Tuesday, January 6, 2015

OpenLDAP+Apache

I decided to create an OpenLDAP server[1] for my research group to serve as the central storage for member information (POSIX generic account). This server will be used to authenticate users when they access certain services that should be available to group members only. The group's wiki seems like a good candidate to test the setup.
First, enable LDAP related apache modules.
sudo a2enmod ldap authnz-ldap
Next, edit /etc/apache2/apache2.conf to add the following:
<directory>
        AuthType Basic
        AuthName "This site is for SRG members only. Please use your SRG NetId credentials to access this site."
        AuthBasicProvider ldap
        #AuthzLDAPAuthoritative on
        AuthLDAPURL "ldap://[your ldap server ip addess]:389/dc=srg,dc=ics,dc=uplb,dc=edu,dc=ph?uid"
        AuthLDAPBindDN "cn=admin,dc=srg,dc=ics,dc=uplb,dc=edu,dc=ph"
        AuthLDAPBindPassword [your admin password]
        Require valid-user
</directory>
Finally, restart apache.
sudo service restart apache2

Sunday, January 4, 2015

Remove unused kernel images/headers in Ubuntu

The command below removes the image and associated headers of the kernel not currently running. This allows us to reclaim disk space in /boot (especially when created as a separate partition). The kernel version currently running (usually the latest) can be viewed using the command uname -r.

To be sure, upgrade the system first.
sudo apt-get -y update
sudo apt-get -y upgrade
sudo reboot
uname -r

Then remove the old kernel images and headers.
echo $(dpkg --list | grep linux-image | awk '{ print $2 }' | sort | sed -n '/'`uname -r`'/q;p') $(dpkg --list | grep linux-headers | awk '{ print $2 }' | sort -n | sed -n '/'"$(uname -r | sed "s/\([0-9.-]*\)-\([^0-9]\+\)/\1/")"'/q;p') | xargs sudo apt-get -y purge