linux

All posts tagged linux

Setting up chroot SFTP server on ubuntu 12.04

Posted by Matthew on September 20, 2012
Posted in: Uncategorized. Tagged: , , , , , . 4 comments

Here is how to set up a secured SFTP server where the user is not permitted shell access, nor access to any other part of the filesystem than what you allow with the chroot. I did this in September 2012 on Ubuntu 12.04.

First, I want to create a place for all the files to live:

sudo mkdir /data/

OpenSSH requires that the sftp user cannot have write access to the root directory, so you have to create at least one sub directory that can be owned by the sftp user:

sudo mkdir /data/incoming/

Second, we want to add a new user solely for this server:

sudo useradd --home-dir /data/incoming --no-create-home sftpuser

Change their password to something long and strong:

sudo passwd sftpupser

Give them control over the incoming directory so they can deposit files there:

sudo chown sftpuser:sftpuser /data/incoming/

Third, we need to enable SFTP in the SSHD configuration. Edit the file /etc/ssh/sshd_config and change the sftp line to this:

Subsystem sftp internal-sftp

Then add this chunk to the end of the file (make sure to put it after the “UsePAM” line!) :

Match User sftpuser
    ChrootDirectory /data
    AllowTCPForwarding no
    X11Forwarding no
    ForceCommand internal-sftp

Restart the SSH server with “sudo service ssh restart” and then you should be all set to go!

Linux Samba (CIFS) secure automount

Posted by Matthew on September 13, 2012
Posted in: Uncategorized. Tagged: , , , , , , . Leave a Comment

I have my server set up to server files using Samba (the windows filesharing protocol) now called CIFS. I wanted to use some authentication for the read/write share so here is how to do it.

Make a file called /etc/samba.credentials, owned by root:root, with permissions 0600, with these contents:
username=blah
password=blah

Then add a line like this to your /etc/fstab:
//server/sharename /mount/point cifs auto,credentials=/etc/samba.credentials,iocharset=utf8,file_mode=0777,dir_mode=0777,uid=youruser,gid=yourgroup,nounix 0 0

Then it should be automatically mounted when you login!

Installing Django on Ubuntu 12.04

Posted by Matthew on August 31, 2012
Posted in: Uncategorized. Tagged: , , , , , , . Leave a Comment

Notes for myself so I can do this again someday… (UPDATE: I had to refresh the links at the bottom of this article to the latest version of Django. Good luck.)

Let’s say we are working on a Django project called applesauce, for lack of a better name. We start by creating a directory for this project:
cd ~
mkdir applesauce
cd applesauce

We use pip to install python packages, so we must install it first:
sudo apt-get install python-pip python-setuptools

We use virtualenv to manage our python environment to make sure we don’t go too crazy. We can use pip to install it:
sudo pip install virtualenv

virtualenv has this idea of using a directory to store its settings, so let’s make one for it, and use it as a new virtual environment:
mkdir applesauce-virtualenv
virtualenv applesauce-virtualenv

The –no-site-packages is the default now, so we don’t include it here (you could, but it’s deprecated). This helps keep things sane.

virtualenv creates a shell script for you to source that sets up the necessary environment variables. You will need to source this file every time you want to work on this project:

source applesauce-virtualenv/bin/activate

You should see that your shell prompt has changed, and now has “(applesauce-virtualenv)” at the front of the prompt. This lets you know that you have already “logged in” to your virtualenv.

Now, let’s install some of the packages required to work with Django. We start with the non-python system-wide packages and libraries:
sudo apt-get install libxml2-dev libxslt1-dev python2.7-dev libpng12-dev libfreetype6-dev build-essential python-dev

Then, make sure that you are in your virtual environment and install these python things using pip. Since we’re installing these packages into the virtualenv we don’t need to use sudo.

pip install django django-debug-toolbar south httplib2 lxml

If you have any modules/packages that you want to be able to use in your Django project, you can copy them into applesauce-virtualenv/lib/python2.7/site-packages/

To verify that Django can be seen by Python, type python from your shell. Then at the Python prompt, try to import Django:

>>> import django
>>> print django.get_version()
1.4.1

Now, you can start working with Django. You might want to start with the official tutorial, Writing your first Django app.

(Some information taken from the Django Quick install guide.)

Viewing PDF annotation on Linux

Posted by Matthew on August 10, 2012
Posted in: Uncategorized. Tagged: , , , . Leave a Comment

When reviewing and editing papers, my advisor likes to use his copy of Adobe Acrobat to mark-up the insertions, deletions, and add comments to the original PDF. This works nicely, but when overlapping comments are present, such as a block comment over an entire paragraph with sentence-specific edits “underneath” the block comment, none of the “standard” PDF viewers on Linux (including the official Adobe Reader for Linux) are able to access the buried mark-up. Fortunately, I have discovered that a freeware program called PDF XChange Viewer can be easily run using WINE, and allows you to view, edit, and create PDF annotations. I haven’t tried creating or editing annotations, but I certainly do use it to delete block annotations covering up the more specific edits.

via Finally, real PDF annotating under Linux! (with help from Wine)