Setting up a new server and I'm finally starting to use SELinux. I know I should have done this years ago, but what can I say...
Anyway, I installed the OpenVPN rpm (v2.09) from Dag Wieers. I copied my config files over my desktop machine and then copied to /etc/openvpn. I attempted to start the service, but it kept failing. I looked in my audit log in /var/log/audit/audit.log and saw this error:
type=AVC msg=audit(1284047743.108:34): avc: denied { read } for pid=3895 comm="openvpn" name="client.conf" dev=dm-0 ino=65543 scontext=user_u:system_r:openvpn_t:s0 tcontext=user_u:object_r:user_home_t:s0 tclass=file
type=SYSCALL msg=audit(1284047743.108:34): arch=40000003 syscall=5 success=no exit=-13 a0=bfab9c18 a1=0 a2=1b6 a3=9084298 items=0 ppid=3887 pid=3895 auid=501 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=2 comm="openvpn" exe="/usr/sbin/openvpn" subj=user_u:system_r:openvpn_t:s0 key=(null)
Why would the OpenVPN SELinux policy deny access to the /etc/openvpn directory? Because I copied them to my home directory before moving them to /etc/openvpn! I was able to restore the correct selinux security context on the files by running this command:
/sbin/restorecon -R -v /etc/openvpn
(Thanks Daniel @ Redhat Bugzilla!)
Thursday, September 9, 2010
Thursday, July 29, 2010
Windows XP User - Everything is gone after login...
Step-by-step instructions for a quick fix:
http://theonlinetutorials.com/how-to-resolve-windows-xp-temp-profile-problem.html
Thanks rjlangley!
http://theonlinetutorials.com/how-to-resolve-windows-xp-temp-profile-problem.html
Thanks rjlangley!
Wednesday, July 14, 2010
"SM Bus Controller" drivers for Dell Latitude e6410, e5510, e4310 & e6510.
I recently did a fresh install of Windows XP on a Dell Latitude e6410 laptop. I installed all the drivers from Dell's website, but could not find the drivers for "SM Bus Controller". Turns out that Dell's driver installation utility is broken, so you must manually install the drivers. This will work on the e6410 as well as the e5510, e4310 & e6510.
- Go to support.dell.com
- Select your laptop model
- Select "Windows XP" as your operating system
- Expand the "Chipset" section
- Download "Intel - Driver" - "Chipset Software Installation Utility" (link)
- Run the file, it will expand files to C:\dell\drivers\R257446. (You might get lucky here and the driver will install, if not...continue with the steps below)
- Open the "Device Manager" on your computer (right-click "My Computer", select" Properties", "Hardware" tab, click "Device Manager")
- Right-click "SM Bus Controller" and click "Update Driver"
- Tell it not to contact Windows Update, then select "Install from a list of specific location"
- Select any of the .inf files from C:\dell\drivers\R257446\All
- Make your selection and the driver should install
- Go to support.dell.com
- Select your laptop model
- Select "Windows XP" as your operating system
- Expand the "Chipset" section
- Download "Intel - Driver" - "Chipset Software Installation Utility" (link)
- Run the file, it will expand files to C:\dell\drivers\R257446. (You might get lucky here and the driver will install, if not...continue with the steps below)
- Open the "Device Manager" on your computer (right-click "My Computer", select" Properties", "Hardware" tab, click "Device Manager")
- Right-click "SM Bus Controller" and click "Update Driver"
- Tell it not to contact Windows Update, then select "Install from a list of specific location"
- Select any of the .inf files from C:\dell\drivers\R257446\All
- Make your selection and the driver should install
Wednesday, June 24, 2009
Scalix Blackberry Enterprise Server Beta
Scalix is on a roll lately! Have just released Scalix 11.4.4 & ActiveSync 1.0, today they announced a beta of Scalix Connect for Blackberry Enterprise Server (BES). Much like Zarafa & Zimbra's BES integration, you can use the Microsoft Exchange version of BES and the BES server won't realize it isn't talking to Exchange. While this makes setuping up BES a little more tricky, it allows a Scalix/BES setup to provide the same level of functionality as Exchange.
http://www.scalix.com/about/news/pressrelease69.php
"Scalix Connect for Blackberry Enterprise Server provides push email, wireless contact, calendar and task synchronization, meeting scheduling, and remote address book/Global Address List lookup. Scalix now offers a full suite of mobility solutions for its Small Business, Enterprise, and Hosting editions: Scalix ActiveSync, Scalix Connect for Blackberry (beta), and Scalix Mobile Web Client. Together they enable Scalix users to communicate via all popular mobile devices without the need for client side installs."
Forum announcement from Florian (Program Management Director)
"It's almost fully functional as well, email, calendar, contacts, tasks - all are there. The missing bits are support for RIM's latest BES version, V5, so you'll have to stick with V4.1 for the time being, and if you run multiple Scalix servers, you'll have to have a separate BES for each of them. Both restrictions will be lifted in the final 1.0 release, this is currently planned for mid/late Q3, and I think we're on track for that."
Scalix Connect for BES Beta 1 Release Notes
http://www.scalix.com/about/news/pressrelease69.php
"Scalix Connect for Blackberry Enterprise Server provides push email, wireless contact, calendar and task synchronization, meeting scheduling, and remote address book/Global Address List lookup. Scalix now offers a full suite of mobility solutions for its Small Business, Enterprise, and Hosting editions: Scalix ActiveSync, Scalix Connect for Blackberry (beta), and Scalix Mobile Web Client. Together they enable Scalix users to communicate via all popular mobile devices without the need for client side installs."
Forum announcement from Florian (Program Management Director)
"It's almost fully functional as well, email, calendar, contacts, tasks - all are there. The missing bits are support for RIM's latest BES version, V5, so you'll have to stick with V4.1 for the time being, and if you run multiple Scalix servers, you'll have to have a separate BES for each of them. Both restrictions will be lifted in the final 1.0 release, this is currently planned for mid/late Q3, and I think we're on track for that."
Scalix Connect for BES Beta 1 Release Notes
Tuesday, June 16, 2009
I'm famous!
http://www.scalix.com/about/news/pressrelease68.php
“Of all the solutions we tested, only Scalix met all our needs,” said Scalix ActiveSync beta tester Bill Baird, Director of Technology at Phoenix Marketing International. “We looked for an email/calendaring solution that would run on Linux, embrace open standards, have an active online community and offer the following features: Outlook integration including stable offline cache, rich webmail, public folders with mail delivery, and mobile device support. The only missing piece was built-in ActiveSync support – our Windows Mobile and Symbian users had to use IMAP and manually check for new email or set a scheduled sync. I quickly found during the Scalix ActiveSync beta tests how great it is to have push email for these devices!”
“Of all the solutions we tested, only Scalix met all our needs,” said Scalix ActiveSync beta tester Bill Baird, Director of Technology at Phoenix Marketing International. “We looked for an email/calendaring solution that would run on Linux, embrace open standards, have an active online community and offer the following features: Outlook integration including stable offline cache, rich webmail, public folders with mail delivery, and mobile device support. The only missing piece was built-in ActiveSync support – our Windows Mobile and Symbian users had to use IMAP and manually check for new email or set a scheduled sync. I quickly found during the Scalix ActiveSync beta tests how great it is to have push email for these devices!”
Friday, June 12, 2009
Scalix 11.4.4 & Scalix Activesync Released
From early testing, it appears that they have done some optimizations with the Outlook Connector Smartcache (Bug 19785). From the time I click the Outlook icon until my mailbox is synchronized, it was an average of 20 seconds faster than with 11.4.3. (3 tests with each version, averages: 11.4.3: 52 seconds, 11.4.4: 31 seconds)
Windows Desktop Search is not supported for Outlook and appears to work well. (still no Google Desktop support in sight)
The release also marks the release of Scalix Activesync. I'm still waiting to hear back from my sales rep about a new license key, but once I'm up and running I will post about my experience.
11.4.4 Release Notes
Windows Desktop Search is not supported for Outlook and appears to work well. (still no Google Desktop support in sight)
The release also marks the release of Scalix Activesync. I'm still waiting to hear back from my sales rep about a new license key, but once I'm up and running I will post about my experience.
11.4.4 Release Notes
Wednesday, May 13, 2009
Scalix/Xandros websites down...new release today?
Haven't been able to reach scalix.com, xandros.com or the scalix forums of the past half hour...could this be like how the Apple Store is offline during new product annoucements? Come on 11.4.4 & Activesync, I need you in my life!!
Update: Sites are back up, no new release :-(
Update2: Release Candidate is ready, just waiting for QA to sign off - link
Update: Sites are back up, no new release :-(
Update2: Release Candidate is ready, just waiting for QA to sign off - link
Tuesday, May 12, 2009
RHEL 5.4 to get XFS?
It appears so! I have been wary of using anything other than the stock kernel, so this is great news for those of use looking to move away from ext3.
http://dag.wieers.com/blog/red-hat-backported-io-accounting-to-rhel5
http://dag.wieers.com/blog/red-hat-backported-io-accounting-to-rhel5
Thursday, February 5, 2009
Tuesday, January 20, 2009
Increasing performance for OpenVPN on WinXP
We use OpenVPN for all of our remote clients. While our pings times have been normal, I just noticed that our throughput was suffering on a lot of system (300-400KB/sec on a 10MB link). After much troubleshooting and searching, I came across this page. After adjusting the TcpWindowSize, Tcp1323Opts & SackOpts on WinXP clients...I was able to boost my performance to an acceptable level. During testing, I was able to max out around 1.5MB/sec. If you save the following text to a file, give it a .reg extension, run it & reboot. You may see similar improvements...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"Tcp1323Opts"=dword:00000001
"TcpWindowSize"=dword:0003ebc0
"SackOpts"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"Tcp1323Opts"=dword:00000001
"TcpWindowSize"=dword:0003ebc0
"SackOpts"=dword:00000001
Subscribe to:
Posts (Atom)