• Web Interface for CVS server

    In the previous post We have discussed how to setup a cvs server in ten steps ( cvs server setup ) , now its time for a GUI to browse your repo’s .  I have found a very nice gui opensource tool view vc ( www.viewvc.org ) and the Installation and configuration are documented as follows : –

    1) Download the viewvc and install it using the viewvc-install script .

    # wget http://viewvc.tigris.org/files/documents/3330/49264/viewvc-1.1.18.tar.gz

    # tar -zxf viewvc-1.1.18.tar.gz

    # cd viewvc-1.1.18

    # yum install rcs  ( To fix dependency issues )

    # ./viewvc-install

    2) Edit the viewvc conf and set the cvs root

    # vi /usr/local/viewvc-1.1.18/viewvc.conf

    >>> cvs_roots = cvsroot: /home/cvsroot

    >>> allowed_views = annotate, diff, markup, roots, co

    3) How to replace the default logo with your own company logo

    # cd /usr/local/viewvc-1.1.18/templates/docroot/images/

    # mv your-logo.png  viewvc-logo.png

    4 ) Apache configuration

    # vi /etc/httpd/conf/httpd.conf

    ServerName adminlogs.info:80

    DocumentRoot “/usr/local/viewvc-1.1.18”

    <Directory “/usr/local/viewvc-1.1.18”>
    Options +ExecCGI
    AddHandler cgi-script .cgi
    </Directory >

    ScriptAlias /cvsweb /usr/local/viewvc-1.1.18/bin/cgi/viewvc.cgi
    ScriptAlias /query  /usr/local/viewvc-1.1.18/bin/cgi/query.cgi

    5)  Apache conf entry to enable ldap authentication for cvs web GUI.

    <Location “/cvsweb”>
    AuthType Basic
    AuthName “CVS Authentication”
    AuthBasicProvider ldap
    AuthzLDAPAuthoritative off
    AuthLDAPURL ldap://yourldapserver.com:389/dc=ldapdomain,dc=com?uid
    Require valid-user
    </Location>

    6) Restart Apache

    7) Access the GUI using http://adminlogs.info/cvsweb

  • How to Setup a CVS server ?

    How to setup a cvs server in Ten Steps , its easy and straight forward !!!

    cvs is a commonly used version control system like git ( how to configure git server )
     1) yum install cvs  xinetd

    2) authconfig-tui

    ( enable ldap authentiaction if you want to use ldap credentials to access cvs )

    3) mkdir /home/cvsroot

    4) chown -R root:<ldap group > /home/cvsroot ;  chmod -R 770 /home/cvsroot

    5) cvs -d /home/cvsroot init

    ( create cvs root directory )

    6) vi /etc/xinetd.d/cvspserver

      service cvspserver
         {
              port        = 2401
              socket_type = stream
              protocol    = tcp
              wait        = no
              user        = root
              passenv     = PATH
              server      = /usr/bin/cvs
              server_args = -f –allow-root=/srv/cvsroot pserver
         }
    # End /etc/xinetd.d/cvspserver

     7) /etc/init.d/xinetd restart

    8) chkconfig xinetd on

    9)  iptables -I INPUT -s 0/0 -p tcp –dport 2401 -j ACCEPT
    ( opening cvspserver port for  CVS client/server operations )

    10 ) /etc/init.d/iptables save

    There are lots of Web interfaces to manage CVS repo and I have configured ViewVc . Its really useful .

  • shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory

    Today I saw an interesting error ,while restarting apache
    =======
    ]# /etc/init.d/httpd restart
    shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
    Stopping httpd: [ OK ]
    Starting httpd: shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
    [ OK ]
    ]#
    ===========
    may be you also face this or already faced.
    Don’t surprise …Just do a  ” cd  / ”   , or  cd  to any direcotry ..  it will fix the error !!   😉

    Why this error ?
    Usually the current working directory ( CWD ) will not exists ( in my case i have deleted the folder from another shell and trying to restart apache )

  • How to login moin moin using ldap credentials

    After the successful integration of AD with moin moin   , I was trying to integrate moin moin with ldap . After making small changes to the AD integration configuration I was able to authenticating moin moin wiki using ldap credentials.

    ===========================================
        # LDAP authentication
        from MoinMoin.auth.ldap_login import LDAPAuth
        ldap_authenticator1 = LDAPAuth (
        server_uri=’ldap://adminlogs.info’,
        bind_dn = ‘cn=Manager,dc=adminlogs,dc=info’,
        bind_pw = ‘password’,
        base_dn = ‘dc=adminlogs,dc=info’,
        scope = ldap.SCOPE_SUBTREE,
        referrals = 0,
        search_filter = ‘(uid=%(username)s)’,
        givenname_attribute = ‘cn’,
        surname_attribute = ‘sn’,
        aliasname_attribute = ‘cn’,
        email_attribute = ‘mail’,
        email_callback = None,
        coding = ‘utf-8’,
        timeout = 10,
        autocreate = True,
        )
        auth = [ldap_authenticator1, ]
        cookie_lifetime = (1, 1)
       # no anon user sessions, 1h session lifetime for logged-in users
    ===========================================

    Here also I have used the ldap manager user to query LDAP .

    Add the above lines in your moin moin configuration file ( wikiconfig.py ) and restart Apache .

  • Moin Moin Wiki Active Directory Integration

    I was trying to setup AD integration for our moinmoin wiki . Unfortunately I couldnt see that much straightforward documentation on this. Here I am sharing my settings which worked pretty well.

    I have created a user wiki.admin in the AD and used that to query the Active directory .

    =======================================

    # Active Directory authentication  starts here
    from MoinMoin.auth.ldap_login import LDAPAuth
    ldap_authenticator1 = LDAPAuth (
    server_uri=’ldap://adminlogs.info’,
    bind_dn = ‘[email protected]’,
    bind_pw = ‘password’,
    base_dn = ‘DC=adminlogs,DC=info’,
    scope=2,
    referrals=0,
    # LDAP REFERRALS (0 needed for AD)
    search_filter = ‘(sAMAccountName=%(username)s)’,
    givenname_attribute=’givenName’,
    # often ‘givenName’ – ldap attribute we get the first name from
    surname_attribute=’sn’,
    # often ‘sn’ – ldap attribute we get the family name from
    aliasname_attribute=None,
    # often ‘displayName’ – ldap attribute we get the aliasname from
    email_attribute=’mail’,
    email_callback=None,
    coding = ‘utf-8’,
    timeout = 10,
    autocreate=True,
    # set to True to automatically create/update user profiles
    report_invalid_credentials=True,
    # whether to emit “invalid username or password” msg at login time or not
    )
    auth = [ldap_authenticator1, ]
    # this is a list, you may have multiple ldap authenticator as well as other authenticators
    cookie_lifetime = (1, 1)
    # no anon user sessions, 1h session lifetime for logged-in users
    # Active Directory authentication  ends here

    =======================================

    Add the above in your wikiconfigy.py file and restart apache ..Thats its !!  You will be able to authenticate using Active directory credentials 🙂

  • Vmware ESXI can’t detect network adapter on HP proliant DL380p G8 server

     

    Today I was trying to install vmware esxi 5.1 on a new Hp proliant DL380p G8 server and was getting the following message

    ” No network adapters were detected. Either no network adapters are physically connected to the system, or a suitable driver could not be located. A third party driver may be required. ”

    After searching in HP forums , I found that HP released a patch for this issue and this helped me to setup ESX server.

    You can download the patched iso from here .

    Hope that this will help you and save some time !! 🙂

  • Special days for me , got promoted with out hike ;)

    These are very very special days for me ..Me and my wife got a very cute sweet baby girl .  Meenakshi is born on Jan 5th 2013 and she is our first kid . By Gods grace and the prayers from our dearest people both baby and mom are fine .. !!  Additionally my sister got a baby girl on Dec 31st 2012 and that gave me an another responsible promotion as uncle 😉 .

    Hope that this new year will be a fantastic year for all of us.

                I am wishing you all a fantastic and prosperous Happy New Year 2013 !! 

  • Setting up of GitWeb : Web interface for Git

              Setup a web Interface for Git ( GitWeb With Ldap Authentication )

    Pre Requests :-

    1) Git and Gitolite should be installed ( Refer here )
    2) Git web is installed using yum
    3) You should have the root privileges and webserver should be Apache .If you are fine with the above requirements then lets proceed !!

    ==> Add user ‘apache’ and ‘gitolite’ into the group ‘gitolite’

    # usermod -a -G gitolite apache
    # usermod -a -G gitolite gitolite

    # id apache
    uid=48(apache) gid=48(apache) groups=48(apache),157(gitolite)
    # id gitolite
    uid=103(gitolite) gid=157(gitolite) groups=157(gitolite)

    ==> Change $REPO_UMASK config in ‘.gitolite.rc’ file to 0027 around line 30

    # cd /srv/git/
    # cat .gitolite.rc | grep REPO_UMASK
    $REPO_UMASK = 0027;

    ==> Edit /etc/gitweb.conf and set the value for $projectroot and $projects_list
    $projectroot = “/srv/git/repositories”;
    $projects_list = “/srv/git/projects.list”;
    @git_base_url_list = qw(ssh:[email protected]); # replace gitserver with your gitserver ip

    Apache Virutal Host section ( Ldap authentication )

    <VirtualHost  *:80>
    ServerName adminlogs.info
    ServerAdmin [email protected]
    DocumentRoot /usr/share/gitweb
    <Directory /usr/share/gitweb>
    Options FollowSymLinks ExecCGI
    DirectoryIndex gitweb.cgi
    AddHandler cgi-script cgi
    RewriteEngine On
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^.* /gitweb.cgi/$0 [L,PT]
    </Directory>
    <Location "/">
    AuthType Basic
    AuthName "Git Authentication"
    AuthBasicProvider ldap
    AuthzLDAPAuthoritative off
    AuthLDAPURL ldap://ldapserver.com:389/dc=domain,dc=com?uid
    Require valid-user
    </Location>
    </VirtualHost>

    ==> Also we need to provide read access to gitweb user to all the repo’s using gitolite.conf as follows

    #  cat gitolite.conf
    @developers = root hari william
    @qa = jack lilly
    repo    gitolite-admin
    RW+ = @developers
    repo    new-project
    R = @qa  gitweb daemon
    repo    testing
    RW+ = @all
    R =  gitweb daemon

    ==> Restart Apache

    Now just access the ip/hostname of the git server in browser , you can browse the repo’s using the ldap credentials.

    Common Errors : –

    1)  (13)Permission denied: exec of ‘/usr/share/gitweb/gitweb.cgi’ failed .Premature end of script headers: gitweb.cgi

    Fix : –

    chgrp apache /usr/sbin/suexec
    chgrp apache /usr/sbin/suexec
    cp -r /usr/share/gitweb /var/www
    chown -R gitolite.gitolite /var/www

    2)      404 – no projects found gitweb

    Fix : –    chmod -Rf g+rx /srv/git

     

  • Setup your own git server !

                              Git server setup with with gitolite

    Git is a distributed version control system which is developed by Linux Torvalds ( 2005) for the development of Linux Kernel project.  Performance wise I felt its far better than other version control systems like cvs and svn .

    Here we have used two other tool to use the git function in more controlled way

    1)      Gitolite : which will work with git and allow us to make a good control over the repositories and the users who are accessing on this projects.

    2)       Gitweb : This is a nice front end for Git ( gitweb )

    Installation of Git : –

    # As root:

    – Red Hat Enterprise Linux 5 / i386:

    rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm

    – Red Hat Enterprise Linux 5 / x86_64:

    rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm 

    # yum -y install git

    Install Gitolite : –

    # yum –enablerepo=epel-testing install gitolite

    We should install epel repo via :

    rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-7.noarch.rpm  http://fedoraproject.org/wiki/EPEL/FAQ#How_can_I_install_the_packages_from_the_EPEL_software_repository.3F

    Setup Gitolite environment : –  ( on Server )

    # usermod -d /srv/git gitolite
    # cd /srv/ ; mkdir git
    #  chown gitolite:gitolite git/

    Create the Administrator user to manage the Git repositories .

    On any of you client machine , generate the pub key and copy this to the Git server

    [[email protected] ~]$ ssh-keygen -t rsa -b 2048 -C “Admin”
    # cp .ssh/id_rsa.pub   .ssh/git-admin.pub
    # scp   .ssh/git-admin.pub  [email protected]:/tmp

    Login back to the git server and switch the user as “gitolite “

    # su – gitolite
    # gl-setup /tmp/ git-admin.pub

    After successful completion of this command , it will create two folders  “repositories and projects.list “
    Now the git-admin ( from client machine ) can create his own repositories and users to access the repos .

    [ From Client machine ]

    Just introduce yourself to the Git server and this will provide you nice logs

    # git config –global user.name “Admin”
    # git config –global user.email [email protected]

    Playing with Git : – ( git clone , git add and git push )

    #  git clone [email protected]:/ gitolite-admin
    #  cd repositories/gitolite-admin

    This Admin repository  contains two files , one config folder and one Key folder .  config/ gitolite.conf will help you to manage the repos and users as follows

    #  cat gitolite.conf
    @developers = root hari william
    @qa = jack lilly

    repo    gitolite-admin
    RW+ = @developers

    repo    adminlogs.com
    RW+ = @developers
    R = @qa

    repo    adminlog.info
    RW+ = @all

    Note that you can specify the projects groups like @developers and @qa etc .

    Also you can add any number of public keys from your project members inside key directory . Copy the keys like “hari.pub , jack.pub, William.pub etc .  Please note that you need to specify the same in gitolte.conf .

    For example if the key name is lilly.pub then the allowed user in configuration file must be “lilly” ( with out .pub )

    Once you complete the changes then update /push the files to master repo

    # git remote –v
    # git add .
    # git commit –a –m “Added new entries in gitolite.conf and added new pub keys in key dir “
    # git push origin master

    That’s it ..You have successfully configured git with gitolite.  Now all your team members who have added the keys to git admin repo can create and push their own project !!

    Just try , Its an awesome tool !!!