ArchLinux server

Similar Messages

• Printing glitches on my archlinux server

  Hello archers,
  i've been having some problems with my archlinux server. Connected to the server is a HP Laserjet CM1312 printer via USB, server is shared via CUPS and Samba.
  I've followed the Archwiki guide for CUPS and Samba for installing the printer.
  The specific problem i'm having is printing from a Windows machine. After printing has begun, printing is first fine, but then it'll sometimes start to print gibberish like this (with PCL5): http://ompldr.org/vNzd2aw
  I've yet to experience problems printing from my linux machine. I've tried shifting in between drivers on the Windows machine (PCL5, PCL6, Postscript)
  Switching to a Postscript driver on the Windows machine prints fine, but after a while produces errors like this: http://ompldr.org/vNzd2dw
  CUPS error log contains:
  E [30/Jan/2011:21:03:05 +0100] [cups-driverd] Bad driver information file "/usr/share/cups/model/foomatic-db-ppds/Kyocera/ReadMe.htm"!
  E [30/Jan/2011:21:04:00 +0100] [cups-driverd] Bad driver information file "/usr/share/cups/model/foomatic-db-ppds/Kyocera/ReadMe.htm"!
  D [30/Jan/2011:21:06:20 +0100] [Job 51] The following messages were recorded from 21:00:03 to 21:06:20
  D [30/Jan/2011:21:06:20 +0100] [Job 51] Adding start banner page "none".
  D [30/Jan/2011:21:06:20 +0100] [Job 51] Adding end banner page "none".
  D [30/Jan/2011:21:06:20 +0100] [Job 51] File of type application/vnd.cups-raw queued by "nobody".
  D [30/Jan/2011:21:06:20 +0100] [Job 51] hold_until=0
  D [30/Jan/2011:21:06:20 +0100] [Job 51] Queued on "HP_Color_LaserJet_CM1312_MFP_USB_00CNF8B3Q1SC_HPLIP" by "nobody".
  D [30/Jan/2011:21:06:20 +0100] [Job 51] job-sheets=none,none
  D [30/Jan/2011:21:06:20 +0100] [Job 51] argv[0]="HP_Color_LaserJet_CM1312_MFP_USB_00CNF8B3Q1SC_HPLIP"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] argv[1]="51"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] argv[2]="nobody"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] argv[3]="smbprn.00000039 Remote Downlevel Document"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] argv[4]="1"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] argv[5]="job-originating-host-name=::ffff:192.168.1.133 job-uuid=urn:uuid:6345dae1-010f-3774-55f6-7cb213dff752 time-at-creation=1296417603 time-at-processing=1296417976 AP_D_InputSlot="
  D [30/Jan/2011:21:06:20 +0100] [Job 51] argv[6]="/var/spool/cups/d00051-001"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[0]="CUPS_CACHEDIR=/var/cache/cups"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[1]="CUPS_DATADIR=/usr/share/cups"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[2]="CUPS_DOCROOT=/usr/share/cups/doc"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[3]="CUPS_FONTPATH=/usr/share/cups/fonts"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[4]="CUPS_REQUESTROOT=/var/spool/cups"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[5]="CUPS_SERVERBIN=/usr/lib/cups"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[6]="CUPS_SERVERROOT=/etc/cups"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[7]="CUPS_STATEDIR=/var/run/cups"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[8]="HOME=/var/spool/cups/tmp"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[9]="PATH=/usr/lib/cups/filter:/usr/bin:/usr/sbin:/bin:/usr/bin"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[10]="[email protected]"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[11]="SOFTWARE=CUPS/1.4.6"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[12]="TMPDIR=/var/spool/cups/tmp"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[13]="USER=root"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[14]="CUPS_SERVER=/var/run/cups/cups.sock"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[15]="CUPS_ENCRYPTION=IfRequested"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[16]="IPP_PORT=631"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[17]="CHARSET=utf-8"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[18]="LANG=en_US.UTF-8"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[19]="PPD=/etc/cups/ppd/HP_Color_LaserJet_CM1312_MFP_USB_00CNF8B3Q1SC_HPLIP.ppd"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[20]="RIP_MAX_CACHE=8m"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[21]="CONTENT_TYPE=application/vnd.cups-raw"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[22]="DEVICE_URI=hp:/usb/HP_Color_LaserJet_CM1312_MFP?serial=00CNF8B3Q1SC"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[23]="PRINTER_INFO=HP Color LaserJet CM1312 MFP"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[24]="PRINTER_LOCATION=Local Printer"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[25]="PRINTER=HP_Color_LaserJet_CM1312_MFP_USB_00CNF8B3Q1SC_HPLIP"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] envp[26]="CUPS_FILETYPE=document"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] Started backend /usr/lib/cups/backend/hp (PID 22315)
  D [30/Jan/2011:21:06:20 +0100] [Job 51] PAGE: 1 1
  D [30/Jan/2011:21:06:20 +0100] [Job 51] STATE: +connecting-to-device
  D [30/Jan/2011:21:06:20 +0100] [Job 51] STATE: -connecting-to-device
  D [30/Jan/2011:21:06:20 +0100] [Job 51] STATE: -media-empty-error,media-jam-error,hplip.plugin-error,cover-open-error,toner-empty-error,other
  D [30/Jan/2011:21:06:20 +0100] [Job 51] prnt/backend/hp.c 625: ERROR: 5021 device communication error!
  D [30/Jan/2011:21:06:20 +0100] [Job 51] Backend returned status 4 (stop printer)
  D [30/Jan/2011:21:06:20 +0100] [Job 51] Printer stopped due to backend errors; please consult the error_log file for details.
  D [30/Jan/2011:21:06:20 +0100] [Job 51] End of messages
  D [30/Jan/2011:21:06:20 +0100] [Job 51] printer-state=5(stopped)
  D [30/Jan/2011:21:06:20 +0100] [Job 51] printer-state-message="/usr/lib/cups/backend/hp failed"
  D [30/Jan/2011:21:06:20 +0100] [Job 51] printer-state-reasons=paused
  E [30/Jan/2011:21:11:22 +0100] [Job 51] Stopping unresponsive job!
  Hope you can help me out.

  timm wrote:it now requires a microsoft sql server.
  You may try using Sybase ASE; for long time (until 6.0), MS SQL Server was just Sybase with MS branding and even today differences are not so big (depending, of course, on specific application's needs). I have never tried such a setup, but connecting to MSSQL with Sybase client libraries works OK, maybe you'd have luck in opposite direction.
  There is a document on migrating apps from MSSQL to ASE; I know this is not the case, but there are some valuable information about differences between those RDBMSs that may help you to decide whether there are chances to succeed or not.

• Setting up archlinux server

  Hi, I'm fairly new to archlinux, so I'm not quite sure how everything works yet. I've been running Arch for some weeks now on my desktop and I like the concept. So I'm considering moving my server from Gentoo to Arch. It would basically be a LAMP+NFS+SAMBA+FTP server. The reason I'm considering dropping gentoo is because it's such a pain to upgrade. Now I'm wondering would there be any danger running 'pacman -Syu --noconfim' as a cron job ? I'm thinking I would email myself the output of the progress. But what about config files etc? How does Arch handle updated config files?
  Any other tips regarding setting up an arch server?

  I only upgrade my server once every couple of months, not seeing the output as it happens and dealing with any problems immediately is asking for problems with rolling release I feel.  But a upgrade every two months with care is likely to cause less problems.  I haven't had a problem in 18 mths, I run everything you mentioned plus an rsync server.
  man pacman
  HANDLING CONFIG FILES
  pacman uses the same logic as rpm to determine action against files that are designated to be backed up. During an upgrade, 3 md5 hashes are used for each backup file to determine the
  required action: one for the original file installed, one for the new file that's about to be installed, and one for the actual file existing on the filesystem. After comparing these
  3 hashes, the follow scenarios can result:
  original=X, current=X, new=X
  All three files are the same, so overwrites are not an issue Install the new file.
  original=X, current=X, new=Y
  The current file is the same as the original but the new one differs. Since the user did not ever modify the file, and the new one may contain improvements or bugfixes,
  install the new file.
  original=X, current=Y, new=X
  Both package versions contain the exact same file, but the one on the filesystem has been modified. Leave the current file in place.
  original=X, current=Y, new=Y
  The new file is identical to the current file. Install the new file.
  original=X, current=Y, new=Z
  All three files are different, so install the new file with a .pacnew extension and warn the user. The user must then manually merge any necessary changes into the original
  file.
  Last edited by gazj (2008-01-08 23:56:29)

• Fresh archlinux server install, something seems wrong

  Hi there!
  Haven't updated my archlinux build on my server since well years, because i've been very content with the stable product. Now after error after error trying to build a newer version of sabnzbd, I decided to re-install archlinux instead. I've noticed a lot of new additions since I last installed archlinux, or linux in general.
  This is a clean install with very little added. I did however install aria2 (for performance). Everytime I try to run a pacman upgrade I recieve this huge output of information, is this normal?
  #Pacman -Syu
  output
  http://pastebin.com/m6eWgqAD
  pacman.conf
  http://pastebin.com/zx5Dqvzm
  Thank You

  It looks like signatures are missing from your mirror:
  2012-08-05 15:16:28.600735 ERROR - CUID#6 - Download aborted. URI=http://ftp.lysator.liu.se/pub/archlinux/community/os/x86_64/community.db.sig
  Exception: [AbstractCommand.cc:303] errorCode=3 URI=http://ftp.lysator.liu.se/pub/archlinux/community/os/x86_64/community.db.sig
  -> [HttpSkipResponseCommand.cc:211] errorCode=3 Resource not found
  2012-08-05 15:16:28.600989 NOTICE - Download GID#1 not complete: //var/lib/pacman/sync/community.db.sig.part
  As mentioned, use the official mirrors and pacman, and make sure you init the pacman keyring

• [solved]printing from Windows 7 to ArchLinux server.

  I have read https://wiki.archlinux.org/index.php/CU … er_sharing
  but cannot recognizing my printer from Windows 7 machine. I have added the workgroup in smb.conf but i don't know if  should i put the password and where, i can go from w7  to archLinuxhost:631 and send a test page to print, but i cannot add to  w7 the  printer.
  Last edited by fpilee (2012-11-14 13:09:01)

  solved follow the steps from https://wiki.archlinux.org/index.php/CU … er_sharing
  then go to localhost:631 and share the printer,
  next go to the w7 machine and browse in the navigator archLinuxMachineIP:631 and copy the URL for the printer in printers tabs,
  then add on w7 this url and select the driver.
  you have to add a address reservation in your router to the machine with the printer,
  Last edited by fpilee (2012-11-14 13:11:17)

• Archlinux server status script in PHP

  Screenshot: http://www.barrucadu.co.uk/server/serverstatus.png
  This script shows system information (you'll have to tweak the commands using sensors for your system), and daemons. Also displays a notice if a daemon isn't running. I've divided its display of daemons into three parts - all, services, and utilities. I've called a daemon a service if the outside world benefits directly from it, and a utility if it's more of an internal thing. For example, samba would be a service and crond a utility.
  PHP script:
  <?php
  function daemon_running($daemon)
  $checkpath = '/var/run/daemons';
  return exec("ls -l {$checkpath} | grep {$daemon}");
  $name = 'Eihort';
  $statuses = array('Northbridge fan speed' => array('', 'sensors | grep fan1 | sed -e "s/fan1:\s*\([0-9]*\).*/\\1/"', ' RPM'),
  'CPU temperature' => array('', 'sensors | grep temp3 | sed -e "s/temp3:\s*+\([0-9]*\).*/\\1/"', '°C'),
  'HDD temperature' => array('', 'sudo hddtemp -n /dev/sda', '°C'),
  'Memory usage' => array('', 'free -m | grep "buffers/cache" | sed -e "s/-\/+ buffers\/cache:\s*\([0-9]*\)\s*\([0-9]*\).*/\\1 \/ \\2/"', ' MB'),
  'Load averages' => array('', 'uptime | sed "s/.*load average: \(.*\)/\\1/"', ''),
  'Uptime' => array('', 'uptime | sed "s/.*up\s*\([0-9\:]*\).*/\\1/"', ''),
  'Package updates' => array('', '/usr/local/bin/updates', ''),
  'Logged in users' => array('', '/usr/local/bin/userson', ''));
  $services = array('bitlbee' => 'Instant messaging gateway.',
  'httpd' => 'The Apache web server.',
  'mysqld' => 'MySQL Database server.',
  'named' => 'BIND9 DNS server.',
  'openntpd' => 'Network time server.',
  'rtorrent' => 'Torrent client,',
  'samba' => 'File-sharing system.',
  'sshd' => 'Secure Shell',
  'vsftpd' => 'Very Secure FTP Daemon.');
  $utilities = array('ivman' => 'Volume manager.',
  'sensors' => 'Hardware monitor.',
  'net-profiles' => 'Network manager.',
  'crond' => 'Task scheduler.',
  'hal' => 'Hardware Abstraction Layer.',
  'dbus' => 'IPC Bus.',
  'syslog-ng' => 'System monitor.',
  'uptimed' => 'Uptime recorder.');
  $output = array('status' => array(),
  'services' => array(),
  'utilities' => array());
  foreach($statuses as $status => $details)
  $output['status'][] = array($status, $details[0] . shell_exec($details[1]) . $details[2]);
  foreach($services as $service => $description)
  $output['services'][] = array($service, daemon_running($service) ? "On" : "Off");
  foreach($utilities as $utility => $description)
  $output['utilities'][] = array($utility, daemon_running($utility) ? "On" : "Off");
  ?>
  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
  <head>
  <meta http-equiv="Content-Type" content="application/xhtml+xml; charset=utf8"/>
  <meta name="author" content="Michael Walker"/>
  <meta name="robots" content="FOLLOW,INDEX"/>
  <title><?php echo $name; ?> Status</title>
  <link rel="stylesheet" href="style.css" type="text/css" />
  </head>
  <body>
  <div id="header">
  <h1><?php echo $name; ?></h1>
  <table>
  <?php
  $half = count($output['status']) / 2;
  for($i = 0; $i < count($output['status']); $i ++)
  if($i == $half) echo '</table><table>';
  $j = ($i < $half) ? $i + $half : $i - $half;
  echo '<tr>';
  echo "<td class=\"head\">{$output['status'][$j][0]}</td>";
  echo "<td>{$output['status'][$j][1]}</td>";
  echo '</tr>';
  ?>
  </table>
  </div>
  <ul id="tabs">
  <li><a href="/">All</a></li>
  <li><a href="/?type=services">Services</a></li>
  <li><a href="/?type=utilities">Utilities</a></li>
  </ul>
  <div id="content">
  <table>
  <?php
  $pool = array_merge($output['services'], $output['utilities']);
  if(isset($_GET['type']) && isset($output[$_GET['type']])) {
  $pool = $output[$_GET['type']];
  $odd = True;
  foreach($pool as $info)
  $summary = (isset($services[$info[0]])) ? $services[$info[0]] : $utilities[$info[0]];
  echo ($odd) ?'<tr class="odd">' : '<tr>';
  echo "<td class=\"head\">{$info[0]}<br/><span class=\"summary\">{$summary}</span></td>";
  echo ($info[1] == "On") ? '<td class="good">Up</td>' : '<td class="bad">Down</td>';
  echo '</tr>';
  $odd = !$odd;
  ?>
  </table>
  </div>
  </body>
  </html>
  This is configured for my server, but I'm sure you can figure out what you need to change.
  The CSS file:
  body
  background-color:#E2E5B4;
  font-family:Liberation Sans, DejaVu Sans, Verdana, Arial, sans-serif;
  font-size:13px;
  color:#474750;
  padding:0px 0px 10px 0px;
  margin:0px;
  div#header
  border-bottom:3px solid #C8A654;
  padding:16px;
  background-color:#313D40;
  div#header h1
  display:inline;
  font-size:7em;
  color:#74B331 ;
  div#header table
  position:relative;
  right:64px;
  margin:0px 16px 0px 16px;
  float:right;
  color:#93FF20;
  border:1px solid #;
  div#header table td
  padding:3px;
  div#header table td.head
  width:200px;
  font-weight:bold;
  ul#tabs
  list-style:none;
  position:relative;
  top:-3px;
  padding:0px;
  margin:0px;
  ul#tabs li {
  float:left;
  margin:0px 16px 0px 16px;
  width:100px;
  border-left:3px solid #C8A654;
  border-right:3px solid #C8A654;
  border-bottom:3px solid #C8A654;
  background-color:#313D40;
  text-align:center;
  ul#tabs li a
  color:#FF3709;
  font-weight:bold;
  font-size:10px;
  text-decoration:none;
  ul#tabs li a:hover
  font-weight:normal;
  div#content
  clear:both;
  padding:24px 128px 0px 128px;
  margin:0px;
  div#content table
  border-spacing:0px;
  border:3px solid #C8A654;
  color:#FDFED2;
  width:100%;
  div#content td.head
  font-weight:bold;
  width:95%;
  div#content tr td
  background-color:#3E4147;
  padding:10px;
  div#content tr.odd td
  background-color:#27333A;
  div#content span.summary
  font-weight:normal;
  font-size:10px;
  div#content td.good
  color:#A4D933;
  div#content td.bad
  color:#FF3709;
  Note: in the services and utilities array it's not the name of the daemon, but the name of the file it creates in /var/run/daemons/.
  Note 2: The /usr/local/bin/updates is just a script to grab the number of updates from pacman.
  Last edited by Barrucadu (2009-07-26 14:54:28)

  I like it!
  I'll give this a crack when I get home tonight.

• HowTo install archlinux to a far away server?

  HowTo install archlinux to a far away server?
  or what about Archbootstrap?
  I have a server far away from me with software raid on it.
  It is running a different distro and i want to install archlinux on it.
  I was thinging to break the sw raid and use something like archbootstrap.
  I could install archlinux to one hard disk, fix the network and then
  add a new grub entry and reboot. Then i could rebuild the sf raid and configure
  my new archlinux server as i want.
  I've tried archbootstrap to my PC first and try to install archlinux to a different partition
  (same logic to want i need to do). I found some trouble, I even hack a little the script
  to fix some initial problems but i cant find a way to run it correctly.
  Is there another way? Can someone point me to a direction?
  PS: i've already looked up the forum and wiki - couldnt find anything useful (yet).

  With pacman-static from the French mirror and small fixes worked perfectly
  Unfortunately i couldnt find an official pacman-static on ftp.archlinux.org
  I 've tried to create a pacman-static from the source of pacman - but my efforts werent successful
  But in the end i was able to do what i really wanted with one way or another.
  thanks finferflu for hint

• [Solved] Owncloud can't access remotely if not on root of server

  I installed Owncloud on a new archlinux server I have. It will be used as a firewall and router (it has 2 nics)
  The default owncloud package from AUR makes a config file for apache that creates a virtual host on port 80 of the server pointing to owncloud.
  So when I browse the servers IP from the lan, I get owncloud's web interface.
  But I want to access that interface from a /owncloud address so I can use the root of the web server to host a page with links to different services and some info that will be useful for the people on that lan. So I removed the virtual host from the conf file.
  Now i can only access the web interface if i browse on the server it self. But when I try from a computer on the lan I get the "https" on the url bar and a "can't connect" error.
  the modified owncloud.conf for the apache server is this: http://pastebin.com/nJrYWh3r
  How can I "move" the owncloud to use 192.168.0.1/owncloud on the lan for the web interface?
  Last edited by santodelaespada (2012-08-31 20:35:32)

  teekay wrote:
  It should work already as the default config also sets an /owncloud alias. If it doesn't work, try
  ln -s /usr/share/webapps/owncloud /srv/http/owncloud
  It worked before when I first tested owncloud (6 months ago)
  the symlink works if I remove apaches owncloud conf file.
  I'll mark this as solved, but it should work with the conf file in place, not the symlink on the filesystem.
  Thanks, I don't know why i did not try that before

• ISPConfig don't compile with archlinux because a RSA key mistake !

  Hello word,
  I tried to compile ISPConfig on my archlinux server don't panic following this instructions:
  http://wiki.archlinux.be/installation_d … _archlinux
  When apache compile a error message say "Failed to generate RSA private key"
  This is the full message
  Signature Algorithm ((R)SA or (D)SA) [R]:
  STEP 1: Generating RSA private key for CA (1024 bit) [ca.key]
  82270 semi-random bytes loaded
  Generating RSA private key, 1024 bit long modulus
  ........++++++
  ......++++++
  e is 65537 (0x10001)
  ./support/mkcert.sh: line 140: 3274 Instruction illégale $openssl genrsa -rand $randfiles -out $sslkeydir/ca.key 1024
  mkcert.sh:Error: Failed to generate RSA private key
  make[1]: *** [certificate] Erreur 1
  make[1]: quittant le répertoire « /root/Net-Ident-1.20/install_ispconfig/compile_aps/apache_1.3.37/src »
  make: *** [certificate] Erreur 2
  ERROR: Could not make certificate for Apache
  I don't find the trouble ...
  Can you help me ! Please.

  I tried to install ISPConfig on FreeBSD 6.2 and ... it's work fine !
  I like Archlinux as linux desktop but why Archlinux don't work with ISPConfig ?
  Someboby can help me ?

• Sharing Files Between 3 Arch Computers Using SAMBA [SOLVED]

  I am trying to network 3 of my computers together.  They are all running Arch 64.  I setup the smb.conf file according to various tutorials and then the folders show up on the other computers, but when you double click them (using Gnome 3) it gives an error "unable to mount location, failed to mount windows share"
  I know this has to be some permission issue but I have spent hours on this and am hitting a brick wall.  Here is my smb.conf file.
  #======================= Global Settings =====================================
  [global]
  # workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
  workgroup = WORKGROUP
  # server string is the equivalent of the NT Description field
  server string = Samba Server
  # Security mode. Defines in which mode Samba will operate. Possible
  # values are share, user, server, domain and ads. Most people will want
  # user level security. See the Samba-HOWTO-Collection for details.
  security = share
  guest account = nobody
  [Z]
  path = /media/Z
  public = yes
  guest ok = yes
  writeable = yes
  only guest = yes
  browseable = yes
  [Documents]
  path = /home/myname/Documents
  public = yes
  guest ok = yes
  writeable = yes
  browseable = yes
  only guest = yes
  # This option is important for security. It allows you to restrict
  # connections to machines which are on your local network. The
  # following example restricts access to two C class networks and
  # the "loopback" interface. For more examples of the syntax see
  # the smb.conf man page
  ; hosts allow = 192.168.1. 192.168.2. 127.
  # If you want to automatically load your printer list rather
  # than setting them up individually then you'll need this
  load printers = yes
  # you may wish to override the location of the printcap file
  ; printcap name = /etc/printcap
  # on SystemV system setting printcap name to lpstat should allow
  # you to automatically obtain a printer list from the SystemV spool
  # system
  ; printcap name = lpstat
  # It should not be necessary to specify the print system type unless
  # it is non-standard. Currently supported print systems include:
  # bsd, cups, sysv, plp, lprng, aix, hpux, qnx
  ; printing = cups
  # Uncomment this if you want a guest account, you must add this to /etc/passwd
  # otherwise the user "nobody" is used
  ; guest account = pcguest
  # this tells Samba to use a separate log file for each machine
  # that connects
  log file = /var/log/samba/%m.log
  # Put a capping on the size of the log files (in Kb).
  max log size = 50
  # Use password server option only with security = server
  # The argument list may include:
  # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
  # or to auto-locate the domain controller/s
  # password server = *
  ; password server = <NT-Server-Name>
  # Use the realm option only with security = ads
  # Specifies the Active Directory realm the host is part of
  ; realm = MY_REALM
  # Backend to store user information in. New installations should
  # use either tdbsam or ldapsam. smbpasswd is available for backwards
  # compatibility. tdbsam requires no further configuration.
  ; passdb backend = tdbsam
  # Using the following line enables you to customise your configuration
  # on a per machine basis. The %m gets replaced with the netbios name
  # of the machine that is connecting.
  # Note: Consider carefully the location in the configuration file of
  # this line. The included file is read at that point.
  ; include = /usr/local/samba/lib/smb.conf.%m
  # Configure Samba to use multiple interfaces
  # If you have multiple network interfaces then you must list them
  # here. See the man page for details.
  ; interfaces = 192.168.12.2/24 192.168.13.2/24
  # Browser Control Options:
  # set local master to no if you don't want Samba to become a master
  # browser on your network. Otherwise the normal election rules apply
  ; local master = no
  # OS Level determines the precedence of this server in master browser
  # elections. The default value should be reasonable
  ; os level = 33
  # Domain Master specifies Samba to be the Domain Master Browser. This
  # allows Samba to collate browse lists between subnets. Don't use this
  # if you already have a Windows NT domain controller doing this job
  ; domain master = yes
  # Preferred Master causes Samba to force a local browser election on startup
  # and gives it a slightly higher chance of winning the election
  ; preferred master = yes
  # Enable this if you want Samba to be a domain logon server for
  # Windows95 workstations.
  ; domain logons = yes
  # if you enable domain logons then you may want a per-machine or
  # per user logon script
  # run a specific logon batch file per workstation (machine)
  ; logon script = %m.bat
  # run a specific logon batch file per username
  ; logon script = %U.bat
  # Where to store roving profiles (only for Win95 and WinNT)
  # %L substitutes for this servers netbios name, %U is username
  # You must uncomment the [Profiles] share below
  ; logon path = \\%L\Profiles\%U
  # Windows Internet Name Serving Support Section:
  # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
  ; wins support = yes
  # WINS Server - Tells the NMBD components of Samba to be a WINS Client
  # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
  ; wins server = w.x.y.z
  # WINS Proxy - Tells Samba to answer name resolution queries on
  # behalf of a non WINS capable client, for this to work there must be
  # at least one WINS Server on the network. The default is NO.
  ; wins proxy = yes
  # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
  # via DNS nslookups. The default is NO.
  dns proxy = no
  # These scripts are used on a domain controller or stand-alone
  # machine to add or delete corresponding unix accounts
  ; add user script = /usr/sbin/useradd %u
  ; add group script = /usr/sbin/groupadd %g
  ; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u
  ; delete user script = /usr/sbin/userdel %u
  ; delete user from group script = /usr/sbin/deluser %u %g
  ; delete group script = /usr/sbin/groupdel %g
  #============================ Share Definitions ==============================
  [homes]
  comment = Home Directories
  browseable = no
  writable = yes
  [Z]
  path = /media/Z
  public = yes
  guest ok = yes
  writable = yes
  only guest = yes
  browseable = yes
  # Un-comment the following and create the netlogon directory for Domain Logons
  ; [netlogon]
  ; comment = Network Logon Service
  ; path = /usr/local/samba/lib/netlogon
  ; guest ok = yes
  ; writable = no
  ; share modes = no
  # Un-comment the following to provide a specific roving profile share
  # the default is to use the user's home directory
  ;[Profiles]
  ; path = /usr/local/samba/profiles
  ; browseable = no
  ; guest ok = yes
  # NOTE: If you have a BSD-style print system there is no need to
  # specifically define each individual printer
  [printers]
  comment = All Printers
  path = /var/spool/samba
  browseable = no
  # Set public = yes to allow user 'guest account' to print
  guest ok = no
  writable = no
  printable = yes
  # This one is useful for people to share files
  ;[tmp]
  ; comment = Temporary file space
  ; path = /tmp
  ; read only = no
  ; public = yes
  # A publicly accessible directory, but read only, except for people in
  # the "staff" group
  ;[public]
  ; comment = Public Stuff
  ; path = /home/samba
  ; public = yes
  ; writable = no
  ; printable = no
  ; write list = @staff
  # Other examples.
  # A private printer, usable only by fred. Spool data will be placed in fred's
  # home directory. Note that fred must have write access to the spool directory,
  # wherever it is.
  ;[fredsprn]
  ; comment = Fred's Printer
  ; valid users = fred
  ; path = /homes/fred
  ; printer = freds_printer
  ; public = no
  ; writable = no
  ; printable = yes
  # A private directory, usable only by fred. Note that fred requires write
  # access to the directory.
  ;[fredsdir]
  ; comment = Fred's Service
  ; path = /usr/somewhere/private
  ; valid users = fred
  ; public = no
  ; writable = yes
  ; printable = no
  # a service which has a different directory for each machine that connects
  # this allows you to tailor configurations to incoming machines. You could
  # also use the %U option to tailor it by user name.
  # The %m gets replaced with the machine name that is connecting.
  ;[pchome]
  ; comment = PC Directories
  ; path = /usr/pc/%m
  ; public = no
  ; writable = yes
  # A publicly accessible directory, read/write to all users. Note that all files
  # created in the directory by users will be owned by the default user, so
  # any user with access can delete any other user's files. Obviously this
  # directory must be writable by the default user. Another user could of course
  # be specified, in which case all files would be owned by that user instead.
  ;[public]
  ; path = /usr/somewhere/else/public
  ; public = yes
  ; only guest = yes
  ; writable = yes
  ; printable = no
  [Z]
  path = /media/Z
  public = yes
  guest ok = yes
  writable = yes
  only guest = yes
  browseable = yes
  # The following two entries demonstrate how to share a directory so that two
  # users can place files there that will be owned by the specific users. In this
  # setup, the directory should be writable by both users and should have the
  # sticky bit set on it to prevent abuse. Obviously this could be extended to
  # as many users as required.
  ;[myshare]
  ; comment = Mary's and Fred's stuff
  ; path = /usr/somewhere/shared
  ; valid users = mary fred
  ; public = no
  ; writable = yes
  ; printable = no
  ; create mask = 0765
  I know Z is in there twice, I tried adding it in a different spot after watching a tutorial, this doesn't have any bearing on my problem.
  Last edited by LuckyStrike (2012-02-18 00:26:51)

  Try setting it up this way...
  #======================= Global Settings =======================
  [global]
  log file = /var/log/samba/log.%m
  so_rcvbuf = 8192 SO_SNDBUF=8192
  passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
  obey pam restrictions = yes
  socket options = TCP_NODELAY
  map to guest = bad user
  encrypt passwords = true
  passdb backend = tdbsam
  passwd program = /usr/bin/passwd %u
  dns proxy = no
  netbios name = ArchLinux
  server string = %h server (Samba, Arch)
  path = /home/username
  default = global
  unix password sync = yes
  os level = 20
  auto services = homes
  syslog = 0
  panic action = /usr/share/samba/panic-action %d
  usershare allow guests = yes
  max log size = 1000
  pam password change = yes
  #======================= Share Definitions =======================
  [Home]
  guest account = nobody
  comment = Home Folder
  writeable = yes
  [Z]
  guest account = nobody
  comment = Z-Drive
  writeable = yes
  path = /media/Z
  [Documents]
  guest account = nobody
  comment = Documents Folder
  writeable = yes
  path = /home/myname/Documents
  Changing the username parts and other as necessary of course.

• Can't use ssh publickey, but only for a single host

  I've been using publickeys for a long time to connect my laptop to my server, but lately I can't connect when I'm in this place only.
  It is the same key and it works perfectly, except when I'm in this specific network. And it doesn't seem to be a firewall issue, because the remote server actually logs the attempt.
  I'm all out of ideas. Nothing I try has any effect.
  ssh -vvv
  OpenSSH_6.1p1, OpenSSL 1.0.1e 11 Feb 2013
  debug1: Reading configuration data /home/<user>/.ssh/config
  debug1: /home/<user>/.ssh/config line 14: Applying options for <host>
  debug1: Reading configuration data /etc/ssh/ssh_config
  debug2: ssh_connect: needpriv 0
  debug1: Connecting to <host> port 443.
  debug1: Connection established.
  debug3: Incorrect RSA1 identifier
  debug3: Could not load "/home/<user/.ssh/id_rsa" as a RSA1 public key
  debug1: identity file /home/<user>/.ssh/id_rsa type 1
  debug1: identity file /home/<user>/.ssh/id_rsa-cert type -1
  debug1: identity file /home/<user>/.ssh/id_dsa type -1
  debug1: identity file /home/<user>/.ssh/id_dsa-cert type -1
  debug1: identity file /home/<user>/.ssh/id_ecdsa type -1
  debug1: identity file /home/<user>/.ssh/id_ecdsa-cert type -1
  debug1: Remote protocol version 2.0, remote software version OpenSSH_6.1
  debug1: match: OpenSSH_6.1 pat OpenSSH*
  debug1: Enabling compatibility mode for protocol 2.0
  debug1: Local version string SSH-2.0-OpenSSH_6.1
  debug2: fd 3 setting O_NONBLOCK
  debug3: put_host_port: <host>:443
  debug3: load_hostkeys: loading entries for host "<host>:443" from file "/home/<user>/.ssh/known_hosts"
  debug3: load_hostkeys: found key type RSA in file /home/<user>/.ssh/known_hosts:1
  debug3: load_hostkeys: loaded 1 keys
  debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa
  debug1: SSH2_MSG_KEXINIT sent
  debug1: SSH2_MSG_KEXINIT received
  debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss
  debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
  debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
  debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
  debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
  debug2: kex_parse_kexinit: [email protected],zlib,none
  debug2: kex_parse_kexinit: [email protected],zlib,none
  debug2: kex_parse_kexinit:
  debug2: kex_parse_kexinit:
  debug2: kex_parse_kexinit: first_kex_follows 0
  debug2: kex_parse_kexinit: reserved 0
  debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
  debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
  debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
  debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
  debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
  debug2: kex_parse_kexinit: none,[email protected]
  debug2: kex_parse_kexinit: none,[email protected]
  debug2: kex_parse_kexinit:
  debug2: kex_parse_kexinit:
  debug2: kex_parse_kexinit: first_kex_follows 0
  debug2: kex_parse_kexinit: reserved 0
  debug2: mac_setup: found hmac-md5
  debug1: kex: server->client aes128-ctr hmac-md5 [email protected]
  debug2: mac_setup: found hmac-md5
  debug1: kex: client->server aes128-ctr hmac-md5 [email protected]
  debug1: sending SSH2_MSG_KEX_ECDH_INIT
  debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
  debug1: Server host key: <host key>
  debug3: put_host_port: <host>:443
  debug3: put_host_port: <host>:443
  debug3: load_hostkeys: loading entries for host "<host>:443" from file "/home/<user>/.ssh/known_hosts"
  debug3: load_hostkeys: found key type RSA in file /home/<user>/.ssh/known_hosts:1
  debug3: load_hostkeys: loaded 1 keys
  debug3: load_hostkeys: loading entries for host "<host>:443" from file "/home/<user>/.ssh/known_hosts"
  debug3: load_hostkeys: found key type RSA in file /home/<user>/.ssh/known_hosts:11
  debug3: load_hostkeys: loaded 1 keys
  debug1: Host '<host>:443' is known and matches the RSA host key.
  debug1: Found key in /home/<user>/.ssh/known_hosts:1
  debug1: ssh_rsa_verify: signature correct
  debug2: kex_derive_keys
  debug2: set_newkeys: mode 1
  debug1: SSH2_MSG_NEWKEYS sent
  debug1: expecting SSH2_MSG_NEWKEYS
  debug2: set_newkeys: mode 0
  debug1: SSH2_MSG_NEWKEYS received
  debug1: Roaming not allowed by server
  debug1: SSH2_MSG_SERVICE_REQUEST sent
  debug2: service_accept: ssh-userauth
  debug1: SSH2_MSG_SERVICE_ACCEPT received
  debug2: key: /home/<user>/.ssh/id_rsa (0x1d61230)
  debug2: key: /home/<user>/.ssh/id_dsa ((nil))
  debug2: key: /home/<user>/.ssh/id_ecdsa ((nil))
  debug1: Authentications that can continue: publickey
  debug3: start over, passed a different list publickey
  debug3: preferred publickey,keyboard-interactive,password
  debug3: authmethod_lookup publickey
  debug3: remaining preferred: keyboard-interactive,password
  debug3: authmethod_is_enabled publickey
  debug1: Next authentication method: publickey
  debug1: Offering RSA public key: /home/<user>/.ssh/id_rsa
  debug3: send_pubkey_test
  debug2: we sent a publickey packet, wait for reply
  and this is the log from journalctl
  Mar 27 09:38:29 xen sudo[29258]: pam_unix(sudo:session): session closed for user root
  Mar 27 09:38:32 xen sshd[29196]: debug1: Forked child 590.
  Mar 27 09:38:32 xen sshd[590]: Set /proc/self/oom_score_adj to 0
  Mar 27 09:38:32 xen sshd[590]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
  Mar 27 09:38:32 xen sshd[590]: debug1: inetd sockets after dupping: 3, 3
  Mar 27 09:38:32 xen sshd[590]: Connection from <host> port 54330
  Mar 27 09:38:32 xen sshd[590]: debug1: Client protocol version 2.0; client software version OpenSSH_6.1
  Mar 27 09:38:32 xen sshd[590]: debug1: match: OpenSSH_6.1 pat OpenSSH*
  Mar 27 09:38:32 xen sshd[590]: debug1: Enabling compatibility mode for protocol 2.0
  Mar 27 09:38:32 xen sshd[590]: debug1: Local version string SSH-2.0-OpenSSH_6.1
  Mar 27 09:38:32 xen sshd[590]: debug1: permanently_set_uid: 99/99 [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: SSH2_MSG_KEXINIT sent [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: SSH2_MSG_KEXINIT received [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: kex: client->server aes128-ctr hmac-md5 [email protected] [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: kex: server->client aes128-ctr hmac-md5 [email protected] [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: SSH2_MSG_NEWKEYS received [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: KEX done [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: userauth-request for user <user> service ssh-connection method none [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: attempt 0 failures 0 [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: PAM: initializing for "<user>"
  Mar 27 09:38:32 xen sshd[590]: debug1: PAM: setting PAM_RHOST to "<host>"
  Mar 27 09:38:32 xen sshd[590]: debug1: PAM: setting PAM_TTY to "ssh"
  Mar 27 09:38:32 xen sshd[590]: debug1: userauth-request for user <user> service ssh-connection method publickey [prea
  Mar 27 09:38:32 xen sshd[590]: debug1: attempt 1 failures 0 [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: test whether pkalg/pkblob are acceptable [preauth]
  Mar 27 09:38:32 xen sshd[590]: debug1: temporarily_use_uid: 1000/100 (e=0/0)
  Mar 27 09:38:32 xen sshd[590]: debug1: trying public key file /home/<user>/.ssh/authorized_keys
  Mar 27 09:38:32 xen sshd[590]: debug1: fd 4 clearing O_NONBLOCK
  Mar 27 09:38:32 xen sshd[590]: debug1: matching key found: file /home/<user>/.ssh/authorized_keys, line 1
  Mar 27 09:38:32 xen sshd[590]: Found matching RSA key: <key>
  Mar 27 09:38:32 xen sshd[590]: debug1: restore_uid: 0/0
  Mar 27 09:38:32 xen sshd[590]: Postponed publickey for <user> from <host> port 54330 ssh2 [preauth]
  And it just hangs there forever.
  If I try to use the same key to log in to other servers (one debian and an openWRT router) it works just fine from this location. This key also works to log in to the archlinux server if I'm on other networks, such as my college's or my other workplace.
  Any help is very appreciated. As it stands, I have to log in to my debian server and from there I have to log in to my archlinux server. I wish I could just log in directly as I've done many times in the past.

  Hi,
  I don't know whether you've solved the issue in the meantime (your issue was three months ago), but I thought I'd post this reply just to let other people who run into this problem know what happened to me and how I solved it.
  I had exactly the same problem as you had. The logging in stopped at exactly the same point in the debugging trace. I too was experiencing the problem from a single network (multiple hosts on the network could not log onto a remote server). Logging into the remote server from other locations (even with the same laptop) worked fine.
  The problem turned out to be an MTU problem in my case. I was running an OpenVPN connection to the remote server, and I was logging into it over the VPN. No problems, usually, except for the fact that the network that I was logging in from is a glass fiber network using PPPoE. The MTU on that link is 1460 bytes, not the 1500 bytes that is more common. I had to reconfigure the OpenVPN interfaces (using the OpenVPN configuration options "mssfix 1360", "fragment 1360" and "tun-mtu 1400" on both sides of the connection) to use a smaller MTU on the OpenVPN tunX interface, and everything started working normally again.
  Obviously, the MTU was wrong for every connection going over the VPN, but the OpenVPN tunnel was somewhat resistant to this mistake because I turned on LZO compression, which made most packets that were transmitted over the OpenVPN interface (tunX) that were using an MTU of 1500 bytes smaller than the maximum allowed on the actual link. Anyway, the lesson is: set up your MTUs on your links correctly. And turn on "mssfix" so that if you're routing remote hosts' traffic over the OpenVPN tunnel, their TCP stacks will be made aware of the actual MTU of the link.
  Hope this helps somebody,
  Sven

• [Solved] Default interface routing issues

  I have two network interfaces connected to my newly installed ArchLinux server,  one LAN and one WAN connection.  The trouble is that all traffic that is trying to connect to the wan interface gets no response, while the LAN connection work without any issue.
  I am using udev to change my interfaces to lan0 and wan0, and i use netcfg to load the diffrent profiles.
  Lan0 uses a static local ip 192.168.0.118  with 192.168.0.2 as gateway
  Wan0 uses dhcp  with dynamic ip from my ISP.
  When i manually bring down my lan0 interface all my traffic goes through wan0 correctly, and it even responds to external calls.
  So i belive the issue lies somewhere in the local routing?
  I am trying to post all config files needed directly.
  /etc/rc.conf
  # /etc/rc.conf - Main Configuration for Arch Linux
  # LOCALIZATION
  # LOCALE: available languages can be listed with the 'locale -a' command
  # LANG in /etc/locale.conf takes precedence
  # DAEMON_LOCALE: If set to 'yes', use $LOCALE as the locale during daemon
  # startup and during the boot process. If set to 'no', the C locale is used.
  # HARDWARECLOCK: set to "", "UTC" or "localtime", any other value will result
  # in the hardware clock being left untouched (useful for virtualization)
  # Note: Using "localtime" is discouraged, using "" makes hwclock fall back
  # to the value in /var/lib/hwclock/adjfile
  # TIMEZONE: timezones are found in /usr/share/zoneinfo
  # Note: if unset, the value in /etc/localtime is used unchanged
  # KEYMAP: keymaps are found in /usr/share/kbd/keymaps
  # CONSOLEFONT: found in /usr/share/kbd/consolefonts (only needed for non-US)
  # CONSOLEMAP: found in /usr/share/kbd/consoletrans
  # USECOLOR: use ANSI color sequences in startup messages
  LOCALE="sv_SE.UTF-8"
  DAEMON_LOCALE="no"
  HARDWARECLOCK="UTC"
  TIMEZONE="Europe/Stockholm"
  KEYMAP="sv-latin1"
  CONSOLEFONT=
  CONSOLEMAP=
  USECOLOR="yes"
  # HARDWARE
  # MODULES: Modules to load at boot-up. Blacklisting is no longer supported.
  # Replace every !module by an entry as on the following line in a file in
  # /etc/modprobe.d:
  # blacklist module
  # See "man modprobe.conf" for details.
  MODULES=()
  # Udev settle timeout (default to 30)
  UDEV_TIMEOUT=30
  # Scan for FakeRAID (dmraid) Volumes at startup
  USEDMRAID="no"
  # Scan for BTRFS volumes at startup
  USEBTRFS="no"
  # Scan for LVM volume groups at startup, required if you use LVM
  USELVM="yes"
  # NETWORKING
  # HOSTNAME: Hostname of machine. Should also be put in /etc/hosts
  HOSTNAME="weed-devil"
  # Use 'ip addr' or 'ls /sys/class/net/' to see all available interfaces.
  # Wired network setup
  # - interface: name of device (required)
  # - address: IP address (leave blank for DHCP)
  # - netmask: subnet mask (ignored for DHCP) (optional, defaults to 255.255.255.0)
  # - broadcast: broadcast address (ignored for DHCP) (optional)
  # - gateway: default route (ignored for DHCP)
  # Static IP example
  # interface=eth0
  # address=192.168.0.2
  # netmask=255.255.255.0
  # broadcast=192.168.0.255
  # gateway=192.168.0.1
  # DHCP example
  # interface=eth0
  # address=
  # netmask=
  # gateway=
  #interface=eth0
  #address=
  #netmask=
  #broadcast=
  #gateway=
  # Setting this to "yes" will skip network shutdown.
  # This is required if your root device is on NFS.
  NETWORK_PERSIST="no"
  # Enable these netcfg profiles at boot-up. These are useful if you happen to
  # need more advanced network features than the simple network service
  # supports, such as multiple network configurations (ie, laptop users)
  # - set to 'menu' to present a menu during boot-up (dialog package required)
  # - prefix an entry with a ! to disable it
  # Network profiles are found in /etc/network.d
  # This requires the netcfg package
  NETWORKS=(sluggy local)
  # DAEMONS
  # Daemons to start at boot-up (in this order)
  # - prefix a daemon with a ! to disable it
  # - prefix a daemon with a @ to start it up in the background
  # If you are sure nothing else touches your hardware clock (such as ntpd or
  # a dual-boot), you might want to enable 'hwclock'. Note that this will only
  # make a difference if the hwclock program has been calibrated correctly.
  # If you use a network filesystem you should enable 'netfs'.
  DAEMONS=(syslog-ng !ufw !network net-profiles @alsa crond dbus sshd lircd sensors mysqld @ddclient @hddtemp httpd samba stunnel sabnzbd sickbeard)
  /etc/network.d/sluggy
  CONNECTION='ethernet'
  DESCRIPTION='A basic dhcp ethernet connection using iproute'
  INTERFACE='wan0'
  IP='dhcp'
  ## for DHCPv6
  #IP6='dhcp'
  ## for IPv6 autoconfiguration
  #IP6='stateless'
  /etc/network.d/local
  CONNECTION='ethernet'
  DESCRIPTION='A basic static ethernet connection using iproute'
  INTERFACE='lan0'
  IP='static'
  ADDR='192.168.0.118'
  GATEWAY='192.168.0.2'
  output of route -nl
  Destination Gateway Genmask Flags Metric Ref Use Iface
  0.0.0.0 192.168.0.2 0.0.0.0 UG 0 0 0 lan0
  0.0.0.0 85.24.137.1 0.0.0.0 UG 203 0 0 wan0
  85.24.137.0 0.0.0.0 255.255.255.0 U 203 0 0 wan0
  192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 lan0
  I have had this server running Ubuntu for the past 2 years with the same setup on the NIC's and there everything worked, so I guess i have become a little lazy.
  *EDIT* Updated my post with "code" block instead of quote
  Last edited by kurri (2011-11-01 22:07:14)

  kurri, please edit your post.
  When pasting code, please use [ code ] tags https://bbs.archlinux.org/help.php#bbcode
  like this
  It makes the code more readable and more convenient to scroll through.

• Pacman not able to download any packages but network appears up

  Here is what I get when trying to update my system right after a base install:
  # pacman -Syu
  warning: current locale is invalid; using default "C" locale
  :: Synchronizing package databases...
  error: failed retrieving file 'current.db.tar.gz' from mirrors.easynews.com : Not Found
  error: failed retrieving file 'current.db.tar.gz' from ftp.nethat.com : Connection timed out
  error: failed to synchronize current: Connection timed out
  error: failed retrieving file 'extra.db.tar.gz' from mirrors.easynews.com : Not Found
  error: failed retrieving file 'extra.db.tar.gz' from ftp.nethat.com : Connection timed out
  error: failed to synchronize extra: Connection timed out
  error: failed retrieving file 'community.db.tar.gz' from mirrors.easynews.com : Not Found
  error: failed retrieving file 'community.db.tar.gz' from ftp.nethat.com : Connection timed out
  error: failed to synchronize community: Connection timed out
  error: failed to synchronize any databases
  It looks like my network may be down, but I can ping sites like google and yahoo. Here is my pacman.conf file:
  # /etc/pacman.conf
  # See the pacman manpage for option directives
  # GENERAL OPTIONS
  [options]
  LogFile = /var/log/pacman.log
  HoldPkg = pacman glibc
  #XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
  # REPOSITORIES
  # - can be defined here or included from another file
  # - pacman will search repositories in the order defined here
  # - local/custom mirrors can be added here or in separate files
  # - repositories listed first will take precedence when packages
  # have identical names, regardless of version number
  #[testing]
  #Include = /etc/pacman.d/testing
  [current]
  # Add your preferred servers here, they will be used first
  Server = http://mirrors.easynews.com/linux/archlinux/
  #Server = ftp://ftp-linux.cc.gatech.edu/pub/linux/distributions/archlinux/
  Include = /etc/pacman.d/current
  [extra]
  # Add your preferred servers here, they will be used first
  Server = http://mirrors.easynews.com/linux/archlinux/
  #Server = ftp://ftp-linux.cc.gatech.edu/pub/linux/distributions/archlinux/
  Include = /etc/pacman.d/extra
  [community]
  # Add your preferred servers here, they will be used first
  Server = http://mirrors.easynews.com/linux/archlinux/
  #Server = ftp://ftp-linux.cc.gatech.edu/pub/linux/distributions/archlinux/
  Include = /etc/pacman.d/community
  #[unstable]
  # Add your preferred servers here, they will be used first
  #Server = ftp://ftp-linux.cc.gatech.edu/pub/linux/distributions/archlinux/
  #Include = /etc/pacman.d/unstable
  # An example of a custom package repository. See the pacman manpage for
  # tips on creating your own repositories.
  #[custom]
  #Server = file:///home/custompkgs
  I first tried with FTP mirrors, and then with HTTP mirrors. Both did not work.
  Any suggestions?
  EDIT: I also keep getting this error when running any pacman command:
  warning: current locale is invalid; using default "C" locale
  Last edited by zgerrz (2007-06-10 02:01:39)

  Welcome to Arch
  You don't have the full path for Easynews. For 32 bit Current, Easynews would look like this:
  Server = http://mirrors.easynews.com/linux/archlinux/current/os/i686
  Extra:
  Server = http://mirrors.easynews.com/linux/archlinux/extra/os/i686
  And so on...
  Last edited by skottish (2007-06-10 02:06:08)

• [SOLVED] SNMP V3 timeout problem

  Hi,
  I would like to use SNMP V3 with a archlinux server. I know how to do with a debian server but when I use the same configuration it doensn't work.
  I use this command to create a user:
  net-snmp-config --create-snmpv3-user -a SHA -A password -x DES -X password username
  The /etc/snmp/snmpd.conf file:
      rouser username
      view all included .1
      view system included .iso.org.dod.internet.mgmt.mib-2.system
      syslocation  machinename
      syscontact hostmaster
  When I try to run snmpd with /etc/rc.d/snmpd start or use this command "/usr/sbin/snmpd -Lsd -Lf /dev/null -u root -I -smux -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf"
  This command work on debian (but with the user snmp instead of root).
  I have this error when I try to test it : snmpget: Timeout (Sub-id not found: (top) -> sysUpTime)
  netstat result looks good: udp        0      0 *:snmp                  *:*   
  Have you got an idea ?
  Thanks
  Last edited by auhly (2010-09-09 19:55:53)

  I found the solution thanks to another post (about snmp v1) in the forum.
  I didn't know that host.allow file is also use for localhost request.
  So I add snmpd: ALL: ALLOW inside.
  Hope it will help other people
  Last edited by auhly (2010-09-09 20:02:50)

• Samba4 user groups rights management problem

  Hey,
  I have a network with an archlinux server as only server on the network.
  On the server with samba3 there are different directories with different user and group rights. Every user was existing twice, as a Linux user and as a samba user. In the samba smb.conf force group was set to the linux group, the files were forced 660 and directories 770.
  user 1-4 were in officesmbgroup with access only to share1
  user 1-2 were in officesmbgroup and extrasmbgroup with access to share1 and share2
  all 4 users exist as linux users and have ssh access to the linux server
  Example working on samba3
  [share1]
  available = Yes
  browseable = Yes
  comment = office
  create mask = 660
  directory mask = 2770
  force create mode = 660
  force directory mode = 2770
  force group = officesmbuser
  guest ok = No
  path = /data/office
  writeable = Yes
  valid users = @officesmbuser
  [share2]
  available = Yes
  browseable = Yes
  comment = office
  create mask = 660
  directory mask = 2770
  force create mode = 660
  force directory mode = 2770
  force group = extrasmbuser
  guest ok = No
  path = /data/extra
  writeable = Yes
  valid users = @extrasmbuser
  As I understood with samba4 this is no longer possible because it is not possible to force a linux group in samba any more. I figured out to mange this in samba4 standalone role mode. But this has a big disadvantage: I had to set all files on the shares to 666 and folders to 777.
  Working wtih samba4 standalone role mode, but security problem
  [share1]
  available = Yes
  browseable = Yes
  comment = office
  create mask = 666
  directory mask = 2777
  force create mode = 666
  force directory mode = 2777
  guest ok = No
  path = /data/office
  writeable = Yes
  valid users = user1, user2, user3, user4
  [share2]
  available = Yes
  browseable = Yes
  comment = office
  create mask = 666
  directory mask = 2777
  force create mode = 666
  force directory mode = 2777
  guest ok = No
  path = /data/extra
  writeable = Yes
  valid users = user1, user2
  This would be a problem because linux user3 and user4 have ssh access and would have access to all files on both shares in all directories.
  Is there another way to manage this or do I have to set up active directory, manage group rights there and leave the local rights on the linux machine at 660 and 770?
  Thanks in advance

  Thanks Bill, that was really handy.
  I'd used the Add ID option without being on a specific store, and it had placed it under Digital IDs. It was still offering me the option to use that certificate to authenticate against the server with. I imported the certificate into the Windows Digital ID section it now authenticates against the server perfectly.
  So problem solved, although I'm still not 100% sure why the Import Digital ID places the certificates into a location which doesn't work with Rights Management, although I'm sure there's a good reason.
  I'll make sure that we only add to the Windows Digital ID container in Acrobat/Reader or import directly into the Personal Certificate store in Windows for the demonstration.
  Thanks for your help in fixing this.