Tag Archives: install

Installing Rigol DS 1052E Ultrascope Software on Windows 7

The software that comes on CD in useless. The following steps seemed to be the pieces that worked. However, I’m not entirely sure since the entire experience was a bit of a hairball.

  • Go to the National Instruments website and install the latest VISA installer. (At the time of writing is version 5.3.)
  • Go to the Rigol website and install the UltraSigma software. I’m not sure this is needed. However, if will show whether the oscilloscope is recognized.
  • Go to the Rigol website and install the Ultrascope for DS1000E series software.

Installing gitolite on a Mac

I’ve come to love gitolite for hosting private git repositories. It’s very easy to administer and trouble-free.

On one project, I needed to share a very large git repository between two virtual machines. I didn’t want the overhead of using a private git repository out on the Internet, just something local, like my workstation that runs OS X.

I used the System Preferences to create an account named git, and followed the gitolite install instructions.

I ran into a couple of problems that were easily resolved.

Path for Installer

First, to address gitolite complaining about not being able to find itself, I created a .bash_profile with the following:

[bash light=”true”]
export PATH=/Users/git/bin:$PATH
[/bash]

Now I could run the gitolite install cleanly. I would recommend doing this first thing after creating the git account to host gitolite.

Help gitolite Find git

I installed git from the link on the front page of the git web site. This installs git in /usr/local/git/bin, which gitolite doesn’t like out of the box. The fix is easy. When gitolite installs, it brings up the config file (~/.gitolite.rc) in an editor for you to tweak.

Find the line

[bash light=”true”]
$GIT_PATH=””;
[/bash]

and change it to

[bash light=”true”]
$GIT_PATH=”/usr/local/git/bin”;
[/bash]

This will prevent error messages such as

[bash light=”true”]
$ ssh git@localhost
PTY allocation request failed on channel 0
Can’t exec “git”: No such file or directory at /Users/git/bin/gitolite.pm line 562.
Use of uninitialized value $git_version in substitution (s///) at /Users/git/bin/gitolite.pm line 563.
hello Yourkey, this is gitolite v2.2-4-the gitolite config gives you the following access:
Use of uninitialized value $git_version in concatenation (.) or string at /Users/git/bin/gitolite.pm line 564.
R W gitolite-admin
@R_ @W_ testing
Connection to localhost closed.
[/bash]

from appearing and preventing gitolite from working.

Update 1 September 2013

These instructions seem to still work with gitolite 3, with additional commentary:

If you ssh into your OS X machine, you might see the message:

[bash light=”true”]
$ ssh git@localhost
PTY allocation request failed on channel 0
[/bash]

gitolite is still working. There is simply a collision between ssh versions. You an get a list of the repositories you’re allowed to access by one of these two commands:

[bash light=”true”]
$ ssh -T git@localhost
$ ssh git@localhost info
[/bash]

OS X, Apache, Tomcat, and mod_jk

I spent some time with a colleague from South Africa yesterday. He’s a long-time Windows user that writes in Java. He has a new MacBook Pro, and we scratched our head why Apache+mod_jk+Tomcat was blowing up on him.

JAVA_HOME

The first thing we had to get right was the JAVA_HOME variable. If it’s not set right when compiling mod_jk, you’re out of luck. On OS X there is a program that spits out the right value. We put the following in his ~/.profile. Please note the back ticks (accents graves) to run the java_home program.

export JAVA_HOME=`/usr/libexec/java_home`

mod_jk

With $JAVA_HOME set correctly, compiling mod_jk was straightforward. Download the mod_mod_jk tarball, unpack it, and change directories to the native subdirectory. The following should work cleanly.

$ ./configure --with-apxs=/usr/sbin/apxs
$ make clean ; make
$ sudo make install

Apache Configuration File

Be aware that OS X Lion has some lines (commented out) for support for mod_jk. Be sure to uncomment those lines. Previous versions of OS X don’t have these lines, so you’ll just add the load module directive and Jk* commands in the usual places.

That’s it, really. Once JAVA_HOME and the Apache configuration file were straightened out, things worked.

How to Set Up Viscosity for Windows for OpenVPN

Introduction

I’ve really enjoyed Viscosity for Mac since last year. It’s an inexpensive, drop-dead simple VPN client that works with OpenVPN-enabled firewalls such as SmoothWall. However, Spark Labs didn’t have a Windows version. I spent quite a bit of time trying to find a simple OpenVPN client for non-techie users, but wasn’t satisfied with what I could find.

Spark Labs released their Windows version of Viscosity. I sat down to figure out how to install the OpenVPN certificates.(If you want to try Viscosity, they have a 30-day trial.)

Scope

I will only cover connecting to a OpenVPN client similar to SmoothWall (using PKCS 12 files).

Install Viscosity

Download the installer from the Viscosity download page. Accept all of the defaults. There is an option to create a desktop icon, if you want.

Depending on your OS, the installer may require a .NET piece to be downloaded from Microsoft. Click on Yes and the installer will take care of it for you.

 

You may see a warning that Viscosity doesn’t have an official happy face from Microsoft. Click on Continue Anyway.

When the install is complete, allow the installer to run Viscosity so we can proceed to setting it up for use.

 

Configure Viscosity

You’ll see a one-time Welcome to Viscosity screen. Close it to continue.

At this point, Viscosity will be running in your task bar (usually in the lower right-hand corner of your screen). The default icon is a lock in front of a circle:

Click on the icon and select Preferences….

There are couple of defaults in the Preferences window which I personally like to tweak. These are optional.

  1. Under the General tab, I select Start Viscosity at Login since I use it frequently.
  2. Under the Appearance tab, I choose the Leopard Colored menu icons because they boldly announce the connection status. Again, personal preference.

 

Install OpenVPN Certificates

Overview

There are two steps here. One is the creation of the VPN certificates, and the other is installing the certificates into Viscosity.

Create Certificates

I will use SmoothWall as an example simply because it’s a firewall I have ready access to. Refer to your documentation on how to do it on your firewall. SmoothWall has an option called Download Client Package (zip) which provides a single convenient .zip file that contains the two files we need.

Unpack Certificates

Copy the file to the machine you’re installing Viscosity on and extract them (assuming a zip file). Certificates are installed using the + button in the lower left corner of the Connections tab.

Navigate to where you put the files. You’ll choose the file that ends in .ovpn. It should import cleanly and show on the Connections tab. Now we need to click on the Edit button.

If you do not like the default name, feel free to change it on the General tab.

 

On the Authentication tab, change the authentication method to SSL/TLS Client (PKCS 12). Click on the upper Select button. (If it shows a file, click Clear.)

Choose the PKCS 12 file. SmoothWall uses the exention .p12. Finally, click Save.

The VPN connection should be ready at this point. Close the window.

Testing

Now that the connection is set up, you can click on the tool bar and choose the new connection. Ensure, of course, that you’re outside of the firewall first. 🙂

While Viscosity is connecting, you may see a message that A network cable is unplugged. This is normal and can be ignored.

Diagnosing Problems

If you’re having problems, click on the Details… menu item before connecting.

This window has three tabs which are a little hard to discern, in my opinion. The third one shows the progress of the connection, and may (or may not) provide useful information.

 

Further Help

I’m sorry I cannot help diagnose your particular system. For further assistance see the Spark Labs’ support page.

Disclaimer

I don’t have any connection to the company. I’ve just been really happy with the product.

 

Adding a GoDaddy SSL Certificate to Zimbra 7

I’ve struggled with getting a GoDaddy-issued SSL certificate installed into a new Zimbra instance for a client. Fortunately I used a virtual machine and was able to make snapshots of the VM along the way. Most of the struggle revolved around the fact that (1) GoDaddy makes the required files available in many versions and formats, and (2) the Zimbra documentation really sucks in this area.

Fortunately I found David McKay’s article How to Renew a GoDaddy Certificate on Zimbra. This gave me insight into which combination of files to use.

Zimbra Installation

  1. The Zimbra instance must install cleanly. My Zimbra installation notes are here.
  2. You must be able to view the Zimbra Certificates page without error. The page is found on the lower portion of the side bar.

The Certificate page in the Zimbra administrative panel.

Get the Certificate Files

  1. Use the Install Certificate button to create the CSR.
  2. Download the CSR.
  3. Paste the CSR into GoDaddy’s SSL certificate page.
  4. When downloading the certificate, there is a list of formats to choose from. Choose Apache.
  5. Also download GoDaddy’s root certificate file gd-class2-root.crt from their Repository page. As of this writing, this is the first file listed.

Installing the SSL Certificate

Back on the Zimbra Certificate page, click on Install Certificate button. You’ll be asked for several files.

  1. Certificate File: This is the new SSL certificate from the zip file. The default name is domain.crt.
  2. Root CA File: This is the file gd-class2-root.crt that you downloaded separately.
  3. Intermediate CA file: This is the file gd_bundle.crt found in the zip file.

This was the combination of files I was looking for but didn’t quite ever get right.

Store these files with backups.


Installing Zimbra 7 on CentOS

These are personal notes for installing Zimbra 7 on Centos 5, including split DNS for servers behind firewalls.

Preliminaries

Caveats

  • This is for a small installation, where a single server can handle everything.
  • Zimbra is not officially supported on CentOS, even though it comes directly from RHEL’s sources. If you need support from the company, don’t use it.

Requirements

  • Zimbra 7 is 64-bits. Don’t use the 32-bit versions since they are officially deprecated and are slated to be dropped.
  • If you are installing directly onto bare metal, there should be no problem.
  • If you are installing in a virtual machine, then ensure that the processor has the physical hardware support for 64-bit virtualization, i.e. Intel VT or AMD-V. (None of the older machines that I have support).
  • At least 1.5 GB RAM as an absolute minimum, but Zimbra may be slow at times. The Quick Start guide recommends 4GB.
  • Zimbra will run on a single processor; two are better.
  • I can’t recommend starting with less than 20-40GB HD space. I anticipate adding disks and expanding the file system as needed.

Virtual Machine

  • I like to name the (virtual) physical disks pv00, pv01, pv02, etc. (pv=physical volume) so they’re easy to track.
  • The NIC must be bridged. Save yourself the pain.
  • I remove the floppy disk, sound, card, and printer.

Installing CentOS

Disk Layout

  • I generally create two partitions: /boot and the rest a LVM partition
  • Inside I create a volume group with the name vg00, and create inside of it:
    • lvRoot mounted on /
    • lvTmp mounted on /tmp
    • lvVar mounted on /var
    • lvOpt mounted on /opt
    • lvSwap
    • Unallocated space for expansion of any non-lvOpt partition that threatens to get full. I treat lvOpt differently because it’s the mail storage partition, and if it fills up I want to at least double the amount of space available. If /opt starts to get full, I will:
      • add a whole new disk,
      • add it as a physical volume,
      • expand the volume group with the physical volume,
      • expand lvOpt, and
      • expand the /opt filesystem.

Package Selection

Note that this is not fine tuned, and more akin to a shotgun approach. Even though RHEL is an officially-supported OS, there does not appear to be any recommendations from Zimbra on which package groups to install. This section will be updated if I can find more information.

  • For package selection, deselect Desktop – Gnome.
  • Select Customize now
  • Click Next
  • Ensure that only the following categories are selected for install. Note: This is for simplicity. It does not attempt to strip the system down to its bare nubs.
    • Applications
      • Editors
    • Development
      • Development Libraries
      • Development Tools
      • Legacy Software Development
    • Base System
      • Administration Tools
      • Base
      • Legacy Software Support

First-Time Setup

Services

I noticed that ntpd was not being started. Ensure that it’s checked in the services list or run

chkconfig ntpd on

Firewall Configuration

  • SELinux: Disabled
  • Customize open ports:
    • SSH
    • WWW (HTTP)
    • Secure WWW (HTTPS)
    • Mail (SMTP)
    • Other ports: 143, 993, 110, 995, 7071

Zimbra will not function correctly with SELinux enabled. A reboot is required.

Operating System Finalization

Apply Operating System Updates

Log in as root.

Use yum to update the server.

yum update -y

Package Preparation

Remove sendmail.

yum erase sendmail

Interestingly, this also removes redhat-lsb and mdadm. I’m installing this on a virtual machine that resides on a disk that is already mirrored, so I don’t use any soft RAID.

Ensure dependencies are installed.

yum install gmp compat-libstdc++-33 sysstat sudo libidn wget libtool-ltdl

With the current version of CentOS (5.5), this only installs sysstat and libtool-ltdl.

Visually Verify the /etc/hosts File

The /etc/hosts file should look something like:

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1		localhost.localdomain localhost
::1			localhost6.localdomain6 localhost6
aaa.bbb.ccc.ddd		yourhostname.yourdomain.com yourhostname

Where aaa.bbb.ccc.ddd is the local behind-the-firewall IP address for the server. Note: This was set to the external IP address for some reason.

If the server resides behind a firewall, the IP address is the local address behind the firewall, which may not match what DNS returns. (The discrepancy will be taken care of below.)

If Behind a Firewall (Set Up Split DNS)

If the server is behind a firewall, split DNS needs to be set up so that when Zimbra tries to perform a lookup for the server, the normal DNS lookup is short-circuited, and the behind-the-firewall IP address comes back to Zimbra.

Install Bind

yum install bind bind-chroot bind-libs bind-utils

Ensure bind starts automatically.

 chkconfig named on

Create the named Configuration File

vim /var/named/chroot/etc/named.conf
chmod 644 /var/named/chroot/etc/named.conf

Insert the following. Be sure to change the forwarders IP address (eee.fff.ggg.hhh, iii.jjj.kkk.lll) to the IP addresses of the old DNS server. Be sure to replace domain.com with your own domain.

options {
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    forwarders {
        eee.fff.ggg.hhh ;
        iii.jjj.kkk.lll ;
    };
};
include "/etc/rndc.key";
// Specify that this server is the master for mail.domain.com
zone "mail.domain.com" {
    type master;
    file "db.mail.domain.com";
};

Create the file described in the file line. Be sure to change domain.com to the domain of your server.

vim /var/named/chroot/var/named/db.mail.domain.com
chmod 644 /var/named/chroot/var/named/db.mail.domain.com

Insert the following. Also pay attention the fact that adminaccount.domain.com is the system administrator’s e-mail address adminaccount@domain.com. DNS turns the first period into the @ sign.

@       IN      SOA     mail.domain.com. adminaccount.domain.com. (
                               10118      ; Serial
                               43200      ; Refresh
                               3600       ; Retry
                               3600000    ; Expire
                               2592000 )  ; Minimum

               IN      NS      aaa.bbb.ccc.ddd
               IN      A       aaa.bbb.ccc.ddd
               IN      MX      10 mail.domain.com.

Adjust resolv.conf

Adjust the resolv.conf file to search the local server for primary DNS

vim /etc/resolv.conf

Change it to look like:

search domain.com
nameserver aaa.bbb.ccc.ddd

Start the named Dæmon

chkconfig named on
service named start

Check its operation with:

dig mail.domain.com mx

It should return something similar to:

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> mail.domain.com mx
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40071
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;mail.domain.com.		IN	MX

;; ANSWER SECTION:
mail.domain.com.	2592000	IN	MX	10 mail.domain.com.

;; AUTHORITY SECTION:
mail.domain.com.	2592000	IN	NS	aaa.bbb.ccc.ddd.mail.domain.com.

;; ADDITIONAL SECTION:
mail.domain.com.	2592000	IN	A	aaa.bbb.ccc.ddd

;; Query time: 1 msec
;; SERVER: aaa.bbb.ccc.ddd#53(aaa.bbb.ccc.ddd)
;; WHEN: Sat Mar 12 17:42:25 2011
;; MSG SIZE  rcvd: 93

and

dig mail.domain.com any

should return something like:

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> mail.domain.com any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1326
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.domain.com.		IN	ANY

;; ANSWER SECTION:
mail.domain.com.	2592000	IN	SOA	mail.domain.com. sysadmin.domain.com. 10118 43200 3600 3600000 2592000
mail.domain.com.	2592000	IN	NS	aaa.bbb.ccc.ddd.mail.domain.com.
mail.domain.com.	2592000	IN	A	aaa.bbb.ccc.ddd
mail.domain.com.	2592000	IN	MX	10 mail.domain.com.

;; Query time: 1 msec
;; SERVER: aaa.bbb.ccc.ddd#53(aaa.bbb.ccc.ddd)
;; WHEN: Sat Mar 12 17:43:23 2011
;; MSG SIZE  rcvd: 138

The final check is the following. Note! This must be typed verbatim!

host $(hostname)

Should return something like:

mail.domain.com has address aaa.bbb.ccc.ddd
mail.domain.com mail is handled by 10 mail.domain.com.

Adjust the Yum Update Dæmon

It may be advisable to tweak the yum dæmon so that it automatically downloads updates and sends an e-mail to notify you that the machine can be updated. Details on how to do that may be found here.

Install Zimbra

Download Zimbra

Download the 64-bit version of Zimbra for Red Hat Enterprise Linux 5 here. I just right click on the link and paste it onto the command line, and make liberal use of tab completion in bash. For example:

cd /tmp
wget wget http://files2.zimbra.com/downloads/7.0.1_GA/zcs-7.0.1_GA_3105.RHEL5_64.20110304210645.tgz
tar xvzf zcs-7.0.1_GA_3105.RHEL5_64.20110304210645.tgz
cd zcs-7.0.1_GA_3105.RHEL5_64.20110304210645

Run the Installer

Run the install script.

./install.sh --platform-override

You must include the platform override option, else the installer will abort with the following error:

You appear to be installing packages on a platform different
than the platform for which they were built.

This platform is CentOS5_64
Packages found: RHEL5_64
This may or may not work.

Installation can not continue without manual override.
You can override this safety check with ./install.sh --platform-override

WARNING: Bypassing this check may result in an install or
upgrade that is NOT usable.

You will go through the following steps.

  • License agreement. Type answer with “Y”.
  • Prerequisite check. This should pass cleanly.
  • Package self-test.
  • Select the packages to install. Accept the defaults.
    • zimbra-ldap
    • zimbra-logger
    • zimbra-mta
    • zimbra-snmp
    • zimbra-store
    • zimbra-apache
    • zimbra-spell
    • zimbra-memcached
    • zimbra-proxy
  • A warning that you are not running on Red Hat, with the question, “Install anyway?”. Answer with “Y”.
  • A warning that the system will be modified. Answer with “Y”.
  • Installing packages.
  • Administrative install menu.

On the administrative menu, the important item to do is to set the admin password.

When complete, use “a” to apply the changes, and confirm with “Yes”.

  • When complete, use “a” to apply the changes.
  • Confirm with “Yes”.
  • Accept the default configuration file name.
  • It will warn, “The system will be modified – continue?”. Answer with “Yes”.
  • The installer will set up a few more items, including creating a self-signed SSL certificate.
  • The installer will ask if you want to notify Zimbra of your installation. Your choice.
  • The installer will start the servers.
  • The installer will install zimlets &c.

At last you will see:

Configuration complete - press return to exit

At this point you can point the web browser to port 7071 of the server and log in as the administrator. The install is complete.

References

  • Zimbra documentation
  • An out-of-date but useful guide is on the Zimbra forums here.
  • Setting up split DNS can be found on the Zimbra wiki here.