Some pfSense commands to keep handy!

721px-Pfs-logo-vector.svg

 

command description
pfctl -d Deactivate the pf packet filter – disables all fw functions
pfctl -e Activate the pf packet filter – enables all fw functions
pfctl -sn Shows current NAT rules
pfctl -sr Shows current filter rules
pfctl -ss Shows the current state table
pfctl -sa Show as much as possible.
viconfig Manually edit the configuration in /conf/config.xml. Once file has been saved and editor exited, the /tmp/config.cache is removed so the next config reload event will load config.xml, not the cached version. You could run the next command to trigger an instant reload.
/etc/rc.reload_all Reload the Firewall with all the configuration. This also restarts the webgui and sshd – but keeps the current ssh sessions active just as a regular sshd restart.
 
 

Debian Squeeze OpenVZ VPS vzquota errors on apt-get upgrade

Hi guys!

I stumbled upon a very annoying problem with my Debian Squeeze (6.0) VPSes hosted with GleSYS.

insserv: warning: script 'S10vzquota' missing LSB tags and overrides
insserv: warning: script is corrupt or invalid: /etc/init.d/../rc6.d/S00vzreboot
insserv: warning: script 'vzquota' missing LSB tags and overrides
insserv: There is a loop between service vzquota and stop-bootlogd if started
insserv: loop involving service stop-bootlogd at depth 2
insserv: loop involving service vzquota at depth 1
insserv: loop involving service rsyslog at depth 1
insserv: Starting vzquota depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting vzquota depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: There is a loop between service vzquota and stop-bootlogd if started
insserv: Starting vzquota depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting vzquota depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: exiting now without changing boot order!
update-rc.d: error: insserv rejected the script header
dpkg: error processing exim4-base (--configure):
subprocess installed post-installation script returned error exit status 1

This ofcourse prevented any further upgrade of this system, and has been giving me some grief as I haven’t really had the time to look into it – until now!

A quick look at the /etc/init.d/vzquota script quickly reveals that it’s simply not conforming with the Debian 6 standards on how init scripts should look. Easy fix, one thinks, until you a bit later realize that this file is recreated by OpenVZ upon each reboot of the system and thus renders any changes made to this file pretty much void as they disappear.

Fear not!

First of all, let’s replace the first line in /etc/init.d/vzquota with the following;

#!/bin/sh
### BEGIN INIT INFO
# Provides: vzquota
# Required-Start:
# Required-Stop:
# Should-Start: $local_fs $syslog
# Should-Stop: $local_fs $syslog
# Default-Start: 0 1 2 3 4 5 6
# Default-Stop:
# Short-Description: Fixed vzquota init script
### END INIT INFO

Save the file, and copy it to /etc/init.d/vzquota-working.

Create the file /etc/init.d/vzquota-fix, with the following ;

#!/bin/sh
### BEGIN INIT INFO
# Provides: vzquota-fix
# Required-Start:
# Required-Stop:
# Should-Start: $local_fs $syslog
# Should-Stop: $local_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Fix for broken vzquota init script
### END INIT INFO
set -e
cat /etc/init.d/vzquota-working > /etc/init.d/vzquota
exit 0

 

Next, run these commands ;

chmod 755 /etc/init.d/vzquotafix
update-rc.d vzquotafix defaults

Now, upon every reboot of your system, this script will recreate the broken /etc/init.d/vzquota file and you will be able to upgrade your system as intended.

The best approach is ofcourse if your VPS provider acknowledges this as a problem and implements a proper fix for it for all their Debian 6 installs. :-)

 

 

Windows Home Server 2011 restore – could not load VDS

 

Hi,

I just had an interesting encounter with my Windows Home Server when attempting to restore one of my machines. Turns out, it was impossible when following the instructions.

I’ve been hunting the web since early yesterday evening, and not until now, I managed to figure out the very simple (but odd) solution.

My machine is a Windows 7 Ultimate 64 bit machine, with raided disks.

Logically, I select “restore a 64 bit machine” when booting from the USB stick, and move through the process of selecting which partitions to restore on what drives. Flawless and quick operation as usual, up to the point where it’s actually starting the restore.

This is a snippet from the log file once the restore fails (which is pretty much instantly when it’s attempting the restore) ;

Restore – we are in state reconnectable
Restore started.
Recreating volumes 1 (0x80080005)
ERROR: Failed to initialize VDS, 0x80080005
Restore Helper :: T_Restore: Unable to recreate volumes
Restore Helper :: T_Restore: restore complete with return Value 536870913
ERROR: CDialog_Restore :: Completed failed, HR = 0x80070001 (at func: CDialog_ restore completed, d: \ wssg_src \ colorado_qfe \ baclup \ pc \ bmr \ restore wizard \ dialog_restore.cpp

Really makes no sense. Several attempts where made, and it still bombs out in the same place. Always.

I’ve followed some of the posts mentioning firewall on the WHS, others mention manual creating of partitions because the system would somehow not be able to create them by itself. Others also say “try and try again, eventuelly it will work – it did for me!”.

All false!

The simple solution that got me past this problem was to select to restore a 32 bit system instead.

Why? Good question. I have no idea, but that’s what got me through the issue after a few hours of banging my head to the wall.

 

Vu+ Blackhole image and mgcamd results i black screen?

You just got your new shiny Vu+ reciever, and you followed my advise to the letter in regards to installing mgcamd on it?

728x90 welcomebonus

So far, so good. You probably hooked it up to your TV and your LNBFs, and you are now trying to communicate with your subscription card – but nothing really happens on your screen (all black) when trying to watch encrypted channels, even though the logs on the server says that you are decoding?

You probably need to do some adjustments to the mgcamd configuration – apparantly, in some setups, mgcamd has a problem identifying the chipset on the settop box and this presents a problem when trying to decode the TS streams from the air.

Edit /var/keys/mg_cfg , and locate the line that looks like B: { 00 } at the moment.

# box type
# 00 autodetect, change only if you think wrong type detected.
# 01 dbox2
# 02 dreambox
# 03 triple-dragon
# 04 relook
# 05 openbox
# 06 dreambox/mips
# 08 stapi/kathrein
# 09 stapi/ipbox
# 11 stapi/openbox
B: { 00 }

 


 

Change this into;

B: { 06 }

And ofcourse, either restart the mgcamd via the menus or just reboot the entire box once edited for the changes to be picked up.

You should be allright after this – if not, feedback via comments is highly appreciated!

 

My Toroidal recommendations

If you’re intrested in my recommended setup for the WaveFrontier Toroidal, I’m refering you to  a direct link that goes to satlex.eu, and lists all relevant satellites.

I’ve decided to go between 33E and 1.0W here. The reason for that is that I will have 16E as my center LNBF, and point the dish straight south – WITHOUT a need for a complex skew. The skew here is at 89.44 degrees, ie 0.56 degrees West. That’s pretty close to “nothing”.

728x90 welcomebonus

http://www.satlex.eu/sv/wavefrontier_calc-params.html?satlo_east=33.0&user_satlo_east=&user_satlo_east_dir=E&satlo_west=-1.0&user_satlo_west=&user_satlo_west_dir=W&location=60.70%2C17.10&la=60.70&lo=17.10&country_code=se

PLEASE NOTE!

Use Google Maps and find the exakt GPS coordinates where you are looking at placing the Toroidal. This helps, and gives you the best accurate numbers on how to configure the Toroidal dish and LNBFs. Giving the wrong location for input is not going to make your life easier!

On the other hand, if you use a Maximum Toroidal antenna, you need to move forward a bit differently.

The baseline here, to recieve the satellites 28.2E, 13E, 4.8E and 0.8W, your baseline settings should be;

Azimuth – 178 degrees.
Skew – about 95 on the scale. Will need adjustment.
Elevation – 27 degrees. Maybe a bit lower.

L14 => 28.2E Sky UK / Eurobird 1
0 => 13E Hotbird
R10 => 4.8E Sirius
R14 => 0.8W Thor

Ofcourse, there will be more finetuning needed to get proper reception on all four, but this is a good starting point.

 

Toroidal t55 t90 How to configure mount, setup and finetune – installation

The illustration shows how signal travels through WaveFrontier Toroidal. Signals are reflected twice; 1st on the main reflector and 2nd on the sub reflector. This is how Toroidal can capture multiple signals within 40 degrees in arc. [In other words, you can capture satellites from 90W ~ 130W or 60W ~ 100W or 110W ~ 150 or 1W ~ 33E.]

Please note that LNBF for your upper right satellite (e.g.1.0W) is on the left side of guide at R20 (if you stand behind the dish).

You will find markings (from R20 to L20) on both guide(A4) and holder supporter(A9).

 

 

 

 

Get your preferred setup out in front of you before proceeding. Ofcourse, if you are trying to rip off my base setup (which makes sense, since it’s awesome), I’ll simply refer you to my other post that contains all necessary information so you can pick and choose from the available satellites between 33E and 1W.

If your LNBF neck diameter is less than 40mm, you will need an adapter. With the Toroidal TD90 dish, you will recieve 5 LNBF holders – and 5 adapters.
Align the LNBF holder line to the corresponding scale on the holder supporter. If your setup info indicates that “A” satellite is L10, rotate the holder till holder line reaches the L10 line on the supporter.

This adjustment has a minimal impact on signal strength. If your setup info indicates a value with decimal number such as L14.7, place between L10 and L20.

 

 

 

 

Place your pre-assembled holder onto the guide. Locate the center of the holder to the
value give on the information. If your setup info indicates that “A” satellite is at L10, place the holder at L10 on the guide.

You will be making adjustment of this location when you do the fine tuning of Toroidal
alignment at the final stage.

 

 

 

 

Tip: You will be making adjustment on elevation, skew and azimuth angles when  optimizing your setup throughout the process.

Do not use excessive force when assembling moving parts.

VERY IMPORTANT: Make sure that your pole mount is in absolute vertical position.

Use angle scale locator or adjust ‘Edge Elevation Indicator’ to the value provided.

Note that elevation is the most important and critical factor in aligning Toroidal dish.

 

 

 

Adjust skew angle as given in the setup
information.

 

 

 

 

 

 

 

 

 

If possible, align Toroidal on the ground level with your receiver and monitor right next to Toroidal. (or use a sat finder equipment). It is MUCH FASTER, EASIER and SAFER.

1. Connect your receiver to the center LNBF (closest one to the center).

2. Swing the dish left/right to find signal on your center LNBF. You may also need to
adjust elevation to do this.

3. Once you found signal, do the fine-tuning by adjusting elevation and azimuth and
check signal strength simultaneously, get the best possible signal you can get.

4. You will need to move the dish (up/down and left/right) a little by little to get the
best signal. It will take time and patience.

 

 

 

 

Once you have a satisfactory signal on the center LNBF, move on to the next LNBF.

You can also make adjustment on location of each LNBF (except center-LNBF) to get a better signal.

Tip: Even if your azimuth is off from the calculated setup info, you can recover azimuth offset by adjusting LNBF location on the guide.

 

 

The alignment process of Toroidal is to adjust two lines in parallel.

Assume that “A” line is formed by your LNBFs and “B” line is formed by your target satellites.

The alignment process of Toroidal is to make these two lines parallel.

To make things worse – in reality, the line B is not a straight line.

 

 

 

Assume that you have 3 satellites that you want to target.

Assume Your signal readings are as follows after the initial alignment process;

x LNBF A: No signal
x LNBF B: 75%
x LNBF C: 95%

 

 

 

You will need to lower elevation since your center-LNBF is at a higher point than the satellite B’s focal point.

After elevation adjustment, signal readings will be:

x LNBF A: 75%
x LNBF B: 95%
x LNBF C: 75%

Now your LNBF A is at higher point and  LNBF C is at lower point.

 

The final step would be changing a skew angle to align A & C.

After the skew angle adjustment:

x LNBF A: 95%
x LNBF B: 95%
x LNBF C: 95%

The adjustment of skew angle is same as adjusting the elevation angles for sat A &
C.

 

 

 

 

How to – update Vu+ satellites.xml

If your Vu+ is slow and feels bulky when scanning through your satellites that you have configured, odds are that the file that contains a list of all transponders and other satellite information is outdated or invalid, containing alot of junk information slowing the process down.

The best way to sort this problem out is to generate a custom satellites.xml file for only the satellites that you are intending on recieving. Updating this once a year or so is a good idea, since the configuration of these transponders can change – some are added, some are removed.

Firstly you need to download an up-to-date satellites.xml which can be downloaded from the link below. Just go and select the satellites you want and download it at the bottom of the page.

http://satellites-xml.org/

Once this has been downloaded to your computer, it’s time to transfer it to your Vu+ box. This can be done with scp, ftp or even with telnet cut’n’paste if you’re a bit tech savvy. Ask the person that helped you configure your Vu+ initially for details exactlh how this process could work best for you.

Save the satellites.xml file in /etc/enigma2/ – absolutely not in /etc/tuxbox.

Restart your box. Voila. The new satellites.xml is in place, ready to be used for scanning your favourite satellites.

Now some of you might be wondering “Why use etc/enigma2 and not etc/tuxbox…?”. Easy!

The image comes with a built-in satellites.xml, located in etc/tuxbox. This is a system-file and is being updated as soon as an online update of the image is carried out. Also, there could be a possibility the file in this location maybe overwritten by the system.

You can also use a customised satellites.xml, placed in etc/enigma2. If one is available here, it takes priority over the system-file in etc/tuxbox. If this one is messed up, it can be deleted and the system-file will take over immediately (after an E2-restart).

Vu+ Solo with Blackhole and mgCamd – how to

Update 2013-07-13: New post on this topic, for Black Hole v2. Follow this guide instead – it makes your life easier.

https://www.engren.se/2013/07/13/vu-with-black-hole-v2-image-and-mgcamd-made-easy/

 

I was asked yesterday on how to upgrade a Vu+ Solo to the custom firmware Blackhole, and how to include mgcamd on the image.

Now, purchase a Vu+. Shameless plug here, my suggestion is to get it from www.nettosat.se. Decent pricing, awesome support. Avoid Dreamboxes though. Seriously. Danger, Will Robinson. Danger.

Get a USB stick, 512 megs or bigger. Make sure you format it with FAT, or it won’t work.

Download the firmware from here – BlackHole-1.7.6-vusolo_usb.zip (Duo image: BlackHole-1.7.6-bm750_usb.zip)

Place the unpacked zip with intact directory structure directly in the root of the USB stick, it should look like this:

/vuplus/solo/boot_cfe_auto.jffs2
/vuplus/solo/kernel_cfe_auto.bin
/vuplus/solo/root_cfe_auto.jffs2

Download the mgacmd_BH1.3.6.zip and place all four .tgz files in the root of your USB stick.

The next step is to plug the USB stick into the USB port behind the front cover of the Vu+. If the box is powered up, press the reset button on the back, otherwise just power it on. Once the indicator lamp on the front of the Vu+ is blinking rapidly (can take up to 5 minutes), it’s time to unplug the USB stick and press the reset button.

Congratulations, your Vu+ is now running the v1.7.6 BlackHole image!

Next step is to go through the settings of your BlackHole to find the IP of your Vu+.

Telnet to this IP, and login using the user “root” and with a blank password. Use the passwd command to set the password to something you WILL remember (perhaps “password” is a good choice here – or write down the password on a sticker that you tape on the bottom of the box. You don’t want to loose it!) so you can scp files into the box should you ever need it.

 


 

Plug the USB stick in the BACK USB port, and mount the USB stick with the two commands when logged in with telnet;

mkdir /mnt/testing
mount /dev/sda1 /mnt/testing

and then copy the relevant .tgz files to /tmp/;

cp /mnt/testing/*tgz /tmp/

If this is done properly, you will now be able to browse to the plugin menu (green and then red button) and install plugin from zip file. You want to select Mgcamd_135a_E2_bh – ignore the newcs version for now. That’s a different basket of eggs, and is only to be used if you intend to use your Vu+ as a card reader to serve other Vu+ boxes in your house. This howto explains only how to setup your Vu+ as a client.

Now, it’s time to configure mgcamd. Edit the settings below to correctly reflect your server setup at home, and then paste one line at t time in the console window when logged in with telnet;

echo >/usr/keys/newcamd.list CWS_KEEPALIVE = 300
echo >>/usr/keys/newcamd.list CWS_INCOMING_PORT = 21000
echo >>/usr/keys/newcamd.list CWS = 192.168.1.100 20000 username password 10 02 13 04 15 06 17 08 01 10 11 12 13 14 wan cardsrv
echo >>/usr/keys/mg_cfg “G: { 01 }”
echo >>/usr/keys/mg_cfg “P: { 00 }”

Type “sync” to ensure that the file system is synced, and then “reboot” to force a reboot. This is just done to be 100% certain that your actions above has been taken accordingly.

Once the box has booted, use the BLUE button to change your default CAM from “CI” to mgcamd.

With all this in place, you are now ready to move forward with setting up your box on the satellite side. This is already covered in the included getting started manual for your Vu+ box, and should be fairly simple.

Good luck, and remember that using the information in this post is your own responsibility. If you use it for illegal activities, I will be fairly disappointed. If you use it to expand your own subscription card into the bedroom or the upstairs TV, you are probably violating the subscription terms, but not any swedish laws that I know of. (If I’m wrong here, please let me know and I’ll adjust the posts accordingly). If you blow up your box, you probably didn’t follow my guide exactly – again, not my fault at all.

 

Update 2012-09-09 ; I found some weird behaviour from mgcamd on certain Vu+ models. Not all though. If you experience a black screen on your Vu+ even though your home server says that it’s decoding, odds are that your mgcamd installation has not been able to identify the chipset on the settop box and therefor is unable to present the decoded image properly.

Look no further though, I have the solution for you. :-)

https://www.engren.se/2012/09/09/vu-blackhole-image-and-mgcamd-results-i-black-screen/

 

Auto updating WordPress CentOS VPS with GleSYS Internet Services

Update 2013-11-01: GleSYS has released a new version of their control panel, so I’ve remade the steps necessary to create the server in this post.

Hi guys,

A friend/ex-colleague of mine has been on the look-out for a decent web hotel that would be able to serve their need of WordPress, preferably with phpmyadmin and other web based tools for administering the server. I’ve left out phpmyadmin here, but I’d be happy to post a follow up if anyone wants to.

Just because of that, I figured I’d put together a small tutorial on how to create an OK VPS for a usual WordPress installation. The advantages of using a VPS is ofcourse that you can crank up the performance in case your WordPress site becomes very popular.

First of all, you need an account with GleSYS Internet Services AB – http://www.glesys.se/ – you can register online, and ofcourse, they accept Paypal payments so no need to hand out your card details anywhere.

Once registered and logged into the control panel, you go to the server tab on top. This brings you to an overview page. Before we start to create a server, we need to reserve two IP addresses for your server – one IPv4, and one IPv6. Select “Manage IPs”, and then get fill out the setup like this. Click “reserve address” once you selected one of the available addresses.

And repeat for IPv6 ;

Now, to setup your server – make sure you are on the “Server” tab still, and on the right – you have the option of “”Create new server”. That brings you to a separate page with multiple steps.

Step 1 – select a datacenter and type of VPS, and operating system.

 


 

As the operating system, I’ve chosen CentOS 6 64bit. You might prefer another flavour for your Linux distribution, but please keep in mind that CentOS is basically a rebranded Red Hat – one of very few enterprise grade Linux distributions out there. I’d recommend CentOS any day simply because of the stability it provides – and this guide is ofcourse also aimed fully towards CentOS. ;)

Depending on what you are looking for in regards to VPS type, you can choose between Xen, OpenVZ and VMware. In this example, I’ve chosen Xen simply because it’s the best option available at this point. OpenVZ is cheaper, but not a fully virtualised system. VMware is still in beta, but the difference between Xen and VMware won’t really be noticable for you, unless you have special needs.

Moving on to step #2 !

In this step, you will configure the base bits of the server. Hostname, root password, amount of RAM, diskspace and how much you initially expect the server to be using in regards to transfer. I’ve chosen a minimalistic approach here – but if you have a very popular WordPress site, you might want to increase the CPU cores and amount of transfer already.

Do not forget to select the IPv4 and IPv6 addresses in the dropdown selection boxes on the right. You want to be able to reach your server once it’s installed.

Click “create server”, and GleSYS automated system will create the server for you in a few seconds, and then present you with a new summary screen :

Once completed, you will see your server active and running – and you are now able to get your hands dirty with some Linux and CentOS commands to get automated updates in place, Apache, MySQL, WordPress and other tools that you might be intrested in!

Use your favourite SSH client to log into the server. I prefer putty, but you might already have your favourite. Log into the server using the username “root” and the password that you selected. This should bring you right into the system, with the following prompt appearing on your screen, with the prompt blinking restlessly wanting you to do something:

[root@myhostname ~]# 

The first command to run is yum upgrade to bring your installation of CentOS 6 to the latest available. This process will be automated later on in this tutorial, but for now, let’s just get everything up to speed with the latest release to be able to move forward!

[root@myhostname ~]# yum upgrade

You will be prompted with the following text once you’ve typed yum upgrade

Transaction Summary
================================================================================
Install 1 Package(s)
Upgrade 143 Package(s)

Total download size: 119 M
Is this ok [y/N]:

Press ‘y’, and the system will start upgrading. This might take a few minutes.

Once upgraded, you want to add a user that is not root. This is to avoid using the superuser user for anything really. If your root password happens to slip into the public, you have major problems!

The following will add the user ‘hans’, with home directory in /home – and we’ll also make sure to change the password to something that we’ll remember but that is hard to guess.

[root@myhostname ~]# adduser -d /home/hans -c "Hans Engren" -m hans
[root@myhostname ~]# passwd hans
Changing password for user hans.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

Now, before proceeding, follow the tutorial available at http://www.pendrivelinux.com/how-to-add-a-user-to-the-sudoers-list/ prior to moving on here. This ensures that your user will end up in the sudoers file, and you will never have to touch the root user again.

In order to make sure you don’t have to do complex scripting, I’ve taken the liberty to create some ready shell scripts for you, to be placed in different locations. I’ll try to explain each script for you.

yumupdate.sh should be placed in /etc/cron.daily/. This script will perform a ‘yum update’ once per day, to ensure that your system is always up to date with the latest updates and security patches around. Important!! => This is only for OS level – your WordPress installation will still have to be maintained and updated by yourself!

[root@myhostname ~]# wget -O /etc/cron.daily/yumupdate.sh https://www.engren.se/scripts/yumupdate.sh
[root@myhostname ~]# chmod +x /etc/cron.daily/yumupdate.sh

You also want to install rpmforge, so your system can use suPHP. suPHP is a pretty nifty Apache extension that ensures that only the user that owns a certain PHP script is allowed to run it. This means that nobody can sneak in bad scripts on your system and fool you into running them. Probably very little risk on a dedicated system like this, but I prefer to use this as a best practice.

[root@myhostname ~]# rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
[root@myhostname ~]# cd /tmp
[root@myhostname tmp]# wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

Now, make sure that the rpmforge you downloaded is the right one.

[root@myhostname tmp]# rpm -K rpmforge-release-0.5.2-2.el6.rf.*.rpm

The result should say something like:

rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm: (sha1) dsa sha1 md5 gpg OK

Now, time to install the package.

[root@myhostname tmp]# rpm -i rpmforge-release-0.5.2-2.el6.rf.*.rpm

Move on with installing Apache, taking backups of the configuration file and autostarting Apache:

[root@myhostname tmp]# yum install httpd
[root@myhostname tmp]# cp /etc/httpd/conf/httpd.conf ~/httpd.conf.backup
[root@myhostname tmp]# /sbin/chkconfig --levels 235 httpd on

Moving on, we’re installing MySQL:

[root@myhostname tmp]# yum install mysql-server

The output will be something like this:

================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
mysql-server x86_64 5.1.61-1.el6_2.1 updates 8.1 M
Installing for dependencies:
mysql x86_64 5.1.61-1.el6_2.1 updates 881 k
mysql-libs x86_64 5.1.61-1.el6_2.1 updates 1.2 M
perl-DBD-MySQL x86_64 4.013-3.el6 base 134 k
perl-DBI x86_64 1.609-4.el6 base 705 k

Transaction Summary
================================================================================
Install 5 Package(s)

Total download size: 11 M
Installed size: 32 M
Is this ok [y/N]: y

Ofcourse, you answer ‘y’ on this prompt. Once installed, you want to autostart MySQL too.

[root@myhostname tmp]# /sbin/chkconfig --levels 235 mysqld on

Then, let’s start MySQL and launch the configuration script mysql_secure_installation.

[root@myhostname tmp]# /etc/init.d/mysqld start
[root@myhostname tmp]# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we'll need the current
password for the root user. If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
... Success!

Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
... Success!

By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
... Success!

Cleaning up...

All done! If you've completed all of the above steps, your MySQL installation should now be as secure.

Thanks for using MySQL!

This has secured your database a bit, and we can now move on with creating the database for your WordPress. Use the MySQL database root password that you entered in the secure installation script previously.

[root@myhostname tmp]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 10
Server version: 5.1.61 Source distribution

Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> create database wordpress;
Query OK, 1 row affected (0.00 sec)

mysql> grant all on wordpress.* to 'myuser' identified by 'mypassword';
Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

That’s MySQL configured, with database created for WordPress. All good. Time to install PHP and suPHP.

[root@myhostname tmp]# yum install php php-pear php-mysql php-gd php-cli mod_suphp

Just answer ‘yes’ on the prompt that pops up, and you’ll have the necessary components installed.

The next step is to add a user for WordPress PHP files.

[root@myhostname tmp]# adduser -d /var/www/html -c "Wordpress" wordpress

You also want to ensure that you create a password for the wordpress user. Not having a password might be a bad idea, so setting a password for freshly created accounts is a good thing. You can chose something complicated here – you won’t be using it as WordPress 3 can do auto updates without an FTP account.

[root@myhostname tmp]# passwd wordpress

Follow the on screen instructions.

Next step, change ownership of /var/www/html:

[root@myhostname tmp]# chown wordpress:wordpress /var/www/html

Also, there are some files that you need to replace. I have prepared them for you, but in short, /etc/suphp.conf needs to have some options enclosed within quotes (“) and the package from rpmforge does not have that – and the Apache suphp.conf requires some modifications to override the built in PHP configuration and run it via suPHP instead.

[root@myhostname tmp]# wget -O /etc/suphp.conf https://www.engren.se/scripts/new-suphp.conf
[root@myhostname tmp]# wget -O /etc/httpd/conf.d/suphp.conf https://www.engren.se/scripts/suphp.conf
[root@myhostname tmp]# wget -O /var/www/html/phpinfo.php https://www.engren.se/scripts/info.php.txt
[root@myhostname tmp]# chown wordpress:wordpress /var/www/html/phpinfo.php

Now, restart Apache.

[root@myhostname tmp]# /etc/init.d/httpd restart

It’s now time to check if your PHP and Apache installation worked – much simpler than you might think!

Use a web browser, and browse to http://YOURIP/phpinfo.php

If you see something simular to this picture, PHP is installed and functional just as expected! If not, something failed – contact me either via the comments field or via mail and I’ll be happy to help you out.

This means it’s time to move ahead with the WordPress installation.

[root@myhostname tmp]# wget -O /usr/local/src/wordpress.tar.gz http://wordpress.org/latest.tar.gz
[root@myhostname tmp]# cd /var/www/html
[root@myhostname html]# tar xfz /usr/local/src/wordpress.tar.gz
[root@myhostname html]# mv wordpress/* .
[root@myhostname html]# rmdir wordpress
[root@myhostname html]# chown -Rf wordpress:wordpress *

Congratulations, we’re almost done with the WordPress installation! Open up a browser, browse to http://YOURIP/ and follow these picture instructions for the remaining bits’n’pieces. It should be pretty clear from here on!

 

 

 

 

 

 

 

 

That’s it – you now have a working WordPress installation on a self-updating CentOS 6 system, where WP updates are working as expected from day 1, hosted on a VPS with GleSYS Internet Services, one of Swedens absolute top VPS providers.

For further information om how WordPress works, you can find that information here; http://www.siteground.com/tutorials/wordpress/wordpress_start.htm

Please let me know via mail or the comment field below if you feel that I have missed something in this document – or even if you just want to provide feedback if you used it. :-)

Enjoy!

 

Ainol Novo 7 Paladin ICS 4.0.3 update released

Hi guys!

I know I’ve promised to get back to you with a more in depth review of this tablet, but I haven’t had much time to play with either of them. Or, well, I’ve had time – they have just been occupied by their owners. A positive sign for these tablets, I’d say!

I’ve just upgraded one of the tablets from ICS 4.0.1 to ICS 4.0.3, and as a result, a little bit quicker tablet. Unfortunally I have no changelog for what has changed between the two releases, but it seems to be quite alot. It’s recommendable if you have one of these.

As a reminder for myself and a redundant archive, I’ll copy the instructions and wise words from Colonel Zap;

1. Go to your settings and remember where to change the system language.
2. Download the update.zip here. (and yes, I mirrored the file too)
3. Copy the update.zip to the root of your sd-card. DO NOT UNPACK.
4. Tablet is off, sd-card is inserted. Press and hold Vol + and Power until update procedure starts.
5. Be patient, wait until update is complete and tablet reboots.
6. Go to the settings and change the language from Chinese to whatever you like (hope you didn’t skip step 1)
7. Enjoy!

As a positive side effect, svtplay mobile (website) actually shows HD content now. Not sure if this is the actual Paladin update or SVTPlay sorting out some more problems on their side. All good, either way. :)

 

Edit 2012-02-28;

Apparently, there is a ClockworkMod out for this tablet, together with other information on how to get Youtube running if you are struggling with that, in combination with a custom rom that has been released.

I have followed this up with another post and instructions on how to proceed here.

The future looks bright for Ainol Paladin users!