Archive for May, 2008

May200828

lvidarte

0

mpd – Music Player Daemon

Music Player Daemon (MPD) is a music player which allows for remote access from another computer. An example is a headless computer running MPD and using one of the available front ends to control it remotely. It also makes for a good media player for desktop computers, particularly if the user either does not use or frequently restarts X.

MPD does not stream audio; all playback occurs on the server where the music files are located. The remote client controls playback from a nearby location.

MPD uses a text file as a database in which to maintain the basic music file information when it is not running. Once the daemon is started, the database is kept completely in-memory and no hard disk access is necessary to look up or search for a song. This database does not allow arbitrary files to be added; music files must be above the music root directory and are only added to the database when the update command is sent to the server.

Install:

apt-get install mpd mpc

Edit config file/etc/mpd.conf:

port            "6600"
music_directory         "~/music"
playlist_directory      "~/.mpd/playlists"
db_file                 "~/.mpd/mpd.db"
log_file                "/var/log/mpd/mpd.log"
error_file              "/var/log/mpd/mpd.error"
user                    "mpd"
bind_to_address         "192.168.0.254" #only private interface

Create dir and set own:

mkdir -p ~/music/.mpd/playlists
chown -R mpd ~/music

Create DB:

/etc/init.d/mpd restart
mpd --create-db

Add all music to playlist and… play:

mpc update
mpc add /
mpc play

References

mpd –create-db
This will start the daemon. The ‘–create-db’ argument will read the contents of the root music directory and add the Music files to a text database. You should see the list of files being added into the DB. This may take some time to complete – based on size of your music collection.
mpc update
The command used here is ‘mpc’ – not ‘mpd’. We are using a command line client now. This command scans the root music directory for updates.
mpc add /
This command will add all the files in the music directory to the current playlist. Please note that the ‘/’ here means root music directory – and not the global linux root.
mpc play
This will start playing the files in the current playlist.

Links

Tags: ,

May200827

lvidarte

0

Bash Regular Expressions

Vía www.linuxjournal.com

When working with regular expressions in a shell script the norm is to use grep or sed or some other external command/program. Since version 3 of bash (released in 2004) there is another option: bash’s built-in regular expression comparison operator “=~”.

Bash’s regular expression comparison operator takes a string on the left and an extended regular expression on the right. It returns 0 (success) if the regular expression matches the string, otherwise it returns 1 (failure).

In addition to doing simple matching, bash regular expressions support sub-patterns surrounded by parenthesis for capturing parts of the match. The matches are assigned to an array variable BASH_REMATCH. The entire match is assigned to BASH_REMATCH[0], the first sub-pattern is assigned to BASH_REMATCH[1], etc..

The following example script takes a regular expression as its first argument and one or more strings to match against. It then cycles through the strings and outputs the results of the match process:

#!/bin.bash

if [[ $# -lt 2 ]]; then
    echo "Usage: $0 PATTERN STRINGS..."
    exit 1
fi
regex=$1
shift
echo "regex: $regex"
echo

while [[ $1 ]]
do
    if [[ $1 =~ $regex ]]; then
        echo "$1 matches"
        i=1
        n=${#BASH_REMATCH[*]}
        while [[ $i -lt $n ]]
        do
            echo "  capture[$i]: ${BASH_REMATCH[$i]}"
            let i++
        done
    else
        echo "$1 does not match"
    fi
    shift
done

Assuming the script is saved in “bashre.sh”, the following sample shows its output:

# sh bashre.sh 'aa(b{2,3}[xyz])cc' aabbxcc aabbcc
regex: aa(b{2,3}[xyz])cc

aabbxcc matches
  capture[1]: bbx
aabbcc does not match

Tags: , ,

May200820

lvidarte

0

Chrooted SSH/SFTP Tutorial (Debian Etch)

Vía www.howtoforge.com

1. Install The Chrooted OpenSSH

First we install some prerequisites:

apt-get install libpam0g-dev openssl libcrypto++-dev libssl0.9.7 libssl-dev ssh build-essential bzip2

Then we download the patched OpenSSH sources, and we configure them with/usras directory for the SSH executable files, with/etc/sshas the directory where the chrooted SSH will look for configuration files, and we also allow PAM authentication:

cd /tmp
wget http://chrootssh.sourceforge.net/download/openssh-4.5p1-chroot.tar.bz2
tar xvfj openssh-4.5p1-chroot.tar.bz2
cd openssh-4.5p1-chroot
./configure --exec-prefix=/usr --sysconfdir=/etc/ssh --with-pam
make
make install

2. Create The Chroot Environment

Next I create a chroot environment under/home/chroot. This is the directory that all chrooted SSH users will get jailed in, i.e. they will not be able to see any files/directories outside/home/chroot.

I have to create some directories in/home/chroot, and I have to copy a few binaries like/bin/bash,/bin/ls, etc. as well as the libraries on which these binaries depend into the chroot environment so that they are available to any chrooted user.

mkdir -p /home/chroot/home/
cd /home/chroot
mkdir -p usr/lib/openssh
mkdir etc
mkdir etc/pam.d/
mkdir bin
mkdir lib
mkdir usr/bin
mkdir dev
mknod dev/null c 1 3
mknod dev/zero c 1 5

chmod 666 dev/null
chmod 666 dev/zero

Now that we have created the necessary directories, we are going to copy some binaries and all the libraries on which they depend into the chroot environment. This is an excerpt of a script that I found on http://mail.incredimail.com/howto/openssh/create_chroot_env that does this. I’ve modified it a little bit:

vi /usr/local/sbin/create_chroot_env
#!/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

APPS="/bin/sh /bin/bash /bin/cp /bin/ls /bin/mkdir /bin/mv /bin/pwd /bin/rm /bin/rmdir /usr/bin/id /usr/bin/ssh /usr/bin/scp /bin/ping /usr/bin/dircolors /usr/bin/vi /usr/bin/sftp /usr/lib/openssh/sftp-server"
for prog in $APPS;  do
        mkdir -p ./`dirname $prog` > /dev/null 2>&1
        cp $prog ./$prog

        # obtain a list of related libraries
        ldd $prog > /dev/null
        if [ "$?" = 0 ] ; then
                LIBS=`ldd $prog | awk '{ print $3 }'`
                for l in $LIBS; do
                        mkdir -p ./`dirname $l` > /dev/null 2>&1
                        cp $l ./$l  > /dev/null 2>&1
                done
        fi
done

(If you want to make more programs available to your chrooted users, just add these programs to the APPS line.)

Now we make the script executable and run it:

chmod 700 /usr/local/sbin/create_chroot_env
create_chroot_env

Next we have to copy a few additional files and libraries to the chroot jail:

cp /lib/libnss_compat.so.2 /lib/libnsl.so.1 /lib/libnss_files.so.2 /lib/ld-linux.so.2 /lib/libcap.so.1 /lib/libnss_dns.so.2 ./lib/

cp /etc/hosts etc/
cp /etc/resolv.conf etc/
cp /etc/pam.d/* etc/pam.d/
cp -r /lib/security lib/
cp -r /etc/security etc/
cp /etc/login.defs etc/

cp /usr/lib/libgssapi_krb5.so.2 usr/lib/
cp /usr/lib/libkrb5.so.3 usr/lib/
cp /usr/lib/libk5crypto.so.3 usr/lib/
cp /lib/libcom_err.so.2 lib/
cp /usr/lib/libkrb5support.so.0 usr/lib/

Then we do this:

echo '#!/bin/bash' > usr/bin/groups
echo "id -Gn" >> usr/bin/groups
touch etc/passwd
grep /etc/passwd -e "^root" > etc/passwd

You should also copy the line of the group in which you will create new users from/etc/groupto/home/chroot/etc/group. In this tutorial we will create users in the group users, so we do this:

grep /etc/group -e "^root" -e "^users" > etc/group

and restart OpenSSH:

/etc/init.d/ssh restart

3. Create A Chrooted User

Even with the chrooted SSH that we have just installed you can log in without being chrooted (which makes sense if you log in as root, for example). Now, how does the chrooted SSH decide whom to chroot and whom not? That’s easy: the chrooted SSH looks up the user who is trying to log in in/etc/passwd. If the user’s home directory in/etc/passwdhas a . (dot) in it, then the user is going to be chrooted.

This user will not be chrooted.

user_a:x:2002:100:User A:/home/user_a:/bin/bash

This user will be chrooted.

user_b:x:2003:100:User B:/home/chroot/./home/user_b:/bin/bash

Now we create the user testuser with the home directory/home/chroot/./home/testuserand the group users (which is the default group for users on Debian so you do not have to specify it explicitly):

useradd -s /bin/bash -m -d /home/chroot/./home/testuser -c "testuser" -g users testuser

Then we give testuser a password:

passwd testuser

Finally, we have to copy the line for testuser in/etc/passwdto/home/chroot/etc/passwd:

grep /etc/passwd -e "^testuser" >> /home/chroot/etc/passwd

We have already copied the users group line from/etc/groupto/home/chroot/etc/groupso we do not have to do this here again. If you create a chrooted user in another group than users, add this group to/home/chroot/etc/group:

grep /etc/group -e "^othergroup" >> /home/chroot/etc/group

Now try to log in to SSH or SFTP as testuser. You should be chrooted and not be able to browse files/directories outside/home/chroot.

Tags: ,

May200819

lvidarte

0

Linux y Virus

Vía www.kriptopolis.org

Tags: ,