Category: 軟體 / Software

Let’s say you have a web server running apache and you have a bunch of virtual hosts for a bunch of domains. You want to enable UserDir so that example.com/~user URLs automatically map to (by default) the public_html directory in each user’s home directory. Apache already includes a userdir module, so you go and enable it. But, oops, by default it enables it on all your hosts, not just one. You want it enabled on just one, not all of them. So you go and google and there are a bunch of complicated solutions to this that seem way too much like overkill. Fortunately there is a much simpler solution:

First, go to your apache configuration directory, for example on Debian:

cd /etc/apache2

Second, enable the userdir module:

sudo a2enmod userdir

Third, delete the enabled userdir configuration file:

sudo rm mods-enabled/userdir.conf

Fourth, edit the virtual host configuration file, e.g. sites-enabled/example.com.conf, that you want to use userdir on and add this line within the VirtualHost scope:

Include mods-available/userdir.conf

Fifth, reload apache, usually by running (if you use systemd):

sudo systemctl reload apache2

Really simple, right? An explanation of this is in order: Why did we enable it only to delete the configuration? Enabling a module actually does two things: First it adds a .conf file that tells apache the default configuration of the module. Second it adds a .load file that tells apache to load a dynamic library with the executable code that apache runs when the module is used.

By default, the .conf file applies globally, i.e. to all of the sites in use. This is great if you want all of your sites to do the same thing. It’s not so great if you want the module enabled only on one or a few sites. The effect of the above is to load the dynamic library so that apache can use it, but not to add the global configuration. The “Include” in the virtual host configuration file will enable the configuration for the module for that virtual host only.

If you need to further tweak things (enable or disable specific usernames, the path, etc.) then instead of using “Include” you can copy the contents of mods-available/userdir.conf into your virtual host configuration file and customize as needed.

In principle, the same procedure should work for other modules you want to use only on specific virtual hosts.

Tonight I migrated my VPS from vpslink which I no longer recommend to GeekStorage. They both run Debian on OpenVZ/Virtuozzo, so I figured it wouldn’t be hard to migrate over.

I didn’t really find much about migration on the user side. Most of the migration pages were about how to migrate containers from the host server’s perspective. I did manage to cobble together enough clues to figure out what to do.

Basically to summarize the essential points, you can just copy everything from the old server to the new, clobbering whatever is there, EXCEPT for the following:

/aquota.group
/aquota.user
/etc/fstab
/etc/hostname
/etc/hosts
/etc/resolv.conf
/etc/network/interfaces
/etc/network/interfaces.template
/dev
/proc
/sys

In more detail:

On vpslink I have Debian on OpenVZ. So when I signed up the GeekStorage, I requested Debian on Virtuozzo. OpenVZ is the open-source variety of Virtuozzo, so they are close enough.

When GeekStorage said the VPS was ready, I logged in and used rsync to copy everything from the old server to /backup/old. That took a few hours. Then on the old server, I shutdown all the services (sendmail, apache, mysql, tinymuck, etc.) and then ran rsync again. That updated everything that changed while the first rsync was running, and was fairly quick.

Once that was done, I put the server in repair mode. This creates a temporary container with the real container’s contents mounted under /repair. I logged into the repair mode serve. First I moved everything in /repair except aquota.*, backup, dev, proc and sys to /repair/backup/orig. This moves the new VPS’ original OS files out of the way.

Then I moved everything in /repair/backup/old except aquota.*, dev, proc and sys to /repair. That moves the old VPS’ OS files to the new VPS’ root directory. Then I copied the etc files (see above) from /repair/backup/orig/etc to /repair/etc.

Caveats: Remember that there are probably hidden dotfiles in the old and new root dirs you need to move too. Also remember to always work in /repair when in repair mode. It’s easy to forget and start twiddling in /etc instead of /repair/etc. That disappears as soon as repair mode is finished.

Then I took the server out of repair mode, which boots into the VPS container again. And miraculously, it booted up just fine with everything looking just like it was on the old VPS. I had to twiddle a couple of other files with hardcoded IPs, but the OS came up just fine. I also had to update a bunch of things in DNS and wait for DNS caching to time out.

For several days now my desktop system has been trying and failing to install a windows update for “Microsoft UAA Bus Driver for High Definition Audio” over and over again. The update was from 2004 so it is unclear why this was suddenly something it is trying to install now. I finally got whatever it was resolved:

– In Device Manager (Control Panel, System, Hardware, Device Manager) expand the “System devices” category

– For each “Microsoft UAA Bus Driver for High Definition Audio” device, right click and select “uninstall”

– It will ask you to reboot; do so.

– When it reboots it will reinstall the device and ask you to reboot again; do so.

– Now you should no longer see the update trying to install.

(It may try and fail to install the update again during the two reboots but just ignore that. It should be back to normal after the final reboot.)

One drawback of using your Kindle 2 in an area without wireless connectivity is that the date on your Kindle will not be set correctly, but instead be set to sometime in 1970. (UNIX timestamps start from January 1, 1970 and Kindle’s software runs on Linux.) This is really not a very serious problem except that your bookmarks, notes and clippings files will have bogus timestamps.

Fortunately there is a hidden option to enable networking over USB connections. If this connection is enabled and properly set up, then one of the things it will do when connected is set the time. The time on mine was set to UTC (sometimes called GMT) time zone instead of Taipei time (UTC+0800), but at least it is only 8 hours off instead of 39+ years.

I learned how to set up USB networking on Kindle from Jesse Vincent’s blog post Tethering your Kindle 2 where he explains how to do this on MacOS. Since Windows systems are a bit different below is a shorthand version for Windows XP. If you get confused by anything, see Jesse’s original post for more detail. Vista procedure is probably a bit different.

1. Get the driver here: http://www.davehylands.com/linux/gumstix/usbnet/linux.inf (If you run XP x64 or Vista 64-bit, you will need to modify the driver as documented here: http://docwiki.gumstix.org/index.php/Windows_XP_usbnet#Step_7.)
2. Enable Internet Sharing on your Windows box. Open the “Network Connections” Control Panel, right click on your main network connection and select “Properties.” Select the “Advanced” tab and enable “Allow other network users to connect …”
3. On your Kindle press “HOME”.
4. Search: ;debugOn
5. (Optional) Search “`help” to verify debug mode is on; you should get a list of available commands.
6. Search: `usbNetwork
7. Search: `usbQa
8. Connect your Kindle to your computer’s USB port. You should see a network connection detected. When it asks to install a driver tell it to manually install, and point it to the directory you saved linux.inf to.
9. The “Network Connections” Control Panel will now have a new network connection listed. Right click on it, select “Properties,” click on “Internet Protocol (TCP/IP)” at the bottom of the scroll box and press “Properties.” Enter the following: “IP address: 192.168.15.200” “Subnet mask: 255.255.255.0.”
10. Shortly after connecting to the Internet you Kindle should update the time setting. You can confirm if it does so by searching: @time
11. To get your Kindle back to normal USB mode, restart it: “HOME” “MENU” “Settings” “MENU” “Restart”

The QNAP NAS servers run a Linux OS and out of the box supports ssh logins as the “admin” user (basically root with a different name). But if you add a user and try to log in, it just closes the connection. If you look at /etc/ssh/sshd_config you’ll notice that there is a configuration line for “AllowUsers admin” which may lead you to believe that you just need to modify this line. Unfortunately the ssh server itself is also hard coded to allow admin logins only.

There are several guides for how to get around this restriction. The solution involves installing openssh either in addition to or as a replacement of the built in sshd. Many of these guides seemed overly complex to me, so I took several of them and came up with what I think is the simplest approach to replace the existing sshd with one that allows logins by all users.

This guide is known to work with the QNAP TS-409 running firmware 2.1.2 Build 1112T. It will probably work with other QNAP models, or other firmware versions, but no guarantees. This assumes you know how to ssh to your NAS as admin, you’ve created a new user and you already have ipkg installed and working. If you don’t have ipkg, see this http://forum.qnap.com/viewtopic.php?f=85&t=1085 and follow the “Sit Back” approach.

First install openssh:

ipkg update
ipkg install openssh

Now let’s swap out the stock server with the ipkg version:

mv /usr/sbin/sshd /usr/sbin/sshd-orig
cp /opt/sbin/sshd /usr/sbin/

Now on QNAP servers the filesystems are a bit strange because the OS is loaded from firmware onto a ramdisk. As a side effect of this, some system modifications will disappear upon reboot unless you follow special procedures to preserve them. This is true of the /etc/ssh/sshd_config file. We will need to move it to a location outside of the ramdisk.

cp /etc/ssh/sshd_config /mnt/HDA_ROOT/.config/ssh/

Next we need to edit the relocated sshd_config file (use your preferred editor if you don’t like vi):

vi /mnt/HDA_ROOT/.config/ssh/sshd_config

You have two choices when editing this file. Option one is to edit AllowUsers to add the usernames you want to be able to log in. Each username is separated by a space. Alternatively, you can comment out the AllowUsers line completely which will allow any user to log in.

Next copy it back to the normal location:

cp /mnt/HDA_ROOT/.config/ssh/sshd_config /etc/ssh

At this point you can test your configuration. BUT… you are NOT done yet. There’s one more step to make your changes permanent, so don’t just quit after this step.

Log into the web admin interface of your NAS and under the “System Tools” category click on “Remote Login.” Untick “Allow SSH Connection” and press “Apply.” Wait a few seconds, then tick “Allow SSH Connection” and press “Apply” again. This will reset your ssh server and if you did everything right you should now be able to login as users besides admin.

If it does not work, don’t panic. You can restart your NAS and the configuration will be replaced with the original. If you really manage to screw things up, enable telnet and log in that way to try to fix things up.

(Be careful about restarting sshd while logged in via ssh. It is very easy to kill your own connection before the new sshd starts and then you will have to use the web admin interface anyways. If you know what you are doing and are very careful, you can restart it via the shell.)

Now if everything went well, we can make the configuration permanent. We need to create or edit an autorun.sh script which moves the configuration over during boot. First mount the config area:

mount -t ext2 /dev/mtdblock5 /tmp/config

(The device may differ if you have a different model. Check Google if the last step doesn’t work.)

Next we need to edit or create the autorun.sh file:

vi /tmp/config/autorun.sh

If the file doesn’t exist or is empty, insert all of the following. If there is already a script there, skip the first two lines and add the rest at the end of the file:

#!/bin/sh

# SSH Config
cp /mnt/HDA_ROOT/.config/ssh/sshd_config /etc/ssh/sshd_config
/etc/init.d/login.sh restart

After saving it, make sure it is made executable and unmount the filesystem:

chmod +x /tmp/config/autorun.sh
umount /tmp/config

Now you can reboot your NAS and confirm that the configuration was preserved. Keep in mind that it can take 3-4 minutes to reboot. There will be a couple of short beeps during the reboot process and one longer beep when it has completed booting. Be patient and wait for the long beep before trying to login.

In the future be sure to make any configuration changes to sshd_config by editing the non-ramdisk copy like follows:

vi /mnt/HDA_ROOT/.config/ssh/sshd_config
cp /mnt/HDA_ROOT/.config/ssh/sshd_config /etc/ssh

If you are trying to use this plugin on XP 64-bit OS you may find that you follow all the directions to install it and then run into an error:

“unable to load …ReduceFlickerSSE3.dll”

The problem is that the instructions tell you to install AvsRecursion.dll in “C:\WINDOWS\system32”. On XP x64 it should actually be installed in “C:\WINDOWS\SysWOW64”. Move it there and it should work fine.