Setup Wifi with Broadcom in Linux

Finally i could resolve it and have setup my Broadcom BCM4318 card with Linux using WPA :-) and i would like to share it with everybody who have been following the blog ;-)

First, i have set it up with Kubuntu, i am learning at the moment Ubuntu, it is important to be updated and this distribution has given a really good experience, it replaced Windows.
The Card is this:
06:05.0 Network controller: Broadcom Corporation BCM4318 [AirForce One 54g] 802.11g Wireless LAN Controller (rev 02)
Kubuntu detects this card and you just download the driver from Internet, everything is very automated, something that i am not used to as Unix Administrator.

Then create /etc/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant

network={
ssid="changeit"
psk="mypassword"
proto=WPA RSN
key_mgmt=WPA-PSK
pairwise=TKIP CCMP
group=TKIP CCMP
priority=5
}

Edit /etc/network/interfaces
auto eth1
iface eth1 inet dhcp
wireless-essid linux
pre-up wpa_supplicant -Bw -Dwext -ieth1 -c/etc/wpa_supplicant.conf
post-down killall -q wpa_supplicant

And finally:
ifdown eth1
ifup eth1

This can be improved for WPA2 or replace the password in the file with an encrypted password, but i leave that for you.

New TimeZone in Argentina

We in Argentina are changing Timezone soon, and it is a good idea to consume lower energy, the energy problem is worldwide, not only from here... Ok, what comes to question is the problem that our Linux machines will have if the timezone changes. Here i explain how to "hack" the timezone, until the people that maintains the global timezone files do update them...

Download the newest timezone file:
wget ftp://elsie.nci.nih.gov/pub/tzdata2007k.tar.gz
unzip and untar it in a directory like /tmp

--- This is no more needed since the new Timezone has the changes -----
Edit the file called "southamerica"
Look at the lines that say:
# Buenos Aires (BA), Capital Federal (CF),
Zone America/Argentina/Buenos_Aires -3:53:48 - LMT 1894 Oct 31
-4:16:48 - CMT 1920 May # Cordoba Mean Time
-4:00 - ART 1930 Dec
-4:00 Arg AR%sT 1969 Oct 5
-3:00 Arg AR%sT 1999 Oct 3
-4:00 Arg AR%sT 2000 Mar 3
-3:00 - ART

At the end of the block it should look like this:
-4:00 Arg AR%sT 1969 Oct 5
-3:00 Arg AR%sT 1999 Oct 3
-4:00 Arg AR%sT 2000 Mar 3
-3:00 - ART 2007 Dec 30
-2:00 Arg ART 2008 Mar 16
-3:00 Arg ART
------ End -------
The new Timezone has the changes already done, so just do this:

zic southamerica
rm /etc/localtime
ln -sf /usr/share/zoneinfo/America/Argentina/Buenos_Aires /etc/localtime

That would do the trick.

Discovering Ubuntu

In Ubuntu i got this error while installing apache:
configure: error: C compiler cannot create executables
Resolved it with this:
apt-get install libc6-dev g++ gcc

No recognized SSL/TLS toolkit detected
Resolved with:
apt-get install openssl libssl-dev

Crc error while recording CDs

Today i could solve a problem with my Linux Server, i was recording with k3b, xcdroast, cdrecord, and other mixes, but the cds gave always errors, here is the key error log so you can find this solution with a search engine:

logical unit communication crc error (ultra-dma/32))


The solution was not evident, i have used a 40 conductor IDE cable and it is not prepared for high speed transfers like my new server and DVD record does ;-)

A standard 80-conductor Ultra DMA IDE/ATA interface cable.
Note the blue, gray and black connectors, and the 80 thin wires.
The red marking on wire #1 is still present (but hard to see in this photo.)

For some information about this read here:
Ultra DMA (80 conductor) IDE/ATA Cable

Disable users from loggin into the server, except the administrator

In cases where you have to disable the login to all users,except root, for example when you have to do a backup, you have to use pam_nologin.so (man nologin).

1) Edit the pam file for the service you want to control, in this example i modify ssh pam control file, located in /etc/pam.d/sshd

Add this line
account required pam_nologin.so


2) Create the /etc/nologin file, just do "touch /etc/nologin"

This should disable the login from ssh. If you want to disable the login from terminal, modify the /etc/pam.d/login file.

3) To re-enable the login just remove /etc/nologin

Limit users access to Linux in a time range

In the cases when you want to limit the access to a Linux operating system in a time range, you would like to use pam_time.so. pam_time was written by Andrew G. Morgan.

Take a look at /etc/security/time.conf

To limit for example ssh access from 23:00 PM and 08:00 AM.
sshd;*;*;!Al2300-0800

The format of the file is:
Service;ttys;users;time

the !Al means, anything except "All the days".

If you would like to permit people from 4 to 8 PM all the days, except root:
login;*;!root;!Al1600-2000

Further reading:
man time.conf

See the users that logged into your server for the last year

In a Forum a user has asked something very interesting, how to see which users logged into the server for the last month, ok, i will explain how to see the users that logged in for the last year :)

1) Edit /etc/logrotate.conf, there is setup the configuration from the log rotation of /var/log/wtmp, this file has the information of the users that logged in and is read by the command "last".

My section inside logrotate.conf looks like this now:

/var/log/wtmp {
monthly
create 0664 root utmp
rotate 12
}
Meanings>
monthly : Log files are rotated the first time logrotate is run in a month (this is normally on the first day of the month). rotate [count] : Log files are rotated times before being removed or mailed to the address specified in a mail directive. If count is 0, old versions are removed rather then rotated.
2) When you want to watch which users logged in, you would like to use a script like this:
for i in /var/log/wtmp*; do last -f $i; done

3) The output would be a list with the users ;-)

Introduction to LVM with RHEL, Fedora or Centos Linux

This is the first part of an overview of Logical Volume Management. LVM was written originally by Heinz Mauelshagen in 1988. LVM has the advantages:
* Resizing of logical groups
* Resizing of logical volumes
* Snapshots from Read/Write volumes (in lvm2)
* Raid 0 of Logical Volumes. In this example i will create physical volumes (in /dev/sdb), a logical group and then a logical volume inside the logical group.

Creating two Physical Volumes
[root@benancio ~]# dd if=/dev/zero of=/dev/sdb1 bs=1k count=1
1+0 records in 1+0 records out 1024 bytes (1.0 kB) copied, 0.00155322 seconds, 659 kB/s
[root@benancio ~]# dd if=/dev/zero of=/dev/sdb2 bs=1k count=1
1+0 records in 1+0 records out 1024 bytes (1.0 kB) copied, 0.000948061 seconds, 1.1 MB/s
[root@benancio ~]# pvcreate /dev/sdb1
Physical volume "/dev/sdb1" successfully created

[root@benancio ~]# pvcreate /dev/sdb2
Physical volume "/dev/sdb2" successfully created

Create one Logical Group that will contain a logical Volume, which will be created in the next step
[root@benancio ~]# vgcreate users /dev/sdb1 /dev/sdb2
Volume group "users" successfully created

Create the Logical Volume.
[root@benancio ~]# lvcreate -L30M -n lv1_users users
Rounding up size to full physical extent 32.00 MB
Logical volume "lv1_users" created

Note:
-L LogicalVolumeSize[KMG]
-n Name of the new logical volume (lv1_users)
users is the name of the Logical Volume.


Now, create the filesystem over the logical volume created
[root@benancio ~]# mkfs.ext3 /dev/users/lv1_users
mke2fs 1.39 (29-May-2006)
Filesystem label=
OS type: Linux Block size=1024 (log=0)
Fragment size=1024 (log=0)
8192 inodes, 32768 blocks
1638 blocks (5.00%) reserved for the super user
First data block=1 Maximum filesystem blocks=33554432
4 block groups 8192 blocks per group, 8192
fragments per group
2048 inodes per group
Superblock backups stored on blocks:
8193, 24577

Writing inode tables: done
Creating journal (4096 blocks): done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 38 mounts or 180 days, whichever comes first. Use xtune2fs -c or -i to override.

To finish this introduction, you can mount the volume in a directory
[root@benancio ~]# mkdir /mnt/users
[root@benancio ~]# mount -t ext3 /dev/users/lv1_users /mnt/users

How to do an secure tunel with ssh in Linux

You may know that ssh is a secure way to connect, remember those old days when telnet was used and the passwords just flew through the network and any person with a sniffer could capture it ?

With ssh you can create a secure connection from one point to anther, going through a middle point, like the figure shows:
The tunnel is an cyphered connection from A to B, and from B to C the connection is not cyphered (almost not by ssh that we are using). B acts as a gateway to C.
In A you would write:

$ ssh -g -L [port in A]:[C address]:[port in C] [b address]

Example of doing a tunnel to a webpage:
$ ssh -g -L 8000:www.gmail.com:80 serverlinux.blogspot.com

You would connect with your browser to www.gmail.com:8000.
This would create a tunnel from A to B and B to gmail, this way nobody in A's network will be able to sniff the gmail traffic, only in B's network would that be possible.