###############################################################################
Slackware-12.0 Server notes 01/02/08
###############################################################################

These notes are very similar to my old _server_notes.txt with regards to setting up the CUPS server, NFS shares, and Saned scanner shares, I'm taking a punt and trusting the Nat on my adsl modem to keep the bad boys out. Hence my server is no longer a gateway box

###############################################################################

	1. Network Diagram and hardware details:
	2. Setting up gateway access to the internet:
	3. Setting up file sharing with NFS:
	4. CUPS Print Server:
	5. HPOJ and CUPS
	6. Setting up network scanning with saned:
	


############################################################################### 

1. Network Diagram and hardware details

					  Gateway
					192.168.1.1
					     |
					     |
				       5 port switch
					     |
 		     ________________________|________________________
                     |               |               |              |
		   rick		   leila	    box		 garage
		workstation     workstation        server      workstation
	        192.168.1.2     192.168.1.3     192.168.1.4    192.168.1.5


Switch is a 5 port branded "Chronos" and purchased for around $25.00 at Jaycar 4 years ago. It was excellent value. I've done nothing to it except plug in network cables. The Gateway is a DSL-502T ADSL modem supplied by my current ISP, AAPT. This modem runs with Busy Box Linux and once I've set it up for static IP via a browser I can access it either as http://192.168.1.1 or telnet 192.168.1.1.

"rick", "leila" and "garage" are workstations with garage yet to be set up. 

I use "box" as as a print server for an hp 930c (bw only) and an hp psc/2355 (colour). The psc-2355 also serves as a network scanner. This machine also has a dvb-t pci card on board which is used to record digital TV. Scheduling is done from workstations via ssh. NFS provides access to saved programs which can be viewed while recording or anytime thereafter. NFS also provides access to file system for backups from work stations. Box just sits in a corner, no monitor, keyboard or mouse required. 

The server is an ASUS A7S8X-MX mobo with an AMD XP1800 processor (1108.282 MHz)with 256 mb of RAM. I have Slackware-11.0 installed with slective updates since initial setup.

If you think this box is an underachiever, remember there's no monitor/no X. I have had print jobs running, while the dvb-t card was locked on a channel and dvbstream recorded that program to disk, while another saved program was being encoded to PAL DVD remotely and my daughter watched another program stored on the server in her room on her desktop.

The only constraints I have is the capacity of data transfer via 10/100 nics and network cables. 

###############################################################################

2. Setting up gateway access to the internet:

The DSL-502T modem is my gateway. It was configured for static IP and is basically just another IP address on the lan. Configuration is at http://192.168.1.1 via anybrowser. I configure with the web interface, but once set up it could be configured CLI via telnet connection.

Not much more needs to done here but to set the workstations up with this IP as their gateway

###############################################################################

3. Setting up file sharing with NFS:

I will be sharing 2 directories on /dev/hdb which is a 200 Gb hard drive that I back things up to as well as save digital TV shows to for viewing later.

Chapters 3 and 4 of the NFS-HOWTO by Christopher Smith tells all I need to know. I'll put relevant lines for relevant files below. Remember that /etc/rc.d/rc.nfsd and /etc/rc./rc.portmap will need to be executable If they are executable, /etc/rc.d/rc.inet2 will run these scripts at boot.

/etc/exports:

/mnt/hdb9/videos        192.168.1.2(rw,sync,no_root_squash) 192.168.1.3(rw,sync,no_root_squash)
/mnt/hdb9/backups       192.168.1.2(rw,sync,no_root_squash) 192.168.1.3(rw,sync,no_root_squash)

/etc/hosts.deny:

portmap:ALL
lockd:ALL
mountd:ALL
rquotad:ALL
statd:ALL

/etc/hosts.allow

portmap: 192.168.1.2 , 192.168.1.3
lockd: 192.168.1.2 , 192.168.1.3
rquotad: 192.168.1.2 , 192.168.1.3
mountd: 192.168.1.2 , 192.168.1.3
statd: 192.168.1.2 , 192.168.1.3

There will also need to be two new lines added to the clients' /etc/fstab:

192.168.1.1:/mnt/hdb9/videos    /videos         nfs     rw,hard,intr    0   0
192.168.1.1:/mnt/hdb9/backups   /var/backups    nfs     rw,hard,intr    0   0

In order for these directories to be mounted they will have be first created on the clients


In order to get file sharing up and running and in lieu of rebooting, run "/etc/rc.d/rc.nfsd start" and "/etc/rc.d/rc.portmap" then "mount -a" on clients.


4. CUPS Print Server:

In order to provide network shares for the scanner I have to run hpoj and CUPS but first I'll just set up print shares with CUPS to make sure CUPS is working right.

Printers can be configured just as they would be for a printer connected to a workstation. I usually setup my printers through the CUPS web interface on which on this LAN will be found at 192.168.1.4:631 but first I will need to edit /etc/cups/cupsd.conf or make up my own cupsd.conf and copy it in. I've never really taken the time to understand all the options in cupsd.conf. This time around I am using the cupsd.conf suggested by Carla Schroder in a how-to at http://www.linuxplanet.com/linuxplanet/tutorials/6446/2/ which did not require any modifications to work on my network.

	##/etc/cups/cupsd.conf
	LogLevel warning
	
	#this varies; check your distribution
	SystemGroup root

	# Allow remote users to access this server
	Port 631
	Listen /var/run/cups/cups.sock

	# Enable printer sharing
	Browsing On
	BrowseAllow all
	BrowseAddress 192.168.1.255
	DefaultAuthType Basic

	<Location />
	# Allow shared printing
	Order allow,deny
	Allow 192.168.1.0/24
	</Location>

	<Location /admin>
	# Only local users can access Web admin pages
	Order allow,deny
	Allow from 192.168.1.*
	</Location>

	<Location /admin/conf>
	# Only local system users can access config files
	AuthType Basic
	#Require user @SYSTEM
	Order allow,deny
	Allow from 192.168.1.*
	</Location>



Each client will need to have the following line in /etc/cups/client/conf. This file is not present in Slack-12.0's /etc/cups so it will have to be created.

	ServerName 192.168.1.1

###############################################################################

5. HPOJ and CUPS

As far as I know, my options are limited when it comes to networking my HP-PSC scanner. I can do it with Sane but I need hpoj to access the scanner across the lan. Hpoj is no longer in development and has been replaced by HPLIP but the source is still available and it is an easy compile and there is good documentation avaialble in the source's /doc directory. As of yet HPLIP can not be used  to network HP scanners

All I need is is to untar the source, then cd into the directory and:

	./configure --prefix=/usr 
	make
	checkinstall
	installpkg hpoj-0.91-i386-1.tgz

I'm lazy. In this instance I have let checkinstall make the slack pack for me.

After I have connected my two printers and turned them on I will run "ptal-init-setup" a CLI wizard used to set up hpoj-managed devices. 

Note that ptal-init has to start before the print spooler (CUPS). I have made up an rc.hpoj script for starting hpoj. 

	#! /bin/bash
	#
	# Startup/shutdown script for hpoj
	# Note: This script must start before cupsd.
	
	case "$1" in
  	start)
		echo "Starting hpoj"
        		echo "ptal-init start"
		ptal-init start
		echo "ptal-init start"
		ptal-cups
        	;;
  	stop)
		echo "Stopping hpoj"        
		ptal-init stop
        	;;
	
 	 restart)
		echo "Stopping hpoj"
		ptal-init stop
		echo "Restarting hpoj"
		ptal-init start
		;;	
  
 	 *)
       	 echo $"Usage: $0 {start|stop|restart}"
        	exit 1
	;;
	esac

	exit $?

In order to get /etc/rc.d/rc.hpoj to run before /etc/rc.d/rc.cups put the following lines into /etc/rc.d/rc.M just befor the stanza for CUPS

	# Start hpoj before CUPS:
	if [ -x /etc/rc.d/rc.hpoj ]; then
	  /etc/rc.d/rc.hpoj start
	fi

If you already have an hpoj stanza in rc.M make sure it is called befor CUPS.

Since I started ptal-init when I set up my devices I will have to restart CUPS "with /etc/rc/rc.cups restart" before I can open up my CUPS server at 192.168.1.1:631.

I will then have to delete any previously configured printers on the server and set up new ones because I will now access printers as ptal devices and not usb devices. For example, when configuring my HP-PSC , I would select "Device URI: ptal:/mlc:usb:PSC_2350_series".

###############################################################################

6. Setting up network scanning with saned:

Saned is the sane daemon that allows access to scanners across a network. I found what I needed to get this going in the hpoj docs and at http://penguin-breeder.org/sane/saned/. My notes are a bit terse concerning saned but I leave them that way.

Make sure hpoj is installed, properly working and that there is an rc.hpoj script in /etc/rc.d that is executable and that it is called from /etc/rc.d/.rc.M and it runs before rc.cups

Add this line to /etc/services (at the bottom will do):
	sane-port          6566/tcp      # saned (network scanner daemon)

Add this line to /etc/inetd.conf (be sure the path is correct):
	sane-port  stream  tcp  nowait  saned.saned  /usr/sbin/saned saned 

Next restart  inetd with "/etc/rc.d/rc.inetd restart" or alternatively or send the inetd daemon an HUP signal: 

	root@box:/~# ps x | grep inetd
 	4680 ?        Ss     0:00 /usr/sbin/inetd
 	8418 pts/6    S+     0:00 less /etc/inetd.conf

and now that you know the pid::

	root@box:/~# kill -HUP 4680

Now to see if saned is at the sane-port, 6566 see if it is working: 
	root@box:/~# telnet localhost 6566
	Trying 127.0.0.1...
	Connected to localhost.
	Escape character is '^]'.
	^]
	Connection closed by foreign host.

Make sure there is a group "saned" and a user "saned and make sure  you have correct permissions for scanner device:

	root@box:/~# chown root:saned /dev/usb/scanner0 && chmod g+rw /dev/usb/scanner0

then check permission for scanner
	root@box:/~# ls -l /dev/usb/scanner0
	crw-rw----  1 root saned 180, 48 2001-03-26 07:04 /dev/usb/scanner0

Make sure that clients can access scanner by editing 192.168.1.1:/etc/sane.d/saned.conf to allow client access. all I need to do is put "192.168.1.1/24" in as an uncommented line.

On the clients make sure that /etc/sane.d/dll.conf contains the word "net", that it is not commented out and that /etc/sane.d/net.conf has a line with the address of server, i.e. 192.168.1.1.

###############################################################################

Cheers

rickmiles at turtlespond dot net