2012-0224

Subversion and LDAP

Add a Comment[Author: Category: Linux ]

When I started here, we had 12 SVN repositories (and a valid reason for having all 12). Maintaining the user database was really not doable given that setup as each repository had a distinct user database. I had two goals coming into this – make the management of the user database easier, and make new user setup doable by someone without Linux know-how. To do that I decided to tie things into the AD and make use of that for authentication as well as user setup. Here’s a brief overview of how I made it happen. This assumes a CentOS install but should be easily modified for Debian or other platforms.

  1. Create a connector account in your AD that will be used to query username/password. I granted mine admin rights but you’re probably alright without them, it just needs to query.
  2. Create a user group in the AD that will act as a container for authenticated users and the users than require SVN access into that group
  3. Install Apache, PHP, and the mod_dav and mod_dav_svn modules.
  4. Create your SVN repository (svnadmin create /foo/bar/repo)
  5. On CentOS you should get a subversion.conf file that is already generated for you (not sure on Debian and its ilk) that you’ll need to edit. Here’s a template to use. This assumes your domain name is example.com, the group name you create is “svn,” the connector account is called “SVN CONNECTOR”:

    6. LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so

<VirtualHost *:80>
        DocumentRoot /var/www/html/virtualhosts/svn
        ServerName svn.example.com
        ServerAlias svn
        ErrorLog logs/svn.example.com-error_log
        CustomLog logs/svn.example.com-access_log common
        <Location /repository>
                DAV svn
                SVNPath /srv/svn/repository
                AuthBasicProvider ldap
                AuthType Basic
                AuthzLDAPAuthoritative off
                AuthName "This is your SVN Repository"
                AuthLDAPURL "ldap://DC.example.com:3268/DC=example,DC=com?sAMAccountName?sub?(&(&(objectClass=user)(objectCategory=person))(memberof=CN=svn,DC=example,DC=com))"
                AuthLDAPBindDN "CN=SVN CONNECTOR,DC=example,DC=com"
                AuthLDAPBindPassword "your connector password"
                Require valid-user
                Require ldap-group "CN=svn,DC=example,DC=com"
        </Location>

  6. That’s it. Bounce Apache and then test your access to the repository using your domain credentials
Tags: ,
2012-0223

Hey look at that…a post

2 Comments[Author: Category: Linux ]

Wow, the last time I posted anything was in June of last year.
I’ve pretty much dropped LJ at this point. I check in every so often as time permits, but time doesn’t permit much these days. I went ahead and liberated all of my entries from LJ and shifted them over to my personal blog so I suspect if I ever decide to start posting again it’s probably going to be over there.

Instead of content though, I’ll offer up a bit of geekery for you. If you use the built in LJ importer in WordPress it seems to pick and choose what gets set as private or password-protected and what gets set as public. This is of course problematic if you’re like me and keep most of what you post set to friends-only. Once you import your data, connect to your database and run the following query:

UPDATE `main_posts` SET `post_status`='private'

That’s it – you’ll mass set all posts to private and you’ll have luxury of time to go through the old entries and decide what you wish to make public and what you wish to keep private.

Tags: ,
2011-0823

Asian Turkey Burgers

Add a Comment[Author: Category: Main Dishes, Recipes ]

Recipe Courtesy EatingWell.com

Ingredients
2 slices whole-wheat sandwich bread, crusts removed, torn into pieces
12 ounces lean ground turkey breast, (see Ingredient Note)
1 8-ounce can sliced water chestnuts, rinsed and chopped
2 tablespoons hoisin sauce, (see Ingredient Note)
2 scallions, trimmed and sliced
1 tablespoon minced fresh ginger
2 cloves garlic, minced
1/4 teaspoon salt
1 1/2 teaspoons toasted sesame oil
Sesame Mayonnaise, optional (recipe follows)

Preparation

1. Preheat grill to medium-high.
2. Place bread in a food processor and pulse into fine crumbs. Transfer to a large bowl. Add ground turkey, water chestnuts, hoisin, scallions, ginger, garlic and salt; mix well. (The mixture will be moist.) With dampened hands, form the mixture into four 1/2-inch-thick patties (see Tip).
3. Oil the grill rack (see Tip). Brush the patties with sesame oil. Grill until browned and no longer pink in the center, about 5 minutes per side. (An instant-read thermometer inserted in the center should register 165°F.)
4. Meanwhile, prepare Sesame Mayonnaise, if desired, to serve with the burgers.

Sesame Mayonnaise

Ingredients

2 tablespoons reduced-fat mayonnaise
2 tablespoons nonfat or low-fat plain yogurt
1/2 teaspoon reduced-sodium soy sauce
1/2 teaspoon toasted sesame oil

Preparation

1. Combine mayonnaise, yogurt, soy sauce and oil in a small bowl; whisk until blended. Variation: Scallion-Lemon Mayonnaise Combine 2 tablespoons reduced-fat mayonnaise, 2 tablespoons nonfat plain yogurt, 1 tablespoon chopped scallions, 1/2 teaspoon freshly grated lemon zest, 1 tablespoon lemon juice, salt and pepper to taste in a small bowl; whisk until blended.

Tags:
2011-0721

Banana Bread

Add a Comment[Author: Category: Recipes, Vegetarian ]

Modified from a recipe from the Post-Punk Kitchen

1/2 cup brown sugar
1/2 cup white sugar
1/2 cup vegetable oil
3-4 very ripe bananas, mashed well
1 cup white flour
1 cup whole wheat flour
1 teaspoon baking soda
1/4 cup almond milk, mixed with 1 teaspoon apple cider vinegar (let it stand for a minute)
1 teaspoon vanilla
1 teaspoon cinnamon
1 teaspoon cardamom
1/2 teaspoon salt
zest of one orange

Mix together the sugars, vegetable oil, milk, vinegar, spices, salt, and zest. Beat in the mashed bananas. Sift in the dry ingredients and beat until combined. Pour into a greased/floured bread pan. Bake it for around 70 minutes at 350 degrees.

Tags:
2011-0608

That was AWESOME!

2 Comments[Author: Category: Random Stuff ]

So we had the work mentor program today. By the way, thanks to [personal profile] infinitehotel, [personal profile] oceanic, [personal profile] inahandbasket, [profile] faux_eonix, [personal profile] muffyjo, [profile] pasquillacious, and [profile] hermitgeecko for the varied advice (and apologies for not responding to each of you individually on said advice). I actually pulled together something of a melange of ideas from each of you and went into it with the possibility that they might not know squat about IT. It turns out they were all super interested in IT and I got them even further amped up about it.

I did a brief talk just to go over what I do in a day. Then I showed them a bit of Perl and how it’s useful in day to day work. I had one of them build a CentOS install from scratch and set the root password. I then gave them that system, told them we lost the root password, then showed them how to fix it by booting into single user mode. Then finally I had one of them prop data to an FTP site while I showed the others how to kick off backup jobs.

After it was all said and done they loved it (or at least said they did). At least to my face they said that this was the best mentor visit they ever had. They wanted my contact info so they could get in touch and ask questions, which I gladly gave them. All in all I had a really great time and would definitely do it again.

I’m posting on Dreamwidth a fair amount these days since LJ access can be spotty due to the DDoS attacks. You’re welcome to comment here or over there.

Tags:
Next Entries »

Copyright © All Rights Reserved · Green Hope Theme by Sivan & schiy · Proudly powered by WordPress