發佈於

ArchLinux – WordPress 結合 LDAP

參考網頁:
wordpress 和 LDAP 的結合(TLS) | 資訊雜記

安裝 php-ldap
# pacman -S php-ldap

開啟 php ldap 功能
# sed -i ‘s/;extension=ldap.so/extension=ldap.so/’ /etc/php/php.ini

重新啟動 php-fpm
# systemctl restart php-fpm[@more@]下載 WordPress LDAP 外掛程式
wpDirAuth:https://wordpress.org/plugins/wpdirauth/installation/

下載 wpDirAuth
# wget https://downloads.wordpress.org/plugin/wpdirauth.1.7.6.zip

解壓縮到 /srv/http/wordpress/wp-content/plugins 目錄
# unzip wpdirauth.1.7.6.zip -d /srv/http/wordpress/wp-content/plugins

啟用 wpDirAuth 外掛
登入後,選擇 網誌管理

選擇 外掛 / 已安裝外掛

選擇 wuDirAuth 的啟用

已啟用

選擇 設定 / Directory Auth

LDAP 設定相關參數

做以下的設定
1. Enable Directory Authentication?
2. Directory Servers (Domain Controllers)
3. Account Filter

1. Base DN
2. Bind DN
3. Bind Password
4. Confirm Password

Update Options

測試一下

可以正常登入

發佈於

ArchLinux – OpenLDAP Server 設定 處理中文亂碼

直接轉換使用者帳號密碼檔,如果含有中文,就會出現亂碼

[@more@]處理方式:
1. 先將擷取出來的檔案轉換成 big5 編碼
# egrep ‘t100|s100’ /etc/passwd > /root/ldif/passwd
# piconv -f utf8 -t big5 /root/ldif/passwd > /root/ldif/passwd.big5
# cat /root/ldif/passwd.big5
s100001:x:1002:1000:▒▒▒▒01▒L▒p▒▒:/home/student/s100/s100001:/bin/false
s100002:x:1003:1000:▒▒▒▒02▒▒▒▒▒:/home/student/s100/s100002:/bin/false
t100001:x:1004:1001:▒▒▒g:/home/teacher/t100001:/bin/false

使用 MigrationTools 進行轉換
# cd /usr/share/MigrationTools-47
# ./migrate_passwd.pl /root/ldif/passwd.big5 > /root/ldif/passwd.ldif.big5

再轉換成 utf8 編碼
# piconv -f big5 -t utf8 /root/ldif/passwd.ldif.big5 > /root/ldif/passwd.ldif

去除一些不要的欄位
# sed -i ‘/mailRoutingAddress/d’ /root/ldif/passwd.ldif
# sed -i ‘/mailHost/d’ /root/ldif/passwd.ldif
# sed -i ‘/krbName/d’ /root/ldif/passwd.ldif
# sed -i ‘/inetLocalMailRecipient/d’ /root/ldif/passwd.ldif
# sed -i ‘/kerberosSecurityObject/d’ /root/ldif/passwd.ldif

但有些字可以正常轉換,有些字可能還是亂碼,要手動處理

發佈於

ArchLinux 安裝 ownCloud 7.x

參考網頁:
ownCloud – ArchWiki
How To Install and Setup ownCloud on Arch Linux | DigitalOcean
EFSTATHIOS IOSIFIDIS: Install ownCloud on Raspberry Pi (Arch Linux) using Lighttpd
EFSTATHIOS IOSIFIDIS: Install ownCloud 7 on Raspberry Pi (Arch Linux) using Lighttpd
Arch Linux / OwnCloud with nginx | Ryad’s Blog

安裝 PHP 和 Nginx
# pacman -S nginx php php-fpm php-gd php-mcrypt php-intl[@more@]
修改 /etc/php/php.ini 設定檔
# sed -i ‘s/;extension=zip.so/extension=zip.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=gd.so/extension=gd.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=iconv.so/extension=iconv.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=openssl.so/extension=openssl.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=xmlrpc.so/extension=xmlrpc.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=bz2.so/extension=bz2.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=curl.so/extension=curl.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=intl.so/extension=intl.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=mcrypt.so/extension=mcrypt.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=mysql.so/extension=mysql.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=pdo_mysql.so/extension=pdo_mysql.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=mysqli.so/extension=mysqli.so/’ /etc/php/php.ini
# sed -i ‘s/;zend_extension=opcache.so/zend_extension=opcache.so/’ /etc/php/php.ini

如果要將 ownCloud 檔案存放在速度比較快的目錄 /mnt/sda1/ownCloud
# vim /etc/php/php.ini
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/:/mnt/sda1/ownCloud

建立 ownCloud 資料庫及使用者和密碼
# /usr/bin/mysql -u root -p
> CREATE DATABASE cloud;
> CREATE USER cloud@localhost;
> SET PASSWORD FOR cloud@localhost= PASSWORD(“password_for_cloud”);
> GRANT ALL PRIVILEGES ON cloud.* TO cloud@localhost IDENTIFIED BY ‘password_for_cloud’;
> FLUSH PRIVILEGES;
> exit

下載 ownCloud
# wget https://download.owncloud.org/community/owncloud-7.0.2.tar.bz2
解壓縮
# tar xvjf owncloud-7.0.2.tar.bz2
建立目錄
# mkdir /srv/http/owncloud/data
改變目錄擁有者
# chown -R http:http /srv/http/owncloud/data

啟動及開機時啟動 php-fpm 及 nginx 服務
# systemctl enable php-fpm
# systemctl start php-fpm
# systemctl enable nginx
# systemctl start nginx

發佈於

ArchLinux 安裝 ownCloud 7.x

關於 ownCloud 可以參考:頭城國小資訊組 | 在 CentOS 6.x 上安裝 ownCloud
參考網頁:
ownCloud – ArchWiki
How To Install and Setup ownCloud on Arch Linux | DigitalOcean
EFSTATHIOS IOSIFIDIS: Install ownCloud on Raspberry Pi (Arch Linux) using Lighttpd
EFSTATHIOS IOSIFIDIS: Install ownCloud 7 on Raspberry Pi (Arch Linux) using Lighttpd

查詢套件庫中有無 ownCloud 套件
# pacman -Ss owncloud
community/owncloud 7.0.2-1
    A cloud server to store your files centrally on a hardware controlled by you
安裝 ownCloud 套件
# pacman -S owncloud
Optional dependencies for owncloud
    php-apache: to use the Apache web server
    php-sqlite: to use the SQLite database backend
    php-pgsql: to use the PostgreSQL database backend
    php-ldap: LDAP authentication
    php-intl [installed]
    php-apcu
    php-xcache
    mariadb: to use the MySQL database backend [installed]
    smbclient: to mount SAMBA shares [installed]
    php-mcrypt [installed]
    ffmpeg: file preview
    libreoffice-common: file preview[@more@]
安裝 php-ldap / php-apcu / php-xcache 套件
# pacman -S php-ldap php-apcu php-xcache

安裝 uwsgi-plugin-php 套件
# pacman -S uwsgi-plugin-php

修改 /etc/php/php.ini 設定檔
# sed -i ‘s/;extension=zip.so/extension=zip.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=gd.so/extension=gd.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=iconv.so/extension=iconv.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=openssl.so/extension=openssl.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=xmlrpc.so/extension=xmlrpc.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=bz2.so/extension=bz2.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=curl.so/extension=curl.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=intl.so/extension=intl.so/’ /etc/php/php.ini
# sed -i ‘s/;extension=mcrypt.so/extension=mcrypt.so/’ /etc/php/php.ini

修改 nginx 設定檔
# vim /etc/nginx/ngix.conf
#this is to avoid Request Entity Too Large error
        client_max_body_size 1000M;
        # deny access to some special files
        location ~ ^/(data|config|.ht|db_structure.xml|README) {
              deny all;
        }
        # pass all .php or .php/path urls to uWSGI
        location ~ ^(.+.php)(.*)$ {
              include uwsgi_params;
              uwsgi_modifier1 14;
              uwsgi_pass 127.0.0.1:3001;
        }
        # everything else goes to the filesystem,
        # but / will be mapped to index.php and run through uwsgi
        location /owncloud {
              root /usr/share/webapps;
              index index.php;
              rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
              rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
        }

重新啟動 Nginx Web Server
# systemctl restart nginx

安裝 uwsgi
# pacman -S uwsgi

建立設定檔
# vim /etc/uwsgi/owncloud.ini

[uwsgi]
master = true
socket = 127.0.0.1:3001

# Change this to where you want ownlcoud data to be stored (maybe /home/owncloud)
owncloud_data_dir = /usr/share/webapps/owncloud/data/
chdir             = %(owncloud_data_dir)

plugins = php
php-docroot     = /usr/share/webapps/owncloud
php-index       = index.php

# only allow these php files, I don't want to inadvertently run something else
php-allowed-ext = /index.php
php-allowed-ext = /public.php
php-allowed-ext = /remote.php
php-allowed-ext = /cron.php
php-allowed-ext = /status.php
php-allowed-ext = /settings/apps.php
php-allowed-ext = /core/ajax/update.php
php-allowed-ext = /core/ajax/share.php
php-allowed-ext = /core/ajax/requesttoken.php
php-allowed-ext = /core/ajax/translations.php
php-allowed-ext = /search/ajax/search.php
php-allowed-ext = /search/templates/part.results.php
php-allowed-ext = /settings/admin.php
php-allowed-ext = /settings/users.php
php-allowed-ext = /settings/personal.php
php-allowed-ext = /settings/help.php
php-allowed-ext = /settings/ajax/getlog.php
php-allowed-ext = /settings/ajax/setlanguage.php
php-allowed-ext = /settings/ajax/setquota.php
php-allowed-ext = /settings/ajax/userlist.php
php-allowed-ext = /settings/ajax/createuser.php
php-allowed-ext = /settings/ajax/removeuser.php
php-allowed-ext = /settings/ajax/enableapp.php
php-allowed-ext = /core/ajax/appconfig.php
php-allowed-ext = /settings/ajax/setloglevel.php
php-allowed-ext = /ocs/v1.php

# set php configuration for this instance of php, no need to edit global php.ini
php-set = date.timezone=Etc/UTC
php-set = open_basedir=%(owncloud_data_dir):/tmp/:/usr/share/pear/:/usr/share/webapps/owncloud:/etc/webapps/owncloud
php-set = session.save_path=/tmp
php-set = post_max_size=1000M
php-set = upload_max_filesize=1000M

# load all extensions only in this instance of php, no need to edit global php.ini
php-set = extension=bz2.so
php-set = extension=curl.so
php-set = extension=intl.so
php-set = extension=openssl.so
php-set = extension=pdo_sqlite.so
php-set = extension=exif.so
php-set = extension=gd.so
php-set = extension=imagick.so
php-set = extension=gmp.so
php-set = extension=iconv.so
php-set = extension=mcrypt.so
php-set = extension=sockets.so
php-set = extension=sqlite3.so
php-set = extension=xmlrpc.so
php-set = extension=xsl.so
php-set = extension=zip.so

processes = 10
cheaper = 2
cron = -3 -1 -1 -1 -1 /usr/bin/php -f /usr/share/webapps/owncloud/cron.php 1>/dev/null

建立目錄
# mkdir /usr/share/webapps/owncloud/data

# uwsgi_php –ini /etc/uwsgi/owncloud.ini
[uwsgi] implicit plugin requested php
[uWSGI] getting INI configuration from /etc/uwsgi/owncloud.ini
*** Starting uWSGI 2.0.7 (32bit) on [Wed Nov  5 09:22:02 2014] ***
compiled with version: 4.8.2 20131219 (prerelease) on 02 October 2014 06:16:59
os: Linux-3.4.90 #2 SMP PREEMPT Wed Aug 27 10:31:52 CST 2014
nodename: lemaker
machine: armv7l
clock source: unix
pcre jit disabled
detected number of CPU cores: 2
current working directory: /root
detected binary path: /sbin/uwsgi
uWSGI running as root, you can use –uid/–gid/–chroot options
*** WARNING: you are running uWSGI as root !!! (use the –uid flag) ***
chdir(): No such file or directory [core/uwsgi.c line 2537]

發佈於

在 Ubuntu Linux 安裝 Adobe PDF Reader

參考網站:Install Adobe Acrobat Reader in Ubuntu 12.10/12.04/Linux Mint – NoobsLab | Ubuntu/Linux News, Reviews, Tutorials, Apps

1. 新增套件庫來源
$ sudo add-apt-repository “deb http://archive.canonical.com/ precise partner”
2. 更新套件庫
$ sudo apt-get update[@more@]3. 安裝 acroread
$ sudo apt-get install acroread
正在讀取套件清單… 完成
正在重建相依關係         
正在讀取狀態資料… 完成
下列的額外套件將被安裝:
  acroread-bin
建議套件:
  libldap2 libgnome-speech7
下列【新】套件將會被安裝:
  acroread acroread-bin
升級 0 個,新安裝 2 個,移除 0 個,有 2 個未被升級。
需要下載 60.1 MB 的套件檔。
此操作完成之後,會多佔用 142 MB 的磁碟空間。
是否繼續進行 [Y/n]?y

設定 Adobe PDF Reader 為 PDF 預設開啟程式

程式開啟畫面

開啟 中文 PDF 檔案


發佈於

ArchLinux – OpenLDAP Server 設定

建立學生群組
# groupadd student
建立老師群組
# groupadd teacher

建立學生目錄
# mkdir -p /home/student/s100
建立老師目錄
# mkdir /home/teacher

建立學生帳號及密碼
# useradd -g student -d /home/student/s100/s100001 -m -s /bin/false -c “六忠01林小華” s100001
# useradd -g student -d /home/student/s100/s100002 -m -s /bin/false -c “六忠02陳金花” s100002
# passwd s100001
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
# passwd s100002
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

建立老師帳號及密碼
# useradd -g teacher -d /home/teacher/t100001 -m -s /bin/false -c “李阿土” t100001
# passwd t100001
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
[@more@]
# mkdir /root/ldif
# egrep ‘teacher|student’ /etc/group > /root/ldif/group
# cat /root/ldif/group
student:x:1000:
teacher:x:1001:

# egrep ‘t100|s100’ /etc/passwd > /root/ldif/passwd
# cat /root/ldif/passwd
s100001:x:1002:1000:六忠01林小華:/home/student/s100/s100001:/bin/false
s100002:x:1003:1000:六忠02陳金花:/home/student/s100/s100002:/bin/false
t100001:x:1004:1001:李阿土:/home/teacher/t100001:/bin/false

使用 migrationtools 工具
# cd /usr/share/MigrationTools-47
# ./migrate_base.pl > /root/ldif/base.ldif
# ./migrate_passwd.pl /root/ldif/passwd > /root/ldif/passwd.ldif
# ./migrate_group.pl /root/ldif/group > /root/ldif/group.ldif

# cat /root/ldif/base.ldif
dn: dc=ldap,dc=tces.ilc.edu.tw
dc: ldap
objectClass: top
objectClass: domain
objectClass: domainRelatedObject
associatedDomain: tces.ilc.edu.tw

dn: ou=Group,dc=ldap,dc=tces.ilc.edu.tw
ou: Group
objectClass: top
objectClass: organizationalUnit
objectClass: domainRelatedObject
associatedDomain: tces.ilc.edu.tw

dn: ou=People,dc=ldap,dc=tces.ilc.edu.tw
ou: People
objectClass: top
objectClass: organizationalUnit
objectClass: domainRelatedObject
associatedDomain: tces.ilc.edu.tw

清空資料
# systemctl stop slapd
# rm -rf /var/lib/openldap/openldap-data/*
# rm -rf /etc/openldap/slapd.d/*
# cp /etc/openldap/DB_CONFIG.example /var/lib/openldap/openldap-data/DB_CONFIG
# chown ldap:ldap /var/lib/openldap/openldap-data/DB_CONFIG
# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
# chown -R ldap.ldap /etc/openldap/slapd.d
# chown -R ldap.ldap /var/lib/openldap/openldap-data/*
# systemctl start slapd

開始匯入
# systemctl stop slapd
# /usr/bin/slapadd -l /root/ldif/base.ldif
545aedd1 bdb_monitor_db_open: monitoring disabled; configure monitor database to enable
_#################### 100.00% eta   none elapsed            none fast!
Closing DB…
# /usr/bin/slapadd -l /root/ldif/passwd.ldif
# /usr/bin/slapadd -l /root/ldif/group.ldif

更改目錄擁有者及啟動 OpenLDAP Server
# chown -R ldap.ldap /etc/openldap/slapd.d
# chown -R ldap.ldap /var/lib/openldap/openldap-data/*
# systemctl start slapd

發佈於

ArchLinux – 安裝 OpenLDAP Server

參考網站:
OpenLDAP – ArchWiki

搜尋 OpenLDAP 套件
# pacman -Ss openldap
core/openldap 2.4.40-1
    Lightweight Directory Access Protocol (LDAP) client and server

安裝 OpenLDAP Server
# pacman -S openldap[@more@]

資料庫存放位置
/var/lib/openldap/openldap-data

設定檔位置
/etc/openldap/slapd.conf

備份設定檔
# cp /etc/openldap/slapd.conf /etc/openldap/slapd.conf.$(date +%F)
# cp /var/lib/openldap/openldap-data/DB_CONFIG.example /var/lib/openldap/openldap-data/DB_CONFIG
# chown ldap:ldap /var/lib/openldap/openldap-data/DB_CONFIG

設定管理密碼
# /usr/bin/slappasswd
New password:
Re-enter new password:
{SSHA}RExxR+kZpVgxxxdSYtxxsU

修改設定檔 /etc/openldap/slapd.conf
# sed -i ‘s/dc=my-domain,dc=com/dc=ldap,dc=tces.ilc.edu.tw/’ /etc/openldap/slapd.conf
# sed -i ‘s/secret/{SSHA}RExxR+kZpVgxxxdSYtxxsU/’ /etc/openldap/slapd.conf


修改設定檔 /etc/openldap/slapd.conf
# vim /etc/openldap/slapd.conf
include         /etc/openldap/schema/core.schema 下加入
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema


下載 openldap-migrationtools
# wget http://www.padl.com/download/MigrationTools-47.tar.gz

解壓縮
# tar xvzf MigrationTools-47.tar.gz -C /usr/share

修改設定檔
# sed -i ‘s/$DEFAULT_MAIL_DOMAIN = “padl.com”;/$DEFAULT_MAIL_DOMAIN = “tces.ilc.edu.tw”;/’ /usr/share/MigrationTools-47/migrate_common.ph
# sed -i ‘s/$DEFAULT_BASE = “dc=padl,dc=com”;/$DEFAULT_BASE = “dc=ldap,dc=tces.ilc.edu.tw”;/’ /usr/share/MigrationTools-47/migrate_common.ph
# sed -i ‘s/$EXTENDED_SCHEMA = 0;/$EXTENDED_SCHEMA = 1;/’ /usr/share/MigrationTools-47/migrate_common.ph

產生新的設定,並修改權限
# mv /etc/openldap/slapd.d /etc/openldap/slapd.d.orig
# mkdir /etc/openldap/slapd.d
# chown -R ldap.ldap /etc/openldap/slapd.d
# chown -R ldap.ldap /var/lib/openldap/openldap-data/*

測試設定檔
# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
545ad5f4 bdb_monitor_db_open: monitoring disabled; configure monitor database to enable
config file testing succeeded
# chown -R ldap.ldap /etc/openldap/slapd.d
# chown -R ldap.ldap /var/lib/openldap/openldap-data/*

啟動 OpenLDAP 服務
# systemctl start slapd
設定開機時啟動 OpenLDAP 服務
# systemctl enable slapd
Created symlink from /etc/systemd/system/multi-user.target.wants/slapd.service to /lib/systemd/system/slapd.service.

檢查是否有正常啟動
# netstat -antup | grep :389
tcp        0      0 0.0.0.0:389             0.0.0.0:*               LISTEN      2516/slapd
tcp6       0      0 :::389                  :::*                    LISTEN      2516/slapd

發佈於

ownCloud 7.x 使用 OpenLDAP 認證

新版本的 ownCloud 似乎預設不會啟動 LDAP 相關模組,所以安裝完成之後,一直在 管理  畫面中找不到與 LDAP 相關的選項
[@more@]即使啟用 通訊錄的 LDAP 也沒有用

後來試了很久,終於在 應用程式 中找到了!
選擇 左方的 檔案應用程式

選擇 LDAP user and group backend

選擇 啟用

這時候在 管理 畫面,就可以找到與 LDAP 相關的選項了!

 LDAP  的設定方式,可以參考之前寫的 ownCloud 使用 LDAP Server 做認證

發佈於

在 Ubuntu Linux 解決 Scratch 2 每次都要選擇正體中文的問題

在 Windows 7/8.1 作業系統教學生使用離線版的 Scratch 2 會出現一個問題,就是每次重新開啟 Scratch 2 時,Scratch 2 會自動切換到英文版,又要手動重新設定一次改成正體中文,每次都要這樣,有些麻煩。
目前在 Ununtu Linux 已經可以解決這樣的問題
[@more@]參考網站:夢幻天地blog: scratch2字型放大又可以使用s2a中文積木
1. 下載修正過的 Scratch.swf
$ wget https://2blog.ilc.edu.tw/wp-content/uploads/sites/985/25793/25793-2889399.zip
2. 解壓縮
$ unzip 25793-2889399.zip
3. 備份原檔
$ sudo mv  /opt/Scratch 2/share/Scratch.swf /opt/Scratch 2/share/Scratch.swf-bak
4. 複製檔案到 /opt/Scratch 2/share 目錄
$ sudo cp ~/Scratch.swf /opt/Scratch 2/share/
5. 更改檔案權限
$ sudo chown root.root  /opt/Scratch 2/share/Scratch.swf
6. 執行 Scratch 2,並將語系切換成正體中文
7. 修改檔案權限
$ sudo chown root:root ~/.appdata/edu.media.mit.Scratch2Editor/Local Store/#SharedObjects/Scratch.swf/Scratch.sol