Sunday, May 02, 2010

Compile vpnc with openssl in Ubuntu

1. Compile vpnc with openssl and build package
  • Download vpnc source
sudo apt-get source vpnc

  • Uncomment some lines from Makefile. One of these two set of lines would be present in Makefile uncomment whichever is present.
OPENSSL_GPL_VIOLATION = -DOPENSSL_GPL_VIOLATION
OPENSSLLIBS = -lcrypto
or
OPENSSL_GPL_VIOLATION=yes

  • Build vpnc dependencies
sudo apt-get build-dep vpnc

  • Install openssl
sudo apt-get install openssl

  • Install libssl dev packages
sudo apt-get install libssl-dev

  • Build vpnc package
sudo dpkg-buildpackage

2. Create a vpnc conf file
#Generated by pcf2vpnc
IPSec ID GeneralHybrid
IPSec gateway <server>
IPSec secret <sercret>
Xauth username <username>
IKE Authmode hybrid
CA-File <path_to_certificate_file>.pem

#Xauth password 123456
#IKE DH Group dh2
#To add your username and password, use the following lines:
#Xauth password <your password>

3. Install network manager vpnc with openssl support
TBD

Wednesday, February 17, 2010

Creating a custom boot entry in Grub2 in Ubuntu 9.10

I created a custom boot entry for RHEL 4.5 in grub2 in Ubuntu 9.10. here are the steps

1. Open "/etc/grub.d/40_custom" file and add the following contents and save the file.

#!/bin/sh

cat << EOF
        menuentry "Redhat Enterprise Linux 4.5" {
        linux (hd0,1)/vmlinuz-2.6.9-42.ELsmp root=LABEL=/1 ro rhgb quiet pci=nommconf
        initrd (hd0,1)/initrd-2.6.9-42.ELsmp.img
}
EOF

  •    You may have to pass different parameters to the kernel. Also, In grub2 partition start from (hd0,1) whereas in grub it start from (hd0,0)
  •    Make sure that in the parameter to the kernel root=LABEL=/<something>, <something> is the label of the root partition for the given OS.

2. Run the following command to generate the grub conf file

    $ sudo grub-mkconfig -o /boot/grub/grub.cfg

3. Restart the machine and you are done!

Tuesday, February 09, 2010

Configure mod_jk with Apache 2.2 in Ubuntu

1. Install mod_jk: To install mod_jk in ubuntu execute the following command on the command line.

sudo apt-get install libapache2-mod-jk

2. Enable mod_jk loading: Create a link in /etc/apache2/mods-enabled/jk.load which points to /etc/apache2/mods-available/jk.load. This will enable loading mod_jk module in apache when apache is restarted.

3. Create mod_jk conf file:
Create a mod_jk conf file and place it in /etc/apache2/mods-available/jk.conf

# Where to find workers.properties
# Update this path to match your conf directory location
JkWorkersFile /etc/apache2/jk_workers.properties

# Where to put jk logs
# Update this path to match your logs directory location
JkLogFile /var/log/apache2/mod_jk.log

# Set the jk log level [debug/error/info]
JkLogLevel info

# Select the log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"

# JkOptions indicate to send SSL KEY SIZE,
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories

# JkRequestLogFormat set the request format
JkRequestLogFormat "%w %V %T"

# Shm log file
JkShmFile /var/log/apache2/jk-runtime-status

4. Enable mod_jk configurations: Create a link in /etc/apache2/mods-enabled/jk.conf which points to /etc/apache2/mods-available/jk.conf. This will enable mod_jk configuration in apache when apache is restarted.

5. Create a worker properties file: Create a workers properties file and place it in /etc/apache2/jk_workers.properties

# Define 1 real worker named ajp13
worker.list=ajp13

# Set properties for worker named ajp13 to use ajp13 protocol,
# and run on port 8009
worker.ajp13.type=ajp13
worker.ajp13.host=localhost
worker.ajp13.port=8009
worker.ajp13.lbfactor=50
worker.ajp13.cachesize=10
worker.ajp13.cache_timeout=600
worker.ajp13.socket_keepalive=1
worker.ajp13.socket_timeout=300

6. Configure url forwarding in apache to tomcat: Put the following lines in you apache virtualhost to forward requests to tomcat.

<VirtualHost *:80>
    ...
    # Send everything for context "/context" to worker ajp13
    JkMount /context/ ajp13
    JkMount /context/* ajp13
    ...
</VirtualHost>

7. Configure AJP in tomcat server. Put the following line in $TOMCAT_HOME/conf/server.xml file under the Servies tag.

<Service name="Catalina">
     ...
    <!-- Define an AJP 1.3 Connector on port 8009 -->
    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
    ...
</Service>

8. Restart the tomcat and apache server: Relax you are done.