ubuntu feisty下的tomcat5.5问题

默认情况下,在ubuntu feisty下安装tomcat5.5会出现问题,可以启动,但其实是假象。

sudo /etc/init.d/tomcat status

会提示没有运行。

安装方法:

sudo aptitude install sun-java6-jdk tomcat5.5

然后处理:

sudo gedit /etc/default/tomcat5.5

修改JAVA_HOME环境变量:

JAVA_HOME=/usr/lib/jvm/java-6-sun

之后运行tomcat,就出现上述问题。
问题的解决办法:

cd /var/log/tomcat5.5/
sudo rm catalina.out
sudo touch catalina.out
sudo chown tomcat55:nogroup catalina.out
sudo chmod uo-wrx catalina.out

具体请参考:
http://ubuntuforums.org/showthread.php?t=436295
http://cefn.com/blog/ubuntutomcat.html
https://bugs.launchpad.net/ubuntu/+source/tomcat5.5/+bug/118592

trac安装及配置使用多仓库

安装比较简单:

sudo aptitude install trac libapache2-mod-python

然后就是配置工作。

默认情况下,trac只能支持单一仓库。
若想支持多仓库,必须使用mod-python支持。
然后在配置站点的时候,使用TracEnvParentDir关键字。
如下:


SetHandler mod_python
PythonHandler trac.web.modpython_frontend
PythonOption TracEnvParentDir /var/trac
PythonOption TracUriRoot /projects

其中,/var/trac目录下就是预先定义的initenv目录。
sudo trac-admin /var/trac/project1 initenv
然后每个project都使用类似的操作。
注意,然后还要修改每个对应的trac.ini文件以满足自己的需求。
比如,中文utf8支持就要修改default_charset为utf8。

安装subversion: ssl+auth_mysql+mod_svn

此处采取的方案是:
ubuntu feisty, apache2, auth_mysql, ssl, mod_svn。
其中,apache2+auth_mysql的安装及设置参考前面的文章:http://wlx.westgis.ac.cn/409/
apache2+ssl的安装和设置参考:http://wlx.westgis.ac.cn/407/
然后开始安装:

sudo aptitude install subversion libapache2-svn libapache-mod-dav

添加代码库

sudo mkdir /var/svn
sudo svnadmin create /var/svn/$REPOS
sudo nano .htaccess

设置存取权限

sudo chown -R www-data:www-data /var/svn/$REPOS
sudo chmod -R g+ws /var/svn/$REPOS

配置
参考: /etc/apache2/mods-available/dav_svn.conf
上面的是对所有站点开启SVN支持的,也可以直接修改具体的site文件。
注意事项:
svn库不能和WWW放置在同一个目录下,否则会产生冲突(301错误)。
location不能使用根目录。
location /svn/
注意必须前后都有斜线。见http://www.svnforum.org/2017/viewtopic.php?t=1320&

DAV svn
SVNParentPath /var/svn
AuthType Basic
AuthName “Subversion Repository”
AuthUserFile /etc/apache2/dav_svn.passwd
Require valid-user
SSLRequireSSL

http://alephzarro.com/blog/2007/01/07/installation-of-subversion-on-ubuntu-with-apache-ssl-and-basicauth/

搭建mediawiki

目前ubuntu feisty的源里的mediawiki是1.7版本,感觉功能也够用,因此就使用这个版本进行搭建。

sudo aptitude install mediawiki mediawiki-extensions imagemagick

顺带安装了一堆相关的库。

然后定义一个新的site文件,目录部分参考/etc/mediawiki1.7/apache.conf(默认的情况是基于IP,在VIRTUAL HOST的站点无法适用)。

激活site,重新启动apache,访问此wiki网站,会提示你要进行初始化安装。

安装完成后,要移动配置文件:
cd /var/lib/mediawiki1.7
sudo mv config/LocalSettings.php ..

然后一些配置的修改就可以通过修改此文件来进行处理。

激活上传功能,修改$wgEnableUploads的值就可以

定制自己的logo,制作一个135×135的PNG图片:

sudo cp my_new_logo.png /var/lib/mediawiki/skins/common/images/wiki.png
也可以通过修改变量来进行定制:
$wgLogo = “$wgScriptPath/wiki.jpg”;

其他:
为安全计,也可以使用SSL支持。

是否需要整合mediawiki/phpbb3,使二者使用一套用户认证系统?http://uber.leetphp.com/wiki/extensions/Source.Auth_phpbb.php

http://www.mediawiki.org/wiki/Manual:Running_MediaWiki_on_Ubuntu

限制匿名的写权限
http://www.allwiki.com/wiki/%E7%94%A8%E6%88%B7%E6%9D%83%E9%99%90%E7%AE%A1%E7%90%86
http://my.jcwcn.com/html/00/11700-7276.html

themes:
http://www.actsofvolition.com/archives/2005/september/wikiaswebsite
http://www.ipbwiki.com/forums/index.php?automodule=downloads&showcat=12

apache2下使用mysql进行身份认证

服务器平台为ubuntu feisty,首先确认apache2已经安装好。
然后安装auth-mysql支持并启用此模块:

sudo aptitude install libapache2-mod-auth-mysql
sudo a2enmod auth_mysql

要建立一个数据库用于认证,并建立一个用户表存贮用户信息。

mysql -uroot
create database svn;
grant all on svn.* to svn@localhost identified by ‘mypwd’;
flush privileges;
use svn;
create table auth(
`username` varchar(25) NOT NULL default ”,
`passwd` varchar(25) NOT NULL default ”,
`groups` varchar(25) NOT NULL default ”,
PRIMARY KEY (`username`),
KEY `groups` (`groups`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;

然后修改site文件:

Auth_MySQL_Info localhost

">
Options +Indexes FollowSymLinks MultiViews
AllowOverride AuthConfig Options FileInfo Limit
Order allow,deny
Allow from all

创建.htaccess文件:

AuthUserFile /dev/null
AuthBasicAuthoritative off
AuthMYSQL on
AuthMySQL_Authoritative on
AuthMySQL_DB svn
AuthMySQL_Password_Table auth
AuthMySQL_Group_Table auth
AuthMySQL_Empty_Passwords off
AuthMySQL_Encryption_Types Plaintext Crypt_DES
AuthName ""
AuthType Basic


require valid-user
#or
require group group group1

注意问题:
注意这个部分AuthUserFile /dev/null
如果没有这行,apache的error_log中会出现这样的错误:

[error] [client ip] (9)Bad file descriptor: Could not open password file: (null)

如果没有AuthBasicAuthoritative off
会出现错误:

[error] [client ip] user yourusername not found:

参考:
http://www.howtoforge.com/mod_auth_mysql_apache2_debian
http://www.linuxmine.com/79991.html

apache2下的ssl支持

在UBUNTU FEISTY下如何添加APACHE2的SSL支持?

假设你的APACHE2已经可以运行了,现在只是需要添加SSL支持,首先安装:

sudo aptitude install openssl ssl-cert libapache-mod-ssl

注意,默认make-ssl-cert产生的ca只有一个月的有效期,因此我们需要延长这个时间,可以通过修改make-ssl-cert命令来实现:

sudo nano /usr/sbin/make-ssl-cert

假设需要把期限修改为10年:
就把”-keyout $output”修改为”-keyout $outpu -days 3650″。
然后来创建我们自己的签名,当然你也可以申请商业认证的签名。

sudo make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem

注意,在填hostname的时候,要选择你所使用的域名。
接着,启用ssl模块

sudo a2enmod ssl

添加443监听端口

echo “Listen 443” | sudo tee -a /etc/apache2/ports.conf

site文件的第一行修改为:

在site文件的最后一行前面添加:

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM

重新启动服务:

sudo /etc/init.d/apache2 restart

若想强制所有的80端口访问都转送到443端口,可以这样设置:

sudo a2enmod rewrite

然后修改site文件,添加如下内容:

RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R]

reference:
https://help.ubuntu.com/community/forum/server/apache2/SSL
http://www.linode.com/wiki/index.php/Apache2_SSL_in_Ubuntu

转移邮件服务器:postfix

原邮件服务器硬盘损害,已经无法工作,需要转移到新服务器上。
原来的服务器是debian etch,新服务器是ubuntu feisty。

首先安装:
sudo aptitude install postfix postfix-mysql courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl postfix-tls libsasl2 libsasl2-modules libsasl2-modules-sql sasl2-bin openssl libpam-mysql amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 unzoo libnet-ph-perl libnet-snpp-perl libnet-telnet-perl nomarch lzop pax razor pyzor dcc-client

首先创建mysql数据库,因为原来已经创建,直接导入就可以了。
把原来的mysql-virtual*文件拷贝到/etc/postfix/目录下,注意若mysql用户密码发生变化,要进行相应的修改。
然后修改文件权限:

chmod o= /etc/postfix/mysql-virtual_*.cf
chgrp postfix /etc/postfix/mysql-virtual_*.cf

创建vmail用户:

groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail -m

对/etc/postfix/main.cf进行修改定制:

postconf -e ‘myhostname = server1.example.com’
postconf -e ‘mydestination = server1.example.com, localhost, localhost.localdomain’
postconf -e ‘mynetworks = 127.0.0.0/8’
postconf -e ‘virtual_alias_domains =’
postconf -e ‘ virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf’
postconf -e ‘virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf’
postconf -e ‘virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf’
postconf -e ‘virtual_mailbox_base = /home/vmail’
postconf -e ‘virtual_uid_maps = static:5000’
postconf -e ‘virtual_gid_maps = static:5000’
postconf -e ‘smtpd_sasl_auth_enable = yes’
postconf -e ‘broken_sasl_auth_clients = yes’
postconf -e ‘smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination’
postconf -e ‘transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf’
postconf -e ‘content_filter = amavis:[127.0.0.1]:10024’
postconf -e ‘receive_override_options = no_address_mappings’

这部分需要具体检查,我把myorigin这个给注释掉了,对于多域名的邮件列表有影响。

saslauthd相关设置,和DEBIAN不大一样,和UBUNTU EDGY也不尽相同:

sudo rm -fdr /var/spool/postfix/var/run/saslauthd
sudo mv /var/run/saslauthd /var/spool/postfix/var/run/saslauthd
sudo ln -s /var/spool/postfix/var/run/saslauthd /var/run/saslauthd
sudo adduser postfix sasl

修改/etc/default/saslauthd文件,把START修改为yes。
修改/etc/pam.d/smtp文件:

auth required pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1

account sufficient pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1

对应的用户名密码数据库要进行替换。

修改/etc/courier/authdaemonrc文件,把authmodulelist的值变为”authmysql”。

修改/etc/init.d/postfix文件,在FILES部分:

FILES=”etc/localtime etc/services etc/resolv.conf etc/hosts \
etc/nsswitch.conf etc/nss_mdns.config etc/postfix/sasl/smtpd.conf etc/sasldb2″

这个原来是有sasldb2文件的,但是在ubuntu feisty下没有这个文件,但执行起来没有问题,比较奇怪。

修改/etc/courier/authmysqlrc文件:

MYSQL_SERVER localhost

MYSQL_USERNAME mail_admin

MYSQL_PASSWORD mail_admin_password

MYSQL_PORT 0

MYSQL_DATABASE mail

MYSQL_USER_TABLE users

MYSQL_CRYPT_PWFIELD password

#MYSQL_CLEAR_PWFIELD password

MYSQL_UID_FIELD 5000

MYSQL_GID_FIELD 5000

MYSQL_LOGIN_FIELD email

MYSQL_HOME_FIELD “/home/vmail”

MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,’@’,-1),’/’,SUBSTRING_INDEX(email,’@’,1),’/’)

重新启动服务:

/etc/init.d/courier-authdaemon restart
/etc/init.d/courier-imap restart
/etc/init.d/courier-imap-ssl restart
/etc/init.d/courier-pop restart
/etc/init.d/courier-pop-ssl restart
/etc/init.d/postfix restart
/etc/init.d/saslauthd restart

修改/etc/aliases文件,可以根据自己的需要进行修改。

修改vi /etc/amavis/conf.d/15-content_filter_mode文件,去掉几个注释:

use strict;

# You can modify this file to re-enable SPAM checking through spamassassin

# and to re-enable antivirus checking.

#

# Default antivirus checking mode

# Uncomment the two lines below to enable it back

#

@bypass_virus_checks_maps = (

\%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);

#

# Default SPAM checking mode

# Uncomment the two lines below to enable it back

#

@bypass_spam_checks_maps = (

\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

1; # insure a defined return

修改 /etc/amavis/conf.d/50-user文件,添加:

$pax=’pax’;

修改/etc/postfix/master.cf文件,添加:

[…]

amavis unix – – – – 2 smtp

-o smtp_data_done_timeout=1200

-o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n – – – – smtpd

-o content_filter=

-o local_recipient_maps=

-o relay_recipient_maps=

-o smtpd_restriction_classes=

-o smtpd_client_restrictions=

-o smtpd_helo_restrictions=

-o smtpd_sender_restrictions=

-o smtpd_recipient_restrictions=permit_mynetworks,reject

-o mynetworks=127.0.0.0/8

-o strict_rfc821_envelopes=yes

-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks

-o smtpd_bind_address=127.0.0.1

修改/etc/spamassassin/local.cf,添加:

[…]

# dcc

use_dcc 1

dcc_path /usr/bin/dccproc

dcc_add_header 1

dcc_dccifd_path /usr/sbin/dccifd

#pyzor

use_pyzor 1

pyzor_path /usr/bin/pyzor

pyzor_add_header 1

#razor

use_razor2 1

razor_config /etc/razor/razor-agent.conf

#bayes

use_bayes 1

use_bayes_rules 1

bayes_auto_learn 1

启动服务:

adduser clamav amavis
/etc/init.d/amavis restart
/etc/init.d/clamav-daemon restart
/etc/init.d/clamav-freshclam restart
/etc/init.d/postfix restart

参考:
http://www.howtoforge.com/virtual_postfix_mysql_quota_courier_ubuntu_edgy
http://wlx.westgis.ac.cn/322/

Fix for SSH slow to ask for password in Ubuntu Feisty Fawn

在UBUNTU FEISTY下默认进行SSH登录的时候,开始连接的速度好像有点慢,今天看到这个才知道原因。
解决办法:

Solution 1

Edit the /etc/ssh/ssh_config file using the following command

sudo nano /etc/ssh/ssh_config

Commentout the following lines

GSSAPIAuthentication yes
GSSAPIDelegateCredentials no

save the file and exit

MergedFB for i915G on ubuntu feisty

一直不知道i915的显卡还能使用MergedFB,原来在试验双显示器的时候,只用过Xinerama,但Xinerama使用后会禁止DRI,导致不能使用硬件加速以及AIGLX和XGL等三维效果。

主要的配置都在/etc/X11/xorg.conf的文件里。
关键的部分,一个是在Device节里:

Option “MergedFB” “true”

另外一个部分是在Screen节里:

SubSection “Display”
Depth 24
Virtual 1560 1024
EndSubSection

SubSection “Display”
Depth 24
Modes “1400×1050 1280×1024 1024×768”
EndSubSection

要添加一个Virtual的桌面大小定义。通常这个Virtual的桌面就是两个显示器的分辨率之和。
我的xorg.conf配置:

Section "Files"
FontPath "/usr/share/fonts/X11/misc"
FontPath "/usr/share/fonts/X11/cyrillic"
FontPath "/usr/share/fonts/X11/100dpi/:unscaled"
FontPath "/usr/share/fonts/X11/75dpi/:unscaled"
FontPath "/usr/share/fonts/X11/Type1"
FontPath "/usr/share/fonts/X11/100dpi"
FontPath "/usr/share/fonts/X11/75dpi"
# path to defoma fonts
FontPath "/var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType"
EndSection

Section "Module"
Load "i2c"
Load "bitmap"
Load "ddc"
Load "dri"
Load "extmod"
Load "freetype"
Load "glx"
Load "int10"
Load "vbe"
EndSection

Section "InputDevice"
Identifier "Generic Keyboard"
Driver "kbd"
Option "CoreKeyboard"
Option "XkbRules" "xorg"
Option "XkbModel" "pc105"
Option "XkbLayout" "us"
EndSection

Section "InputDevice"
Identifier "Configured Mouse"
Driver "mouse"
Option "CorePointer"
Option "Device" "/dev/input/mice"
Option "Protocol" "ImPS/2"
Option "ZAxisMapping" "4 5"
Option "Emulate3Buttons" "true"
EndSection

Section "InputDevice"
Driver "wacom"
Identifier "stylus"
Option "Device" "/dev/input/wacom"
Option "Type" "stylus"
Option "ForceDevice" "ISDV4" # Tablet PC ONLY
EndSection

Section "InputDevice"
Driver "wacom"
Identifier "eraser"
Option "Device" "/dev/input/wacom"
Option "Type" "eraser"
Option "ForceDevice" "ISDV4" # Tablet PC ONLY
EndSection

Section "InputDevice"
Driver "wacom"
Identifier "cursor"
Option "Device" "/dev/input/wacom"
Option "Type" "cursor"
Option "ForceDevice" "ISDV4" # Tablet PC ONLY
EndSection

Section "Device"
Identifier "Intel Corporation Mobile 915GM/GMS/910GML Express Graphics Controller"
Driver "i810"
BusID "PCI:0:2:0"
VideoRam 131072
# Screen 0
Option "No2048Limit" "true"
Option "DRI" "true"
Option "MergedFB" "true"
Option "DDCMode" "true"
Option "MonitorLayout" "CRT,LFP"
Option "SecondPosition" "LeftOf"
Option "MetaModes" "1024x768-1280x1024 1024x768"
Option "MergedNonRectangular" "ture"
Option "XAANoOffscreenPixmaps" "true"
Option "MergedXinerama" "true"
Option "crt2hsync" "30-82"
Option "crt2vrefresh" "50-85"
EndSection

Section "Monitor"
Identifier "Generic Monitor"
Option "DPMS"
HorizSync 28-51
VertRefresh 43-60
EndSection

Section "Screen"
Identifier "Default Screen"
Device "Intel Corporation Mobile 915GM/GMS/910GML Express Graphics Controller"
Monitor "Generic Monitor"
DefaultDepth 24
SubSection "Display"
Depth 24
Virtual 2048 1024
EndSubSection
SubSection "Display"
Depth 24
Modes "1280x1024" "1024x768"
EndSubSection
EndSection

Section "ServerLayout"
Identifier "MergedFB"
Screen 0 "Default Screen" 0 0
InputDevice "Generic Keyboard"
InputDevice "Configured Mouse"
InputDevice "stylus" "SendCoreEvents"
InputDevice "cursor" "SendCoreEvents"
InputDevice "eraser" "SendCoreEvents"
EndSection

Section "DRI"
Mode 0666
EndSection

郁闷的是,No2048Limit参数不起作用,不知道什么原因,导致我最大只能使用2048的宽度,在两个屏幕中间会有重合的部分,不爽。
还有,我一开始看库里还有一个xserver-xorg-video-intel的包,这个的版本更新一些,就稀里糊涂地装上,导致后面很长时间都没搞定,还是最后恢复成xserver-xorg-video-i810才搞定,还没搞清楚这两个包有什么关系。

参考:
1 http://dri.freedesktop.org/wiki/MergedFB
2 http://ubuntuforums.org/showthread.php?t=221174

ubuntu feisty下安装glGo 1.4

官方下载deb包
在ubuntu feisty下,安装glGo还需要以下包:

sudo aptitude install libsdl-image1.2 libsdl-ttf2.0-0 python2.4

然后再安装glgo:

sudo dpkg -i glGo-1.4.deb

这样就已经可以在终端上运行了,若想让其加入到game菜单上,还需要制作一个glgo.desktop文件

sudo nano /usr/share/applications/glgo.desktop

文件内容如下:

[Desktop Entry]
Encoding=UTF-8
Name=glGo
GenericName=glGo Game
Comment=A 3D and 2D Goban, SGF editor, client for IGS-PandaNet and interface for GNU Go.
Exec=glGo
Icon=glgo.png
Terminal=false
Type=Application
Version=1.4
Categories=Application;GTK;GNOME;Game;BoardGame;

拷贝下面这个图像到/usr/share/pixmaps/glgo.png
glgo

linux下的网络围棋软件我觉得就是这个用得最舒服。而且glgo本身也是跨平台的,也有windows和mac平台的版本可以下载。igs-panda