Posted by sasikumarp on April 2, 2010
http://www.lamolabs.org/blog/282/how-to-setup-a-dns-server-on-centos-5/
find public_html/ -type f -exec sed -i ‘/H3qqea3ur6p/d’ {} \;
iptables -t nat -A PREROUTING -p tcp -i eth1 –dport 5222 -j DNAT –to 192.168.1.20:5222
iptables –table nat -A POSTROUTING -o eth0 -j MASQUERADE
Posted in Linux | Leave a Comment »
Posted by sasikumarp on January 10, 2009
Y’day I got a chance to play with Squid and iptables. My job was simple : Setup Squid proxy as a transparent server.
Main benefit of setting transparent proxy is you do not have to setup up individual browsers to work with proxies.
i) System: HP dual Xeon CPU system with 8 GB RAM (good for squid).
ii) Eth0: IP:192.168.1.1
iii) Eth1: IP: 192.168.2.1 (192.168.2.0/24 network (around 150 windows XP systems))
iv) OS: Red Hat Enterprise Linux 4.0 (Following instruction should work with Debian and all other Linux distros)
Eth0 connected to internet and eth1 connected to local lan i.e. system act as router.
First, Squid server installed (use up2date squid) and configured by adding following directives to file:
# vi /etc/squid/squid.conf
Modify or add following squid directives:
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
acl lan src 192.168.1.1 192.168.2.0/24
http_access allow localhost
http_access allow lan
Where,
Here is the complete listing of squid.conf for your reference (grep will remove all comments and sed will remove all empty lines, thanks to David Klein for quick hint ):
# grep -v "^#" /etc/squid/squid.conf | sed -e '/^$/d'
OR, try out sed (thanks to kotnik for small sed trick)
# cat /etc/squid/squid.conf | sed '/ *#/d; /^ *$/d'
Output:
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
hosts_file /etc/hosts
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl purge method PURGE
acl CONNECT method CONNECT
cache_mem 1024 MB
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl lan src 192.168.1.1 192.168.2.0/24
http_access allow localhost
http_access allow lan
http_access deny all
http_reply_access allow all
icp_access allow all
visible_hostname myclient.hostname.com
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
coredump_dir /var/spool/squid
Next, I had added following rules to forward all http requests (coming to port 80) to the Squid server port 3128 :
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.1.1:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
Here is complete shell script. Script first configure Linux system as router and forwards all http request to port 3128 (Download the fw.proxy shell script):
#!/bin/sh
# squid server IP
SQUID_SERVER="192.168.1.1"
# Interface connected to Internet
INTERNET="eth0"
# Interface connected to LAN
LAN_IN="eth1"
# Squid port
SQUID_PORT="3128"
# DO NOT MODIFY BELOW
# Clean old firewall
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
# Load IPTABLES modules for NAT and IP conntrack support
modprobe ip_conntrack
modprobe ip_conntrack_ftp
# For win xp ftp client
#modprobe ip_nat_ftp
echo 1 > /proc/sys/net/ipv4/ip_forward
# Setting default filter policy
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
# Unlimited access to loop back
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow UDP, DNS and Passive FTP
iptables -A INPUT -i $INTERNET -m state --state ESTABLISHED,RELATED -j ACCEPT
# set this system as a router for Rest of LAN
iptables --table nat --append POSTROUTING --out-interface $INTERNET -j MASQUERADE
iptables --append FORWARD --in-interface $LAN_IN -j ACCEPT
# unlimited access to LAN
iptables -A INPUT -i $LAN_IN -j ACCEPT
iptables -A OUTPUT -o $LAN_IN -j ACCEPT
# DNAT port 80 request comming from LAN systems to squid 3128 ($SQUID_PORT) aka transparent proxy
iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 80 -j DNAT --to $SQUID_SERVER:$SQUID_PORT
# if it is same system
iptables -t nat -A PREROUTING -i $INTERNET -p tcp --dport 80 -j REDIRECT --to-port $SQUID_PORT
# DROP everything and Log it
iptables -A INPUT -j LOG
iptables -A INPUT -j DROP
Save shell script. Execute script so that system will act as a router and forward the ports:
# chmod +x /etc/fw.proxy
# /etc/fw.proxy
# service iptables save
# chkconfig iptables on
Start or Restart the squid:
# /etc/init.d/squid restart
# chkconfig squid on
Point all desktop clients to your eth1 IP address (192.168.2.1) as Router/Gateway (use DHCP to distribute this information). You do not have to setup up individual browsers to work with proxies.
See access log file /var/log/squid/access.log:
# tail -f /var/log/squid/access.log
Above command will monitor all incoming request and log them to /var/log/squid/access_log file. Now if somebody accessing a website through browser, squid will log information.
All Desktop client FTP session request ended with an error:
Illegal PORT command.
I had loaded the ip_nat_ftp kernel module. Just type the following command press Enter and voila!
# modprobe ip_nat_ftp
Please note that modprobe command is already added to a shell script (above).
I had block out all connection request from our router settings except for our proxy (192.168.1.1) server. So all ports including 443 (https/ssl) request denied. You cannot redirect port 443, from debian mailing list, “Long answer: SSL is specifically designed to prevent “man in the middle” attacks, and setting up squid in such a way would be the same as such a “man in the middle” attack. You might be able to successfully achive this, but not without breaking the encryption and certification that is the point behind SSL“.
Therefore, I had quickly reopen port 443 (router firewall) for all my LAN computers and problem was solved.
You cannot use Squid authentication with a transparently intercepting proxy.
Updated for accuracy.
<!– –>
Posted in Linux | 1 Comment »
Posted by sasikumarp on December 16, 2008
This is a howto on getting subversion (multiple repositories) + http on FC7.
We will be logged in as root for quite a few tasks – make sure that you have read relevant documentation/tutorials before trying this HOWTO.
Keep an eye on 2 important things:
Both of these will be apparent in the prompt – I have used the standard prompt on
any Linux system – [user@machine ‘pwd’]
1. Install svn and mod_dav_svn via yum
2. Log in as root and create your directory structure for holding the repo:
[root@rknowsys2 var]# mkdir -p /var/subversion/repos
3. The repository has to be owned by apache to enable apache to read and write to this directory:
[root@rknowsys2 var]# chown -R apache:apache /var/subversion
4. Create your repo –
[root@rknowsys2 var]# svnadmin create /var/subversion/repos/
5. Import you source files into the repo – My source files are in directory “/root/kc/for-svn/iRunway” ——
[root@rknowsys2 var]# svn import /root/kc/for-svn/iRunway file:///var/subversion/repos/iRunway -m “initial import”
You will see stuff like this……..
Adding /root/kc/for-svn/iRunway/trunk/public/application-help.html
Adding /root/kc/for-svn/iRunway/trunk/public/favicon.ico
………………
…………..
……………………………..
Committed revision 1.
6. Now ensure that /var/subversion is owned by apache – Since I ran the ‘svn create’ and ‘svn import’ as root, I am not sure who owns the repo – The below command is to remove these doubts:
[root@rknowsys2 for-svn]# chown -R apache:apache /var/subversion
7. Now lets configure apache to work with subversion
refer this link: http://svnbook.red-bean.com/nightly/en/svn.serverconfig.httpd.html
Edit the conf file and add the content at the end of the file:
[root@rknowsys2 junk]# vi /etc/httpd/conf/httpd.conf
# kc start configuring apache for subversion 07-aug-07
# Instructions from:
# http://svnbook.red-bean.com/nightly/en/svn.serverconfig.httpd.html
# The above page is also saved to /root/admin-functions/subversion-stuff
# already loaded – kc LoadModule dav_svn_module modules/mod_dav_svn.so
DAV svn
SVNPath /var/subversion/repos/
#ServerName svn-rknowsys.no-ip.info
#ServerName 192.168.0.13 server name given in orig location above!!!!
# how to authenticate a user
AuthType Basic
AuthName “Subversion repository”
AuthUserFile /etc/svn-auth-file
# only authenticated users may access the repository
Require valid-user
CustomLog logs/svn_logfile “%t %u %{SVN-ACTION}e” env=SVN-ACTION
# kc end subversion stuff 07-aug-07
8. Now create subversion users:
[root@rknowsys2 junk] htpasswd -cm /etc/svn-auth-file kcr
New password: *****
Re-type new password: *****
Adding password for user kcr
9. Restart the httpd server
[root@rknowsys2 for-svn]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
10. Start using the repo
[root@rknowsys2 junk]# svn list http://192.168.0.13/repos/iRunway
Authentication realm: Subversion repository
Password for ‘root’:
Authentication realm: Subversion repository
Username: kcr
Password for ‘kcr’:
branches/
tags/
trunk/
[root@rknowsys2 junk]#
11. And now start creating subversion users using the htpasswd command shown above. – You are ready to roll it out to users.
12. Making multiple subversion repositories:
Let us do this in directory:/var/subversion/repos1
[root@rknowsys2 ~]# sudo -u apache mkdir -p /var/subversion/repos1
[root@rknowsys2 ~]# svnadmin create /var/subversion/repos1/ideaexchage
[root@rknowsys2 ~]# svnadmin create /var/subversion/repos1/tourism
[root@rknowsys2 ~]# svn import /root/kc/for-svn/ideaXchange/ file:///var/subversion/repos1/ideaexchage/ -m “Initial import”
Adding ……..
………………………………………………….
Committed revision 1.
[root@rknowsys2 ~]# svn import /root/kc/for-svn/tourism/ file:///var/subversion/repos1/tourism/ -m “Initial import”
Committed revision 1.
13. Now need to modify apache conf file:
Put this in the apache dir:
# kc start configuring apache for multiple repos in subversion 22-aug-07
# Instructions from:
# http://svn.haxx.se/users/archive-2004-09/1190.shtml
# http://cheminfo.informatics.indiana.edu/~rguha/misc/svnapache.html
# The above page is also saved to /root/admin-functions/subversion-stuff
# already loaded – kc LoadModule dav_svn_module modules/mod_dav_svn.so
DAV svn
SVNParentPath /var/subversion/repos1/
# how to authenticate a user
AuthType Basic
AuthName “Subversion repository”
AuthUserFile /etc/svn-auth-file
# only authenticated users may access the repository
Require valid-user
# kc end subversion stuff 22-aug-07
14. Restart the apache server
[root@rknowsys2 ~]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
15. Verify that the new repos are accessible
[root@rknowsys2 ~]# svn list http://192.168.0.12/repos1/tourism
Authentication realm: Subversion repository
Password for ‘root’:
Authentication realm: Subversion repository
Username: kcr
Password for ‘kcr’:
branches/
tags/
trunk/
[root@rknowsys2 ~]#
WORKING FINE………..
The problem was I typed ‘repo1’ instead of ‘repos1’
Posted in Linux | Leave a Comment »
Posted by sasikumarp on March 13, 2008
[Dialer Defaults]
Modem = /dev/ttyUSB0
Baud = 57600
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2
Phone = #777
Username =internet
Password =internet
Ask Password = 0
Stupid Mode = 1
Idle Seconds = 500
ISDN = 0
Auto DNS = 1
Posted in Linux | Leave a Comment »
Posted by sasikumarp on March 13, 2008
Linux setup a Concurrent Versioning System (CVS) howto
Q. I am planning to use Concurrent Versioning System. I am using both Red Hat and Fedora Linux. How do I setup a CVS server?
A. Concurrent Versioning System (CVS) a widely used version control system for software development or data archiving solutions.
From the wiki page, “CVS keeps track of all work and all changes in a set of files, typically the implementation of a software project, and allows several (potentially widely separated) developers to collaborate”.
Use rpm or up2date or yum command to install cvs:# rpm -ivh cvs*OR# up2date cvsOR# yum install cvsCreate a CVS user# useradd cvsAbove command will create a user cvs and group cvs with /home/cvs home directory.
# passwd cvs
Open /etc/profile and append following line:# vi /etc/profileAppend following line:export CVSROOT=/home/cvsSave the file and exit to shell promot.
Make sure your /etc/xinetd.d/cvs looks as follows:# less /etc/xinetd.d/cvsOutput:
service cvspserver
{
disable = no
socket_type = stream
wait = no
user = cvs
group = cvs
log_type = FILE /var/log/cvspserver
protocol = tcp
env = '$HOME=/home/cvsroot'
bind = 192.168.1.100
log_on_failure += USERID
port = 2401
server = /usr/bin/cvs
server_args = -f --allow-root=/home/cvsroot pserver
}
Note: Replace 192.168.1.100 with your actual server IP address.
Restart xinetd:# service xinetd restartAdd users to this group (see this howto for more info)# adduser username -g cvs
# passwd username
Client configuration
Finally user can connect to this CVS server using following syntax:
$ export CVSROOT=:pserver:vivek@192.168.1.100:/home/cvs
$ cvs loginWhere,
Posted in Linux, Uncategorized | Leave a Comment »
Posted by sasikumarp on March 6, 2008
Pre-Flight Checklist
NOTE: Any and all packages for OpenSUSE 10.3 are now handled by Andrea F., who is part of the Packman repository. Please update your links.
SLES\SLED 10: http://download.opensuse.org/repositories/home:/andrewd18/SLE_10/
SUSE Linux 10.1: http://download.opensuse.org/repositories/home:/andrewd18/SUSE_Linux_10.1/
OpenSUSE 10.2: http://download.opensuse.org/repositories/home:/andrewd18/openSUSE_10.2/
OpenSUSE 10.3 (USA Mirror): http://packman.unixheads.com/suse/10.3/
OpenSUSE 10.3 (Germany Mirror): http://packman.iu-bremen.de/suse/10.3/
If your card is listed, continue with step 3. If your card is not listed, skip to step 9.
Posted in Linux, Uncategorized | Leave a Comment »
Posted by sasikumarp on March 6, 2008
ntroduction: Continuing Windows users who install Linux like to maintain a Fat32 partition for data storage and swapping between Windows and Linux. Often they get “Permission denied” or similar messages when they try to write to the Fat partitions. This Tutorial shows how you set the user and group IDs in the file system table located at /etc/fstab to allow broad writeable access. The easy way is just to edit the fstab entries entries but if you’re from Windows Land you will be slaves to the GUI for a while. I do include fstab entries for advanced users who might browse here for reference.
Scene Setting: The screenshot to left, Pic 1, shows my filesystem viewed in Yast’s Expert Partitioner, located at Yast –> System –> Partitioner. Yours will of course be different.
There are eleven partitions in this example on my primary drive, sda, and the Fat32 partition is highlighted in blue, partition sda3. We’re only concerned here with the Fat32 partition.
Mount Point: The files on the Fat32 partition will appear in a directory/folder of your choice once sda3 is mounted. For illustration I choose “fat32″ in the directory /mnt; this directory is conventionally used in Suse for locating mounts although there’s no compulsion to use it. So for illustration the mount point is /mnt/fat32.
Mounting using Yast: In Yast –> System –> Partitioner you highlight the Fat32 partition in Pic 1 and click “Edit”. The screen in Pic 2 opens up and there you insert into the panel for “Mount Point” the path to the directory of your choice; e.g. /mnt/fat32.
Then Click “Fstab Options” in Pic 2 to set ownership and other details. The screen in Pic 3 will open up. Activate the selection “Device Name”. If the line users,gid=users,umask=0002,utf8 is not in the slot for “Arbitrary option values” then type it in. This line gives ownership to root and read/write access to all users. These permissions are meaningless in Windows and do not carry across when viewed there. In Windows all files belong to all users.
From this point you click the appropriate “OK”, “Next” and “Apply” buttons to make it happen.
Permissions on the mount point: The mount point, /mnt/fat32, needs to have ownership=root and group=users. In openSUSE 10.3 that happens automagically but it doesn’t happen that way in openSUSE 10.2 or Suse 10.0, 10.1. You must make the necessary changes to the mount point (folder/directory) when the partition is NOT mounted.
Here are the extra steps needed in Suse 10.0, 10.1 and openSUSE 10.3.
Just for completeness, you could do the last three steps in a GUI using Konqueror or Nautilus. First unmount the partition. Then Navigate to the folder /mnt/fat32 and change the ownership and permissions as shown for Konqueror on the left in Pic 4.
Here is the entry in fstab for the mount:
/dev/sda3 /mnt/fat32 vfat users,gid=users,umask=0002,utf8=true 0 0
Bug in Yast Partitioner in openSUSE 10.3: Sometimes in 10.3 the line in fstab for the mount lists the device by device ID rather than by device path as emphasised in red in Pic 3. Why? It is because even though you choose “Device name” in Pic 3, you get “Device ID” transferring through to fstab. That’s a bug in Yast Partitioner but only in 10.3. You can fix that by editing the entry in fstab and changing it to look like the line directly above. You can edit fstab directly with this command in a terminal:
For KDE use kdesu kwrite /etc/fstab
For Gnome use gnomesu gedit /etc/fstab
I will remove this bug work-around when and if it’s fixed. Please let me know if you discover it’s fixed before I do.
But I want Privacy From Others: In this case you make the mount point in the territory of the chosen user, say at /home/michael/fat32. It’s a standard folder with no special permissions, owned by “michael” with default permissions drwxr-xr-x. Do that first. You can mount the partition in Yast using the new mount point (/home/michael/fat32) instead of the one shown in Pic 2 and these “Arbitrary options” instead of the ones shown in Pic 3: uid=michael,gid=users,utf8=true.
Now the Fat32 partition will be writeable by Michael and readable by all users. If you want absolute privacy you can make a directory within fat32 that is “forbidden” to all users but Michael. Note that you cannot make the directory fat32 forbidden to other users, only directories under directory fat32. Here is the entry in fstab for the fat32 partition under these more restricted circumstances:
/dev/sda3 /home/michael/fat32 vfat uid=michael,gid=users,utf8=true 0 0
That’s all folks. Hope it helps.
Posted by raghupathy in Windows.
add a comment
Yes, we used COPY CON filename to create a file with name filename. Anyone can say that it is a form of COPY command. So, why was creating a file different than all other commands? I didn’t understand it, till I found out how to print using DOS, almost four years later.
DOS uses different names for the attached devices, I learnt. PRN was one such name. TYPE filename would display the contents of a file and TYPE filename > PRN would print it instead of displaying. Curiosity brings many hidden matters out. PRN would surely mean Printer and will redirect the output to the printer instead of console. Console (monitor) is the implicit default output device, and it can be bypassed if needed. So, how to put it explicitly? There must be some means to do that. Yes, there is! TYPE filename > CON performs exactly same function as TYPE filename. These special names for the devices really mean something special for the operating system and those names can not be used as folder or file names: CON, PRN, NUL, COM1 to COM9, LPT1 to LPT9, which stand for CONsole, PRiNter, NULl, serial COMmmunication ports, Line PrinTer ports.
The time has changed and Operating System can also be fooled! But still, many people think that it is not possible to create a folder by name CON. Using the path of network drive, these special names can also be used as folder names! Here is how:
In short, use the network path syntax instead of absolute path syntax.
Now on to the practical aspect of this. Why can’t we create it directly but using the network path syntax? The answer is simple. A computer can have only one default console, printer, null etc. So, if it is accessed from a network, theoretically, the console should belong to another node in the network. Since that node may not have a device which can be referred using the name CON, it will no longer be considered as a reserved name. Hence, the folder can be created.
The next time when someone asks the question why we can’t create a folder by name CON, say with confidence that it is not true…
Posted in Linux, Uncategorized | Leave a Comment »
Posted by sasikumarp on February 29, 2008
Enable the below mentioned modules in Apache
1. Enable the module in httpd.conf
a. LoadModule deflate_module modules/mod_deflate.so
b. Include the lines in httpd.conf
i. SetOutputFilter DEFLATE
ii. AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/x-javascript
iii. BrowserMatch ^Mozilla/4 no-gzip
iv. BrowserMatch bMSIEs7 !no-gzip
v. BrowserMatch bMSIE.*SV !no-gzip
vi. BrowserMatch bOpera !no-gzip
vii. Header append Vary User-Agent
2. Enabling the expire header
a. LoadModule expires_module modules/mod_expires.so
b. Include the lines in httpd.conf
i. ExpiresActive On
ii. ExpiresDefault “access plus 10 years”
3. Installing the Xcache
a. I have already informed about the implementation of xcache.
Posted in Linux, Uncategorized | Leave a Comment »
Posted by sasikumarp on February 28, 2008
Below links are useful to check speed test in dsl connection
http://www.dslreports.com/speedtest?flash=1
Posted in Linux, Uncategorized, Windows | Leave a Comment »
Posted by sasikumarp on February 23, 2008
&lt;A href=”http://a.tribalfusion.com/h.click/avmyJdWHfXmPYZdncvnodfD3aBk2tim3AfKpFfZd0G3P1sv2XGJvma7V3FQ2Vb7GVPQ2REn1QcUoPWJx0tZbuVAry4sMU0b3DT6im5ABcR6bI4HYsXW3AmHEx3P3V3sngUVQlWVnlS6UMTdJ3YG7h8F9vZcg/http://ad.in.doubleclick.net/clk;182319871;24411341;z?http://www1.ap.dell.com/content/products/productdetails.aspx/inspnnb_1525?c=in&amp;cs=indhs1&amp;l=en&amp;s=dhs&amp;~ck=mn” TARGET=”_blank”&gt;&lt;IMG src=http://cdn5.tribalfusion.com/media/1102796/dell1525_300x250.jpg WIDTH=300 HEIGHT=250 BORDER=0&gt;&lt;/A&gt; <A href=’http://a.tribalfusion.com/h.click/avmyJdWHfXmPYZdncvnodfD3aBk2tim3AfKpFfZd0G3P1sv2XGJvma7V3FQ2Vb7GVPQ2REn1QcUoPWJx0tZbuVAry4sMU0b3DT6im5ABcR6bI4HYsXW3AmHEx3P3V3sngUVQlWVnlS6UMTdJ3YG7h8F9vZcg/http://ad.in.doubleclick.net/clk;182319871;24411341;z?http://www1.ap.dell.com/content/products/productdetails.aspx/inspnnb_1525?c=in&cs=indhs1&l=en&s=dhs&~ck=mn’ TARGET=’_blank’> <IMG src=’http://cdn5.tribalfusion.com/media/1102796/dell1525_300x250.jpg’ WIDTH=300 HEIGHT=250 ALT=’Click Here!’ BORDER=0></A>
Q. I am planning to use Concurrent Versioning System. I am using both Red Hat and Fedora Linux. How do I setup a CVS server?
A. Concurrent Versioning System (CVS) a widely used version control system for software development or data archiving solutions.
From the wiki page, “CVS keeps track of all work and all changes in a set of files, typically the implementation of a software project, and allows several (potentially widely separated) developers to collaborate”.
Use rpm or up2date or yum command to install cvs:# rpm -ivh cvs*OR# up2date cvsOR# yum install cvsCreate a CVS user# useradd cvsAbove command will create a user cvs and group cvs with /home/cvs home directory.
# passwd cvs
Open /etc/profile and append following line:# vi /etc/profileAppend following line:export CVSROOT=/home/cvsSave the file and exit to shell promot.
Make sure your /etc/xinetd.d/cvs looks as follows:# less /etc/xinetd.d/cvsOutput:
service cvspserver
{
disable = no
socket_type = stream
wait = no
user = cvs
group = cvs
log_type = FILE /var/log/cvspserver
protocol = tcp
env = '$HOME=/home/cvsroot'
bind = 192.168.1.100
log_on_failure += USERID
port = 2401
server = /usr/bin/cvs
server_args = -f --allow-root=/home/cvsroot pserver
}
Note: Replace 192.168.1.100 with your actual server IP address.
Restart xinetd:# service xinetd restartAdd users to this group (see this howto for more info)# adduser username -g cvsClient configuration
# passwd username
Finally user can connect to this CVS server using following syntax:
$ export CVSROOT=:pserver:vivek@192.168.1.100:/home/cvs
$ cvs loginWhere,
Posted in Linux | Leave a Comment »
Sasikumarp's Weblog 
