There are instances that Samsung won't mount automatically there is a couple of fixes out there but this one works fine with my setup. I am using a Mint Linux
Works on 32bit and 64bit Linux. Just a quick guide on how to configure Linux for file transfers using MTP. The instructions and config is intended for Ubuntu Natty 32bit and 64bit, though the same process will work on other platforms – the only real difference being the package manager commands and possibly the config file locations.
The attached files are for the Galaxy Tab 10.1v but should work for the 10.1g / 10.1 as well. See the end of the post to learn how to modify this config to work for other devices.
How to configure for gMTP and other Media Sync tools
1) Install aptitude
sudo apt-get install aptitude
2) Install mtp-tools and mtpfs
sudo aptitude install mtpfs mtp-tools
3) Download this file: 98-gtab.zip for 32bit Linux or 98-gtab.rules-AMD64.zip for 64bit Linux to your desktop.
4) Extract the 98-gtab.rules file to your desktop
5) Copy the rules file to /etc/udev/rules.d/
sudo cp ~/Desktop/98-gtab.rules /etc/udev/rules.d
6) Reboot
7) Connect your Tab
8) Run the following command to confirm it is working:
ls /dev | grep gtab
This command should return “gtab” if successful. If not, follow the “Modifying” guide below.
9) Download / install gMTP
sudo apt-get install gmtp
10) Open gMTP and select “connect” from the menu
Setting up for Automount (Optional, but recommended)
Before follow these instructions, you must have completed Steps 1-8 above.
1) Edit your fstab file to add your gtab:
sudo gedit /etc/fstab
2) Add this to the end of the file:
#gtab
mtpfs /media/gtab fuse user,noauto,allow_other 0 0
3) Save and exit
4) Open fuse.conf for editing:
sudo gedit /etc/fuse.conf
5) Find the following line and remove the #
#user_allow_other
6) Save and exit
7) Open and edit the groups file:
sudo gedit /etc/group
8) Find the details for the group ‘fuse’ and append your username to the end of the line eg.
fuse:x:104:
9) Save and exit
10) Create the folder to mount your Tab:
sudo mkdir /media/gtab
11) Take ownership of the folder:
sudo chown :users /media/gtab
12) Reboot
13) Plug in your Tab.
14) Click on the Places menu and click gtab.
15) You’re in business!
Modifying for other devices
If the above doesn’t work immediately on the 10.1g / 10.1 (I have only tested on the 10.1v), you can easily edit the rules file to support your device.
1) Install lsusb
sudo apt-get install lsusb
2) Run lsusb
lsusb
3) Check the output of this command to find your device. The 10.1v is shown like this:
Bus 001 Device 010: ID 04e8:6860 Samsung Electronics Co., Ltd
4) Make a note of the Vendor and Product IDs. In the example above, the vendor ID is 04e8 and device ID is 6860 (note 04e8:6860 in the output).
5) Open the rules file for editing (if it’s not already in /etc/udev/rules.d, copy it there now)
sudo gedit /etc/udev/rules.d/98-gtab.rules
6) Find this line
ATTRS{idVendor}==”04e8″, ATTRS{idProduct}==”6860″, MODE=”0666″ SYMLINK+=”gtab”
7) Replace the Vendor ID (04e8) and Product ID (6860) with the ones that you got from step 3 above.
8) Save and exit
9) Reboot
10) Follow step 7 onward in the first guide above
32bit RULES FILE:
ACTION!=”add”, GOTO=”gtab_rules_end”
SUBSYSTEM!=”usb|usb_device”, GOTO=”gtab_usb_end”
ATTRS{idVendor}==”04e8″, ATTRS{idProduct}==”6860″, MODE=”0666″ SYMLINK+=”gtab”
LABEL=”gtab_usb_end”
LABEL=”gtab_rules_end”
64bit RULES FILE:
ACTION!=”add”, GOTO=”gtab_rules_end”
SUBSYSTEM!=”usb|usb_device”, GOTO=”gtab_usb_end”
ATTRS{idVendor}==”04e8″, ATTRS{idProduct}==”6860″, MODE=”0777″ SYMLINK+=”gtab”
LABEL=”gtab_usb_end”
LABEL=”gtab_rules_end”
Thursday, August 25, 2011
Tuesday, August 23, 2011
Additional Datastores for your ESXi 4.1 server via NFS running on CentOS 6
I've recently run out of storage for creation of new instances of servers to our test environment and the IBM 300X series has maxed out. What I did was introduce an NFS drive and mount it on EXSi using vSphere client running on Windows. There are a couple of chores to do first before you can perform this. In my case, I have a spare server running on CentOS 6 with enough SATA/ports to get the job done. So basically, the idea was to prep a new hardrive and configure it to be used as an NFS drive. Lets get down to the details.
First make a directory to place the NFS export mount and assign permissions. Also open up write permissions on this directory if you’d like anyone to be able to write to it, be careful with this as there are security implications and anyone will be able to write that mounts the share:
# mkdir /nfs
# chmod a+w /nfs
Now we need to install the NFS server packages. We will include a package named “rpcbind”, which is apparently a newly named/implementation of the “portmap” service. Note that “rpcbind” may not be required to be running if you are going to use NFSv4 only, but it is a dependency to install “nfs-utils” package.
# yum -y install nfs-utils rpcbind
Verify that the required services are configured to start, “rpcbind” and “nfslock” should be on by default anyhow:
# chkconfig nfs on
# chkconfig rpcbind on
# chkconfig nfslock on
Configure APF Firewall for NFS
Rather than disabling the firewall it is a good idea to configure NFS to work with APF for (iptables). For NFSv3/v4 we need to lock several daemons related to rpcbind/portmap to statically assigned ports. We will then specify these ports to be made available in the INPUT chain for inbound traffic. Fortunately for NFSv4 this is greatly simplified and in a basic configuration TCP 2049 should be the only inbound port required.
First edit the “/etc/sysconfig/nfs” file and uncomment these directives. You can customize the ports if you wish but I will stick with the defaults:
# vi /etc/sysconfig/nfs
RQUOTAD_PORT=875
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
STATD_PORT=662
STATD_OUTGOING_PORT=2020
We now need to modify the APF firewall configuration to allow access to the NFS ports. For simplicity I did not use “iptables” command and insert the appropriate rules, in my case I am using APF to get the iptables done.
# vi /etc/apf/conf.apf and look for the:
IG_TCP_CPORTS="111,662,875,892,2049,32803" <-- add="" also="" and="" br="" ig_udp_cports="111,662,875,892,2049,32769" look="" ports="" section="" the="" these="" to="" udp="">
Now save the APF configuration to the config file so it will apply when APF is restarted:
# service apf restart
Now we need to edit “/etc/exports” and add the path to publish in NFS. In this example I will make the NFS export available to clients on the 192.168.10.0 subnet. I will also allow read/write access, specify synchronous writing, and allow root access. Asynchronous writes are supposed to be safe in NFSv3 and would allow for higher performance if you desire. The root access is potentially a security risk but AFAIK it is necessary with VMware ESXi.
# vi /etc/exports
/nfs 192.168.10.0/255.255.255.0(rw,sync,no_root_squash)
Configure SELinux for NFS Export
Rather than disable SELinux it is a good idea to configure it to allow remote clients to access files that are exported via NFS share. This is fairly simple and involves setting the SELinux boolean value using the “setsebool” utility. In this example we’ll use the “read/write” boolean but we can also use “nfs_export_all_ro” to allow NFS exports read-only and “use_nfs_home_dirs” to allow home directories to be exported.
# setsebool -P nfs_export_all_rw 1
Now we will start the NFS services:
# service rpcbind start
# service nfs start
# service nfslock start
If at any point you add or remove directory exports with NFS in the “/etc/exports” file, run “exportfs” to change the export table:
# exportfs -a
Implement TCP Wrappers for Greater Security
TCP Wrappers can allow us greater scrutiny in allowing hosts to access certain listening daemons on the NFS server other than using iptables alone. Keep in mind TCP Wrappers will parse first through “hosts.allow” then “hosts.deny” and the first match will be used to determine access. If there is no match in either file, access will be permitted.
Append a rule with a subnet or domain name appropriate for your environment to restrict allowable access. Domain names are implemented with a preceding period, such as “.mydomain.com” without the quotations. The subnet can also be specified like “192.168.10.” if desired instead of including the netmask.
vi /etc/hosts.allow
mountd: 192.168.10.0/255.255.255.0
Append these directives to the “hosts.deny” file to deny access from all other domains or networks:
vi /etc/hosts.deny
portmap:ALL
lockd:ALL
mountd:ALL
rquotad:ALL
statd:ALL
And that should just about do it. No restarts should be necessary to apply the TCP Wrappers configuration. I was able to connect with both my Ubuntu NFSv4 and VMware ESXi NFSv3 clients without issues. If you’d like to check activity and see the different NFS versions running simply type:
# watch -n 1 "nfsstat"
Troubleshooting:
If you encounter errors while attaching/adding the new NFS resource to your ESXi host via vCenter do the following steps:
1. Ensure that you check the "setup" command and un-tick the enable Firewall option and save.
2. Edit the /etc/selinux/config file and do the changes on the line SELINUX=enforcing and change it to SELINUX=disable, save and close.
3. Reload -- rpcbind, nfslock and nfs services.
Try again and cheers!!!
First make a directory to place the NFS export mount and assign permissions. Also open up write permissions on this directory if you’d like anyone to be able to write to it, be careful with this as there are security implications and anyone will be able to write that mounts the share:
# mkdir /nfs
# chmod a+w /nfs
Now we need to install the NFS server packages. We will include a package named “rpcbind”, which is apparently a newly named/implementation of the “portmap” service. Note that “rpcbind” may not be required to be running if you are going to use NFSv4 only, but it is a dependency to install “nfs-utils” package.
# yum -y install nfs-utils rpcbind
Verify that the required services are configured to start, “rpcbind” and “nfslock” should be on by default anyhow:
# chkconfig nfs on
# chkconfig rpcbind on
# chkconfig nfslock on
Configure APF Firewall for NFS
Rather than disabling the firewall it is a good idea to configure NFS to work with APF for (iptables). For NFSv3/v4 we need to lock several daemons related to rpcbind/portmap to statically assigned ports. We will then specify these ports to be made available in the INPUT chain for inbound traffic. Fortunately for NFSv4 this is greatly simplified and in a basic configuration TCP 2049 should be the only inbound port required.
First edit the “/etc/sysconfig/nfs” file and uncomment these directives. You can customize the ports if you wish but I will stick with the defaults:
# vi /etc/sysconfig/nfs
RQUOTAD_PORT=875
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
STATD_PORT=662
STATD_OUTGOING_PORT=2020
We now need to modify the APF firewall configuration to allow access to the NFS ports. For simplicity I did not use “iptables” command and insert the appropriate rules, in my case I am using APF to get the iptables done.
# vi /etc/apf/conf.apf and look for the:
IG_TCP_CPORTS="111,662,875,892,2049,32803" <-- add="" also="" and="" br="" ig_udp_cports="111,662,875,892,2049,32769" look="" ports="" section="" the="" these="" to="" udp="">
Now save the APF configuration to the config file so it will apply when APF is restarted:
# service apf restart
Now we need to edit “/etc/exports” and add the path to publish in NFS. In this example I will make the NFS export available to clients on the 192.168.10.0 subnet. I will also allow read/write access, specify synchronous writing, and allow root access. Asynchronous writes are supposed to be safe in NFSv3 and would allow for higher performance if you desire. The root access is potentially a security risk but AFAIK it is necessary with VMware ESXi.
# vi /etc/exports
/nfs 192.168.10.0/255.255.255.0(rw,sync,no_root_squash)
Configure SELinux for NFS Export
Rather than disable SELinux it is a good idea to configure it to allow remote clients to access files that are exported via NFS share. This is fairly simple and involves setting the SELinux boolean value using the “setsebool” utility. In this example we’ll use the “read/write” boolean but we can also use “nfs_export_all_ro” to allow NFS exports read-only and “use_nfs_home_dirs” to allow home directories to be exported.
# setsebool -P nfs_export_all_rw 1
Now we will start the NFS services:
# service rpcbind start
# service nfs start
# service nfslock start
If at any point you add or remove directory exports with NFS in the “/etc/exports” file, run “exportfs” to change the export table:
# exportfs -a
Implement TCP Wrappers for Greater Security
TCP Wrappers can allow us greater scrutiny in allowing hosts to access certain listening daemons on the NFS server other than using iptables alone. Keep in mind TCP Wrappers will parse first through “hosts.allow” then “hosts.deny” and the first match will be used to determine access. If there is no match in either file, access will be permitted.
Append a rule with a subnet or domain name appropriate for your environment to restrict allowable access. Domain names are implemented with a preceding period, such as “.mydomain.com” without the quotations. The subnet can also be specified like “192.168.10.” if desired instead of including the netmask.
vi /etc/hosts.allow
mountd: 192.168.10.0/255.255.255.0
Append these directives to the “hosts.deny” file to deny access from all other domains or networks:
vi /etc/hosts.deny
portmap:ALL
lockd:ALL
mountd:ALL
rquotad:ALL
statd:ALL
And that should just about do it. No restarts should be necessary to apply the TCP Wrappers configuration. I was able to connect with both my Ubuntu NFSv4 and VMware ESXi NFSv3 clients without issues. If you’d like to check activity and see the different NFS versions running simply type:
# watch -n 1 "nfsstat"
Troubleshooting:
If you encounter errors while attaching/adding the new NFS resource to your ESXi host via vCenter do the following steps:
1. Ensure that you check the "setup" command and un-tick the enable Firewall option and save.
2. Edit the /etc/selinux/config file and do the changes on the line SELINUX=enforcing and change it to SELINUX=disable, save and close.
3. Reload -- rpcbind, nfslock and nfs services.
Try again and cheers!!!
Tuesday, August 16, 2011
Force Apache2 to Redirect All Inbound Traffic to SSL
In this post, I will make another good attribution from a very good post from the net. Configuring apache2 to force redirection of http to https traffic.
Apache2: Forcing All Inbound Traffic to SSL
So, you have an Apache 2 web server and you have decided that you want to force all inbound traffic to be encrypted via HTTPS (port 443) instead of HTTP (port 80). This method actually “dumbs down” the connection so the average user can’t inadvertently negotiate your web site without encrypting their traffic.
My web server of choice is Apache2, running on a Linux Operating System. Preferably Debian but we’ll discuss an option for Red Hat Enterprise Linux 4 (RHEL-4). That being said, you need Apache installed and running on Linux. You also need the Apache module “mod_rewrite.so” installed and an encryption key generated for your server.
In the following snippet of .conf file we will first load mod_rewrite and then redirect all inbound port 80 traffic to port 443.
Add the following code section to your httpd.conf down around line #220, right after the big “load modules” section.
Be aware that “#’s” indicate a comment line in the .conf file and are ignored by Apache2.
#########################################
#### XXX: BEGIN EDIT FOR MOD_REWRITE ####
#### This is intended to force HTTPS ####
#### for all inbound HTTP requests ####
####
# This module (mod_rewrite) simply tells Apache2 that all connections to
# port 80 need to go to port 443 – SSL – No exceptions
####
LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine on
####
# The line below sets the rewrite condition for mod_rewrite.so.
# That is, if the server port does not equal 443, then this condition is true
####
ReWriteCond %{SERVER_PORT} !^443$
####
# The line below is the rule, it states that if above condition is true,
# and the request can be any url, then redirect everything to https:// plus
# the original url that was requested.
####
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
#### XXX: END EDIT FOR MOD_REWRITE ####
#######################################
Add the code to httpd.conf and restart Apache2, check your logs for errors to ensure a clean startup and connect to your server on port 80. It should be instantly redirected to 443.
Alternatively, on RHEL4, you can add the code above into a file (you create) called mod_rewrite.conf in the /conf.d directory (/conf.d/mod_rewrite.conf).
Note the “XXX” marks in my comments, I make a habit to “tag” any configuration files I edit on a linux server so when I come back to it later i can find my edits easily. Your initials work well for this and helps identify which admin makes the change.
Enjoy,
ATTRIBUTION: http://blackflag.wordpress.com/2006/06/13/apache2-forcing-all-inbound-traffic-to-ssl/
Apache2: Forcing All Inbound Traffic to SSL
So, you have an Apache 2 web server and you have decided that you want to force all inbound traffic to be encrypted via HTTPS (port 443) instead of HTTP (port 80). This method actually “dumbs down” the connection so the average user can’t inadvertently negotiate your web site without encrypting their traffic.
My web server of choice is Apache2, running on a Linux Operating System. Preferably Debian but we’ll discuss an option for Red Hat Enterprise Linux 4 (RHEL-4). That being said, you need Apache installed and running on Linux. You also need the Apache module “mod_rewrite.so” installed and an encryption key generated for your server.
In the following snippet of .conf file we will first load mod_rewrite and then redirect all inbound port 80 traffic to port 443.
Add the following code section to your httpd.conf down around line #220, right after the big “load modules” section.
Be aware that “#’s” indicate a comment line in the .conf file and are ignored by Apache2.
#########################################
#### XXX: BEGIN EDIT FOR MOD_REWRITE ####
#### This is intended to force HTTPS ####
#### for all inbound HTTP requests ####
####
# This module (mod_rewrite) simply tells Apache2 that all connections to
# port 80 need to go to port 443 – SSL – No exceptions
####
LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine on
####
# The line below sets the rewrite condition for mod_rewrite.so.
# That is, if the server port does not equal 443, then this condition is true
####
ReWriteCond %{SERVER_PORT} !^443$
####
# The line below is the rule, it states that if above condition is true,
# and the request can be any url, then redirect everything to https:// plus
# the original url that was requested.
####
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
#### XXX: END EDIT FOR MOD_REWRITE ####
#######################################
Add the code to httpd.conf and restart Apache2, check your logs for errors to ensure a clean startup and connect to your server on port 80. It should be instantly redirected to 443.
Alternatively, on RHEL4, you can add the code above into a file (you create) called mod_rewrite.conf in the /conf.d directory (/conf.d/mod_rewrite.conf).
Note the “XXX” marks in my comments, I make a habit to “tag” any configuration files I edit on a linux server so when I come back to it later i can find my edits easily. Your initials work well for this and helps identify which admin makes the change.
Enjoy,
ATTRIBUTION: http://blackflag.wordpress.com/2006/06/13/apache2-forcing-all-inbound-traffic-to-ssl/
Thursday, August 11, 2011
Convert Matroska file formats to Avi
In this post we will dig into a simple linux command line tool which can help you convert your Mastroska file formats into .avi files:
ffmpeg -i harry_potter_sorcerer_stone.mkv -target vcd harry_potter_sorcerrer_stone.avi
Depending on the size of the file it usually takes an hour or hour and half to convert one video into an .avi file. Cheers!!!
ATTRIBUTION: http://www.larsen-b.com/Article/261.html
ffmpeg -i harry_potter_sorcerer_stone.mkv -target vcd harry_potter_sorcerrer_stone.avi
Depending on the size of the file it usually takes an hour or hour and half to convert one video into an .avi file. Cheers!!!
ATTRIBUTION: http://www.larsen-b.com/Article/261.html
Subscribe to:
Posts (Atom)