diff --git a/LDP/howto/docbook/HOWTO-INDEX/appsSect.sgml b/LDP/howto/docbook/HOWTO-INDEX/appsSect.sgml index 818175e1..fcdccc5a 100644 --- a/LDP/howto/docbook/HOWTO-INDEX/appsSect.sgml +++ b/LDP/howto/docbook/HOWTO-INDEX/appsSect.sgml @@ -1379,7 +1379,7 @@ How to convert an XFree86 modeline into an XInside/XiGraphics one. XFree-Local-multi-user-HOWTO, XFree local multi-user HOWTO -Updated: June 2003. +Updated: July 2003. Explains the shortest way to get a working multiple local X user-capable PC system. diff --git a/LDP/howto/docbook/HOWTO-INDEX/howtoChap.sgml b/LDP/howto/docbook/HOWTO-INDEX/howtoChap.sgml index 4273c0a3..5381e231 100644 --- a/LDP/howto/docbook/HOWTO-INDEX/howtoChap.sgml +++ b/LDP/howto/docbook/HOWTO-INDEX/howtoChap.sgml @@ -827,7 +827,7 @@ partition images to and from a TFTP server. Cluster-HOWTO, Linux Cluster HOWTO -Updated: March 2003. +Updated: June 2003. How to set up high-performance Linux computing clusters. @@ -3857,7 +3857,7 @@ RTLinux Installation and writing realtime programs in Linux. Samba-Authenticated-Gateway-HOWTO, Samba Authenticated Gateway HOWTO -Updated: May 2003. +Updated: July 2003. How to build a Firewall/Gateway with rules set on user basis having the users authenticated by a Samba Primary Domain Controller. @@ -5124,7 +5124,7 @@ version of the X Window System (X11R6) for Linux systems. XFree-Local-multi-user-HOWTO, XFree local multi-user HOWTO -Updated: June 2003. +Updated: July 2003. Explains the shortest way to get a working multiple local X user-capable PC system. diff --git a/LDP/howto/docbook/HOWTO-INDEX/hwSect.sgml b/LDP/howto/docbook/HOWTO-INDEX/hwSect.sgml index a087a733..e919f0aa 100644 --- a/LDP/howto/docbook/HOWTO-INDEX/hwSect.sgml +++ b/LDP/howto/docbook/HOWTO-INDEX/hwSect.sgml @@ -101,7 +101,7 @@ various issues related to this. Cluster-HOWTO, Linux Cluster HOWTO -Updated: March 2003. +Updated: June 2003. How to set up high-performance Linux computing clusters. diff --git a/LDP/howto/docbook/HOWTO-INDEX/networkingSect.sgml b/LDP/howto/docbook/HOWTO-INDEX/networkingSect.sgml index b66923d8..e5c83bc6 100644 --- a/LDP/howto/docbook/HOWTO-INDEX/networkingSect.sgml +++ b/LDP/howto/docbook/HOWTO-INDEX/networkingSect.sgml @@ -1068,7 +1068,7 @@ chains software for Linux, and some ideas on how you might use them. Samba-Authenticated-Gateway-HOWTO, Samba Authenticated Gateway HOWTO -Updated: May 2003. +Updated: July 2003. How to build a Firewall/Gateway with rules set on user basis having the users authenticated by a Samba Primary Domain Controller. diff --git a/LDP/howto/docbook/XFree-Local-multi-user-HOWTO.xml b/LDP/howto/docbook/XFree-Local-multi-user-HOWTO.xml index 488522b7..38e2d250 100644 --- a/LDP/howto/docbook/XFree-Local-multi-user-HOWTO.xml +++ b/LDP/howto/docbook/XFree-Local-multi-user-HOWTO.xml @@ -1,6 +1,6 @@ +"http://www.docbook.org/xml/4.2/docbookx.dtd" []> @@ -14,9 +14,16 @@
galia (at) st-peter.stw.uni-erlangen.de
- Jun 2003 + Jul 2003 + + 1.1.0 + 2003-07-14 + SS + sync input agent with examples, a bit more about ruby, less Fix-Me's, additions to video compatibility + + 1.0 2003-05-13 @@ -1941,7 +1949,7 @@ exit 0 1st X server configuration file - A small part of the Mandrake init scripts (you can append it to yours if you are missing something similar): + A small part of the Mandrake init scripts /etc/rc.d/rc.sysinit (you can append it to yours if you are missing something similar): ----------------------------------------------------------------------------------- # (pixel) a kind of profile for XF86Config @@ -2226,7 +2234,7 @@ if [ $MACHINE = ppc -o $MACHINE = ppc64 ]; then Nvidia cards Riva TNT (PCI+PCI+AGP) Riva TNT2 M64 (pci)(nvidia) + Riva TNT2 M64 (pci)(nvidia) - Nvidia GeForce2MX(PCI)+GeForce2MX(PCI)+GeForce2MX(PCI)+GeForce2MX(PCI) + Nvidia GeForce2MX(PCI) + GeForce2MX(PCI) + GeForce2MX(PCI) + GeForce2MX(PCI) Works fine. DRI + Nvidia GLX works too. @@ -2239,19 +2247,22 @@ if [ $MACHINE = ppc -o $MACHINE = ppc64 ]; then Generally the X server driving the AGP card has to be started first. + This can be acomplished by manually starting X or using gdm as desktop manager. You'll have to abstain from using xdm or kdm, as they start the X servers at the same time. AGP sever restart leads to system crashes. In gdm.conf, set . - The new X server patch (XFree-4.3-prefbusid) fixes most of the problems. - The first and the last combination are reported to work without major problems with XFree86-prefbusid. + The new X server patch (XFree-4.3-prefbusid) fixes most of the problems. In case the X servers are started in the right order there are no lock ups. - Nvidia GeForce4MX440(AGP)+TNT2M64(PCI)+TNT2M64(PCI) - Matrox MGAG400(AGP)+Matrox MGA1064SG[Mystique]PCI - Matrox MGAG550DH(AGP)+Riva TNTM64(PCI) - Matrox MGAG550DH(AGP)+Geforce4 420(PCI) + Nvidia TNT2(AGP) + Matrox Mystique(PCI) + Nvidia TNT2(AGP) + S3 VIRGE/DX(PCI) + Nvidia GeForce4MX440(AGP) + TNT2M64(PCI) + TNT2M64(PCI) + Matrox MGAG400(AGP) + Matrox MGA1064SG[Mystique]PCI + Matrox MGAG450DH(AGP) + ATI Mach 64(PCI) + Matrox MGAG550DH(AGP) + Riva TNT2-M64(PCI) + Matrox MGAG550DH(AGP) + Geforce4 420(PCI) @@ -3577,12 +3588,13 @@ setup_event () if [ `echo "$PHYS" | grep $PHYS_PATTERN 2>/dev/null` ]; then case $ACTION in add) - rm -f $SYM_LINK - ln -s /dev/input/$DEV_EVENT $SYM_LINK + cd /dev/input + rm -f $SYM_LINK + ln -s $DEV_EVENT $SYM_LINK debug_mesg "Input event device $NAME on $PHYS linked to $SYM_LINK" ;; remove) - rm -f $SYM_LINK + rm -f /dev/input/$SYM_LINK debug_mesg "Input event device link $SYM_LINK removed" ;; esac @@ -3602,12 +3614,13 @@ setup_mouse () if [ `echo "$PHYS" | grep $PHYS_PATTERN 2>/dev/null` ]; then case $ACTION in add) + cd /dev/input rm -f $SYM_LINK - ln -s /dev/input/$DEV_MOUSE $SYM_LINK + ln -s $DEV_MOUSE $SYM_LINK debug_mesg "Input mouse device $NAME on $PHYS linked to $SYM_LINK" ;; remove) - rm -f $SYM_LINK + rm -f /dev/input/$SYM_LINK debug_mesg "Input mouse device link $SYM_LINK removed" ;; esac diff --git a/LDP/howto/linuxdoc/Cluster-HOWTO.sgml b/LDP/howto/linuxdoc/Cluster-HOWTO.sgml index b00b3492..a1b16ad2 100644 --- a/LDP/howto/linuxdoc/Cluster-HOWTO.sgml +++ b/LDP/howto/linuxdoc/Cluster-HOWTO.sgml @@ -5,7 +5,7 @@ Linux Cluster HOWTO Ram Samudrala (me@ram.org) - v1.0, March 17, 2003 + v1.1, June 17, 2003 How to set up high-performance Linux computing clusters. @@ -64,9 +64,22 @@ recent is listed first).

32 machines have the following setup each: + + 2 XEON 2.4GHZ 533FSB CPUs + Supermicro X5DPR-1G2 motherboard + 2 512MB PC2100 DDR REG ECC RAM + 1 40GB SEA 7200 HD + 1 120GB SEA 7200 HD + Supermicro Slim 24X CDROM + CSE-812 400 C/B 1U case + +

+ +

32 machines have the following setup each: + 2 AMD Palamino MP XP 2000+ 1.67 GHz CPUs - Asus A7M266-D w/LAN Dual DDR + Asus A7M266-D w/LAN Dual DDR motherboard 2 Kingston 512mb PC2100 DDR-266MHz REG ECC RAM 1 41 GB Maxtor 7200rpm ATA100 HD 1 120 GB Maxtor 5400rpm ATA100 HD @@ -141,19 +154,56 @@ following setup:

1 desktop with the following setup: + + 2 AMD XP 2600 MP + MSI K7D Master-L DUAL MS-6501 motherboard + 4 1024MB PC2100 DDR REG ECC RAM + 1 40GB SEA 7200 Maxtor harddisk + 2 120GB SEA 7200 Maxtor hardidks + PIONEER DVR-AO5 IDE DVD-RW + 1.44mb floppy drive + ATI Expert 2000 Rage 128 32mb video card + IN-WIN P4 300ATX Mid Tower case + Intel PCI PRO-100 10/100Mbps network card + 450W ENERMAX P4-430ATX power supply + CREATIVE SB 128 5.1 PCI soundcard + +

+ +

2 desktops with the following setup: + + + 2 AMD XP 2600 MP + MSI K7D Master-L DUAL MS-6501 motherboard + 2 512MB PC2100 DDR REG ECC RAM + 1 40GB SEA 7200 Maxtor harddisk + 2 120GB SEA 7200 Maxtor hardidks + MSI 52X24X52X CR52-A2 CD-RW + 1.44mb floppy drive + ATI Expert 2000 Rage 128 32mb video card + IN-WIN P4 300ATX Mid Tower case + Intel PCI PRO-100 10/100Mbps network card + 450W ENERMAX P4-430ATX power supply + CREATIVE SB 128 5.1 PCI soundcard + +

+ +

1 desktop with the following setup: + 2 AMD Palamino MP XP 2000+ 1.67 GHz CPUs Asus A7M266-D w/LAN Dual DDR 2 Kingston 512mb PC2100 DDR-266MHz REG ECC RAM Ricoh 32x12x10 CDRW/DVD Combo EIDE + 1.44mb floppy drive 1 41 GB Maxtor 7200rpm ATA100 HD 1 120 GB Maxtor 5400rpm ATA100 HD - 1.44mb floppy drive - ATI Expert 2000 Rage 128 32mb + ATI Expert 2000 Rage 128 32mb video card IN-WIN P4 300ATX Mid Tower case Intel PCI PRO-100 10/100Mbps network card Enermax P4-430ATX power supply +

1 desktop with the following setup: @@ -171,6 +221,7 @@ following setup: Microsoft Intellimouse Explorer Supermicro SC760 full-tower case with 400W PS +

2 desktops with the following setup: @@ -275,7 +326,23 @@ following setup: Asus 52X CD-A520 INT IDE cdrom 1.44 MB floppy drive ATI Expert 2000 Rage 128 32mb video card - 4 Intel Pro/1000T Gigabit Server ethernet cards + 3 Intel Pro/1000T Gigabit Server ethernet cards + 4U Black Rackmount Steel case + +

+ +

1 gateway with the following setup. The gateway is a mirror of +the firewall in case the firewall breaks. + + + AMD Palamino XP 1800+ 1.57GHz CPU + MSI KT3 Ultra2 KT333 MS-6380E motherboard + 512 MB PC2100 DDR-266MHz DIMM RAM + 40GB Seagate 7200rpm ATA/100 hard disk + Asus 52X CD-A520 INT IDE cdrom + 1.44 MB floppy drive + ATI Expert 2000 Rage 128 32mb video card + 3 Intel Pro/1000T Gigabit Server ethernet cards 4U Black Rackmount Steel case

@@ -296,6 +363,7 @@ following setup:

Monitors: + 2 17" Viewsonic VE700 LCD monitor 1 20.1" Viewsonic VP201M LCD monitor 1 22" Viewsonic P220F 0.25-0.27m monitor 4 21" Sony CPD-G500 .24mm monitor @@ -318,13 +386,14 @@ following setup: Putting-it-all-together hardware -

We use KVM switches with a cheap monitor to connect up and "look" +

We used to use KVM switches with a cheap monitor to connect up and "look" at all the machines: 15" .28dp XLN CTL Monitor 3 Belkin Omniview 16-Port Pro Switches Belkin Omniview 2-Port Switch + APC AR203 netshelter rack unit

@@ -336,9 +405,9 @@ more monitor switches/KVM cables.

Networking is important: + 2 Netgear FS750NA 48 port/1 git network switch 1 Netgear FSM750S 48 port/2 git network switch 1 Netgear FS517TS 16 port/1 git network switch - 1 Netgear FS750NA 48 port network switch 1 Netgear FS524 24 port network switch 1 Cisco Catalyst 3448 XL Enterprise Edition 48 port network switch 1 Netgear ME102NA Wireless Access Point @@ -355,8 +424,8 @@ more monitor switches/KVM cables.

Our vendor is Hard Drives Northwest (). For each compute node in our cluster (containing two processors), we paid about -$1500-$2000, including taxes. Generally, our goal is to keep each node to -below $2000.00 (which is what our desktop machines cost).

+$1500-$2000, including taxes. Generally, our goal is to keep the cost +of each processor to below $1000 (including housing it).

@@ -378,6 +447,7 @@ below $2000.00 (which is what our desktop machines cost).

Kernel 2.2.16-22, distribution KRUD 7.0 Kernel 2.4.9-7, distribution KRUD 7.2 Kernel 2.4.18-10, distribution KRUD 7.3 + Kernel 2.4.20-13.9, distribution KRUD 9.0 These distributions work very well for us since updates are sent to us @@ -568,6 +638,10 @@ url="http://www.ram.org/computing/linux/cluster/fantini_contribution.tgz" name="http://www.ram.org/computing/linux/cluster/fantini_contribution.tgz">.

+

I have been working on a system where all you have to do is put a +CD in, boot the machine in, and it'll come back up fully cloned. I +will post this in the near future.

+ @@ -652,14 +726,20 @@ applications you wish to run.

For the single most important program we run (our ab initio protein folding simulation program), using the Pentium 3 1 -GHz processor machine as a frame of reference, the Athlon 1.2 GHz -processor machine is about 16% faster on average, the Xeon 1.7 GHz -machine is about 25-32% faster on average, the Athlon 1.5 GHz -processor is about 38% faster on average, and the Athlon 1.7 GHz -processor is about 46% faster on average (yes, the Athlon 1.5 GHz is -faster than the Xeon 1.7 GHz since the Xeon executes only six -instructions per clock (IPC) whereas the Athlon executes nine IPC (you -do the math!)).

+GHz processor machine as a frame of reference, on average: + + +Athlon 1.2 GHz processor is about 16% faster +Xeon 1.7 GHz processor is about 27% faster +Athlon 1.5 GHz processor is about 38% faster +Athlon 1.7 GHz processor is about 46% faster +Xeon 2.4 GHz processor is about 62% faster + +

+ +

Yes, the Athlon 1.5 GHz is faster than the Xeon 1.7 GHz since the +Xeon executes only six instructions per clock (IPC) whereas the Athlon +executes nine IPC (you do the math!).

@@ -723,3 +803,7 @@ Samudrala's research page (which describes the kind of research done with these +--------------------------------------------------------------------- +To unsubscribe, e-mail: submit-unsubscribe@en.tldp.org +For additional commands, e-mail: submit-help@en.tldp.org + diff --git a/LDP/howto/linuxdoc/Samba-Authenticated-Gateway-HOWTO.sgml b/LDP/howto/linuxdoc/Samba-Authenticated-Gateway-HOWTO.sgml index 81e7956c..03a9b315 100644 --- a/LDP/howto/linuxdoc/Samba-Authenticated-Gateway-HOWTO.sgml +++ b/LDP/howto/linuxdoc/Samba-Authenticated-Gateway-HOWTO.sgml @@ -3,7 +3,7 @@
Samba Authenticated Gateway HOWTO Ricardo Alexandre Mattar -v1.1.0, 2003-05-03 +v1.1.1, 2003-07-14 This documents intends to show how to build a Firewall/Gateway with rules set on user basis having the users authenticated by a Samba Primary Domain Controller @@ -57,9 +57,9 @@

Naming of particular products or brands should not be seen as endorsements.

New versions -

The newest release of this document can be found at +

The newest release of this document can be found at or at

Related HOWTOs can be found at the Linux Documentation Project - homepage. + homepage at .

Translations

A Portuguese version is available.

A French translation by Guillaume Lelarge is available at @@ -68,7 +68,7 @@

Contributions and criticism are both welcome.

Corrections to my English are also very welcome!

If you find any bugs in the scripts included, please tell me. -

You can find me at ricardo.mattar@bol.com.br +

You can find me at ricardo@ram.eti.br or ricardo.mattar@bol.com.br

Copyright and trademarks

Copyright (c) 2002-2003 Ricardo Alexandre Mattar

Permission is granted to copy, distribute and/or modify this @@ -84,6 +84,7 @@

Thanks to Guillaume Lelarge for the (continuous) help with the revision.

Thanks to Erik Esplund for further language corrections. +

Thanks to Albert Teixids for code improvements.

Requirements Knowledge

This document is target at the seasoned systems administrator. @@ -174,7 +175,7 @@ echo "1" > /proc/sys/net/ipv4/ip_dynaddr maybe your LINUX distribution also has plenty of SAMBA documentation.

We will need to setup SAMBA as a Primary Domain Controller. I will give an example configuration file here, but you should read - the and learn all you can about a PDC. + the and learn all you can about a PDC.

Basic SAMBA setup.

Since I do not intend to rewrite the SAMBA documentation, here goes a sample smb.conf file: @@ -216,7 +217,7 @@ guest account = comment = login tracking share path = /home/samba/samba browseable = No -root preexec = /usr/local/bin/netlogon.sh %u +root preexec = /usr/local/bin/netlogon.sh %u %I root postexec = /usr/local/bin/netlogoff.sh %u

You will have to do with it or read the SAMBA documentation if you really want to control your server and network. @@ -246,7 +247,7 @@ net use z: \\linux\samba /yes comment = login tracking share path = /home/samba/samba browseable = No -root preexec = /usr/local/bin/netlogon.sh %u +root preexec = /usr/local/bin/netlogon.sh %u %I root postexec = /usr/local/bin/netlogoff.sh %u

As you can guess or know if you read the SAMBA documentation, the root preexec and the root postexec lines tell SAMBA to run the @@ -268,7 +269,7 @@ root postexec = /usr/local/bin/netlogoff.sh %u if [ -f /var/run/smbgate/$1 ] ; then exit 0 fi -smbstatus | grep $1 | grep samba | gawk '// { print substr($6,2,length($6)-2)}' > /var/run/smbgate/$1 +echo $2 > /var/run/smbgate/$1 IPTABLES='/usr/sbin/iptables' EXTIF='eth0' COMMAND='-A' @@ -285,11 +286,12 @@ else fi

This script (netlogon.sh) is intended to run when the user logs - in and will filter the output of smbstatus extracting the user's - ip address which will be written to a file at /var/run/smbgate. The - file will take the user's name and will be later used when the user - log off. The address extracted will be passed as an argument to a - script with the users' name which will finally update the firewall. + in and will select the which scripts will be executed based on the + user name and to which group the user belongs. The user's ip address + will be written to a file at /var/run/smbgate for tracking purposes. + The file will take the user's name and will be later used when the + user log off. The IP address will be passed as an argument to a script + with the users' name which will finally update the firewall.

Notice that this netlogon.sh script tries a user script, then if it can't find the user script it tries a group script, and finally if it can't find the group script it tries the default.sh script. @@ -379,7 +381,7 @@ EXTIF=$3 IPTABLES='/usr/sbin/iptables' $IPTABLES $COMMAND POSTROUTING -t nat -s $ADDRESS -o $EXTIF -j MASQUERADE

We should also hase a default.sh script at /etc/smbgate/users/ - to give the gateway a default behavior to the gateway. + to give the gateway a default behavior.

#!/bin/sh # # default.sh