DYNDNS – Dynamic DNS Introduction


Parent page: Internet and Networking

Dynamic DNS Introduction

Every computer attached to the Internet has an IP address. Name Translation is the process of relating a name (like 'www.google.com') to an IP address (like '74.125.19.103') so that a website (or other service) on a computer can be accessed using an easily remembered name, rather than the IP address number of the computer. Name Translation is implemented via a distributed database known as the Domain Name System.

This database is implemented on the Internet by DNS name servers which keep track of DNS records and exchange this information between each other to maintain consistency. Every request for a name (ie. a web browser) is then directed to one of these name servers.

Most servers on the Internet have a fixed (static) IP address that never changes. The DNS record for this node will only change infrequently.

However, many home users are assigned an IP address that changes more frequently. These dynamic IP addresses are assigned by an ISP. This makes it a challenge to translate a Name to one of these IP addresses.

A number of DNS name servers offer a method to update the DNS database with dynamic IP name translations. This is accomplished by using a small software utility on their computer or a local router.

These Dynamic DNS services allow the user to choose a hostname and set an initial IP address to correspond to that hostname. The software utility then periodically checks for a change to the computer's IP address, and when a new IP address is discovered, it updates the Dynamic DNS database to reflect that change.

Registering with a Dynamic DNS provider

DNS requires that a name server somewhere on the Internet keep track of 'where you are' (i.e. your current IP address). That is, its database must always be updated to make sure your hostname always corresponds to your current IP address.

In order to use one of these Dynamic DNS services, registration is required first. Here is a selection of these services (a full list is available at DMOZ and at Dynamic DNS):

Upon registering, you will select a username and password, as well as a hostname that you will use as the DNS name (to allow external access to your machine using the hostname).

Many Dynamic DNS providers offer a selection of hostnames available for free use with their service. However, with a paid plan, any hostname (including your own registered domain name) can be used.

Setting up Dynamic DNS service updates

Once you have chosen a Dynamic DNS service provider, you need to set up a way that your IP address record will be updated whenever it is changed. There are two ways of doing this:

  • using a dynamic DNS software utility that is installed on your computer
  • using the built-in capabilities of a cable/DSL modem/router

Many router/modems support Dynamic DNS reporting/notification/updating directly. If your router's configuration is accessible from a web browser, try accessing it by logging into the local IP address of your router (for example, http://10.1.1.1/ or http://192.168.0.1/ ) and look for the Dynamic DNS (DDNS) settings.

However, even if your modem/router does support dynamic DNS reporting, there are cases in which you may wish to use a software utility on your computer to perform the updates anyway:

  • you are using several Dynamic DNS services at once (most routers only accommodate one service at a time)
  • the router does not support your particular Dynamic DNS service
  • your server is on a mobile computer (e.g. laptop) which is not always connected to the same network/router/modem.

Using a software utility to perform Dynamic DNS Updates

There are several available utilities. Each Dynamic DNS service may work better with a particular utility. (You may need to add the Ubuntu Universe to your set of software repositories to install some of these utilities. See InstallingSoftware.)

ddclient

ddclient is the original Linux utility for dynamic DNS updates. The ddclient wiki lists some configurations for several Dynamic DNS services. More info can be found on the ddclient forums. The following section has been adapted from Ubuntuguide.org Dynamic IP servers.

  • Install ddclient using a software package manager, or using the command-line interface:

sudo apt-get install ddclient

If this is the first time you have installed ddclient, you will be prompted by the installation script for the hostname(s) that you registered with DynDNS (or other Dynamic DNS service). You will also be prompted for the username/password your registered with your Dynamic DNS service. Lastly, you will be asked which ethernet port you primarily use to connect to the Internet (eth0 for wired or wlan0 for wireless, usually). Most of the time this is all you will need to do for the utility to function correctly.

You can also later edit the ddclient configuration file, however, to suit your specific needs (or if you make changes to your service, hostname, or other variables).

  • Edit the ddclient configuration file (using kate instead of nano in Kubuntu, or gedit instead of nano in Ubuntu):

 sudo nano /etc/ddclient.conf
  • To set the number of seconds between updates, I add the line

 daemon=3600

My dynamic IP only changes rarely, so I only check it hourly (3600 seconds in an hour).

  • To use secure SSL communications, I add the line

 ssl=yes
  • To use the DynDNS checkip service (which will autodetect your current IP address), I add the line

 use=web, web=checkip.dyndns.com/, web-skip='IP Address'

My configuration file now looks like:

 # Configuration file for ddclient generated by debconf
 #
 # /etc/ddclient.conf
 #
 # Check the current IP address. Either check the eth0 port for its current IP address (can't be used on a LAN),
 # or use the DynDNS IP checking service.
 daemon=3600
 pid=/var/run/ddclient.pid
 #use=if, if=eth0
 use=web, web=checkip.dyndns.com/, web-skip='IP Address'
 #
 # Login and change the values at the DynDNS site, using SSL.
 protocol=dyndns2
 ssl=yes
 server=members.dyndns.org
 login=myDynDNSusername
 password='myDynDNSuserpassword'
 mysite_1.dynds.org,mysite_2.dyndns.org,mysite_3.dyndns.org

Note: if this doesn't work, try changing web-skip to 'Current Address'

Note that the password must be enclosed in quotation marks, e.g 'myDynDNSuserpassword' for DynDNS.

  • Ensure that the configuration is working:

 sudo ddclient -daemon=0 -debug -verbose -noquiet
  • Note that you can add additional services and/or domain names to be updated simply by adding an additional block to the configuration file (appropriate for the service). Here is an example (see below for references to additional examples).

 protocol=otherDDNSservice
 server=whatever.ddnsservice.org
 login=MyOtherDDNSserviceusername
 password=MyOtherDDNSservicepassword
 mysite4.dnsservice.org, mysite5.dnsservice.org

Troubleshooting

The following details a troubleshooting method used to repair a ddclient setup.

  • Remove/purge all of the previous install attempts:

sudo apt-get remove --purge ddclient
  • Install ssh & ssh socket so that you can send your password via ssh instead of in the clear:

sudo apt-get install ssh libio-socket-ssl-perl

Note: ssh w/ddclient won't work without libio-socket-ssl-perl, so make sure that you install that even if you have ssh already installed.

  • Reinstall a current ddclient package from the repositories:

sudo apt-get install ddclient

At the prompts enter the appropriate values, for example:

  • Dynamic DNS service provider: www.dyndns.com

  • DynDNS fully qualified domain names: your-hostname.dyndns.org

  • Username for dynamic DNS service: your-username

  • Password for dynamic DNS service: your-password

  • Interface used for dynamic DNS service: web

  • Modify the /etc/ddclient.conf to send the password using ssh and to properly check for the IP address:

sudo gedit /etc/ddclient.conf

Add entries for "daemon", "ssl" and replace "use=if, if=web" with "use=web" to match the following example:

# Configuration file for ddclient generated by debconf
#
# /etc/ddclient.conf

daemon=300
pid=/var/run/ddclient.pid
ssl=yes
use=web, web=checkip.dyndns.com/, web-skip='IP Address'
login=your-username
password=your-password
protocol=dyndns2
server=members.dyndns.org
your-hostname.dyndns.org

Reference for secure updates: https://www.dyndns.com/support/kb/using_ddclient_with_dyndns_services.html

Now ddclient is set to run as a daemon. Because you had other ddclient configs previously, check:

sudo gedit /etc/default/ddclient

Check to make sure it contains the following lines:

run_ipup="false"
run_daemon="true"
daemon_interval="300"

Note: you can set the interval shorter or longer, but if you do, also reset your /etc/ddclient.conf to match. https://bugs.launchpad.net/ubuntu/+source/ddclient/+bug/152875

Now, just to be sure everything sticks I generally reboot at this point, then check the status afterward:

sudo /etc/init.d/ddclient status

You should see:

Status of Dynamic DNS service update utility: ddclient is running

However, that may not always catch problems in the ddclient.conf file, so issue:

sudo /etc/init.d/ddclient restart

if you do not get an error similar to the following you probably are good to go:

WARNING: file /etc/ddclient.conf, line x

Then I obtain a new IP address/lease from my service provider (shutting off the modem, having my router request a new lease, whatever) & monitor https://www.dyndns.com/account/services/hosts/ to see if the change actually makes it to dyndns. Also monitor /var/log/syslog to watch the changes there as well.

Also note that there is a password length limitation.

  • Not very well tested, but passwords >=64 characters in length seem to fail. If you have a fairly long password, try changing it something shorter temporarily (try 8 characters) to see if that's the problem.

Running ddclient with cron

Cron is the automatic task scheduler for Linux systems. Although ddclient runs as a daemon, for various reasons I have found it necessary to force an update at least once a day. This can be done as a daily scheduled task, using cron.

  • Edit the crontab with administrative (root) privileges:

 sudo crontab -e
  • Add the line:

 45 04 * * * /etc/init.d/ddclient --force

This will run ddclient and force an update daily at 04:45. See here for a full description of cron and its options or Ubuntu Community Help — Cron.

Namecheap & Python

You can update with namecheap and python with the following script. Use your prefered editor and create the file /home/USERNAME/update_dns

# -*- coding: utf-8 -*-
import urllib2

urllib2.urlopen("http://dynamicdns.park-your-domain.com/update?host=%s&domain=%s&password=%s" % ("@", "YOURDOMAIN", "YOURPASSWORD"))

Enter into the terminal

crontab -e

and add the following line

* */1 * * * python /home/USERNAME/update_dns

This will update every hour.

no-ip

This is another Dynamic DNS reporting client. Install the noip2 package from a software package manager, or from the command-line interface:

sudo apt-get install noip2
  • Run no-ip and follow the installation prompts:

sudo no-ip -C
Please enter the login/email string for no-ip.com: <your_login>
Please enter the password for user 'your_login': <your_password>
Please enter an update interval:[30] <interval time in minutes>
Do you wish to run something at successful update?[N] <N>
  • Start the no-ip client

sudo no-ip

inadyn

  • Install the inadyn package using a software package manager, or from the command-line interface:

sudo apt-get install inadyn
  • Edit the file /etc/inadyn.conf:

sudo gedit /etc/inadyn.conf

It should contain something like:

--username myusername
--password mypassword
--update_period 60000
--alias myhost.dyndns.org
--background
  • Test that it works:

sudo /usr/sbin/inadyn

* Add inadyn to your 'crontab':

export EDITOR=gedit && sudo crontab -e

Edit the file to add the following line:

@reboot /usr/sbin/inadyn
  • Verify using:

sudo crontab -l
  • When you reboot, you should see indyn listed when you type:

ps -A | grep inadyn

You should be able to log in to your Dynamic DNS provider's website and verify that the DNS entry is being updated. Certainly this is possible with www.dyndns.org, in any case. Alternatively you can type your hostname into a service like http://www.dnsstuff.com/.

Useing dy.fi by cron tab

Edit crontab:

sudo crontab -e

Add lines To update ddns at 0610 mon-sat:

10 06 * * 1-6 wget --delete-after --no-check-certificate --no-proxy --user=yourname@yourmail.fi --password=password 'http://www.dy.fi/nic/update?hostname=yourdomain'

Add lines To redirect ddns and stop pointing 5.10pm mon-sat:

10 17 * * 1-6 wget --delete-after --no-check-certificate --no-proxy --user=yourname@yourmail.fi --password=password 'http://www.dy.fi/nic/update?hostname=yourdomain&offline=yes'

Other method is installing perl script dyfi-update.pl from http://www.dy.fi/page/clients

Using your Modem/Router to perform Dynamic DNS Updates

Here are some example screenshots from Wireless Routers that support dynamic DNS updates:

Netgear router example:

  • dyndns.jpg

D-Link router example:

  • routerdyn.jpg

Linksys/Cisco router example:

  • linksysdyndns.jpg

Redirecting a registered hostname to a dynamic DNS name

A user may already have a hostname registered with a name server that does not have Dynamic DNS capabilities. Most DNS services allow URL forwarding, however. That makes it possible to set up a free Dynamic DNS service (using the instructions above) with a free hostname (URL) and then forward the previously-registered static hostname (URL) to the Dynamic DNS hostname (URL).

For example, I set up a free Dynamic DNS hostname URL at DynDNS.com that is foobar.dyndns.org. I set up my software utility (DynDNS likes ddclient or inadyn) to constantly update the Dynamic DNS database for foobar.dyndns.org.

However, I have used example.myoriginalfoobar.com as a registered hostname (URL) for years, with a static DNS service (DinosaurDNS.org) that doesn't have Dynamic DNS capabilities. I login to DinosaurDNS.org and set my DNS record for example.myoriginalfoobar.com to forward (using a CNAME (Alias) record) to foobar.dyndns.org.

Now anyone trying to access example.myoriginalfoobar.com will be redirected to foobar.dyndns.org, which will then redirect them to whichever IP address my Dynamic DNS updating utility has specified.

Using forwarding rules, an infinite number of URLs can be forwarded to a single dynamic URL. (The primary host that resides at the destination IP address must then resolve the forwarded URLs (using virtual host or .htaccess files) and direct them to the appropriate server on the computer (or LAN).) For this reason, it is only necessary to have one dynamic DNS URL for your computer (or LAN).

CNAME aliases

Different DNS registrars have different methods of forwarding a URL, but in general there is one method common to all of them: CNAME aliases.

If you have a URL registered with a DNS registrar, go to the DNS settings for your domain name. Delete any A records (or other entries) and use only CNAME entries.

For example, let's say my free Dynamic DNS URL is foobar.dyndns.org (at DynDNS.com). My domain URL is myoriginalfoobar.com, registered at DinosaurDNS Registrar.

Logging into DinosaurDNS Registrar, I edit the DNS settings for myoriginalfoobar.com (which in my control panel is found under Manage DNS). I make sure I have these entries:

 Name Type Content
 @ CNAME foobar.dyndns.org.
 www CNAME foobar.dyndns.org.
 example CNAME foobar.dyndns.org.

The period ("full stop") at the end of the URL is important to designate that the CNAME is a FQDN (fully qualified domain name). A CNAME should not have "http://" in it. The @ symbol indicates a URL name without the first segment, e.g. the URL myoriginalfoobar.com by itself. In this example, I am forwarding myoriginalfoobar.com, www.myoriginalfoobar.com, and example.myoriginalfoobar.com.

Using CNAME aliasing, the original URL is retained in the browser. It is up to you (using virtual host files or Rewrite rules in the .htaccess files of Apache, for example) if you wish to massage the URL at your server (to change it to a canonical name) or redirect it.

Other resources

Much of this page was adapted from the original articles at:


CategoryInternet CategoryNetworking

DynamicDNS (last edited 2012-01-19 08:47:42 by joni-kurronen)

Maven setup

Copied from: http://maven.apache.org/download.html#Installation

Installation Instructions

Maven is a Java tool, so you must have Java installed in order to proceed. More precisely, you need a Java Development Kit (JDK), the Java Runtime Environment (JRE) is not sufficient.

Additional optional installation steps are listed after the platform specific instructions.

Windows 2000/XP

  1. Unzip the distribution archive, i.e. apache-maven-3.1.0-bin.zip (5.92 mb) to the directory you wish to install Maven 3.0.1. These instructions assume you chose C:\Program Files\Apache Software Foundation. The subdirectory apache-maven-3.0.1 will be created from the archive.
  2. Add the M2_HOME environment variable by opening up the system properties (WinKey + Pause), selecting the "Advanced" tab, and the "Environment Variables" button, then adding the M2_HOME variable in the user variables with the value C:\Program Files\Apache Software Foundation\apache-maven-3.0.1. Be sure to omit any quotation marks around the path even if it contains spaces. Note: For Maven < 2.0.9, also be sure that the M2_HOME doesn't have a '\' as last character.
  3. In the same dialog, add the M2 environment variable in the user variables with the value %M2_HOME%\bin.
  4. Optional: In the same dialog, add the MAVEN_OPTS environment variable in the user variables to specify JVM properties, e.g. the value -Xms256m -Xmx512m. This environment variable can be used to supply extra options to Maven.
  5. In the same dialog, update/create the Path environment variable in the user variables and prepend the value %M2% to add Maven available in the command line.
  6. In the same dialog, make sure that JAVA_HOME exists in your user variables or in the system variables and it is set to the location of your JDK, e.g. C:\Program Files\Java\jdk1.5.0_02 and that %JAVA_HOME%\bin is in your Path environment variable.
  7. Open a new command prompt (Winkey + R then type cmd) and run mvn –version to verify that it is correctly installed.

Unix-based Operating Systems (Linux, Solaris and Mac OS X)

  1. Extract the distribution archive, i.e. apache-maven-3.0.1-bin.tar.gz to the directory you wish to install Maven 3.0.1. These instructions assume you chose /usr/local/apache-maven. The subdirectory apache-maven-3.0.1 will be created from the archive.
  2. In a command terminal, add the M2_HOME environment variable, e.g. export M2_HOME=/usr/local/apache-maven/apache-maven-3.0.1.
  3. Add the M2 environment variable, e.g. export M2=$M2_HOME/bin.
  4. Optional: Add the MAVEN_OPTS environment variable to specify JVM properties, e.g. export MAVEN_OPTS="-Xms256m -Xmx512m". This environment variable can be used to supply extra options to Maven.
  5. Add M2 environment variable to your path, e.g. export PATH=$M2:$PATH.
  6. Make sure that JAVA_HOME is set to the location of your JDK, e.g. export JAVA_HOME=/usr/java/jdk1.5.0_02 and that $JAVA_HOME/bin is in your PATH environment variable.
  7. Run mvn –version to verify that it is correctly installed.

Optional configuration

Maven will work for most tasks with the above configuration, however if you have any environmental specific configuration outside of individual projects then you will need to configure settings. The following sections refer to what is available.

Settings

Maven has a settings file located in the Maven installation and/or user home directory that configure environmental specifics such as:

  • HTTP proxy server
  • repository manager location
  • server authentication and passwords
  • other configuration properties

For information on this file, see the Settings reference

Don't forget to run MVN MVN to init repo folder.

Sample here: settings.xml (1.76 kb)

Security

As of Maven 2.1.0+, you can encrypt passwords in your settings file, however you must first configure a master password. For more information on both server passwords and the master password, see the Guide to Password Encryption.

Toolchains

As of Maven 2.0.9+, you can build a project using a specific version of JDK independent from the one Maven is running with. For more information, see the Guide to Using Toolchains.

Sonar – Coding rules and Unit tests

Accomplish:

  • Installation
  • Duplication
  • TimeMachine
  • Configure Code Rules
  • Improve Unit tests

http://www.sonarsource.org/features/

http://docs.codehaus.org/display/SONAR/The+2+minutes+tutorial

http://www.sonarsource.org/downloads/

==============================================

cd /media/shares/sonar/

Currently using: sonar-3.3.1

OLD sonar-2.13.1

http://www.sonarsource.org/screencasts/installation-of-sonar/
$ wget http://dist.sonar.codehaus.org/sonar-x.x.x.zip
$ unzip sonarx.x.x.zip
$ sonarx.x.x.zip
$ cd conf
copy sonar.properties from old dir.
update ::: jdbc:mysql://localhost:3306/sonarxxx?useUnicode=true&characterEncoding=utf8
Manually create new empty DB schema on Q-Berry-WHS called::: sonarxxx
mysql> CREATE DATABASE sonarxxx CHARACTER SET utf8 COLLATE utf8_general_ci;
mysql> grant all privileges on sonarxxx.\* to
'sonar'@'localhost' identified by 't0ps3cr3t';
mysql> flush privileges;
$ cd /media/shares/sonar/sonar-3.3.1/bin/linux-x86-32
$ ./sonar.sh start
http://q-berry-whs:9000/
RENAME TABLE old_db.table TO new_db.table;

Ubuntu VNC setup

* About This Document
* Ubuntu Server Guide
o Introduction
o Installation
o Package Management
o Networking
o Remote Administration
o Network Authentication
o Domain Name Service (DNS)
o Security
o Web Servers
o Databases
o LAMP Applications
o File Servers
o Email Services
o Version Control System
o Windows Networking
o Backups
o Virtualization
+ libvirt
+ JeOS and vmbuilder
+ Eucalyptus
+ OpenNebula
o Clustering
o Other Useful Applications

libvirt

* Ubuntu Server Guide
* Virtualization


The libvirt library is used to interface with different
virtualization technologies.
Before getting started with libvirt it is best to make sure your hardware supports the necessary
virtualization extensions for KVM. Enter the following from a terminal prompt:


egrep '(vmx|svm)' /proc/cpuinfo


If nothing is printed, it means that your cpu does not support hardware virtualization.





On most computer whose processor supports virtualization, it is
necessary to activate an option in the bios to enable it. The method
described above does not show the status of it's activation.




* 17.1.1. Virtual Networking
* 17.1.2. Installation
* 17.1.3. virt-install
* 17.1.4. virt-clone
* 17.1.5. Virtual Machine Management
* 17.1.6. Virtual Machine Viewer
* 17.1.7. Resources

17.1.1. Virtual Networking


There are a few different ways to allow a virtual machine access to the external network. The default virtual network configuration is
usermode networking, which uses the SLIRP protocol and traffic is NATed through the host interface to the outside network.



To enable external hosts to directly access services on virtual machines a bridge needs to be configured. This allows
the virtual interfaces to connect to the outside network through the physical interface, making them appear as normal hosts to the rest
of the network. For information on setting up a bridge see Section 4.1.4 ― Bridging.

17.1.2. Installation


To install the necessary packages, from a terminal prompt enter:


sudo apt-get install kvm libvirt-bin


After installing libvirt-bin, the user used to manage virtual machines will need to be added to
the libvirtd group. Doing so will grant the user access to the advanced networking options.



In a terminal enter:


sudo adduser $USER libvirtd





If the user chosen is the current user, you will need to log out and back in for the new group membership to take effect.





You are now ready to install a Guest operating system. Installing a virtual machine follows the same
process as installing the operating system directly on the hardware. You either need a way to automate the installation, or
a keyboard and monitor will need to be attached to the physical machine.



In the case of virtual machines a Graphical User Interface (GUI) is analogous to using a physical keyboard and mouse. Instead of installing
a GUI the virt-viewer application can be used to connect to a virtual machine's console using VNC.
See Section 17.1.6 ― Virtual Machine Viewer for more information.



There are several ways to automate the Ubuntu installation process, for example using
preseeds, kickstart, etc. Refer to the Ubuntu Installation Guide for details.



Yet another way to install an Ubuntu virtual machine is to use ubuntu-vm-builder. ubuntu-vm-builder
allows you to setup advanced partitions, execute custom post-install scripts, etc. For details see Section 17.2 ― JeOS and vmbuilder

17.1.3. virt-install


virt-install is part of the python-virtinst package. To install it, from a terminal prompt enter:


sudo apt-get install python-virtinst


There are several options available when using virt-install. For example:


sudo virt-install -n web_devel -r 256 -f web_devel.img \
-s 4 -c jeos.iso –accelerate \
–connect=qemu:///system –vnc \
–noautoconsole -v

*



-n web_devel: the name of the new virtual machine will be web_devel in this example.


*


-r 256: specifies the amount of memory the virtual machine will use.


*


-f web_devel.img: indicates the path to the virtual disk which can be a file, partition, or logical volume.
In this example a file named web_devel.img.


*


-s 4: the size of the virtual disk.


*


-c jeos.iso: file to be used as a virtual CDROM. The file can be either an ISO file or the path to the
host's CDROM device.


*


–accelerate: enables the kernel's acceleration technologies.


*


–vnc: exports the guest's virtual console using VNC.


*


–noautoconsole: will not automatically connect to the virtual machine's console.


*


-v: creates a fully virtualized guest.




After launching virt-install you can connect to the virtual machine's console either locally
using a GUI or with the virt-viewer utility.

17.1.4. virt-clone


The virt-clone application can be used to copy one virtual machine to another. For example:


sudo virt-clone -o web_devel -n database_devel -f /path/to/database_devel.img –connect=qemu:///system

*



-o: original virtual machine.


*


-n: name of the new virtual machine.


*


-f: path to the file, logical volume, or partition to be used by the new virtual machine.


*


–connect: specifies which hypervisor to connect to.




Also, use -d or –debug option to help troubleshoot problems with
virt-clone.





Replace web_devel and database_devel with appropriate virtual machine names.



17.1.5. Virtual Machine Management

* 17.1.5.1. virsh
* 17.1.5.2. Virtual Machine Manager

17.1.5.1. virsh


There are several utilities available to manage virtual machines and libvirt.
The virsh utility can be used from the command line. Some examples:


*





To list running virtual machines:


virsh -c qemu:///system list



*




To start a virtual machine:


virsh -c qemu:///system start web_devel



*




Similarly, to start a virtual machine at boot:


virsh -c qemu:///system autostart web_devel



*




Reboot a virtual machine with:


virsh -c qemu:///system reboot web_devel



*




The state of virtual machines can be saved to a file in order to be restored later. The
following will save the virtual machine state into a file named according to the date:


virsh -c qemu:///system save web_devel web_devel-022708.state





Once saved the virtual machine will no longer be running.



*




A saved virtual machine can be restored using:


virsh -c qemu:///system restore web_devel-022708.state



*




To shutdown a virtual machine do:


virsh -c qemu:///system shutdown web_devel



*




A CDROM device can be mounted in a virtual machine by entering:


virsh -c qemu:///system attach-disk web_devel /dev/cdrom /media/cdrom








In the above examples replace web_devel with the appropriate virtual machine name, and
web_devel-022708.state with a descriptive file name.



17.1.5.2. Virtual Machine Manager


The virt-manager package contains a graphical utility to manage local and remote virtual machines.
To install virt-manager enter:


sudo apt-get install virt-manager


Since virt-manager requires a Graphical User Interface (GUI) environment it is recommended to be
installed on a workstation or test machine instead of a production server. To connect to the local
libvirt service enter:


virt-manager -c qemu:///system


You can connect to the libvirt service running on another host by entering the following in a terminal prompt:


virt-manager -c qemu+ssh://virtnode1.mydomain.com/system





The above example assumes that SSH connectivity between the management system and virtnode1.mydomain.com
has already been configured, and uses SSH keys for authentication. SSH keys are needed because
libvirt sends the password prompt to another process. For details on configuring
SSH see Section 5.1 ― OpenSSH Server



17.1.6. Virtual Machine Viewer


The virt-viewer application allows you to connect to a virtual machine's console.
virt-viewer does require a Graphical User Interface (GUI) to interface with the virtual machine.



To install virt-viewer from a terminal enter:


sudo apt-get install virt-viewer


Once a virtual machine is installed and running you can connect to the virtual machine's console by using:


virt-viewer -c qemu:///system web_devel


Similar to virt-manager, virt-viewer can connect to a remote host using
SSH with key authentication, as well:


virt-viewer -c qemu+ssh://virtnode1.mydomain.com/system web_devel


Be sure to replace web_devel with the appropriate virtual machine name.



If configured to use a bridged network interface you can also setup SSH access
to the virtual machine. See Section 5.1 ― OpenSSH Server and Section 4.1.4 ― Bridging for more details.

17.1.7. Resources

*



See the KVM home page for more details.


*


For more information on libvirt see the libvirt home page


*


The Virtual Machine Manager site has more information on
virt-manager development.


*


Also, stop by the #ubuntu-virt IRC channel on freenode to
discuss virtualization technology in Ubuntu.



libvirt JeOS and vmbuilder

Update Linux box

Q. I have latest version of Ubuntu Linux. How do I update Ubuntu Linux for security and application fix or upgrades?

A. Ubuntu Linux can be upgraded using GUI tools or using traditional command line tools.

Using apt-get command line tool

apt-get is the command-line tool for handling packages. You can use following command options:

=> apt-get update : Update is used to resynchronize the package index files from their sources via Internet.

=> apt-get upgrade : Upgrade is used to install the newest versions of all packages currently installed on the system

=> apt-get safe-upgrade : Safe-Upgrade is used to install the newest versions of all packages currently installed on the system that have been proven safe by the community

=> apt-get install package-name : install is followed by one or more packages desired for installation. If package is already installed it will try to update to latest version.

a) Open terminal and type following two commands (Application > Accessories > Terminal):

b) Get update software list, enter:
$ sudo apt-get update

c) Update software(s) i.e. apply updates:
$ sudo apt-get upgrade

d) Please note that above two command will fetch files from Internet. The location of update pages is specified in /etc/apt/sources.list (repositories). You need NOT to make any changes to this file until and unless you need extra repositories for your setup.

e) To upgrade individual software called foo type command:
$ sudo apt-get install foo

HOWTO: Set up VNC server with resumable sessions



1) Logon to your Ubuntu, select "System->Administration->Login Windows" from Menu

2) Select "Remote" tab and "Same as Local" for style.

3) Click on the "Configure XDMCP…" button at the bottom right.

4) Uncheck "Honour indirect requests"

5) Close the Login Windows Administration windows.

6) Fire up your terminal and issue "sudo vi /etc/X11/gdm/gdm.conf" or use any editor you prefer.

7) check that in the section [xdmcp] has Enable=true:
[xdmcp]
# Distributions: Ship with this off. It is never a safe thing to leave out on
# the net. Setting up /etc/hosts.allow and /etc/hosts.deny to only allow local
# access is another alternative but not the safest. Firewalling port 177 is
# the safest if you wish to have xdmcp on. Read the manual for more notes on
# the security of XDMCP.
Enable=true

8) Check that RemoteGreeter is commented:
#RemoteGreeter=/usr/lib/gdm/gdmlogin

9) Install the vnc4server and xinetd packages using "sudo apt-get install vnc4server xinetd"

10) Create the password for your VNC login using "sudo vncpasswd /root/.vncpasswd"

11) Edit /etc/xinetd.d/Xvnc file (this should be created as a new file if you haven't previously do anything) using the commend "sudo vi /etc/xinetd.d/Xvnc" and ad in as:
service Xvnc
{
type = UNLISTED
disable = no
socket_type = stream
protocol = tcp
wait = yes
user = root
server = /usr/bin/Xvnc
server_args = -inetd -query localhost -geometry 1024×768 -depth 16 -once -fp /usr/share/fonts/X11/misc -DisconnectClients=0 passwordFile=/root/.vncpasswd -extension XFIXES
port = 5900
}
P/S: You may want to change the resolution (1024×768) and color depth (-depth 16) according to your need.

12) Now is a good time to reboot your machine "sudo init 6"

13) When the Ubuntu machine is up and running, go to you Windows and use your favorite VNC client, and connect to your Ubuntu. You should be able to connect without problem.

14) Final word: As you might notice that in (7), enabling XDMCP is not something safe, you may want to configure your firewall to protect the machine properly.
=====================================================================

Going headless

Ubuntu does support VNC out of the box, but you need to have an active X-Windows (Gnome, KDE, etc…) session already running before you fire up the VNC server.

But this was going to be a headless box! So short of hauling a monitor and keyboard to the basement every time I needed to bounce the box, which is rare, I had no way to get an X session started.

VNC Server, to the rescue!

To enable full GUI remote login you need a VNC server instance running on the box, and you need to launch an x session – I’m a Gnome guy myself, so we’ll go that route.

  1. SSH into the box and install TightVNCServer
    • sudo apt-get install tightvncserver
  2. Set Gnome to start when your VNC session starts
    • vi ~/.vnc/xstartup
    • 				#!/bin/shxrdb $HOME/.Xresourcesxsetroot -solid blackgnome-session &
      		
  3. Start the VNC Server
    • vncserver –geometry widthxheight –depth 24
    • You will probably be prompted to enter a password that you'll use later to connect to this VNC session… so enter one!
  4. Start your VNC client on the remote machine, enter the password from step 3, and enjoy!

One side note. After logging into my VNC session I noticed that my keyboard mappings were all jacked-up. For example, typing asdf would result in abfh. After some searching, this appears to be an issue w/Gnome, but luckily I also found a workaround.

======================================================================
Warning!
This howto is old, unsupported, and relies on a broken package. This should be used as reference only.


So here's the complete list of steps that are required to set the VNC server that any user can login into and start a session. It is also persistent, meanning that even if you disconnect the VNC client your X session will not end (unless you explicitly log out) and you can reconnect to the same session again. The VNC server uses a separate display (:1) than your regular X server, which works with your physical display (:0). So two sessions can be active at the same time (one person sitting at the physical display and another remotely connecting using VNC).

1. Enable XDMCP
System->Administration->Login Screen Setup
Tab Security->Enable XDMCP
Tab XDMCP–> You can disable "Honor Indirect Requests"

Note: Before doing the next step, you need to make sure the extra repositories (e.g. universe) are enabled:
http://easylinux.info/wiki/Ubuntu#Ho…a_repositories

2. Install required packages (vncserver and xinetd)

Code:
sudo apt-get install vnc4server xinetd
Note to AMD64 users: The current version of vnc4server in the repositories has a bug, so you need to download and install the fixed vnc4 packages as shown below:

Code:
wget http://qt1.iq.usp.br/download/vnc4server_4.0-7.3_amd64.debwget http://qt1.iq.usp.br/download/xvnc4viewer_4.0-7.3_amd64.debsudo dpkg -i vnc4server_4.0-7.3_amd64.debsudo dpkg -i xvnc4viewer_4.0-7.3_amd64.deb

3. Set the VNC passwd
Code:
sudo vncpasswd /root/.vncpasswd
4. Add vnc service to xinetd:
Code:
sudo gedit /etc/xinetd.d/Xvnc
Enter this into the new file:

Code:
service Xvnc{        type = UNLISTED        disable = no        socket_type = stream        protocol = tcp        wait = yes        user = root        server = /usr/bin/Xvnc        server_args = -inetd :1 -query localhost -geometry 1024x768 -depth 16 -once -fp /usr/share/X11/fonts/misc -DisconnectClients=0 -NeverShared passwordFile=/root/.vncpasswd        port = 5901}
5. Restart xinetd (usually there is no need to reboot, but occasionally it might be required)

Code:
sudo /etc/init.d/xinetd stopsudo killall Xvncsudo /etc/init.d/xinetd start
6. That's it! To test that this is working first try to connect from the same machine (the machine we just set up the VNC server on):

Code:
vncviewer localhost:1
You should be prompted for the VNC password, and then see the GDM login screen where you can login and start a new X session. If that works, you can now go ahead and try to connect from remote machine using your favorite VNC client (remember to first close the local vncviewer we started above). Remember to use the VNC server machine's domain name or IP address, followed by :1 (e.g. 192.168.0.100:1). If connecting locally as shown above works, but connecting remotely fails, then this means you have a problem with a firewall which is blocking some ports. See the notes below about how to deal with that.

Note about ports: The VNC server set up as shown uses TCP port 5901. If you are using firewall software (e.g. firestarter) on that machine, you need to allow incoming connections on this port. If you are using a router which assigns your machine a private address (e.g. 192.168.0.100) which is not accessible from the internet, then you need to forward TCP port 5901 from the router to this machine.

Note about security: This setup allows any user to start an X-session remotely by logging in using his regular password (after starting the VNC connection using the VNC password), so if the user disconnects without logging out, any other user which knows the VNC password can connect afterwards and resume the same session that the first user started. So if you do not want to log out before disconnecting, it's advisable to at least lock your VNC X-session screen. Also note that while a remote user is connected thru VNC, no other connection will be accepted. An idle VNC client will be disconnected after one hour, but this can be changed by using the "-IdleTimeout" option in the server_args line in /etc/xinetd.d/Xvnc. For example, you can add "-IdleTimeout 300" to change it to 5 minutes.

Dual Boot Windows and Linux

How to use Windows Vista’s Boot Manager to boot Linux

The Web is full of explanations on how to dual boot Windows and Linux using a Linux boot manager like GRUB or LILO. If you want to dual boot Windows Vista and Linux using Windows Vista’s Boot Manager, please read on. I will assume that you already have installed Linux on your machine using GRUB as your boot loader.

Step 1 – Install GRUB on the Linux partition (outside of MBR)

As Windows Vista will replace the Master Boot Record (MBR) with its own, we need to relocate GRUB elsewhere by running grub-install with the Linux partition as a parameter.

• On Linux, launch a Terminal with root privileges

• Find the name of the partition Linux is installed on by running fdisk –l (the partition you’re looking for is the one whose system is Linux, can be something like /dev/sda1 or /dev/hda1. For the rest of this post, I’ll use /dev/sda1)

• Install GRUB on the Linux partition by running : grub-install /dev/sda1

Step 2 – Get a copy of Linux boot sector

We will need to instruct Windows Boot Manager how to boot correctly Linux using Linux boot sector, which we will extract using dd.

• On Linux, launch a Terminal with root privileges

• Take a copy of Linux boot sector : dd if=/dev/sda1 of=/tmp/linux.bin bs=512 count=1

• Copy linux.bin on a FAT formatted USB key or any storage accessible from Windows Vista

Step 3 – Install Windows Vista

Step 4 – Configure dual booting in Windows Vista

We will create an entry for GRUB in Windows Vista boot configuration data store using bcdedit.

• On Windows Vista, launch a command prompt with administrative privileges (by right clicking on cmd and choosing Run as Administrator)

• Copy Linux boot sector on the root of the Windows boot (active) partition, namely the one containing bootmgr. If you don’t know for sure you can use diskpart or diskmgmt.msc to find out which one it is.

• Create an entry for GRUB :

o bcdedit /create /d “GRUB” /application BOOTSECTOR

o Note: bcdedit will return an ID for this entry that we will call {LinuxID} below. You will need to replace {LinuxID} by the returned identifier in this step. An example of {LinuxID} is {81ed7925-47ee-11db-bd26-cbb4e160eb27}

• Specify which device hosts a copy of the Linux boot sector

o bcdedit /set {LinuxID} device boot

• Specify the path to a copy of the Linux boot sector

o bcdedit /set {LinuxID} PATH \linux.bin

• Add Linux entry to the displayed menu at boot time

o bcdedit /displayorder {LinuxID} /addlast

• Let the menu be displayed 10 seconds to allow for OS selection

o bcdedit /timeout 10

Building a dual boot system with Windows Vista BitLocker protection with TPM support

Many people have wondered if it would be possible to dual boot a TPM-bitlockered instance of Windows Vista with Linux, or another OS. The answer is yes and the following procedure will hopefully help you setup your machine correctly.

Some (simplified) background on Bitlocker:

Bitlocker Drive Encryption allows encryption of Windows Vista’s partition and provides a secure startup process when in use with a TPM (a crypto chip on the motherboard). Basically the BIOS, the TPM, the MBR and the boot sector will collaborate to help verify that there was no modification to the boot sequence since Bitlocker was activated. This is done by using a function of the TPM to compute and store a hash of the code before executing it, at each of the initial steps of the boot sequence. Different hashes will be computed and stored in specific registers of the TPM. Then Windows Vista will ask the TPM to unseal its volume encryption key and the TPM will only provide this key if its registers are correctly set. Therefore if you replace Windows Vista’s MBR by a MBR that is not TPM aware, it won’t hash the boot sector before executing it and a register in the TPM won’t be populated. Same with the boot sector. Therefore Bitlocker will simply refuse to be enabled.

The underlying idea here is to have Bitlocker enabled with the original Windows Vista boot files. Another possibility would be to use a TPM-aware version of GRUB. However this would imply using files in the boot sequence that were not tested by Microsoft, which I would not recommend. Moreover, using original Windows Vista files offers you the benefits of code that went through the Security Development Lifecycle, which I personally find very valuable.

Note: I assume that you have a Bitlocker compatible machine (including TPM 1.2, TCG BIOS). See http://www.microsoft.com/technet/windowsvista/library/c61f2a12-8ae6-4957-b031-97b4d762cf31.mspx#BKMK_require

Step 1 – Install Linux

Note: be sure to leave enough unpartitioned space for Windows Vista: about 11 GB of free unpartitioned space and slots for 2 partitions are needed

Step 2 – Install GRUB on the Linux partition (outside of MBR)

See other post “How to use Windows Vista’s Boot Manager to boot Linux”

Step 3 – Get a copy of Linux boot sector

See other post “How to use Windows Vista’s Boot Manager to boot Linux”

Step 4 – Create partitions for Windows Vista

We need to create 2 primary NTFS formatted partitions on the disk: one active, 1.5GB size minimum and another larger (all the rest for instance with a minimum of 8.5GB). The former will be used to boot the machine (active partition) and will remain unencrypted while the latter will host Windows Vista and will be encrypted when we activate Bitlocker.

You can use diskpart tool to do this (available from Repair options on the Windows Vista DVD). Here is what the instructions may look like :

· select disk 1

· create partition primary size=2048

· active

· create partition primary

Step 5 – Install Windows Vista

Install Windows Vista on the largest NTFS partition.

Step 6 – Set up Windows Vista Boot Manager to boot Linux

See other post “How to use Windows Vista’s Boot Manager to boot Linux”.

Step 7 – Enable BitLocker on Windows Vista

See BitLocker documentation, like http://www.microsoft.com/technet/windowsvista/library/c61f2a12-8ae6-4957-b031-97b4d762cf31.mspx#BKMK_S3


Tag Cloud