Archive for Server

pure-ftpd-mysql, [ERROR] Home directory not available – aborting

Posted in System with tags , , , , on April 15, 2008 by wsjoung

groupadd -g 2001 ftpgroup
useradd -u 2001 -s /bin/false -d /bin/null -c “pureftpd user” -g ftpgroup ftpuser

Instead of this dummy ftpuser account setting when they want to create real linux account.
they may get this error “Home directory not available – abort” even if they set CreateHomeDir to yes.

Solution:
the last existing in the home path should be own by root.
for example, we want to create somebody’s home directory when he log in, /home/ftpuser/somebody
then the last existing directory ‘ftpuer’ may look like this,
drwxr-xr-x 2 root ftpgroup 4096 2008-04-15 11:20 ftpuser

[pure-ftpd] CreateHomeDir problem (“[ERROR] Home directory not available – aborting”)
Virtual Hosting With PureFTPd And MySQL (Incl. Quota And Bandwidth Management) On Ubuntu 7.10 (Gutsy Gibbon)

Advertisements

DataSource setup on Tomcat

Posted in Server with tags , , , on September 21, 2007 by wsjoung

1. create META-INF/context.xml

<?xml version=”1.0″ encoding=”UTF-8″?>
<Context docBase=”e-sports” path=”/e-sports” debug=”0″ reloadable=”true”
source=”org.eclipse.jst.j2ee.server:e-sports”>
<Logger className=”org.apache.catalina.logger.FileLogger”
prefix=”e-sports_log.” suffix=”.txt” timestamp=”true” />
<Resource name=”jdbc/myoracle”
auth=”Container”
type=”javax.sql.DataSource”
driverClassName=”oracle.jdbc.driver.OracleDriver”
factory=”org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory”
url=”jdbc:oracle:thin:@127.0.0.1:1521:ORA92″
username=”scott”
password=”tiger”
maxActive=”20″
maxIdle=”10″
maxWait=”-1″ />
</Context>

2. test.jsp
<%@ page import=”java.sql.Connection” %>
<%@ page import=”java.sql.ResultSet” %>
<%@ page import=”java.sql.SQLException” %>
<%@ page import=”java.sql.Statement” %>
<%@ page import=”javax.naming.Context” %>
<%@ page import=”javax.naming.InitialContext” %>
<%@ page import=”javax.naming.NamingException” %>
<%@ page import=”javax.sql.DataSource” %>

<%
Context ctx = null;
DataSource source = null;
Connection con = null;

try {
ctx = new InitialContext();
ctx = (Context) ctx.lookup(“java:comp/env”);
source = (DataSource) ctx.lookup(“jdbc/myoracle”);

System.out.println(“DataSource ===========================”+ source);

con = source.getConnection();
System.out.println(“Connection ============================”+ con);
} catch (NamingException ne) {
ne.printStackTrace();
}
%>

mod_rewrite: Apache URL Rewriting

Posted in Server with tags , , , on January 24, 2007 by wsjoung

People loves to apply MVC model pretty much on their web application project. They likely put a controller which takes user input from the request and figures out what it means to the model. In this case, URL may looks like this, “index.php?category=sub”. It’s not pretty at all. If we can make this “category/sub”. it would be much better for search engine and users; security reason as well.

Module mod_rewrite URL Rewriting Engine
mod_rewrite, a beginner’s guide (with examples)
mod_rewrite: A Beginner’s Guide to URL Rewriting
mod_rewrite Cheat Sheet

Samba Setting: Secure Read-Write File and Print Server

Posted in System with tags , , , on November 17, 2006 by wsjoung

Secure Read-Write File and Print Server

We progress now from simple systems to a server that is slightly more complex.

Our new server will require a public data storage area in which only authenticated users (i.e., those with a local account) can store files, as well as a home directory. There will be one printer that should be available for everyone to use.

In this hypothetical environment (no espionage was conducted to obtain this data), the site is demanding a simple environment that is secure enough but not too difficult to use.

Site users will be Jack Baumbach, Mary Orville, and Amed Sehkah. Each will have a password (not shown in further examples). Mary will be the printer administrator and will own all files in the public share.

This configuration will be based on user-level security that is the default, and for which the default is to store Microsoft Windows-compatible encrypted passwords in a file called /etc/samba/smbpasswd. The default smb.conf entry that makes this happen is passdb backend = smbpasswd, guest. Since this is the default, it is not necessary to enter it into the configuration file. Note that the guest backend is added to the list of active passdb backends no matter whether it specified directly in Samba configuration file or not.

Procedure 2.2. Installing the Secure Office Server

Example 2.4. Secure Office Server smb.conf
# Global parameters
[global]
workgroup = MIDEARTH
netbios name = OLORIN
printcap name = cups
disable spoolss = Yes
show add printer wizard = No
printing = cups
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
[public]
comment = Data
path = /export
force user = maryo
force group = users
guest ok = Yes
read only = No
[printers]
comment = All Printers
path = /var/spool/samba
printer admin = root, maryo
create mask = 0600
guest ok = Yes
printable = Yes
use client driver = Yes
browseable = No

1. Add all users to the operating system:
root# useradd -c “Jack Baumbach” -m -g users -p m0r3pa1n jackb
root# useradd -c “Mary Orville” -m -g users -p secret maryo
root# useradd -c “Amed Sehkah” -m -g users -p secret ameds

2. Configure the Samba smb.conf file as shown above

3. Initialize the Microsoft Windows password database with the new users:
root# smbpasswd -a root
New SMB password: bigsecret
Reenter smb password: bigsecret
Added user root.

root# smbpasswd -a jackb
New SMB password: m0r3pa1n
Retype new SMB password: m0r3pa1n
Added user jackb.

root# smbpasswd -a maryo
New SMB password: secret
Reenter smb password: secret
Added user maryo.

root# smbpasswd -a ameds
New SMB password: mysecret
Reenter smb password: mysecret
Added user ameds.

4. Install printer using the CUPS Web interface. Make certain that all printers that will be shared with Microsoft Windows clients are installed as raw printing devices.

5. Start Samba using the operating system administrative interface. Alternately, this can be done manually by executing:

root# nmbd; smbd;

Both applications automatically execute as daemons. Those who are paranoid about maintaining control can add the -D flag to coerce them to start up in daemon mode.

6. Configure the /export directory:
root# mkdir /export
root# chown maryo.users /export
root# chmod u=rwx,g=rwx,o-rwx /export

7. Check that Samba is running correctly:
root# smbclient -L localhost -U%

The following error message indicates that Samba was not running:
Error connecting to 192.168.1.40 (Connection refused)
Connection to olorin failed

8. Connect to OLORIN as maryo:
root# smbclient //olorin/maryo -Umaryo%secret
OS=[UNIX] Server=[Samba-3.0.20]
smb: \> dir
smb: \> q

By now you should be getting the hang of configuration basics. Clearly, it is time to explore slightly more complex examples. For the remainder of this chapter we abbreviate instructions, since there are previous examples.

The Official Samba-3 HOWTO and Reference Guide