tag:blogger.com,1999:blog-63379695955988080802024-03-13T07:27:36.264+05:30Sarves's Huta COOL hutSarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.comBlogger97125tag:blogger.com,1999:blog-6337969595598808080.post-14647486829044870972012-12-02T13:56:00.001+05:302012-12-02T13:56:57.799+05:30Moodle Email issue and Time syn issueRecently I came a cross following issues in one of Moodle instance :
- Forget password was not working
- Forum posts are not going to learners emails
- Though I open a Quiz at a particular time, it was not working as expected. For example, if I set a Quiz to be open at 14:00, it was not opening at 14:00.
I could solve the first two problems in following way :
1. A email out going server need to be set. You can set through : Site Administration->Plugin->Message outs->Email. If you are running a mail instance in your Moodle server, then you do not need to set this. Otherwise, set SMTP host- Here you need to enter the out going email server.
2. Setup a cron (this is what I missed). Emails in Moodle have to triggered. Otherwise it would not work. Therefore you need to set up cron. You can find a detail description over here : http://docs.moodle.org/23/en/Cron
For the second problem, go to Site administration->Location->Location setting. In my case, moodle instance was not getting the timezone setting from Linux OS. Therefore, here I had to manually set the timezone.
Good luckபாவிhttp://www.blogger.com/profile/03287787871544889990noreply@blogger.com1tag:blogger.com,1999:blog-6337969595598808080.post-64037393903412466052012-06-04T23:18:00.000+05:302012-06-04T23:18:01.791+05:30Web HostingI was trying get a hosting plan from a very famous hosting provider. I am trying to sign-up, but my go was not successful. And I was asked to communicate with a live chat. Then livechat guy got all the details from me, including the credit card, and registered the hosting plan. I was not very sure whether I can share my card information over chat. However since the chat was protected by http://www.thawte.com/ I just proceeded. It got the impression that its a preplanned setup. I think hosting provider does not have a proper system. Will check the credit card statement tomorrow!..
have anyone come a cross similar issue?பாவிhttp://www.blogger.com/profile/03287787871544889990noreply@blogger.com2tag:blogger.com,1999:blog-6337969595598808080.post-70659250866959598252011-08-25T10:47:00.002+05:302011-08-25T10:51:11.927+05:30Upgrade Fedora 10 packagesRecently I got to upgrade some packages of the my server which runs on Fedora 10. However I also got to know that Fedora 10 repo are not more maintained. Therefore I searched for some other repo and found a repo called remi. Using which I could upgrade my packages. Here are the steps that I followed :
<br />
<br />rpm -Uvh http://rpms.famillecollet.com/remi-release-10.rpm
<br />then I could update the php packages by executing following command :
<br />yum --enablerepo=remi install php-pear php-pdo php-mysql php-pecl-memcache php-gd php-mbstring php-mcrypt php-xml
<br />
<br />Rererence : http://www.if-not-true-then-false.com/2010/install-apache-php-on-fedora-centos-red-hat-rhel/Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com2tag:blogger.com,1999:blog-6337969595598808080.post-41769958427083703032011-08-08T11:57:00.001+05:302011-08-08T11:58:51.261+05:30Control spamming through Horde webmailThere are ways that you can use to control spamming through Horde web mails :
<br />Few of the configurations are as follow :
<br />
<br />You need Horde 3.2/IMP 4.2 or later!
<br />
<br />1. Turn on $conf['user']['verify_from_addr'] in Horde 3.2. This will
<br />prevent a user from changing their from address without an email
<br />confirmation - not a hard road block to a throwaway hotmail address,
<br />but another hoop to jump through. Also useful for policing your legit
<br />but perhaps less-than-technical users.
<br />
<br />2. Turn on the sentmail logs in IMP 4.2. The driver and the amount of
<br />time logs are kept are configured under "Other Settings" in IMP's
<br />config (or $conf['sentmail']). Once you turn on the driver, there are
<br />two permissions you can set through the Horde permissions API:
<br />
<br /> 'imp:max_recipients' => "Maximum Number of Recipients per Message"
<br /> 'imp:max_timelimit' => "Maximum Number of Recipients per Time Period"
<br />
<br />The first one is a hard limit on the number of recipients for a single
<br />message. The second one is limit on the number of messages that can be
<br />sent in the time period configured in $conf['sentmail']. This is for
<br />preventing someone from sending to exactly the max # of recipients
<br />over and over again.
<br />
<br />
<br />
<br />-------------
<br />How to do this :
<br />
<br />1:
<br />do it in the horde config file
<br />
<br />2 :
<br />Administration -> Permissions -> then add sub permissions to IMP
<br />
<br />
<br />Reference : http://lists.horde.org/archives/horde/Week-of-Mon-20080428/035200.htmlSarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com0tag:blogger.com,1999:blog-6337969595598808080.post-11449043421250674532011-06-30T14:46:00.003+05:302011-06-30T15:04:12.434+05:30Generate a SSL certificate request for MultidomainsRecently I had a need to have a SSL certificate which should be used in multiple domains. When I search on that I found that it can be done using Unified Communications Certificates (UUC) :<br /><br />This is how I generated a multidomain certificate request :<br /><br />1. Open openssl.cnf<br />2. Make sure following line are there in that file :<br /><br />[req]<br />req_extensions = v3_req<br /><br />[v3_req]<br />subjectAltName = @alt_names<br /><br />[alt_names]<br />DNS.1 = example.com<br />DNS.2 = hello.example.com<br />DNS.3 = testing.com<br /><br /><br />You should add your domains as given in under [alt_names]<br /><br />3. Create a private key<br /><br />4. generate your certificate requests by providing required information<br /><br />Thats all! you are done!!!<br /><br />Reference : http://playnice.ly/blog/2011/01/03/multi-domain-ucc-ssl-certificates-on-nginx-with-1-ip-address/<br /><br /><br /><br />You can make sure by <br />openssl req -text -noout -in ssl.csr<br /><br />Under the alternative section you can find your all the domains listed.Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com3tag:blogger.com,1999:blog-6337969595598808080.post-24663072585802804382011-06-08T12:08:00.005+05:302011-06-08T15:36:08.944+05:30Want to visit IPv6 Only sites?Internet Society announced IPv6 day on 8th June - http://www.worldipv6day.org/<br />As given in that website many gaints including Google, Yahoo, Facebook all are taking part in this IPv6 day.<br /><br />In Sri Lanka also there are two IPv6 events (AFAIK) are happening. <br />1. www.isoc.lk<br />2.www.ipv6day.lk<br /><br />What is the actual status in Sri Lanka?...<br /><br />AFAIK,<br /><br />None of the ISPs are providing IPv6 address for their end users. Still the ISPs are setting up their core and the servers with IPv6. www.isoc.lk shows some stats about present IPv6 allocations and their IPv6 web sites. Therefore the Internet Infrastructure in Sri Lanka (Except few Universities) is not ready for IPv6 (AFAIK)<br /><br />.LK is already IPv6 ready. It has been assigning IPv6 address (AAAA records) to domain names.<br /><br /><br /><span style="font-weight:bold;">How we can see the IPv6 only websites? like ipv6.google.com</span><br /><br />There are several ways you can see the IPv6 only sites...<br /><br /><span style="font-weight:bold;">In Windows OS (7, Vista, XP with SP)</span><br /><br />If you have a public IPv4 address, then when connect to Internet you will automatically get an IPv6 address via Microsoft's terado tunneling. Therefore you should be able to access IPv6 only sites without any issues. For example, if you connect via ADSL, then since you normally get a public IP, you can visit IPv6 only sites<br /><br /><span style="font-weight:bold;">In Linux</span><br /><br />Since you do not have any tunnel which is automatically implemented you should establish a tunnel your self. Then you will get an IPv6 address. Thereafter you can visit IPv6 only sites. However you should have a publically reachable IPv4 address inorder to make the tunneling. I read that Teredo tunneling works even over NAT, I could not find a free Teredo tunneling broker.<br /> - There are several tunnel brokers out there who provide free IP6to4 tunneling. I have tried with Hurricane (http://goodsarves.blogspot.com/2011/06/ipv6-over-ipv4-tunneling-ipv6to4.html) on Linux. It was working fine.<br /><br />***If you are accessing Internet using broadband modem like HSPA you can not access the IPv6 sites. Because normally you get a NATed private IP address. Therefore you can not make tunnels.<br /><br />***That is why even Google and Facebook have assigned both A and AAAA records for www.google.com and www.facebook.com. If they assigned only IPv6 address only 1 Million users of facebook can access out of 500 million users.Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com0tag:blogger.com,1999:blog-6337969595598808080.post-40348703246584164162011-06-02T16:36:00.002+05:302011-06-02T16:43:09.577+05:30IPv6 over IPv4 tunneling - IPv6to4All were talking about IPv6 day and all the gaints were participating in IPv6 Day. Therefore I also want to feel the IPv6. <br /><br />I created a tunnel with Hurricane and got an IPv6 address. However inorder to get this working we need to establish a tunnel to one of the Hurricane's Server. <br />My OS is Fedora 10 and I did following steps to enable IPv6 and IPv6to4 Tunnelling in my PC.<br /><br />(If you also want to do, just execute following 4 lines in your Terminal as super user.<br /><br />echo "NETWORKING_IPV6=yes" >> /etc/sysconfig/network<br />echo "IPV6_DEFAULTDEV=tun6to4">> /etc/sysconfig/network<br />echo "IPV6INIT=yes" >> /etc/sysconfig/network-scripts/ifcfg-eth0<br />echo "IPV6TO4INIT=yes">> /etc/sysconfig/network-scripts/ifcfg-eth0<br /><br />In addition to that I created following script :<br /><br />/etc/sysconfig/network-scripts/ifcfg-sit1<br /><br />and added following content,<br /><br />OOTPROTO="none"<br />DEVICE="sit1"<br />IPV6INIT=yes<br />IPV6TUNNELIPV4=xx.xx.xx.xx<br />IPV6TUNNELIPV4LOCAL=yy.yy.yy.yy<br />IPV6ADDR="2001:xxx:x:xxx::x/64"<br />ONBOOT=yes<br /><br />After this the tunnel was established and everything was working fine.<br /><br />References :<br />http://fedoraproject.org/wiki/IPv6Guide<br />http://unix.stackexchange.com/questions/7720/how-do-i-set-up-an-ipv6-tunnel-in-fedoraSarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com2tag:blogger.com,1999:blog-6337969595598808080.post-64944884938145036022011-05-25T18:22:00.002+05:302011-05-25T18:25:12.747+05:30Enable Tamil and Sinhala input methodsHere how I enabled Tamil (Renganathan IM) and Sinhala (Wijesekara) on Ubuntu 11.<br /><br />Step 1 : As a root, do :<br /><br />apt-get install ibus im-switch ibus-m17n m17n-db m17n-contrib ttf-tamil-fonts language-pack-ta-base ttf-sinhala-lklug language-pack-si-base<br /><br /><br />Step 2 : Just run from your user account (Not as root) :<br />rm -f ~/.xinput.d/* ; im-switch -z all_ALL -s ibus<br /><br />Thereafter restart the session (Just logoff and login)<br /><br />Thereafter do "ibus-setup" and configure your prefered input setup. In addition to that you can configure where it should appear in your screen.<br /><br />Enjoy!<br /><br />Reference : http://sinhala.sourceforge.net/Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com0tag:blogger.com,1999:blog-6337969595598808080.post-83899670252698335342011-05-02T16:38:00.003+05:302011-05-02T17:18:01.536+05:30Postfix with MySQL BackendHere I am trying to describe how I configured Postfix with MySQL backend. Here I have given only the important parameter, however you can find tune this in various ways.<br /><br />1.<br /><br />Configure your Postfix with MySQL support.<br /><br />I used following command - make -f Makefile.init makefiles 'CCARGS=-DHAS_MYSQL -I/usr/include/mysql' 'AUXLIBS=-L/usr/lib/mysql -lmysqlclient -lz -lm'<br /><br />Before do this, please make sure that you have installed all the MySQL components, including mysql-devel.<br /><br />2. <br /><br />Then do the make<br /><br />3. <br /><br />DO the make install. At the end of this phase you will be prompt with many questions, answer them appropriate. <br /><br />4.<br /><br />Then start configure your Postfix, normally you can find the configuration in main.cf<br /><br />The important settings (though there are several settings) you need to add are :<br /><br />data_directory = /var/lib/postfix<br />mail_owner = postfix<br /> - make sure that you have created the user postfix<br />myhostname = mail.yy.xx.lk<br />mydomain = XX,cc.lk<br />myorigin = $mydomain<br />inet_interfaces = all<br />mydestination = $myhostname, localhost.$mydomain, localhost<br />relayhost = 192.NN.N.N<br />home_mailbox = Maildir/<br /> - This is important, and this is where you say that you want to use MailDir, not Mailbox<br />virtual_gid_maps = static:506<br />virtual_mailbox_base = /var/mail/vhosts<br />virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf<br />virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf<br />virtual_minimum_uid = 100<br />virtual_transport = virtual<br />virtual_uid_maps = static:504<br /> - You must create another user, may be vmail, who should have permission to write mails to maildir. After adding those user, you need to specify the uid and gid of that user here in uid_maps and gid_maps. Also make sure that you have given sufficient permission to the mailbox_base to the user that you have created.<br /><br />After doing all these settings in the main.cf file, you need to create another two files that you have given in "virtual_mailbox_domains" and "virtual_mailbox_maps".<br /><br />In my case etc/postfix/mysql_virtual_domains_maps.cf contains following parameters :<br /><br />hosts = localhost<br />dbname = maildb<br />user = mailuser<br />password = xxxxxxx<br />table = mail_domains<br />select_field = mail_domain<br />where_field = mail_domain <br /><br />This tells postfix that what are the domains should be handled by the postfix it self and what are should be routed to other MTAs.<br /><br /><br />/etc/postfix/mysql_virtual_mailbox_maps.cf contains :<br />hosts = localhost<br />dbname = maildb<br />user = mailuser<br />password = XXXX<br />table = mail_accounts<br />select_field = maildir<br />where_field = mail_user<br /><br />This is used to select the MailDir name for the respective email account. For example if someone sends a mail to sarves@xyz.com, this will find and tells that where that message should go in the virtual_mailbox_base.<br /><br />Hope this will work for you all as well.<br /><br />Good luck<br /><br />Reference : <br />http://hostingsoftware.net/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=56<br />http://www.postfix.org/INSTALL.htmlSarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com0tag:blogger.com,1999:blog-6337969595598808080.post-25696047870935560102011-03-24T19:09:00.002+05:302011-03-24T19:12:18.057+05:30Moodle - Set default enrolable to noWhen you create a course on Moodle, the course enrolable is always set to yes by default. Sometime this is problematic for you.<br />This is how you set course enrolable to no by default!<br /><br />Open moodle/course/edit_form.php and find the line:<br /><br /> $mform->setDefault('enrollable', 1);<br /><br />And change it to:<br /><br /> $mform->setDefault('enrollable', 0);Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com0tag:blogger.com,1999:blog-6337969595598808080.post-78517973018087523662011-03-15T16:18:00.001+05:302011-03-15T16:21:00.006+05:30Creating Certificate Authorities and self-signed SSL certificatesFollowing is a step-by-step guide to creating your own CA (Certificate Authority) -- and also self-signed SSL server certificates -- with openssl on Linux. Self-signing is the simpler route to take, but making one's own CA allows the signing of multiple server certificates using the same CA and involves only a few extra steps.<br /><br />After using openssl to generate the necessary files, you'll need to integrate them into Apache. This process differs between Linux distros and versions of Apache. Additional references exist at the end of this document. My instructions for Setting up SSL: Ubuntu and Apache 2 are kept most current, and will carry you through to completion.<br /><br />Making a homemade CA or self-signed certificate will cause the client web browser to prompt with a message whether to trust the certificate signing authority (yourself) permanently (store it in the browser), temporarily for that session, or to reject it. The message "web site certified by an unknown authority... accept?" may be a business liability for general public usage, although it's simple enough for the client to accept the certificate permanently.<br /><br />Whichever route you take, you'll save the periodic expense of paying a recognized signing authority. This is purely for name recognition -- they've paid the major browser producers to have their CA pre-loaded into them. So if you're on a budget, have a special need or small audience, this may be useful.<br /><br />Before you start<br />You need Apache and openssl. Compiling them from source, handling dependencies, etc. is beyond the scope of this document. You can consult their documentation, or go with a mainstream Linux distro that will do the preliminary work for you.<br /><br />Now you need to decide whether you'll make a CA (Certificate Authority) and sign a server certificate with it -- or just self-sign a server certificate. Both procedures are detailed below.<br />(1A) Create a self-signed certificate.<br /><br />Complete this section if you do NOT want to make a CA (Certificate Authority). If you want to make a CA, skip 1A entirely and go to 1B instead.<br /><br />Some steps in this document require priviledged access, and you'll want to limit access to the cert files to all but the root user. So you should su to root and create a working directory that only root has read/write access to (for example: mkdir certwork, chmod 600 certwork). Go to that directory.<br /><br />Generate a server key:<br /><br />openssl genrsa -des3 -out server.key 4096<br /><br />Then create a certificate signing request with it. This command will prompt for a series of things (country, state or province, etc.). Make sure that "Common Name (eg, YOUR name)" matches the registered fully qualified domain name of your box (or your IP address if you don't have one). I also suggest not making a challenge password at this point, since it'll just mean more typing for you.<br /><br />The default values for the questions ([AU], Internet Widgits Pty Ltd, etc.) are stored here: /etc/ssl/openssl.cnf. So if you've got a large number of certificate signing requests to process you probably want to carefully edit that file where appropriate. Otherwise, just execute the command below and type what needs to be typed:<br /><br />openssl req -new -key server.key -out server.csr<br /><br />Now sign the certificate signing request. This example lasts 365 days:<br /><br />openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt<br /><br />Make a version of the server.key which doesn't need a password:<br /><br />openssl rsa -in server.key -out server.key.insecure<br />mv server.key server.key.secure<br />mv server.key.insecure server.key<br /><br />These files are quite sensitive and should be guarded for permissions very carefully. Chown them to root, if you're not already sudo'd to root. I've found that you can chmod 000 them. That is, root will always retain effective 600 (read) rights on everything.<br /><br />Now that you've just completed Step 1A, skip ahead to Step 2.<br /><br />(1B) Generate your own CA (Certificate Authority).<br /><br />Complete this section if you want to make a CA (Certificate Authority) and sign a server certificate with it. The steps for making a server certificate are also included here. If you'd rather one-time self-sign a server certificate, skip this step entirely and go to 1A instead.<br /><br />Some steps in this document require priviledged access, and you'll want to limit access to the cert files to all but the root user. So you should su to root and create a working directory that only root has read/write access to (for example: mkdir certwork, chmod 600 certwork). Go to that directory.<br /><br />In this step you'll take the place of VeriSign, Thawte, etc. You'll first build the CA key, then build the certificate itself.<br /><br />The Common Name (CN) of the CA and the Server certificates must NOT match or else a naming collision will occur and you'll get errors later on. In this step, you'll provide the CA entries. In a step below, you'll provide the Server entries. In this example, I just added "CA" to the CA's CN field, to distinguish it from the Server's CN field. Use whatever schema you want, just make sure the CA and Server entries are not identical.<br /><br />CA:<br />Common Name (CN): www.somesite.edu CA<br />Organization (O): Somesite<br />Organizational Unit (OU): Development<br /><br />Server:<br />Common Name (CN): www.somesite.edu<br />Organization (O): Somesite<br />Organizational Unit (OU): Development<br /><br />If you don't have a fully qualified domain name, you should use the IP that you'll be using to access your SSL site for Common Name (CN). But, again, make sure that something differentiates the entry of the CA's CN from the Server's CN.<br /><br />openssl genrsa -des3 -out ca.key 4096<br />openssl req -new -x509 -days 365 -key ca.key -out ca.crt<br /><br />Generate a server key and request for signing (csr).<br /><br />This step creates a server key, and a request that you want it signed (the .csr file) by a Certificate Authority (the one you just created in Step #1B above.)<br /><br />Think carefully when inputting a Common Name (CN) as you generate the .csr file below. This should match the DNS name, or the IP address you specify in your Apache configuration. If they don't match, client browsers will get a "domain mismatch" message when going to your https web server. If you're doing this for home use, and you don't have a static IP or DNS name, you might not even want worry about the message (but you sure will need to worry if this is a production/public server). For example, you could match it to an internal and static IP you use behind your router, so that you'll never get the "domain mismatch" message if you're accessing the computer on your home LAN, but will always get that message when accessing it elsewhere. Your call -- is your IP stable, do you want to repeat these steps every time your IP changes, do you have a DNS name, do you mainly use it inside your home or LAN, or outside?<br /><br />openssl genrsa -des3 -out server.key 4096<br />openssl req -new -key server.key -out server.csr<br /><br />Sign the certificate signing request (csr) with the self-created Certificate Authority (CA) that you made earlier.<br /><br />Note that 365 days is used here. After a year you'll need to do this again.<br /><br />Note also that I set the serial number of the signed server certificate to "01". Each time you do this, especially if you do this before a previously-signed certificate expires, you'll need to change the serial key to something else -- otherwise everyone who's visited your site with a cached version of your certificate will get a browser warning message to the effect that your certificate signing authority has screwed up -- they've signed a new key/request, but kept the old serial number. There are a couple ways to rectify that. crl's (certificate revocation list) is one method, but beyond the scope of the document. Another method is for all clients which have stored the CA certificate to go into their settings and delete the old one manually. But for the purposes of this document, we'll just avoid the problem. (If you're a sysadmin of a production system and your server.key is compromised, you'll certainly need to worry.)<br /><br />The command below does a number of things. It takes your signing request (csr) and makes a one-year valid signed server certificate (crt) out of it. In doing so, we need to tell it which Certificate Authority (CA) to use, which CA key to use, and which Server key to sign. We set the serial number to 01, and output the signed key in the file named server.crt. If you do this again after people have visited your site and trusted your CA (storing it in their browser), you might want to use 02 for the next serial number, and so on. You might create some scheme to make the serial number more "official" in appearance or makeup but keep in mind that it is fully exposed to the public in their web browsers, so it offers no additional security in itself.<br /><br />openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt<br /><br />To examine the components if you're curious:<br /><br />openssl rsa -noout -text -in server.key<br />openssl req -noout -text -in server.csr<br />openssl rsa -noout -text -in ca.key<br />openssl x509 -noout -text -in ca.crt<br /><br />Make a server.key which doesn't cause Apache to prompt for a password.<br /><br />Here we create an insecure version of the server.key. The insecure one will be used for when Apache starts, and will not require a password with every restart of the web server. But keep in mind that while this means you don't have to type in a password when restarting Apache (or worse -- coding it somewhere in plaintext), it does mean that anyone obtaining this insecure key will be able to decrypt your transmissions. Guard it for permissions VERY carefully.<br /><br />openssl rsa -in server.key -out server.key.insecure<br />mv server.key server.key.secure<br />mv server.key.insecure server.key<br /><br />These files are quite sensitive and should be guarded for permissions very carefully. Chown them to root, if you're not already sudo'd to root. I've found that you can chmod 000 them. That is, root will always retain effective 600 (read) rights on everything.<br /><br />(2) Copy files into position and tweak Apache.<br /><br />Some professors like to pause for a moment after a long lecture, and do a little recap. It's a good pedagogical tool, so let's do so here. If you took route 1A above, you should have four files in a working directory:<br /><br />server.crt: The self-signed server certificate.<br />server.csr: Server certificate signing request.<br />server.key: The private server key, does not require a password when starting Apache.<br />server.key.secure: The private server key, it does require a password when starting Apache.<br /><br />If you took route 1B and created a CA, you'll have two additional files:<br /><br />ca.crt: The Certificate Authority's own certificate.<br />ca.key: The key which the CA uses to sign server signing requests.<br /><br />The CA files are important to keep if you want to sign additional server certificates and preserve the same CA. You can reuse these so long as they remain secure, and haven't expired.<br /><br />At a bare minimum, the following considerations must now be addressed:<br /><br /> * You'll need a virtual host and document root set up for the SSL instance.<br /> * You'll need to turn on the SSL engine and enable/load the SSL module.<br /> * Apache must reference server.crt and server.key somewhere in its configuration.<br /> * Apache must be listening to a port for which SSL is enabled (443 is default).<br /><br />The particulars differ between Linux distros and versions of Apache. I'm only able to keep the Setting up SSL: Ubuntu and Apache 2 documentation current due to time constraints. Those steps should apply broadly to Debian-based distros with little or no modification. Red Hat and openSUSE commentary is kept online here for historical purposes.<br /><br />Setting up SSL: Ubuntu and Apache 2<br />Setting up SSL: Red Hat and Apache 1.3.x<br />Setting up SSL: openSUSE<br /><br />Credit : http://www.tc.umn.edu/~brams006/selfsign.htmlSarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com5tag:blogger.com,1999:blog-6337969595598808080.post-83976760096138432162011-03-03T17:07:00.001+05:302011-03-03T17:11:27.984+05:30HowTo make two instance of postfix running on same machine<span style="font-weight:bold;">HowTo make two instance of postfix running on same machine</span><br />Posted by Nikesh Jauhari<br /><br />http://linuxpoison.blogspot.com/2008/02/howto-make-two-instance-of-postfix.html<br /><br /><br />What's involved?<br /><br />Creating a second instance of Postfix from an existing one involves the following steps:<br /><br />1. Add an IP address to the server<br />2. Copy the /etc/postfix directory and all files<br />3. Create an additional spool directory<br />4. Edit the config files<br />5. Create startup and administration scripts<br /><br />Step one: Add an IP address<br /><br />The second instance of Postfix will be used for all outbound e-mail. Users will configure their e-mail clients to connect to that IP as their "SMTP server".<br /><br />Follow the procedure appropriate to your server's version of Linux to add a second IP. The new IP can exist on the same network card as the first (eg. as device eth0:1 on Linux) or can be tied to a second NIC, whichever best suits your requirements.<br /><br />The new IP address must resolve to a name. Either add a name for it in your DNS, or add an entry in the server's /etc/hosts file. Postfix will not work unless the IP address resolves to a name on the server Postfix is installed on.<br /><br />As an alternative, the new instance can share the same IP but receive mail on a port other than port 25. We won't show that here, but it's an alternative to be aware of.<br /><br />Step two: copy /etc/postfix<br /><br />Copy your existing /etc/postfix directory to /etc/postfix-out:<br /><br />cp -rp /etc/postfix /etc/postfix-out<br /><br />The new directory should have all the files with the same ownership and permissions as the original.<br /><br />To make the next step easier, edit file /etc/postfix-out/main.cf. Change the following setting or add it if it does not exist:<br /><br />queue_directory = /var/spool/postfix-out<br /><br />Save the changes to the file before proceeding to the next step.<br /><br />Step three: create an additional spool directory<br /><br />Each instance of Postfix must have it's own mail spool directory. To avoid file conflicts, the default directory /var/spool/postfix must not be shared among instances.<br /><br />Create a directory named /var/spool/postfix-out and let Postfix create the appropriate subdirectories and permissions:<br /><br />mkdir /var/spool/postfix-out<br />postfix -c /etc/postfix-out check<br /><br />The result should be directory /var/spool/postfix-out containing something similar to the following:<br /><br />drwxr-xr-x 14 root root 336 Jan 30 10:20 .<br />drwxr-xr-x 15 root root 384 Jan 30 10:20 ..<br />drwx------ 2 postfix root 48 Jan 30 10:20 active<br />drwx------ 2 postfix root 48 Jan 30 10:20 bounce<br />drwx------ 2 postfix root 48 Jan 30 10:20 corrupt<br />drwx------ 2 postfix root 48 Jan 30 10:20 defer<br />drwx------ 2 postfix root 48 Jan 30 10:20 deferred<br />drwx------ 2 postfix root 48 Jan 30 10:20 flush<br />drwx------ 2 postfix root 48 Jan 30 10:20 incoming<br />drwx-wx--- 2 postfix postdrop 48 Jan 30 10:20 maildrop<br />drwxr-xr-x 2 root root 48 Jan 30 10:20 pid<br />drwx------ 2 postfix root 48 Jan 30 10:20 private<br />drwx--x--- 2 postfix postdrop 48 Jan 30 10:20 public<br />drwx------ 2 postfix root 48 Jan 30 10:20 saved<br /><br />If directory /var/spool/postfix contains directories named etc, usr and lib, your first Postfix instance was probably installed chrooted: if those directories exist, manually copy them to /var/spool/postfix-out:<br /><br />cp -rp /var/spool/postfix/etc /var/spool/postfix-out<br />cp -rp /var/spool/postfix/usr /var/spool/postfix-out<br />cp -rp /var/spool/postfix/lib /var/spool/postfix-out<br /><br />Step four: edit the config files<br /><br />Edit the file /etc/postfix/main.cf and add the following near the bottom of the file:<br /><br />alternate_config_directories = /etc/postfix-out<br /><br />The above setting is required to inform the Postfix daemons about the second instance.<br /><br />Next, edit the file /etc/postfix-out/main.cf and change the following setting:<br /><br />inet_interfaces = second-IP-address-NAME<br /><br />Note: in the above you must specify the DNS name of the second IP address, not the IP address. If the IP address does not have a DNS name, add an entry for it to /etc/hosts so it can be resolved locally on the server.<br /><br />You should also remove settings such as reject_maps_rbl and content filtering that only need to be applied to inbound e-mail, and change syslog_facility so logging of outbound mail sent to a different file than inbound.<br /><br />You might also want to change the setting myhostname so the second instance uses a name difference than the first (eg. "mx1-out"). This is required if the two instances will exchange mail with each other, otherwise Postfix will complain mail "loops back to myself".<br /><br />Lastly, you can force mail being sent from the outbound instance to send using the same IP address as the inbound instance. This is useful when the mail server is behind a firewall and you want only one IP address to communicate with the Internet. To send mail on a different IP, add the setting smtp_bind_address to main.cf similar to the following:<br /><br />smtp_bind_address = 192.168.1.1<br /><br />(Of course, replace the IP address above with your own server's inbound SMTP IP address)<br /><br />Step five: Create startup and administration scripts<br />Startup script<br />The second instance can be started using the normal postfix start command, except you must point to the other configuration directory. For example:<br /><br />postfix -c /etc/postfix-out start<br /><br />To create a startup script for the second instance, either edit your existing Postfix startup script and add the above command after the existing postfix start command, or copy the existing startup script to a new name and change the copy. If you copy the start script, be sure to also follow your operating system's instructions for installing a new init script (for example, chkconfig on Redhat Linux, update-rc.d on Debian Linux).Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com1tag:blogger.com,1999:blog-6337969595598808080.post-22088740440729181092011-02-16T13:30:00.002+05:302011-03-03T17:12:26.766+05:30Automatic Linux Server Backup using SSHExample is given to backup files from hostserver to remoteserver.<br /><br /><br />---------Logging from hostserver to remoteserver without giving passwords--------<br /><br />First you should create a user in both servers, in my case the username is backup_user.<br />I created them in both machine.<br /><br />Then in hostserver, I created SSH private and Public key pairs using ssh-keygen (as given below) so that backup can be automated without inputing passwords. I did this as backup_user<br /><br />#ssh-keygen -t rsa -b 1024<br />When you execute above command it will ask for several things, leave all them as default.<br />Then at one place it will ask for passphrase. At that point, without enter any password press enter key. (In other words, leave them blank)<br /><br />Then you may see two files, id_rsa and id_rsa.pub in /home/backup_user/.ssh/<br /><br />Now you should copy the pub key to the remote server. To do this, <br />execute following command :<br /><br />ssh-copy-id -i /home/backup_user/id_rsa.pub backup_user@remoteserver<br /><br />Now you should be able to login from hostserver to remoteserver without giving any password.<br /><br /><br /><br />--------Making backups from hostserver to remoteserver------------------------------<br /> <br /><br />**We need to create a script to make the nessary backups to backup_user's home directory with the date label.<br /> eg: Following script will create a folder with date label and server name (eg. 20101223-hostserver). <br /> Then it makes an archive of required folder in the newly created folder. (eg. in our case we get backup of mysql dir)<br /> <br /> #backup script .This is saved in /home/backup_user/bak_script<br /> mkdir /home/backup_user/`date +%Y%m%d`-hostserver <br /> tar cfz /home/backup_user/`date +%Y%m%d`-hostserver/something.tar.gz /var/lib/mysql/xxxxx<br /> chown backup_user:backup_user /home/backup_user/ * -R<br /><br />****Then we should run this script as a ROOT level cronjob<br /> Therefore first become as super user and execute following commands<br /> crontab -e<br /> and then add following<br /> <br /> 30 18 * * * /home/backup_user/bak_script<br />Above command says that bak_scipt has to be executed at 6.30 pm everyday.<br /><br /><br /><br />****Following script is to copy the files to remoteserver<br /> <br /> #script to archieve and then copy that to remoteserver. This is saved in /home/backup_user/copy_script<br /><br /> tar cfz /home/backup_user/`date +%Y%m%d`-hostserver.tar.gz /home/backup_user/`date +%Y%m%d`-hostserver<br /> scp `date +%Y%m%d`-hostserver.tar.gz backup_user@192.248.8.17:/home/backup_user/backups<br /><br /> Then we should add a backup_user level cron to the above scipt and run that with some time after the above script<br /> (USER level cron job)<br /> crontab -e<br /> <br /> and add folling things<br /> <br /> 30 19 * * * /home/backup_user/copy_script <br /><br />According to this, all the files that we specified first backedup to hostserver it self at 18.30.<br />Then it will be transfered to remoteserver at 19.30. It is recommended to give sufficient time between copying files to server it self and copying to remoteserver.<br /><br />Good luckSarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com1tag:blogger.com,1999:blog-6337969595598808080.post-88581550788736715232011-01-04T19:09:00.003+05:302011-01-04T19:49:40.161+05:30email server migration - Sendmail - Postfix - LDAPI am given with a task to migrate emails from a sendmail server to postfix server. The was a complex task, because of following reason.<br />- There were many virtual domains<br />- The sendmail was using mailbox and postfix was using maildir<br />- The sendmail authentications was on passd files and the postfix's user profile was on LDAP<br />- The users who are migrated to postfix will get a emails with new domain which was there in postfix and users should be able to use both emails using single account.<br /><br />I learnt a lot by doing this. I will share that here.<br /><br /><span style="font-weight:bold;">Migrating virtual domain accounts</span><br />Sendmail had several virtual domains <br />eg. xxx.ttt.lk, nnn.mmm.lk etc. All these were created under /etc/vmail/alias.xxx.yyy.lk, alias.nnn.mmm.lk etc. In /etc/vmail the respecting passwd and shadow files also were there.<br /><br />There I extracted all the users information and made a ldif file so that I can create users on LDAP server. To do that I developed a PHP scipt which reads the information from an excel file and output a ldif file.<br /><br />When I do this, I add all the mail accounts are mail alias in LDAP.<br /><br />Another issue I found when I do this was, some password on the old sendmail system was in Unix crypt format. However in the new postfix server it was decided to use the md5crypt. Since the Unix crypt use fixed salting, I used a default md5crypted password for existing Unix Crypted password.<br /><br />Using the generated ldif file, I created the accounts on LDAP server<br /><br /><br />Then another issue was how to have all the sendmail virtual domains in postfix. I found that in postfix configuration there is a pasrameter called virtual_domains where I listed all the virtual domains of sendmail so that the postfix will start allowing those domains.<br /><br />In addition to that I had to do the change in the DNS server as well so that here after all the xxx.yyy.lk and nnn.mmm.lk will be sent to new postfix server.<br /><br /><br /><span style="font-weight:bold;">Moving mailbox to maildir</span><br /><br />Other issues was moving existing mailbox of users in sendmail to maildirs in postfix.<br />To do this, I used a tool called mb2md (http://batleth.sapienti-sat.org/projects/mb2md/)<br />This tool has several options.<br />However to use this tool, your system also should have date::parse perl<br /><br />I installed this using following way :<br /><br />perl -MCPAN -e 'SHELL'<br />Install Date::parse<br /><br />After installing this I added executable access to downloaded mb2md perl script.<br /><br />Thereafter I ran the script as follows :<br /><br />./mb2md -s /var/spool/mail/user1 -d /opt/maildirs/user1<br /><br />Then I also prepared the existing mailbox folders (which were located in /vhome/user1) as maildirs using following command :<br /><br />./mb2md -s /vhome/user1 -R -d /opt/maildirs/user1<br /><br />when I ran these command it was showing how many messages got extacted and how many folders have been created etc.<br /><br />After creating these maildirs I moved them to the respecting locations in the postfix server and provided the owenership to vmail (in my case it was vmail. This user should be defined in main.cf file.<br /><br /><br />Hope this will help<br /><br />Enjoy!Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com1tag:blogger.com,1999:blog-6337969595598808080.post-62951457327733272682010-08-13T14:35:00.001+05:302010-08-13T14:35:57.634+05:30Configure TSIG between DNS master and slaveGenerating SIG(0) Keys<br /><br />SIG(0) keys are generated with the following command:<br /><br />$ dnssec-keygen -a -b -n HOST<br /><br />is the desired algorithm of the key and can be any of the following values: RSAMD5, RSASHA1, DSA. We recommend that you use RSAMD5.<br /><br />is the desired size in bits of the key and the ranges are different depending on the algorithm:<br /><br />* RSAMD5: 512 to 4096 (recommended size 1024)<br />* RSASHA1: 512 to 4096 (recommended size 1024)<br />* DSA: 512 to 1024 (must be divisible by 64, recommended size 1024)<br /><br />is the name of the key. Since it must be published in the zone file, it should be a subname of the zone that it is being published in. It is recommended that the keyname be the fully qualified domain name of the host so that the update-policy self works correctly. (see Section 6.2.22.4 of the BIND ARM for more information on update-policy).<br /><br />The key will be stored in the file K++.private<br /><br />is an identity tag to be able to differentiate between different keys under the same name.<br /><br />There will also be a corresponding K++.key file that contains a DNS KEY resource record formatted for inclusion in the zone file.<br /><br />One possible problem that can be encountered with dnssec-keygen is that it might use up all the entropy in /dev/random before it is done generating the key. This will make dnssec-keygen appear to hang, when in fact it is simply waiting for more entropy. One solution to this is to use the -r parameter that allows you to specify another random device, such as /dev/urandom.<br />Configuring the DNS Server<br /><br />Configuring the server also depends on which type of key you choose.<br />TSIG Keys<br /><br />The /etc/named.conf file must be edited to configure the server for dynamic update.<br /><br />The first step is to configure the server to use the key. This is accomplished with the following lines in the /etc/named.conf file:<br /><br />key {<br />algorithm HMAC-MD5;<br />secret "";<br />};<br /><br />is the name of the key chosen when the key was generated (See the previous step, Generating TSIG keys).<br /><br />is the string after the Key: line in the generated key file (See the previous step, Generating TSIG keys).<br />SIG(0) Keys<br /><br />Only the zone file must be edited to configure the server for dynamic update with sig(0). No changes are needed in /etc/named.conf as the client's public, not private, key is in the zone file.<br /><br />The first step is to add the generated key, using the K++.key file, to the zone file. This generated key file contains a properly formatted resource record that can be simply copy-and-pasted into the zone file.<br /><br />If you are using DNSSEC signed zones, then the next step is to resign your zone.<br />Allowing Updates<br /><br />The final step is to configure the zone to allow updates using the key. The following statements should be added to the zone options block in /etc/named.conf. The simplest configuration is to add:<br /><br />update-policy {<br />grant name A TXT;<br />};<br /><br />e.g.<br /><br />zone "example.com" {<br />type master;<br />file "master/example.com";<br /><br />update-policy {<br />grant foo.example.com. name foo.example.com. A TXT;<br />};<br />};<br /><br />Complex example with a number of hosts allowed to update only their own A+TXT records and one master key allowed to update anything:<br /><br />update-policy {<br />grant host1.example.com. name host1.example.com. A TXT;<br />grant host2.example.com. name host2.example.com. A TXT;<br />grant host3.example.com. name host3.example.com. A TXT;<br />grant host4.example.com. name host4.example.com. A TXT;<br />grant bofh.example.com. subdomain example.com. ANY;<br />};<br /><br />Simple example where every key can update the A+TXT records of its matching hostname:<br /><br />update-policy {<br />grant * self * A TXT;<br />};<br /><br />Note: update-policy is described further in Section 6.2.22.4 of the BIND ARM.<br /><br />The allow-update statement can also be used, which allows the key to modify any data in the zone. Using more fine grained access control with update-policy is recommended.<br /><br />allow-update {<br />key ;<br />};<br /><br />is the name of the key chosen when the key was generated (See the previous step, Keys)<br /><br />http://www.ops.ietf.org/dns/dynupd/secure-ddns-howto.html <br /><br />http://www.ops.ietf.org/dns/dynupd/secure-ddns-howto.htmlSarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com2tag:blogger.com,1999:blog-6337969595598808080.post-22469326299929941872010-07-14T17:53:00.002+05:302010-07-14T18:01:38.806+05:30Reset mysql root password - in LAMP / XAMPPOnce I forgot the mysql root password of my laptop computer in which I have Fedora 10 and also XAMPP running in it.<br /><br />When I searched on Web there are soooo many solutions and none of them worked for me. However I could get un understanding about the issue....<br /><br />With that I worked out in following way to get rid of the issue :<br /><br />1. Stop mysqld<br />2. start /opt/lampp/sbin/mysqld --skip-grant-priviledges --user=nobody<br />3. open new terminal and type : mysql -u root<br />4. excute following commands in order :<br />shell> mysql<br />mysql> UPDATE mysql.user SET Password=PASSWORD('MyNewPass') WHERE User='root';<br />mysql> FLUSH PRIVILEGES;<br />mysql> exit<br /><br />Now its done.<br /><br />You may think that you can do use phpmyadmin after the step-2 to reset the root password. But it was not working for me though I have a phpmyadmin. So I worked our in mysql prompt.<br /><br />After this everything were working wellll... <br /><br />but I was not sure with one thing that I could not stop / restart mysql service as usual... <br />SO what I did is, I restarted the machine... SO simple ha!... but this is not possible in production servers.... <br /><br />Anyone of you know the solution for this?<br /><br />Enjoy!....Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com3tag:blogger.com,1999:blog-6337969595598808080.post-42867506116038646392010-06-30T00:10:00.004+05:302010-06-30T00:25:56.235+05:30Launch of .ලංකා and .இலங்கை domains28th of June 2010, the .ලංකා and .இலங்கை were formally opened for registration. Now any people who is having a .lk domain can request for .ලංකා and .இலங்கை domains for free.<br /><br />This launch was held at Mount Lavinia hotel and many people around the world have participated in it including an ICANN board member. <br /><br />This is an historic event. Because .lk domain was added to root servers on 15th June 1990. Till that date the Sri Lanka was identified the two words .lk. But from 28th June 2010 onwards the country can be indexed using .ලංකා and .இலங்கை.<br /><br />The another notable point is, these are the two domains which are going to be added to the root servers in the South Asian region and .இலங்கை is the first Tamil domain which is going to be added.<br /><br />Though the only people in Sri Lanka can access these Sinhala and Tamil domain now, from august onwards all the world should be able to type URL in Sinhala and Tamil and reach respective web sites.<br /><br />currently there are few IDNs assigned to government sites.<br />eg<br />http://தளம்.பாராளுமன்றம்.இலங்கை<br />http://වෙබ්.පාර්ලිමේන්තුව.ලංකා<br /><br />I am very happy that I also could take part in this developments and event.<br /><br />visit www.nic.lk to register and also visit www.idns.lk to get more information about this.Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com0tag:blogger.com,1999:blog-6337969595598808080.post-64209084214653653912010-06-29T21:50:00.005+05:302010-06-29T22:24:56.154+05:30Niue - A country - Population is 1000I had a chance to attend APTLD (Asia Pacific Top Level Domain) meeting which was held at Mount Lavinia hotel on 27 - 28 June, 2010. Many people from Asia pacific region who maintain Domain registries also came for that meeting. <br />I met a person called Stafford Guest. His native country is Nieu!<br /><br />Nieu! first time I hear that name. This is an island located near New Zealand. Though it got the Independence in 1974, still getting the symbotic support from New Zealand.<br /><br />The interesting things to note are :<br />- Population of the country is 1000!<br />- The total intetnet bandwidth the country has is 4mbps :-) I have more than that in my PC<br />- Only one hotel is there<br />- Only flights can reach there and also those operates once in a week. Therefore if you would like to attend a meeting some there else you may need to leave atlease 8 days before..... <br />- No Cinema...<br />- No big shopping malls....<br /><br />Cant Believe isnt it!<br /><br />I was really supprised when he tells all these!<br /><br />But you know it looks soooooo beautiful. Nice beaches (though it rough)... Full of cocunut treess (I saw some picture in Google images)<br /><br />Also found that Nieu means "Behold! Coconut"Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com2tag:blogger.com,1999:blog-6337969595598808080.post-54273501459988318592010-05-10T15:35:00.002+05:302010-05-10T15:39:55.210+05:30bdb_db_open: Warning - No DB_CONFIG file found in directory /var/lib/openldap-data: (2) Expect poor performance<span style="font-style:italic;">"bdb_db_open: Warning - No DB_CONFIG file found in directory /var/lib/openldap-data: (2) Expect poor performance for suffix XXXXXXXX"</span><br /><br /><br />When I work on openLDAP on Fedora 10 platform I got above error.<br /><br /><span style="font-weight:bold;">Solution :<br /></span><br />cp /usr/share/doc/openldap-servers-2.4.XX/DB_CONFIG.example /var/lib/ldap/DB_CONFIG<br />chown ldap:ldap /var/lib/ldap/DB_CONFIG<br />service ldap restart <br /><br />This was working for me. Hope it will for you too. Gd lk.<br /><br />To view the solutions for other platforms visit : http://readthefuckingmanual.net/error/1256/Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com1tag:blogger.com,1999:blog-6337969595598808080.post-18496185351992475942009-08-03T22:52:00.001+05:302009-08-03T22:52:03.882+05:30How Famous Companies were Named<meta http-equiv="Content-Type" content="text/html; charset=utf-8"><meta name="ProgId" content="Word.Document"><meta name="Generator" content="Microsoft Word 12"><meta name="Originator" content="Microsoft Word 12"><link style="color: rgb(0, 0, 0);" rel="File-List" href="file:///C:%5CDOCUME%7E1%5Csarves%5CLOCALS%7E1%5CTemp%5Cmsohtmlclip1%5C01%5Cclip_filelist.xml"><link style="color: rgb(0, 0, 0);" rel="Edit-Time-Data" href="file:///C:%5CDOCUME%7E1%5Csarves%5CLOCALS%7E1%5CTemp%5Cmsohtmlclip1%5C01%5Cclip_editdata.mso"><link style="color: rgb(0, 0, 0);" rel="themeData" href="file:///C:%5CDOCUME%7E1%5Csarves%5CLOCALS%7E1%5CTemp%5Cmsohtmlclip1%5C01%5Cclip_themedata.thmx"><link style="color: rgb(0, 0, 0);" rel="colorSchemeMapping" href="file:///C:%5CDOCUME%7E1%5Csarves%5CLOCALS%7E1%5CTemp%5Cmsohtmlclip1%5C01%5Cclip_colorschememapping.xml"><style> <!-- /* Font Definitions */ @font-face {font-family:Latha; panose-1:2 0 4 0 0 0 0 0 0 0; mso-font-charset:0; mso-generic-font-family:swiss; mso-font-pitch:variable; mso-font-signature:-2146435069 0 0 0 1 0;} @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4; mso-font-charset:0; mso-generic-font-family:roman; mso-font-pitch:variable; mso-font-signature:-1610611985 1107304683 0 0 159 0;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4; mso-font-charset:0; mso-generic-font-family:swiss; mso-font-pitch:variable; mso-font-signature:-1610611985 1073750139 0 0 159 0;} @font-face {font-family:"Trebuchet MS"; panose-1:2 11 6 3 2 2 2 2 2 4; mso-font-charset:0; mso-generic-font-family:swiss; mso-font-pitch:variable; mso-font-signature:647 0 0 0 159 0;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {mso-style-unhide:no; mso-style-qformat:yes; mso-style-parent:""; margin-top:0in; margin-right:0in; margin-bottom:10.0pt; margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:Calibri; mso-fareast-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:Latha; mso-bidi-theme-font:minor-bidi;} a:link, span.MsoHyperlink {mso-style-noshow:yes; mso-style-priority:99; color:blue; text-decoration:underline; text-underline:single;} a:visited, span.MsoHyperlinkFollowed {mso-style-noshow:yes; mso-style-priority:99; color:purple; mso-themecolor:followedhyperlink; text-decoration:underline; text-underline:single;} p {mso-style-noshow:yes; mso-style-priority:99; mso-margin-top-alt:auto; margin-right:0in; mso-margin-bottom-alt:auto; margin-left:0in; mso-pagination:widow-orphan; font-size:12.0pt; font-family:"Times New Roman","serif"; mso-fareast-font-family:"Times New Roman";} span.yshortcuts {mso-style-name:yshortcuts; mso-style-unhide:no;} .MsoChpDefault {mso-style-type:export-only; mso-default-props:yes; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:Calibri; mso-fareast-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:Latha; mso-bidi-theme-font:minor-bidi;} .MsoPapDefault {mso-style-type:export-only; margin-bottom:10.0pt; line-height:115%;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in; mso-header-margin:.5in; mso-footer-margin:.5in; mso-paper-source:0;} div.Section1 {page:Section1;} --> </style> <p style="color: rgb(0, 0, 0);"><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><span class="yshortcuts"><b><i><span id="lw_1249319462_1"><span style="text-decoration: none;">Yahoo!</span></span></i></b></span><a href="http://www.getnidokidos.com/" target="_blank"><b><i><span style="text-decoration: none;"> </span></i></b></a><a href="http://www.getnidokidos.com/" target="_blank"><span style="text-decoration: none;"><span style=""></span></span></a><br> </span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">The word was invented by <span class="yshortcuts"><span id="lw_1249319462_2">Jonathan Swift</span></span> and used in his book <span class="yshortcuts"><span style="cursor: pointer; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous; background-attachment: scroll;" id="lw_1249319462_3">Gulliver's Travels</span></span>. It represents a person who is repulsive in appearance and action and is barely human. <span class="yshortcuts"><span style="cursor: pointer;" id="lw_1249319462_4">Yahoo</span></span>! founders <span class="yshortcuts"><span style="cursor: pointer;" id="lw_1249319462_5">Jerry Yang and David Filo</span></span> selected the name because they considered themselves yahoos. </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></i><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Xerox</span></i></b><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> </span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">The Greek root "xer" means dry. The inventor, Chestor Carlson , named his product Xerox as it was dry copying, markedly different from the then prevailing wet copying. </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><span class="yshortcuts"><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></i><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Sun Microsystems</span></i></b></span><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> </span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Founded by four <span class="yshortcuts"><span id="lw_1249319462_7">Stanford University</span></span> buddies, Sun is the acronym for <span class="yshortcuts"><span id="lw_1249319462_8">Stanford University Network</span></span>. </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><span class="yshortcuts"><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Sony</span></i></b></span><b><i></i></b><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> </span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">From the Latin word 'sonus' meaning sound, and 'sonny' a slang used by Americans to refer to a bright youngster. </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">SAP</span></i></b><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> </span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">"Systems, Applications, Products in <span class="yshortcuts"><span id="lw_1249319462_10">Data Processing</span></span>", formed by four ex-IBM employees who used to work in the 'Systems/Applications/Projects' group of IBM. </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Red Hat</span></i></b><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> </span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Company founder <span class="yshortcuts"><span style="cursor: pointer;" id="lw_1249319462_11">Marc Ewing</span></span> was given the Cornell lacrosse team cap (with red and white stripes) while at college by his grandfather. He lost it and had to search for it desperately. The manual of the beta version of <span class="yshortcuts"><span id="lw_1249319462_12">Red Hat Linux</span></span> had an appeal to readers to return his Red Hat if found by anyone! </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> <b><i><br> </i></b></span><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Oracle</span></i></b><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> </span><span class="yshortcuts"><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Larry Ellison</span></i></span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> and Bob Oats were working on a consulting project for the Central Intelligence Agency (CIA). The code name for the project was called Oracle (the CIA saw this as the system to give answers to all questions or something such). </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> <b><i><br> </i></b></span><span class="yshortcuts"><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Motorola</span></i></b></span><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Founder Paul Galvin came up with this name when his company started manufacturing radios for cars. The popular radio company at the time was called Victrola. </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> <b><i> <br> </i></b></span><span class="yshortcuts"><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Microsoft</span></i></b></span><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> </span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">It was coined by <span class="yshortcuts"><span id="lw_1249319462_16">Bill Gates</span></span> to represent the company that was devoted to MICROcomputer SOFTware. Originally christened Micro-Soft, the '-' was removed later on. </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></i><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Lotus</span></i></b><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> </span><span class="yshortcuts"><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Mitch Kapor</span></i></span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> got the name for his company from the lotus position or 'padmasana.' Kapor used to be a teacher of <span class="yshortcuts"><span id="lw_1249319462_18">Transcendental Meditation</span></span> of <span class="yshortcuts"><span id="lw_1249319462_19">Maharishi Mahesh Yogi</span></span>. </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></p> <p style="color: rgb(0, 0, 0);"><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></i><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Intel</span></i></b><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> </span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Bob Noyce and <span class="yshortcuts"><span style="cursor: pointer;" id="lw_1249319462_20">Gordon Moore</span></span> wanted to name their new company ' Moore Noyce' but that was already trademarked by a hotel chain, so they had to settle for an acronym of INTegrated ELectronics. </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><span class="yshortcuts"><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></i><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Hewlett-Packard</span></i></b></span><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> </span><span class="yshortcuts"><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Bill Hewlett</span></i></span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> and Dave Packard tossed a coin to decide whether the company they founded would be called Hewlett-Packard or Packard-Hewlett. </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><span class="yshortcuts"><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></i><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Hotmail</span></i></b></span><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> </span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Founder Jack Smith got the idea of accessing email via the web from a computer anywhere in the world. When <span class="yshortcuts"><span id="lw_1249319462_24">Sabeer Bhatia</span></span> came up with the business plan for the mail service, he tried all kinds of names ending in 'mail' and finally settled for Hotmail as it included the letters "html" - the programming language used to write web pages. It was initially referred to as HoTMaiL with selective upper casings. </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><span class="yshortcuts"><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Google</span></i></b></span><b><i></i></b><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> </span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">The name started as a jockey boast about the amount of information the search-engine would be able to search. It was originally named 'Googol', a word for the number represented by 1 followed by 100 zeros. After founders - Stanford graduate students <span class="yshortcuts"><span id="lw_1249319462_26">Sergey Brin</span></span> and <span class="yshortcuts"><span style="cursor: pointer;" id="lw_1249319462_27">Larry Page</span></span> presented their project to an angel investor, they received a cheque made out to 'Google </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Cisco</span></i></b><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> </span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">The name is not an acronym but an abbreviation of <span class="yshortcuts"><span id="lw_1249319462_28">San Francisco</span></span> . The company's logo reflects its San Francisco name heritage. It represents a stylized <span class="yshortcuts"><span id="lw_1249319462_29">Golden Gate Bridge</span></span> </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><span class="yshortcuts"><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></i><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Apple Computers</span></i></b></span><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Favourite fruit of founder <span class="yshortcuts"><span id="lw_1249319462_31">Steve Jobs</span></span>. He was three months late in filing a name for the business, and he threatened to call his company Apple Computers if the other colleagues didn't suggest a better name by 5 o'clock. </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></i><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Apache</span></i></b><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> <br> </span></i></b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">It got its name because its founders got started by applying patches to code written for NCSA's httpd daemon. The result was 'A PAtCHy' server - thus, the name Apache. </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> <p style="color: rgb(0, 0, 0);"><span class="yshortcuts"><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></i><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">Adobe</span></i></b></span><b><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"> </span></i></b><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"><br> </span><i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";">The name came from the river <span class="yshortcuts"><span id="lw_1249319462_33">Adobe Creek</span></span> that ran behind the house of founder <span class="yshortcuts"><span style="cursor: pointer;" id="lw_1249319462_34">John Warnock</span></span> . </span></i><span style="font-size: 10pt; font-family: "Trebuchet MS","sans-serif";"></span></p> Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com26tag:blogger.com,1999:blog-6337969595598808080.post-48645193172691624562009-07-22T14:38:00.002+05:302009-07-22T14:44:12.783+05:30Joomla! workshopLast week I conducted a Joomla! workshop in Tamil for mainly North and East people of Sri Lanka. It is a two days workshop and I did it well than I thought. Enjoyed a lot..<br /><br />I think the participants too. All appreciated well.. Send mails... Called...<br /><br />The important think is that they really learnt Joomla! almost all the participants were confident that they can develop the site. Thats a great thing and it seems some of them have developed site for their institute and published. <br /><br />This workshop is organized by ICTA Sri lanka.Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com3tag:blogger.com,1999:blog-6337969595598808080.post-45505042421517793872009-07-22T14:20:00.002+05:302009-07-22T14:37:25.894+05:30LAKappsLAKapps is a project of localizing Open Source applications in Sri Lankan local languages viz Tamil and Sinhala. I am in the core team.<br />We are doing various projects and the project that we started are successfully done till now. Thats a great thing I suppose.<br /><br />We have localized following FOSS into Tamil :<br />Joomla!<br />Moodle<br />Mozilla Firefox<br />Mozilla Thunderbird<br />Squirrel Mail<br />Horde<br />GeoGebra<br /><br />Also we localized following into Sinhala :<br />Mozilla Thunderbird<br />Horde<br />GeoGebra<br /><br />We also prepared user manuals for all the software that we localized. And other than that we prepared Video training for Joomla! and Open Office.<br /><br />Next 2nd september 2009 LAKapps is going to organize a Symposium on Local Language Application and Systems. <br /><br />Wen site : www.lakapps.lk<br /><br />SarvesSarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com2tag:blogger.com,1999:blog-6337969595598808080.post-25927778349278876952009-06-25T09:15:00.002+05:302009-07-22T14:38:23.370+05:308th Tamil Internet ConferenceINFITT has announced 8th Tamil Internet Conference and its going to be held in Kolen, Germany. I am planing to write a paper about Tamil localization, will see. <br>Hope you guys also can write something and can contribute to the Tamil-Computing.<br> <br>For more info. :<br><a href="http://www.infitt.org/ti2009/?page=eng/home">http://www.infitt.org/ti2009/?page=eng/home</a><br><br><br>Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com2tag:blogger.com,1999:blog-6337969595598808080.post-76559913410981545992009-06-25T09:10:00.001+05:302009-06-25T09:10:21.022+05:30Recent two main happeningHi guys.. after long time :)<br>There are some happenings in my life... among that some are good and some are .... dont know :?<br>- got engaged about 2 months ago <br>My girl's name is Sharanya and she is into music, specially vocal and Veena. Hmm what else...<br> <br>- I was offered access to Mozilla l10n repository<br>Perhaps you know that when u do something for foss, the respective companies will give you some rights to access there repository and to change the software there. But getting this access is very difficult and you should convince them that you are a committer to the particular FOSS project.<br> As you know Mozilla foundation is a very well known one in the FOSS world and they develop Mozilla products like Firefox, Thunderbird etc. We localized Firefox and Thunderbird into Tamil and SInhala languages, at University of Moratuwa. For that I and one of my colleague receiced this special access on Mozilla's content repo.<br> <br><br><br><br> Sarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com1tag:blogger.com,1999:blog-6337969595598808080.post-67576845567088088602009-05-21T09:55:00.002+05:302012-03-22T17:39:00.852+05:30Finally... We have Firefox in TamilI am very happy to share that now we have the Mozilla Firefox in Tamil.<br />Firefox 3.5BetaPre is available for download. Please download that and test. Also do not forget to let you know us your comments and suggestions.<br /><br />Find them here.<br /><br /><a href="http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/latest-mozilla-1.9.1-l10n/firefox-3.5b5pre.ta-LK.win32.installer.exe">Windows version (exe)</a><br /><a href="http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/latest-mozilla-1.9.1-l10n/firefox-3.5b5pre.ta-LK.linux-i686.tar.bz2">Linux version</a><br /><a href="http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/latest-mozilla-1.9.1-l10n/firefox-3.5b5pre.ta-LK.mac.dmg">Mac version</a><br /><br />Thanks<br />SarvesSarveshttp://www.blogger.com/profile/15106070667029338837noreply@blogger.com0