January 2015 Archives

Fri Jan 30 15:09:48 ICT 2015

How-to clone a FreeBSD virtual machine on VMware

There is no free tool to clone a FreeBSD virtual machine on VMware.

Instead, one can do the following:

  1. create the virtual machine with vSphere client
  2. boot the virtual machine using FreeBSD live CD
  3. partition the disk in FreeBSD
  4. enable and start the network interface:
    ifconfig en0 inet 192.41.170.xxx netmask 255.255.255.0
    
  5. in the source FreeBSD machine: in /etc/ssh/sshd_config, add the line:
    PermitRootLogin yes
    
    and restart sshd:
    /etc/rc.d/sshd restart
    
  6. make sure that dump and restore will have enough temporary storage:
    export TMPDIR=/mnt
    
  7. mount the root file system on the target machine:
    mount /dev/xxx /mnt
    
  8. copy the file system using dump and restore:
    cd /mnt
    ssh root@192.41.170.xxx "dump -u0 -f - -L filesystem" | restore -r -f -
    cd /
    umout /mnt
    
  9. repeat for each file system
  10. in the source FreeBSD machine: in /etc/ssh/sshd_config, remove the line PermitRootLogin yes and restart sshd:
    /etc/rc.d/sshd restart
    
  11. configure the Ethernet devices on the target FreeBSD
  12. configure the bootloader:
    mount /dev/root filesystem /mnt
    gpart bootcode -b /mnt/boot/pmbr -p /mnt/boot/gptboot -i 1 disk device
    
  13. update /etc/fstab in the target FreeBSD

Posted by Olivier | Permanent link | File under: administration, vmware, freebsd

Tue Jan 20 16:07:10 ICT 2015

Setting access policy on new collections in DSpace

I could not find any setting that would create the proper default policy on new collections added to DSpace.

The policy should be that the item is readable by anonymous, but the bitstream can only be accessed inside AIT (the web browser connected from CS or AIT IP address, or maybe authenticated through LDAP).

Once one (or several) new collection(s) has been created, do the following:

  1. connect to postgress server on database.cs.ait.ac.th:
    psql -h database dspace dspace
    
    Use DSpace admin password for the database.
  2. update the default_bitstream_read policy to allow read by the group AIT:
    update public.resourcepolicy set epersongroup_id=5 where action_id=9 and resource_type_id=3 \
    and epersongroup_id=0 and policy_id=x;
    
    Be careful, this upgrade all the default_bitstream_read across DSpace; it may be a problem if we host other collections; in that case, we may limit the update to the newly created collections, for example limiting on the resource_id (editing a collection policies display the collection resource_id and the policy_id of each policy).
  3. Update discovery SOLR search index:
    sudo -u httpd /web/dspace-install/bin/dspace index-discovery -f
    
  4. In DSpace, edit the collection to change the assigned roles. The role submitters should be assigned to the group CSIM_LDAP and the role Accept/Reject/Edit Metadata Step assigned to the group Office. This step implement DSpace workflow, where by any user in the group CSIM_LDAP can submit a new item, but the item will remain unpublished until a member of the group Office has reviewed, corrected and approved it.

For reference, the IDs in the database are the following:

resource_type_id
0 bitstream
1 bundle
2 item
3 collection
4 community
     
action_id
0 read
1 write
3 add
4 remove
9 default_bitstream_read
10 default_item_read
11 admin

Posted by Olivier | Permanent link | File under: administration