Weird Samba Error when upgrading SAMBA

So I've been trying to upgrade SAMBA , but I keep getting this error.I've downloaded SAMBA , from samba.org and use the RHEL /packaging/RHEL/makerpms.sh to try and upgrade it , and I would constantly get this error.


Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1


RPM build errors:
File not found: /var/tmp/samba-3.3.4-root/usr/sbin/cifs.upcall
File not found by glob: /var/tmp/samba-3.3.4-root/usr/share/man/man8/cifs.upcall.8.*
makerpms.sh: Done.

The solution was to install the keyutils-devel package

1)yum install keyutils-devel

Samba - Act as a domain controller

Tested on Samba - Samba Version 3.0.10-1.4E.9


1)Put in the following changes in Samba

workgroup = MYGROUP # This will be the Domain Name
netbios name = HOSTNAME
server string = Samba Server %v %h
security = user
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = yes

passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Please*retype*new*password* %n\n *password*successfully*updated*

local master = yes

os level = 64

domain master = yes

preferred master = yes

domain logons = yes

logon drive = P:

logon script = netlogon.bat

#=== shares ===
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775

[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
writable = no
share modes = no

[Profiles]
path = /home/samba/profiles
browseable = no

2)Adding the appropriate directories

groupadd -g 300 admins
groupadd -g 301 machines

groupadd -g 302 users

mkdir -m 0775 -p /home/samba/netlogon
chown root.admins /home/samba/netlogon
mkdir /home/samba/profiles

3)Add machine + User accounts

Change the default shell in /etc/default/useradd and change the SHELL=/sbin/nologin

useradd -g machines -d /dev/null computer$

passwd -l computer$

smbpasswd -a -m computer

useradd -g users -d /home/samba/profiles/userx userx

passwd userx

smbpasswd -a userx

Add a Samba account for root , used to join the network

smbpasswd -a root

4)Run testparm -v , and if OK restart

SQUID - Traffic Management via Delay Pools

Tested ON - Centos 4 SQUID 3

1)Build SQUID with delay pool options

./configure --enable-delay-pools

2)Configure squid with the following options

delay_pools 1
delay_class 1 2
delay_access 1 allow localnet
delay_parameters 1 64000/64000 32000/32000 16000/16000

3)Restart and test squid

SQUID - Allowing internet traffic to go through a different gateway

Tested - CentOS 5- Custom iptables 1.4.1

1)iptables -t mangle -I OUTPUT -m owner --uid-owner squid -j MARK --set-mark 0x1

2)iptables-save > /etc/sysconfig/iptables

3)edit /etc/iproute2/rt_tables and add a line:
101 squid

4)/etc/sysconfig/network-scripts/rule-eth0:
fwmark 0x1 table 101 pref 1000

/etc/sysconfig/network-scripts/route-eth0:
default via 10.0.0.2 dev eth0 table 101

*You can do this manually:
/sbin/ip rule add fwmark 0x1 table 101 pref 101
/sbin/ip route add default via 10.0.0.2 dev eth0 table 101



5)Restart network service

service network restart

6)Check that the ip rules

ip route list table 101
ip rule show

SQUID - Allow Access via Mac Access

Tested On CentOS 4 w/ custom compiled squid SQUID 3.0

1)Configure squid with the following options

/configure --enable-arp-acl

2)make
3)make install
4)If you have a init.d script configure it for bootup , copy and configure it otherwise do some /etc/rc.local magic
5)Edit /usr/local/squid/etc/squid.conf

acl ACLARP arp "/usr/local/squid/etc/mac.conf"

*Put this before your localnets config

http_access deny !ACLARP


6)Edit the /usr/local/squid/etc/mac.conf file

11:12:13:14:15:16

7)Stop and restart squid

service squid restart
service squid start
or whatever other method

8)Test

BASH Shorten Scripts

I tend to write a lot of scripts , that have IF or CASE clauses depending on the return code that the command returns.

An easier way to shorten some of these clauses are with the trap command.Here are some that you can use


[root@media ~]# trap -l

1) SIGHUP 2) SIGINT 3) SIGQUIT 4) SIGILL
5) SIGTRAP 6) SIGABRT 7) SIGBUS 8) SIGFPE
9) SIGKILL 10) SIGUSR1 11) SIGSEGV 12) SIGUSR2
13) SIGPIPE 14) SIGALRM 15) SIGTERM 17) SIGCHLD
18) SIGCONT 19) SIGSTOP 20) SIGTSTP 21) SIGTTIN
22) SIGTTOU 23) SIGURG 24) SIGXCPU 25) SIGXFSZ
26) SIGVTALRM 27) SIGPROF 28) SIGWINCH 29) SIGIO
30) SIGPWR 31) SIGSYS 34) SIGRTMIN 35) SIGRTMIN+1
36) SIGRTMIN+2 37) SIGRTMIN+3 38) SIGRTMIN+4 39) SIGRTMIN+5
40) SIGRTMIN+6 41) SIGRTMIN+7 42) SIGRTMIN+8 43) SIGRTMIN+9
44) SIGRTMIN+10 45) SIGRTMIN+11 46) SIGRTMIN+12 47) SIGRTMIN+13
48) SIGRTMIN+14 49) SIGRTMIN+15 50) SIGRTMAX-14 51) SIGRTMAX-13
52) SIGRTMAX-12 53) SIGRTMAX-11 54) SIGRTMAX-10 55) SIGRTMAX-9
56) SIGRTMAX-8 57) SIGRTMAX-7 58) SIGRTMAX-6 59) SIGRTMAX-5
60) SIGRTMAX-4 61) SIGRTMAX-3 62) SIGRTMAX-2 63) SIGRTMAX-1
64) SIGRTMAX


A short example

trap "rm -f -R /tmp/myfiles" EXIT

Which will delete a directory and its contents if an EXIT condition is met.

Creating a Ethernet/Wireless Bridge

We have a proxy server connected to both the wireless and wired segments that share the same network segment.This makes it possible for it to serve both wireless and wired clients.

1)Install bridge-utils -> yum install bridge-utils
2)Create the following files

/etc/sysconfig/network-scripts/ifcfg-br0

DEVICE=br0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.100.90
NETMASK=255.255.255.0
GATEWAY=192.168.100.254
ONBOOT=yes
TYPE=Bridge


/etc/sysconfig/network-scripts/ifcfg-ath0

DEVICE=ath0
ONBOOT=yes
BOOTPROTO=static
BRIDGE=br0


/etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
ONBOOT=yes
TYPE=Ethernet
BRIDGE=br0


3)Restart network service -> service network restart
4)Test that its working -> brctl show

SQUID - Save money and bandwidth caching streaming video sites with VideoCache

Tested ON - CentOS 5 - Squid 2.6

One problem we face is , people browsing the internet during lunchtime and using a lot of bandwidth in the process of doing so.

What we've noticed is that they go to youtube/break.com and watch a video . If they enjoy the video , the forward the url to the coworkers and the problem gets a lot worse because these videos are never cached on the squid system.

We've been using VideoCache(http://cachevideos.com/) with a lot of success recently.Configration and installation is a breeze

1)yum install python-iniparse
2) wget http://cachevideos.com/sites/default/files/pub/videocache/videocache-1.9.0.noarch.rpm (This will change as new releases come out so get the latest version if possible)
3)rpm -i videocache-1.9.0.noarch.rpm
4)Added the following directives to my squid.conf file

# --BEGIN-- videocache config for squid
url_rewrite_program /usr/bin/python /usr/share/videocache/videocache.py
url_rewrite_children 7
acl videocache_allow_url url_regex -i \.youtube\.com\/get_video\?
acl videocache_allow_url url_regex -i \.googlevideo\.com\/videoplayback \.googlevideo\.com\/videoplay \.googlevideo\.com\/get_video\?
acl videocache_allow_url url_regex -i \.google\.com\/videoplayback \.google\.com\/videoplay \.google\.com\/get_video\?
acl videocache_allow_url url_regex -i \.google\.[a-z][a-z]\/videoplayback \.google\.[a-z][a-z]\/videoplay \.google\.[a-z][a-z]\/get_video\?
acl videocache_allow_url url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/videoplayback\?
acl videocache_allow_url url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/videoplay\?
acl videocache_allow_url url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/get_video\?
acl videocache_allow_url url_regex -i proxy[a-z0-9\-][a-z0-9][a-z0-9][a-z0-9]?\.dailymotion\.com\/
acl videocache_allow_url url_regex -i vid\.akm\.dailymotion\.com\/
acl videocache_allow_url url_regex -i [a-z0-9][0-9a-z][0-9a-z]?[0-9a-z]?[0-9a-z]?\.xtube\.com\/(.*)flv
acl videocache_allow_url url_regex -i bitcast\.vimeo\.com\/vimeo\/videos\/
acl videocache_allow_url url_regex -i va\.wrzuta\.pl\/wa[0-9][0-9][0-9][0-9]?
acl videocache_allow_url url_regex -i \.files\.youporn\.com\/(.*)\/flv\/
acl videocache_allow_url url_regex -i \.msn\.com\.edgesuite\.net\/(.*)\.flv
acl videocache_allow_url url_regex -i media[a-z0-9]?[a-z0-9]?[a-z0-9]?\.tube8\.com\/ mobile[a-z0-9]?[a-z0-9]?[a-z0-9]?\.tube8\.com\/
acl videocache_allow_url url_regex -i \.mais\.uol\.com\.br\/(.*)\.flv
acl videocache_allow_url url_regex -i \.video[a-z0-9]?[a-z0-9]?\.blip\.tv\/(.*)\.(flv|avi|mov|mp3|m4v|mp4|wmv|rm|ram)
acl videocache_allow_url url_regex -i video\.break\.com\/(.*)\.(flv|mp4)
acl videocache_allow_dom dstdomain .mccont.com dl.redtube.com .cdn.dailymotion.com
acl videocache_deny_url url_regex -i http:\/\/[a-z][a-z]\.youtube\.com http:\/\/www\.youtube\.com
url_rewrite_access deny videocache_deny_url
url_rewrite_access allow videocache_allow_url
url_rewrite_access allow videocache_allow_dom
redirector_bypass on
# --END-- videocache config for squid

5)Changed the following parameters in the /etc/videocache.conf

cache_host = 192.168.1.254
proxy = http://192.168.1.254:3128/
base_dir = /var/spool/videocache/:4000

6)Restart SQUID -> service squid restart

7)Look if it is working -> tail -f /var/log/videocache/videocache.log

Squid Tips

TESTED ON:Centos 5 - SQUID 2.6

Here are some very basic squid tips

1)Improve the Maximum Cache Size (By default the cache is rather small.Improve this to match the specifications of your hardware/partitions

cache_dir ufs /var/squid/cache 20000 16 256

2)Improve the Maximum Object File Size (The standard is 4M . My coworkers regularly access large photos online bigger than this size)

maximum_object_size 12288 KB

3)Maximize RAM Cached Files

cache_mem 64 MB

First Post

Hi this is CentOS Files.In here , this is my personal howto on certain CentOS server functions.