Originally Posted by Glider Maybe some security thing of no-ip.org? Or your firewall being confused with getting internal traffic from the external interface... Anyway, glad it worked ;)
Yeah, I don't know mate, just glad it's working :D
Thanks again for the guides Glider, much appreciated *tips hat*
..... Just one last thing if I may. When I create an ssh tunnel to my server remotely, what do I need to do to be able to launch webmin?
I configured Putty with:
hostname: xxx.no-ip.org
port: 2222
then setup the tunnel:
source port: 10000
destination: localhost:10000
(not sure if I need to set the 'remote' radio button here)
Then I can open the connection and login successfully. Opening a browser and navigating to https://xxx.no-ip.org:10000 unfortunately gets me nowhere.
I've tried a few variations here and don't think I can be that far off but a quick nod in the right direction would be gladly welcomed :)
Originally Posted by Glider try navigating to http://localhost:10000 on the remote system... Then you connect to one end of the tunnel, and see what's on the other side ;)
lol, it's like one of those cryptic clues in a crossword :)
EDIT: No it's not, *slaps forehead* I'm having a blonde moment. Wrong URL.
EDIT2: Bingo, https://localhost:10000, that got it :)
Thanks again Glider, I'll now leave you in peace (until your next guide that is ;))
I added some users to my linux box and to the samba shares, through Webmin.
They can all get access to their files and folders but despite following your instructions to make the 'shared' folder read/writable to all users, they are unable to move, delete or copy any of the files/folders.
I noticed it when using WinSCP. I told my brother (who lives a good 150miles away) how to use WinSCP to download/upload files from/to the server. He was impressed :), until he realised that he couldn't actually 'do' anything with it.
When I log in via WinSCP however, I have no problems.
I noticed also that if I use my brothers login via SSH, the terminal only displays a '$' in the command prompt (i.e. no file paths etc) and I seem to have limited functionality.
I assume it is something to do with the way I have setup either the new 'linux' users or 'samba' users. But I'm struggling to find any info.
Still having problems with the share though those masks didn't fix it unfortunately. And I restarted the Samba server after editing.
EDIT:
Just noticed something very interesting. Inside my shared folder i have the following directories:
Games
Music
Video
Torrents
For some reason only the 'Music' one seems to be giving me problems and all the others are read/writeable as expected. Now I'm even more confused. I guess the permissions on the 'Music' folder must be borked.
EDIT2:
I seem to now be able to create/delete directories within the 'Music' folder using my bro's login. However, I still can't 'get' any of the files off of the directory. Logging in to WinSCP as myself, I can do whatever I like. :(
Originally Posted by WhiskeyAlpha For some reason only the 'Music' one seems to be giving me problems and all the others are read/writeable as expected. Now I'm even more confused. I guess the permissions on the 'Music' folder must be borked.
EDIT2:
I seem to now be able to create/delete directories within the 'Music' folder using my bro's login. However, I still can't 'get' any of the files off of the directory. Logging in to WinSCP as myself, I can do whatever I like. :(
Okay, this may be a question for part 10 ;), but I'm looking to set up a Linux server with an old system, it'll be doing file/print (possibly web) serving, but I alsoi want to use it as an authentication server for all the other boxes in the house. Is there any way of using the Linux box as the LDAP server and having the XP/Vista clients connect to it? I've got experience in connecting Linux clients to a NIS and LDAP domain, but not Windows.
From what I've seen on the web, it can be done, but I'm not too sure how.
Originally Posted by Glider Aha, that's a possibility too... Can you post
Code:
ls -al <path to problematic dir>
Code:
drwxr-xr-x 4 will will 4096 2007-10-28 23:31 .
drwxrwxrwx 8 root root 4096 2007-11-08 14:27 ..
drwxrwxrwx 137 will will 4096 2007-11-08 14:22 Compressed
drwxr-xr-x 2 will will 4096 2007-10-28 23:31 Lossless
I have two folders in there but only the "Compressed" one has files in it.
Code:
drwxrwxrwx 137 will will 4096 2007-11-08 14:22 .
drwxr-xr-x 4 will will 4096 2007-10-28 23:31 ..
drwxr-xr-x 3 will will 4096 2007-10-28 23:56 2K
drwxr-xr-x 3 will will 4096 2007-10-28 23:44 A
drwxr-xr-x 4 will will 4096 2007-10-28 23:47 AC_DC
.......
I see that the r/w permissions are shown on the left (though I don't profess to know what's what).
Should there not be an entry for "charlie"?
Also, how do 'groups' and group permissions work? I've noticed that I am a member of the group "will", whereas charlie is a member of the group "users". Could this have any bearing
EDIT: Further speculation - could it be that maybe I "own" the folder and that's what is causing it? Or maybe created the folder as root?
Originally Posted by Shielder Okay, this may be a question for part 10 ;), but I'm looking to set up a Linux server with an old system, it'll be doing file/print (possibly web) serving, but I alsoi want to use it as an authentication server for all the other boxes in the house. Is there any way of using the Linux box as the LDAP server and having the XP/Vista clients connect to it? I've got experience in connecting Linux clients to a NIS and LDAP domain, but not Windows.
Using the box as a web/printserver is no big deal... Using it as an auth server (slapd [LDAP], freeradius [Radius] or Kerberos) is possible but not that easy.
You can also use Samba (yes Samba, the filesharing stuff) to act as an AD controller.
Quote:
Originally Posted by WhiskeyAlpha
Code:
drwxrwxrwx 137 will will 4096 2007-11-08 14:22 .
drwxr-xr-x 4 will will 4096 2007-10-28 23:31 ..
drwxr-xr-x 3 will will 4096 2007-10-28 23:56 2K
drwxr-xr-x 3 will will 4096 2007-10-28 23:44 A
drwxr-xr-x 4 will will 4096 2007-10-28 23:47 AC_DC
.......
I see that the r/w permissions are shown on the left (though I don't profess to know what's what).
Should there not be an entry for "charlie"?
Also, how do 'groups' and group permissions work? I've noticed that I am a member of the group "will", whereas charlie is a member of the group "users". Could this have any bearing
EDIT: Further speculation - could it be that maybe I "own" the folder and that's what is causing it? Or maybe created the folder as root?
I'll try to explain what you are presented with:
Quote:
drwxrwxrwx 137 will will 4096 2007-11-08 14:22 .
The rights given to the user that owns the file, in this case will (underlined)
Quote:
drwxrwxrwx 137 will will 4096 2007-11-08 14:22 .
The rights given to the group, in this case will (underlined)
r = read
w = write
x = execute
Quote:
drwxrwxrwx 137 will will 4096 2007-11-08 14:22 .
The world rights, to all the users.
So try this (it opens up the whole lot quite a bit, but it'll get it working). For a more secure way of doing things, PM me, but don't worry about it for a home server ;)
Code:
sudo chmod -R 777 <path to folder>
That will give every file in that folder rwx rights, to all users, so samba should be able to access it without problems every time.
Originally Posted by spartan777 would upgrading to xubuntu gutsy 7.10 break anything we've done in any of these two tutorials?
It could, but I doubt it would
Quote:
Originally Posted by spartan777 and would i be able to access the server via the public address (xxx.no-ip.org) from the same lan the server is on?
Depends on your router/firewall. Sometimes it will be accessable, a lot of times it wouldn't be. On the LAN, just browse to the IP of the server and you're set.
I was cruising along swimmingly until the Dblinging and I got dblung :) When I hit ctl + alt + f1 I was running through VNC since it is headless. The screen froze with a crazy pattern and VNC locked up. I rebooted from CLI through putty. Machine came right back up no worries but now when I try to VNC I get:
Connection failed - Error reading Protocol Version
Possible causes:
- you've forgotten to select a DSMPlugin and the Server uses a DSMPlugin
- Viewer and Server are not compatible (they use different RFB protocoles)
- Bad connection
I restarted GDM from CLI, thinking that was the problem. But I am guessing this would have something to do with SSH or something I did in the last few steps. Really would like to avoid going back through the adding back a screen etc. if possible. Any ideas what stupid thing I have done or how I can resolve this.
Yes, I did that before posting. I also went through the steps found earlier in this thread. I gdm seems to restart, but
No dice. I have seen this before and for the life of me can't remember how I fixed. Think I will have to just throw a head on it and break down :( Thks anyway. O here is the out put of .trying to start the vnc server for what it is worth. I think once i put a display back on it things will be easier to sort out. Think I just keep the gui, I have space and all or maybe try NoMachine
file will be accessed. The cookie file contains the secret key that
allows x11vnc to connect to the desired X DISPLAY.
- You can explicity indicate which MIT-MAGIC-COOKIE file should be used
by the -auth option, e.g.:
x11vnc -auth /home/someuser/.Xauthority -display :0
x11vnc -auth /tmp/.gdmzndVlR -display :0
you must have read permission for the auth file.
- If NO ONE is logged into an X session yet, but there is a greeter login
program like "gdm", "kdm", "xdm", or "dtlogin" running, you will need
to find and use the raw display manager MIT-MAGIC-COOKIE file.
Some examples for various display managers:
Only root will have read permission for the file, and so x11vnc must be run
as root. The random characters in the filenames will of course change,
and the directory the cookie file resides in may also be system dependent.
Sometimes the command "ps wwaux | grep auth" can reveal the file location.
See also: http://www.karlrunge.com/x11vnc/#faq
statmonkey@server:/usr/local/bin$ *** There may be "Xlib:" error messages above with details about the failure.
10/12/2007 17:21:30 passing arg to libvncserver: -rfbauth
10/12/2007 17:21:30 passing arg to libvncserver: /home/statmonkey/.vnc/passwd
10/12/2007 17:21:30 passing arg to libvncserver: -desktop
10/12/2007 17:21:30 passing arg to libvncserver: VNC statmonkey@
*** x11vnc was unable to open the X DISPLAY: ":0", it cannot continue.
*** There may be "Xlib:" error messages above with details about the failure.
Some tips and guidelines:
* An X server (the one you wish to view) must be running before x11vnc is
started: x11vnc does not start the X server.
* You must use -display <disp>, -OR- set and export your DISPLAY
environment variable to refer to the display of the desired X server.
- Usually the display is simply ":0" (in fact x11vnc uses this if you forget
to specify it), but in some multi-user situations it could be ":1", ":2",
or even ":137". Ask your administrator or a guru if you are having
difficulty determining what your X DISPLAY is.
* Next, you need to have sufficient permissions (Xauthority)
to connect to the X DISPLAY. Here are some Tips:
- Often, you just need to run x11vnc as the user logged into the X session.
So make sure to be that user when you type x11vnc.
- Being root is usually not enough because the incorrect MIT-MAGIC-COOKIE
file will be accessed. The cookie file contains the secret key that
allows x11vnc to connect to the desired X DISPLAY.
- You can explicity indicate which MIT-MAGIC-COOKIE file should be used
by the -auth option, e.g.:
x11vnc -auth /home/someuser/.Xauthority -display :0
x11vnc -auth /tmp/.gdmzndVlR -display :0
you must have read permission for the auth file.
- If NO ONE is logged into an X session yet, but there is a greeter login
program like "gdm", "kdm", "xdm", or "dtlogin" running, you will need
to find and use the raw display manager MIT-MAGIC-COOKIE file.
Some examples for various display managers:
Only root will have read permission for the file, and so x11vnc must be run
as root. The random characters in the filenames will of course change,
and the directory the cookie file resides in may also be system dependent.
Sometimes the command "ps wwaux | grep auth" can reveal the file location.
Still failed same result, befuddled by this one, it should start nothing has really changed that I know of. But I guess there is the rub something has changed ... but what?
LOL. I hate user permissions. I really do. My bad. When I put the monitor back on I saw a message that my home folders file permissions are set wrong in dmrc or something. Clicked ok, thanks for that and all worked perfectly. As always never forget I am an idiot. sorry for wasting your time, thanks for the help and great tutorials. Can wait to finish this and get to scripting.
Comments 101 to 125 of 197
Yeah, I don't know mate, just glad it's working :D
Thanks again for the guides Glider, much appreciated *tips hat*
..... Just one last thing if I may. When I create an ssh tunnel to my server remotely, what do I need to do to be able to launch webmin?
I configured Putty with:
hostname: xxx.no-ip.org
port: 2222
then setup the tunnel:
source port: 10000
destination: localhost:10000
(not sure if I need to set the 'remote' radio button here)
Then I can open the connection and login successfully. Opening a browser and navigating to https://xxx.no-ip.org:10000 unfortunately gets me nowhere.
I've tried a few variations here and don't think I can be that far off but a quick nod in the right direction would be gladly welcomed :)
Thanks
lol, it's like one of those cryptic clues in a crossword :)
EDIT: No it's not, *slaps forehead* I'm having a blonde moment. Wrong URL.
EDIT2: Bingo, https://localhost:10000, that got it :)
Thanks again Glider, I'll now leave you in peace (until your next guide that is ;))
I added some users to my linux box and to the samba shares, through Webmin.
They can all get access to their files and folders but despite following your instructions to make the 'shared' folder read/writable to all users, they are unable to move, delete or copy any of the files/folders.
I noticed it when using WinSCP. I told my brother (who lives a good 150miles away) how to use WinSCP to download/upload files from/to the server. He was impressed :), until he realised that he couldn't actually 'do' anything with it.
When I log in via WinSCP however, I have no problems.
I noticed also that if I use my brothers login via SSH, the terminal only displays a '$' in the command prompt (i.e. no file paths etc) and I seem to have limited functionality.
I assume it is something to do with the way I have setup either the new 'linux' users or 'samba' users. But I'm struggling to find any info.
Can you provide me with the following information?
Greets Glider
first command returns:
(this is my brother)
(this is me)
second command returns:
[global] log file = /var/log/samba.log passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . obey pam restrictions = yes socket options = TCP_NODELAY null passwords = no encrypt passwords = true passwd program = /usr/bin/passwd %u passdb backend = smbpasswd wins support = no dns proxy = no netbios name = "XXXX" #Blanked out by me for post invalid users = root path = /home/shared workgroup = "XXXXXXX" #Blanked out by me for post security = user syslog = 1 panic action = /usr/share/samba/panic-action %d max log size = 1000 pam password change = no log level = 3 #Share Definitions [homes] comment = Home Directories browseable = yes writable = yes security mask = 0700 create mask = 0700 [shared] comment = Shared Directory writeable = yes path = /home/shared/Cheers;)
Nice one son.
Now, I'm pretty sure I've already tried that tbh, but I'll give it another go.
Oh and yes, he can read/write files in his home share, as can I.
Still having problems with the share though those masks didn't fix it unfortunately. And I restarted the Samba server after editing.
EDIT:
Just noticed something very interesting. Inside my shared folder i have the following directories:
Games
Music
Video
Torrents
For some reason only the 'Music' one seems to be giving me problems and all the others are read/writeable as expected. Now I'm even more confused. I guess the permissions on the 'Music' folder must be borked.
EDIT2:
I seem to now be able to create/delete directories within the 'Music' folder using my bro's login. However, I still can't 'get' any of the files off of the directory. Logging in to WinSCP as myself, I can do whatever I like. :(
Aha, that's a possibility too... Can you post
Okay, this may be a question for part 10 ;), but I'm looking to set up a Linux server with an old system, it'll be doing file/print (possibly web) serving, but I alsoi want to use it as an authentication server for all the other boxes in the house. Is there any way of using the Linux box as the LDAP server and having the XP/Vista clients connect to it? I've got experience in connecting Linux clients to a NIS and LDAP domain, but not Windows.
From what I've seen on the web, it can be done, but I'm not too sure how.
TIA
Andy
I have two folders in there but only the "Compressed" one has files in it.
I see that the r/w permissions are shown on the left (though I don't profess to know what's what).
Should there not be an entry for "charlie"?
Also, how do 'groups' and group permissions work? I've noticed that I am a member of the group "will", whereas charlie is a member of the group "users". Could this have any bearing
EDIT: Further speculation - could it be that maybe I "own" the folder and that's what is causing it? Or maybe created the folder as root?
You can also use Samba (yes Samba, the filesharing stuff) to act as an AD controller.
r = read
w = write
x = execute
So try this (it opens up the whole lot quite a bit, but it'll get it working). For a more secure way of doing things, PM me, but don't worry about it for a home server ;)
and would i be able to access the server via the public address (xxx.no-ip.org) from the same lan the server is on?
Connection failed - Error reading Protocol Version
Possible causes:
- you've forgotten to select a DSMPlugin and the Server uses a DSMPlugin
- Viewer and Server are not compatible (they use different RFB protocoles)
- Bad connection
I restarted GDM from CLI, thinking that was the problem. But I am guessing this would have something to do with SSH or something I did in the last few steps. Really would like to avoid going back through the adding back a screen etc. if possible. Any ideas what stupid thing I have done or how I can resolve this.
Great guide by the way.
No dice. I have seen this before and for the life of me can't remember how I fixed. Think I will have to just throw a head on it and break down :( Thks anyway. O here is the out put of .trying to start the vnc server for what it is worth. I think once i put a display back on it things will be easier to sort out. Think I just keep the gui, I have space and all or maybe try NoMachine
file will be accessed. The cookie file contains the secret key that
allows x11vnc to connect to the desired X DISPLAY.
- You can explicity indicate which MIT-MAGIC-COOKIE file should be used
by the -auth option, e.g.:
x11vnc -auth /home/someuser/.Xauthority -display :0
x11vnc -auth /tmp/.gdmzndVlR -display :0
you must have read permission for the auth file.
- If NO ONE is logged into an X session yet, but there is a greeter login
program like "gdm", "kdm", "xdm", or "dtlogin" running, you will need
to find and use the raw display manager MIT-MAGIC-COOKIE file.
Some examples for various display managers:
gdm: -auth /var/gdm/:0.Xauth
kdm: -auth /var/lib/kdm/A:0-crWk72
xdm: -auth /var/lib/xdm/authdir/authfiles/A:0-XQvaJk
dtlogin: -auth /var/dt/A:0-UgaaXa
Only root will have read permission for the file, and so x11vnc must be run
as root. The random characters in the filenames will of course change,
and the directory the cookie file resides in may also be system dependent.
Sometimes the command "ps wwaux | grep auth" can reveal the file location.
See also: http://www.karlrunge.com/x11vnc/#faq
statmonkey@server:/usr/local/bin$ *** There may be "Xlib:" error messages above with details about the failure.
10/12/2007 17:21:30 passing arg to libvncserver: -rfbauth
10/12/2007 17:21:30 passing arg to libvncserver: /home/statmonkey/.vnc/passwd
10/12/2007 17:21:30 passing arg to libvncserver: -desktop
10/12/2007 17:21:30 passing arg to libvncserver: VNC statmonkey@
Settings:
display: null
authfile: null
subwin: 0x0
-sid mode: 0
clip: null
flashcmap: 0
shiftcmap: 0
force_idx: 0
cmap8to24: 0
8to24_opts: null
24to32: 0
visual: null
overlay: 0
ovl_cursor: 1
scaling: 0 1.0000
viewonly: 0
shared: 0
conn_once: 0
timeout: 0
inetd: 0
filexfer: 1
http: 0
connect: null
connectfile null
vnc_conn: 1
allow: null
input: null
passfile: null
unixpw: 0
unixpw_lst: null
stunnel: 0
accept: null
accept: null
gone: null
users: null
using_shm: 1
flipbytes: 0
onetile: 0
solid: null
blackout: null
xinerama: 1
xtrap: 0
xrandr: 0
xrandrmode: null
padgeom: null
logfile: null
logappend: 0
flag: null
rc_file: ""
norc: 0
dbg: 0
bg: 1
mod_tweak: 1
isolevel3: 0
xkb: 0
skipkeys: null
sloppykeys: 0
skip_dups: 0
addkeysyms: 1
xkbcompat: 0
clearmods: 0
remap: null
norepeat: 1
norepeatcnt:2
nofb: 0
watchbell: 1
watchsel: 1
watchprim: 1
seldir: null
cursor: 1
multicurs: 0
curs_mode: null
arrow: 1
xfixes: 1
alphacut: 240
alphafrac: 0.33
alpharemove:0
alphablend: 1
cursorshape:1
cursorpos: 1
xwarpptr: 0
buttonmap: null
dragging: 1
wireframe: 0xff,3,0,32+8+8+8,all,0.15+0.30+5.0+0.125
wirecopy: always
scrollcopy: always
scr_area: 60000
scr_skip: ##Soffice.bin,##StarOffice
scr_inc: ##Nomatch
scr_keys: null
scr_term: null
scr_keyrep: null
scr_parms: 0+64+32+32,0.02+0.10+0.9,0.03+0.06+0.5+0.1+5.0
fixscreen: null
noxrecord: 0
grabbuster: 0
ptr_mode: 2
inputskip: 10
speeds: null
wmdt: null
debug_ptr: 0
debug_key: 0
defer: 30
waitms: 30
wait_ui: 2.00
nowait_bog: 0
slow_fb: 0.00
readtimeout: 20
take_naps: 1
sb: 60
fbpm: 1
xdamage: 1
xd_area: 20000
xd_mem: 1.000
sigpipe: null
threads: 0
fs_frac: 0.75
gaps_fill: 4
grow_fill: 3
tile_fuzz: 2
snapfb: 0
rawfb: null
pipeinput: null
gui: 0
gui_mode: null
noremote: 0
unsafe: 0
privremote: 0
safer: 0
nocmds: 0
deny_all: 0
pid: 5769
10/12/2007 17:21:30 x11vnc version: 0.8.2 lastmod: 2006-07-12
10/12/2007 17:21:30
10/12/2007 17:21:30 *** XOpenDisplay failed. No -display or DISPLAY.
10/12/2007 17:21:30 *** Trying ":0" in 4 seconds. Press Ctrl-C to abort.
10/12/2007 17:21:30 *** 1 2 3 4
Xlib: connection to ":0.0" refused by server
Xlib: Invalid MIT-MAGIC-COOKIE-1 key
10/12/2007 17:21:34
10/12/2007 17:21:34 ***************************************
10/12/2007 17:21:34 *** XOpenDisplay failed (:0)
*** x11vnc was unable to open the X DISPLAY: ":0", it cannot continue.
*** There may be "Xlib:" error messages above with details about the failure.
Some tips and guidelines:
* An X server (the one you wish to view) must be running before x11vnc is
started: x11vnc does not start the X server.
* You must use -display <disp>, -OR- set and export your DISPLAY
environment variable to refer to the display of the desired X server.
- Usually the display is simply ":0" (in fact x11vnc uses this if you forget
to specify it), but in some multi-user situations it could be ":1", ":2",
or even ":137". Ask your administrator or a guru if you are having
difficulty determining what your X DISPLAY is.
* Next, you need to have sufficient permissions (Xauthority)
to connect to the X DISPLAY. Here are some Tips:
- Often, you just need to run x11vnc as the user logged into the X session.
So make sure to be that user when you type x11vnc.
- Being root is usually not enough because the incorrect MIT-MAGIC-COOKIE
file will be accessed. The cookie file contains the secret key that
allows x11vnc to connect to the desired X DISPLAY.
- You can explicity indicate which MIT-MAGIC-COOKIE file should be used
by the -auth option, e.g.:
x11vnc -auth /home/someuser/.Xauthority -display :0
x11vnc -auth /tmp/.gdmzndVlR -display :0
you must have read permission for the auth file.
- If NO ONE is logged into an X session yet, but there is a greeter login
program like "gdm", "kdm", "xdm", or "dtlogin" running, you will need
to find and use the raw display manager MIT-MAGIC-COOKIE file.
Some examples for various display managers:
gdm: -auth /var/gdm/:0.Xauth
kdm: -auth /var/lib/kdm/A:0-crWk72
xdm: -auth /var/lib/xdm/authdir/authfiles/A:0-XQvaJk
dtlogin: -auth /var/dt/A:0-UgaaXa
Only root will have read permission for the file, and so x11vnc must be run
as root. The random characters in the filenames will of course change,
and the directory the cookie file resides in may also be system dependent.
Sometimes the command "ps wwaux | grep auth" can reveal the file location.
See also: http://www.karlrunge.com/x11vnc/#faq
Here's the thing that matters :) Probably you won't have DISPLAY :0 because you restarted GDM, try:
And a mailserver is something which is quite prohibited by a lot of ISPs