LINUX NEWS
http://www.Cramsession.com
January 9, 2003 - Issue #114
TABLE OF CONTENTS
1) Sean’s Notes
2) Linux News
NT Taking a Cue From Unix?
Linux Can Do Hot Backups Of Oracle
Linux to Beat MacOS?
Some Linux Myths
3) Linux Resources
Concurrency For Grown-ups
Email Sanitizer
Free Backup Software
Slack Packaging
Red Hat Performance Tuning
4) App o’ the Week
~~~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~~~
Serebra Learning Corporation knows that it’s true: you get paid more if you have the skills. Learn at your own pace with our dynamic training programs for the skills needed to succeed in today’s IT market. The Best Way to Learn Anything, Anywhere, Anytime. Check out this month’s specials!
http://ad.brainbuzz.com/?RC153&AIY05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For information on how to advertise in this newsletter please contact mailto:adsales@CramSession.com or visit http://cramsession.com/marketing/default.asp
1) Sean’s Notes
In days of old (or so it seems), before cable modems and ADSL, people connected to the Internet over modems. The most popular way to do that was to use a protocol called “PPP”, or the Point to Point Protocol. PPP encapsulates your packets over a serial line (i.e. a telephone line) so that they can travel from you to your ISP over the telephone company’s voice network.
Setting up Linux for PPP is surprisingly easy. The main component is “pppd”, the PPP daemon. Generally, any program that ends in ‘d’ is a daemon, a program that runs silently in the background performing a task. Other examples are xinetd, sshd, in.telnetd, ftpd, and httpd. pppd can also call external programs to help you set up the connection, such as to dial the modem. Some ISPs require you to log in through a text interface, some use ppp’s natural authentication mechanisms. “chat” is the component that takes you from modem dial to the PPP protocol.
Configuration for pppd generally lives in /etc/ppp. You’ll see a few files in there already, but don’t worry about them. The first thing to do is create our chat script, which will take care of dialing my ISP. Chat scripts, in their simplest form, are a series of “When I get this, do that” commands. So, I created /etc/ppp/chat-test as follows:
ABORT “NO CARRIER” ABORT “NO DIALTONE” ABORT “ERROR” ABORT “NO ANSWER” ABORT “BUSY” ”” “at” OK “at&d0&c1” OK “atdt5551111” CONNECT ””
The first five lines are things to look for that will cause the script to abort, rather than complete successfully. Since “ABORT” is on the left, it just tells chat that if this ever comes up, to abort. If the line is busy, I don’t want PPP to try to authenticate to nothing, do I? After that, it’s your basic modem commands. I wait for nothing, and send “at”. From that, I should get “OK”, at which point I send my initialization string. “OK” follows, I dial the modem, and I’m done when I see “CONNECT”. This implies that I’m going to rely on PPP’s authentication method, which is PAP or CHAP.
PAP and CHAP are authentication protocols (the AP part), and are either plain passwords, or challenge-handshake (take a guess which is which). PAP passwords pass in cleartext, CHAP in encrypted format. Normally this is something to be concerned about, but since the password travels over the phone line, I’m not too concerned about which I choose. Setting them up is the same.
/etc/ppp/pap-secrets and /etc/ppp/chap-secrets hold the authentication tokens (ie username/passwords). Since pppd can be both a client and a server, and you can connect to multiple servers, all the secrets (passwords) are stored in the same place. The format for dialin users is simply:
username * password *
If you knew the name of the remote server, you could put it in place of the first star, but in most cases, this is all you’ll ever have.
So far, we’ve got a chat script to connect us to the ISP, and our username/password is taken care of. All that remains is the configuration of pppd itself.
There are several ways you can invoke pppd. We’re going to set up a peer, and direct pppd to call the peer. We could also set up a global configuration, or even one specific to the modem. The peer way lets us keep our ISP’s configuration separate from anything else, such as other ISPs or your PPPoE connection on ADSL.
/etc/ppp/peers is a directory containing your peer configurations. The configuration files for pppd are a series of keywords followed by an option. Order doesn’t matter at all. I created a file called “test”, to refer to my “test” ISP:
ttyS2 38400 crtscts connect ‘/usr/sbin/chat -v -f /etc/ppp/chat-test’ noauth user sean defaultroute
The first line tells pppd what my modem is, and what options to use. Here, I have ttyS2 (AKA COM3), a locked port speed of 38400, and hardware flow control (crtscts). The second line tells pppd to use chat to do the connection, and I’m passing the name of the script. -v is “verbose”, a good idea to have set the first few times you connect. noauth isn’t what you think it might be, it says that you aren’t requiring that the remote end authenticate itself to you. However, the remote end will almost certainly want you to authenticate itself to it, something that we already covered in pap-secrets.
“user sean” simply says that pppd is to present the credentials for sean (from either pap-secrets or chap-secrets), and nothing else. defaultroute means that pppd will install a default route to the other end. Since it’s likely that we’ll be using this line to connect to the Internet, a default route is a good thing. If you were connecting to a remote LAN, you would likely just set up a static route.
Once pppd has successfully brought up a connection, it runs the /etc/ppp/ip-up script. If you wanted to set some routes, firewall rules, or anything else, here is where you’d do it.
Finally, to make the call, log in as root, and run:
pppd call test
You can watch /var/log/messages for the status. If all goes well:
ifconfig ppp0
ppp0 Link encap:Point-to-Point Protocol inet addr:10.0.9.3 P-t-P:10.0.0.2 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:4 errors:1 dropped:0 overruns:0 frame:0 TX packets:5 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:40 (40.0 b) TX bytes:58 (58.0 b)
And to disconnect:
killall ppppd
Two problems usually surface. The first is that your chat script doesn’t do its job. Checking /var/log/messages should show that. For most ISPs, you want to get all the way to the CONNECT message before pppd takes over. The second is, of course, passwords. Once again, messages will show a line like:
localhost pppd[18700]: Remote message: Authentication failure localhost pppd[18700]: PAP authentication failed
That, my friends, is setting up a PPP connection! Pretty easy, eh?
For those looking to test this out in a lab environment, the following link might be helpful for simulating the ISP:
http://www.cisco.com/en/US/tech/tk713/tk507/technologies_configurat ion_example09186a0080093c31.shtml
Long live the Penguin,
Sean swalberg@cramsession.com
2) Linux News
NT Taking a Cue From Unix?
The shell is arguably one of the reasons Unix is so powerful (the other being that there are no blue screens). Looks like Microsoft is looking to build a powerful shell of its own, based on this job posting.
http://www.jobsahead.com/search/jobdesc.html?id305
Linux Can Do Hot Backups Of Oracle
The thing that scares me about most backups is when it comes to databases. Oracle has announced that it supports hot backups under Linux, meaning you can perform a backup with zero downtime. Outstanding work.
http://newsforge.com/newsforge/03/01/02/2244205.shtml?tid#
Linux to Beat MacOS?
According to these predictions, Linux will overtake MacOS as #2 desktop sometime in 2003. While I treat it with a bit of skepticism, it’s still good news!
http://zdnet.com.com/2100-1104-979064.html
Some Linux Myths
Here’s one person’s account of his switch to Linux, and some of the things that he believes are myths. The comments attached to the article are also very enlightening.
http://newsforge.com/newsforge/03/01/04/1221251.shtml?tid
3) Linux Resources
Concurrency For Grown-ups
Throwing more processors at a problem doesn’t always help. This article goes over one of the core issues, namely concurrency. There are also several links to further reading.
http://www-106.ibm.com/developerworks/linux/library/l-sc5.html?t=gr %2clnxw06=concur4grown
Email Sanitizer
Procmail is a wonderful tool for managing email. This piece of software is a truly excellent sanitizer, which lets you enforce attachment policy on your users. After using a very similar method at another place, it significantly reduced the number of email viruses that got through this first line of defence.
http://www.impsec.org/email-tools/procmail-security.html
Free Backup Software
I’ve never used Arkeia myself, but I thought I’d pass along this offer of a free, single machine licence for Linux and other operating systems. It seems to have the features one would look for in a network backup system, so give it a whirl and let me know how you liked it.
http://www.arkeia.com/downloadlight.html
Slack Packaging
Slackware has a refreshingly simple packaging system based on tarballs. This article goes over the basics of managing your packages, and how to create your own.
http://www.ilug-cal.org/node.php?id
Red Hat Performance Tuning
I’m really loving IBM’s Developer Works site. Here is a tutorial on tuning your Red Hat distribution. There is some good advice here, including stuff on disks and kernel compilation.
http://www-105.ibm.com/developerworks/education.nsf/linux-onlinecou rse-bytitle/381A3EFB90955B5986256C1C0078EECC?OpenDocument
4) App o’ the Week
Undeleting a file in Unix is incredibly painful, if not downright impossible. This program is a series of utilities, some which replace standard unix commands, that can move files to a “trash can” rather than deleting them outright. It’s also intelligent about the matter, by skipping over things like core dumps and temporary files.
http://207.50.50.24/open_source/projects/trashcan/index.htm
(C) 2003 BrainBuzz.com, Inc. All Rights Reserved.
This message is from CramSession
You are currently subscribed to the following list Hottest Linux News and Resources as: sean@ertw.com
To un-subscribe from this newsletter by e-mail, send a blank email message to: mailto:leave-linuxnews-3825955Y@list.cramsession.com
To subscribe to this newsletter and many others visit our site at: http://newsletters.cramsession.com/signup/default.asp