Posts Tagged ‘debian repositories’

Removing exim and installing qmail / Generate and install pseudo mta dummy package on Debian / Ubuntu etc. .deb based Linux

Thursday, March 10th, 2016

debian-dummy-mta-package-install-howto-tux-mail-nice-mascot
If you happen to be installing Qmail Mail server on a Debian or Ubuntu (.deb) based Linux, you will notice by default there will be some kind of MTA (Mail Transport Agent) already installed mail-transfer-agent package will be installed and because of Debian .deb package depedency to have an MTA always installed on the system you will be unable to remove Exim MTA without installing some other MTA (Postix / Qmail) etc.

This will be a problem for those like me who prefer to compile and install Qmail from source, thus to get around this it is necessery to create a dummy package that will trick the deb packaging depencies that actually mta-local MTA package is present on the server.

The way to go here is to use equivs (Circumvent debian package dependencies):
 

debian:~# apt-cache show equivs|grep -i desc -A 10

Description: Circumvent Debian package dependencies
 This package provides a tool to create trivial Debian packages.
 Typically these packages contain only dependency information, but they
 can also include normal installed files like other packages do.
 .
 One use for this is to create a metapackage: a package whose sole
 purpose is to declare dependencies and conflicts on other packages so
 that these will be automatically installed, upgraded, or removed.
 .
 Another use is to circumvent dependency checking: by letting dpkg
 think a particular package name and version is installed when it

Btw creating a .deb dummy package will be necessery in many other cases when you have to install from some third party debian repositories or some old and alrady unmaintaned deb-src packages for the sake of making some archaic software to resurrect somewhere, so sooner or later even if you're not into Mail servers you will certainly need equivs.

Then install equivs and go on proceeding creating the dummy mail-transport-agent package
 

debian:~# cd /tmp debian:~# cp -rpf /usr/share/doc/equivs/examples/mail-transport-agent.ctl . debian:~# equivs-build mail-transport-agent.ctl


Above command will build and package /tmp/mta-local_1.0_all.deb dummy package.
So continue and install it with dpkg as you use to install debian packages
 

 

debian:~# dpkg -i /tmp/mta-local_1.0_all.deb


From then on you can continue your standard LWQ – Life with Qmail or any other source based qmail installation with:

 

 

./config-fast mail.yourmaildomain.net


So that's it now .deb packaging system consistency will be complete so standard security package updates with apt-get and aptitude updates or dpkg -i third party custom software insatlls will not be breaking up any more.

Hope that helped someone 🙂

 

 

 

 

Installation and Configuration of Clamav antivirus on Debian GNU / Linux

Monday, September 9th, 2013

Clamav logo installing Clamav antivirus to scan periodically Debian server websites for viruses

Clamav Antivirus is one of must have packages installed on a new Debian Linux server. It is not only necessary whether configuring a new Mail server be it Qmail or Postfix but is good to have to always check files on a Webserver. Until few years infecting of Sites with Viruses / Installing WebShells or Backdooring for further access using Perl or PHP vulnerable PHP code was not so common, However nowadays with increase of complexity of languages and increase of not security minded programmers this possibility dramatically increaed. Thus nowadays, whether I configure a new Apache + PHP + CGI support server I always install Clamav AV. Some might argue that Clamav Virus definitions are still too little compared to proprietary solutions like BitDefender / AVG or Avast but since my experience with this under Linux is not so bright as well as Clamav captures essential Viruses and Backdoors I still prefer to keep on with Clamav.  Even on home Desktops with Linux clamav is of use as there are plenty of free-ware software for Linux which come only distributed only in a binary form and hence its good to check them with clamav before use whether they don't contain some well known Rootkit or Virus. Over the years Clamav has done great job for me whether I had to clean up "hacked" hosts containing  script kiddie exploit scanners or Virus infected ELF binaries
.
1. Installing ClamAV in Debian Wheezy Linux

Before time there was a separate Debian repository called Volatille providing latest version release of Clamav, since Debian Squeeze Volatille project is discontinued, thus installing on Wheezy as a deb package is only available via standard Debian repositories.

apt-get update && apt-get --yes upgrade
...

apt-get install --yes clamav clamav-daemon

As package dependencies you get installed:

clamav clamav-base clamav-freshclam libbz2-1.0 libclamav1 libcurl3 libidn11 ucf

Clamav-Daemon will launch immediately after packages are installed and is available as process name /usr/sbin/clamd

# ps ax |grep -i clam
 2641 ?        Ssl    6:39 /usr/sbin/clamd
 2791 ?        Ss    12:04 /usr/bin/freshclam -d --quiet
12300 pts/0    S+     0:00 grep -i clam

2. Updating Clamav Antivirus Definitions

Its worthy say few words on clamav-freshclam as it is part of ClamAV which is used to update Clamav Virus definitions. Update of ClamAV vir definitions are updating automatically through /usr/bin/freshclam daemon which is started automatically by Debian postconfiguration scripts right after Clamav install.

Manual update of AV definitions can be done also with freshclam.

# freshclam
ClamAV update process started at Sun Sep  8 17:48:36 2013
main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)
daily.cvd is up to date (version: 17830, sigs: 1696886, f-level: 63, builder: neo)
bytecode.cld is up to date (version: 225, sigs: 42, f-level: 63, builder: dgoddard)


To keep an eye on definition auto-updates (useful to check where something fails), check out in /var/log/clamav/freshclam.log

A sure indication that Anvirus updates are conducting fine should be log records like:
 

Sun Sep  8 16:27:44 2013 -> ————————————–
Sun Sep  8 17:27:44 2013 -> Received signal: wake up
Sun Sep  8 17:27:44 2013 -> ClamAV update process started at Sun Sep  8 17:27:44 2013
Sun Sep  8 17:27:44 2013 -> main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)
Sun Sep  8 17:27:44 2013 -> daily.cld is up to date (version: 17830, sigs: 1696886, f-level: 63, builder: neo)
Sun Sep  8 17:27:44 2013 -> bytecode.cld is up to date (version: 225, sigs: 42, f-level: 63, builder: dgoddard)
Sun Sep  8 17:27:47 2013 -> ————————————–



3. Configuring ClamAV

For Desktop use clamav default config is pretty good. However for servers its good to raise  2 up MaxThreads:

By default MaxThreads is 12

MaxThreads 12

Change to from 30 to 80 depending on how powerful machine ClamAV runs, even on some servers more Clamav threads might be necessary

MaxThreads 30

Other value I like changing is SelfCheck 3600 is too long time for clamav Virus definitions integrity I prefer to set it to 600, i.e.

SelfCheck 600

By default ClamAV is also configured to scan archive files as well. However for this to work you will have to have previously installed unzip and unrar on system. If still you don't have them installed run:

# apt-get install --yes unrar unzip
...

Note that you will need to have non-free part of Debian deb repositories to /etc/apt/sources.list

Here is one of my sources.list
 

deb http://ftp.uk.debian.org/debian squeeze main contrib non-free
deb http://security.debian.org/ squeeze/updates main contrib non-free
deb-src http://security.debian.org/ squeeze/updates main contrib non-free

deb http://ftp.debian.skynet.be/ftp/debian/ squeeze main contrib non-free
deb-src http://ftp.debian.skynet.be/ftp/debian/ stable main contrib non-free

deb http://security.debian.org squeeze/updates main contrib non-free
deb-src http://security.debian.org/ squeeze/updates main contrib non-free

3. Scanning with ClamAV

# clamscan -r /tmp/
./dos-58.160.208.43: OK
./dos-108.18.38.140: OK
./dos-188.194.80.100: OK
./dos-91.224.160.135: OK
./dos-128.253.117.70: OK
./dos-128.172.143.110: OK
./dos-77.92.102.34: OK
./dos-195.230.5.12: OK
...

....
----------- SCAN SUMMARY -----------
Known viruses: 2735887
Engine version: 0.97.8
Scanned directories: 1
Scanned files: 129
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 4.769 sec (0 m 4 s)


-r flag stands for recursive scan – e.g. scan all sub-directories in directory and its content

To not flood your console / ssh connection one very useful option is -i (print only whetherinfected files are matched). Here is one more sample case:

# clamscan -r -i /var/tmp/
----------- SCAN SUMMARY -----------
Known viruses: 2735887
Engine version: 0.97.8
Scanned directories: 1
Scanned files: 2
Infected files: 0
Data scanned: 0.26 MB
Data read: 0.13 MB (ratio 1.97:1)
Time: 4.824 sec (0 m 4 s)


Whether you're on a physical server console and it has pc speaker or sound blaster use –bell option to ring a bell every time a Virus infection is found, for exmpl.

# clamscan -r -i --bell /var/www/

4. Scanning periodically and reporting with ClamAV directories with websites

A very common use of ClamAV is to just setup a scheduled cronjob once a month to scan, whether server folder containing a bunch of websites in separate Virtualhosts contain some viruses or malicious stuff. Then as administrator check those logs once a month to make sure server site or group of sites does not become banned in search engine (blocked by Google Chrome and Firefox as Virus hotbed) …
# crontab -u root -e
00 02 01 * * clamscan -r /var/www -l /var/log/websites-scan.log

Then once a month check out /var/log/websites-scan.log

Check your GNU / Linux Desktop for all used “Evil” Non-free ( proprietary ) Software with VRMS

Wednesday, June 26th, 2013

Virtual Richard Stallman VRMS Check what non free software is on your GNU Linux system

If you want to be strict on using only Free Software (in a as in freedom sense), just like Richard Stallman. You will be happy to know there is a tool in Linux called Virtual Richard Stallman ( vrms – report of installed non-free software ) 🙂

On launch vrms simply lists, all software and software documentation installed on Debian GNU / Linux  that is not 100% free software licenses / GPL compatbile. This is software installed via non-free  package Debian repositories or somehow not sticking to the standards of Debian Free Software Guidelines. Of course living with 100% free software is only for the hard core free software evangelists and rarely there is someone who can use computer on daily basis without some bits of proprietary software like flashplugin-nonfree, Skype rar, unrar. I tried for a while living on only 100% free software but didn't succeeded cause some non-free software is still a must to be able to not detach from "Digital Society". Living on only free software is not easy especially if you want to have normal multimedia  stuff on Desktop. Anyways even if you don't plan to purge your non-free software vrms is useful to list what free-software is installed on PC.

noah:~# apt-cache show vrms|grep -i description

Description-en: virtual Richard M. Stallman
 The vrms program will analyze the set of currently-installed packages
 on a Debian-based system, and report all of the packages from the
 non-free and contrib trees which are currently installed.
 .

Install vmrs with:

noah:~# apt-get install --yes vrms

 

Reading package lists… Done
Building dependency tree      
Reading state information… Done
The following packages were automatically installed and are no longer required:
  liboggkate1 xulrunner-10.0
Use 'apt-get autoremove' to remove them.
The following NEW packages will be installed:
  vrms
0 upgraded, 1 newly installed, 0 to remove and 101 not upgraded.
Need to get 0 B/13.0 kB of archives.
After this operation, 102 kB of additional disk space will be used.
Retrieving bug reports… Done
Parsing Found/Fixed information… Done
Selecting previously unselected package vrms.
(Reading database … 226672 files and directories currently installed.)
Unpacking vrms (from …/apt/archives/vrms_1.16_all.deb) …
Processing triggers for man-db …
Setting up vrms (1.16) …

  Below is a list of all non-free software installed on my Debian 7 Thinkpad:

noah:~# vrms

                Non-free packages installed on noah

acroread                            Adobe Acrobat Reader: Portable Document Format file vi
acroread-data                       data files for acroread
acroread-dictionary-en              English dictionary for for acroread
acroread-escript                    Adobe EScript Plug-In
acroread-l10n-en                    English language package for acroread
firmware-iwlwifi                    Binary firmware for Intel PRO/Wireless 3945 and 802.11
frogatto-data                       2D platformer game starring a quixotic frog
mame                                Multiple Arcade Machine Emulator (MAME)
mame-tools                          Tools for MAME and MESS
mess                                Multi Emulator Super System (MESS)
mess-data                           Data files for the Multi Emulator Super System (MESS)
mozilla-acroread                    Adobe Acrobat(R) Reader plugin for mozilla / konqueror
nikto                               web server security scanner
opera                               Fast and secure web browser and Internet suite
rar                                 Archiver for .rar files
skype                               Skype
teamviewer                          TeamViewer (Remote Control Application)
unrar                               Unarchiver for .rar files (non-free version)
xmame-tools                         Transitional package for mame-tools

                Contrib packages installed on noah

cbedic                              Text-mode Bulgarian/English Dictionary
dosemu                              DOS Emulator for Linux
flashplugin-nonfree                 Adobe Flash Player – browser plugin
frogatto                            2D platformer game starring a quixotic frog
gnome-video-arcade                  Simple MAME frontend
mess-desktop-entries                Desktop entries for MESS ROMs
ttf-mscorefonts-installer           Installer for Microsoft TrueType core fonts
winetricks                          package manager for WINE to install software easily

     Contrib packages with status other than installed on noah

gxmame                              ( dei)  GTK XMame frontend

  19 non-free packages, 0.8% of 2531 installed packages.
  9 contrib packages, 0.4% of 2531 installed packages.

 

If you want to go the Stallman way and be a 100% Free Software user, Go free and purge all "evil" non-free software  🙂 issue:

# for i in $(vrms -q|grep -v 'Contrib packages'|grep -v 'Non-free'|awk '{ print $1 }' | awk 'NF'); \
do \
apt-get remove --yes $i; dpkg --purge $i; done

 

How to play VCD videos in Debian Linux

Monday, September 26th, 2011

Totem VCD error occured, could not open location you might not have permissions to open the file

A friend of mine gave me a VCD with some coptic Orthodox Christian exorcism, where there pope was chasing some evil spirits from possessed muslims who came to the Coptic Orthodox Church in egypt. The video was made to be in VCD and as you can expect this did not worked out of the box with Totem and VLC out of the box.
Putting in the VCD video inside my cdrom poped up an error like the one in the header of the post.
In order to make the video play I had to use the old school and now a bit obsolete mplayer.
Hence in order to play the VCD on Debian Linux I had to install mplayer and w32codecs packages first e.g.:

debian:~# apt-get update && apt-get install mplayer w32codecs

Second to play the video from gnome-terminal, I had to switch to the mounted cdrom location /media/cdrom0 and launch the video with mplayer cmd like so:

debian:~$ cd /media/cdrom0/vcd
debian:/media/cdrom0/vcd$ mplayer vcd://2
...

In some cases it might be necessery to play the video with mplayer command like:

debian:/media/cdrom0/vdd$ mplayer vcd://2 vcd://3

Watching it with mplayer from console has some downsides as I couldn’t make the fast rewind work, but still it’s way better than nothing.
Too bad in Debian Squeeze 6 gmplayer is no longer installable. The gmplayer can probably be installed if mplayer is compiled from source, but I’m too lazy to try it out.
I’ve red also in some forums online that gxine is capable of playing the VCD play nice, but I couldn’t install it from my existing Debian repositories so I did not give it a go.

Installing qmailmrtg (qmail graph statistics on qmail activity) on Debian Lenny

Monday, April 19th, 2010

1. First it’s necessery to have the mrtg debian package installed.
If it’s not installed then we have to install it:

debian-server:~# apt-get install mrtg

2. Second download the qmailmrtg source binary
To download the latest current source release of qmailmrtg execute:

debian-server:~# wget http://www.inter7.com/qmailmrtg7/qmailmrtg7-4.2.tar.gz

It’s a pity qmailmrtg is not available for download via debian repositories.

3. Third download the qmail.mrtg.cfg configuration file

debian-server~# wget https://www.pc-freak.net/files/qmail.mrtg.cfg

Now you have to put the file somewhere, usually it’s best to put it in the /etc/ directory.
Make sure the file is existing in /etc/qmail.mrtg.cfg
4. Untar compile and install qmailmrtg binary


debian-server:~# tar -xzvvf qmailmrtg7-4.2.tar.gz
...
debian-server:~# make && make install

strip qmailmrtg7
cp qmailmrtg7 /usr/local/bin
rm -rf *.o qmailmrtg7 checkq core
cc checkq.c -o checkq
./checkq
cc -s -O qmailmrtg7.c -o qmailmrtg7
qmailmrtg7.c: In function ‘main’:
qmailmrtg7.c:69: warning: incompatible implicit declaration of
built-in function ‘exit’
qmailmrtg7.c:93: warning: incompatible implicit declaration of
built-in function ‘exit’
qmailmrtg7.c:131: warning: incompatible implicit declaration of
built-in function ‘exit’
qmailmrtg7.c:137: warning: incompatible implicit declaration of
built-in function ‘exit’

5. Set proper file permissions according to the user you indent to execute qmailmrtg as
I personally execute it as root user, if you intend to do so as well set a permissions to
/etc/qmail.mrtg.cfg of 700.
In order to do that issue the command:

debian-server:~# chmod 700 /etc/qmail.mrtg.cfg

6. You will now need to modify the qmail.mrtg.cfg according to your needs
There you have to set a proper location where the qmailmrtg shall generate it’s html data files.
I use the /var/www/qmailmrtg qmailmrtg log file location. If you will do so as wellyou have to create the directory.

7. Create qmailmrtg html log files directory

debian-server:~# mkdir /var/log/qmailmrtg

8. Now all left is to set a proper cron line to periodically invoke qmailmrtg in order to generate qmail activity statistics.

Before we add the desired root’s crontab instructions we have to open the crontab for edit, using the command.

debian-server:~# crontab -u root -e

I personally use and recommend the following line as a line to be added to root’s crontab.

0-55/5 * * * * env LANG=C /usr/bin/mrtg /etc/qmail.mrtg.cfg > /dev/null
9. Copy index.html from qmailmrtg source directory to /var/log/qmailmrtg


debian-server:/usr/local/src/qmailmrtg7-4.2# cp -rpf index.html /var/log/qmailmrtg

10. Last step is to make sure Apache’s configuration contains lines that will enable you to access the qmail activity statistics.

The quickest way to do that in Debian running Apache 2.2 is to edit /etc/apache2/apache2.conf and add a directory Alias as follows

Alias /qmailmrtg/ "/var/www/qmailmrtg/"

Now after Apache restart /etc/init.d/apache2 restart
You should be now able to access the qmail mrtg qmail log statistics through your Apache’s default configured host.
For instance, assuming your default configured Apache host is domain.com. You’ll be able to reach the qmailmrtg statistics through an url like:

http://domain.com/qmailmrtg/

After I verified and ensured myself qmail mrtg is working correctly after all the above explained steps partook I wasn’t happy with some headlines in the index.html and the html tile of qmailmrtg,
so as a last step I manually edited the /var/www/qmailmrtg/index.html to attune it to my likings.

Here is a screenshot of the qmailmrtg web statistics in action.

qmail mrtg on debian lenny