Mount Windows DFS in Linux with Kerberos

1. Use case:
some time you need to transfer large data files (e.g. vmware image files) between a windows system and a linux system, what i did before is to use the winscp client to transfer the data from windows to linux, or use winscp client to get the data from linux to windows. Since it is a big sized file (2 GB), it will take about 30-60 minutes depending on your LAN speed.
The new Solution is to use a windows DFS shared drive in windows environment, and mount the windows DFS with kerberos in Linux Systems. So you can write and get the file from all of your systems. And it is very fast (10MB/s) in the file transfer.

2. Package needed:
smbclient, pam_krb5, krb5-client are needed for using kerberos to mount DFS.
In SLES11 just click kerberos client and smbclient in yast2, the package will be installed automatically.

3. Configure Kerberos in Linux:
/etc/krb5.conf:

[libdefaults]
default_realm = <your domain name in upper case>
udp_preference_limit = 0
[realms]
<your domain name in upper case> = {
kdc = <your Active Directory server name>.<your domain name>
}
[logging]
kdc = <FILE:/var/log/krb5/krb5kdc.log>
admin_server =<FILE:/var/log/krb5/kadmind.log>
default = SYSLOG:NOTICE:DAEMON

4. To apply for a TGT  in Shell:
$root> kinit <Username>
Mostly the first letter of your active directory Username should be in Uppercase.
klist checks, if you have a TGT (ticket granting ticket),  as result you should get the following in shell:
klist
Ticket cache:
<FILE:/tmp/krb5cc_500>
Default principal: < your username >@ < your domain name >
Valid starting           Expires                        Service principal
08/30/10 12:21:22  08/30/10 22:21:25  krbtgt/<your domain name>@<your domain name>
renew until 08/31/10 12:21:22

Becarefull in using the tgt for authetication, the client should have the same NTP time Server as the TGT Server.

5.a Mount as “root” Windows DFS shared drive with mount.cifs :
Mount Command:

/sbin/mount.cifs <share path> <mount path> -o user=<Username>,dom=<domain name in Uppercase>,{sec=krb5|password=xxxxxx}

e.g. /sbin/mount.cifs //dfs/Home/Dummy /windowsShare -o user=Dummy,dom=DOMAIN1,sec=krb5
in this case die windows share is unter “//dfs/Home/Dummy” reachable, and the mount path is /windowsShare in your linux, which should be created with “mkdir” before you mount DFS share, the user has the name “Dummy”. There should be NO files in the /windowsShare directory, otherwise the share directory will NOT be mounted.

5.b Access the Windows DFS shared drive as “no root user”:
If you don’t want to use root, you have to run “chmod u+s /sbin/mount.cifs” to allow user to call mount.cifs with setting the setuid-Bit (there should be no security issues about using this setuid-Bit). And then you can mount as “no root user” the windows DFS shared drive following the steps which are discripted in section 4.
If it is still not working for your linux system. Mount the DFS shared drive as “root” with the following command:

/sbin/mount.cifs <share path> <mount path> -o user=<Username>,dom=<domain name in Uppercase>,{sec=krb5|password=xxxxxx},uid=<read/write userid>
e.g.: /sbin/mount.cifs //dfs/Home/Dummy /windowsShare -o user=Dummy,dom=DOMAIN1,sec=krb5,uid=Dummy
In this Example the option “uid=Dummy” allowed user Dummy to access the DFS shared drive after the root user managed to mount it.

6. Make alias for the mount commands
in Dummy/home/.alias
$Dummy> vi .alias
insert the followint line to the .alias file:
alias mws=”/sbin/mount.cifs //dfs1/Home/Dummy /windowsShare -o user=Dummy,dom=DOMAIN1,sec=krb5″
alias ad=”kinit Dummy”
with this alias you only need to use the following commands to mount a windows DFS share:
$ Dummy> ad
$ Dummy> mws

Install VMware Server 2.02 in SLES 11 SP1

Result:
I managed to install the vmware server 2.02 in SLES 11 SP1 x86_64 Kernel 2.6.32.29-0.3-default

Problems:

Using 2.6.x kernel build system.
make: Entering directory `/tmp/vmware-config0/vmmon-only’
make -C /lib/modules/2.6.32.12-0.7-default/build/include/.. SUBDIRS=$PWD SRCROOT=$PWD/. modules
make[1]: Entering directory `/usr/src/linux-2.6.32.12-0.7-obj/x86_64/default’
make -C ../../../linux-2.6.32.12-0.7 O=/usr/src/linux-2.6.32.12-0.7-obj/x86_64/default/. modules
CC vmware-config.pl (VMware-server-2.0.2 ) fails on SLES11 /tmp/vmware-config0/vmmon-only/linux/driver.o
In file included from /tmp/vmware-config0/vmmon-only/linux/driver.c:31:
/tmp/vmware-config0/vmmon-only/./include/compat_wait.h:78: error: conflicting types for ‘poll_initwait’
/usr/src/linux-2.6.32.12-0.7/include/linux/poll.h:70: error: previous declaration of ‘poll_initwait’ was here
In file included from /tmp/vmware-config0/vmmon-only/./common/vmx86.h:32,
from /tmp/vmware-config0/vmmon-only/linux/driver.h:29,
from /tmp/vmware-config0/vmmon-only/linux/driver.c:101:
/tmp/vmware-config0/vmmon-only/./include/x86msr.h:164:1: warning: “MSR_THERM2_CTL” redefined
In file included from include2/asm/msr.h:4,
from include2/asm/processor.h:21,
from /usr/src/linux-2.6.32.12-0.7/include/linux/prefetch.h:14,
from /usr/src/linux-2.6.32.12-0.7/include/linux/list.h:6,
from /usr/src/linux-2.6.32.12-0.7/include/linux/module.h:9,
from /tmp/vmware-config0/vmmon-only/./include/compat_module.h:27,
from /tmp/vmware-config0/vmmon-only/linux/driver.c:26:
include2/asm/msr-index.h:228:1: warning: this is the location of the previous definition
/tmp/vmware-config0/vmmon-only/linux/driver.c: In function ‘LinuxDriverSyncCallOnEachCPU’:
/tmp/vmware-config0/vmmon-only/linux/driver.c:1423: error: too many arguments to function ‘smp_call_function’
/tmp/vmware-config0/vmmon-only/linux/driver.c: In function ‘LinuxDriver_Ioctl’:
/tmp/vmware-config0/vmmon-only/linux/driver.c:1987: error: ‘struct task_struct’ has no member named ‘euid’
/tmp/vmware-config0/vmmon-only/linux/driver.c:1987: error: ‘struct task_struct’ has no member named ‘uid’
/tmp/vmware-config0/vmmon-only/linux/driver.c:1988: error: ‘struct task_struct’ has no member named ‘fsuid’
/tmp/vmware-config0/vmmon-only/linux/driver.c:1988: error: ‘struct task_struct’ has no member named ‘uid’
/tmp/vmware-config0/vmmon-only/linux/driver.c:1989: error: ‘struct task_struct’ has no member named ‘egid’
/tmp/vmware-config0/vmmon-only/linux/driver.c:1989: error: ‘struct task_struct’ has no member named ‘gid’
/tmp/vmware-config0/vmmon-only/linux/driver.c:1990: error: ‘struct task_struct’ has no member named ‘fsgid’
/tmp/vmware-config0/vmmon-only/linux/driver.c:1990: error: ‘struct task_struct’ has no member named ‘gid’
/tmp/vmware-config0/vmmon-only/linux/driver.c:2007: error: too many arguments to function ‘smp_call_function’
make[4]: *** /tmp/vmware-config0/vmmon-only/linux/driver.o Error 1
make[3]: *** vmware-config.pl (VMware-server-2.0.2 ) fails on SLES11 Error 2
make[2]: *** vmware-config.pl (VMware-server-2.0.2 ) fails on SLES11 Error 2
make[1]: *** vmware-config.pl (VMware-server-2.0.2 ) fails on SLES11 Error 2
make[1]: Leaving directory `/usr/src/linux-2.6.32.12-0.7-obj/x86_64/default’
make: *** http://vmmon.ko Error 2
make: Leaving directory `/tmp/vmware-config0/vmmon-only’
Unable to build the vmmon module.

Solution:
Radu Cotescu has written a script that automates a build, configure and install on machines with new kernels:
http://radu.cotescu.com/2010/02/21/how-to-install-vmware-server-kernel-2-6-32/

  1. remove the rpm install: rpm -e VMware-server
  2. Download the script, extract it, place the vmware server 2.02 source tar (not the RPM) in the same directory, DO NOT extract the tar.
  3. chmod +x vmware-server-2.0.x-kernel-2.6.3x-install.sh
  4. then run the script: “vmware-server-2.0.x-kernel-2.6.3x-install.sh ./”
  5. If it is not working for your x64  maschine
    download the VMware-server-2.0.2-203138-update-2.patch from http://risesecurity.org/2010/04/02/vmware-server-2-0-2-update-patch-2/
  6. copy/save VMware-server-2.0.2-203138-update-2.patch to the same directory where your vmware-server-2.0.x-kernel-2.6.3x-install.sh is.
  7. modify the vmware-server-2.0.x-kernel-2.6.3x-install.sh with an editor (e.g. vi)
  8. Change the line: patch=”vmware-server-2.0.2-203138-update.patch” in wmare-server-2.0.x-kernel-2.6.3x-install.sh to: patch=”VMware-server-2.0.2-203138-update-2.patch”
  9. Save the change and run “vmware-server-2.0.x-kernel-2.6.3x-install.sh ./” again ( i ran the installer as ROOT)
    This will extract the tar ball, check your system, download any files you need from the repositories you have configured, (I have some SLES 11 sp1 online repositories) then patch the source and build and install VMware.

VMware Server Configurations:

Once the installation of VMware Server is done, it will run the config perl script automatically. You can also call the config file manually to change the settings with: “./usr/bin/wmware-config.pl”

Ignore the complains about the C complier, (say “yes”) it’s a VMware issue, the compiler will be fine. It will then compile the kernel modules, this will produce a few warnings, this is nothing to worry about either.

It will then ask you lots of questions about network, etc. I just followed the defaults, except the one about where do I want to put the virtual machines? I took the default location

Then you give it your serial number, and it finalises the install.

Rovio 8233 (i-sobot, bioloid education kits)

I bought a Rovio 8233 yesterday by Amazone. They have almost 70% cut of the Rovio.
I am looking forward to receive it soon. A Rovio is a robot car with wifi webcam, here is the official support.

Here we go, this is my plan. I would like to use the Rovio to control the I-sobot robot, which i get in the last year. i have no idea how it can work, but i am sure i will find it out.

I-sobot is a very amazing little tiny robots with 17 Servomotors, you can find more about i-sobot in my link to i-sobot in robotsrule web, and here is an official web. The i-sobot has only a infrared receiver and rovio has remote wifi webcam. Maybe i can get some kid of swarm intelligence out of these two stuffs. Rovio should be the head of this team and i-sobot with it mobility should be the sidekick.

A link for more information about i-sobot:
http://www.robots-dreams.com/2008/01/i-sobot-some-se.html

I wish that one day i can have a set of bioloid premium kit, which build the education robots like lego with plug.
But this bioloid set is really expensive. Here is an official link to bioloid website. Bioloid education kit is a product of South Korean company Robotis. I thought the japanese are great in building robots, it looks like that i was wrong. The most amazing thing in bioloid premium kit is the Gyro sensor. The Gyroscopes sensor allows robots to balance better and telling him what does gravitation means.

Hello world!

Hello World! Welcome to my Blog in WordPress.
Just feel free to comment on any of my posts.