diff --git a/Manuals/HowTos/Dialup/Administration.docbook b/Manuals/HowTos/Dialup/Administration.docbook new file mode 100755 index 0000000..a16f3df --- /dev/null +++ b/Manuals/HowTos/Dialup/Administration.docbook @@ -0,0 +1,13 @@ + + + Administration + + + + ... + + + + &administration-mail; + + diff --git a/Manuals/HowTos/Dialup/Administration.ent b/Manuals/HowTos/Dialup/Administration.ent new file mode 100644 index 0000000..8feac9d --- /dev/null +++ b/Manuals/HowTos/Dialup/Administration.ent @@ -0,0 +1,2 @@ + + diff --git a/Manuals/HowTos/Dialup/Administration/Mail.docbook b/Manuals/HowTos/Dialup/Administration/Mail.docbook new file mode 100644 index 0000000..04b9c1d --- /dev/null +++ b/Manuals/HowTos/Dialup/Administration/Mail.docbook @@ -0,0 +1,9 @@ + + + Mail Server Administration + + + ... + + + diff --git a/Manuals/HowTos/Dialup/Client.docbook b/Manuals/HowTos/Dialup/Client.docbook new file mode 100644 index 0000000..6a43d5a --- /dev/null +++ b/Manuals/HowTos/Dialup/Client.docbook @@ -0,0 +1,9 @@ + + + The Client Computer + + &client-usage; + &client-install; + &client-config; + + diff --git a/Manuals/HowTos/Dialup/Client.ent b/Manuals/HowTos/Dialup/Client.ent new file mode 100644 index 0000000..c89c2b8 --- /dev/null +++ b/Manuals/HowTos/Dialup/Client.ent @@ -0,0 +1,10 @@ + + + + + + + + + + diff --git a/Manuals/HowTos/Dialup/Client/Config.docbook b/Manuals/HowTos/Dialup/Client/Config.docbook new file mode 100644 index 0000000..6396561 --- /dev/null +++ b/Manuals/HowTos/Dialup/Client/Config.docbook @@ -0,0 +1,9 @@ + + + Dial-Up Client Configuration + + &client-config-overview; + &client-config-hardware; + &client-config-software; + + diff --git a/Manuals/HowTos/Dialup/Client/Config/hardware.docbook b/Manuals/HowTos/Dialup/Client/Config/hardware.docbook new file mode 100644 index 0000000..7fdf79c --- /dev/null +++ b/Manuals/HowTos/Dialup/Client/Config/hardware.docbook @@ -0,0 +1,9 @@ + + + Configuring Client Hardware + + + ... + + + diff --git a/Manuals/HowTos/Dialup/Client/Config/overview.docbook b/Manuals/HowTos/Dialup/Client/Config/overview.docbook new file mode 100644 index 0000000..371a1d9 --- /dev/null +++ b/Manuals/HowTos/Dialup/Client/Config/overview.docbook @@ -0,0 +1,9 @@ + + + Overview + + + ... + + + diff --git a/Manuals/HowTos/Dialup/Client/Config/software.docbook b/Manuals/HowTos/Dialup/Client/Config/software.docbook new file mode 100644 index 0000000..f374689 --- /dev/null +++ b/Manuals/HowTos/Dialup/Client/Config/software.docbook @@ -0,0 +1,9 @@ + + + Configuring Client Software + + + ... + + + diff --git a/Manuals/HowTos/Dialup/Client/Install.docbook b/Manuals/HowTos/Dialup/Client/Install.docbook new file mode 100644 index 0000000..6753e7d --- /dev/null +++ b/Manuals/HowTos/Dialup/Client/Install.docbook @@ -0,0 +1,9 @@ + + + Dial-Up Client Installation + + &client-install-overview; + &client-install-hardware; + &client-install-software; + + diff --git a/Manuals/HowTos/Dialup/Client/Install/hardware.docbook b/Manuals/HowTos/Dialup/Client/Install/hardware.docbook new file mode 100644 index 0000000..53a4f84 --- /dev/null +++ b/Manuals/HowTos/Dialup/Client/Install/hardware.docbook @@ -0,0 +1,9 @@ + + + Installing Client Hardware + + + ... + + + diff --git a/Manuals/HowTos/Dialup/Client/Install/overview.docbook b/Manuals/HowTos/Dialup/Client/Install/overview.docbook new file mode 100644 index 0000000..b62e798 --- /dev/null +++ b/Manuals/HowTos/Dialup/Client/Install/overview.docbook @@ -0,0 +1,9 @@ + + + Overview + + + ... + + + diff --git a/Manuals/HowTos/Dialup/Client/Install/software.docbook b/Manuals/HowTos/Dialup/Client/Install/software.docbook new file mode 100644 index 0000000..e057cdf --- /dev/null +++ b/Manuals/HowTos/Dialup/Client/Install/software.docbook @@ -0,0 +1,9 @@ + + + Installing Client Software + + + ... + + + diff --git a/Manuals/HowTos/Dialup/Client/Usage.docbook b/Manuals/HowTos/Dialup/Client/Usage.docbook new file mode 100644 index 0000000..281aca0 --- /dev/null +++ b/Manuals/HowTos/Dialup/Client/Usage.docbook @@ -0,0 +1,9 @@ + + + Dial-Up Client Usage + + + ... + + + diff --git a/Manuals/HowTos/Dialup/Commons.ent b/Manuals/HowTos/Dialup/Commons.ent new file mode 100755 index 0000000..f5bcdd1 --- /dev/null +++ b/Manuals/HowTos/Dialup/Commons.ent @@ -0,0 +1,23 @@ + + + + + + +&TC; Project"> + + +&TC; Mirrors"> +&TC; Wiki"> + + + + +The CentOS Artwork Repository"> +&TCPI; User's Guide"> diff --git a/Manuals/HowTos/Dialup/Configurations.docbook b/Manuals/HowTos/Dialup/Configurations.docbook new file mode 100755 index 0000000..f470587 --- /dev/null +++ b/Manuals/HowTos/Dialup/Configurations.docbook @@ -0,0 +1,20 @@ + + + Configurations + + + + This part of the book discusses the configuration of specific + infrastructures that may or may not be included inside &TCPI;. + Each configuration described here is oriented to satisfy + specific practical situations in a step-by-step fashion, so it + can be implemented as straightforward as possible. The + packages and documentation references related to each + configuration are also mentioned so you can get deeper on each + topic in case you need so. + + + + &configurations-dialup; + + diff --git a/Manuals/HowTos/Dialup/Configurations.ent b/Manuals/HowTos/Dialup/Configurations.ent new file mode 100755 index 0000000..410c988 --- /dev/null +++ b/Manuals/HowTos/Dialup/Configurations.ent @@ -0,0 +1,7 @@ + + + + + + + diff --git a/Manuals/HowTos/Dialup/Configurations/Dialup.docbook b/Manuals/HowTos/Dialup/Configurations/Dialup.docbook new file mode 100644 index 0000000..b336433 --- /dev/null +++ b/Manuals/HowTos/Dialup/Configurations/Dialup.docbook @@ -0,0 +1,11 @@ + + + IP Through Telephone Line + + &configurations-dialup-intro; + &configurations-dialup-usage; + &configurations-dialup-modem; + &configurations-dialup-server; + &configurations-dialup-client; + + diff --git a/Manuals/HowTos/Dialup/Configurations/Dialup/client.docbook b/Manuals/HowTos/Dialup/Configurations/Dialup/client.docbook new file mode 100644 index 0000000..26adb42 --- /dev/null +++ b/Manuals/HowTos/Dialup/Configurations/Dialup/client.docbook @@ -0,0 +1,97 @@ + + + The Client Computer + + + Installing Client Computer + + ... + + + + + Configuring Client Computer + + + ... + + + + Establishing Dial-Up Connection + + + To establish connection from the client computer to the server + computer you should configure the client computer to dial-up + the server computer, using the following information: + + + + ISP Name: server.example.com +ISP Phone: +53043515094 + Username: client.example.com + Password: mail4u + + + + To estabalish a dial-up connection from the client computer to + the server computer, you need to determine the modem location + assigned by the operating system, so you can instruct + applications like system-config-network the + correct device they will to talk to. This configuration + process has been greatly simplified by the + wvdialconf command distributed with the + wvdial + package. To do this, run the following command and pay + attention to the three last lines of its output: + + + wvdialconf /etc/wvdial.conf + + +Scanning your serial ports for a modem. + +ttyS0<*1>: ATQ0 V1 E1 -- failed with 2400 baud, next try: 9600 baud +ttyS0<*1>: ATQ0 V1 E1 -- failed with 9600 baud, next try: 115200 baud +ttyS0<*1>: ATQ0 V1 E1 -- and failed too at 115200, giving up. +Port Scan<*1>: S1 S2 S3 +WvModem<*1>: Cannot get information for serial port. +ttyACM0<*1>: ATQ0 V1 E1 -- OK +ttyACM0<*1>: ATQ0 V1 E1 Z -- OK +ttyACM0<*1>: ATQ0 V1 E1 S0=0 -- OK +ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 -- OK +ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 -- OK +ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 -- OK +ttyACM0<*1>: Modem Identifier: ATI -- LT V.90 1.0 MT5634ZBA-USB +Data/Fax Modem (Dual Config) Version 5.18e +ttyACM0<*1>: Speed 4800: AT -- OK +ttyACM0<*1>: Speed 9600: AT -- OK +ttyACM0<*1>: Speed 19200: AT -- OK +ttyACM0<*1>: Speed 38400: AT -- OK +ttyACM0<*1>: Speed 57600: AT -- OK +ttyACM0<*1>: Speed 115200: AT -- OK +ttyACM0<*1>: Speed 230400: AT -- OK +ttyACM0<*1>: Speed 460800: AT -- OK +ttyACM0<*1>: Max speed is 460800; that should be safe. +ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 -- OK + +Found an USB modem on /dev/ttyACM0. +Modem configuration written to /etc/wvdial.conf. +ttyACM0<Info>: Speed 460800; init "ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0" + + + + Now, using this information, configure a Modem connection + using the interface provided by + system-config-network command. Take care of + replacing the /dev/modem device name by + that one found by wvdialconf. At this + point, you can use the button Activate from + system-config-network to establish the + Modem connection you just configured. + + + + + + + diff --git a/Manuals/HowTos/Dialup/Configurations/Dialup/intro.docbook b/Manuals/HowTos/Dialup/Configurations/Dialup/intro.docbook new file mode 100644 index 0000000..cad9a6a --- /dev/null +++ b/Manuals/HowTos/Dialup/Configurations/Dialup/intro.docbook @@ -0,0 +1,24 @@ + + + Introduction + + + This chapter describes two computers configuration, one acting + as server and other as client. The server computer will be + configured to provide internet services and the client to make + use of those internet services provided by the server + computer. The connection medium both client and server + computer use is the telelphone line (i.e., the same medium you + use to realize phone calls). In this configuration, both + client and server computers use special devices named + Modems to transmit data in form of sound across + the telephone line. + + + + The configuration described in this chapter could be a good + choise when the only communication medium you have access to + is a telephone network. + + + diff --git a/Manuals/HowTos/Dialup/Configurations/Dialup/modem.docbook b/Manuals/HowTos/Dialup/Configurations/Dialup/modem.docbook new file mode 100644 index 0000000..fcbc030 --- /dev/null +++ b/Manuals/HowTos/Dialup/Configurations/Dialup/modem.docbook @@ -0,0 +1,68 @@ + + + The Modem Hardware + + + In order to establish a PPP link between two computers using + the telephone line as medium for data transmission, you need + to install (at least) one modem device in each computer. + + + + To install a modem device in computer you need to attach the + modem hardware to the computer and later the telephone line to + the modem hardware. To connect the modem to your computer, you + need to connect the serial or USB cable that comes from the + modem hardware to the appropriate input on your computer. To + connect the modem to the telephone line system, you need to + unplug the cable that connects your telephone device and plug + it on the modem device, specifically in the port reserved for + data transmission. Later, using a similar cable, you could + connect your telephone device to the modem's telephone port, + so you can realize telephone calls when no data transmition + take place. + + + + To be on the safe side, do all the installation with the + computer turned off. Then, when everthing has been put in + place, turn it on. Once the system is up, you can verify the + modem hardware using either the lsusb or + lspci commands. These commands need to be + run with administrative privileges, so probably need to + sudo them or login as root user in order to execute + thme. For example, assuming you are logged in as root user, + and you are using an USB modem like that one we mentioned + before, the output of lsusb command would + look like the following: + + + +Bus 003 Device 001: ID 0000:0000 +Bus 001 Device 001: ID 0000:0000 +Bus 001 Device 002: ID 058f:6366 Alcor Micro Corp. Multi Flash Reader +Bus 002 Device 001: ID 0000:0000 +Bus 005 Device 003: ID 06e0:f104 Multi-Tech Systems, Inc. +MT5634ZBA-USB MultiModemUSB (new firmware) +Bus 005 Device 001: ID 0000:0000 +Bus 005 Device 002: ID 046d:c018 Logitech, Inc. Optical Wheel Mouse +Bus 004 Device 001: ID 0000:0000 + + + + The relevant line here is that mentioning the existence of a + Multi-Tech System, Inc. MT5634ZBA-USB MultiModemUSB (new + firmware) device. If the modem you installed doesn't + appear in this list, it is probably because such hardware is + not supported by &TCD;, yet. + + + + At this point, everything is ready for you to install and + configure the computer either as server (see ) or client (see + ). + + + diff --git a/Manuals/HowTos/Dialup/Configurations/Dialup/server.docbook b/Manuals/HowTos/Dialup/Configurations/Dialup/server.docbook new file mode 100644 index 0000000..37042fe --- /dev/null +++ b/Manuals/HowTos/Dialup/Configurations/Dialup/server.docbook @@ -0,0 +1,789 @@ + + + The Server Computer + + + Installing Server Computer + + + Start with a minimal installation of &TCD;, bootup the + operating system, and login as root user. + + + + Installing Ppp Server + + The ppp server provides the software required to establish and + maintain a PPP link with another system and negociate Internet + Protocol addresses for each end of the link. + + + yum install ppp + + + + + Installing Name Server + + The name server provides the software required to translate + domain names into IP address and IP addresses into domain + names. With this software you can rembember addresses like + instead of + addresses like . There + are other feautres (e.g., mail exchanger resolution, zone + delegation, etc.) provided by this software that aren't used + in the point-to-point configuration we describe in this + chapter. + + yum install bind + + + There is a bind-chroot packages, however, + we aren't using it because SELinux is already enforced on the + &TCD; filesystem and it provides far more security than the + idea of bind-chroot package itself does. + + + + + + Installing Mail Server + + The mail server provides the software required to let you + send/receive mail messages to/from others. The mail server + is splitted in three basic components: The Mail Transfer Agent + (MTA), The Mail Delivery Agent (MDA) and an intermediary + daemon named saslauthd + to handle user authentication. The MTA is the program your + mail client sends mail messages to. The MDA, on the other + hand, is the program your mail client reads mail message + from (i.e., this is the program that let you access your + mailbox). The saslauthd daemon is used by the MDA to + authenticate user's credentials (e.g., the information that + let you access an specific mailbox) and by the MTA to + authenticate users before sending mail to it, however, in the + configuration we are implementing, the MTA doesn't require + that you authenticate to it in order to send mails through + it. The MTA will listen on all network interfaces it is + attached to and will receive mail sent to example.com domain name or + server.example.com host + name). + + + yum install postfix cyrus-{imapd{,-utils},sasl{,-ldap,-md5,-plain}} + + + By default, the sendmail + program is used as mail transfer agent, not postfix. For the + sake of that point-to-point configuration we are implementing, + I decided to use postfix instead as default mail transfer + agent, not sendmail. To effectively achieve this decition, it + is required to use the alternatives + command, as it shown below: + + + alternatives --config mta + + + This command will present you a menu to chose between + available mail transfer agents, so it is there where you + choose to use posfix as default option. Now that you've + changed postfix the default mail transfer agent, you can + saftly remove the sendmail package to avoid unused software + to remain inside the computer. To do this, you can run the + following command: + + + yum remove sendmail + + + In addition to mail server specific packages, we also provide + mailing list support. Mailing lists provide mail addresses + that users registered inside the ISP can write to. When you + sed an mail to a mailing list, your message is distributed to + all members of that list. In order for this to happen, people + registered inside ISP need to subscribe themselves into that + mailing list they want to receive messages from. The + subscription of mailinglist will be available through a secured + web application in the following url: + + + + + + + + + + + yum install mailman + + + + Installing Web Server + + The web server provides the software required to support web + interfaces like those one previously mention to register new + users inside the ISP and subscribe mailing lists. The web + server provided in this configuration will accept requests + both unencrypted and encrypted. + + + yum install httpd mod_ssl crypto-utils + + + In addition to mailing lists support, the web server will + provide access to Subversion. Subvesion provides a way to + manage files through version control. The main purpose of + providing Subversion support here is sharing the version of + &TCAR; I've been working on. + + + yum install subversion mod_dav_svn + + + + + + Installing Directory Server + + + The directory server provides the software required to unify + user information. This server is access by other server + whenever user information is required. You, as end user, can + also use this server from your workstation to retrive a list + of all users registered in the ISP. This list can be retrived + by the web interface the ISP provides, or any application your + workstation provide (e.g., most mail clients provide a way + to configure LDAP servers to build address book from it.). + + + yum openldap-servers python-ldap + + + + + + Configuring Server Computer + + Once all required packages have been installed inside the + server computer, it is time to configure them. This section + describes how to configure the server computer to provide a + public mail system. + + + + Configuring Network Internface + + + /etc/sysconfig/network-scripts/ifcfg-eth0 + + +# Please read /usr/share/doc/initscripts-*/sysconfig.txt +# for the documentation of these parameters. +TYPE=Ethernet +DEVICE=eth0 +HWADDR=00:1c:c0:f0:aa:05 +BOOTPROTO=none +NETMASK=255.255.255.0 +IPADDR=192.168.0.1 +ONBOOT=yes +USERCTL=no +IPV6INIT=no +PEERDNS=yes + + + + + + + + Configuring Ppp Server + + This configuration specifies the way the server computer will + handle incoming dial-up connections. + + + + /etc/ppp/options + + +# Enforce the use of the hostname as the name of the local system for +# authentication purposes (overrides the name option). +usehostname + +# Specify which DNS Servers the incoming Win95 or WinNT Connection +# should use Two Servers can be remotely configured +ms-dns 192.168.0.1 + +# Increase debugging level (same as -d). The debug output is written +# to syslog LOG_LOCAL2. +debug + +# Require the peer to authenticate itself before allowing network +# packets to be sent or received. Please do not disable this setting. +# It is expected to be standard in future releases of pppd. Use the +# call option (see manpage) to disable authentication for specific +# peers. +#auth + +# Use hardware flow control (i.e. RTS/CTS) to control the flow of data +# on the serial port. +crtscts + +# Specifies that pppd should use a UUCP-style lock on the serial +# device to ensure exclusive access to the device. +lock + +# Use the modem control lines. +modem + +# async character map -- 32-bit hex; each bit is a character that +# needs to be escaped for pppd to receive it. 0x00000001 represents +# '\x01', and 0x80000000 represents '\x1f'. To allow pppd to work +# over a rlogin/telnet connection, ou should escape XON (^Q), XOFF +# (^S) and ^]: (The peer should use "escape ff".) +#asyncmap 200a0000 +asyncmap 0 + +# Set the interface netmask to <n>, a 32 bit netmask in "decimal dot" +# notation (e.g. 255.255.255.0). +netmask 255.255.255.0 + +# Don't fork to become a background process (otherwise pppd will do so +# if a serial device is specified). +nodetach + +# Set the assumed name of the remote system for authentication +# purposes to <n>. +remotename client + +# If this option is given, pppd will send an LCP echo-request frame to +# the peer every n seconds. Under Linux, the echo-request is sent when +# no packets have been received from the peer for n seconds. Normally +# the peer should respond to the echo-request by sending an +# echo-reply. This option can be used with the lcp-echo-failure +# option to detect that the peer is no longer connected. +lcp-echo-interval 30 + +# If this option is given, pppd will presume the peer to be dead if n +# LCP echo-requests are sent without receiving a valid LCP echo-reply. +# If this happens, pppd will terminate the connection. Use of this +# option requires a non-zero value for the lcp-echo-interval +# parameter. This option can be used to enable pppd to terminate +# after the physical connection has been broken (e.g., the modem has +# hung up) in situations where no hardware modem control lines are +# available. +lcp-echo-failure 4 + +# Specifies that pppd should disconnect if the link is idle for n +# seconds. +idle 60 + + + + + + /etc/ppp/cha-secrets + /etc/ppp/pap-secrets + + +# client server secret IP addresses + +# Specify the client configuration. This is when this manchine calls +# someone's else machine and tries to establish a point-to-point +# connection. Most of this configuration is handled by the +# `system-config-network' utility. +# +####### redhat-config-network will overwrite this part!!! (begin) ########## +####### redhat-config-network will overwrite this part!!! (end) ############ + +# Specify the server configuration. This is when someone's else +# machine calls this machine trying to establish a point-to-point +# connection. This part of the configuration isn't handled by +# `system-config-network' utility. To prenvent this configuration to +# be lost the next time the `system-config-network' utility be used, +# be sure to have this configuration backed up somewhere so it can be +# resotred in such situations. +# +client server mail4u 192.168.0.2 +server client mail4u 192.168.0.1 + + + + + + + To make the modem respond to calls ... + + + pppd /dev/ttyACM0 + + + + + Configuring Name Server + + + + /etc/named.conf + + +# BIND DNS server 'named' configuration file for the Red Hat BIND +# distribution. This file was initially taken from +# `/usr/share/doc/bind-*/samples/named.conf' file and modified to fit +# this server's needs. +# +# This machine exists to develop The CentOS Project Corporate Identity +# through The CentOS Artwork Repository. Presently, this machine is +# isolated from Internet. However, a modem has been attached[1] and +# configured so people can establish point-to-point connections to +# this machine and download working copies of The CentOS Artwork +# Repository and help me to develop it. +# +# In this configuration there are only two IP addresses involved. The +# one used in this server (192.168.0.1) and another for the client who +# realize the point-to-point connection (192.168.0.2). This server is +# named `server.example.com' and the client `client.example.com' or +# something similar. +# -------------------------------------------------------------------- +# See the BIND Administrator's Reference Manual (ARM) for details, in: +# file:///usr/share/doc/bind-*/arm/Bv9ARM.html +# +# Also see the BIND Configuration GUI: +# /usr/bin/system-config-bind and its manual. +# -------------------------------------------------------------------- + +options { + + # Those options should be used carefully because they disable port + # randomization. + // query-source port 53; + // query-source-v6 port 53; + + # Put files that named is allowed to write in the data/ directory: + directory "/var/named"; // the default + dump-file "data/cache_dump.db"; + statistics-file "data/named_stats.txt"; + memstatistics-file "data/named_mem_stats.txt"; +}; + +logging { + + # If you want to enable debugging, eg. using the 'rndc trace' + # command, named will try to write the 'named.run' file in the + # $directory (/var/named). By default, SELinux policy does not + # allow named to modify the /var/named directory, so put the + # default debug log file in data/ : + channel default_debug { + file "data/named.run" versions 5 size 20m; + severity dynamic; + }; +}; + +# All BIND 9 zones are in a "view", which allow different zones to be +# served to different types of client addresses, and for options to be +# set for groups of zones. By default, if named.conf contains no +# "view" clauses, all zones are in the "default" view, which matches +# all clients. If named.conf contains any "view" clause, then all +# zones MUST be in a view; so it is recommended to start off using +# views to avoid having to restructure your configuration files in the +# future. + +view "internal" { + + # This view will contain zones you want to serve only to + # "internal" clients that connect via your directly attached LAN + # interfaces - "localnets". + match-clients { 192.168.0/24; }; + match-destinations { 192.168.0/24; }; + recursion no; + + # All views must contain the root hints zone. However, since this + # machine is disconnected from Internet it is not possible for it + # to reach root servers. So, this line is commented based that no + # recursion is performed here. + //include "named.rfc1912.zones"; + + # These are your "authoritative" internal zones, and would + # probably also be included in the "localhost_resolver" view + # above: + zone "example.com" IN { + type master; + file "example.com.zone"; + allow-update { none; }; + }; + + zone "0.168.192.in-addr.arpa" IN { + type master; + file "example.com.rr.zone"; + allow-update { none; }; + }; +}; + +# The localhost_resolver is already configured in `/etc/hosts' and set +# as first choise in `/etc/hosts.conf' file. However, if you change +# the order in `/etc/hosts.conf' file to make bind the first choise, +# then you need to include here the localhost_resolver in order to +# resolve localhost (127.0.0.1) address. + +key "rndckey" { + algorithm hmac-md5; + secret "JjsCg0VcCjZILGD8FR9nnw=="; +}; + +controls { + inet 127.0.0.1 port 953 + allow { 127.0.0.1; } keys { "rndckey"; }; +}; + + + + + + /var/named/example.com.zone + + +$ORIGIN example.com. +$TTL 86400 +@ IN SOA example.com. hostmaster.example.com. ( + 2011100404 ; serial (d. adams) + 3H ; refresh + 15M ; retry + 1W ; expiry + 1D ) ; minimum + + IN NS dns.example.com. + IN MX 10 mail.example.com. + +server IN A 192.168.0.1 +client IN A 192.168.0.2 + +dns IN CNAME server +mail IN CNAME server +www IN CNAME server + + + + + + /var/named/example.com.rr.zone + + +$ORIGIN 0.168.192.in-addr.arpa. +$TTL 86400 +@ IN SOA example.com. hostmaster.example.com. ( + 2011100405 ; serial (d. adams) + 3H ; refresh + 15M ; retry + 1W ; expiry + 1D ) ; minimum + + IN NS 192.168.0.1 + +1 IN PTR server.example.com. +2 IN PTR client.example.com. + + + + + + /etc/rndc.conf + + +include "/etc/rndc.key"; +options { + default-key "rndckey"; + default-server 127.0.0.1; + default-port 953; +}; + + + + + + /etc/rndc.key + + +key "rndckey" { + algorithm hmac-md5; + secret "JjsCg0VcCjZILGD8FR9nnw=="; +}; + + + When configuring rndc controls, don't use + the same secret shown in the example above. If you do so, the + secret information will not be a secret anymore (since we + already used it here). Instead, use the + rndc-genconf command to generate a new one, + and be sure it be placed correctly both in + /etc/rndc.conf and + /etc/named.conf configuration files. + + + + + /etc/resolv.conf + + nameserver 192.168.0.1 + + + + /etc/host.conf + + order hosts,bind + + + + + + At this point you can start the named service and realize some + tests to verify the named service is certainly working as + expected. For example, consider the the following two + commands: + + + +[root@server ~]# service named start +Starting named: [ OK ] +[root@server ~]# dig example.com mx + +; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> example.com mx +;; global options: printcmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3540 +;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 + +;; QUESTION SECTION: +;example.com. IN MX + +;; ANSWER SECTION: +example.com. 86400 IN MX 10 mail.example.com. + +;; AUTHORITY SECTION: +example.com. 86400 IN NS dns.example.com. + +;; Query time: 0 msec +;; SERVER: 192.168.0.1#53(192.168.0.1) +;; WHEN: Wed Oct 5 10:33:24 2011 +;; MSG SIZE rcvd: 67 + + + + If everything is ok, configure the named service to start at + boot time: + + + chkconfig --level 345 named on + + + If something goes wrong, look for named daemon entries inside the + /var/log/messages file to know what is + going on. When you are configuring the name server, it could + result useful to you keeping an always visible terminal, + running the following command on it: + + + grep named /var/log/messages | tail -f - + + + + + Configuring Mail Server (MTA) + + Based on default configuration provided by Postfix RPM inside + &TCD; (release 5.5), look for the following options and leave + the rest as is. + + + + + /etc/postfix/main.cf + + +myhostname = server.example.com +mydomain = example.org +inet_interfaces = $myhostname, localhost +mynetworks = 192.168.0.0/24, 127.0.0.0/8 +mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp +local_destination_recipient_limit = 300 +local_destination_concurrency_limit = 5 + + + + + + + + + Configuring Mail Server (MDA) + + + /etc/cyrus.conf + + + Leave it as is. There is nothing to touch here for a small and + basic configuration like that one we are implementing in this + chapter. + + + + + /etc/imapd.conf + + + Leave it as is. There is nothing to touch here for a small and + basic configuration like that one we are implementing in this + chapter. + + + The initial configuration of Cyrus IMAP server is set to use + PLAIN authentication mechanisim (see + option) against saslauthd daemon. This makes the + password information to be vulnerable for man in the middle + attacks. In order to protect the user authentication, you can + use other authentication mechanisms like CRAM-MD5 or + DIGEST-MD5 in the mail client in order to send the password + information encrypted. Another solution would be to create an + encrypted channel for communication between the e-email client + and Cyrus IMAP server by mean of SSL encryption. + + + When you use authentication mechanisms that encrypt user + information before passing them to saslauthd daemon (e.g., + DIGETS-MD5), you are protecting your data in the mail + client before passing it to saslauthd daemon. Therefore, when + the saslauthd daemon + tries to validate the credentials you passed in against PAM, + it fails. At my personal understanding, this happens becase + PAM must receive the user information as it was entered by the + user (i.e., plainly, without any encryption) in order to + realize the verification against the system default + authentication database (e.g., + /etc/passwd, + /etc/shadow), and saslauthd daemon is passing an + encrypted version of the plain user information which + obviously cannot match the hash produced by plain user + information in first place. + + + + One alternative to the situation mentioned above could be to + use PLAIN authentication mechanism over an SSL encrypted + communication or excluding PAM mechanism from saslauthd + daemon, and use LDAP mechanism instead. When LDAP mechanism + is used as default authentication mechanism inside saslauthd + daemon, it is possible for mail clients to send encrypted + passwords to saslauthd daemon. In this configuration, the + password stored in LDAP server must be encrypted using the + same algorithm used to send the encrypted password from mail + client to saslauthd daemon. Therefore, you need to force the + user to use just one authentication mechanism, that one used + to stored encrypted passwords inside the LDAP server. + Otherwise, it would be very difficult to authenticate users + that send passwords encrypted in a way different to that one + stored in the LDAP server. + + + + Another configuration could be to keep mail clients using + PLAIN authentication over an SSL connection against saslauthd + daemon, and saslauthd using a PAM. But this time, PAM would be + configured to extend its default system authentication by + using an LDAP server. This way, it would be possible to + isolate user accound administration and greatly control the + kind of information a user might have. For example, the root + user account would be in the system default authentication, + however all service-specific user information would be in the + LDAP server. This permits us to create a web application that + interact with LDAP server in order to manage service-specific + user information only avoiding any contant with system default + authentication, the place where the root user is stored in. In + this PAM configuration, the first match that fails means that + the whole authentication process fails. + + + + + + /etc/pki/cyrus-imapd/cyrus-imapd.pem + + + This file is a symbolic link to + /etc/pki/tls/certs/cyrus-imapd.pem. This + file contains a self-generated SSL certificate you probably + want to update for setting your host name in the Common + Name field of it. To create this file use the + following command: + + openssl req -new -x509 -nodes -out /etc/pki/tls/certs/cyrus-imapd.pem -keyout /etc/pki/tls/certs/cyrus-imapd.pem -days 365 + + + + + + + To initiate the Cyrus IMAP server, run the following command: + + + service cyrus-imapd start + + + In case something fails, look into the + /var/log/maillog file, specifically those + entries containing imap, pop, + nntp and cyrus strings. It could be + useful if, before initiating Cyrus IMAP server, you open a + terminal and run the following command in it, just to see what + is happening once Cyrus IMAP server is initiated: + + + egrep '(cyrus|imap|pop)' /var/log/maillog | tail -f - + + + Later, to test the STARTTLS negociation, you can + run the following command: + + + imtest -t "" server.example.com + + + To administer mailboxes inside Cyrus Imapd, set a password to + cyrus user (e.g., passwd cyrus), do login + with it, and connect to Cyrus IMAP server using the + cyradm command, as shown below: + + + cyradm --user=cyrus --auth=login localhost + + + + + Configuring Mail Server (SASL) + + ... + + + + + Configuring Web Server + + ... + + + + + Configuring Directory Server + + ... + + + + + + diff --git a/Manuals/HowTos/Dialup/Configurations/Dialup/usage.docbook b/Manuals/HowTos/Dialup/Configurations/Dialup/usage.docbook new file mode 100644 index 0000000..f6bc809 --- /dev/null +++ b/Manuals/HowTos/Dialup/Configurations/Dialup/usage.docbook @@ -0,0 +1,6 @@ + + + Usage Convenctions + + + diff --git a/Manuals/HowTos/Dialup/Licenses.docbook b/Manuals/HowTos/Dialup/Licenses.docbook new file mode 100644 index 0000000..bcb5cec --- /dev/null +++ b/Manuals/HowTos/Dialup/Licenses.docbook @@ -0,0 +1,7 @@ + + + Licenses + + &licenses-gfdl; + + diff --git a/Manuals/HowTos/Dialup/Licenses.ent b/Manuals/HowTos/Dialup/Licenses.ent new file mode 100644 index 0000000..dd7f27a --- /dev/null +++ b/Manuals/HowTos/Dialup/Licenses.ent @@ -0,0 +1,2 @@ + + diff --git a/Manuals/HowTos/Dialup/Licenses/gfdl.docbook b/Manuals/HowTos/Dialup/Licenses/gfdl.docbook new file mode 100644 index 0000000..33f6e8c --- /dev/null +++ b/Manuals/HowTos/Dialup/Licenses/gfdl.docbook @@ -0,0 +1,591 @@ + + + GNU Free Documentation License + + Version 1.2, November 2002 + + Copyright © 2000, 2001, 2002 Free Software Foundation, + Inc. 675 Mass Ave, Cambridge, MA 02139, USA + + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + + + Preamble + + The purpose of this License is to make a manual, + textbook, or other functional and useful document + free in the sense of freedom: to assure + everyone the effective freedom to copy and redistribute it, + with or without modifying it, either commercially or + noncommercially. Secondarily, this License preserves for the + author and publisher a way to get credit for their work, while + not being considered responsible for modifications made by + others. + + This License is a kind of copyleft, which + means that derivative works of the document must themselves be + free in the same sense. It complements the , which is a copyleft license + designed for free software. + + We have designed this License in order to use it for + manuals for free software, because free software needs free + documentation: a free program should come with manuals + providing the same freedoms that the software does. But this + License is not limited to software manuals; it can be used for + any textual work, regardless of subject matter or whether it + is published as a printed book. We recommend this License + principally for works whose purpose is instruction or + reference. + + + + + + Applicability and definitions + + This License applies to any manual or other work, in any + medium, that contains a notice placed by the copyright holder + saying it can be distributed under the terms of this License. + Such a notice grants a world-wide, royalty-free license, + unlimited in duration, to use that work under the conditions + stated herein. The Document, below, refers to + any such manual or work. Any member of the public is a + licensee, and is addressed as you. You accept + the license if you copy, modify or distribute the work in a + way requiring permission under copyright law. + + A + Modified Version of the Document means any work + containing the Document or a portion of it, either copied + verbatim, or with modifications and/or translated into another + language. + + A + Secondary Section is a named appendix or a + front-matter section of the Document that deals exclusively + with the relationship of the publishers or authors of the + Document to the Document's overall subject (or to related + matters) and contains nothing that could fall directly within + that overall subject. (Thus, if the Document is in part a + textbook of mathematics, a may not explain any mathematics.) The relationship could be + a matter of historical connection with the subject or with + related matters, or of legal, commercial, philosophical, + ethical or political position regarding them. + + The Invariant Sections are certain + whose titles are + designated, as being those of Invariant Sections, in the + notice that says that the Document is released under this + License. If a section does not fit the above definition of + Secondary then it is not allowed to be designated as + Invariant. The Document may contain zero Invariant Sections. + If the Document does not identify any Invariant Section then + there are none. + + The + Cover Texts are certain short passages of text + that are listed, as Front-Cover Texts or Back-Cover Texts, in + the notice that says that the Document is released under this + License. A Front-Cover Text may be at most 5 words, and a + Back-Cover Text may be at most 25 words. + + A + Transparent copy of the Document means a + machine-readable copy, represented in a format whose + specification is available to the general public, that is + suitable for revising the document straightforwardly with + generic text editors or (for images composed of pixels) + generic paint programs or (for drawings) some widely available + drawing editor, and that is suitable for input to text + formatters or for automatic translation to a variety of + formats suitable for input to text formatters. A copy made in + an otherwise file format whose + markup, or absence of markup, has been arranged to thwart or + discourage subsequent modification by readers is not . An image format is not if used for any substantial amount of + text. A copy that is not is called Opaque. + + Examples of suitable formats for copies + include plain ASCII without markup, Texinfo input format, + LaTeX input format, SGML or XML using a publicly available + DTD, and standard-conforming simple HTML, PostScript or PDF + designed for human modification. Examples of transparent + image formats include PNG, XCF and JPG. Opaque formats + include proprietary formats that can be read and edited only + by proprietary word processors, SGML or XML for which the DTD + and/or processing tools are not generally available, and the + machine-generated HTML, PostScript or PDF produced by some + word processors for output purposes only. + + The Title + Page means, for a printed book, the title page itself, + plus such following pages as are needed to hold, legibly, the + material this License requires to appear in the title page. + For works in formats which do not have any title page as such, + Title Page means the text near the most + prominent appearance of the work's title, preceding the + beginning of the body of the text. + + A section Entitled XYZ means a named + subunit of the Document whose title either is precisely XYZ or + contains XYZ in parentheses following text that translates XYZ + in another language. (Here XYZ stands for a specific section + name mentioned below, such as Acknowledgements, + Dedications, Endorsements, or + History.) To Preserve the Title + of such a section when you modify the Document means that it + remains a section Entitled XYZ according to + this definition. + + The Document may include Warranty Disclaimers next to + the notice which states that this License applies to the + Document. These Warranty Disclaimers are considered to be + included by reference in this License, but only as regards + disclaiming warranties: any other implication that these + Warranty Disclaimers may have is void and has no effect on the + meaning of this License. + + + + + + Verbatim copying + + You may copy and distribute the Document in any medium, + either commercially or noncommercially, provided that this + License, the copyright notices, and the license notice saying + this License applies to the Document are reproduced in all + copies, and that you add no other conditions whatsoever to + those of this License. You may not use technical measures to + obstruct or control the reading or further copying of the + copies you make or distribute. However, you may accept + compensation in exchange for copies. If you distribute a + large enough number of copies you must also follow the + conditions in section . + + You may also lend copies, under the same conditions + stated above, and you may publicly display copies. + + + + + + Copying in quantity + + If you publish printed copies (or copies in media that + commonly have printed covers) of the Document, numbering more + than 100, and the Document's license notice requires Cover + Texts, you must enclose the copies in covers that carry, + clearly and legibly, all these : + Front-Cover Texts on the front cover, and Back-Cover Texts on + the back cover. Both covers must also clearly and legibly + identify you as the publisher of these copies. The front + cover must present the full title with all words of the title + equally prominent and visible. You may add other material on + the covers in addition. Copying with changes limited to the + covers, as long as they preserve the title of the Document and + satisfy these conditions, can be treated as verbatim copying + in other respects. + + If the required texts for either cover are too + voluminous to fit legibly, you should put the first ones + listed (as many as fit reasonably) on the actual cover, and + continue the rest onto adjacent pages. + + If you publish or distribute Opaque copies of the + Document numbering more than 100, you must either include a + machine-readable copy along with each Opaque copy, + or state in or with each Opaque copy a computer-network + location from which the general network-using public has + access to download using public-standard network protocols a + complete copy of the Document, free of added + material. If you use the latter option, you must take + reasonably prudent steps, when you begin distribution of + Opaque copies in quantity, to ensure that this + copy will remain thus accessible at the stated location until + at least one year after the last time you distribute an Opaque + copy (directly or through your agents or retailers) of that + edition to the public. + + It is requested, but not required, that you contact the + authors of the Document well before redistributing any large + number of copies, to give them a chance to provide you with an + updated version of the Document. + + + + + + Modifications + + You may copy and distribute a of the Document under the + conditions of sections and above, + provided that you release the under precisely this License, with the filling the role of the + Document, thus licensing distribution and modification of the + to whoever possesses a + copy of it. In addition, you must do these things in the + : + + + + + Use in the (and on + the covers, if any) a title distinct from that of the + Document, and from those of previous versions (which + should, if there were any, be listed in the History + section of the Document). You may use the same title + as a previous version if the original publisher of + that version gives permission. + + + List on the , as + authors, one or more persons or entities responsible + for authorship of the modifications in the , together with at least + five of the principal authors of the Document (all of + its principal authors, if it has fewer than five), + unless they release you from this requirement. + + + + State on the the + name of the publisher of the , as the + publisher. + + + + Preserve all the copyright notices of the + Document. + + + + Add an appropriate copyright notice for your + modifications adjacent to the other copyright + notices. + + + + Include, immediately after the copyright + notices, a license notice giving the public permission + to use the under the terms of this + License, in the form shown in the Addendum + below. + + + + Preserve in that license notice the full lists + of and required + given in the Document's + license notice. + + + + Include an unaltered copy of this License. + + + + Preserve the section Entitled + History, Preserve its Title, and add to + it an item stating at least the title, year, new + authors, and publisher of the as given on the . If there is no section + Entitled History in the Document, create + one stating the title, year, authors, and publisher of + the Document as given on its , then add an item describing the as stated in the previous + sentence. + + + + Preserve the network location, if any, given in + the Document for public access to a copy of the Document, and + likewise the network locations given in the Document + for previous versions it was based on. These may be + placed in the History section. You may + omit a network location for a work that was published + at least four years before the Document itself, or if + the original publisher of the version it refers to + gives permission. + + + + For any section Entitled + Acknowledgements or + Dedications, Preserve the Title of the + section, and preserve in the section all the substance + and tone of each of the contributor acknowledgements + and/or dedications given therein. + + + + Preserve all the of the Document, + unaltered in their text and in their titles. Section + numbers or the equivalent are not considered part of + the section titles. + + + + Delete any section Entitled + Endorsements. Such a section may not + be included in the . + + + + Do not retitle any existing section to be + Entitled Endorsements or to conflict in + title with any . + + + Preserve any Warranty Disclaimers. + + + + + If the includes new + front-matter sections or appendices that qualify as and contain no material copied + from the Document, you may at your option designate some or + all of these sections as invariant. To do this, add their + titles to the list of in the 's license notice. These titles + must be distinct from any other section titles. + + You may add a section Entitled + Endorsements, provided it contains nothing but + endorsements of your by various + parties–for example, statements of peer review or that + the text has been approved by an organization as the + authoritative definition of a standard. + + You may add a passage of up to five words as a + Front-Cover Text, and a passage of up to 25 words as a + Back-Cover Text, to the end of the list of in the . Only one passage of + Front-Cover Text and one of Back-Cover Text may be added by + (or through arrangements made by) any one entity. If the + Document already includes a cover text for the same cover, + previously added by you or by arrangement made by the same + entity you are acting on behalf of, you may not add another; + but you may replace the old one, on explicit permission from + the previous publisher that added the old one. + + The author(s) and publisher(s) of the Document do not by + this License give permission to use their names for publicity + for or to assert or imply endorsement of any . + + + + + + Combining documents + + You may combine the Document with other documents + released under this License, under the terms defined in + section above for + modified versions, provided that you include in the + combination all of the of + all of the original documents, unmodified, and list them all + as of your combined work + in its license notice, and that you preserve all their + Warranty Disclaimers. + + The combined work need only contain one copy of this + License, and multiple identical may be replaced with a single + copy. If there are multiple with the same name but + different contents, make the title of each such section unique + by adding at the end of it, in parentheses, the name of the + original author or publisher of that section if known, or else + a unique number. Make the same adjustment to the section + titles in the list of in + the license notice of the combined work. + + In the combination, you must combine any sections + Entitled History in the various original + documents, forming one section Entitled + History; likewise combine any sections Entitled + Acknowledgements, and any sections Entitled + Dedications. You must delete all sections + Entitled Endorsements. + + + + + + Collection of documents + + You may make a collection consisting of the Document and + other documents released under this License, and replace the + individual copies of this License in the various documents + with a single copy that is included in the collection, + provided that you follow the rules of this License for + verbatim copying of each of the documents in all other + respects. + + You may extract a single document from such a + collection, and distribute it individually under this License, + provided you insert a copy of this License into the extracted + document, and follow this License in all other respects + regarding verbatim copying of that document. + + + + + + Aggregation with independent works + + A compilation of the Document or its derivatives with + other separate and independent documents or works, in or on a + volume of a storage or distribution medium, is called an + aggregate if the copyright resulting from the + compilation is not used to limit the legal rights of the + compilation's users beyond what the individual works permit. + When the Document is included in an aggregate, this License + does not apply to the other works in the aggregate which are + not themselves derivative works of the Document. + + If the Cover Text requirement of section is applicable to these + copies of the Document, then if the Document is less than one + half of the entire aggregate, the Document's may be placed on covers that bracket + the Document within the aggregate, or the electronic + equivalent of covers if the Document is in electronic form. + Otherwise they must appear on printed covers that bracket the + whole aggregate. + + + + + + Translations + + Translation is considered a kind of modification, so you + may distribute translations of the Document under the terms of + section . Replacing + with translations + requires special permission from their copyright holders, but + you may include translations of some or all in addition to the original + versions of these . You + may include a translation of this License, and all the license + notices in the Document, and any Warranty Disclaimers, + provided that you also include the original English version of + this License and the original versions of those notices and + disclaimers. In case of a disagreement between the + translation and the original version of this License or a + notice or disclaimer, the original version will + prevail. + + If a section in the Document is Entitled + Acknowledgements, Dedications, + or History, the requirement (section ) to Preserve its Title + (section ) will + typically require changing the actual title. + + + + + + Termination + + You may not copy, modify, sublicense, or distribute the + Document except as expressly provided for under this License. + Any other attempt to copy, modify, sublicense or distribute + the Document is void, and will automatically terminate your + rights under this License. However, parties who have received + copies, or rights, from you under this License will not have + their licenses terminated so long as such parties remain in + full compliance. + + + + + + Future Revisions of this License + + The Free Software Foundation may publish new, revised + versions of the GNU Free Documentation License from time to + time. Such new versions will be similar in spirit to the + present version, but may differ in detail to address new + problems or concerns. See . + + Each version of the License is given a distinguishing + version number. If the Document specifies that a particular + numbered version of this License or any later + version applies to it, you have the option of + following the terms and conditions either of that specified + version or of any later version that has been published (not + as a draft) by the Free Software Foundation. If the Document + does not specify a version number of this License, you may + choose any version ever published (not as a draft) by the Free + Software Foundation. + + + + + + How to use this License for your documents + + To use this License in a document you have written, + include a copy of the License in the document and put the + following copyright and license notices just after the title + page: + + +Copyright (C) YEAR YOUR NAME. + +Permission is granted to copy, distribute and/or modify this +document under the terms of the GNU Free Documentation License, +Version 1.2 or any later version published by the Free Software +Foundation; with no Invariant Sections, no Front-Cover Texts, and +no Back-Cover Texts. A copy of the license is included in the +section entitled GNU Free Documentation License. + + + If you have , + Front-Cover Texts and Back-Cover Texts, replace the + with...Texts. line with this: + + +with the Invariant Sections being LIST THEIR TITLES, with the +Front-Cover Texts being LIST, and with the Back-Cover Texts being +LIST. + + + If you have + without , or some other + combination of the three, merge those two alternatives to suit + the situation. + + If your document contains nontrivial examples of program + code, we recommend releasing these examples in parallel under + your choice of free software license, such as the GNU General + Public License, to permit their use in free software. + + + + diff --git a/Manuals/HowTos/Dialup/Preface.docbook b/Manuals/HowTos/Dialup/Preface.docbook new file mode 100755 index 0000000..42c8578 --- /dev/null +++ b/Manuals/HowTos/Dialup/Preface.docbook @@ -0,0 +1,9 @@ + + + Preface + + &preface-overview; + &preface-docconvs; + &preface-feedback; + + diff --git a/Manuals/HowTos/Dialup/Preface.ent b/Manuals/HowTos/Dialup/Preface.ent new file mode 100755 index 0000000..263be1d --- /dev/null +++ b/Manuals/HowTos/Dialup/Preface.ent @@ -0,0 +1,4 @@ + + + + diff --git a/Manuals/HowTos/Dialup/Preface/docconvs.docbook b/Manuals/HowTos/Dialup/Preface/docconvs.docbook new file mode 100644 index 0000000..8eda7bc --- /dev/null +++ b/Manuals/HowTos/Dialup/Preface/docconvs.docbook @@ -0,0 +1,225 @@ +
+ + Document Convenctions + + + In this manual, certain words are represented in different + fonts, typefaces, sizes, and weights. This highlighting is + systematic; different words are represented in the same style + to indicate their inclusion in a specific category. The types + of words that are represented this way include the + following: + + + + + command + + + Linux commands (and other operating system commands, when + used) are represented this way. This style should + indicate to you that you can type the word or phrase on + the command line and press Enter to + invoke a command. Sometimes a command contains words that + would be displayed in a different style on their own (such + as file names). In these cases, they are considered to be + part of the command, so the entire phrase is displayed as + a command. For example: + + + + Use the centos-art render + trunk/Identity/Images/Themes/TreeFlower/4/Distro/5/Anaconda + --filter="01-welcome" command to produce the first + slide image used by Anaconda in the branch 5 of &TCD; + using the version 4 of TreeFlower artistic motif. + + + + + + file name + + + File names, directory names, paths, and RPM package names + are represented this way. This style indicates that a + particular file or directory exists with that name on your + system. Examples: + + + + The init.sh file in trunk/Scripts/Bash/Cli/ + directory is the initialization script, written in Bash, + used to automate most of tasks in the repository. + + + + The centos-art command uses the + ImageMagick RPM package to convert + images from PNG format to other formats. + + + + + + key + + + A key on the keyboard is shown in this style. For + example: + + + + To use Tab completion to list particular + files in a directory, type ls, then a + character, and finally the Tab key. Your + terminal displays the list of files in the working + directory that begin with that character. + + + + + + keycombination + + + A combination of keystrokes is represented in this way. + For example: + + + + The CtrlAltBackspace + key combination exits your graphical session and returns + you to the graphical login screen or the console. + + + + + + computer output + + + Text in this style indicates text displayed to a shell + prompt such as error messages and responses to commands. + For example, the ls command displays + the contents of a directory using this style: + + + +render_doTranslation.sh render_getDirTemplate.sh render_doBaseActions.sh +render_getConfigOption.sh render_getOptions.sh render_doThemeActions.sh +render_getDirOutput.sh render.sh + + + + The output returned in response to the command (in this + case, the contents of the directory) is shown in this + style. + + + + + + prompt + + + A prompt, which is a computer's way of signifying that it + is ready for you to input something, is shown in this + style. Examples: + + + + + + $ + + + + + # + + + + + [centos@projects centos]$ + + + + + projects login: + + + + + + + + user input + + + Text that the user types, either on the command line or + into a text box on a GUI screen, is displayed in this + style. In the following example, + text is displayed in this style: To + boot your system into the text based installation program, + you must type in the text command + at the boot: prompt. + + + + + + replaceable + + + Text used in examples that is meant to be replaced with + data provided by the user is displayed in this style. In + the following example, + version-number is displayed in + this style: The directory for the kernel source is + /usr/src/kernels/version-number/, + where version-number is the + version and type of kernel installed on this system. + + + + + + Additionally, we use several different strategies to draw + your attention to certain pieces of information. In order of + urgency, these items are marked as a note, tip, important, + caution, or warning. For example: + + + Remember that Linux is case sensitive. In other words, a + rose is not a ROSE is not a rOsE. + + + + The directory /usr/share/doc/ contains + additional documentation for packages installed on your + system. + + + + If you modify the DHCP configuration file, the changes + do not take effect until you restart the DHCP daemon. + + + + Do not perform routine tasks as root — use a + regular user account unless you need to use the root account + for system administration tasks. + + + + Be careful to remove only the necessary partitions. + Removing other partitions could result in data loss or a + corrupted system environment. + + +
diff --git a/Manuals/HowTos/Dialup/Preface/feedback.docbook b/Manuals/HowTos/Dialup/Preface/feedback.docbook new file mode 100644 index 0000000..976502b --- /dev/null +++ b/Manuals/HowTos/Dialup/Preface/feedback.docbook @@ -0,0 +1,15 @@ +
+ + Send In Your Feedback + + + If you find a bug in the infrastructure described in this + manual, we would like to hear about it. To report bugs + related to this manual, send an e-mail to the + centos-docs@centos.org mailing list. When you + write the bug report, take care of being specific about the + problem you are reporting on (e.g., where it is, the section + number, etc.) so we can found it easily. + + +
diff --git a/Manuals/HowTos/Dialup/Preface/overview.docbook b/Manuals/HowTos/Dialup/Preface/overview.docbook new file mode 100755 index 0000000..962fa81 --- /dev/null +++ b/Manuals/HowTos/Dialup/Preface/overview.docbook @@ -0,0 +1,24 @@ +
+ + Overview + + + This manual describes two computers configuration, one acting + as server and other as client. The server computer will be + configured to provide internet services and the client to make + use of those internet services provided by the server + computer. The connection medium both client and server + computer use is the telelphone line (i.e., the same medium you + use to realize phone calls). In this configuration, both + client and server computers use special devices named + Modems to transmit data in form of sound across + the telephone line. + + + + The configuration described in this chapter could be a good + choise when the only communication medium you have access to + is a telephone network. + + +
diff --git a/Manuals/HowTos/Dialup/Server.docbook b/Manuals/HowTos/Dialup/Server.docbook new file mode 100644 index 0000000..f934db3 --- /dev/null +++ b/Manuals/HowTos/Dialup/Server.docbook @@ -0,0 +1,9 @@ + + + The Server Computer + + &server-usage; + &server-install; + &server-config; + + diff --git a/Manuals/HowTos/Dialup/Server.ent b/Manuals/HowTos/Dialup/Server.ent new file mode 100644 index 0000000..531a560 --- /dev/null +++ b/Manuals/HowTos/Dialup/Server.ent @@ -0,0 +1,15 @@ + + + + + + + + + + + + + + + diff --git a/Manuals/HowTos/Dialup/Server/Config.docbook b/Manuals/HowTos/Dialup/Server/Config.docbook new file mode 100644 index 0000000..40c442b --- /dev/null +++ b/Manuals/HowTos/Dialup/Server/Config.docbook @@ -0,0 +1,9 @@ + + + Dial-Up Server Configuration + + &server-config-overview; + &server-config-hardware; + &server-config-software; + + diff --git a/Manuals/HowTos/Dialup/Server/Config/hardware.docbook b/Manuals/HowTos/Dialup/Server/Config/hardware.docbook new file mode 100644 index 0000000..4660bc4 --- /dev/null +++ b/Manuals/HowTos/Dialup/Server/Config/hardware.docbook @@ -0,0 +1,9 @@ + + + Configuring Server Hardware + + + ... + + + diff --git a/Manuals/HowTos/Dialup/Server/Config/overview.docbook b/Manuals/HowTos/Dialup/Server/Config/overview.docbook new file mode 100644 index 0000000..bcfcc4a --- /dev/null +++ b/Manuals/HowTos/Dialup/Server/Config/overview.docbook @@ -0,0 +1,9 @@ + + + Overview + + + ... + + + diff --git a/Manuals/HowTos/Dialup/Server/Config/software.docbook b/Manuals/HowTos/Dialup/Server/Config/software.docbook new file mode 100644 index 0000000..e6f9bcd --- /dev/null +++ b/Manuals/HowTos/Dialup/Server/Config/software.docbook @@ -0,0 +1,9 @@ + + + Configuring Server Software + + + ... + + + diff --git a/Manuals/HowTos/Dialup/Server/Install.docbook b/Manuals/HowTos/Dialup/Server/Install.docbook new file mode 100644 index 0000000..fcc98c2 --- /dev/null +++ b/Manuals/HowTos/Dialup/Server/Install.docbook @@ -0,0 +1,9 @@ + + + Dial-Up Server Installation + + &server-install-overview; + &server-install-hardware; + &server-install-software; + + diff --git a/Manuals/HowTos/Dialup/Server/Install/hardware.docbook b/Manuals/HowTos/Dialup/Server/Install/hardware.docbook new file mode 100644 index 0000000..72b37bb --- /dev/null +++ b/Manuals/HowTos/Dialup/Server/Install/hardware.docbook @@ -0,0 +1,61 @@ + + + Installing Server Hardware + + + In order to establish a PPP link between two computers using + the telephone line as medium for data transmission, you need + to install (at least) one modem device in each computer. + + + + To install a modem device in computer you need to attach the + modem hardware to the computer and later the telephone line to + the modem hardware. To connect the modem to your computer, you + need to connect the serial or USB cable that comes from the + modem hardware to the appropriate input on your computer. To + connect the modem to the telephone line system, you need to + unplug the cable that connects your telephone device and plug + it on the modem device, specifically in the port reserved for + data transmission. Later, using a similar cable, you could + connect your telephone device to the modem's telephone port, + so you can realize telephone calls when no data transmition + take place. + + + + To be on the safe side, do all the installation with the + computer turned off. Then, when everthing has been put in + place, turn it on. Once the system is up, you can verify the + modem hardware using either the lsusb or + lspci commands. These commands need to be + run with administrative privileges, so probably need to + sudo them or login as root user in order to execute + thme. For example, assuming you are logged in as root user, + and you are using an USB modem like that one we mentioned + before, the output of lsusb command would + look like the following: + + + +Bus 003 Device 001: ID 0000:0000 +Bus 001 Device 001: ID 0000:0000 +Bus 001 Device 002: ID 058f:6366 Alcor Micro Corp. Multi Flash Reader +Bus 002 Device 001: ID 0000:0000 +Bus 005 Device 003: ID 06e0:f104 Multi-Tech Systems, Inc. +MT5634ZBA-USB MultiModemUSB (new firmware) +Bus 005 Device 001: ID 0000:0000 +Bus 005 Device 002: ID 046d:c018 Logitech, Inc. Optical Wheel Mouse +Bus 004 Device 001: ID 0000:0000 + + + + The relevant line here is that mentioning the existence of a + Multi-Tech System, Inc. MT5634ZBA-USB MultiModemUSB (new + firmware) device. If the modem you installed doesn't + appear in this list, it is probably because such hardware is + not supported by &TCD;, yet. + + + diff --git a/Manuals/HowTos/Dialup/Server/Install/overview.docbook b/Manuals/HowTos/Dialup/Server/Install/overview.docbook new file mode 100644 index 0000000..f7e99b1 --- /dev/null +++ b/Manuals/HowTos/Dialup/Server/Install/overview.docbook @@ -0,0 +1,9 @@ + + + Overview + + + ... + + + diff --git a/Manuals/HowTos/Dialup/Server/Install/software.docbook b/Manuals/HowTos/Dialup/Server/Install/software.docbook new file mode 100644 index 0000000..72baf64 --- /dev/null +++ b/Manuals/HowTos/Dialup/Server/Install/software.docbook @@ -0,0 +1,9 @@ + + + Installing Server Software + + + ... + + + diff --git a/Manuals/HowTos/Dialup/Server/Usage.docbook b/Manuals/HowTos/Dialup/Server/Usage.docbook new file mode 100644 index 0000000..b121a6a --- /dev/null +++ b/Manuals/HowTos/Dialup/Server/Usage.docbook @@ -0,0 +1,11 @@ + + + Dial-Up Server Usage + + &server-usage-overview; + &server-usage-connections; + &server-usage-users; + &server-usage-services; + &server-usage-diskspace; + + diff --git a/Manuals/HowTos/Dialup/Server/Usage/connections.docbook b/Manuals/HowTos/Dialup/Server/Usage/connections.docbook new file mode 100644 index 0000000..dea10e3 --- /dev/null +++ b/Manuals/HowTos/Dialup/Server/Usage/connections.docbook @@ -0,0 +1,81 @@ + + + Administering Dial-Up Connections + + + The lifetime of dial-up connections must be limitted based on + the number of users you expect to establish connection and the + kind of services you plan to provide. The mail service + provided by the server computer is conceived as a public + service so anyone with a modem attached to a computer would be + able to have access to it. However, due to hardware + limitations, only 100 users will be allowed to be registered + in the public mail service. Based on this information, the + lifetime of established connections will be of 15 minutes from + the established moment on. Once the connection has been + established, if the link is idle for 1 minute, the server + computer will close the established connection to free the + telephone line. This control can be implemented through the + and options + inside the pppd's configuration + file. + + + + Only registered user profiles will be able to establish connections + to the server computer. This control can be implemented using + the option in the + pppd's configuration file to define a + list of all telephone numbers that are allowed to establish + connection with the server computer, based on the list of + registered user profiles. By default, all telephone numbers + are denied from establishing access with the server computer, + except those ones explicitly set by + option. If the + option is not present in + pppd's configuration file, all + telephone numbers are allowed to establish connection with the + server computer, so be sure to include the + option in + pppd's configuration file if you + want to control who can/cannot establish connection with the + server computer. + + + +##### centos-pppd-config will overwrite this part!!! (begin) ##### +allow-number 12345 +allow-number 21345 +allow-number 34567 +##### centos-pppd-config will overwrite this part!!! (end) ##### + + + + The centos-pppd-admin application + must be considered part of user profile registration process + inside the server computer. The + centos-pppd-admin application would + be used to control the list of allowed telephone numbers + inside the pppd's configuration + file, based on the list of user profiles. The + centos-pppd-admin application + should be executed after any registration/deletion action + against the list of user profiles with root privilages in order to be + able of writing the settings on + pppd's configuration file. + + + + Redialing consecutive connections from the same telephone + number without any dealy between call retries must be avoided + from client computers. This would reduce the possibilities for + other client computers to establish connection with the server + computer. To prevent this issue from happening, it would be + necessary to provide more telephone lines than users + authorized to establish connection with the server computer. + Nevertheless, there is only one telephone line available for + the server computer to use. + + + diff --git a/Manuals/HowTos/Dialup/Server/Usage/diskspace.docbook b/Manuals/HowTos/Dialup/Server/Usage/diskspace.docbook new file mode 100644 index 0000000..950fc51 --- /dev/null +++ b/Manuals/HowTos/Dialup/Server/Usage/diskspace.docbook @@ -0,0 +1,36 @@ + + + Administering Disk Space + + + The maximum number of registered user profiles is limited + inside the server computer, based on the maximum disk space + the server computer confines to such purpose. For example, + consider an environment where users can get registered + themselves using a web interface. In this case the web + interface must know how much disk space is available before + proceeding to register new mail accounts inside the server + computer and this way preventing any disk writing when there + isn't enough free space on disk to perform a new user + registration. Considering the server computer has confined + 1GB of disk space to handle the mail service (e.g., mail + queues, mailboxes, etc.) and each user mailbox is 10MB, it + will be possible to provide self-registration through the web + interface for 100 users in total. + + + + Another measure related to save disk space might be to remove + unused user accounts and their related files (e.g., mailboxes) + from the server computer. For example, consider an environment + where user accounts are automatically removed from the server + computer when they don't establish a connection with the + server computer in a period greater than 7 days since the last + valid connection established to the server computer. Once the + user account is removed, it is no longer functional of course, + and the person whom lost the account will need to create a new + one, assuming it want to have access to the mail service + again. + + + diff --git a/Manuals/HowTos/Dialup/Server/Usage/overview.docbook b/Manuals/HowTos/Dialup/Server/Usage/overview.docbook new file mode 100644 index 0000000..0287ab1 --- /dev/null +++ b/Manuals/HowTos/Dialup/Server/Usage/overview.docbook @@ -0,0 +1,33 @@ + + + Overview + + + The infrastructure described in this chapter uses the + client/server model to provide a public mail service through + the telephone line. In this configuration, we (the poeple + building the infrastructure) provide the information you (the + person using the infrastructure) need to know in order to + establish a point-to-point connection from the client computer + to the server computer through the telephone line. + + + + The infrastructure described in this chapter is made available + to you free of charge, however, you should know that + maintaining it costs both money and time. For example, for + each hour the server computer is on production there is an + electrical consume that need to be paid every month. + Likewise, each call that you establish from the client + computer to the server computer will cost you money, based on + the location you made the call from and the time you spend + connected. + + + + In this chapter we discuss usage convenctions we all must be + agree with, in order to achieve a practical and secure + interchange system. + + + diff --git a/Manuals/HowTos/Dialup/Server/Usage/services.docbook b/Manuals/HowTos/Dialup/Server/Usage/services.docbook new file mode 100644 index 0000000..2f89a6c --- /dev/null +++ b/Manuals/HowTos/Dialup/Server/Usage/services.docbook @@ -0,0 +1,81 @@ + + + Administering Internet Services + + + The information generated inside the server computer is + isolated from Internet. This way, any information generated + inside the server computer will be available only to people + registered inside the server computer. For example, don't ever + expect to send/receive e-mails to/from Internet e-mail + accounts like Gmail or Yahoo, nor visiting web sites like + Google or Wikipedia either. For + this to happen, it is required an established connection + between the server computer you are establishing connection + through and the Internet network those services are available + in. Without that link, it is not possible to direct your + requests to those sites. + + + + The implementation of services that required persistent + connections (e.g., chats) will not + be considered as a practical offer inside the server computer. + Instead, only asynchronous services (e.g., + e-mail) will be supported. This + restriction is required to reduce the amount of time demanded + by services. For example, consider an environment where you + connect to the server computer for sending/receiving e-mails + messages and then quickly disconnect from it to free the + telephone line for others to use. In this environment, there + is no need for you and other person to be both connected at + the same time to send/receive e-mail messages to/from each + other. The e-mails sent from other person to you will be + available in your mailbox the next time you get connected to + the server computer and use your e-mail client to send/receive + e-mail messages. Likewise, you don't need to be connected to + the server computer in order to write your e-mail messages. + You can write down your messages off-line and then establish + connection once you've finished writing, just to send them + out and receive new messages that could have been probably + sent to you. + + + + Another issue related to e-mail exchange is the protocol used + to receive messages. Presently, there are two popular ways to + do this, one is through IMAP and another through POP3. When + you use IMAP protocol, e-mail messages are retained in the + server computer and aren't downloaded to client computer. + Otherwise, when you use POP3 protocol, e-mail messages are + downloaded to the client computer and removed from server + computer. Based on the resources we have and the kind of link + used by the client computer to connect the server computer, + using POP3 is rather prefered than IMAP. However both are made + available. + + + + Assuming you use IMAP protocol to read your mailbox, be aware + that you need to be connected to the server computer. Once + the connection is lost you won't be able to read your messages + (unless your e-mail client possesses a feature that let you + reading messages off-line). Morover, you run the risk of + getting your mailbox out of space. If your mailbox gets out of + space, new messages sent to you will not be deliver to your + mailbox. Instead, they will be deferred for a period of time + (e.g., about 5 days when using + Postfix defaults) hoping you to + free the space in your mailbox to deliver them. If you don't + free space within this period of time, the deferred e-mails + will be bounced back to their senders and you will never see + them. On the other hand, assuming you are using POP3 protocol + to read your mailbox, you always keep your mailbox free to + receive new e-mails messages and keep them for you until the + next time you establish connection with the server computer + and download them to your client computer using your e-mail + client. + + + diff --git a/Manuals/HowTos/Dialup/Server/Usage/users.docbook b/Manuals/HowTos/Dialup/Server/Usage/users.docbook new file mode 100644 index 0000000..2cdf646 --- /dev/null +++ b/Manuals/HowTos/Dialup/Server/Usage/users.docbook @@ -0,0 +1,61 @@ + + + Administering Users Accounts + + + In order for you to use any service provided by the server + computer it is required that you register yourself inside the + server computer creating a user profile. The user profile + provides the user information required by services inside the + server computer (e.g., username, password, e-mail address, + telephone number, etc.). To register new user profiles, you + need to use the web application provided by the server + computer. For example, assuming the domain name of the server + computer is example.com, the web + application would be accessable through the following URL: + . + + + + To reach the web interface, the first thing you need to do is + establishing a dial-up connection to the server computer as + described in . Once the + dial-up connection has been established, you need to open a + web browser (e.g., Firefox) and put the URL mentioned above in + the address space, and press Enter to go. This will present + you a web page with the instructions you need to follow in + order to register your user profile. Other actions like + updating or deleting your own user profile should be also + possible from this web interface. + + + + + The web interface used to manage user profiles inside the + server computer must be presented over an encrypted session in + order to protect all the information passing through. + + + + + Inside the server computer, all related subsystems in need of + user information (e.g., Postix, Cyrus-Imapd and Saslauthd) + retrive user information from one single (LDAP) source. The + web application provided by the server computer manages all + these subsystems' configuration files in order to provide a + pleasant experience for end users. The web interface must be + as simple as possible in order to achieve all administration + tasks in the range of time permitted by the server computer + before it closes the connection established from the client + computer. + + + + More information about the web interface you need to use to + manage your user profile inside the server computer can be + found in .... + + + diff --git a/Manuals/HowTos/Dialup/howto-dialup.docbook b/Manuals/HowTos/Dialup/howto-dialup.docbook new file mode 100755 index 0000000..af57010 --- /dev/null +++ b/Manuals/HowTos/Dialup/howto-dialup.docbook @@ -0,0 +1,79 @@ + + + + + + + +%Commons.ent; +%Preface.ent; +%Server.ent; +%Client.ent; +%Licenses.ent; +]> + + + + + Dial-Up Infrastructure + + + + Alain + Reguera Delgado + + + + + 2011 + &TCP;. All rights reserved. + + + + + Permission is granted to copy, distribute and/or modify + this document under the terms of the GNU Free + Documentation License, Version 1.2 or any later version + published by the Free Software Foundation; with no + Invariant Sections, no Front-Cover Texts, and no + Back-Cover Texts. A copy of the license is included in + . + + + + + + 1.0 + Today + + Alain + Reguera Delgado + + + + Under development. + + + + + + + + + &preface; + + + &server; + &client; + + + &licenses; + + diff --git a/Manuals/Howto-dialup/Administration.docbook b/Manuals/Howto-dialup/Administration.docbook deleted file mode 100755 index a16f3df..0000000 --- a/Manuals/Howto-dialup/Administration.docbook +++ /dev/null @@ -1,13 +0,0 @@ - - - Administration - - - - ... - - - - &administration-mail; - - diff --git a/Manuals/Howto-dialup/Administration.ent b/Manuals/Howto-dialup/Administration.ent deleted file mode 100644 index 8feac9d..0000000 --- a/Manuals/Howto-dialup/Administration.ent +++ /dev/null @@ -1,2 +0,0 @@ - - diff --git a/Manuals/Howto-dialup/Administration/Mail.docbook b/Manuals/Howto-dialup/Administration/Mail.docbook deleted file mode 100644 index 04b9c1d..0000000 --- a/Manuals/Howto-dialup/Administration/Mail.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Mail Server Administration - - - ... - - - diff --git a/Manuals/Howto-dialup/Client.docbook b/Manuals/Howto-dialup/Client.docbook deleted file mode 100644 index 6a43d5a..0000000 --- a/Manuals/Howto-dialup/Client.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - The Client Computer - - &client-usage; - &client-install; - &client-config; - - diff --git a/Manuals/Howto-dialup/Client.ent b/Manuals/Howto-dialup/Client.ent deleted file mode 100644 index c89c2b8..0000000 --- a/Manuals/Howto-dialup/Client.ent +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - - diff --git a/Manuals/Howto-dialup/Client/Config.docbook b/Manuals/Howto-dialup/Client/Config.docbook deleted file mode 100644 index 6396561..0000000 --- a/Manuals/Howto-dialup/Client/Config.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Dial-Up Client Configuration - - &client-config-overview; - &client-config-hardware; - &client-config-software; - - diff --git a/Manuals/Howto-dialup/Client/Config/hardware.docbook b/Manuals/Howto-dialup/Client/Config/hardware.docbook deleted file mode 100644 index 7fdf79c..0000000 --- a/Manuals/Howto-dialup/Client/Config/hardware.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Configuring Client Hardware - - - ... - - - diff --git a/Manuals/Howto-dialup/Client/Config/overview.docbook b/Manuals/Howto-dialup/Client/Config/overview.docbook deleted file mode 100644 index 371a1d9..0000000 --- a/Manuals/Howto-dialup/Client/Config/overview.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Overview - - - ... - - - diff --git a/Manuals/Howto-dialup/Client/Config/software.docbook b/Manuals/Howto-dialup/Client/Config/software.docbook deleted file mode 100644 index f374689..0000000 --- a/Manuals/Howto-dialup/Client/Config/software.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Configuring Client Software - - - ... - - - diff --git a/Manuals/Howto-dialup/Client/Install.docbook b/Manuals/Howto-dialup/Client/Install.docbook deleted file mode 100644 index 6753e7d..0000000 --- a/Manuals/Howto-dialup/Client/Install.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Dial-Up Client Installation - - &client-install-overview; - &client-install-hardware; - &client-install-software; - - diff --git a/Manuals/Howto-dialup/Client/Install/hardware.docbook b/Manuals/Howto-dialup/Client/Install/hardware.docbook deleted file mode 100644 index 53a4f84..0000000 --- a/Manuals/Howto-dialup/Client/Install/hardware.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Installing Client Hardware - - - ... - - - diff --git a/Manuals/Howto-dialup/Client/Install/overview.docbook b/Manuals/Howto-dialup/Client/Install/overview.docbook deleted file mode 100644 index b62e798..0000000 --- a/Manuals/Howto-dialup/Client/Install/overview.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Overview - - - ... - - - diff --git a/Manuals/Howto-dialup/Client/Install/software.docbook b/Manuals/Howto-dialup/Client/Install/software.docbook deleted file mode 100644 index e057cdf..0000000 --- a/Manuals/Howto-dialup/Client/Install/software.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Installing Client Software - - - ... - - - diff --git a/Manuals/Howto-dialup/Client/Usage.docbook b/Manuals/Howto-dialup/Client/Usage.docbook deleted file mode 100644 index 281aca0..0000000 --- a/Manuals/Howto-dialup/Client/Usage.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Dial-Up Client Usage - - - ... - - - diff --git a/Manuals/Howto-dialup/Commons.ent b/Manuals/Howto-dialup/Commons.ent deleted file mode 100755 index f5bcdd1..0000000 --- a/Manuals/Howto-dialup/Commons.ent +++ /dev/null @@ -1,23 +0,0 @@ - - - - - - -&TC; Project"> - - -&TC; Mirrors"> -&TC; Wiki"> - - - - -The CentOS Artwork Repository"> -&TCPI; User's Guide"> diff --git a/Manuals/Howto-dialup/Configurations.docbook b/Manuals/Howto-dialup/Configurations.docbook deleted file mode 100755 index f470587..0000000 --- a/Manuals/Howto-dialup/Configurations.docbook +++ /dev/null @@ -1,20 +0,0 @@ - - - Configurations - - - - This part of the book discusses the configuration of specific - infrastructures that may or may not be included inside &TCPI;. - Each configuration described here is oriented to satisfy - specific practical situations in a step-by-step fashion, so it - can be implemented as straightforward as possible. The - packages and documentation references related to each - configuration are also mentioned so you can get deeper on each - topic in case you need so. - - - - &configurations-dialup; - - diff --git a/Manuals/Howto-dialup/Configurations.ent b/Manuals/Howto-dialup/Configurations.ent deleted file mode 100755 index 410c988..0000000 --- a/Manuals/Howto-dialup/Configurations.ent +++ /dev/null @@ -1,7 +0,0 @@ - - - - - - - diff --git a/Manuals/Howto-dialup/Configurations/Dialup.docbook b/Manuals/Howto-dialup/Configurations/Dialup.docbook deleted file mode 100644 index b336433..0000000 --- a/Manuals/Howto-dialup/Configurations/Dialup.docbook +++ /dev/null @@ -1,11 +0,0 @@ - - - IP Through Telephone Line - - &configurations-dialup-intro; - &configurations-dialup-usage; - &configurations-dialup-modem; - &configurations-dialup-server; - &configurations-dialup-client; - - diff --git a/Manuals/Howto-dialup/Configurations/Dialup/client.docbook b/Manuals/Howto-dialup/Configurations/Dialup/client.docbook deleted file mode 100644 index 26adb42..0000000 --- a/Manuals/Howto-dialup/Configurations/Dialup/client.docbook +++ /dev/null @@ -1,97 +0,0 @@ - - - The Client Computer - - - Installing Client Computer - - ... - - - - - Configuring Client Computer - - - ... - - - - Establishing Dial-Up Connection - - - To establish connection from the client computer to the server - computer you should configure the client computer to dial-up - the server computer, using the following information: - - - - ISP Name: server.example.com -ISP Phone: +53043515094 - Username: client.example.com - Password: mail4u - - - - To estabalish a dial-up connection from the client computer to - the server computer, you need to determine the modem location - assigned by the operating system, so you can instruct - applications like system-config-network the - correct device they will to talk to. This configuration - process has been greatly simplified by the - wvdialconf command distributed with the - wvdial - package. To do this, run the following command and pay - attention to the three last lines of its output: - - - wvdialconf /etc/wvdial.conf - - -Scanning your serial ports for a modem. - -ttyS0<*1>: ATQ0 V1 E1 -- failed with 2400 baud, next try: 9600 baud -ttyS0<*1>: ATQ0 V1 E1 -- failed with 9600 baud, next try: 115200 baud -ttyS0<*1>: ATQ0 V1 E1 -- and failed too at 115200, giving up. -Port Scan<*1>: S1 S2 S3 -WvModem<*1>: Cannot get information for serial port. -ttyACM0<*1>: ATQ0 V1 E1 -- OK -ttyACM0<*1>: ATQ0 V1 E1 Z -- OK -ttyACM0<*1>: ATQ0 V1 E1 S0=0 -- OK -ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 -- OK -ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 -- OK -ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 -- OK -ttyACM0<*1>: Modem Identifier: ATI -- LT V.90 1.0 MT5634ZBA-USB -Data/Fax Modem (Dual Config) Version 5.18e -ttyACM0<*1>: Speed 4800: AT -- OK -ttyACM0<*1>: Speed 9600: AT -- OK -ttyACM0<*1>: Speed 19200: AT -- OK -ttyACM0<*1>: Speed 38400: AT -- OK -ttyACM0<*1>: Speed 57600: AT -- OK -ttyACM0<*1>: Speed 115200: AT -- OK -ttyACM0<*1>: Speed 230400: AT -- OK -ttyACM0<*1>: Speed 460800: AT -- OK -ttyACM0<*1>: Max speed is 460800; that should be safe. -ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 -- OK - -Found an USB modem on /dev/ttyACM0. -Modem configuration written to /etc/wvdial.conf. -ttyACM0<Info>: Speed 460800; init "ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0" - - - - Now, using this information, configure a Modem connection - using the interface provided by - system-config-network command. Take care of - replacing the /dev/modem device name by - that one found by wvdialconf. At this - point, you can use the button Activate from - system-config-network to establish the - Modem connection you just configured. - - - - - - - diff --git a/Manuals/Howto-dialup/Configurations/Dialup/intro.docbook b/Manuals/Howto-dialup/Configurations/Dialup/intro.docbook deleted file mode 100644 index cad9a6a..0000000 --- a/Manuals/Howto-dialup/Configurations/Dialup/intro.docbook +++ /dev/null @@ -1,24 +0,0 @@ - - - Introduction - - - This chapter describes two computers configuration, one acting - as server and other as client. The server computer will be - configured to provide internet services and the client to make - use of those internet services provided by the server - computer. The connection medium both client and server - computer use is the telelphone line (i.e., the same medium you - use to realize phone calls). In this configuration, both - client and server computers use special devices named - Modems to transmit data in form of sound across - the telephone line. - - - - The configuration described in this chapter could be a good - choise when the only communication medium you have access to - is a telephone network. - - - diff --git a/Manuals/Howto-dialup/Configurations/Dialup/modem.docbook b/Manuals/Howto-dialup/Configurations/Dialup/modem.docbook deleted file mode 100644 index fcbc030..0000000 --- a/Manuals/Howto-dialup/Configurations/Dialup/modem.docbook +++ /dev/null @@ -1,68 +0,0 @@ - - - The Modem Hardware - - - In order to establish a PPP link between two computers using - the telephone line as medium for data transmission, you need - to install (at least) one modem device in each computer. - - - - To install a modem device in computer you need to attach the - modem hardware to the computer and later the telephone line to - the modem hardware. To connect the modem to your computer, you - need to connect the serial or USB cable that comes from the - modem hardware to the appropriate input on your computer. To - connect the modem to the telephone line system, you need to - unplug the cable that connects your telephone device and plug - it on the modem device, specifically in the port reserved for - data transmission. Later, using a similar cable, you could - connect your telephone device to the modem's telephone port, - so you can realize telephone calls when no data transmition - take place. - - - - To be on the safe side, do all the installation with the - computer turned off. Then, when everthing has been put in - place, turn it on. Once the system is up, you can verify the - modem hardware using either the lsusb or - lspci commands. These commands need to be - run with administrative privileges, so probably need to - sudo them or login as root user in order to execute - thme. For example, assuming you are logged in as root user, - and you are using an USB modem like that one we mentioned - before, the output of lsusb command would - look like the following: - - - -Bus 003 Device 001: ID 0000:0000 -Bus 001 Device 001: ID 0000:0000 -Bus 001 Device 002: ID 058f:6366 Alcor Micro Corp. Multi Flash Reader -Bus 002 Device 001: ID 0000:0000 -Bus 005 Device 003: ID 06e0:f104 Multi-Tech Systems, Inc. -MT5634ZBA-USB MultiModemUSB (new firmware) -Bus 005 Device 001: ID 0000:0000 -Bus 005 Device 002: ID 046d:c018 Logitech, Inc. Optical Wheel Mouse -Bus 004 Device 001: ID 0000:0000 - - - - The relevant line here is that mentioning the existence of a - Multi-Tech System, Inc. MT5634ZBA-USB MultiModemUSB (new - firmware) device. If the modem you installed doesn't - appear in this list, it is probably because such hardware is - not supported by &TCD;, yet. - - - - At this point, everything is ready for you to install and - configure the computer either as server (see ) or client (see - ). - - - diff --git a/Manuals/Howto-dialup/Configurations/Dialup/server.docbook b/Manuals/Howto-dialup/Configurations/Dialup/server.docbook deleted file mode 100644 index 37042fe..0000000 --- a/Manuals/Howto-dialup/Configurations/Dialup/server.docbook +++ /dev/null @@ -1,789 +0,0 @@ - - - The Server Computer - - - Installing Server Computer - - - Start with a minimal installation of &TCD;, bootup the - operating system, and login as root user. - - - - Installing Ppp Server - - The ppp server provides the software required to establish and - maintain a PPP link with another system and negociate Internet - Protocol addresses for each end of the link. - - - yum install ppp - - - - - Installing Name Server - - The name server provides the software required to translate - domain names into IP address and IP addresses into domain - names. With this software you can rembember addresses like - instead of - addresses like . There - are other feautres (e.g., mail exchanger resolution, zone - delegation, etc.) provided by this software that aren't used - in the point-to-point configuration we describe in this - chapter. - - yum install bind - - - There is a bind-chroot packages, however, - we aren't using it because SELinux is already enforced on the - &TCD; filesystem and it provides far more security than the - idea of bind-chroot package itself does. - - - - - - Installing Mail Server - - The mail server provides the software required to let you - send/receive mail messages to/from others. The mail server - is splitted in three basic components: The Mail Transfer Agent - (MTA), The Mail Delivery Agent (MDA) and an intermediary - daemon named saslauthd - to handle user authentication. The MTA is the program your - mail client sends mail messages to. The MDA, on the other - hand, is the program your mail client reads mail message - from (i.e., this is the program that let you access your - mailbox). The saslauthd daemon is used by the MDA to - authenticate user's credentials (e.g., the information that - let you access an specific mailbox) and by the MTA to - authenticate users before sending mail to it, however, in the - configuration we are implementing, the MTA doesn't require - that you authenticate to it in order to send mails through - it. The MTA will listen on all network interfaces it is - attached to and will receive mail sent to example.com domain name or - server.example.com host - name). - - - yum install postfix cyrus-{imapd{,-utils},sasl{,-ldap,-md5,-plain}} - - - By default, the sendmail - program is used as mail transfer agent, not postfix. For the - sake of that point-to-point configuration we are implementing, - I decided to use postfix instead as default mail transfer - agent, not sendmail. To effectively achieve this decition, it - is required to use the alternatives - command, as it shown below: - - - alternatives --config mta - - - This command will present you a menu to chose between - available mail transfer agents, so it is there where you - choose to use posfix as default option. Now that you've - changed postfix the default mail transfer agent, you can - saftly remove the sendmail package to avoid unused software - to remain inside the computer. To do this, you can run the - following command: - - - yum remove sendmail - - - In addition to mail server specific packages, we also provide - mailing list support. Mailing lists provide mail addresses - that users registered inside the ISP can write to. When you - sed an mail to a mailing list, your message is distributed to - all members of that list. In order for this to happen, people - registered inside ISP need to subscribe themselves into that - mailing list they want to receive messages from. The - subscription of mailinglist will be available through a secured - web application in the following url: - - - - - - - - - - - yum install mailman - - - - Installing Web Server - - The web server provides the software required to support web - interfaces like those one previously mention to register new - users inside the ISP and subscribe mailing lists. The web - server provided in this configuration will accept requests - both unencrypted and encrypted. - - - yum install httpd mod_ssl crypto-utils - - - In addition to mailing lists support, the web server will - provide access to Subversion. Subvesion provides a way to - manage files through version control. The main purpose of - providing Subversion support here is sharing the version of - &TCAR; I've been working on. - - - yum install subversion mod_dav_svn - - - - - - Installing Directory Server - - - The directory server provides the software required to unify - user information. This server is access by other server - whenever user information is required. You, as end user, can - also use this server from your workstation to retrive a list - of all users registered in the ISP. This list can be retrived - by the web interface the ISP provides, or any application your - workstation provide (e.g., most mail clients provide a way - to configure LDAP servers to build address book from it.). - - - yum openldap-servers python-ldap - - - - - - Configuring Server Computer - - Once all required packages have been installed inside the - server computer, it is time to configure them. This section - describes how to configure the server computer to provide a - public mail system. - - - - Configuring Network Internface - - - /etc/sysconfig/network-scripts/ifcfg-eth0 - - -# Please read /usr/share/doc/initscripts-*/sysconfig.txt -# for the documentation of these parameters. -TYPE=Ethernet -DEVICE=eth0 -HWADDR=00:1c:c0:f0:aa:05 -BOOTPROTO=none -NETMASK=255.255.255.0 -IPADDR=192.168.0.1 -ONBOOT=yes -USERCTL=no -IPV6INIT=no -PEERDNS=yes - - - - - - - - Configuring Ppp Server - - This configuration specifies the way the server computer will - handle incoming dial-up connections. - - - - /etc/ppp/options - - -# Enforce the use of the hostname as the name of the local system for -# authentication purposes (overrides the name option). -usehostname - -# Specify which DNS Servers the incoming Win95 or WinNT Connection -# should use Two Servers can be remotely configured -ms-dns 192.168.0.1 - -# Increase debugging level (same as -d). The debug output is written -# to syslog LOG_LOCAL2. -debug - -# Require the peer to authenticate itself before allowing network -# packets to be sent or received. Please do not disable this setting. -# It is expected to be standard in future releases of pppd. Use the -# call option (see manpage) to disable authentication for specific -# peers. -#auth - -# Use hardware flow control (i.e. RTS/CTS) to control the flow of data -# on the serial port. -crtscts - -# Specifies that pppd should use a UUCP-style lock on the serial -# device to ensure exclusive access to the device. -lock - -# Use the modem control lines. -modem - -# async character map -- 32-bit hex; each bit is a character that -# needs to be escaped for pppd to receive it. 0x00000001 represents -# '\x01', and 0x80000000 represents '\x1f'. To allow pppd to work -# over a rlogin/telnet connection, ou should escape XON (^Q), XOFF -# (^S) and ^]: (The peer should use "escape ff".) -#asyncmap 200a0000 -asyncmap 0 - -# Set the interface netmask to <n>, a 32 bit netmask in "decimal dot" -# notation (e.g. 255.255.255.0). -netmask 255.255.255.0 - -# Don't fork to become a background process (otherwise pppd will do so -# if a serial device is specified). -nodetach - -# Set the assumed name of the remote system for authentication -# purposes to <n>. -remotename client - -# If this option is given, pppd will send an LCP echo-request frame to -# the peer every n seconds. Under Linux, the echo-request is sent when -# no packets have been received from the peer for n seconds. Normally -# the peer should respond to the echo-request by sending an -# echo-reply. This option can be used with the lcp-echo-failure -# option to detect that the peer is no longer connected. -lcp-echo-interval 30 - -# If this option is given, pppd will presume the peer to be dead if n -# LCP echo-requests are sent without receiving a valid LCP echo-reply. -# If this happens, pppd will terminate the connection. Use of this -# option requires a non-zero value for the lcp-echo-interval -# parameter. This option can be used to enable pppd to terminate -# after the physical connection has been broken (e.g., the modem has -# hung up) in situations where no hardware modem control lines are -# available. -lcp-echo-failure 4 - -# Specifies that pppd should disconnect if the link is idle for n -# seconds. -idle 60 - - - - - - /etc/ppp/cha-secrets - /etc/ppp/pap-secrets - - -# client server secret IP addresses - -# Specify the client configuration. This is when this manchine calls -# someone's else machine and tries to establish a point-to-point -# connection. Most of this configuration is handled by the -# `system-config-network' utility. -# -####### redhat-config-network will overwrite this part!!! (begin) ########## -####### redhat-config-network will overwrite this part!!! (end) ############ - -# Specify the server configuration. This is when someone's else -# machine calls this machine trying to establish a point-to-point -# connection. This part of the configuration isn't handled by -# `system-config-network' utility. To prenvent this configuration to -# be lost the next time the `system-config-network' utility be used, -# be sure to have this configuration backed up somewhere so it can be -# resotred in such situations. -# -client server mail4u 192.168.0.2 -server client mail4u 192.168.0.1 - - - - - - - To make the modem respond to calls ... - - - pppd /dev/ttyACM0 - - - - - Configuring Name Server - - - - /etc/named.conf - - -# BIND DNS server 'named' configuration file for the Red Hat BIND -# distribution. This file was initially taken from -# `/usr/share/doc/bind-*/samples/named.conf' file and modified to fit -# this server's needs. -# -# This machine exists to develop The CentOS Project Corporate Identity -# through The CentOS Artwork Repository. Presently, this machine is -# isolated from Internet. However, a modem has been attached[1] and -# configured so people can establish point-to-point connections to -# this machine and download working copies of The CentOS Artwork -# Repository and help me to develop it. -# -# In this configuration there are only two IP addresses involved. The -# one used in this server (192.168.0.1) and another for the client who -# realize the point-to-point connection (192.168.0.2). This server is -# named `server.example.com' and the client `client.example.com' or -# something similar. -# -------------------------------------------------------------------- -# See the BIND Administrator's Reference Manual (ARM) for details, in: -# file:///usr/share/doc/bind-*/arm/Bv9ARM.html -# -# Also see the BIND Configuration GUI: -# /usr/bin/system-config-bind and its manual. -# -------------------------------------------------------------------- - -options { - - # Those options should be used carefully because they disable port - # randomization. - // query-source port 53; - // query-source-v6 port 53; - - # Put files that named is allowed to write in the data/ directory: - directory "/var/named"; // the default - dump-file "data/cache_dump.db"; - statistics-file "data/named_stats.txt"; - memstatistics-file "data/named_mem_stats.txt"; -}; - -logging { - - # If you want to enable debugging, eg. using the 'rndc trace' - # command, named will try to write the 'named.run' file in the - # $directory (/var/named). By default, SELinux policy does not - # allow named to modify the /var/named directory, so put the - # default debug log file in data/ : - channel default_debug { - file "data/named.run" versions 5 size 20m; - severity dynamic; - }; -}; - -# All BIND 9 zones are in a "view", which allow different zones to be -# served to different types of client addresses, and for options to be -# set for groups of zones. By default, if named.conf contains no -# "view" clauses, all zones are in the "default" view, which matches -# all clients. If named.conf contains any "view" clause, then all -# zones MUST be in a view; so it is recommended to start off using -# views to avoid having to restructure your configuration files in the -# future. - -view "internal" { - - # This view will contain zones you want to serve only to - # "internal" clients that connect via your directly attached LAN - # interfaces - "localnets". - match-clients { 192.168.0/24; }; - match-destinations { 192.168.0/24; }; - recursion no; - - # All views must contain the root hints zone. However, since this - # machine is disconnected from Internet it is not possible for it - # to reach root servers. So, this line is commented based that no - # recursion is performed here. - //include "named.rfc1912.zones"; - - # These are your "authoritative" internal zones, and would - # probably also be included in the "localhost_resolver" view - # above: - zone "example.com" IN { - type master; - file "example.com.zone"; - allow-update { none; }; - }; - - zone "0.168.192.in-addr.arpa" IN { - type master; - file "example.com.rr.zone"; - allow-update { none; }; - }; -}; - -# The localhost_resolver is already configured in `/etc/hosts' and set -# as first choise in `/etc/hosts.conf' file. However, if you change -# the order in `/etc/hosts.conf' file to make bind the first choise, -# then you need to include here the localhost_resolver in order to -# resolve localhost (127.0.0.1) address. - -key "rndckey" { - algorithm hmac-md5; - secret "JjsCg0VcCjZILGD8FR9nnw=="; -}; - -controls { - inet 127.0.0.1 port 953 - allow { 127.0.0.1; } keys { "rndckey"; }; -}; - - - - - - /var/named/example.com.zone - - -$ORIGIN example.com. -$TTL 86400 -@ IN SOA example.com. hostmaster.example.com. ( - 2011100404 ; serial (d. adams) - 3H ; refresh - 15M ; retry - 1W ; expiry - 1D ) ; minimum - - IN NS dns.example.com. - IN MX 10 mail.example.com. - -server IN A 192.168.0.1 -client IN A 192.168.0.2 - -dns IN CNAME server -mail IN CNAME server -www IN CNAME server - - - - - - /var/named/example.com.rr.zone - - -$ORIGIN 0.168.192.in-addr.arpa. -$TTL 86400 -@ IN SOA example.com. hostmaster.example.com. ( - 2011100405 ; serial (d. adams) - 3H ; refresh - 15M ; retry - 1W ; expiry - 1D ) ; minimum - - IN NS 192.168.0.1 - -1 IN PTR server.example.com. -2 IN PTR client.example.com. - - - - - - /etc/rndc.conf - - -include "/etc/rndc.key"; -options { - default-key "rndckey"; - default-server 127.0.0.1; - default-port 953; -}; - - - - - - /etc/rndc.key - - -key "rndckey" { - algorithm hmac-md5; - secret "JjsCg0VcCjZILGD8FR9nnw=="; -}; - - - When configuring rndc controls, don't use - the same secret shown in the example above. If you do so, the - secret information will not be a secret anymore (since we - already used it here). Instead, use the - rndc-genconf command to generate a new one, - and be sure it be placed correctly both in - /etc/rndc.conf and - /etc/named.conf configuration files. - - - - - /etc/resolv.conf - - nameserver 192.168.0.1 - - - - /etc/host.conf - - order hosts,bind - - - - - - At this point you can start the named service and realize some - tests to verify the named service is certainly working as - expected. For example, consider the the following two - commands: - - - -[root@server ~]# service named start -Starting named: [ OK ] -[root@server ~]# dig example.com mx - -; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> example.com mx -;; global options: printcmd -;; Got answer: -;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3540 -;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 - -;; QUESTION SECTION: -;example.com. IN MX - -;; ANSWER SECTION: -example.com. 86400 IN MX 10 mail.example.com. - -;; AUTHORITY SECTION: -example.com. 86400 IN NS dns.example.com. - -;; Query time: 0 msec -;; SERVER: 192.168.0.1#53(192.168.0.1) -;; WHEN: Wed Oct 5 10:33:24 2011 -;; MSG SIZE rcvd: 67 - - - - If everything is ok, configure the named service to start at - boot time: - - - chkconfig --level 345 named on - - - If something goes wrong, look for named daemon entries inside the - /var/log/messages file to know what is - going on. When you are configuring the name server, it could - result useful to you keeping an always visible terminal, - running the following command on it: - - - grep named /var/log/messages | tail -f - - - - - - Configuring Mail Server (MTA) - - Based on default configuration provided by Postfix RPM inside - &TCD; (release 5.5), look for the following options and leave - the rest as is. - - - - - /etc/postfix/main.cf - - -myhostname = server.example.com -mydomain = example.org -inet_interfaces = $myhostname, localhost -mynetworks = 192.168.0.0/24, 127.0.0.0/8 -mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp -local_destination_recipient_limit = 300 -local_destination_concurrency_limit = 5 - - - - - - - - - Configuring Mail Server (MDA) - - - /etc/cyrus.conf - - - Leave it as is. There is nothing to touch here for a small and - basic configuration like that one we are implementing in this - chapter. - - - - - /etc/imapd.conf - - - Leave it as is. There is nothing to touch here for a small and - basic configuration like that one we are implementing in this - chapter. - - - The initial configuration of Cyrus IMAP server is set to use - PLAIN authentication mechanisim (see - option) against saslauthd daemon. This makes the - password information to be vulnerable for man in the middle - attacks. In order to protect the user authentication, you can - use other authentication mechanisms like CRAM-MD5 or - DIGEST-MD5 in the mail client in order to send the password - information encrypted. Another solution would be to create an - encrypted channel for communication between the e-email client - and Cyrus IMAP server by mean of SSL encryption. - - - When you use authentication mechanisms that encrypt user - information before passing them to saslauthd daemon (e.g., - DIGETS-MD5), you are protecting your data in the mail - client before passing it to saslauthd daemon. Therefore, when - the saslauthd daemon - tries to validate the credentials you passed in against PAM, - it fails. At my personal understanding, this happens becase - PAM must receive the user information as it was entered by the - user (i.e., plainly, without any encryption) in order to - realize the verification against the system default - authentication database (e.g., - /etc/passwd, - /etc/shadow), and saslauthd daemon is passing an - encrypted version of the plain user information which - obviously cannot match the hash produced by plain user - information in first place. - - - - One alternative to the situation mentioned above could be to - use PLAIN authentication mechanism over an SSL encrypted - communication or excluding PAM mechanism from saslauthd - daemon, and use LDAP mechanism instead. When LDAP mechanism - is used as default authentication mechanism inside saslauthd - daemon, it is possible for mail clients to send encrypted - passwords to saslauthd daemon. In this configuration, the - password stored in LDAP server must be encrypted using the - same algorithm used to send the encrypted password from mail - client to saslauthd daemon. Therefore, you need to force the - user to use just one authentication mechanism, that one used - to stored encrypted passwords inside the LDAP server. - Otherwise, it would be very difficult to authenticate users - that send passwords encrypted in a way different to that one - stored in the LDAP server. - - - - Another configuration could be to keep mail clients using - PLAIN authentication over an SSL connection against saslauthd - daemon, and saslauthd using a PAM. But this time, PAM would be - configured to extend its default system authentication by - using an LDAP server. This way, it would be possible to - isolate user accound administration and greatly control the - kind of information a user might have. For example, the root - user account would be in the system default authentication, - however all service-specific user information would be in the - LDAP server. This permits us to create a web application that - interact with LDAP server in order to manage service-specific - user information only avoiding any contant with system default - authentication, the place where the root user is stored in. In - this PAM configuration, the first match that fails means that - the whole authentication process fails. - - - - - - /etc/pki/cyrus-imapd/cyrus-imapd.pem - - - This file is a symbolic link to - /etc/pki/tls/certs/cyrus-imapd.pem. This - file contains a self-generated SSL certificate you probably - want to update for setting your host name in the Common - Name field of it. To create this file use the - following command: - - openssl req -new -x509 -nodes -out /etc/pki/tls/certs/cyrus-imapd.pem -keyout /etc/pki/tls/certs/cyrus-imapd.pem -days 365 - - - - - - - To initiate the Cyrus IMAP server, run the following command: - - - service cyrus-imapd start - - - In case something fails, look into the - /var/log/maillog file, specifically those - entries containing imap, pop, - nntp and cyrus strings. It could be - useful if, before initiating Cyrus IMAP server, you open a - terminal and run the following command in it, just to see what - is happening once Cyrus IMAP server is initiated: - - - egrep '(cyrus|imap|pop)' /var/log/maillog | tail -f - - - - Later, to test the STARTTLS negociation, you can - run the following command: - - - imtest -t "" server.example.com - - - To administer mailboxes inside Cyrus Imapd, set a password to - cyrus user (e.g., passwd cyrus), do login - with it, and connect to Cyrus IMAP server using the - cyradm command, as shown below: - - - cyradm --user=cyrus --auth=login localhost - - - - - Configuring Mail Server (SASL) - - ... - - - - - Configuring Web Server - - ... - - - - - Configuring Directory Server - - ... - - - - - - diff --git a/Manuals/Howto-dialup/Configurations/Dialup/usage.docbook b/Manuals/Howto-dialup/Configurations/Dialup/usage.docbook deleted file mode 100644 index f6bc809..0000000 --- a/Manuals/Howto-dialup/Configurations/Dialup/usage.docbook +++ /dev/null @@ -1,6 +0,0 @@ - - - Usage Convenctions - - - diff --git a/Manuals/Howto-dialup/Licenses.docbook b/Manuals/Howto-dialup/Licenses.docbook deleted file mode 100644 index bcb5cec..0000000 --- a/Manuals/Howto-dialup/Licenses.docbook +++ /dev/null @@ -1,7 +0,0 @@ - - - Licenses - - &licenses-gfdl; - - diff --git a/Manuals/Howto-dialup/Licenses.ent b/Manuals/Howto-dialup/Licenses.ent deleted file mode 100644 index dd7f27a..0000000 --- a/Manuals/Howto-dialup/Licenses.ent +++ /dev/null @@ -1,2 +0,0 @@ - - diff --git a/Manuals/Howto-dialup/Licenses/gfdl.docbook b/Manuals/Howto-dialup/Licenses/gfdl.docbook deleted file mode 100644 index 33f6e8c..0000000 --- a/Manuals/Howto-dialup/Licenses/gfdl.docbook +++ /dev/null @@ -1,591 +0,0 @@ - - - GNU Free Documentation License - - Version 1.2, November 2002 - - Copyright © 2000, 2001, 2002 Free Software Foundation, - Inc. 675 Mass Ave, Cambridge, MA 02139, USA - - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - - - Preamble - - The purpose of this License is to make a manual, - textbook, or other functional and useful document - free in the sense of freedom: to assure - everyone the effective freedom to copy and redistribute it, - with or without modifying it, either commercially or - noncommercially. Secondarily, this License preserves for the - author and publisher a way to get credit for their work, while - not being considered responsible for modifications made by - others. - - This License is a kind of copyleft, which - means that derivative works of the document must themselves be - free in the same sense. It complements the , which is a copyleft license - designed for free software. - - We have designed this License in order to use it for - manuals for free software, because free software needs free - documentation: a free program should come with manuals - providing the same freedoms that the software does. But this - License is not limited to software manuals; it can be used for - any textual work, regardless of subject matter or whether it - is published as a printed book. We recommend this License - principally for works whose purpose is instruction or - reference. - - - - - - Applicability and definitions - - This License applies to any manual or other work, in any - medium, that contains a notice placed by the copyright holder - saying it can be distributed under the terms of this License. - Such a notice grants a world-wide, royalty-free license, - unlimited in duration, to use that work under the conditions - stated herein. The Document, below, refers to - any such manual or work. Any member of the public is a - licensee, and is addressed as you. You accept - the license if you copy, modify or distribute the work in a - way requiring permission under copyright law. - - A - Modified Version of the Document means any work - containing the Document or a portion of it, either copied - verbatim, or with modifications and/or translated into another - language. - - A - Secondary Section is a named appendix or a - front-matter section of the Document that deals exclusively - with the relationship of the publishers or authors of the - Document to the Document's overall subject (or to related - matters) and contains nothing that could fall directly within - that overall subject. (Thus, if the Document is in part a - textbook of mathematics, a may not explain any mathematics.) The relationship could be - a matter of historical connection with the subject or with - related matters, or of legal, commercial, philosophical, - ethical or political position regarding them. - - The Invariant Sections are certain - whose titles are - designated, as being those of Invariant Sections, in the - notice that says that the Document is released under this - License. If a section does not fit the above definition of - Secondary then it is not allowed to be designated as - Invariant. The Document may contain zero Invariant Sections. - If the Document does not identify any Invariant Section then - there are none. - - The - Cover Texts are certain short passages of text - that are listed, as Front-Cover Texts or Back-Cover Texts, in - the notice that says that the Document is released under this - License. A Front-Cover Text may be at most 5 words, and a - Back-Cover Text may be at most 25 words. - - A - Transparent copy of the Document means a - machine-readable copy, represented in a format whose - specification is available to the general public, that is - suitable for revising the document straightforwardly with - generic text editors or (for images composed of pixels) - generic paint programs or (for drawings) some widely available - drawing editor, and that is suitable for input to text - formatters or for automatic translation to a variety of - formats suitable for input to text formatters. A copy made in - an otherwise file format whose - markup, or absence of markup, has been arranged to thwart or - discourage subsequent modification by readers is not . An image format is not if used for any substantial amount of - text. A copy that is not is called Opaque. - - Examples of suitable formats for copies - include plain ASCII without markup, Texinfo input format, - LaTeX input format, SGML or XML using a publicly available - DTD, and standard-conforming simple HTML, PostScript or PDF - designed for human modification. Examples of transparent - image formats include PNG, XCF and JPG. Opaque formats - include proprietary formats that can be read and edited only - by proprietary word processors, SGML or XML for which the DTD - and/or processing tools are not generally available, and the - machine-generated HTML, PostScript or PDF produced by some - word processors for output purposes only. - - The Title - Page means, for a printed book, the title page itself, - plus such following pages as are needed to hold, legibly, the - material this License requires to appear in the title page. - For works in formats which do not have any title page as such, - Title Page means the text near the most - prominent appearance of the work's title, preceding the - beginning of the body of the text. - - A section Entitled XYZ means a named - subunit of the Document whose title either is precisely XYZ or - contains XYZ in parentheses following text that translates XYZ - in another language. (Here XYZ stands for a specific section - name mentioned below, such as Acknowledgements, - Dedications, Endorsements, or - History.) To Preserve the Title - of such a section when you modify the Document means that it - remains a section Entitled XYZ according to - this definition. - - The Document may include Warranty Disclaimers next to - the notice which states that this License applies to the - Document. These Warranty Disclaimers are considered to be - included by reference in this License, but only as regards - disclaiming warranties: any other implication that these - Warranty Disclaimers may have is void and has no effect on the - meaning of this License. - - - - - - Verbatim copying - - You may copy and distribute the Document in any medium, - either commercially or noncommercially, provided that this - License, the copyright notices, and the license notice saying - this License applies to the Document are reproduced in all - copies, and that you add no other conditions whatsoever to - those of this License. You may not use technical measures to - obstruct or control the reading or further copying of the - copies you make or distribute. However, you may accept - compensation in exchange for copies. If you distribute a - large enough number of copies you must also follow the - conditions in section . - - You may also lend copies, under the same conditions - stated above, and you may publicly display copies. - - - - - - Copying in quantity - - If you publish printed copies (or copies in media that - commonly have printed covers) of the Document, numbering more - than 100, and the Document's license notice requires Cover - Texts, you must enclose the copies in covers that carry, - clearly and legibly, all these : - Front-Cover Texts on the front cover, and Back-Cover Texts on - the back cover. Both covers must also clearly and legibly - identify you as the publisher of these copies. The front - cover must present the full title with all words of the title - equally prominent and visible. You may add other material on - the covers in addition. Copying with changes limited to the - covers, as long as they preserve the title of the Document and - satisfy these conditions, can be treated as verbatim copying - in other respects. - - If the required texts for either cover are too - voluminous to fit legibly, you should put the first ones - listed (as many as fit reasonably) on the actual cover, and - continue the rest onto adjacent pages. - - If you publish or distribute Opaque copies of the - Document numbering more than 100, you must either include a - machine-readable copy along with each Opaque copy, - or state in or with each Opaque copy a computer-network - location from which the general network-using public has - access to download using public-standard network protocols a - complete copy of the Document, free of added - material. If you use the latter option, you must take - reasonably prudent steps, when you begin distribution of - Opaque copies in quantity, to ensure that this - copy will remain thus accessible at the stated location until - at least one year after the last time you distribute an Opaque - copy (directly or through your agents or retailers) of that - edition to the public. - - It is requested, but not required, that you contact the - authors of the Document well before redistributing any large - number of copies, to give them a chance to provide you with an - updated version of the Document. - - - - - - Modifications - - You may copy and distribute a of the Document under the - conditions of sections and above, - provided that you release the under precisely this License, with the filling the role of the - Document, thus licensing distribution and modification of the - to whoever possesses a - copy of it. In addition, you must do these things in the - : - - - - - Use in the (and on - the covers, if any) a title distinct from that of the - Document, and from those of previous versions (which - should, if there were any, be listed in the History - section of the Document). You may use the same title - as a previous version if the original publisher of - that version gives permission. - - - List on the , as - authors, one or more persons or entities responsible - for authorship of the modifications in the , together with at least - five of the principal authors of the Document (all of - its principal authors, if it has fewer than five), - unless they release you from this requirement. - - - - State on the the - name of the publisher of the , as the - publisher. - - - - Preserve all the copyright notices of the - Document. - - - - Add an appropriate copyright notice for your - modifications adjacent to the other copyright - notices. - - - - Include, immediately after the copyright - notices, a license notice giving the public permission - to use the under the terms of this - License, in the form shown in the Addendum - below. - - - - Preserve in that license notice the full lists - of and required - given in the Document's - license notice. - - - - Include an unaltered copy of this License. - - - - Preserve the section Entitled - History, Preserve its Title, and add to - it an item stating at least the title, year, new - authors, and publisher of the as given on the . If there is no section - Entitled History in the Document, create - one stating the title, year, authors, and publisher of - the Document as given on its , then add an item describing the as stated in the previous - sentence. - - - - Preserve the network location, if any, given in - the Document for public access to a copy of the Document, and - likewise the network locations given in the Document - for previous versions it was based on. These may be - placed in the History section. You may - omit a network location for a work that was published - at least four years before the Document itself, or if - the original publisher of the version it refers to - gives permission. - - - - For any section Entitled - Acknowledgements or - Dedications, Preserve the Title of the - section, and preserve in the section all the substance - and tone of each of the contributor acknowledgements - and/or dedications given therein. - - - - Preserve all the of the Document, - unaltered in their text and in their titles. Section - numbers or the equivalent are not considered part of - the section titles. - - - - Delete any section Entitled - Endorsements. Such a section may not - be included in the . - - - - Do not retitle any existing section to be - Entitled Endorsements or to conflict in - title with any . - - - Preserve any Warranty Disclaimers. - - - - - If the includes new - front-matter sections or appendices that qualify as and contain no material copied - from the Document, you may at your option designate some or - all of these sections as invariant. To do this, add their - titles to the list of in the 's license notice. These titles - must be distinct from any other section titles. - - You may add a section Entitled - Endorsements, provided it contains nothing but - endorsements of your by various - parties–for example, statements of peer review or that - the text has been approved by an organization as the - authoritative definition of a standard. - - You may add a passage of up to five words as a - Front-Cover Text, and a passage of up to 25 words as a - Back-Cover Text, to the end of the list of in the . Only one passage of - Front-Cover Text and one of Back-Cover Text may be added by - (or through arrangements made by) any one entity. If the - Document already includes a cover text for the same cover, - previously added by you or by arrangement made by the same - entity you are acting on behalf of, you may not add another; - but you may replace the old one, on explicit permission from - the previous publisher that added the old one. - - The author(s) and publisher(s) of the Document do not by - this License give permission to use their names for publicity - for or to assert or imply endorsement of any . - - - - - - Combining documents - - You may combine the Document with other documents - released under this License, under the terms defined in - section above for - modified versions, provided that you include in the - combination all of the of - all of the original documents, unmodified, and list them all - as of your combined work - in its license notice, and that you preserve all their - Warranty Disclaimers. - - The combined work need only contain one copy of this - License, and multiple identical may be replaced with a single - copy. If there are multiple with the same name but - different contents, make the title of each such section unique - by adding at the end of it, in parentheses, the name of the - original author or publisher of that section if known, or else - a unique number. Make the same adjustment to the section - titles in the list of in - the license notice of the combined work. - - In the combination, you must combine any sections - Entitled History in the various original - documents, forming one section Entitled - History; likewise combine any sections Entitled - Acknowledgements, and any sections Entitled - Dedications. You must delete all sections - Entitled Endorsements. - - - - - - Collection of documents - - You may make a collection consisting of the Document and - other documents released under this License, and replace the - individual copies of this License in the various documents - with a single copy that is included in the collection, - provided that you follow the rules of this License for - verbatim copying of each of the documents in all other - respects. - - You may extract a single document from such a - collection, and distribute it individually under this License, - provided you insert a copy of this License into the extracted - document, and follow this License in all other respects - regarding verbatim copying of that document. - - - - - - Aggregation with independent works - - A compilation of the Document or its derivatives with - other separate and independent documents or works, in or on a - volume of a storage or distribution medium, is called an - aggregate if the copyright resulting from the - compilation is not used to limit the legal rights of the - compilation's users beyond what the individual works permit. - When the Document is included in an aggregate, this License - does not apply to the other works in the aggregate which are - not themselves derivative works of the Document. - - If the Cover Text requirement of section is applicable to these - copies of the Document, then if the Document is less than one - half of the entire aggregate, the Document's may be placed on covers that bracket - the Document within the aggregate, or the electronic - equivalent of covers if the Document is in electronic form. - Otherwise they must appear on printed covers that bracket the - whole aggregate. - - - - - - Translations - - Translation is considered a kind of modification, so you - may distribute translations of the Document under the terms of - section . Replacing - with translations - requires special permission from their copyright holders, but - you may include translations of some or all in addition to the original - versions of these . You - may include a translation of this License, and all the license - notices in the Document, and any Warranty Disclaimers, - provided that you also include the original English version of - this License and the original versions of those notices and - disclaimers. In case of a disagreement between the - translation and the original version of this License or a - notice or disclaimer, the original version will - prevail. - - If a section in the Document is Entitled - Acknowledgements, Dedications, - or History, the requirement (section ) to Preserve its Title - (section ) will - typically require changing the actual title. - - - - - - Termination - - You may not copy, modify, sublicense, or distribute the - Document except as expressly provided for under this License. - Any other attempt to copy, modify, sublicense or distribute - the Document is void, and will automatically terminate your - rights under this License. However, parties who have received - copies, or rights, from you under this License will not have - their licenses terminated so long as such parties remain in - full compliance. - - - - - - Future Revisions of this License - - The Free Software Foundation may publish new, revised - versions of the GNU Free Documentation License from time to - time. Such new versions will be similar in spirit to the - present version, but may differ in detail to address new - problems or concerns. See . - - Each version of the License is given a distinguishing - version number. If the Document specifies that a particular - numbered version of this License or any later - version applies to it, you have the option of - following the terms and conditions either of that specified - version or of any later version that has been published (not - as a draft) by the Free Software Foundation. If the Document - does not specify a version number of this License, you may - choose any version ever published (not as a draft) by the Free - Software Foundation. - - - - - - How to use this License for your documents - - To use this License in a document you have written, - include a copy of the License in the document and put the - following copyright and license notices just after the title - page: - - -Copyright (C) YEAR YOUR NAME. - -Permission is granted to copy, distribute and/or modify this -document under the terms of the GNU Free Documentation License, -Version 1.2 or any later version published by the Free Software -Foundation; with no Invariant Sections, no Front-Cover Texts, and -no Back-Cover Texts. A copy of the license is included in the -section entitled GNU Free Documentation License. - - - If you have , - Front-Cover Texts and Back-Cover Texts, replace the - with...Texts. line with this: - - -with the Invariant Sections being LIST THEIR TITLES, with the -Front-Cover Texts being LIST, and with the Back-Cover Texts being -LIST. - - - If you have - without , or some other - combination of the three, merge those two alternatives to suit - the situation. - - If your document contains nontrivial examples of program - code, we recommend releasing these examples in parallel under - your choice of free software license, such as the GNU General - Public License, to permit their use in free software. - - - - diff --git a/Manuals/Howto-dialup/Preface.docbook b/Manuals/Howto-dialup/Preface.docbook deleted file mode 100755 index 42c8578..0000000 --- a/Manuals/Howto-dialup/Preface.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Preface - - &preface-overview; - &preface-docconvs; - &preface-feedback; - - diff --git a/Manuals/Howto-dialup/Preface.ent b/Manuals/Howto-dialup/Preface.ent deleted file mode 100755 index 263be1d..0000000 --- a/Manuals/Howto-dialup/Preface.ent +++ /dev/null @@ -1,4 +0,0 @@ - - - - diff --git a/Manuals/Howto-dialup/Preface/docconvs.docbook b/Manuals/Howto-dialup/Preface/docconvs.docbook deleted file mode 100644 index 8eda7bc..0000000 --- a/Manuals/Howto-dialup/Preface/docconvs.docbook +++ /dev/null @@ -1,225 +0,0 @@ -
- - Document Convenctions - - - In this manual, certain words are represented in different - fonts, typefaces, sizes, and weights. This highlighting is - systematic; different words are represented in the same style - to indicate their inclusion in a specific category. The types - of words that are represented this way include the - following: - - - - - command - - - Linux commands (and other operating system commands, when - used) are represented this way. This style should - indicate to you that you can type the word or phrase on - the command line and press Enter to - invoke a command. Sometimes a command contains words that - would be displayed in a different style on their own (such - as file names). In these cases, they are considered to be - part of the command, so the entire phrase is displayed as - a command. For example: - - - - Use the centos-art render - trunk/Identity/Images/Themes/TreeFlower/4/Distro/5/Anaconda - --filter="01-welcome" command to produce the first - slide image used by Anaconda in the branch 5 of &TCD; - using the version 4 of TreeFlower artistic motif. - - - - - - file name - - - File names, directory names, paths, and RPM package names - are represented this way. This style indicates that a - particular file or directory exists with that name on your - system. Examples: - - - - The init.sh file in trunk/Scripts/Bash/Cli/ - directory is the initialization script, written in Bash, - used to automate most of tasks in the repository. - - - - The centos-art command uses the - ImageMagick RPM package to convert - images from PNG format to other formats. - - - - - - key - - - A key on the keyboard is shown in this style. For - example: - - - - To use Tab completion to list particular - files in a directory, type ls, then a - character, and finally the Tab key. Your - terminal displays the list of files in the working - directory that begin with that character. - - - - - - keycombination - - - A combination of keystrokes is represented in this way. - For example: - - - - The CtrlAltBackspace - key combination exits your graphical session and returns - you to the graphical login screen or the console. - - - - - - computer output - - - Text in this style indicates text displayed to a shell - prompt such as error messages and responses to commands. - For example, the ls command displays - the contents of a directory using this style: - - - -render_doTranslation.sh render_getDirTemplate.sh render_doBaseActions.sh -render_getConfigOption.sh render_getOptions.sh render_doThemeActions.sh -render_getDirOutput.sh render.sh - - - - The output returned in response to the command (in this - case, the contents of the directory) is shown in this - style. - - - - - - prompt - - - A prompt, which is a computer's way of signifying that it - is ready for you to input something, is shown in this - style. Examples: - - - - - - $ - - - - - # - - - - - [centos@projects centos]$ - - - - - projects login: - - - - - - - - user input - - - Text that the user types, either on the command line or - into a text box on a GUI screen, is displayed in this - style. In the following example, - text is displayed in this style: To - boot your system into the text based installation program, - you must type in the text command - at the boot: prompt. - - - - - - replaceable - - - Text used in examples that is meant to be replaced with - data provided by the user is displayed in this style. In - the following example, - version-number is displayed in - this style: The directory for the kernel source is - /usr/src/kernels/version-number/, - where version-number is the - version and type of kernel installed on this system. - - - - - - Additionally, we use several different strategies to draw - your attention to certain pieces of information. In order of - urgency, these items are marked as a note, tip, important, - caution, or warning. For example: - - - Remember that Linux is case sensitive. In other words, a - rose is not a ROSE is not a rOsE. - - - - The directory /usr/share/doc/ contains - additional documentation for packages installed on your - system. - - - - If you modify the DHCP configuration file, the changes - do not take effect until you restart the DHCP daemon. - - - - Do not perform routine tasks as root — use a - regular user account unless you need to use the root account - for system administration tasks. - - - - Be careful to remove only the necessary partitions. - Removing other partitions could result in data loss or a - corrupted system environment. - - -
diff --git a/Manuals/Howto-dialup/Preface/feedback.docbook b/Manuals/Howto-dialup/Preface/feedback.docbook deleted file mode 100644 index 976502b..0000000 --- a/Manuals/Howto-dialup/Preface/feedback.docbook +++ /dev/null @@ -1,15 +0,0 @@ -
- - Send In Your Feedback - - - If you find a bug in the infrastructure described in this - manual, we would like to hear about it. To report bugs - related to this manual, send an e-mail to the - centos-docs@centos.org mailing list. When you - write the bug report, take care of being specific about the - problem you are reporting on (e.g., where it is, the section - number, etc.) so we can found it easily. - - -
diff --git a/Manuals/Howto-dialup/Preface/overview.docbook b/Manuals/Howto-dialup/Preface/overview.docbook deleted file mode 100755 index 962fa81..0000000 --- a/Manuals/Howto-dialup/Preface/overview.docbook +++ /dev/null @@ -1,24 +0,0 @@ -
- - Overview - - - This manual describes two computers configuration, one acting - as server and other as client. The server computer will be - configured to provide internet services and the client to make - use of those internet services provided by the server - computer. The connection medium both client and server - computer use is the telelphone line (i.e., the same medium you - use to realize phone calls). In this configuration, both - client and server computers use special devices named - Modems to transmit data in form of sound across - the telephone line. - - - - The configuration described in this chapter could be a good - choise when the only communication medium you have access to - is a telephone network. - - -
diff --git a/Manuals/Howto-dialup/Server.docbook b/Manuals/Howto-dialup/Server.docbook deleted file mode 100644 index f934db3..0000000 --- a/Manuals/Howto-dialup/Server.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - The Server Computer - - &server-usage; - &server-install; - &server-config; - - diff --git a/Manuals/Howto-dialup/Server.ent b/Manuals/Howto-dialup/Server.ent deleted file mode 100644 index 531a560..0000000 --- a/Manuals/Howto-dialup/Server.ent +++ /dev/null @@ -1,15 +0,0 @@ - - - - - - - - - - - - - - - diff --git a/Manuals/Howto-dialup/Server/Config.docbook b/Manuals/Howto-dialup/Server/Config.docbook deleted file mode 100644 index 40c442b..0000000 --- a/Manuals/Howto-dialup/Server/Config.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Dial-Up Server Configuration - - &server-config-overview; - &server-config-hardware; - &server-config-software; - - diff --git a/Manuals/Howto-dialup/Server/Config/hardware.docbook b/Manuals/Howto-dialup/Server/Config/hardware.docbook deleted file mode 100644 index 4660bc4..0000000 --- a/Manuals/Howto-dialup/Server/Config/hardware.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Configuring Server Hardware - - - ... - - - diff --git a/Manuals/Howto-dialup/Server/Config/overview.docbook b/Manuals/Howto-dialup/Server/Config/overview.docbook deleted file mode 100644 index bcfcc4a..0000000 --- a/Manuals/Howto-dialup/Server/Config/overview.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Overview - - - ... - - - diff --git a/Manuals/Howto-dialup/Server/Config/software.docbook b/Manuals/Howto-dialup/Server/Config/software.docbook deleted file mode 100644 index e6f9bcd..0000000 --- a/Manuals/Howto-dialup/Server/Config/software.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Configuring Server Software - - - ... - - - diff --git a/Manuals/Howto-dialup/Server/Install.docbook b/Manuals/Howto-dialup/Server/Install.docbook deleted file mode 100644 index fcc98c2..0000000 --- a/Manuals/Howto-dialup/Server/Install.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Dial-Up Server Installation - - &server-install-overview; - &server-install-hardware; - &server-install-software; - - diff --git a/Manuals/Howto-dialup/Server/Install/hardware.docbook b/Manuals/Howto-dialup/Server/Install/hardware.docbook deleted file mode 100644 index 72b37bb..0000000 --- a/Manuals/Howto-dialup/Server/Install/hardware.docbook +++ /dev/null @@ -1,61 +0,0 @@ - - - Installing Server Hardware - - - In order to establish a PPP link between two computers using - the telephone line as medium for data transmission, you need - to install (at least) one modem device in each computer. - - - - To install a modem device in computer you need to attach the - modem hardware to the computer and later the telephone line to - the modem hardware. To connect the modem to your computer, you - need to connect the serial or USB cable that comes from the - modem hardware to the appropriate input on your computer. To - connect the modem to the telephone line system, you need to - unplug the cable that connects your telephone device and plug - it on the modem device, specifically in the port reserved for - data transmission. Later, using a similar cable, you could - connect your telephone device to the modem's telephone port, - so you can realize telephone calls when no data transmition - take place. - - - - To be on the safe side, do all the installation with the - computer turned off. Then, when everthing has been put in - place, turn it on. Once the system is up, you can verify the - modem hardware using either the lsusb or - lspci commands. These commands need to be - run with administrative privileges, so probably need to - sudo them or login as root user in order to execute - thme. For example, assuming you are logged in as root user, - and you are using an USB modem like that one we mentioned - before, the output of lsusb command would - look like the following: - - - -Bus 003 Device 001: ID 0000:0000 -Bus 001 Device 001: ID 0000:0000 -Bus 001 Device 002: ID 058f:6366 Alcor Micro Corp. Multi Flash Reader -Bus 002 Device 001: ID 0000:0000 -Bus 005 Device 003: ID 06e0:f104 Multi-Tech Systems, Inc. -MT5634ZBA-USB MultiModemUSB (new firmware) -Bus 005 Device 001: ID 0000:0000 -Bus 005 Device 002: ID 046d:c018 Logitech, Inc. Optical Wheel Mouse -Bus 004 Device 001: ID 0000:0000 - - - - The relevant line here is that mentioning the existence of a - Multi-Tech System, Inc. MT5634ZBA-USB MultiModemUSB (new - firmware) device. If the modem you installed doesn't - appear in this list, it is probably because such hardware is - not supported by &TCD;, yet. - - - diff --git a/Manuals/Howto-dialup/Server/Install/overview.docbook b/Manuals/Howto-dialup/Server/Install/overview.docbook deleted file mode 100644 index f7e99b1..0000000 --- a/Manuals/Howto-dialup/Server/Install/overview.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Overview - - - ... - - - diff --git a/Manuals/Howto-dialup/Server/Install/software.docbook b/Manuals/Howto-dialup/Server/Install/software.docbook deleted file mode 100644 index 72baf64..0000000 --- a/Manuals/Howto-dialup/Server/Install/software.docbook +++ /dev/null @@ -1,9 +0,0 @@ - - - Installing Server Software - - - ... - - - diff --git a/Manuals/Howto-dialup/Server/Usage.docbook b/Manuals/Howto-dialup/Server/Usage.docbook deleted file mode 100644 index b121a6a..0000000 --- a/Manuals/Howto-dialup/Server/Usage.docbook +++ /dev/null @@ -1,11 +0,0 @@ - - - Dial-Up Server Usage - - &server-usage-overview; - &server-usage-connections; - &server-usage-users; - &server-usage-services; - &server-usage-diskspace; - - diff --git a/Manuals/Howto-dialup/Server/Usage/connections.docbook b/Manuals/Howto-dialup/Server/Usage/connections.docbook deleted file mode 100644 index dea10e3..0000000 --- a/Manuals/Howto-dialup/Server/Usage/connections.docbook +++ /dev/null @@ -1,81 +0,0 @@ - - - Administering Dial-Up Connections - - - The lifetime of dial-up connections must be limitted based on - the number of users you expect to establish connection and the - kind of services you plan to provide. The mail service - provided by the server computer is conceived as a public - service so anyone with a modem attached to a computer would be - able to have access to it. However, due to hardware - limitations, only 100 users will be allowed to be registered - in the public mail service. Based on this information, the - lifetime of established connections will be of 15 minutes from - the established moment on. Once the connection has been - established, if the link is idle for 1 minute, the server - computer will close the established connection to free the - telephone line. This control can be implemented through the - and options - inside the pppd's configuration - file. - - - - Only registered user profiles will be able to establish connections - to the server computer. This control can be implemented using - the option in the - pppd's configuration file to define a - list of all telephone numbers that are allowed to establish - connection with the server computer, based on the list of - registered user profiles. By default, all telephone numbers - are denied from establishing access with the server computer, - except those ones explicitly set by - option. If the - option is not present in - pppd's configuration file, all - telephone numbers are allowed to establish connection with the - server computer, so be sure to include the - option in - pppd's configuration file if you - want to control who can/cannot establish connection with the - server computer. - - - -##### centos-pppd-config will overwrite this part!!! (begin) ##### -allow-number 12345 -allow-number 21345 -allow-number 34567 -##### centos-pppd-config will overwrite this part!!! (end) ##### - - - - The centos-pppd-admin application - must be considered part of user profile registration process - inside the server computer. The - centos-pppd-admin application would - be used to control the list of allowed telephone numbers - inside the pppd's configuration - file, based on the list of user profiles. The - centos-pppd-admin application - should be executed after any registration/deletion action - against the list of user profiles with root privilages in order to be - able of writing the settings on - pppd's configuration file. - - - - Redialing consecutive connections from the same telephone - number without any dealy between call retries must be avoided - from client computers. This would reduce the possibilities for - other client computers to establish connection with the server - computer. To prevent this issue from happening, it would be - necessary to provide more telephone lines than users - authorized to establish connection with the server computer. - Nevertheless, there is only one telephone line available for - the server computer to use. - - - diff --git a/Manuals/Howto-dialup/Server/Usage/diskspace.docbook b/Manuals/Howto-dialup/Server/Usage/diskspace.docbook deleted file mode 100644 index 950fc51..0000000 --- a/Manuals/Howto-dialup/Server/Usage/diskspace.docbook +++ /dev/null @@ -1,36 +0,0 @@ - - - Administering Disk Space - - - The maximum number of registered user profiles is limited - inside the server computer, based on the maximum disk space - the server computer confines to such purpose. For example, - consider an environment where users can get registered - themselves using a web interface. In this case the web - interface must know how much disk space is available before - proceeding to register new mail accounts inside the server - computer and this way preventing any disk writing when there - isn't enough free space on disk to perform a new user - registration. Considering the server computer has confined - 1GB of disk space to handle the mail service (e.g., mail - queues, mailboxes, etc.) and each user mailbox is 10MB, it - will be possible to provide self-registration through the web - interface for 100 users in total. - - - - Another measure related to save disk space might be to remove - unused user accounts and their related files (e.g., mailboxes) - from the server computer. For example, consider an environment - where user accounts are automatically removed from the server - computer when they don't establish a connection with the - server computer in a period greater than 7 days since the last - valid connection established to the server computer. Once the - user account is removed, it is no longer functional of course, - and the person whom lost the account will need to create a new - one, assuming it want to have access to the mail service - again. - - - diff --git a/Manuals/Howto-dialup/Server/Usage/overview.docbook b/Manuals/Howto-dialup/Server/Usage/overview.docbook deleted file mode 100644 index 0287ab1..0000000 --- a/Manuals/Howto-dialup/Server/Usage/overview.docbook +++ /dev/null @@ -1,33 +0,0 @@ - - - Overview - - - The infrastructure described in this chapter uses the - client/server model to provide a public mail service through - the telephone line. In this configuration, we (the poeple - building the infrastructure) provide the information you (the - person using the infrastructure) need to know in order to - establish a point-to-point connection from the client computer - to the server computer through the telephone line. - - - - The infrastructure described in this chapter is made available - to you free of charge, however, you should know that - maintaining it costs both money and time. For example, for - each hour the server computer is on production there is an - electrical consume that need to be paid every month. - Likewise, each call that you establish from the client - computer to the server computer will cost you money, based on - the location you made the call from and the time you spend - connected. - - - - In this chapter we discuss usage convenctions we all must be - agree with, in order to achieve a practical and secure - interchange system. - - - diff --git a/Manuals/Howto-dialup/Server/Usage/services.docbook b/Manuals/Howto-dialup/Server/Usage/services.docbook deleted file mode 100644 index 2f89a6c..0000000 --- a/Manuals/Howto-dialup/Server/Usage/services.docbook +++ /dev/null @@ -1,81 +0,0 @@ - - - Administering Internet Services - - - The information generated inside the server computer is - isolated from Internet. This way, any information generated - inside the server computer will be available only to people - registered inside the server computer. For example, don't ever - expect to send/receive e-mails to/from Internet e-mail - accounts like Gmail or Yahoo, nor visiting web sites like - Google or Wikipedia either. For - this to happen, it is required an established connection - between the server computer you are establishing connection - through and the Internet network those services are available - in. Without that link, it is not possible to direct your - requests to those sites. - - - - The implementation of services that required persistent - connections (e.g., chats) will not - be considered as a practical offer inside the server computer. - Instead, only asynchronous services (e.g., - e-mail) will be supported. This - restriction is required to reduce the amount of time demanded - by services. For example, consider an environment where you - connect to the server computer for sending/receiving e-mails - messages and then quickly disconnect from it to free the - telephone line for others to use. In this environment, there - is no need for you and other person to be both connected at - the same time to send/receive e-mail messages to/from each - other. The e-mails sent from other person to you will be - available in your mailbox the next time you get connected to - the server computer and use your e-mail client to send/receive - e-mail messages. Likewise, you don't need to be connected to - the server computer in order to write your e-mail messages. - You can write down your messages off-line and then establish - connection once you've finished writing, just to send them - out and receive new messages that could have been probably - sent to you. - - - - Another issue related to e-mail exchange is the protocol used - to receive messages. Presently, there are two popular ways to - do this, one is through IMAP and another through POP3. When - you use IMAP protocol, e-mail messages are retained in the - server computer and aren't downloaded to client computer. - Otherwise, when you use POP3 protocol, e-mail messages are - downloaded to the client computer and removed from server - computer. Based on the resources we have and the kind of link - used by the client computer to connect the server computer, - using POP3 is rather prefered than IMAP. However both are made - available. - - - - Assuming you use IMAP protocol to read your mailbox, be aware - that you need to be connected to the server computer. Once - the connection is lost you won't be able to read your messages - (unless your e-mail client possesses a feature that let you - reading messages off-line). Morover, you run the risk of - getting your mailbox out of space. If your mailbox gets out of - space, new messages sent to you will not be deliver to your - mailbox. Instead, they will be deferred for a period of time - (e.g., about 5 days when using - Postfix defaults) hoping you to - free the space in your mailbox to deliver them. If you don't - free space within this period of time, the deferred e-mails - will be bounced back to their senders and you will never see - them. On the other hand, assuming you are using POP3 protocol - to read your mailbox, you always keep your mailbox free to - receive new e-mails messages and keep them for you until the - next time you establish connection with the server computer - and download them to your client computer using your e-mail - client. - - - diff --git a/Manuals/Howto-dialup/Server/Usage/users.docbook b/Manuals/Howto-dialup/Server/Usage/users.docbook deleted file mode 100644 index 2cdf646..0000000 --- a/Manuals/Howto-dialup/Server/Usage/users.docbook +++ /dev/null @@ -1,61 +0,0 @@ - - - Administering Users Accounts - - - In order for you to use any service provided by the server - computer it is required that you register yourself inside the - server computer creating a user profile. The user profile - provides the user information required by services inside the - server computer (e.g., username, password, e-mail address, - telephone number, etc.). To register new user profiles, you - need to use the web application provided by the server - computer. For example, assuming the domain name of the server - computer is example.com, the web - application would be accessable through the following URL: - . - - - - To reach the web interface, the first thing you need to do is - establishing a dial-up connection to the server computer as - described in . Once the - dial-up connection has been established, you need to open a - web browser (e.g., Firefox) and put the URL mentioned above in - the address space, and press Enter to go. This will present - you a web page with the instructions you need to follow in - order to register your user profile. Other actions like - updating or deleting your own user profile should be also - possible from this web interface. - - - - - The web interface used to manage user profiles inside the - server computer must be presented over an encrypted session in - order to protect all the information passing through. - - - - - Inside the server computer, all related subsystems in need of - user information (e.g., Postix, Cyrus-Imapd and Saslauthd) - retrive user information from one single (LDAP) source. The - web application provided by the server computer manages all - these subsystems' configuration files in order to provide a - pleasant experience for end users. The web interface must be - as simple as possible in order to achieve all administration - tasks in the range of time permitted by the server computer - before it closes the connection established from the client - computer. - - - - More information about the web interface you need to use to - manage your user profile inside the server computer can be - found in .... - - - diff --git a/Manuals/Howto-dialup/howto-dialup.docbook b/Manuals/Howto-dialup/howto-dialup.docbook deleted file mode 100755 index af57010..0000000 --- a/Manuals/Howto-dialup/howto-dialup.docbook +++ /dev/null @@ -1,79 +0,0 @@ - - - - - - - -%Commons.ent; -%Preface.ent; -%Server.ent; -%Client.ent; -%Licenses.ent; -]> - - - - - Dial-Up Infrastructure - - - - Alain - Reguera Delgado - - - - - 2011 - &TCP;. All rights reserved. - - - - - Permission is granted to copy, distribute and/or modify - this document under the terms of the GNU Free - Documentation License, Version 1.2 or any later version - published by the Free Software Foundation; with no - Invariant Sections, no Front-Cover Texts, and no - Back-Cover Texts. A copy of the license is included in - . - - - - - - 1.0 - Today - - Alain - Reguera Delgado - - - - Under development. - - - - - - - - - &preface; - - - &server; - &client; - - - &licenses; - -