Wednesday, November 25, 2009

Apache hitting the road!

If you were dreaming of meeting Apache (World's No 1 web server) big shots Greg Stein, Justin and our own Sri Lankan Apache contributors, this will be the best opportunity for it. Apache Asia Road Show is a 3 day event with 2 days Conference and a single day hackerthon. Hurry!!! reserve your seat now before it too late.

apacheasia2009 3rd and 4th December @ HNB Towers

Tuesday, September 29, 2009

My house for Sale

This is not a spam. :). Yes I'm selling my house. Here's the details.

Location: Ampara, Sri Lanka.

Directions: 1.3 KM from Ampara Town, 1KM to Ampara Base Hospital. ( Located in a Residential area)

Description : 3 rooms, 2 bathrooms (one attached to master bedroom), Living room, Dining hall, Kitchen. Full ceiling, fans in every room, 24 hour water supply, electricity, overhead tank Land is 43 perches and have 5 coconut trees (grown for 30 years), 2 King-coconut trees, Jack tree, Mango, etc. You have enough room to park more than 4 vehicles in the garden area. Fully covered boundary wall.

Price : 5, 000000/- (Negotiable) US $43555/-

Those who are interested please call

Weerasinghe (My Dad) : +94 714446404
email : mdweerasinghe@gmail.com

I'll put some photos later. Still couldn't find time to visit Ampara as I'm stuck in Colombo.

Wednesday, September 09, 2009

It's 09/09/09

Life has many patterns. And we always like patterns. For example, many people love to have a phone number with some kind of a number pattern. (688688, 566566, etc). We can pay some extra cash and get a vehicle registration number with a pattern, like PP-1111. In another hand, some numbers have some value to it, like "Lucky 7", "Hero Number 1". Even our Postal Department have issued 9 new stamps to remember today. Same way in Sri Lankan culture many people consider the number 9 as a bad number. (නවය නපුරුයි). But personally I don't believe such things. But I like patterns. So this blog post is to denote the pattern of the day, 09/09/09. September 09, 2009. Wish you all a bright future. :).

Sunday, August 09, 2009

Using iPod Nano (3Gen) with Ubuntu

Couple of years ago, using Apple iPods with GNU/Linux was not an entertaining experience for most of people. But now the FOSS world is more promising on that and also in many other apps on cross platform interoperability. Earlier, My wife asks me and I used to sync the movies, music vids, mp3 to her iPod using gtkpod. I had to do it because i used ffmpeg to convert the videos to MOV format and then sync them to the iPod via gtkpod. But here after she's going to do it by her own. So I had to find some "click and go" way to covert the files and had to teach her on using gtkpod.

YouTube and google video are the main search repositories for music videos. The best tool I found for this was DownloadHelper extension for Firefox. The version I'm using here is 4.3. It can download videos and convert them to many formats as single files or as a batch. And the extension is actively developed and updates are released frequently.

After converting the downloaded video you can put them to the iPod using gtkpod. Using gtkpod is not a big deal. It's simple and any one can catch the features within a half and hours time.


Click "Save Changes" to write the changes to the iPod. And you can use Sync Directories or files options in the File menu of gtkpod. In order to perform the tasks smoothly you need to have some software pre-installed in your GNU/Linux system.

  • ffmpeg
  • libmp4v2-0
  • All other multimedia codecs
If you have a movie file (avi, wmv, or any other type) you can use ffmpeg to convert them easily to MOV and can be used with your iPod Nano. Haven't try it with iPhones and iPod classics, cos I don't have those with me yet. ;-).

This is the basic way to use the iPod with gtkpod. You can try out other stuff like online music syncing when you have time. :)

Cheers!

Friday, June 26, 2009

King of Pop, no more


Yesterday I lost another "one of my legendary characters". I have few favourite entertainers, namely; Bruce Lee, Jean-Claude Van Damme, Michel Joseph Jackson, Dr. Dre, Eminem and few others. But among them, there are very few who I call " A Legend". Bruce Lee was a legend. And Michel Jackson.

I still remember when I was 8,9 years old I didn't know that was MJ who dance like that, sing like that, but I liked the moves he make and the accent. I started to immitate him by wearing cloths like him and shout "aauww" like him. As I grow with the time, finally I managed to catch the moon walk and some other dancing movements he made by watching his videos. I started to collect the lyrics, CDs and sang alone with the CD. No one told me he's the king of pop but he was a king to me. No one told me nor I didn't have Internet or Sat TV to get to know about his unmatched skills, but I thought to my self no one in this earth can do break dance as he does. Finally today he leaves at his 50th year of life, leving my childhood memories with me.

Dear Michel Jackson, you were the hero of dance world to me. And you'll always be in my heart till I die.

"There's a place in your heart
And I know that it is love
And this place could be much brighter than tomorrow
And if you really try
You'll find there's no need to cry
In this place you'll feel there's no hurt or sorrow"

Dear King, thank you very much for the joy you gave me from my childhood and for the unbileiveable contribution to the music world and for helping many of the helpless people in the world.



Image from
celebrity-blogger.com

Sunday, May 17, 2009

Welcome to new Sri Lanka

By now we know and believe Velupillai and Other terrorist leaders are killed by our Armed Forces or they have suicide. We knew this will end soon. I like to give my sincere gratitude to our Three forces, Police, Civil security forces and Mr. President for scarifying their life for the future of Sri Lanka and for our lives.


I salute you all!!.

Monday, May 04, 2009

A disaster happened, what should we do?

As at today, the war is officially over but rescue missions are still undergoing in Sri Lanka to securely rescue Tamil civilians trapped in LTTE barbarians. This is the final few days of Prabhakaran and his followers. So I'll not talk about him or LTTE here now.

We saw hundreds of thousands of people fleeing from LTTE to safe zone controlled by SL government. All of them are residing in refuge camps. They need food, water, cloths, medicine, sanitary facilities and many other general human needs. And the great thing is people around the country were organized and collected many essentials and quickly sending them to those areas with the message "We all are a one big family, we love you". This has being the one and only humanitarian war ever happened in the world and will be on the history books for sure.

Now that we had a disaster, and we see the aftermath too. But on the other hand, we are getting lots of goods and services to this affected areas from all around the country and globe. We need a proper Disaster Management plan to handle the received donations such as food, water, cloths, medics, etc. This remembers me the Tsunami 2006. We did not had a proper disaster management plan or a system (manual or computerized) so we wasted lots of valuable goods received for afforded areas. And distribution of the donations were highly disorganized where some areas receive excessive amount of donations and another area had nothing at all. So we had that experience, no need to repeat that same process.

We need to mange the donations (all types) properly so that each and every one gets the proper benefit out of those donations without wasting them. Here it comes the need of a well structured computerized Disaster Management System. Ok... do we have to spend another million rupee on this? Absolutely not. There is this free and open source software system call "Sahana" (www.sahana.lk) developed by Sri Lankan FOSS community, where you can use for these kind of scenarios. You can download it for free, use it conjoining with any number of donating organizations and government. I know most of the organizations using this system today. But this is a reminder for those who still not aware of such system. Next question would be support on using this software, and make it work in your organization/group on the double. There is a strong community support through mailing lists, IRC. And if you want fully featured professional/commercial service you can contact Respere, the Sahana Company (http://www.respere.com/). They provide island wide commercial training, support for Sahana Disaster Management System.

So now that we have donations, and human resources to handle them and a Computer Software System to help manage those donations and also to maintain missing persons registry, where many people are missing and to be found. So I request all the donors, organizations, to be wise, and manage the peoples hardly earned donations so that each and every family member in north will receive the goods and services equally and minimize wastage.

I can see clearly now the war is gone...
I can say all the problems will fly away...
And there will be safer life for all our friends...
It's gonna be a bright, (bright) bright Sunshiny day......









Thursday, April 09, 2009

Sri Lanka or Tamil Eelam?

This post is dedicated to all "Tamil Eelam" fans...

Velupillai and his friends started an Ealam war before I born. But I couldn't stay away from it by saying "I'm not a part of this war". We all in Sri Lanka suffered from this war, and still there is a little more to suffer. I came to know by reading the history of the crisis, in late 70s Velupillai's initial idea of fighting against the majority of Sri Lankan Sinhalease was truly liberal, that he was standing against for step-mother treatments for the tamil minority (quantity wise) in Sri Lanka. Those early rulers in the country have done some thing really wrong in ruling the country and Velipillai triggered this liberation fight pointing that. But the country changed with the time, rulers changed, political views were changed. And poeple wanted to end this fight and stay together as one nation. But, Velupillai did not want to see a happy ending of it as he has nothing else to do (killing) if this war ends. So he gathered as many people as possible (mostly by force) and kept killing and disturbing the people's life for the last 30 years. And there were many helpers, money donors in Sri Lanka itself and some other countries around the world who financially supported this terrorists. Many of them were doing illegal business like drug dealing, arms dealing, robberies, kidnapping, hijacking, etc. So now think , what has happen to the liberal fight? where it has being leading to? Finally, the innocent Tamil people were aside suffering from the business work of Velupillai, but he did not give a shit. He holds the banner "We are freedom fighters", but kills hundreds of innocent Tamils who have not obey him. Now every body knows that Velupiiai is not the "leader of Tamil union", but the "executioner of Tamil union".

Separate a part from the Sri Lanka and having an Eelam is not an effective solution in the long run too. The land is too small and when the population grow the land will not be sufficient for the crowd, so a new war will start in addition to the ongoing one. And if Velupillai creates a native land for Tamils and kill all the Sinhalease in that area what about the Tamils who live in Sinhalease areas? Shall they all be killed as Velupillai does for others? Is that the solution for this problem?. NO. There is no ethnic problem in Sri Lanka, there wasn't for decades. Sri Lanka have a one BIG problem, it's this Velupillai's LTTE Terrorist problem.

Here is the map that Velupillai draw for the Tamil Eelam.

He thinks, this small land can occupy all the Tamils in this country, and make this is the heritage land of "Tamils". Why he want to cage the Tamils in to a small area while the whole Sri Lanka is wide open for all Sinhalese, Tamils and every other one? Now see for your self, look at the Sri Lanka map, which has more space to live, have access to more resources.


Any one can see that Tamils have more land now than before, and Sri Lanka is a country were many raises lives peacefully and care for each other. People in most countries are very narrow minded and raises. They don't accept the humans as a one kind. But here in Sri Lanka, people don't care of the skin color or the language a person speak. They only care about sharing and living a happy life with each and ever one together as a one country.

Velupillai brought death and fear to every one in this country by many means. Now it's time for him to end his life inside his own dream. So Eelam fans, I think it's better stop dreaming now. You will never see that Eelam within Sri Lanka, try to find a different country for that. Ask for a land from a country that really support your crazy ideas. But in Sri Lanka, there is no space for you. We (Sinhalese, Tamils, Muslims, etc) live as a one nation, under one flag, singing "Sri Lanka Matha" national anthum. No one will be able to change that.!. So Sorry Velupillai, so sorry Eelam fans all over the world. Your dream ain't gonna be a reality...

Good Bye Tamil Eelam, Go to Hell LTTE...

Peace.!






Tuesday, March 10, 2009

Instant Internet Connection Sharing

Today I came Kandy for 5 days stay due to some functions lined up to attend. My office provided me a HSPA dongle to keep my self online during the stay. Nah.. it's not about the dongle. ;-). I wanted to share the Internet connection with another computer at home. I only had a crossover cable with me, which I always carry in my backpack. So I connected the two Laptops with it and shared my primary PPP connection with the guest Laptop. Both Laptops are runnung on GNU/Linux. The simple setup I had is as below.

Host PC Settings.

I already received an IP for my ppp0 connection from my ISP. So I only had to assign an IP to my LAN card (eth0)

# ifconfig eth0 10.0.0.1 netmask 255.255.255.0

(Don't need to set the default route in the host, cos it's already set to ppp0)

Enable NAT in Farewall and IP forwarding.

# iptables -P FORWARD ACCEPT
# iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

# echo 1 > /proc/sys/net/ipv4/ip_forwad

Guest Settings.

Set up the Interface.

# ifconfig eth0 10.0.0.2 netmask 255.255.255.0

Set the default route of the GUEST to HOST eth0 IP

# route add default gw 10.0.0.1

Put the name server IP which received to the HOST PC from ISP in the GUEST /etc/resolv.conf

# echo nameserver xxx.xxx.xxx.xxx > /etc/resolv.conf

That's all. I simply enabled Internet Connection Sharing in my Laptop.

Friday, January 23, 2009

Mandriva One 2009... You made me say "WOW"

Today I installed Mandriva One 2009, a distribution which comes with a Linux Kernel, GNU software and many other custom made and free software. I installed this as a virtual machine, to test it and to see how Mandriva Directory Server performs on her own man's lap. ;-). So I started to install the packages requred for it, and while they are downloading, I went an inside tour. I was amazed, and couldn't hold the "wow" came from my inside...

Mandriva One 2009 comes with a Linux 2.6.27 kernel and I installed the KDE version of it which runs KDE 4.1. There is Gnome version too. Even though I'm not a KDE fan, I wanted to see how is KDE doing it to satisfy me. I was pretty amazed, the start menu is well organized, not too many options, and looked neat. That's some thing I was looking forward to see from a KDE main menu.

There were some cool widgets Which are ready to use and I activated couple of them just to see. And the default wallpapers are very eye catching.
Mandriva One comes with OpenOffice 3.0.0, and it was loading faster than the 2.x versions. Then I quickly went through the applications installed. There is almost all the major apps you need to run a Desktop enviorenment, Internet, Multimedia, Software Installation, Systems Tools, etc. If you need further apps you can easily installed using various methods, rpm, GUI based, or urpmi, etc. And Compiz was packed with the OS, and have all the 3D desktop effects you nee.



This version of Mandriva One 2009, comes with good collection of apps for the desktop users and is in a single CD. You can download it from their official mirrors. The System Requirements need is (as in the web site)
  • Processor: Any Intel®, AMD or VIA processor
  • RAM: 512MB minimum, 1GB recommended
  • Hard disk: 2GB minimum, 6GB recommended
  • Graphics card: NVIDIA®, ATITM, Intel®, SiS, Matrox,VIA. 3D desktop functionality requires an NVIDIA GeForce (up to 8800), ATITM Radeon 7000 to HD 3870, or Intel® i845 to x4500HD
  • 3D acceleration is supported on most capable hardware. For more details, check the hardware compatibility database
  • Sound cards: All Sound Blaster, AC97 and HDA compatible cards are supported. Note: Creative Labs X-Fi cards are not currently supported
  • DVD drive required
  • SATA, IDE, SCSI, SAS: most controllers are supported in non-RAID mode, and some are supported in RAID mode
So for those who are willing to kick Windows Vista away and also for those who are interested in trying out KDE 4.1 without the messy look, I think Mandriva One 2009 is a good distro to try out. It comes as a live user version and can be installed and make secure as a regular GNU/Linux distribution.

Okay It's time for me to get back to the work I was doing... Got to start playing with the Directory Server of it...

Mandriva Team, Good Work fellas!!!

Thursday, January 22, 2009

Fedora Directory Server, NFS, SAMBA in action.

I was working on a Centralized authentication system in the past couple of days. I was comparing Mandriva Directory Server with Fedora Directory Server and testing them in various levels. I thought of make the work available online so any one else in the world can benefit from this. This will not be a step-by-step guide sort of a thing, but have methods of performing the tasks.

My setup was able to;

  • Authenticate Unix and Windows users from an LDAP server (Fedora Directory Server).
  • Map a dedicated network drive for all the users under their username using SAMBA.
  • Enable roming profiles for POSIX accounts using NFS exports.
  • Control hardware on GNU/Linux based systems using PolicyKit.
  • And some other stuff... Like mail server authentication, etc
Scenario

  • Users must authenticate using LDAP user credentials from a central server.
  • Existing/New Windows and GNU/Linux Clients should be authenticated via LDAP server.
  • Use e-mail facility.
  • Control over selected client hardware (eg:usb pen drives, digital cameras, etc).

A very rough diagram ;-)


Testing tools

Hardware

* Intel Core Duo2
* 512MB RAM
* Networking Hardware

Software

* Fedora Directory Server 8.0
* Zimbra Collaboration Suite
* Apache 2.0
* Bind

Operating Systems

* Fedora Core 9 (For Authentication Server)
* Ubuntu GNU/Linux (Clients)
* MS Windows (Clients)

Server Installation

* Installed Fedora Core 9
* Installed Fedora Directory Server 7.1
* Installed Zimbra Collaboration Suite.

Client Installation

GNU/Linux

I have to perform few steps to set up GNU/Linux clients to authenticate with the Fedora Directory Server.

* First install the meta-package for LDAP authentication.

# apt-get install ldap-auth-client

* Then edit the /etc/ldap.conf file to suite our setup. I have to put following details in the ldap.conf file.


##Host

host 192.xxx.xxx.xxx

##The distinguished name of the search base

base dc =mydomain,dc=net

##LDAP version to use

ldap_version 3

Fiter to AND with uid=%s

pam filter objectclass=Account

pam_filter objectclass=posixAccount

Group member attribute

pam_member_attribute memberuid

pam_member_attribute uniquemember

##Password hash

pam_password md5


Leave the rest of the file as it is.


NFS Server set up

I thought of keeping the user’s files in a different server for security reasons. Hens I installed the NFS server in a different computer running Ubuntu GNU/Linux . (Actually I’m running the NFS server in virtual host)

* Installed NFS Server


# apt-get install portmap nfs-kernel-server


* I created a directory /home/nfs to create user home directories.

* edit the /etc/exports and added the following lines. This is to create the network shares.


/home/ *(rw,sync)


The above lines will give permission to all users to access /home/nfs with read write permissions.

After that I have to do export the shares

# exportfs -ra

* Restart the services

# /etc/init.d/portmap restart

#/etc/init.d/nfs-kernel-server restart


After I’ve done with the server side, next thing was to set up the clients to auto mount the NFS share.

* Installed the nfs modules in clients

# apt-get install portmap nfs-common

* Then installed the automount module

# apt-get install autofs


Then I need to deny access to all others and allow only for set I want.

* Edit the /etc/hosts.deny and enter the following lines.

portmap : ALL

* Edit the /etc/hosts.allow and entered the IP address of the NFS server

portmap : 192.xxx.xxx.xxx

Tip : When ever I edit a configuration file, it’s always better to put a comment before the edition. That way you can track your changes easily.

eg: in /etc/hosts.allow I’ve put a comment

#Anuradha added these lines..

portmap : 192.xxx.xxx.xxx


After that, try to mount the NFS share manually to check whether the setup is working.

# mount 192.168.0.166:/home/nfs /media/netdisk

(This is done in the client machine, and I have created a mount point in client’s /media directory.)

* Then add the following line in /etc/fstab to mount the share automatically at the computer startup.

192.xxx.xxx.xxx:/home/nfs /media/netdisk nfs rw initr 0 0

Tip: Set the permissions on the nfs share as read, write for every one in the /home/nfs. (This is until I separate the user directories for each user)

This was okay to mount a particular share in a client computer at every bootup. But, what I want is to mount the relevant users share up on his login. So at this moment I create a small shell script to get the user ID and mount the particular share. In order to get the job done from this script, I need to have the user NFS share being created in the NFS server. eg: /home/[username] in the NFS server.

The script looks like this.

#!/bin/bash
#Get logged in user and mount the NFS share.
logname > /tmp/users.txt
mount 192.168.0.116:/home/`cat /tmp/users.txt` /media/netdisk

I have to make this script run after the user login.

But this way the user’s profile will not be in a roaming mode. I wanted to test this as Ill. So made the /home directory of the user available from the NFS server.

* Create a directory for each and every user in the NFS server by the user’s user ID.

eg: # mkdir /home/user1

(I have give the mode as 777 for the time being…)

In the client machine, I have to configure the autofs.

* Add the following line to the /etc/auto.master

/home /etc/auto.home

* Then create a file /etc/auto.home and put the following line there.

* soft, initr, rsize=8192,wsize=8192,nosuid,noexec 192.168.0.116:/home &

* I added the following line in the /etc/auto.misc too.

/home -fstype=nfs 192.xxx.xxx.xxx:/home

* Finally you have to edit the /etc/fstab and make the /home directory hard mounted.

192.168.0.116:/home /home nfs rw,intr 0 0

When reboot and log in as test user “foo” with passwd “foo123”. The login was successful with one error.

“$HOME/.dmrc… some thing

To resolve this error, I setup a directory in the NFS server and named it same as the LDAP user ID and gave the permission as follows.


chown -R [usr_name] /home/[user_dir]

chmod -R 770 /home/[user_dir]

Then it set the home partition and also set the permission “world non-writeable”.

Authenticating Windows Clients.

* Use pGina plug-in to handle the ldap authentication.
* In pGina configuration select the ldapauto.dll plugin to configure the authentication.


Server 192.xxx.xxx.xxx
mode : Search

* Put the total dn and dc entry to the search base
* in pGina configuration you have to put your profile


H:\\192.xxx.xxx.xxx\home\samba\%username%

(this way it’ll seek the profile that comes under UID each login)

I Have to attach the /etc/samba/smb.conf file, that is the file which handles the sharing thing. But It's too long and will not be suitable for this post.)

Note: All unix users who wish to authenticate as NT users have to have samba user credentials too)

Blocking USB storage mounting.

In GNU/Linux

* Use Polkit-Gnome

Define policy kit in the client machine as below.

Under “Storage” section find “Mount file systems from removable drives”.

Then edit it;

Anyone : No

Console : No

Active Console : Admin Authentication

Then using Webmin, I can log in to LDAP server and manage LDAP users and groups. I can give sudo poIr to some user by adding that user to an admin group (GID 123). After I add the user to the admin group that user have sudo power and can mount USB pen drives. And keep in mind that the user gets admin power of that particular system too.

Tip: In Ubuntu Systems it's always a good idea to create the super user and secure it with a password. Else any one can activate the super user account and your system will be in risk.

sudo passwd root

In Windows

* Windows Local Security Policy.

Map a Samaba Share as a Network Drive for Windows.

* Installed samba in a GNU/Linux (ubuntu) server (In this case in the same machine which runs the NFS)
* Add a samba user to validate access

smbpasswd -a ‘username’ (here you enter a valid LDAP user name)

* Create directories under the same name, as in NFS and make them shared.

# mkdir /home/servername/share/user1


I created a small shell script to automate the user creation in NFS. (just for fun) But thought some one might get use of it.


#!/bin/bash
echo "Enter the new user name: "
read name
echo "Creating account for $name..."
sleep 2
echo "Creating NFS Share..."
`mkdir /home/$name`
`chown -R $name:2000 /home/$name`
`chmod -R 770 /home/$name`
echo "/home/$name --done"
sleep 2
echo "Creating Samba Share..."
`mkdir /home/virtual/$name`
`chown -R $name:2000 /home/virtual/$name`
`chmod -R 770 /home/virtual/$name`
`smbpasswd -a $name`
echo "NFS Share and Samba Share is ready for user $name"


The above script will get the input of the user name from the keyboard and create the NFS and SAMBA shares for that user. I only had to give the userID which I created in the LDAP as it is.

Please accept my apologies in not arranging this as a step-by-step how to. In GENERAL, I don't follow a structure when I work (In some CRITICAL cases, yes I do follow the steps...). I try to combine the work pieces from here and there and build a system in my way of doing it.

Cheers!