asyd.net docs:system

asyd.net docs:system http://www.asyd.net/home/ 2011-06-19T04:49:06+02:00 asyd.net http://www.asyd.net/home/ http://www.asyd.net/home/lib/images/favicon.ico text/html 2008-10-03T08:25:38+02:00 docs:system:apache http://www.asyd.net/home/docs/system/apache Some configuration sample * mod_eaccess text/html 2008-10-03T08:25:38+02:00 docs:system:cfengine http://www.asyd.net/home/docs/system/cfengine Cfengine is a GNU tool to help sysadmin's tasks. FIXME text/html 2008-10-03T08:25:38+02:00 docs:system:ntp http://www.asyd.net/home/docs/system/ntp Network Time Protocol Multicast My cisco (router or switch) send the current date via NTP multicast message, I use the following configuration : ! ntp peer 192.168.34.3 ntp source Vlan34 ntp authentication-key 1 mdr MY-SECRET-KEY ! interface vlan34 ntp multicast key 1 ! text/html 2006-08-26T13:11:26+02:00 docs:system:postfix http://www.asyd.net/home/docs/system/postfix Sécurité * Authentification par certificats Postfix et les MDA évolués * courier+dspam * cyrus+dspam Tips * Configuration de base * Blacklist DNS * Tests des en-têtes * Greylisting avec postgrey Documentation associée * Principe de SASL (Décembre 2003) * SASL + LDAP sur FreeBSD (Décembre 2003) text/html 2008-10-03T08:25:38+02:00 docs:system:samba http://www.asyd.net/home/docs/system/samba Unix users from ActiveDirectory Install the following packages : $ apt-get install winbind samba Join the domain : $ net rpc join -u Administrator -S "server" Fetch the correct (Windows) domain name : $ wbinfo -u If you see the list of users, it's ok. Verify if there is winbind entry in /etc/nsswitch.conf Put it in the /etc/samba/smb.conf config file You can use the following PAM resources files : auth required pam_winbind.so account required pam_winbind.so auth required pam_securett… text/html 2008-10-03T08:25:38+02:00 docs:system:sendmail http://www.asyd.net/home/docs/system/sendmail Sample Makefile (written for Solaris) CF_DIR=/usr/lib/mail/ M4=m4 sendmail.cf: sendmail.mc ${M4} -D_CF_DIR_=${CF_DIR} ${CF_DIR}m4/cf.m4 sendmail.mc > sendmail.cf Very simple sendmail.mc (Solaris again) dnl vim: set syntax=m4 : divert(0) OSTYPE(solaris2) define(`SMART_HOST', `mail.asyd.net') MAILER_DEFINITIONS MAILER(local)dnl MAILER(smtp)dnl text/html 2008-10-03T08:25:38+02:00 docs:system:squid http://www.asyd.net/home/docs/system/squid Install OSCommandDebianapt-get install squidFreeBSDpkg_add -r squidOpenBSDcd /usr/ports/www/squid; make install clean ACL acl wifi_net src 10.69.0.0/255.255.0.0 http_access allow wifi_net SNMP snmp_port 3401 snmp_access allow squidsnmp acl squidsnmp snmp_community squidsnmp text/html 2008-10-03T08:25:38+02:00 docs:system:sudo http://www.asyd.net/home/docs/system/sudo Intro For a (short) while now, sudo have a LDAP support, which allow to store a global sudoers in a LDAP Directory. Note : The LDAP support doesn't require usage of *_Alias Build Just add the --with-ldap option to configure Config Edit the file /etc/ldap.conf (default) to have something looks like :