How to: Mac OS X email Server

-

October 19, 2013

How to set up and install a Mac OS X email Server

**This is a legacy article which does not meet some of our quality standards. While it may contain useful information, is retained here for legacy reasons only.**

I’ve decided to post this here in it’s current form, it will need a few tweaks, but you may as well have use of it. It’s pretty accurate but there will likely be something that I’ve missed.

So not that I have anything to hide, but I decided I didn’t like the idea of the NSA and it’s 5 spider eyes nastiness inspecting all my stuff, so after a few months of weighing it up, I decided to have a look around.

Having become used to ‘the cloud’ like many of us, I was looking for something that wouldn’t require me to while my hours away supporting various issues that crop up, had a relatively simple setup procedure and specifically stored my personal information where I could actually see it. It also needed to be capable of doing a robust backup, be low cost and a relatively simple procedure to restore service if it failed.

Ultimately, the only option that truly stood out for me was Mac OS Server 10.8 with it’s ridiculously cheap price of $19.99 and requires NO client licensing. It is an add on application to the Mac OS already running on your mac and you are entitled to make as many virtualised instances of this as you like including using the Mac OS installation media in the virtual machine that came with your Mac. In Vmware it’s as simple as selecting, install Mac OS from the recovery partition and off you go.

The quick and dirty summary of what I purchased for this is as follows:

The Server

VMWare Fusion v6.0 (About $NZ50

Mac OS Server $US19.99

(This runs on my existing Mac Mini which has a Sandisk SSD and 16GB of Kingston RAM)

Backups

Since I am into photography in a large way, I already had a ton of NAS storage. So for backups I configured time machine (from within the server) to backup to my QNAP 669-L and from there it does a real time off site backup to my QNAP 412. The QNAP 412 is configured with rsnapshot so that data can be restored to a point in time. As an extra precaution, VMWare has a handy feature that takes daily snapshots, rotating after a maximum of 3 is reached, in case you’re desperate for a one-click restore.

You would definitely not have to have these QNAP’s, there are plenty of alternative and cheaper backup options that you could use, but that’s another story.

Pre-Requisites

Start with a standard Mac OS 10.8

Ensure you have a fixed IP address so that applications and services know where to talk to

You should ideally have a domain and a fixed IP pointing at your server or alternatively a dynamic domain – out of the scope of this article.

Ensure all updates security etc have been applied to your base OS.

It is preferred that the server is running in a virtual machine such as VMWare or parallels.

You will need a spare 2GB memory to allocate to the server

note there is also a workgroup manager software application to remote manager your server. It is available at the Apple Support downloads section http://support.apple.com/kb/DL1567

Installation

Install the Mac OS X email Server Application from the Mac App Store (it’s part of the main OSX Server application here – (161MB at time of writing)

Double Click and Run the server Application from the Applications folder. (A good idea at this time is to right click the server icon in the taskbar and choose ‘Options, Keep In Dock’

Click Continue in the Set Up Your Server Window

Click Agree to Agree to the software licence agreement

Enter the local server machine password that allows you to install software, then click continue

Choose the third option ‘Domain Name’ and click Continue

Enter the name of the server in the top box (this will show up in finder and other applications when browsing the network

Enter the fully internet registered hostname in the host name box i.e. servername.yourdomain.com

In the network address field click edit.

Change the ‘Using DHCP’ drop down box to ‘Manually’

enter a fixed IP address that will not be used by any other device on the network (you may need to poke around in your internet router to see what range of addresses can be assigned via DHCP and ensure your address is outside of this. i.e. 192.168.1.10 or similar. You will manually forward certain services to this address later.

Ensure Subnet Mask is 255.255.255.0 and that the router and DNS servers are pointing to your internet router (we will change these later).

Click Apply

Mac Server will apply these settings, then click continue.

Enter in your apple ID and password for push alerts, click continue

Mac now goes away and sets up the remaining settings for network etc and some sensible defaults to start with. Upon completion you will see a ‘Congratulations’ Screen and a Finish button.

Click the finish button and you have now fully completed the ‘Installation’ section of the Server HowTo.

Configuration

Network – DHCP / DNS

The very first thing you need to configure is a multi-homed network. This will fool the devices into redirecting traffic on your internal network bound for the internet, to your server instead of the internet. This is required when you connect to services from on the same network as your server is on. If your router supports it, it can be preferable to do this on the router, or do part of it on the router, it’s up to you. My router does not support it, so I’ll show you how to do it on the Mac Server here.

DHCP

You need to set up DHCP on the Mac Server.

It is best to assign a DHCP ‘Scope’ that leaves room at one end of the IP addressing pool for static addresses. I suggest setting the scope to be something like 192.168.1.100 – 192.168.1.200. You’re not likely to need 100 addresses in a home network.

Click the DHCP Icon under the Services section in the Server Admin Tool
Change the lease duration to something more than 1 hour, 1 hour is ridiculously unnecessary. I set mine to 7 days.
Ensure you are connected by Ethernet if possible (by the way, if you are using VMWare you need to be using Bridged Ethernet mode).
Enter your preferred starting and ending IP addresses.
Leave the router as your actual router.
Just below this there is a DNS server. We need to change this to your local server address. By default the DNS server is setup correctly automatically, so just enter in your Server IP Address in the DNS field.
Click Done
Now, so you don’t disconnect yourself and cause all sorts of grief, a second device to connect here is handy. You need to DISABLE the DHCP server on your router and ENABLE the DHCP server on your Mac Server. You enable the DHCP server on Mac Server by sliding the OFF-ON switch at the top to the on position. You CANNOT have more than one DHCP server running.
Once you have turned your original DHCP server off and enabled the new one, try disabling the WIFI on for example your iphone / android etc and see if it get’s an address. Do NOT reboot your computer until you have confirmed this is working or you will not be able to reconnect to your network properly.

Mail

Click the first edit button next to, “Provide mail for:” and choose your registered email domain

Turn on the Mail service by sliding the Off-On slider to On.

Surprisingly that’s it for the email service! The rest is done in the user accounts section.

User Account

Click the Users item under Accounts.

Your account should already exist, or if not, create one with the + button.

(I have found if you don’t right click the actual user and choose edit the app crashes. This is the only way to edit the user at this time.)

Enter in the email address you wish to assign to the user and click Done.

And again surprisingly, that’s it!

Howto: Add disk to Linux RAID

marshalleq

-

September 29, 2009

2

How to add disk to linux RAID on Sabayon 5

**This is a legacy article which does not meet some of our quality standards. While it may contain useful information, is retained here for legacy reasons only.**

(Of course the same basic commands apply across any linux system running mdadm).

Forgive the lack of formatting with this, but I figure I’ll post it before it gets lost and format it later 🙂

After the hardware is installed do the following:

fdisk /dev/yourdisk

press n for new partition

Accept defaults for largest size disk if that’s what you want to do (most likely)

Press ? To change the partition type to Raid Autodetect

press w to exit fdisk

Ensure your existing array is built and running

# mdadm –assemble /dev/md0 /dev/sdb1 /dev/sdc1 /dev/sdd1 /dev/sde1

# mount /dev/md0 /mnt/data1

# mdadm /dev/yourexisting array –add /dev/yournewdisk

mdadm: added /dev/sdf1

# mdadm –detail /dev/md0

You should see a list similar to this showing your new drive currently added as a hot spare

Number Major Minor RaidDevice State

0 8 17 0 active sync /dev/sdb1

1 8 33 1 active sync /dev/sdc1

2 8 49 2 active sync /dev/sdd1

3 8 65 3 active sync /dev/sde1

4 8 81 – spare /dev/sdf1

Now you’re ready to roll….. 🙂

# mdadm –grow –raid-devices=5 /dev/md0

Donald Scripts # mdadm –grow –raid-devices=5 /dev/md0

mdadm: Need to backup 768K of critical section..

mdadm: … critical section passed.

Every 2.0s: cat /proc/mdstat Wed Sep 16 18:18:20 2009

Personalities : [linear] [raid0] [raid1] [raid10] [raid6] [raid5] [raid4] [multipath] [faulty]

md0 : active raid5 sdf1[4] sdb1[0] sde1[3] sdd1[2] sdc1[1]

2930279808 blocks super 0.91 level 5, 64k chunk, algorithm 2 [5/5] [UUUUU]

[>………………..] reshape = 0.1% (1176912/976759936) finish=816.4min speed=19915K/sec

unused devices: <none>

Check the filesystem e2fsck!

Donald Scripts # e2fsck -pv /dev/md0

/dev/md0: clean, 87382/183148544 files, 634355575/732569952 blocks (check in 5 mounts)

Donald Scripts # resize2fs -p /dev/md0

resize2fs 1.41.9 (22-Aug-2009)

Resizing the filesystem on /dev/md0 to 976759936 (4k) blocks.

Begin pass 1 (max = 7452)

Extending the inode table XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The filesystem on /dev/md0 is now 976759936 blocks long.

How to save your Kodi library

marshalleq

-

September 20, 2009

17

How to save your Kodi library so you never have to download it again!

Yep, you read that right! Actually, this guide does away with exporting and importing mostly. I got tired of waiting for my large collection to download every time I did an upgrade or removed a Kodi source/share. And it wasn’t too hard to figure out a way around it.

A nice side effect of this guide is that you will easily be able to tell which content is not being detected by Kodi. You may not realise it, but if you have a large collection, often Kodi doesn’t detect things and there doesn’t seem to be any reason to which it will or won’t detect during the library scan, but it can miss quite a few things off from time to time. Another nice side effect of this method is that you won’t have issues with path incompatibilities (causing your Kodi library import to fail) if you’ve changed your sharename, have multiple Kodi clients etc.

OK, you’re not going to believe how easy this is. 🙂

First off, you’re going to need to do a library scan from the internet, once, as per normal.

Add items to your Kodi library

From the main screen go to video. Click or press Enter on the Add source item and add a media source if you don’t already have one.

Ensure you go into “Set Content” and change the item, “This directory contains” to Movies or whatever content you have in your source. If you already had a source set up, you will need to edit it by selecting it, pressing C (or right clicking the mouse) and choosing edit source.

Also make sure you select, “Run Automated scan” and “Scan Recursively”, under Settings to ensure you have “enable fanart” enabled. Click OK twice to get out.

If you were creating a new source it should now scan it automatically. If you had an existing source you may need to select it, press C (or right click) and choose, “Scan for new Content” as sometimes they don’t accept the automated scan request. Note: It is not until you do this scan that the Kodi Library Mode will become active.

Depending on the size of your library and speed of your internet connection, you may need to wait a while, maybe even an hour . When it’s completed, select and make active the Library Mode item under Video. At this point you should be seeing a screen with Movies, Recently added movies and Playlists on it. Click on Movies, then Title and you should be looking at the the glorious Kodi Library goodness!

Exporting your library

OK so you’ve spent an hour waiting for your library to download and you know you don’t ever want to do that again! The fix is quite easy.

Ensure you have write access from Kodi to where your library is stored. If you are running from a Samba share you will need to ensure the user you are connecting to the share as, has read, write and execute access, otherwise this will not work.

In the Kodi library, press C or right click and select settings.

Scroll down and select the Library Menu Item, then choose Export Video Libary.

Choose to export your library to separate files per entry (this bit is the magic)

Choose yes to export thumbs and fanart

Choose yes to overwrite old files.

The export now begins. Once the export has completed, you’re actually done and you never ever need to go into, “Import Video Library” again!

How does this work? It works because beside every file in your network share or disc folder/directory, the export put’s some matching files beside your movie files indicating to Kodi that this is the fanart, cover image, actors, directors, IMDB rating etc etc that belongs to this movie. When Kodi is newly set up, all you need to do is go through the add items to your library section above and Kodi automatically pulls in the local versions of the files you previously exported. You won’t need to go off to the internet for those files again!

Caveats, Gotcha’s and a bit of tweaking

OK, so the library isn’t always perfect, the automatic download feature sometimes skips stuff (as I mentioned before). For these ones, Kodi may still go off to the internet at some stage, or they may be missed off altogether. That’s OK, we can fix that!

Movies that aren’t detected

You can easily see which files were not detected, because when you open your movies folder in your favourite file manager you will see which ones do not have any .nfo .tbn files etc beside them. (To do this make sure you’re viewing your files sorted by name). It’s these one’s that you need to do a bit of manual tweaking, but once you’ve done it, you shouldn’t need to go back to them, and they should stay there accross new versions of Kodi.

The way Kodi uses it’s scrapers is based on a file filter using something called regex. Don’t worry about that too much, but just understand that the name of each of your files is quite important so that Kodi knows what movie to look up. As an example, if you have a movie with a ‘ in it’s name, it needs to go into the file. For example, if you had the Movie, “My Moms New Boyfriend”, it needs to read, “My Mom’s New Boyfriend”. This is because if you look it up on the internet (the same thing the Kodi scraper does) it is actually written on the internet this way and the apostrophe is counted as a character it needs to match. After you’ve changed the name of your movie, right click or press C on any movie in the library and choose, “Update Library”. It’ll most likely turn up.

If a movie is still not being detected, plug it into google and see what comes up. If you can find it in imdb.com and it has the same name, there’s another trick you can do.

Copy the url from imdb.com (or another supported scraper site (which you can get a list of from that same settings screen we went to above) and paste it as the only line in a text file. Put the text file beside the movie in question and call it EXACTLY the same name but with .nfo on the end (so it should look like shrek.nfo for example). Then choose update libarary again. Kodi should say, “Oh, for this movie I need to go and look at this web address”. If it does find something and it works well, you should re-export your library exactly the same as we did before (above) and choose yes to overwrite your files. Then you will never have to go back to this particular one again.

If it doesn’t work, keep looking for web sites. If you still can’t get the scraper to work you can put it in manually. Most of the time these ones will not have fanart, but you should still be able to get a DVD cover and info on the movie.

The first step is to download a DVD cover off the internet. Just google for it, get the enlarged version if available and right click, save as and put it somewhere on your computer. You then need to convert the file to a .tbn file. To do this in linux you need imagemagick installed (also available for windows I believe). Once installed, type, “convert yourcovername.jpg yourcovername.tbn. Then copy that file beside the movie file in question and give it the same name but keeping the .tbn extension. If you update your library you should see the dvd cover display appear. Occasionally, I’ve had to remove and re-add the Video source to get this to work, but it’s no big deal since it doesn’t have to go off to the internet any more. 🙂

For the information that goes with the movie, copy one of the other movies .nfo files and edit it. It’s pretty obvious what you need to change, just make sure it’s named yourmove.nfo, not the old movie name as you’ll stuff things up and need to remove and re-add your library again.

Welcome to your new Kodi library that installs in minutes instead of hours! 🙂 Have fun!

Good luck!

Howto: Encode DVD to mkv

marshalleq

-

September 6, 2009

11

Howto: Encode DVD to mkv with chapters, subtitles, multi channel audio etc with Sabayon Linux

This is a legacy article which does not meet some of our quality standards. While it may contain useful information, is retained here for legacy reasons only.

We’re all recording our TV shows etc onto computer files nowadays, thanks to XBMC, Windows Media Center, Media Portal, Apple TV and even Sony Playstaion, many of us are enjoying a rich online library of content to show off to our friends. For me, the first thing I do when I buy a DVD is encode the DVD to mkv to a file and store the DVD away in the cupboard. I just wish you could take a USB stick down to the video store and have this done already. But no go, so I do it myself.

This is something I’ve been doing for years. There’s just no excuse for bad quality huge file size divx files anymore. While I might have been fortunate enough in the past to have always had a dual-core while some people haven’t had that fortune, many years have passed and this type of hardware is extremely common these days. The number one reason why using the 264 codec wasn’t popular for most was simply encoding time, if you didn’t have a dual core you would have most likely been looking at about 3-7 days to encode a single file. But don’t fret, this is no longer the case.

This method, (although not rocket science at all) is often overlooked in favour of other, more historical methods out of sheer laziness. With this method it is common to produce a file between only 700MB and 1.1GB that includes a full resolution video track with NO loss in quality that I’ve ever been able to see, a full uncompressed copy of the original AC3 and/or DTS soundtrack, full chapter support, multiple subtitles and even a copy of the cover art. When I say no loss in quality, I really do mean it. I’ve looked at these things so hard, found the smallest little error and then ended up realising it was actually a problem on the original DVD. It’s important to note actually, that if you’re fussy, the kinds of issues you’re likely to be looking at will actually NOT be with the encoded file, but in the original source.

Why would I do it on linux? Well, for starters, when it comes to encoding, linux is faster and not just a little bit either, quite a lot actually. I can’t comment on Windows 7 at this point, but certainly on prior versions, Linux has had a considerable lead on encoding time. I suspect former versions of Windows did not support the new processors properly. This goes double when you have a quad core machine or higher. Plus, if you’re feeling particularly greedy, you can install the 64bit version of linux and compile your own copies of the encoder in sabayon for your specific CPU and hardware using the emerge command. If you’re going to do a lot of encoding, the 64 bit / manually compiled encoders add quite a bit of extra speed. If you’re lucky enough to own a core i7 you would get even more advantage out of the maths capabilities of that architecture. A typical scenario on my Intel Quad Q9300 takes about 2 hours to complete the mkv file above without manual compiling and running 32 bit Sabayon KDE.

**Before you start, please be aware that I in no way wish to support the pirating of DVD’s for spreading across the internet. This guide is for personal use only and is intended to be used only for the transcoding of your already owned media to your own personal system.**

Righto, now that that’s over, we can begin.

Make the ISO

This script (h264enc) will actually encode/transcode from just about any format to any other format. In fact it has presets for everything from blackberry’s, psp’s and ps3’s to generic hardware based DVD players. For the sake of this guide however, we will concentrate on encoding an MPEG-2 ISO file made from DVD to an MPEG-4 mkv file playable on any good media centre such as XBMC or media portal.

While you can use this method to encode from other DVD structures, ISO’s are the easiest method, so we will focus on that here. I’m not going to go into how to make an ISO from a DVD disc, however I can point you to k9copy for linux and DVD Fab HD Decrypter for windows. Sometimes the windows method is preferred as Linux often is not up with the latest methods of extracting this information from a DVD. The only comment I will make, is don’t bother to ‘Shrink’ the DVD to a 4.3GB ISO. Since we won’t be trying to put it on a single layer disk (in fact we can fit four mkv files on a single layer DVD (therefore four movies)) having the original 9GB file will actually help your final encode to be higher quality since the source will have more colour bits in it to read from.

Get the software

In Sabayon you will need to install the following software:

mplayer, ogmtools (for chapter support), gpac (if you want to convert for PSP etc),

mkvtoolnix (for mkv support), h264enc, smplayer (just because it’s the best media player for linux and windows) 🙂

There are other packages that would be useful depending on what you want to do with h264enc, but for the sake of this example I’m leaving them out for now.

# equo install mplayer smplayer gpac mkvtoolnix ogmtools

Then you need to download h264enc from the website since it’s not currently included in Sabayon and this way you don’t have to wait for an ebuild to be made.

Browse to http://sourceforge.net/projects/h264enc/files/ and get the latest version.

Extract the version you downloaded using tar -zxvf fileyoudownloaded

go into the directory that was just extracted, probably h264enc9.0.1 or something like that.

become root

su <yourpassword>

type ./install and follow the simple questions.

Checking your config

You should now have all the relevant files installed. To check, as your NORMAL user enter the following:

$ h264enc -sc

You should get output similar to the following:

someone@somemachine ~ $ h264enc -sc

-> Checking for ‘MPlayer’………………… OK
-> Checking for ‘MEncoder’……………….. OK
-> H.264 video support in MEncoder………… YES
-> AAC (FAAC) audio support in MEncoder……. YES
-> MP3 (LAME) audio support in MEncoder……. YES
-> AC3 (lavc) audio support in MEncoder……. YES
-> PCM audio support in MEncoder………….. YES

-> Checking for ‘bc’…………………….. OK
-> Checking for ‘pv’…………………….. FAILED! [no support for DVD ISO dumps]
-> Checking for ‘dd’…………………….. OK
-> Checking for ‘neroAacEnc’……………… FAILED! [no support for AAC+ audio]
-> Checking for ‘aacplusenc’……………… FAILED! [no support for AAC+ audio]
-> Checking for ‘oggenc’…………………. OK
-> Checking for ‘flac’…………………… OK
-> Checking for ‘less’…………………… OK
-> Checking for ‘lsdvd’………………….. OK
-> Checking for ‘dvdxchap’ (from ogmtools)…. OK
-> Checking for ‘mkvmerge’ (from mkvtoolnix).. OK
-> Checking for ‘ogmmerge’ (from ogmtools)…. OK
-> Checking for ‘MP4Box’ (from gpac)………. OK
-> Checking for ‘tsMuxeR’………………… FAILED! [no support for the TS container]

If you have installed a required program but the script
can’t find it, run ‘h264enc -r’ to reset the config file.

Don’t worry about the missing aac etc, you don’t need that. In fact you’re all done! All that remains is to run the script.

Before we run the script I need to point out some more things. I’m not going to step by step you through the script, there are just too many options. However there are some things that I can give you pointers on.

Always know if your source file is interlaced or not. If you don’t know how to tell, just play your DVD in a computer (must be a computer) and you will see if there are jagged lines in the image or not. If you can’t see any or aren’t sure, you will have progressive.
If you do have interlaced, you need to say that you DON”T want to preserve interlacing as nothing can play it otherwise. Use the Yadif and MCDEINT deinterlacer for best quality.
Always use 2 pass, don’t bother with 1 pass or 3 pass
Always always choose to crop, it’ll save encoding time and it’ll look cleaner when you play it later
Always export chapters (especially with a music DVD as you will be able to skip songs)
If you have a slower processor, you can use vhq instead of ehq, you probably won’t notice the difference.
If you change the name of the output file, you must put .avi on the end
When you get to the audio section choose COPY. Don’t bother with the others, they’re a waste of time unless you’re encoding for a PSP or something.

To execute the script to start your encode:

$ h264enc -2p -p ehq

Have a play, and feel free to post comments / questions. Did I mention that these can be hardware accelerated by NVIDIA GPU’s using CUDA / VDPAU? My CPU only uses about 1% playing 24GB 1080p files on an 8600GT card. It’s sweet! 🙂

Howto: SVN XBMC Live

marshalleq

-

August 22, 2009

1

Howto: SVN installer on XBMC live to enable automatic skin and plugin upgrades/installs

**This is a legacy article which does not meet some of our quality standards. While it may contain useful information, is retained here for legacy reasons only.**

For ages I’ve wanted to know how to put the plugins back into xbmc. When you do a fixed disk install from the XBMC live iso, they’re just not included. Why? It’s probably that the XBMC team don’t consider the live disc to be important, yet it is the best out of the box media centre around simply because it’s light, has no extra applications you don’t need, uses it’s own window manager, free and works out of the box!

So here’s how I used SVN XBMC to do it.

ssh into your xbmc media centre

$ ssh <youripaddress>

Become root

su <password>

ensure unzip is installed

# apt-get install unzip

Become normal user

# exit

Enter plugins directory

cd /home/xbmc/.xbmc/plugins/programs

Download installer

$ wget http://xbmc-addons.googlecode.com/svn/packages/plugins/programs/SVN_Repo_Installer.zip

unzip SVN Installer

$ unzip SVN_Repo_installer.zip

Delete the original zip file

$ rm SVN_Repo_installer.zip

Configure XBMC

Go to settings, skin settings, (left hand menu), home window and turn on the show programs option in the main menu.

Go to main menu and choose Programs

There will be program plugins and under that your new installer.

You’re done! Using the installer is fairly self explanatory, check out the skins, you’ll be really impressed.

Howto: Enable Kodi / XBMC smoothvideo Playback

marshalleq

-

August 22, 2009

60

Howto: Enable Kodi / XBMC smoothvideo playback

[alert color=”C7645F” icon=”fa-align-right” title=”This is a legacy article“]
This is a legacy article which does not meet some of our quality standards. While it may contain useful information, is retained here for legacy reasons only.[/alert]

** 7 March 2010 – Updated for latest version of XBMC live (9.11-live-repack)**

Yes, so it took me a while to get round to it, sorry about that, beenbusy with parts of my life that don’t include computers! So basically, I’ve just edited the original article and modified for the latest version of XBMC. This now also includes how to update xbmc to latest nvidia drivers to get rid of that terribly embarrassing issue whereby they released xbmc with vdpau issues!

So, please read on to see the original article with new xbmc specifc changes added and old xbmc changes removed. If you notice any errors (I did this in a rush), please let me know and I’ll update.

** 13 March 2010 – This update seems to break some of the power management stuff, it does otherwise work so if that doesn’t worry you, please continue, but if you rely on that, please be aware that I haven’t yet fixed this problem. **

**End of updates**

So you’ve no doubt ended up here because you’re absolutely sick of trying to eliminate video jutter when watching your much loved content. While this is most obvious in panning scenes, it’s also obvious in many other motion scenes. Caused by a fairly complicated case of mismatching refresh rates between your video card and screen along with the frame drops caused by the average system trying to compensate for it, this is really quite a pain. In absolutely typical fashion, it’s the XBMC folk that have been first to fix this. No idea why others are so much less attentive to the real issues!

I posted that this was available a while back, but only got round to installing and testing it this morning. Let me tell you, I’m impressed! All the content that I tried played remarkably smooth, like I’ve not seen in an extremely long time. So if you want nice panning scenes that are smooth as butter and in the process eliminate video jutter forever, read on.

Install XBMC Live 9.11-live-repack

** If you’re going to completely wipe and reinstall an existing installation, don’t forget to export your video library and re-import it later, might save you quite a bit of bandwidth and time!

Install XBMC Live in hard disk mode (not removable disk mode
Choose your password and don’t forget it

Login and begin preparation

Once booted, press CTRL-ALT-F2 to get a console screen (Alternatively you could ssh into the box via linux or via PuTTy on Windows so you can just copy and paste out of this guide)
type $ sudo passwd root to set the root password
type $ su and your new root password

Add upgrade repositories to configuration file

Add the SVN repository (or the stable ones if you wish) from wattazoum at http://www.xbmc.org/forum/showthread.php?t=33327
Note for svn on XBMC Live 9.11-live-repack you will use Ubuntu Karmic packages.

as root:
(You have to use pico in Ubuntu (what XBMC live is based on) because they’ve screwed up their implementation of vi so bad you’ll tear your hair out trying to use it).
# pico /etc/apt/sources.list.d/xbmc.list.list
(You will probably have a few lines in there already with a # in front of them). Two of them are the same as you want to add, but you may as well just copy and paste the below over the top of the whole lot:

deb http://ppa.launchpad.net/team-xbmc/ppa/ubuntu/ karmic main
deb-src http://ppa.launchpad.net/team-xbmc/ppa/ubuntu/ karmic main
deb http://ppa.launchpad.net/nvidia-vdpau/ppa/ubuntu karmic main
deb-src http://ppa.launchpad.net/nvidia-vdpau/ppa/ubuntu karmic main
deb http://ppa.launchpad.net/team-xbmc-svn/ppa/ubuntu karmic main
deb-src http://ppa.launchpad.net/team-xbmc-svn/ppa/ubuntu karmic main

Press Ctrl X, press Y, then press Enter to save your changes.

Note The xbmc addons don't appear to have a ppa for karmic any longer.  I think this is now included as part of the xbmc menu and is therefore no longer needed.

The 1st and 2nd entries are the standard entries that come with XBMC, the 3rd and 4th entries are to get the NVIDIA driver with the latest version of libvdpau, the 5th and 6th entries are to get the latest SVN version of xbmc.

Add repository GPA keys

Import the GPA keys (don’t copy the # when you’re pasting into your terminal window!)

*Update* – No matter what I do, wordpress converts two – – into one – so when you copy the below three lines make sure there is two dashes before recv-keys and keyserver not one 🙂

# apt-key adv –recv-keys –keyserver keyserver.ubuntu.com 64234534
# apt-key adv –recv-keys –keyserver keyserver.ubuntu.com 318C7509
# apt-key adv –recv-keys –keyserver keyserver.ubuntu.com 40618B66

# apt-key adv –recv-keys –keyserver keyserver.ubuntu.com 91E7EE5E

You get an error about no public key unless you do the following after the above:

gpg –keyserver keyserver.ubuntu.com –recv 1DABDBB4CEC06767 && gpg –export –armor 1DABDBB4CEC06767 | sudo apt-key add – && sudo aptitude update

Download list of latest repository updates
# apt-get update

Upgrade and install to the latest repository updates
#apt-get upgrade

(This now seems to only update to the latest base packages first)

create an account for the tvheadend administrator (i chose username of administrator and a password)

You get the following message: After installation Tvheadend can be accessed via HTTP on port 9981. From this machine you can point your web-browser to http://localhost:9981/

Update to latest NVIDIA Drivers

In my experience the above stuffs up your nvidia setup, so now that you have the repositories listed above, go ahead and update nvidia drivers like this:

# nvidia-installer –update -a -f

It’s actually downloading the latest stable driver (currently 190.53) direct from nvidia. Eventually, you’ll get an ‘uncompressing’ message and a whole lot of dots!

Then do:

Upgrade your current XBMC to latest svn

apt-get install xbmc-live

This will install latest xbmc against latest nvidia drivers.

# reboot

You’re ready to go!

How to set the smoothvideo options in Kodi / XBMC and eliminate video Jutter forever!

Go to Settings Menu and scroll down to Player Menu. Change Render Method to VDPAU if you have a supported NVIDIA card (trust me this is worth it, 24GB 1080p video uses only 5% CPU on a 8600GT!) Yes you read right, that’s an 8 in 8600.
You may as well set High quality software upscaling to Enabled for SD content, but this is optional
Click the Radio Button next to Sync playback to display.
Go to Settings, Settings, Screen and set the vertical blank sync to Always Enabled

There are three options for syncing the playback. I suggest you find a scene you know causes jitter and try each one. You’ll be impressed with all of them, but some are more perfect than others. Personally, I’ve found the Video Clock (Resample Audio) with resample quality set to high to give the best results. To check what it’s doing with a particular setup, press the letter ‘o’ on the keyboard during playback. You’ll see information regarding skipped frames, speedups etc. For the official blurb see below:

The official Blurb:

How does it work?
Usually video is referenced to the system clock, but with a little magic a clock can be made with information from the videocard, this makes sure every frame is presented right after a vblank. Also because the clock can now be controlled, the speed can be changed a little so the fps of the video playing matches the refreshrate.

What about audio?
Audio has to stay in sync, this can either be done by resampling, skipping/duplicating packets, or adjusting the clock if it gets out of sync too far.

Resampling has the advantage that the speed of the video can be changed considerably, so 24 fps can be sped up to 25 fps to play at PAL speed.
The disadvantage of resampling is that it doesn’t work with passthrough, and there is a slight loss of audio quality.

Skipping/duplicating audiopackets has no loss of audio quality, but the speed of the video can only be changed a little to avoid doing a skip/duplication too often, most of the time it’s inaudible, but it can produce a very audible click.

Adjusting the clock has the best audioquality, but some extra video jitter can occur, also the speed of the video can’t change much, as the audio will sync the clock more often the more the speed of the video is changed.

Maintenance

To check for future updates just repeat the last three steps, ie, apt-get update, apt-get upgrade and if there was anything there reboot to be safe 🙂

Nice side effects of following this guide

You will now have little icons at the bottom of the library view showing you what kind of content each file is (ie 1080p, SD, h264, DTS etc etc). Really nice so you know what is high def and what is not.
Your library will work better and detect more content correctly
Your menus will activate more quickly and seem more responsive
You have an option in Settings/General to extract the metadata information from files
You have a new option under Settings/Settings/Screensave to enable and set powersaving to a timeframe
You have some nice new options under Settings/Skin Settings (Present in left hand menu bar)

Bugs and annoyances

The only bug I’ve found so far is one that causes any content with DTS audio tracks to not play the audio when downsampling to analog. This was working before upgrading XBMC so I’m sure that it can be made to work again. This may not affect those with HDMI digital out, but I don’t yet use that.

Screenshots of some of the new settings you get

<Screenshots Missing – Update>

Thanks for reading, hope it helped someone somewhere!

There’s a thread here if you’re interested in more information or have a problem.

Microsoft to customers… about Windows 7, “Phew! We haven’t made a decent operating system since Windows 95”

Opinion

marshalleq

-

July 15, 2009

8

Microsoft to customers… about Windows 7, “Phew! We haven’t made a decent operating system since Windows 95”

**This is a legacy article which does not meet some of our quality standards. While it may contain useful information, is retained here for legacy reasons only.**

Well, that’s what many folk at Microsoft will be saying and it looks to me like they’re going to make it. I mean, I’d actually be forgiven for thinking I should trade in my crusty old linux desktop for a Microsoft Windows 7 Desktop. But, I have to say, Microsoft are SOOOOO lucky that Apple didn’t come up with a Windows killer and the open source (or linux as so many people incorrectly call it these days) movement haven’t figured out how to maintain a stable operating system yet.

Yeah, so Microsoft might actually make a good operating system this year, go figure. I honestly thought that they’d completely lost the plot. I mean, I even heard from a reliable source that anyone who had anything to do with Vista was actually fired. It surprises me though, how many respected colleagues actually tried to convince me that Vista was OK, I did note that no-one was prepared to say it was awesome (probably for fear of ridicule) but it just goes to show what good ole Microsoft brainwashing and Marketing can do. Now, I’m not trying to say that all Microsoft OS’s were bad, let’s take a quick look shall we?

For the sake of this I’m going to start at Windows 95, yes there was Windows everything else version, I personally experienced, 3.0, 3.1 and windows for workgroups 3.11 and before that MS-DOS. I think from memory to install Windows 3.11 to your average 60MB hard drive was no less than 13 1.44MB floppy disks including MS-DOS 6.22 (people don’t know what they’re missing with 1 dvd these days) :).

Windows 95

But I digress, Windows 95 came out and boy was it something to talk about. Weighing in at an awful 40MB and a minimum of 4MB RAM – (people were saying this was ridiculous at the time) but still, no-one had seen anything like it. It had animated icons for starters, smooth graphics, promise to standardise games and lived up to it, plug and play, less blue screens (BSOD’s) direct x, all sorts of stuff to make things easier for both the consumer and the developer. I can actually remember convincing many many people to ditch Lotus 1-2-3 (a spreadsheet application) for Microsoft Excel because it was better AND converting no less than probably 2000 seats….. that is personally and in a very short time frame. Knowing what I know now, I have to wonder how much Microsoft did to make Lotus 1-2-3 run badly on Windows 95, but that’s another discussion.

So, what do I hear you all screaming? I know, I know Windows 98SE!!!! Yes yes, but first I need to mention, Windows 95 came out in 3 versions that I know of, gracefully entitled Windows 95a, Windows 95b and Windows 95c. The major difference as far as I’m concerned is that with the ‘b’ version and thereafter was that Microsoft introduced the fat32 file system. Basically that meant smaller file cluster sizes on the disk, less wasted space and support for larger hard drives. Unfortunately most people actually had windows 95a installed which was quite disappointing. In fact I remember mostly b and c versions being available as only OEM versions. OK, OK, I know, Windows 98.

Windows 98

Windows 98 was crap. Sorry 98 lovers, you weren’t expecting that were you. You know why it was crap? Because it gave us nothing. Well, it gave us slow boot up times, annoying shutdown times and more blue screens than ever before. I’ve had this argument many times, but it’s true, when it comes down to it I could run everything I could run on 98 much more easily on 95 and it was lighter, faster and more reliable. Yep, only negative thing was you had to install more drivers on 95 since the newer hardware required it. But… for an OS that came out in 1994 what do you expect! Yes yes, there was windows 98SE (second edition) better, but didn’t cut the mustard I’m afraid and if you think otherwise you’re either uneducated, a moron or simply didn’t have the experience with 95 to know what I’m saying is true.

Windows ME (Millenium Editon)

I actually kinda liked this operating system, or at least what it appeared to be when you first installed it. Promising faster bootup times, etc etc, but you soon realised, if you went round your neighbourhood with a pooper scooper wrapped all the findings in newspaper, lit it, jumped on it. then ate it, it would still be more tasteful than Windows ME. I remember one review of ME saying it had a cute name but that was the end of it cause’ Windows ME did not stir visions of ‘Cute’ in anyone’s mind at all. In fact I had one friend say that Microsoft should have been forced to give refunds for this OS (Operating System). Thinking back, this is actually when my parents started saying, “How come it’s not against the law to sell people software products that don’t work?” All the questions started coming out. Yet somehow the Microsoft Brainwashing was still in full effect. Looking back I know I was brainwashed too and I know many people that still are, many of them actually work at Microsoft unsurprisingly. It’s amazing the excuses you can come up with, “Well, software is so complex it’s hard to maintain”, true, but unforgivable.

Windows 2000

Let’s not forget windows 2000 was released in the same year as Windows ME. Actually this was one of Microsofts really good operating systems. I won’t say it was completely groundbreaking, but…. it was the first very stable, desktop and server operating system that took the good bits of windows NT 4.0, windows 95 and slapped them together. I recall I was looking after no less than 30 Windows NT 4.0 servers all on seperate tower hardware (no virtualizaion then) running all sorts of applications and I NEVER had to reboot any of them. Others can not say the same, but I have to say that there was certainly some seriously good stability going on here, I could even say years between reboots. And I still LOVE Microsoft Exchange 5.5 for the same reasons, stable, reliable and did what it was supposed to.

Windows XP

Unforunatately for Microsoft, Windows XP was verging on the the edge of crap for so long (like 8-9 years I think) that many people have jumped ship to the ‘Linux’ or Apple camps. Again yes, I know, everyones saying how can you say that?! Well, I suppose you could say I’m wrong in the sense that it’s been the only platform of choice in use by so many companies since it was released in 2001, but while it may have answered some prayers to start with, it’s been a stagnant puddle of mosquito infected stale seawater ever since. OK, OK, maybe that’s slightly overstating it, it wasn’t mosquito infected, but come on guys, with a lifecycle of 8 years so far and still counting can’t you do better than that? And where’s the innovation that got you the cream of the Operating System wars back in 1994? We haven’t seen it for… um let me see now (get’s calculator out) 15 years!!! 15 years!!!!???? Shite, now that’s embarrassing, no, that’s extremely embarassing.. 15 years, the gazillions of dollars that MS have to show for their OS (mostly because of the groundbreaking introduction of Windows 95) and almost no innovation to show for it since?!!!! Again, I hear you screaming, applications etc. Sorry, this is an OS discussion, and to be honest there’s not too much groundbreaking stuff in applications anyway, it’s still that standard Microsoft SQL server, Microsoft Exchange Server, Microsoft Office, etc etc.

Windows Vista

I dont’ think I need to say anything much here, mainly because everyone knows this OS is rubbish, it’s worse than rubbish, it’s a complete pig. But there is one thing that should be pointed out, Microsoft wanted this OS to be the next big thing, they wanted it to be the new groundbreaking Operating system that everyone would rave about. Even Microsoft could never have ever predicted how much raving would be done, that is, raving about how bad it was! Their hopeful operating system was causing them more bad press than anything ever before, even more than Windows ME (possibly due to the increased proliferation of the internet since those days) and this was one embarrassment that seemingly could not be fixed. They had to do something about it and fast. People were looking for alternatives even when they believed no alternatives existed, this was bad bad bad. Perhaps the evil empire was finally falling?

Windows 7

Well, if all the chances hadn’t been burnt already (it’s amazing how forgiving the public is) Microsoft had what I would call a last ditch attempt at making something decent. They knew they couldn’t repeat the Vista experience or they’d be the laughing stock of the entire Information Technology sector and this would seriously cause doubt in all aspects of their operating systems and applications. If one thing is for certain, whether you think open source is competition or not, it is surely a major conversation point and as soon as someone figures out how to make the open source operating systems have a long and stable lifespan, (while still maintaining compatibility with recent applications), there will be something serious for Microsoft to contend with. Open source applications on the other hand are actually something to start fearing today, and they know it. So guess what? Microsoft actually employed some ex-linux people, ex-Novell emplyees for one I do believe to architect the security side of things for a start. AND then there is minwin. Linux zealot’s have been going on and on about minimising the kernel for so long now it’s ironic to see Microsoft following suit, but then that is what Microsoft does best doesn’t it? Stealing other people’s ideas, integrating into one all encompassing operating system that you’re forced to buy due to compatibility issues??? I’m not sure this is so great for the public, even though it is what made Windows 95 so great, but you may recall also caused many court cases Netscape being one of the more major ones.

Anyway, for the record, the rc versions of Windows 7 look completely awesome. The minwin kernel seems to have made the biggest difference, speed, startup times, software compatibility the whole bit is as close to top notch that I’ve ever seen since windows 95. I just love knowing each day I shut down my PC it will only take a few seconds, no more getting irritated at how much the traffic’s building up while I’m waiting for it.

Welcome back Microsoft, nice to see you got there in the end, maybe you should employ more linux people.

Summary

Well, to be honest, I don’t really care about software ideas and who stole them, I just want the simplest, least time consuming operating system that I can use as a ‘tool’ to do what I need to do. At this moment Microsoft looks set to take the world by storm with Windows 7 and I hate saying it because over the last few years I’ve built up a bit of hate for Microsoft, but credit where credit’s due, well done, though I guess the proof of the pudding is yet to come out.

As for the linux guys, back-end servers you guys have it covered….. mostly, sort of. You need to find a way to stabilise everything without the insanely consistent updates introducing more bugs and more dependency hell. From my limited 6 or so years linux experience I’d say it would come from restricting library versions but I don’t know. There’s nothing worse than wanting the latest version of something 1 month after you got your shiny new operating system and finding out you can’t have it because it’s not compatible anymore. You guys can do better! And guess what, that’s why Microsoft wins in the desktop arena, 8 years later you can still install the latest version of some particular application and not worry about needing a library just look at Windows XP!!!!

Howto: Move Groupwise 7 to another server

Linux OS

marshalleq

-

June 7, 2009

5

Howto: Move Groupwise 7 to another server

Howto: Move Groupwise 7 from one server to another in seperate tree’s via graft method

This is a legacy article which does not meet some of our quality standards. While it may contain useful information, is retained here for legacy reasons only.

Foreword

Before you start, it would be a very good idea to read the references at the bottom of this document. This howto will not be complete for every scenario and these references will help fill in the gaps. Note this document guides you how to move an existing groupwise mail system from one server to another where the new server exists in a new tree. For this reason it focuses on grafting. It doesn’t cover any other methods of migration thought it may help.

Yes there are some more tidy up’s I can do, wouldn’t you rather have it here now than not have a resource you need because I was waiting on making it look pretty?

On the new server in new tree

Create the users in edirectory that you will have in groupwise in new tree (Do this via https:localhost:8181 and click on users & groups, then users, create user)

In the new box type rcgrpwise stop

rpm -e novell-groupwise-agents-7.0.3-20080309

rpm -e novell-groupwise-gwinter-7.0.3-20080309

rpm -e novell-groupwise-webaccess-7.0.3-20080309

rpm -e novell-groupwise-gwia-7.0.3-20080309 ????

rcgrpwise status (Ensure it all says unused)

On the old server in the old tree

use the dbcopy command like below. The -f means it will copy most of the data so you can configure your new box and the copy the changed data (since the first copy) later on so that anyone using email on the original box is not without mail for very long.

/opt/novell/groupwise/agents/bin/dbcopy /mail/groupwise/dom1 /mnt/daisybackup/groupwise/dom1 -v -m -f

/opt/novell/groupwise/agents/bin/dbcopy /mail/groupwise/po1 /mnt/daisybackup/groupwise/po1 -v -m -f

Make sure the mail is put in the place where you want to leave it permanently, ie /mail/groupwise/ (or at least take a copy of it, this helps when running the second pass)

Connect and Graft

Perform a graft of the groupwise copy into the new edirectory tree

Open Console one from the icon on the desktop (after logging into the server)

accept /mnt as the Linux Mount Directory <OK>

Click on the NDS tree and then click file, authenticate

Login as admin with the password, tree and context you chose during the installation <LOGIN>

Click on Groupwise System

Click Tools, Groupwise system operations, select domain (DO NOT LOG INTO THIS DOMAIN)

Select the wpdomain.db file from the location you copied with dbcopy ie /mail/groupwise/dom1/wpdomain.db

Click open, OK

DO NOT LOG INTO THIS, click Cancel until no more boxes appear

You will probably see your groupwise users now.

Higlight the NDS container object you would like to graft the database into. Ie TREE, context

Click, Tools, Groupwise Utilities, GW/Edirectory Association, Graft objects

Click the OK warning regarding identity manager

Domain / PO Part

Select Domains, Post Offices and Gateways <NEXT>

Select your domain <NEXT>

Click YES to graft into the new tree

Accept the default context and finish.

Click yes to graft more objects

Choose domains post offices and gateways again

Accept defaults, next, next, finish etc.

Click YES to graft more objects

User Part

Select Users, Resources, Distributions Lists and Libraries <NEXT>

Accept Defaults, NEXT NEXT FINISH ETC.

Choose No to graft more objects. <DONE>

Fix ups

Deleting old domain and po

You need to delete the original po domain etc and anything under it by default OWS SBE makes a domain called gwdom and a post office called gwpo, unless you also use these names this is most likely how to tell which one to delete). Don’t delete the one you just grafted into edirectory. You then need to go into the properties of every object and check the path and IP address is correct (ie the ip address should match your new IP but it will be currently set to the old IP). This is very important.

While logged into your new domain, click gwdom, select each item in right hand pane, right click and choose delete NDS object

Click yes to the question ‘Do you really want to delete the object’, click no to connect to the old (original) domain if prompted.

Click yes to delete object from edir

Click the containers & delete them too (ie gwpo, gwdom and gwpo library)

Changing old IP addresses

To change IP addresses etc you need to log into your copied domain, before you do this is a good time to delete the other installed domain’s file structure which by default is located at /opt/novell/groupwise/db.

**Note: When opening WEBAC70A, I got an error saying, “Web Access Admin could not initialise flaim databases. Presumably this is because we’ve previously uninstalled several packages, don’t worry this error goes away).

As a guide but not necessarily complete there are settings to change in the following areas:

In console one, in the NDS/edirectory tree:

MTA/Gropuwise/Network Adress/TCP/IP Address

GWIA/GROUPWISE/IDENTIFICATION/FOREIGN ID?

GWIA/Groupwise/Network Address/TCP/IP

WEBAC70A/Groupwise/Network Address/TCP/IP Address

In the Groupwise part of Console One

GWSystem/Dom1/Groupwise Identification/UNC Path

MTA/Properties

PO1/Groupwise Identificiation/UNC Path

I also had to delete and recreate my POA as it had an old IP address in it that I couldn’t see another way of fixing. You can leave this step til last to see if it happens for you, but if you need to do it, just delete it in colsole one, the right click the po1 object (or whatever you called it and click new POA to recreate it.

Not sure if it’s a problem but the POA/Groupwise/SSL Settings/Certificate File Doesn’t Exist. Seems to still work for me.

Once done log into the copied groupwise domain in console one.

Delete the migrated Webac7.0 or the web access gateway component and the internet access gateway component from both edir and gw.

Re-install the groupwise agents

If you’re not sure about any of these below agent setups, take a look at my other article here: http://marshalleq.wordpress.com/2009/04/21/how-to-install-groupwise-7-on-suse-linux-enterprise-9-sles9/

The software to install is located at /opt/novell/groupwise/software (for some reason the font in this screen is almost unreadable, I have not yet figured out why)

Go to this directory in a console window, but via the gui (ie not remote ssh) and type ./install

Click OK on the language question.

Click Install Products

Click Groupwise Agents, click install agents.

Click OK when complete.

Click configure agents

Click NEXT, I Accept, NEXT

Click ADD and choose the domain you previously copied, do the same for the post office, give them a name that matches.

Click next and make sure the tickbox says launch groupwise agents on system startup.

Repeat for groupwise internet agent specify

7102 for the mtp port and the

dns host name should be smtp.yourdomain.co.nz or mail.yourdomain.co.nz in most circumstances) for the host name. IP address is fairly obvious 🙂 <NEXT>

For internet mail domain name enter your email domain in the format yourdomain.co.nz from above or other if you chose something else.

Specify domain directory as in previous step.

LDAP authentication – Enter Local IP address

cn=admin,o=your organisation name from edir

Gateway object LDAP settings cn=dom1,o=your organisation name from edir

1^st Install Web Access Agent and configure it

Refer to this article for web access: http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=3659157&sliceId=1&docTypeID=DT_TID_1_1&dialogID=2335564&stateId=0%200%202339321

I chose the web access APP on OES2 section

The web access agents gateway dir is your mail systems path. Ie /mail/groupwise/dom1/wpgate/webacc70a

Ensure Apache a& tomcat paths are adjusted as per the article

Specify context to create objects ni as cn=dom1,o=your domain name under the tree name from edir)

Restarting the server at this point seems to fix the web access agent communication error

To check if the mta and poa are running properly navigate to /opt/novell./groupwise/agents/bin and enter the following two lines in two seperate windows

Open seperate consoles for each command and do the below, this allows them to be easily closed should anything go wrong:

./gwmta -home /pathtogroupwisedomain –show

./gwpoa -home /pathtogroupwisepostoffice -show

It’s much easier to check for errors this way. (You can also do this for gwinter and gwia, but set the home path to wpgate/webac70a and wpia respectively)/

At this point we’re basically done, check if you have any config errors in the previous step though.

Second dbcopy pass

Now we need to be careful not to cause too much downtime, nor have mail delivered somewhere where it will never be retrieved. To do this, do the following in this order.

Stop the groupwise services on the new mail server.

Run the second dbcopy pass from the old server to the new. This is only neccessary to copy the post office part of dbcopy. I’m not actually sure if you have to specify the date here or not, but for me it didn’t seem to work if I didn’t which was annoying because I got some old messages back I didn’t want. These are the kind of undocumented questions I wish there were more answers to and quite frankly get me quite annoyed with Novell for not explaining enough.

Copy the post office files (supposed to be only wpcsin, wpcsout and offiles in the root of the post office dir, but it didn’t work for me so I just copied the whole po) from the old to the new server’s mail directory.

Bring up the new server’s services and all will be well 🙂

Point the incoming NAT in your router firewall to the new server so that mail is not delivered to the old server.

I still had old services running in my grpwise startup script. To fix this up, edit the /etc/opt/novell/groupwise/gwha.conf file. You will see the dom1 and po1 sections etc that you can just delete. If in doubt make a copy first!

That’s it!

Theres a bug in SBE that means patches don’t come through. Don’t forget to download the NOWS SBE 2 patch below so that the software updates come through.

http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=10079870&sliceId=&docTypeID=DT_TID_1_1&dialogID=39742311&stateId=0%200%2060642376

For fault finding, an essential resource that shows how the whole system sits together is at:

http://www.novell.com/documentation/gw7/gw7_tsh3/index.html?page=/documentation/gw7/gw7_tsh3/data/a4ehibh.html

http://download.novell.com/protected/Summary.jsp?buildid=dX4KocyNFZo~

http://www.novell.com/support/viewContent.do?externalId=7001970&sliceId=1

http://www.novell.com/documentation/gw7/gw7_install/index.html?page=/documentation/gw7/gw7_install/data/bpqwmiu.html

http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=3407855&sliceId=1&docTypeID=DT_TID_1_1&dialogID=13318169&stateId=0%200%202343739

http://www.novell.com/documentation/gw7/gw7_admin/index.html?page=/documentation/gw7/gw7_admin/data/bqpw8ct.html

http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=10084509&sliceId=&docTypeID=DT_TID_1_1&dialogID=2335068&stateId=0%200%202333693

http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=3659157&sliceId=1&docTypeID=DT_TID_1_1&dialogID=2335564&stateId=0%200%202339321

http://www.novell.com/documentation/gw65/index.html?page=/documentation/gw65/gw65_admin/data/a3n5dhl.html

How to: Block SSH attacks with denyhosts

marshalleq

-

June 1, 2009

0

How to: Block SSH attacks with denyhosts

How to set up denyhosts python script to block SSH attacks on Sabayon 4.1 KDE

**This is a legacy article which does not meet some of our quality standards. While it may contain useful information, is retained here for legacy reasons only.**

Summary

This is a great way to fix those annoying hacking attempts in your /var/log/messages file. I get ton’s of attempts like the below as an example. The whois queries all say they come from Russia and according to the firewall is creating the most traffic accross my router. So this is why you use Denyhosts. I did used to use blockhosts (also in python) but denyhosts is supposed to be better so I thought I’d give it a go.

Jun 1 12:12:50 Donald sshd[23635]: Invalid user yonamine from 189.50.198.218
Jun 1 12:12:58 Donald sshd[23674]: Invalid user yonchun from 189.50.198.218
Jun 1 12:13:07 Donald sshd[23724]: Invalid user yoneda from 189.50.198.218
Jun 1 12:13:15 Donald sshd[23765]: Invalid user yoneko from 189.50.198.218
Jun 1 12:13:24 Donald sshd[23807]: Invalid user yonekura from 189.50.198.218
Jun 1 12:13:33 Donald sshd[23851]: Invalid user yonemitsu from 189.50.198.218
Jun 1 12:13:41 Donald sshd[23895]: Invalid user yonemoto from 189.50.198.218

Get the source code

Download the latest source tarball of Denyhosts from http://denyhosts.sourceforge.net (at time of writing this is version 2.6)

Extract it

tar -zxvf Denyhostsxxxx.tar.gz

$ cd denyhostsxxx

$ su (become root)

Configure syslog-ng

# vi /etc/syslog-ng/syslog-ng.conf

Underneath the line that reads: “destination messages { file(“/var/log/messages”); };”

Enter the following:

destination authlog { file("/var/log/auth.log"); };

Save the file and exit

# touch /var/log/auth.log

# /etc/init.d/syslog-ng restart

Configure denyhosts

# cd /usr/share/denyhosts/

# python setup.py install

This installs DenyHosts to /usr/share/denyhosts

# cp denyhosts.cfg-dist denyhosts.cfg

Edit the denyhosts.cfg file

# vi /usr/share/denyhosts/denyhosts.cfg

Ensure the SECURE_LOG line reads as below

SECURE_LOG = /var/log/auth.log

Also ensure the lock file reads

LOCK_FILE = /var/run/denyhosts.pid

Save the file and exit.

Make it daemonise

# cd /usr/share/denyhosts/

# cp daemon-control-dist daemon-control

Edit /usr/share/denyhosts/daemon-control and make sure you set the correct values for DENYHOSTS_BIN, DENYHOSTS_LOCK, and DENYHOSTS_CFG. (Should just be the lock file that needs to be changed)

# vi /usr/share/denyhosts/daemon-control

DENYHOSTS_BIN = “/usr/bin/denyhosts.py”
DENYHOSTS_LOCK = “/var/run/denyhosts.pid”
DENYHOSTS_CFG = “/usr/share/denyhosts/denyhosts.cfg

Next we have to make that file executable:

# chown root /usr/share/denyhosts/daemon-control

# chmod 700 /usr/share/denyhosts/daemon-control

Make it start automatically at system boot time

Afterwards, we create the system bootup links for DenyHosts do that it is started automatically when the system is booted:

# cd /etc/init.d
# ln -s /usr/share/denyhosts/daemon-control denyhosts
# rc-update add denyhosts default

Finally, we start DenyHosts:

/etc/init.d/denyhosts start

That’s it!

Further info

DenyHosts logs to /var/log/denyhosts, if you are interested in the logs. The SSH daemon logs to /var/log/auth.log on Sabayon. You can watch both logs and try to log in with an invalid user or with a valid user and incorrect password, etc. via SSH and see what happens. After you have crossed the threshold of incorrect login attempts, the IP address from which you tried to connect should get listed in /etc/hosts.deny, like this:

# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
#                  See the manual pages hosts_access(5), hosts_options(5)
#                  and /usr/doc/netbase/portmapper.txt.gz
#
# Example:    ALL: some.host.name, .some.domain
#             ALL EXCEPT in.fingerd: other.host.name, .other.domain
#
# If you're going to protect the portmapper use the name "portmap" for the
# daemon name. Remember that you can only use the keyword "ALL" and IP
# addresses (NOT host or domain names) for the portmapper. See portmap(8)
# and /usr/doc/portmap/portmapper.txt.gz for further information.
#
# The PARANOID wildcard matches any host whose name does not match its
# address.
# You may wish to enable this to ensure any programs that don't
# validate looked up hostnames still leave understandable logs. In past
# versions of Debian this has been the default, not sure about Gentoo/Sabayon?
# ALL: PARANOID
sshd: 192.168.0.203

This means that the system with the IP address 192.168.0.203 cannot connect anymore using SSH.

You can specify if/when IP addresses are removed again from /etc/hosts.deny – have a look at the PURGE_DENY variable in /usr/share/denyhosts/denyhosts.cfg. You must start DenyHosts with the –purge option to make the PURGE_DENY variable effective, like this:

# /etc/init.d/denyhosts start –purge

However, you can also remove IP addresses manually from there, and as soon as they have got removed, these IP addresses can try to log in again via SSH.

Sources: http://www.howtoforge.com/preventing_ssh_dictionary_attacks_with_denyhosts

How to: Logitech SqueezeBox Server – Linux

marshalleq

-

May 30, 2009

3

How to: Logitech SqueezeBox Server – Linux

How to install SqueezeBox Server for Squeezebox Boom on Sabayon Linux

This is a legacy article which does not meet some of our quality standards. While it may contain useful information, is retained here for legacy reasons only.

** Update 8-5-10 **

Well, the Sabayon guys were kind enough to update their software to include the latest version of Squeezebox Server (note the new name) and I had some hoops to jump through before I got it going.

So basically, the problem seems to be that the new server really doesn’t like any of the old config. In the end I actually did what any ‘former’ windows guy would have done and rebuilt the system, I mean I don’t care about any database history, and there’s nothing like knowing your home server or whatever has a nice clean config. However straight afterward I found out about a clean option that squeezebox has. I’m not entirely sure how to use it, but in case you want to try it it’s at /usr/sbin/squeezeboxserver-cleanup. It’s a perl script so try prefixing it with /usr/bin/perl if it doesn’t work for you. And delete any and every squeezecenter directory or file afterward (locations can be found if you do a cat /etc/init.d/squeezecenter). Otherwise, instructions the same as below except substitute squeezecentre with squeezebox server. Yes, you still chmod 777 everything as otherwise you get all these perl errors. If anyone knows how I ‘should’ be setting up user permissions on this, please let me know…. hope that helps someone somewhere..! 🙂

**End of Update**

I noticed there wasn’t a single how to out there for this, not that I could find anyway, rather strange. So I figure I may as well write one, in the good spirit of open source. Obviously this could be used for any of the awesome logitech boxes that use SqueezeCenter, no seriously I’m extremely impressed with how awesome these boxes actually are. If you want a really cool, surprisingly feature-full (so surprising I keep finding things I didn’t know it did) little music player for your bedroom incorporating an alarm clock with the ever elusive automatic dimmer on the screen, then no need to look past a Squeezebox Boom. Plus they’re mega reduced at the moment, in NZ they’re down from approx $640 to $240! When I’m a bit more familiar with this little unit, I may just have to write a little more about it.

Anyway, please see below for the howto.

Install

First up, ensure you have the latest packages available known to your system

Log in as root and type:

# equo update

Once complete proceed by typing

# equo install squeezecenter

It will go away and download about 60-80MB of packages depending on your system state and how old your release is by the time you do this 🙂

Still as root, type:

# emerge –config mysql (note it’s two dashes before config)

# /etc/init.d/mysql start

# emerge –config =media-sound/squeezecenter-7.3.2

You should receive the below message:

Configuring pkg…

* Press ENTER to create the SqueezeCenter database and set proper

* permissions on it. You will be prompted for the MySQL ‘root’ user’s

* password during this process (note that the MySQL ‘root’ user is

* independent of the Linux ‘root’ user and so may have a different

* password).

*

* If you already have a SqueezeCenter database set up then this

* process will clear the existing database (your music files will not,

* however, be affected).

*

Alternatively, press Control-C to abort now…

Go ahead and press ENTER

# /etc/init.d/squeezecenter start ( if you’re lucky it will all work (I’ve not yet figured out what caused this cause’ I was being impatient, but if you’re like me I got a bunch of errors, or actually just one at a time, each one I had to chmod 777 the entire directory to get this puppy going. BTW, I’m not saying you should chmod 777 everything cause’ it’s just bad bad bad, but as I said, I was impatient.)

So, the quick version is do the below as root still:

# chmod 777 /var/log/squeezecenter/ -Rfv

# chmod 777 /var/lib/squeezecenter/ -Rfv

# chmod 777 /var/run/squeezecenter/ -Rfv

# /etc/init.d/squeezecenter start

Now all should be ready to roll.

Type the below to make the system start each time you reboot your computer automatically

# rc-update add squeezecenter default

And why not have a look at /etc/conf.d/squeezecenter for configuration settings, though nothing I could see I wanted to change.

Edit the folowing file if

* you run SqueezeCenter’s web interface on a port other than 9000:

* /etc/avahi/services/squeezecenter.service

All done! You have now earnt the right to configure you squeezebox via a web browser, so click the below url and you’ll be away!

http://localhost:9000/