The /\/ TechDiary

Setting up a subversion server on mandriva is relatively straight forward, but with a simple mind boggle, that cost me a few hours hence this post.

Simple stuff first:

urpmi subversion-server subversion subversion-tools xinetd

That’s it, all installed. Now create an empty repository (still basic stuff).

svnadmin create /var/svn/first_repo

Now the part that fooled me and had me entertained (not) for some hours. The file

/var/svn/first_repo/conf/svnserve.conf

contains the following by default:

### This file controls the configuration of the svnserve daemon, if you

### use it to allow access to this repository. (If you only allow

### access through http: and/or file: URLs, then this file is

### irrelevant.)

### Visit http://subversion.tigris.org/ for more information.

[general]

### These options control access to the repository for unauthenticated

### and authenticated users. Valid values are “write”, “read”,

### and “none”. The sample settings below are the defaults.

### anon-access = none

### auth-access = write

### The password-db option controls the location of the password

### database file. Unless you specify a path starting with a /,

### the file’s location is relative to the directory containing

### this configuration file.

### If SASL is enabled (see below), this file will NOT be used.

### Uncomment the line below to use the default password file.

### password-db = passwd

### The authz-db option controls the location of the authorization

### rules for path-based access control. Unless you specify a path

### starting with a /, the file’s location is relative to the the

### directory containing this file. If you don’t specify an

### authz-db, no path-based access control is done.

### Uncomment the line below to use the default authorization file.

### authz-db = authz

### This option specifies the authentication realm of the repository.

### If two repositories have the same authentication realm, they should

### have the same password database, and vice versa. The default realm

### is repository’s uuid.

### realm = some default realm

[sasl]

### This option specifies whether you want to use the Cyrus SASL

### library for authentication. Default is false.

### This section will be ignored if svnserve is not built with Cyrus

### SASL support; to check, run ’svnserve –version’ and look for a line

### reading ‘Cyrus SASL authentication is available.’

# use-sasl = true

### These options specify the desired strength of the security layer

### that you want SASL to provide. 0 means no encryption, 1 means

### integrity-checking only, values larger than 1 are correlated

### to the effective key length for encryption (e.g. 128 means 128-bit

### encryption). The values below are the defaults.

# min-encryption = 0

# max-encryption = 256

I have boldfaced the lines that tricked me

I read it as (well, skimming it) as sasl was by default disables, hence I did not need to specifically enable passwords from a passwd file. WRONG! To be able to interact with the svn server i had to uncomment the passwd line (and authz, but only if you need more fine grained access control).

Now to have the svn daemon running as a service, edit the xinetd file:

vi /etc/xinet.d/svnserve

I haven’t been able to make svnserve debug log any where, and running it by hand inside strace, did not reveal any sensible info either, so I made my way by starting with a know working configuration and then enabling cfgs one by one.

Hope this page will help some one, if found by google.

Test from maemowordpy

Turned out that I had not noticed that my user name was capitalised when configuring access to my blog. A rather common problem with ‘helpful’ mobile devices.

now lets us see if snapping an image with the built-in camera can also be uploaded? (more…)

Gadget times, yeah , I also got myself an nslu2. Why? Because it is a cheap (~700 euro) way of getting a general purpose linux box, just check out the community.

At first I tried to connect to it from the soekris over a crossed cable, as described here, but that did not work, not sure why.

The I plugged it into a wireless router and connected to it from the old firewall (where the wireless router sits on one subnet, different from 192.168.0.0, and did the same, now it worked:

# route add 192.168.0.1 eth1
# arping -f -I eth1 192.168.0.1; telnet 192.168.0.1 9000
ARPING 192.168.0.1 from 192.168.2.2 eth1
Unicast reply from 192.168.0.1 [00:1A:70:A1:93:78] 11.302ms
Sent 27 probes (27 broadcast(s))
Received 1 response(s)
Trying 192.168.0.1…
Connected to 192.168.0.1 (192.168.0.1).
Escape character is ‘^]’.
== Executing boot script in 1.690 seconds – enter ^C to abort
^C
RedBoot> version

RedBoot(tm) bootstrap and debug environment [ROMRAM]
Red Hat certified release, version 1.92 – built 15:16:07, Feb 3 2004

Platform: IXDP425 Development Platform (XScale)
Copyright (C) 2000, 2001, 2002, Red Hat, Inc.

RAM: 0×00000000-0×02000000, 0×000723a0-0×01ff3000 available
FLASH: 0×50000000 – 0×50800000, 64 blocks of 0×00020000 bytes each.

I tried to give it a local and a server ip fraom the readboot, but after a reboot it was not at that address.

Next endeavor seems to be getting upslug2 for mandriva 2008. Then I shall install openSLUG.

To get upslug2 compiled I had to check it out from svn:

svn co http://svn.nslu2-linux.org/svnroot/upslug2/trunk upslug2

To compile I had to install autoconf, automake and libtool, gcc-c++ then run (as documented on the upslug2 wiki page).

Next step is to enable the nslu2 in update mode..

Done, easy, and now the flash:

# upslug2 –image=”../slugosbe/slugosbe-4.8-beta-nslu2.bin”
NSLU2 00:1a:70:a1:93:78 Product ID: 1 Protocol ID: 0 Firmware Version: R23V24 [0x2324]
Upgrading LKGA19378 00:1a:70:a1:93:78
. original flash contents * packet timed out
! being erased – erased
u being upgraded U upgraded
v being verified V verified

Display:

+
Status:
* timeout occurred + sequence error detected

7fffff+000000 …VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
Rebooting… done

I probably did not keep the paper clip in the reset hole for the proper time, because the leds kept blinking for upgrade mode. I flashed it again, and now it went into OK green led state.

Now watching my dhcpd server log (broadcast ping did not make it reveal itself), I could log into it (found the password on the net, reproducing below, just in case it should be taken off the net — suspicious about the port 8000).

5. Step #5: Log into the slug. You can login to the slug through ssh. Type the following at a command prompt after the slug boots: ’ssh -l root xxx.xxx.xxx.xxx’. The IP address will be whatever your DHCP server assigned the slug on boot. If you don’t know how to find this, you can trying a broadcast ping and iteratively check each found address on your network: ‘ping -b 192.168.1.255′ — assuming your network is 192.168.1. If not, adjust accordingly. If you cannot find the IP address of the slug, or don’t have a DHCP server running, then you’re on your own. The slug’s root password is ‘opeNSLUg’. I recommend changing this ASAP. After you login to the slug, you can treat it like a regular linux machine. I’d advise reading up on ‘turnup’ and ‘ipkg’.
6. Step #6: After logging in, run ‘turnup init’. Follow the on-screen instructions, and then do ‘turnup preserve’ and reboot.

Need to reslug. I tried to mv /var /..external disl; ln …. /var, but that apparantly killed it. Hm. next time, the password from above did not work. Ahh, the passwd I made befure turnup preserve was persisted across the flash! (I had changed it after the persist, and the did not last – that took me a while to guess

I think turnup preserve re-saves from ram to flashram. But I will google a bit, stay tuned . Ok, this looked interesting in order to get the nslu2 to use the external disk to boot from

root@ouy:~$ turnup disk -i -s5 /dev/sda1
/sbin/turnup: umounting any existing mount of /dev/mtdblock4
turnup: copying root file system

15213 blocks
done
turnup: initialising dev file system
turnup: ensuring /var/volatile mountpoint exists
turnup: ensuring tmpfs will not be mounted on /var
turnup: /etc/syslog.conf: changed to file buffering
Old (buffer) version in /etc/syslog.conf.sav
Log messages will be in /var/log/messages
root@ouy:~$
root@ouy:~$ ls /mnt/sda1/
bin etc initrd lost+found mnt root sys usr
dev home lib media proc sbin tmp var
root@ouy:~$ turnup preserve
/sbin/sysconf: umounting any existing mount of /dev/mtdblock4
25 blocks
++*; done
root@ouy:~$

Yihaa, not I boot from disk not sure if all the below are necessary, but here you go:

root@ouy:~$ touch /.sda1root
root@ouy:~$ turnup disk -s20 /dev/sda1 -t ext3
root@ouy:~$ sync
root@ouy:~$ sync
root@ouy:~$ sync
root@ouy:~$ reboot

(the touch .sda1root was from the wiki page, but the 20 seconds was my guess, that perhaps my 2.5” drive was slower to be recognised than on the soekriss [there is a reason I pulled it out of a laptone earlier on - 5400 rpm is NOT FAST!!]). Not sure about the sync’s either, but that is a good point to be superstitious about :S.

Now we are ready to rock’n'roll:

root@ouy:~$ df / /var
Filesystem 1k-blocks Used Available Use% Mounted on
/dev/sda1 4806768 141568 4421028 3% /
root@ouy:~$ ipkg update
Downloading http://ipkg.nslu2-linux.org/feeds/slugosbe/cross/4.8-beta/Packages.gz
Inflating http://ipkg.nslu2-linux.org/feeds/slugosbe/cross/4.8-beta/Packages.gz
Updated list of available packages in /var/lib/ipkg/cross
Downloading http://ipkg.nslu2-linux.org/feeds/slugosbe/native/4.8-beta/Packages.gz
Inflating http://ipkg.nslu2-linux.org/feeds/slugosbe/native/4.8-beta/Packages.gz
Updated list of available packages in /var/lib/ipkg/native
root@ouy:~$ ipkg install bash
Installing bash (3.2-r2) to root…
Downloading http://ipkg.nslu2-linux.org/feeds/slugosbe/cross/4.8-beta/bash_3.2-r2_armv5teb.ipk
package ncurses suggests installing ncurses-terminfo
Installing ncurses (5.4-r10) to root…
Downloading http://ipkg.nslu2-linux.org/feeds/slugosbe/cross/4.8-beta/ncurses_5.4-r10_armv5teb.ipk
Configuring bash
Configuring ncurses
root@ouy:~$ ipkg list |grep nfs
kernel-module-nfs – 2.6.21.7+svnr927-r0 – nfs kernel module
kernel-module-nfsd – 2.6.21.7+svnr927-r0 – nfsd kernel module
nfs-utils – 1.0.6-r13 – userspace utilities for kernel nfs
/blockquote>

Last open question, I believe: How do I install apache? I think I need to ad an url i ipkg, so that it will find, e.g. the optoware repos, a few links, to start from next time I have the time and energy. Find packages (includes apache),

Could not resist, this is where to find out how to access the optoware. I works like this:

$ su
# feed=http://ipkg.nslu2-linux.org/feeds/optware/slugosbe/cross/unstable
# ipk_name=`wget -qO- $feed/Packages | awk ‘/^Filename: ipkg-opt/ {print $2}’`
# wget $feed/$ipk_name
# tar -xOvzf $ipk_name ./data.tar.gz | tar -C / -xzvf -
# sed -i -e ’s|/stable|/unstable|’ /opt/etc/ipkg.conf

To install package after bootstrapping (replace with your package name):

# /opt/bin/ipkg-opt update
# /opt/bin/ipkg-opt list
# /opt/bin/ipkg-opt install …

Now with pptp access to the work site, I might as well set up a vpn for accessing the home lan, either over inherently insecure, but very practical wifi, or just to easily jump the other way from work.

One of the possibilities is openSWAN, which has a guide at this link.

TO be updated when there is progress.

UPDATE, no progress :S, just another link. Since provenly pptp works with the client side, I want to just set up a pptp server as described here, for example.