[HOW TO] SETFACL funny

Hello,

Humnnn "setfacl" - Do you know? Do you use?
Oh I know it via co-worker. Really, it's useful!

Today, I want to use this command. But .... i have a problem with "setfacl" in Linux Mint 14. 
Return error: setfacl /etc/hehe/haha.conf operation not supported.

No problem, googling - I think so.

And ... I found the solution to fix it as below:

UUID=30db91db-1f20-448c-9568-1593 /   ext4 errors=remount-ro 0       1

We need to add "acl"

UUID=30db91db-1f20-448c-9568-1593 /   ext4 errors=remount-ro,acl 0       1

Done! now the command setfacl works perfectly.

Finally

EXAMPLES

Granting an additional user read access

setfacl -m u:lisa:r file

Revoking write access from all groups and all named users (using the effective rights mask)

setfacl -m m::rx file

Removing a named group entry from a file's ACL

setfacl -x g:staff file

Copying the ACL of one file to another

getfacl file1 | setfacl --set-file=- file2

Copying the access ACL into the Default ACL

getfacl -a dir | setfacl -d -M- dir

Thank you for reading this article, please a comment if you are interested.
Tiến Phan - R0039
Knowledge is Endless
Sharing for Success

[HOW TO] install OpenOffice.org on Linux Mint/ Ubuntu

Hello everybody,

My name is Tien.

This article will explain how to install OpenOffice on Linux Mint.

Step 1: Download

Download .tar.gz from http://www.openoffice.org/download/other.html

#tar -xvzf Apache_OpenOffice_incubating_3.4.0_Linux_x86_install-deb_en-US.tar.gz

Step 2: Install

#cd en-US

#cd DEBS

#sudo dpkg -i *.deb

By default, /opt is directory.


To pick-in to desktop, you need to select desktop-integration in the DEBS installation directory and do:

#sudo dpkg -i *.deb



Thank you for reading this article, please a comment if you are interested.
Tiến Phan - R0039
Knowledge is Endless
Sharing for Success

[WHAT?] File Transfer Protocol

• First, the so-called control connection is established, over which FTP commands and their replies are transferred. 
• Then, in order to transfer a file or a directory listing, the client sends a particular command over the control connection to establish the data connection.

The data connection can be established two different ways, using active mode or passive mode.

• In passive mode, which is recommended (see below), the client sends the PASV command to the server, and the server responds with an address. The client then issues a command to transfer a file or to get a directory listing, and establishes a secondary connection to the address returned by the server.
• In active mode, the client opens a socket on the local machine and tells its address to the server using the PORT command. Once the client issues a command to transfer a file or listing, the server will connect to the address provided by the client.

In both cases, the actual file or listing is then transferred over the data connection.

Generally, establishing outgoing connections requires less configuration on the routers/firewalls involved than establishing incoming connections. 

• In passive mode, the connection is outgoing on the client side and incoming on the server side. 
• In active mode this is reversed. 

Note that the only differences are in establishing a connection. Once established, the connection can be used for uploads or downloads.

• In passive mode, the router and firewall on the server side need to be configured to accept and forward incoming connections. On the client side, however, only outgoing connections need to be allowed (which will already be the case most of the time).
• Analogously, in active mode, the router and firewall on the client side need to be configured to accept and forward incoming connections. Only outgoing connections have to be allowed on the server side.

Since in most cases one server provides a service for many users, it is much easier to configure the router and firewall on the server side once for passive mode than to configure the client's router/firewall for each individual client in active mode. Therefore, passive mode is recommended in most cases.

NAT routers

Most broadband users will have a NAT (Network Address Translation) router between their computer and the internet. This may be a standalone router device (perhaps a wireless router), or be built into a DSL or cable modem. In a NAT environment, all systems behind the NAT router form a Local Area Network (LAN), and each system in the LAN has a local IP address (recognizable as four small numbers separated by dots). The NAT router itself has a local IP address as well. In addition, the NAT router also has an external IP address by which it is known to the Internet.

The internal IP addresses are only valid inside the LAN, since they would make little sense to a remote system. Think about a server behind a NAT router. Imagine what might happen if a client requests passive mode, but the server doesn't know the external IP address of the NAT router. If the server sends its internal address to the client, two things could happen:

• If the client is not behind a NAT, the client would abort since the address is invalid.
• If the client is behind a NAT, the address given by the server might be the same as a system in the client's own LAN.

Obviously, in both cases passive mode would be impossible.

So if a server is behind a NAT router, it needs to know the external IP address of the router in passive mode. In this case, the server sends the router's external address to the client. The client then establishes a connection to the NAT router, which in turn routes the connection to the server.