Another useful article on IBM developerworks shows how to build PHP extensions using SWIG. You can find the article here.
If you have software packages which you wish to share with others or simply between your own personal machines, a neat and easy solution is to create your own YUM repository and provide your .repo file for download.
YUM is by far the easiest method of installing software on Red hat, Centos and Fedora. Not only does it mean you don't need to trawl the web looking for somewhere to download the packages, YUM does a great job of satisfying any package dependencies. As long as the required packages are available in the enabled repositories on your system, YUM will go out and get everything you need.
To create your own YUM repository, you will need to install the yum-utils and createrepo packages:
yum install yum-utils createrepo
yum-utils contains the tools you will need to manage your soon to be created repository, and createrepo is used to create the xml based rpm metadata you will require for your repository.
Once you have installed these required tools, create a directory in your chosen web server's document root e.g:
mkdir -p /var/www/html/repo/recital/updates
Copy the rpm's you wish to host into this newly created directory.
The next step is to create the xml based rpm metadata. To create this use the createrepo program we installed earlier.
At the shell type the following command:
createrepo -v -s md5 /var/www/html/repo/recital/updates
This will create the required metadata in the repodata directory of your /var/www/html/repo/recital/updates directory.
root@test repodata]# ls -l rwotal 44 -rw-r--r-- 1 root root 28996 Jan 13 21:42 filelists.xml.gz -rw-r--r-- 1 root root 284 Jan 13 21:42 other.xml.gz -rw-r--r-- 1 root root 1082 Jan 13 21:42 primary.xml.gz -rw-r--r-- 1 root root 951 Jan 13 21:42 repomd.xml
To do a final consistency check on your repository run the following command:
verifytree /var/www/html/repo/recital/updates
We now have a fully functioning YUM repository for our hosted rpm packages.
The next process is to create a .repo file in the client systems /etc/yum.repos.d directory.
Navigate to the /etc/yum.repos.d directory on your system as root.
Using your preferred text editor to create the .repo file. In this example I will call it recital.repo.
Now paste in the following lines:
[Recital] name=Recital Update Server baseurl=http://ftp.recitalsoftware.com/repo/recital/updates enabled=1 gpgcheck=1
Once that is saved, at the shell prompt on the same machine (YUM client system).
$ yum repolist Loaded plugins: presto, refresh-packagekit repo id repo name status Recital Recital Update Server enabled: 1 adobe-linux-i386 Adobe Systems Incorporated enabled: 17 fedora Fedora 12 - i386 enabled: 15,366
As you can see the Recital repo is now being picked up and we have access to all the packages it is hosting.
See how easy that was!
auth sufficient pam_krb5.so try_first_pass
auth sufficient pam_unix.so shadow nullok try_first_pass
account required pam_unix.so broken_shadow
account [default=bad success=ok user_unknown=ignore] pam_krb5.so
Opening SSH to the outside world is a security risk. Here is how to restrict SSH access to certain IP addresses on a machine.
- Edit the /etc/hosts.allow file to include these lines, assuming your machine is on the 192.168.2.x nonrouting IP block, and you want to enable an external address of 217.40.111.121 IP block: Remember to add the period on the end of each incomplete IP number. If you have another complete IP address or range, add a space and that range on the end.
sshd,sshdfwd-X11: 192.168.2. 217.40.111.121
- Edit your /etc/hosts.deny file to include this line:
sshd,sshdfwd-X11:ALL
- These lines refuse SSH connections from anyone not in the IP address blocks listed.
Additionally you can restrict SSH access by username.
- Edit the /etc/ssh/sshd_config file and add the following lines
PermitRootLogin no
AllowUsers user1 user2 user3 etc
PasswordAuthentication yes
Now restart the ssh daemon for these changes to take effect
service sshd restart
A quick tip for optimizing TCP performance on linux.
edit /etc/sysctl.conf add the lines:
If using gigabit ethernet:
net.ipv4.tcp_mem= 98304 131072 196608
net.ipv4.tcp_window_scaling=1
net.core.wmem_default = 65536
net.core.rmem_default = 65536
net.core.wmem_max=8388608
To reload these use:
# sysctl -p
If using infiniband:
net.ipv4.tcp_window_scaling=1
net.ipv4.tcp_timestamps=0
net.ipv4.tcp_sack=0
net.ipv4.tcp_rmem=10000000 10000000 10000000
net.ipv4.tcp_wmem=10000000 10000000 10000000
net.ipv4.tcp_mem=10000000 10000000 10000000
net.core.rmem_max=524287
net.core.wmem_max=524287
net.core.rmem_default=524287
net.core.wmem_default=524287
net.core.optmem_max=524287
net.core.netdev_max_backlog=300000
DirectoryIndex default.rsp index.html
auth sufficient pam_krb5.so try_first_pass
auth sufficient pam_unix.so shadow nullok try_first_pass
account required pam_unix.so broken_shadow
account [default=bad success=ok user_unknown=ignore] pam_krb5.so
One of the attractive features of Linux is the impressive 3D desktop that even works on most older hardware.
You can enabled the 3D Desktop on CentOS5 by installing the compiz package:
yum install compiz
After you have done this, go to the top panel and click System, then select Preferences > and click 'Desktop Effects.
You will get a new dialog. To test and see if your hardware supports the 3D Desktop, press the button Enable Desktop Effects. If everything works fine, you can select Keep Settings.
Then test your 3D Desktop by pressing Ctrl-Alt-Left and Ctrl-Alt-Right, or drag a window around or even out of the screen to the left or right. If you maximize a window, you will see another cool effect. If you move the mouse to the upper-right corner of the screen you see all your opened applications.Way cool!
Usually, you do not need to setup an email server under Linux. Most GUI email clients support Gmail POP3 and IMAP configurations. But, how do you send mail via the standard /usr/bin/mail user agents in a shell script? Programs such as sendmail / postfix / exim can be configured as a gmail smarthost but they are largely overkill for this use. The ssmtp program is a neat utility that does just that for you via gmail.
cp /usr/bin/ld /usr/libexec/gcc/i386-redhat-linux/4.1.2/real-ld
collect2: cannot find ld
gcc -print-search-dirs