Sunday, January 28, 2018

Setup MariaDB

Upon installing mariadb in Ubuntu. Some initial configuration must be done to make it a secure server:

  • You can set a password for root accounts.
  • You can remove root accounts that are accessible from outside the local host.
  • You can remove anonymous-user accounts.
  • You can remove the test database, which by default can be accessed by anonymous users.
They provide us  a script to that do these things automatically.

$sudo mysql_secure_installation


Upon running this script root can only login using sudo. in other words,

$ mysql -u root -p

works only when used with sudo.

To enable all users to login the following steps must be provided.

DROP USER 'root'@'%';
+------+-----------+ | User | Host | +------+-----------+ | root | localhost | +------+-----------+

DROP USER 'root'@'localhost';
CREATE USER 'root'@'localhost' IDENTIFIED BY '123';
GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost';
FLUSH PRIVILEGES;

Sunday, March 19, 2017

Apache web root in home folder

Keeping the web root in $HOME folder has great benefits. One can format the OS partition without worrying about any files. Configuring apache2 to keep the web root in $HOME folder has alyaws been a problem for me. Finally I found a working apache2 configuration

<VirtualHost *:80>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com

        ServerAdmin webmaster@localhost
        DocumentRoot /home/username/html


         <Directory />
           Require all denied
           AllowOverride None
           Options None
         </Directory>

         <Directory /home/username/html>
           Require all granted
           AllowOverride All
           Options FollowSymLinks
         </Directory>

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        LogLevel info
        #ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf
</VirtualHost>


Thursday, February 18, 2016

Running parallel VisIt

VisIt is a very general purpose data visualization software. One can create a wide range of visualizations using this such as drawing pseudo color, 3D vector plot, etc.

When there is a large dataset one needs to run it parallelly. Compiling VisIt from source is a bit tricky. Luckily they provide binaries for Ubuntu and RHEL.

Downloads

They provide sequential VisIt for Ubuntu and parallel VisIt for RHEL. Though the parallel build for RHEL works in Ubuntu as well. It provides mpich along with the binary build.

When we run VisIt parallely, is PATH variable is not set properly it uses the system-wide installed MPI library or one installed by user in some other location. Setting permanently the PATH variable to use VisIt's mpich could break existing mpi-compiled codes.

It can be solved in two ways. The following scripts are made for VisIt-2.10.0. For other versions, replacing the version number should work.

1) create a shell script to export PATH variable only when using VisIT.

visit-source.sh

export PATH=/home/<user>/visit2_10_0.linux-x86_64/bin:/home/<user>/visit2_10_0.linux-x86_64/2.10.0/linux-x86_64/bin:$PATH



and use


source /path/to/visit-source.sh


everytime.


A better solution is given below

2) modify visit script for export this path automatically

goto  /home/<user>/visit2_10_0.linux-x86_64/bin/


gedit visit


step 1: replace line 1 from


#!/bin/sh

to


#!/bin/bash

step 2: add this script after the commented section in the top at around line 30.



##################################################
# http://stackoverflow.com/a/246128
##################################################
SOURCE="${BASH_SOURCE[0]}"
while [ -h "$SOURCE" ]; do # resolve $SOURCE until the file is no longer a symlink
  DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
  SOURCE="$(readlink "$SOURCE")"
  [[ $SOURCE != /* ]] && SOURCE="$DIR/$SOURCE" # if $SOURCE was a relative symlink, we need to resolve it relative to the path where the symlink file was located
done
DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
export PATH=$DIR/../2.10.0/linux-x86_64/bin/:$PATH
##################################################


This should get the work done.



Saturday, July 25, 2015

Manual installation of Proxywise

Proxywise uses redsocks to do all the magic. Hence the first step is to install 'redsocks'.

Download from https://github.com/darkk/redsocks (Arch linux users may use 'yaourt' to install/remove 'redsocks-git' and skip to 'Proxywise' installation)

'redsocks' requires on 'libevent' source files to compile.

$ git clone https://github.com/darkk/redsocks.git
$ cd redsocks
$ make
$ cp redsocks /usr/local/sbin/

Post installation script should be executed after this.
Now we install 'Proxywise'

$ git clone https://github.com/anandogc/proxywise.git
$ cd proxywise
$ sudo cp -r etc /
$ sudo cp -r usr /

The post-install (postinst), pre-install (preinst), and pre-removal (prerm) scripts are there in proxywise/debian folder. 'postinst' must be executed after performing the above task.

If one wants to install it else where, '/etc/init/proxywise.conf' and '/etc/systemd/system/proxywise.service' must be modified appropriately.

Hurray !!. Its done.

Friday, July 17, 2015

Subnet Mask

Let us dissect a few subnet mask and see what does it mean. Let us start with a simple example.

10.0.0.0/8:

In an IPv4 there are four parts. Each of them can vary from 0-255. You may know that an 8 bit integer is required to store values from 0-255. Hence each part of an IPv4 is 8bit long.

The '/8' means that first 8 bits are held fixed and rest can vary. In other words since each part is 8 bit long, the first part is fixed and the rest can vary. So it ranges from

10.000.000.000 to 10.255.255.255


172.16.0.0/12:
Here first 12 bits are held fixed and rest can vary.

'172' consumes 8 bits and first 4 bits of 16 are held fixed.

Decimal 16 = Binary 0001 0000.
Decimal 31 = Binary 0001 1111.

So we see that by keeping the first four bits of 16 fixed, we can go from 16 to 31.
Hence 172.16.0.0/12 can vary from

172.16.000.000 to 172.31.255.255


192.168.0.0/16:
Here first 16 bits are fixed. So 192 and 168 are held fixed and rest can vary.

192.168.000.000 to 192.168.255.255

Sunday, July 12, 2015

Proxywise

Proxywise is a tool that can be used to redirect all outgoing connections through a given proxy.

There are software that have proxy settings in them such as web-browsers. But there are other software that are not proxy aware such as 'Ubuntu Software Center' and other package managers.

To add to the problem, there is a bug in version of 'libproxy' included in Ubuntu-14.04 due to which  torrent clients such as 'QBittorrent' are unable to download via proxy.

Using Proxywise, all connections can be redirected through the proxy.
Presently it diverts all connections of protocol tcp, and icmp.

On the underlying layer it uses redsocks, that works well for tcp and icmp protocols but it returns "truncated answer" to every query via UDP. RFC-compliant resolver should repeat same query via TCP in this case - so the request can be redirected using usual redsocks facilities.


If you find any issues while using it please comment below.


Proxywise is presently available for Ubuntu-12.04 and Ubuntu-14.04. Other linux users may install manually and try the terminal interface.


Adding the repository and installing
Do a no-proxy login from browser and issue following commands


$ sudo add-apt-repository ppa:anandogc/proxywise
$ sudo apt-get update
$ sudo apt-get install proxywise



Setting up the profiles

Upon successful installation click the dash ( ) and launch 'Proxywise'. A 'P' logo will appear on the panel.
Click on it and open 'Configure'

The 'Proxywise Configuration Tool' will open.
Using this tool you can add various profiles.
Note: You may choose not to store 'Username' and/or 'Password' when you are using a shared computer. Then it will ask you credentials every time you apply a profile.


Ignore Hosts
Typically the IP addresses within the campus can not be accessed through proxy server. Hence these set of IP addresses must be ignored by Proxywise. Three IPv4 ranges are used in Private Network: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16.

'Ignore Hosts' list can contain
  1. Server name, e.g. blogger.com
  2. IP address, e.g. 216.58.220.46
  3. Subnet Mask e.g. 10.0.0.0/8
The default values in 'Ignore Hosts' tab should work in most cases.





Cheers
Now we are ready to activate Proxywise. Just click on the 'P' icon on the panel and activate the profile of your choice.




Terminal interface
To open the 'Proxywise Configuration Tool' type

$ proxywise-config

and fill it up as described above.

Upon adding the profiles and setting 'Ignore Hosts' using 'Proxywise Configuration Tool', the 'proxywise' command can be used to activate a profile.

$ proxywise --help
usage: proxywise [-h] [-l] [-a] [-n] [{bsnl,nkn,proxy}]

positional arguments:
  {bsnl,nkn,proxy}  profile to be activated

optional arguments:
  -h, --help        show this help message and exit
  -l, --list        list available profiles
  -a, --activate    activate last used proxy
  -n, --no-proxy    disable active profile

To activate the 'nkn' profile, just type

$ proxywise nkn
nkn activated.

To get the active profile, just type

$ proxywise
nkn is active.

To deactivate any active profile, type.

$ proxywise -n
Active profile disabled.

Bash completion is also supported, it will show you suggestions

$ proxywise [tab][tab]
bsnl   nkn    proxy

After a computer restart, use '-a' to activate the last used profile.

$ proxywise -a


Where are the credentials stored?
All profile details are stored in Gnome-Keyring. This encrypts all details using your login password. Hence they get decrypted and become available only when you log in to your account.

Thursday, April 9, 2015

P3DFFT timers

P3DFFT is one of the fastest parallel Fourier transform (https://code.google.com/p/p3dfft/). In output of P3DFFT, 12 timers are printed. These are time takes by various parts of it. The following table lists the timer number and corresponding function.


timer[1]Alltoallv in XY transpose
timer[2]Alltoallv in YZ transpose
timer[3]Alltoallv in ZY transpose
timer[4]Alltoallv in YX transpose
timer[5]FFT transform (R2C) in X for all z and y
timer[6]local rearrangement of data in XY transpose
timer[7]FFT transform (C2C) in Y for all x and z, one Z plane at a time
timer[8]local rearrangement of data in YZ transpose
timer[9]local rearrangement of data in ZY transpose
timer[10]FFT Transform (C2C) in y dimension for all x, one z-plane at a time
timer[11]local rearrangement of data in YX transpose
timer[12]Perform Complex-to-real FFT in x dimension for all y and z

Note: Description of timer[8], and timer[9] may not be accurate.