Answerman

by the world-renowned AnswerCrew

Well, people, following my request in the February column for help in creating a quality Q & A column, several people volunteered. This reaffirmed my believe in the fundamental nature of people to share, to volunteer. Particularly among the "nerd and geek" ranks who inhabit the BSD world.

We are still open to as many qualified people who are interested in sharing their expertise.

--This includes women, obviously, who may have been put off by the choice of column title. "AnswerPerson" leaves a gritty taste somehow...    :-) --

At any rate, the more of you, the stronger the column. Your locale matters not; what counts is your experience, hopefully in the Berkeley Unix environments, a dedication to the open-source paradigm, and a willingness to share.

Meanwhile, thanks duly noted to everyone who has joined. Immediately below are this month's Questions and Answers.

-- Gary Kline

1. How can I use HTML with my hand-dandy mutt?
2. Is there a rational way of finding descriptions of what's in my ports?
3. Is there an easy way of backing up some of all of my files over a secure (ssh) networked connection?
4. How can I automatically log out idle users?! Arrgh!
5. How can I get my StarOffice 6.0 CD working on my FreeBSD 4.7?
6. Are there any clients available that will let me connect my BSD server to our Microsoft pptp server?
7. How can I create a start|stop script for swatch?

Q1:

I use mutt rather than a GUI mailer for conveniece and because it lets me us my editor of choice. But mutt doesn't handle HTML without some magic.

Can you tell me that magic incantations to get mutt to do HTML?

A:

The easiest way of getting mutt to grok HTML is to use lynx. You need only add a line to your ~/.mailcap file.

	text/html; lynx -force_html %s; needsterminal;

You will still get the warning that mutt cannot understand HTML and that you need to type 'v' to read the message. After you have hit 'v' you should see a new screen; then simply hit and lynx will dislay the message as best it can handle HTML.

If you prefer to have Mutt display your text inline, with no additional menu, you can do that by using this line in the mailcap instead:

	text/html; lynx -restrictions=all -dump -force_html %s; copiousoutput; nametemplate=%s.html

Most of us hard-core types still prefer ASCII or at least ISO-8859-N, but if you still have to handle HTML with mutt, this way seems pretty reasonable...

Q2:

The ports collection is great if you know what you want, but it's real a pain if you don't know exactly the application you need. You have to "ls" and "cd" into each sub directory and then "more" or "cat" each pkg-descr file. It would be nice to just display screen by screen all the pkg-descr files appropriate to my query.

A:

Using the search argument with make and the key="keyword" (and piping the output through more for the sake of readability is one solution. If we are doing a query for "aiff" to find all applications that deal with aiff sound files, try the following:

     	$ cd /usr/ports
	$ make search key="aiff" | more

The following will also work; it searches all pkg-descr files in the ports tree for ones with the string "aiff" and prompt you to display each one at a time (takes a while to run on some systems as it has to traverse the whole ports tree). (Continuation symbol so that the example fits on one line)

	$ find /usr/ports -name "pkg-descr" | xargs grep -i "aiff" | \
	  cut -f1 -d : | sort -u | xargs -p -n1 | more -C

Q3:

How do I securely backup all the files on my system to another machine on the network or on the Internet?

A:

	tar cvf - / | ssh -l me my.remote.host.com "gzip > ~/backup.tar.gz"

Where "me" is your username on the remote machine, and
"my.remote.host.com" is the remote host.

You will be prompted for a password on the remote host. Once you enter it, it will create the archive in your home directory on the remote machine. If you wanted to automate this via cron you could upload you public key to the remote machine and then run this without being prompted for a password.

Q4:

Can someone help me? I have read and looked everywhere and tried some stuff but I can not seem to get my server to auto log out a user from shell when they are inactive for x amount of time.

I have tried setting idletime=5m in the login.conf but no luck.

Our other (old version) of FreeBSD server automatically logged out inactive people. I am running 3.3-RELEASE FreeBSD 3.3-RELEASE.

A:

Indeed some of the options in login.conf are broken or not implemented. One thing you can do is use idled form the ports collections.

	# /usr/ports/sysutils/idled 
	# make all install

The idled daemon will be started by /usr/local/etc/rc.d/idled.sh script after every reboot. You will also find a configuration file in /usr/local/etc/idled.cf. You might be interested in "EXEMPTIONS:" section where you specify logins to be ignored by idled.

       	exempt tty console session
	exempt login root all
	exempt login gregory smith jones dooley kline  all

You might also be interested in the TIMEOUT option. Reading both the idled configuration file and its man page idled.cf(5) will be helpful.

Sometimes a session may die abormally and wtmp entry will not be updated. The user will not be logged but you will see him with "w" command for example:

	# w
	21:57  up 47 days, 11:16, 9 users, load averages: 0,15 0,15 0,10
	USER             TTY      FROM              LOGIN@  IDLE WHAT
	gregory          p6       example.waw.pl   21:52

What you can do now is write your own logout program to clear the incorrect wtmp entry:

	/*
	 * use logout(3) to correct to utmp file
	 */
	#include <sys/types.h>
	#include <libutil.h>
	#include <stdio.h>
	#include <stdlib.h>
	
	main(int ac, char **av)
	{
		if (ac == 1) {
			fprintf(stderr, "usage: clrwtmp TTY\n");
			return 1;
		}
		if((logout(av[1])==0)){
			fprintf(stderr, "No one logged on %s\n", av[1]);
			return 1;
		}
	}

Name it logout.c and compile:

	# gcc -lutil logout.c -o clrwtmp
	# ./clrwtmp ttyp6

Q5:

I purchased the StarOffice 6.0 CD and am trying to install it on FreeBSD 4.7 which is running on my i386 system..

Earlier, when trying to install from /usr/ports/editors/staroffice60 with make install, it gave a message to place the file SO-6_0-ga-bin-linux-en.bin in /usr/ports/distfiles. The cd does not have this file, at least not that I can find. Since I have installed Linux binary compatibility, I tried running the CD setup script located in the cd linus directory, it seemed to hangup rather quickly.

Any ideas on how to get this installed?

A:

No problem. You must have one of these OEM CDs where the contents are unpacked. so-6_0-ga-bin-linux-en.bin is an exectutable version of StarOffice 6.0.

What you have to do is to ensure you have Linux binary compatibility intstalled. Add the following into your /sys/i386/conf/KERNEL file:

	options		COMPAT_LINUX
	options		LINPROCFS

After you have rebuild and reinstalled your new kernel, reboot and mount linprocrs as follows:

	# mount_linprocfs linprocfs /compat/linux/proc

Type mount (without any options) to see if it worked. You should see:

	linproc         /compat/linux/proc      linprocfs       rw     0 0

Now start X as root. If you run them as a regular user, start an xterm, and then:

	$ xhost +local:  (do this as normal user) Yes, that's "+local:"
	# su - root      (change your euid)
	# export TERM=DISPLAY=:0
	# mount cdrom

Now, by running the setup program you should be able to complete your installation.

	# /cdrom/english/linux/office60/setup

You may download a patch for StarOffice ID=112887-03 from http://sunsolve.sun.com

It comes as a tar file, 112887-03.tar

This finished your job:

	# tar -xvf 112887-03.tar
	# cd 112887-03
	# ./so-6_0-pp2-bin-linux.bin

Q6:

I want to connect my BSD box to our Intranet but they only use MS PPTP Server. What clients are available to do this, if any?

A:

The finest of the products out their is MPD located in /usr/ports/net/mpd. MPD is a Multi Protocol Dæmon. It can handle normal dialup. It can also handle PPTP connections as a server and client.

This was discovered a couple of years ago when we were looking into VPN server for our windows clients. We run FreeBSD VPN servers and 1/2 of the IT department runs FreeBSD as a workstation at work and at home. We wanted this to work for us too. In working with MPD we have found that that we could have FreeBSD MPD clients connecting to MPD servers (and it worked for every version of Windows that we tried). Once we figured out the client configuration it connected and ran well. This has been in production for a couple of years.

To install mpd you will need the ports collection. I highly recommend portupgrade port to handle this. Since portupgrade is completely different discussion we will use make instead for simplicity.

	root@monty # cd /usr/ports/net/mpd
	root@monty # make all install

Once installed we will setup the PPTP portion of this. If you currently use mpd just add the entries below to your configuration files, otherwise create the new files.

	root@monty # cd /usr/local/etc/mpd
	root@monty # mkdir samples
	root@monty # mv *.samples ./samples
	root@monty # vi mpd.conf
	root@monty # vi mpd.links

MPD uses netgraph (ngX,ngY). You will not need to do anything to the kernel conf files unless you have policies in place that don't allow kernel loadable modules. MPD will load the modules for you on start.

Running MPD

	root@monty # mpd

This will run mpd in interactive mode allowing you to watch the connection. Once everything is working properly run:

	root@monty # mpd -b

This will run will run mpd in the background. If you want to want to log this do this:

	root@monty # touch /var/log/mpd.log
	root@monty # vi /etc/syslog.conf

and add:

	!mpd
	*.*                                             /var/log/mpd.log

This will have you up and running.

Here are some logical sample entries for the MPD configuration file: In /usr/local/etc/mpd.conf

	default:
		load pptp
	
	pptp:
		new -i ng0 pptp pptp
		set iface disable on-demand
		set iface idle 0
		set address 10.0.0.1 10.0.1.1
	
		## setup routing to the vpn network in case you need it
		# set iface route 10.0.6.0/24
		# set iface route 10.0.4.0/24
		# set iface route 10.0.5.0/24
	
		set bundle disable multilink
		set bundle authname "ms_username"
		set bundle password "ms_password"
		set link yes acfcomp protocomp
		set link no pap
		set link yes chap
		set link enable no-orig-auth
		set link keep-alive 10 60
		set ipcp yes vjcomp
		set ipcp ranges 0.0.0.0/0 0.0.0.0/0
		set bundle enable compression
		set ccp yes mppc
		set ccp yes mpp-e40
		set ccp yes mpp-e128
		set ccp yes mpp-stateless
		open

And in /usr/local/etc/mpd.links

	pptp:
		set link type pptp
		set pptp self YOUR REAL IP ADDRESS
		set pptp peer SERVER REAL IP ADDRESS
		set pptp enable originate outcall

Q7:

I have installed swatch-3.0.4 from ports collection but I can't see any start/stop script. How can I make one?

A:

You can choose one of the scripts from /usr/local/etc/rc.d, and use it as a template. This script is very simple and demonstrates some tricks you may use with swatch. My swatch.sh looks like:

	#!/bin/sh
	case $1 in
		start)
			if [ -x /usr/local/bin/swatch ]; then
				cd /root
				/usr/local/bin/swatch -c /root/.swatchrc -t /var/log/messages &
			fi
			;;
		stop)
			/usr/bin/logger -f /var/log/messages -t SWATCH -p local0.notice SWATCH QUIT
			;;
		*)
			echo "USAGE $0 (start|stop)"
			exit 1
	esac

Starting: As you see, with "-c" I tell swatch to use /root/.swatchrc rules file; with "-t" I tell it what logfile to monitor.

Stopping: Here I use logger to send a message "SWATCH QUIT" to /var/log/messages logfile as facility local0 and level notice.

While swatch watches /var/log/messages and finds a string "SWATCH QUIT" it will stop itself.

About the AnswerCrew

Grzegorz Czaplinski, B.Sc. in Computer Science. I spend most of my time with computers, mainly administration. I work for Sun Microsystems and Warsaw University of Technology. I like reading, walking and climbing. I am here to help people with BSD systems.

[Mail]

Ryan Dooley

UNIX Systems Administrator and Open Source Advocate since 1993

Gary Kline has been porting code since the late 1970's. When he isn't hacking code, he's hacking prose or philosophical poetry, or listening to Jazz and slurping down French roast. Currently he studies philosophy.

Recent adventures include the thrills of learning about the Domain Name System and network and mail administration.

[home|mail]

David Leonard is a PhD student in the Department of Computer Science and Electrical Engineering at the University of Queensland, Brisbane, Australia.

His area of research is QoS-adaptive component software architectures, and in his spare time is a developer for the OpenBSD project. That said, David enjoys living the quiet life with his wife, Kylie and cat, Mu. He especially enjoys frequenting Moreton Bay's many fabulous places to eat. Mmmmm!

[home|mail]

Dirk Myers does things with words, perl, and Unix.

[mail]

Travis Stevenson Life in Computer Science. I am the Chief Network Engineer for Maverik Country Stores in Star Valley, Wy. I have been using/administrating BSD's since 1994. I'm here to help people feel the joy. :)

[Mail]

Andy Wallis I am Software Engineer for Lockheed Martin Air Traffic Management. I build and package Commercial Off The Shelf software into packages for ATC systems(UNIX across the board; Solaris and AIX mostly) that we sell to Civil Aviation Authorities like the FAA. I have BS in Computer Science from Ball State University; known for Dave Letterman, drunkards, and Garfield. I like to work on various molding computer and the BSDs(esp NetBSD). I also like read, cycle, and play roleplaying games.

[Mail]

Allan Dib MCSE (Microsoft Certified Systems Engineer), CCA (Citrix Certified Administrator)

Allan Dib is Director of Technical Services at qtec a Melbourne/Australia based IT consulting specialising in cross platform solutions and information security.

[mail]