_STATUS=echo;export TK_PRINT_STATUS
REPORTS_PATH=$REPORTS_PATH:$ORACLE_HOME/guicommon/tk/admin/TTF:$ORACLE_HOME/guicommon/tk/admin/TTF;export REPORTS_PATH
#PRINTER=fontprinter;export PRINTER
#TK_PRINT_STATUS=echo;export TK_PRINT_STATUS

--------------------------------------------------------------
In the file datap462.ppd Comment the Symbol font by changing

*Font Symbol: Special "(001.001)" Special ROM
*%Font Symbol: Special "(001.001)" Special ROM

in the $ORACLE_HOME/guicommon/tk/admin/AFM Rename file
rename Symbol to Symbol.afm
--------------------------------------------------------------------------
From the MS Windows machine, ftp (in binary mode) the ttf files for the font styles to the target Unix machine e.g.
Arial fonts
----------------------------------------------------------------------
download ttf2pt1 open source tools
http://sourceforge.net/project/showfiles.php?group_id=4594
----------------------------------------------------------------------------
use the ttf2pt1 open source tools to convert AFM
/downloads/ttf2pt1-3.4.4/ttf2pt1 -l plane+0x06 arial.ttf
repeat this for all arial types will be used in the form

-----------------------------------------------------------------------------------------
place the generated AFM files through the ttf files to the AFM folders under Oracle AS /gui.../tk/admin/AFM
/AFM folder should show this
ls -al Ar*
ArabicTransparent
ArabicTransparent-Bold
Arial
Arialbd
Arialbi
Arial-BoldItalicMT
Arial-BoldMT
Ariali
Arial-ItalicMT
ArialMT
ArialNarrow
ArialNarrow-Bold
ArialNarrow-BoldItalic
ArialNarrow-Italic
------------------------------
/TTF folder should show this
$ls -al ar*
arialbd.ttf
arialbi.ttf
ariali.ttf
arial.ttf
ariblk.ttf
artrbdo.ttf
artro.ttf
-------------------------------------------------------

Monday, May 14, 2007

LAMP (php+mysql+apache)

1.prepare to install

main install file:

httpd-2.2.0.tar.gz
mysql-max-5.0.21-linux-i686-glibc23.tar.gz
php-5.1.2.tar.gz

php install file:

libxml2-2.6.19.tar.gz
libxslt-1.1.15.tar.gz
ActivePerl-5.8.8.817-i686-linux-2.2.17-gcc-257965.rpm
curl-7.15.0.tar.gz

we can download from this web:

http://ftp.gnome.org/pub/GNOME/sour...2-2.6.19.tar.gz
http://ftp.gnome.org/pub/GNOME/sour...t-1.1.15.tar.gz
http://downloads.activestate.com/Ac...-i686-linux.rpm
http://curl.haxx.se/download/curl-7.15.0.tar.gz

http://www.boutell.com/gd/http/gd-2.0.33.tar.gz
http://keihanna.dl.sourceforge.net/...e-2.1.10.tar.gz
http://www.ijg.org/files/jpegsrc.v6b.tar.gz
http://nchc.dl.sourceforge.net/sour...ng-1.2.8.tar.gz
http://www.zlib.net/zlib-1.2.3.tar.gz

2.Install Apache2

# cd /home/software/
# tar -zvxf httpd-2.2.0.tar.gz
# cd httpd-2.2.0
# mkdir -p /usr/local/apache2
# ./configure --prefix=/usr/local/apache
or
# ./configure --prefix=/usr/local/apache --enable-modules=so --enable-rewrite
# make; make install
install apache
# vi /usr/local/apache/conf/httpd.conf
#ServerName www.example.com:80

save and exit

# /usr/local/apache/bin/apachectl -k start
start up apahce
# /usr/local/apache/bin/apachectl -k stop
shut down apache?

3.Install mySQL

# cd /home/software/
# tar -zvxf mysql-max-5.0.21-linux-i686-glibc23.tar.gz
# mkdir -p /usr/local/mysql
# cp -r mysql-max-5.0.21-linux-i686-glibc23.tar.gz /usr/local/mysql
# cp /usr/local/mysql/support-files/my-medium.cnf /etc/my.cnf

add mysql user and group
# groupadd mysql
# useradd -g mysql mysql
# chown -R root /usr/local/mysql
# chgrp -R mysql /usr/local/mysql
# chown -R mysql /usr/local/mysql/data
# /usr/local/mysql/scripts/mysql_install_db --user=mysql&
start up mysql server
# /usr/local/mysql/bin/mysqld_safe --user=mysql&
If we can see" Starting mysqld daemon with databases from /usr/local/mysql/data"
It show that we have started mysql server, pressCtrl + C to out
change root password
# /usr/local/mysql/bin/mysqladmin -u root -p password "123456"

4.Install GD

a.install jpeg6
create menu:
# mkdir -p /usr/local/jpeg6
# mkdir -p /usr/local/jpeg6/bin
# mkdir -p /usr/local/jpeg6/lib
# mkdir -p /usr/local/jpeg6/include
# mkdir -p /usr/local/jpeg6/man
# mkdir -p /usr/local/jpeg6/man1
# mkdir -p /usr/local/jpeg6/man/man1

# cd /home/xiutuo/software/
# tar -zvxf jpegsrc.v6b.tar.gz
# cd jpeg-6b
# ./configure --prefix=/usr/local/jpeg6/ --enable-shared --enable-static
# make; make install

b.install libpng
# cd /home/software/
# tar -zvxf libpng-1.2.8.tar.gz
# cd libpng-1.2.8
# cp scripts/makefile.std makefile
# make; make install

c.install freetype
# cd /home/software/
# tar -zvxf freetype-2.1.10.tar.gz
# cd freetype-2.1.10
# mkdir -p /usr/local/freetype
# ./configure --prefix=/usr/local/freetype
# make;make install

d.:install zlib
# cd /home/xiutuo/software/
#tar -zxvf zlib-1.2.3.tar.gz
#cd zlib.1.2.3
# ./configure
# make;make install

e.install GD
# cd /home/software/
# tar -zvxf gd-2.0.33.tar.gz
# mkdir -p /usr/local/gd2
# cd gd-2.0.33
# ./configure --prefix=/usr/local/gd2 --with-jpeg=/usr/local/jpeg6/
--with-png=/usr/local/lib/
--with-zlib=/usr/local/lib/
--with-freetype=/usr/local/freetype/
# make; make install

f.install Curl
# cd /home/xiutuo/software/
# tar -zxf curl-7.15.0.tar.gz
# mkdir -p /usr/local/curl
# ./configure --prefix=/usr/local/curl
# make; make install

5:install php5,php5 need libxml2 to support!

a.install libxml2
# cd /home/xiutuo/software/
# tar -zxf libxml2-2.6.19.tar.gz
# cd libxml2-2.6.19
# mkdir -p /usr/local/libxml2
# ./configure --prefix=/usr/local/libxml2
# make; make install

b.install libxslt
# cd /home/software/
# tar -zxf libxslt-1.1.15.tar.gz
# mkdir -p /usr/local/libxslt
# cd libxslt-1.1.15
# ./configure --prefix=/usr/local/libxslt --with-libxml-prefix=/usr/local/libxml2
# make; make install

c.install php5
# cd /home/software/
# tar -zvxf php-5.1.2.tar.gz
# mkdir -p /usr/local/php
# cd php-5.05
# ./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache/bin/apxs
--with-mysql=/usr/local/mysql/
--with-curl=/usr/local/curl --enable-ftp
--with-libxml-dir=/usr/local/libxml2
--with-expat-dir=/usr/lib --enable-soap
--with-xsl=/usr/local/libxslt --enable-xslt
--with-gd=/usr/local/gd2/
--with-jpeg-dir=/usr/local/jpeg6/
--with-zlib-dir=/usr/local/lib/
--with-png=/usr/local/lib/
--with-freetype-dir=/usr/local/zlib/
# make
# make install
# cp php.ini-dist /usr/local/php/lib/php.ini (never forget)

after "./configure"
--prefix=/usr/local/php
--with-apxs2=/usr/local/apache/bin/apxs
--with-mysql=/usr/local/mysql/
--with-libxml-dir=/usr/local/libxml2
This is necessary

--with-gd=/usr/local/gd2/
--with-jpeg-dir=/usr/local/jpeg6/
--with-png=/usr/local/lib
--with-zlib-dir=/usr/lib
--with-freetype-dir=/usr/local/freetype
make PHP to support GD

--with-curl=/usr/local/curl support CURL
--enable-ftp

--enable-soap --with-xsl=/usr/local/libxslt --enable-xslt
make PHP to support SOAP

6.config Apache2 to make it support PHP

config httpd.conf to support PHP
# vi /usr/local/apache/conf/httpd.conf
find AddType application/x-gzip .gz .tgz and add this:
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

restart apache
# /usr/local/apache/bin/apachectl restart



mysql
./configure --prefix=/usr/local/mysql --localstatedir=/usr/local/mysql/data --disable-maintainer-mode --with-mysqld-user=mysql --with-unix-socket-path=/tmp/mysql.sock --without-comment --without-debug --without-bench
./bin/mysqld_safe &



$mysqli = new mysqli("localhost", "my_user", "my_password", "world");

/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}

printf("Host information: %s\n", $mysqli->host_info);

/* close connection */
$mysqli->close();
?>

Sunday, April 15, 2007

AIX 5.3 recommendation

lately I found a very interesting artical from IBM System mag open systems version Aug/Sept 2006 which states IBM are now recommending the following for AIX5.3

The new recommendations are to leave maxclient and maxperm at their default settings of 80, but to still set minperm to something like 5. We also don't change the strict settings. Instead, we alter other parameters as follows:

vmo -p -o minperm%=5
vmo -p -o lru_file_repage=0
vmo -p -o lru_poll_interval=10

Connecting Webserver to Oracle10g

Oracle client:
1. Download the Instant Client from Oracle
2. Be sure to get the basic and the sdk package for Linux (the basic in
RPM format to install the runtime environment and both the basic and sdk
in zip format to be used while compiling)
3. Install the RPM package (rpm -i)
4. Unzip both zips into the same directory
5. cd into the newly created directory (instantclient_10_x) and create a
softlink: libclntsh.so -> libclntsh.so.10.1

Apache/PHP:

1. Install apache2, do not install any PHP packages!
2. Install apache2-devel to get apxs2 (also required: libapr1-devel and
libapr-utils-devel)
3. Download the PHP source code and unzip it
4. Use configure as shown in FIG A
5. Enter make
6. Add the lib-directory generated by the RPM installed before (e.g
/usr/lib/oracle/10.2.0.3/client/lib) to the LD_LIBRARY_PATH
7. Enter make install
8. Copy the php.ini-recommended file to your apache config directory
(e.g. /etc/apache2)
9. Create the tnsnames.ora
10. cd into your apache config directory
11. (for apache 2) create a new file called php5.conf and copy the
content of FIG D into it
12. Be sure to include this conf in your vhost (e.g. Include
/etc/apache2/conf.d/php5.conf)
13. Edit the files containing module information (on SuSE 10.1:
/etc/sysconfig/apache2) and add the libphp5.so to the list of modules.
14. Start apache with the script from FIG C
15. Create a PHP page, only containing , save it in
your DocumentRoot and call it via a web browser. It should now display
an OCI8 information section.
16. You can now use the code from FIG E to test your Oracle database
connection


FIG A:
./configure
--with-oci8=instantclient,
--prefix=/usr/local
--with-apxs2=/usr/sbin/apxs2
--enable-sigchild
--with-config-file-path=/etc/apache2

FIG C:
LD_LIBRARY_PATH=:${LD_LIBRARY_PATH}
TNS_ADMIN=
export LD_LIBRARY_PATH TNS_ADMIN
echo Starting Apache apache2ctl start

FIG D:
AddType application/x-httpd-php .php
AddType application/x-httpd-php .phtml
AddType application/x-httpd-php-source .phps

FIG E:
$c = OCILogon('', '',
'');
if($c != null){
echo "YAY!";
} else{
echo "DOH!";
}

$query = '';

$stid = OCIParse($c, $query); OCIExecute($stid, OCI_DEFAULT); while
($succ = OCIFetchInto($stid, $row)) { foreach ($row as $item) { echo
$item." "; } echo "
n"; }

OCILogoff($c); ?>

MPLS study notes

MPLS: Multi Protocol Label Switching
Packet forwarding is done based on Labels.
Labels are assigned when the packet enters into the network.
Labels are on top of the packet.
MPLS is functioning in frame-mode or cell-mode.
LSPs are unidirectional
Label Header:= Header 4 bytes, Label 20 bits.
Label Header can be used over Ethernet, 802.3, or PPP links
A label switch router (LSR) is a device that forwards based on labels.
An edge LSR labels and removes labels from packets.
LSRs distribute labels to the upstream neighbors
Forwarding tables (FIB) are built based on IP routing tables with no labeling information
MPLS convergence occurs immediately after the routing protocol convergence, based on labels already stored in LIB
LDP and TDP use a similar process to establish a session:
Hello messages are periodically sent on all interfaces enabled for MPLS.
UDP is used for hello messages. It is targeted at "all routers on this subnet" multicast address ( 224.0.0.2).
TCP is used to establish the session.
Both TCP and UDP use well-known LDP port number 646 (711 for TDP).
Penultimate hop popping optimizes MPLS performace (one less LFIB lookup).
PHP optimizes MPLS performance by reducing the number of table lookups on the egress router.
PHP is not supported on ATM devices because a label is part of the ATM cell payload and cannot be removed by the ATM switching hardware
Pop or implicit null label uses value 3 when being advertised to a neighbor.
Provider Network (P-Network): The backbone under control of a Service Provider
Customer Network (C-Network):Network under customer control
CE router:Customer Edge router. Part of the C-network and interfaces to a PE router
Site is connected to the VPN backbone through one or more PE/CE links
PE router Provider Edge router. Part of the P-Network and interfaces to CE routers
P router Provider (core) router, without knowledge of VPN
Route-Target 64 bits identifying routers that should receive the route
Route Distinguisher Attributes of each route used to uniquely identify prefixes among VPNs (64 bits) VRF based (not VPN based)
VPN-IPv4 addresses Address including the 64 bits Route Distinguisher and the 32 bits IP address
VRF VPN Routing and Forwarding Instance Routing table and FIB table Populated by routing protocol contexts
VPN-Aware network, A provider backbone where MPLS-VPN is deployed
Intranet VPN: Intranet VPNs connect sites within an organization. Security mechanisms are usually not deployed in an intranet, because all sites belong to the same organization.
Extranet VPN: Extranet VPNs connect different organizations. Extranets usually rely on security mechanisms to ensure the protection of participating individual organizations. Security mechanisms are usually the responsibility of individual participating organizations.
Access VPN: Access VPNs are virtual private dial-up networks (VPDNs) that provide dialup access into a customer network.
PE routers are faced to CE routers and distribute VPN information through MP-BGP to other PE routers
P routers do not run BGP and do not have any VPN knowledge
PE and CE routers exchange routing information through: EBGP, OSPF , RIPv2, Static routing
Site of Origin (SOO): identifies the originating site
Route-target (RT): identifies the set of sites the route has to be advertised to
RTs are attributes that are attached to a VPNv4 BGP route to indicate its VPN membership. The extended BGP communities of a routing update is used to carry the RT of that update, thus identifying which VPN the update belongs to.
RD is configured in the PE for each VRF
The RD is used only to transform nonunique 32-bit customer IP version 4 (IPv4) addresses into unique 96-bit VPNv4 addresses (also called VPN IPv4 addresses).
RD may or may not be related to a site or a VPN
<16bits type>::<32 bit number>Registered AS number
<16bits type>::<16 bit number>Registered IP address
VRF: VPN Routing and Forwarding Instance( VRF Routing Protocol Context, VRF Routing Tables,VRF CEF Forwarding Tables)
One central site has full routing knowledge of all other sites (of same VPN) = Hub-Site
Other sites will send traffic to Hub-Site for any destination = Spoke-Sites


show commands
show ip route vrf ...
show ip protocol vrf
show ip cef
show tag-switching tdp parameters
show tag-switching interface
show mpls interface
show tag-switching tdp discovery
show tag-switching tdp neighbor
show tag-switching tdp neighbor detail
show tag-switching tdp bindings
show tag-switching forwarding-table
show mpls forwarding-table
show ip cef detail


Sample PE Router Configuration
en
conf t
ip cef
ip vrf Cust
rd 1:100
route-target both 1:100

interface Serial0/0
ip vrf forwarding Cust
ip address 172.16.1.1 255.255.255.252

router eigrp 1
address-family ipv4 vrf Cust
redistribute bgp 1 metric 1000 100 255 1 1500
network 172.16.0.0
network 172.15.0.0
no auto-summary
autonomous-system 101


router bgp 1
no synchronization
no auto-summary
address-family vpnv4
address-family ipv4 vrf Cust
neighbor 10.10.10.102 remote-as 1
neighbor 10.10.10.102 activate
neighbor 10.10.10.102 update-source Loopback0
redistribute eigrp 201


To verify configuration
show ip eigrp vrf Cust neighbors
show ip bgp vpnv4 vrf ...
show ip route eigrp
sh ip vrf route