Compiling handbrake on centos

Reference pulled from Ben’s Journal.

 

The fix turned out to be as follows. I edited the file:

 ./contrib/libvorbis/module.defs

and changed:

 LIBVORBIS.CONFIGURE.bootstrap = rm -fr aclocal.m4 autom4te.cache configure; autoreconf -I m4 -fiv;

to:

LIBVORBIS.CONFIGURE.bootstrap = rm -fr aclocal.m4 autom4te.cache configure; sh autogen.sh;

(and yes, that trailing ‘;’ is necessary)

Creating a bootable usb that will boot any iso WIP

Cached from http://www.panticz.de/MultiBootUSB

DEVICE=/dev/sdb
VOLUME=MultiBootUSB

# create filesystem on usb pen
sudo mkfs.vfat -n ${VOLUME} ${DEVICE}1

# mount usb
mount ${DEVICE}1 /mnt/

# install grub2 on usb pen
grub-install --no-floppy --root-directory=/mnt ${DEVICE}

# create grub config
cat <<EOF> /mnt/boot/grub/grub.cfg
menuentry "Ubuntu Live 11.04 64bit" {
        loopback loop /boot/iso/ubuntu-11.04-desktop-amd64.iso
        linux (loop)/casper/vmlinuz boot=casper iso-scan/filename=/boot/iso/ubuntu-11.04-desktop-amd64.iso noeject noprompt --
        initrd (loop)/casper/initrd.lz
}

menuentry "Ubuntu Live 9.10 32bit" {
 loopback loop /boot/iso/ubuntu-9.10-desktop-i386.iso
 linux (loop)/casper/vmlinuz boot=casper iso-scan/filename=/boot/iso/ubuntu-9.10-desktop-i386.iso noeject noprompt --
 initrd (loop)/casper/initrd.lz
}

menuentry "Ubuntu Live 9.10 64bit" {
 loopback loop /boot/iso/ubuntu-9.10-desktop-amd64.iso
 linux (loop)/casper/vmlinuz boot=casper iso-scan/filename=/boot/iso/ubuntu-9.10-desktop-amd64.iso noeject noprompt --
 initrd (loop)/casper/initrd.lz
}

menuentry "Grml small 2009.10" {
  loopback loop /boot/iso/grml-small_2009.10.iso
  linux (loop)/boot/grmlsmall/linux26 findiso=/boot/iso/grml-small_2009.10.iso apm=power-off lang=us vga=791 boot=live nomce noeject noprompt --
  initrd (loop)/boot/grmlsmall/initrd.gz
}

menuentry "tinycore" {
 loopback loop /boot/iso/tinycore_2.3.1.iso
 linux (loop)/boot/bzImage --
 initrd (loop)/boot/tinycore.gz
}

menuentry "Netinstall 32 preseed" {
  loopback loop /boot/iso/mini.iso
  linux (loop)/linux auto url=http://www.panticz.de/pxe/preseed/preseed.seed locale=en_US console-setup/layoutcode=de netcfg/choose_interface=eth0 debconf/priority=critical --
  initrd (loop)/initrd.gz
}

menuentry "debian-installer-amd64.iso" {
  loopback loop /boot/iso/debian-installer-amd64.iso
  linux (loop)/linux vga=normal --
  initrd (loop)/initrd.gz
}

menuentry "BackTrack 4" {
 linux /boot/bt4/boot/vmlinuz BOOT=casper boot=casper nopersistent rw vga=0x317 --
 initrd /boot/bt4/boot/initrd.gz
}

menuentry "Memory test (memtest86+)" {
 linux16 /boot/img/memtest86+.bin
}

menuentry "BackTrack ERR" {
 loopback loop /boot/iso/bt4-pre-final.iso
 linux (loop)/boot/vmlinuz find_iso/filename=/boot/iso/bt4-pre-final.iso BOOT=casper boot=casper nopersistent rw vga=0x317--
 initrd (loop)/boot/initrd.gz
}          

menuentry "XBMC ERR" {
 loopback loop /boot/iso/XBMCLive.iso
 linux (loop)/vmlinuz boot=cd isofrom=/dev/sda1/boot/iso/XBMCLive.iso xbmc=nvidia,nodiskmount,tempfs,setvolume loglevel=0 --
 initrd (loop)/initrd0.img
}

menuentry "netboot.me" {
 loopback loop /boot/iso/netbootme.iso
 linux16 (loop)/GPXE.KRN
}

menuentry "debian installer amd64 netboot XEN pressed" {
  linux /boot/debian/linux auto preseed/url=http://www.panticz.de/pxe/preseed/xen.seed locale=en_US console-setup/layoutcode=de netcfg/choose_interface=eth0 debconf/priority=critical --
  initrd /boot/debian/initrd.gz
}
EOF

# create iso directory
mkdir /mnt/boot/iso

#
# download images
#
# maverick test
sudo wget http://releases.ubuntu.com/10.10/ubuntu-10.10-desktop-i386.iso -P /boot/ubuntu-10.10-desktop-i386.iso
sudo ln -s /boot/ubuntu-10.10-desktop-i386.iso /boot/ubuntu-live-desktop-i386.iso

cat <<EOF>> /etc/grub.d/custom.cfg
menuentry "Ubuntu Live 32bit" {
 loopback loop /boot/ubuntu-live-desktop-i386.iso
 linux (loop)/casper/vmlinuz boot=casper iso-scan/filename=/boot/ubuntu-live-desktop-i386.iso noeject noprompt --
 initrd (loop)/casper/initrd.lz
}
EOF

#?# sudo update-grub

# Ubuntu Live 9.10 32bit
wget http://ftp.uni-kl.de/pub/linux/ubuntu.iso/9.10/ubuntu-9.10-desktop-i386.iso -P /mnt/boot/iso

# Ubuntu Live 9.10 64bit
wget http://ftp.uni-kl.de/pub/linux/ubuntu.iso/9.10/ubuntu-9.10-desktop-amd64.iso -P /mnt/boot/iso

# grml
wget http://grml.deb.at/grml-small_2009.10.iso -P /mnt/boot/iso

# tinycore
wget http://distro.ibiblio.org/pub/linux/distributions/tinycorelinux/2.x/release/tinycore_2.3.1.iso -P /mnt/boot/iso

# netinstall
wget http://archive.ubuntu.com/ubuntu/dists/jaunty/main/installer-i386/current/images/netboot/mini.iso -P /mnt/boot/iso

# xbmc
# unzip http://downloads.sourceforge.net/sourceforge/xbmc/XBMC_Live-9.04.1.zip

# debian
wget http://ftp.debian.org/debian/dists/etch/main/installer-amd64/current/images/netboot/mini.iso -O /mnt/boot/iso/debian-installer-amd64.iso

# netboot.me
wget http://static.netboot.me/gpxe/netbootme.iso -P /mnt/boot/iso

# umount
sync
umount /mnt/

# test
# debian
wget http://cdimage.debian.org/debian-cd/5.0.2/amd64/iso-cd/debian-502-amd64-netinst.iso

menuentry "debian-502-amd64-netinst.iso" {
  loopback loop /boot/iso/debian-502-amd64-netinst.iso
  linux (loop)/install.amd/vmlinuz vga=normal --
  initrd (loop)/install.amd/initrd.gz
}

menuentry "debian installer amd64 netboot" {
  linux /boot/debian/linux auto=true priority=critical vga=normal --
  initrd /boot/debian/initrd.gz
}

# update debian installation files (/mnt/boot/debian/update.sh)
wget http://ftp.de.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz -O initrd.gz
wget http://ftp.de.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/linux -O linux

# links
https://bugs.launchpad.net/ubuntu/+bug/94204
http://debianforum.de/forum/viewtopic.php?f=32&t=111249
Boot an ISO via Grub2
https://wiki.edubuntu.org/Grub2 http://wiki.ubuntuusers.de/GRUB_2/Konfiguration?highlight=cd

lftp mirror of a directory

open http://mirror.vcu.edu

cd /pub/gnu+linux/centos/6.0/isos

/i386# mirror the 64 bit centos 6
mirror \
-c -e \
–verbose \
.  /opt/iso/centos/6_32bit \
–exclude .torrent \
–exclude .iso \
-i CentOS-6.0-i386-netinstall.iso \
-i CentOS-6.0-i386-minimal.iso \
-i CentOS-6.0-i386-LiveCD.isocd /pub/gnu+linux/centos/6.0/isos/x86_64mirror \
-c -e \
–verbose \
. /opt/iso/centos/6_64bit \
–exclude .torrent \
–exclude .iso \
-i CentOS-6.0-x86_64-netinstall.iso \
-i CentOS-6.0-x86_64-minimal.iso \
-i CentOS-6.0-x86_64-LiveCD.iso#CentOS-6.0-i386-LiveDVD.iso
#CentOS-6.0-i386-bin-DVD.iso
#CentOS-6.0-i386-minimal.iso
#CentOS-6.0-i386-netinstall.iso

#get -c -e \
#       /pub/gnu+linux/centos/6.0/isos/x86_64/CentOS-6.0-x86_64-minimal.iso \
#       -o /opt/iso/centos/6_64bit
#       /pub/gnu+linux/centos/6.0/isos/x86_64/CentOS-6.0-x86_64-netinstall.iso \
#       -o /opt/iso/centos/6_64bit
#       /pub/gnu+linux/centos/6.0/isos/x86_64/CentOS-6.0-x86_64-LiveCD.iso \
#       -o /opt/iso/centos/6_64bit

exit

  • Examples:#lftp -e “set net:timeout 10; cd IN; mput FILENAME ; ls -l;bye” -u “USERNAME”,”PASSWORD” HOSTNAME
    # verify file size:
    #lftp -e “set net:timeout 10; cd IN; ls -l;bye” -u “USERNAME”,”PASSWORD” HOSTNAME
    # remove file
    #lftp -e “set net:timeout 10; cd IN; rm FILENAME ;bye”-u “USERNAME”,”PASSWORD” HOSTNAME

Resources:

  • http://www.cyberciti.biz/faq/lftp-mirror-example/
  • russbrooks.com/2010/11/19/lftp-cheetsheet
  • http://www.kenhess.com/4436.html

Winbind Ties Linux and Windows Sign-Ons Together

Cached from: http://www.enterprisenetworkingplanet.com/netos/article.php/3499006/Winbind-Ties-Linux-and-Windows-SignOns-Together.htm

You keep hearing “Linux is like way cool! Use Linux!” Linux is cool, and even useful, but migrating from other platforms or integrating Linux hosts into an existing network takes a bit more work and knowledge than giving a careless wave of your hand, which is a minor detail that seems to escape the attention of enthusiastic Linux evangelists. Most sysadmins do not have the luxury of starting from scratch, and must make do with existing setups of varying (in)sanity and (il)logic.

The premier program for integrating Windows and Linux is Samba, which ace admins already know and love. Samba can be a cross-platform print and file server, a primary domain controller for a Windows LAN, and even a full member of an NT or Active Directory domain. The difficulty with running mixed Linux and Windows networks is managing user and group accounts and logins. The two platforms manage them in very different ways, which makes it difficult to integrate the two. A common method is to maintain two duplicate sets of users, groups, and passwords, which of course is less than ideal. (The word “sucks” can be confidently applied to this scenario.)

Fortunately the brainiacs behind Samba invented winbind to provide a unified logon, thus saving overworked admins from silliness like doing everything twice, and users from the horrors of trying to track what they are logging into, and which login to use. Winbind lets a Linux box become a full member of a Samba, Windows NT4 or Active Directory domain, and view Windows users and groups as Linux users and groups. All user and group queries from a Linux box are resolved by the domain controller.

Winbind is ideal for admins who wish to add Linux workstations or servers to an existing Windows domain. This allows a graceful introduction with a minimum of hassle. Servers and workstations slide right in without troubling users or bothering pointy-haired bosses.

You should also use winbind when you have hosts that are not members of the domain accessing a Samba or Windows domain. This is an important step to prevent unauthorized access from same-named foreign user accounts. For example, without winbind user Carla who is not a member of the domain will be able to access the files of user Carla who is a member of the domain. This, of course, is bad. Winbind does not allow this to happen; the foreign Carla will be given a different SID (security identifier) and so will not be able to get into the wrong files.

If you’re using a simple peer network without user authentication, don’t bother with winbind. Just for you bullet-point aficionados, here is a summary of what winbind does:

  • Authenticates users
  • Manages passwords
  • Allows Linux users to use Windows domain resources as though they were native Linux resources
  • User and group ID allocation

Underlying Protocols

Winbind makes use of the both the Windows NT RPC (remote procedure calls) and the native protocols of Active Directory. The Samba team received no assistance from Microsoft in decoding these calls, but somehow through persistence and tireless effort captured and decoded the signals over the wire. Moral: if interoperability and customer service are your desire, stick with the free/open source world.

For a NT4/Samba domain, you need Samba 3, winbind, NSS (name service switch), and PAM (pluggable authentication modules). For Active Directory you need Samba 3, winbind, LDAP, and Kerberos.

Using PAM allows authentication and password management to take place on the domain controller. PAM also lets the stern, controlling sysadmin set different authentication policies for different situations, such as for applications, or for users from different locations.

NSS provides a mechanism for hostnames, mail aliases, and user data to be resolved from various sources. Active Directory uses LDAP and Kerberos natively, which Linux can also do.

Windows uses RIDs (relative identifiers) for users and groups. Winbind converts these to Linux user and group numbers in a persistent database file called winbind_idmap.tdb. This is not used when LDAP is used. Additionally, to speed up performance, winbind uses caching. The cache responds to requests, rather than hitting the domain controller for every request.

Requirements

Samba and Winbind also work for just about any Unix variant. We’ll use Linux in this series.

Collecting the necessary bits will vary depending on which Linux distribution you are using. You definitely want the latest stable version of Samba. Debian’s Samba package includes everything you need, including support for PAM already compiled in. Most RPMs do the same. If you want to build from sources, see Resources.

If you are modifying an existing Samba server, back up everything! Back up smb.conf, /etc/pam.d, and /etc/nsswitch.conf. Messing up your PAM configuration means you may not be able to log in at all, so you must also have a rescue disk, such as Knoppix, at hand. Come back next week to learn how to configure all these things to make winbind do the heavy lifting for you.

Resources

Integrate Linux with Active Directory using Samba, Winbind, and Kerberos

Cached from: http://community.spiceworks.com/how_to/show/445

This is the summary of my experience setting up a Linux machine to become a member of an existing Active Directory domain.

Last year I was new to an organization that has an unhealthy affinity for Dell. Anyway, we needed some more storage space, so my solution was to build a server from parts and use Centos 5.1 and Samba to share files with the Windows domain. I wound up with a 3U file server with a 12 TB Raid 6 array with a hot spare (redundancy is serious business) for just shy of $4,000. Given the cost of a similar solution from Dell, major brownie points for me. But, I digress. Here’s the meat and potatoes of getting a linux box to play well with an AD environment.

I hope this helps someone!

1.

Get your linux box configured, with the relevant packages installed.

So, you’ve got your server/workstation up with your favorite flavor of linux installed, and it’s time to join the Windows domain. For this, we’ll be needing samba and kerberos. Most distros come with samba installed, but it’s best to go ahead and grab the newest version either from your distro’s repositories or the samba website itself. Also, make sure you have the krb5 packages installed.

2.

Time synchronization…

AD is very picky about the time matching during authentication, so you’ll need to point the ntpd process to a server on your network. A domain controller is a good choice.

On redhat flavored linux (CentOS, RHEL, and maybe SuSE, I’m not sure on that one) you can configure NTP without editing a .conf file like so:

ntpdate HOSTNAME

For debian flavored linux, edit /etc/ntp.conf with your favorite text editor. Real men use vi. You’ll see a servers section; just replace what’s there with one or more NTP servers on your domain, like so:

server HOSTNAME iburst dynamic

Now, restart the NTP service like so:

service ntp restart

or

/etc/init.d/ntp restart

or

/etc/rc.d/init.d/ntp restart

depending on your particular brand of *nix.

Make sure it’s working with the following command:

ntpq -p

You’ll see some output that should include the NTP server you pointed it to, and some stats.

3.

Edit /etc/hosts

Add this line to /etc/hosts for each domain controller:

xxx.xxx.xxx.xxx adserver.yourdomain adserver

4.

Edit /etc/krb5.conf

Edit /etc/krb5.conf to look something like this:

[libdefaults]
ticket_lifetime = 600
default_realm = YOURDOMAIN
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
[realms]
YOURDOMAIN = {
kdc = ip of you ads server
default_domain = YOURDOMAIN
}
[domain_realm]
.yourdomain = YOURDOMAIN
yourdomain = YOURDOMAIN
[kdc]
profile = /etc/krb5kdc/kdc.conf
[logging]
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.logog

5.

Test kerberos authentication

Enter the following at the shell to test kerberos authentication:

kinit username@DOMAIN

It will prompt for a password, and if all is well, return you to the prompt.

Use the command klist to verify you received a ticket. If you have a ticket, then you’re doing great. If not, double check your /etc/krb5.conf file.

6.

Configure Samba and Winbind to be a domain member.

Almost done. Now we need to edit the /etc/samba/smb.conf file. I’ll include the important parameters. Your smb.conf file should look something like this:

[global]
workgroup = domainname
password server = hostname of domain controller
wins server = IP of wins server
realm = DOMAIN
security = ads
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/bash
winbind use default domain = false
winbind offline logon = false
winbind separator = + <<very important, as the default \ character does strange things in unix/linux.
allow trusted domains = Yes <<if you have them

Those are the important bits, but you’ll find that there are hundreds of valid parameters for the samba config file. Explore them; it’s a very powerful program.

7.

Tell linux to allow winbind to handle authentication.

Edit your /etc/nsswitch.conf to look something like this:

passwd: compat winbind
shadow: compat
group: compat winbind

8.

Moment of truth: Join the domain.

Once the /etc/samba/smb.conf file is properly edited, enter the following at the shell:

testparm

It gives you the rundown of your samba config file, and will let you know if something is wrong. If all is well, it’s time to start the smb and winbind services, like so: (depending on *nix flavor)

service smb restart
service winbind restart

or

/etc/init.d/smb restart
/etc/init.d/winbind restart

or

/etc/rc.d/init.d/smb restart
/etc/rc.d/init.d/winbind restart

If they both come back up fine, lets move to joining the domain, like so:

net ads join -U DOMAIN+username%password

Then test the join using:

net ads testjoin

If it reports “Join is OK”, the test winbind:

wbinfo -u <lists all of your AD users>
wbinfo -g <lists all of your AD groups>

If it works, your linux box is now integrated into the AD domain.

9.

Lastly, configure the smb and winbind services to start automatically

Every distro has a different way of doing this, so I won’t delve into too much detail. Just have a google on it; theres a wealth of information out there.

Conclusion

That should do it. If you run into errors, I may be able to help you. I had a bumpy road getting this up and running, but in the end this is what worked.

Enjoy, and again, I hope this helps someone.