Introduction LVM are the initials for Logical Volume Manager, a powerful tool present in actual Linux systems inspired in the implementation available in other systems like AIX and HP-UX. LVM introduces a separation between system structure and elements like disks, partitions, filesystems to which we are used to. LVM has three levels: Physical volumes Volume Groups Logical volumes One of the benefits of LVM over traditional systems is that LVM introduces an abstraction layer which improves the limitation of a disk, allowing us to have a filesystem to span over several disks, resizing thus making a more efficient usage of storage. ...

Introduction SELinux is an implementation of MAC (Mandatory Access Controls) over LSM (Linux Security Modules) in Linux Kernel. SELinux, originally developed by N.S.A. (National Security Agency) allows applications to be confined by the kernel. Inside that “confined area”, much more grained than a standard chroot (system where basic executables are copied to another folder in order to have a small subsystem isolated from real system. The drawback is that a small subsystem could have enough utilities to reveal private information from our internal network),in which we can allow only certain operations, for example: adding information to a file, read from a directory but not writing, even just for one file in a standard directory, etc… ...

Introduction JigDo (JIGsaw DOwnload) is a small utility that can assemble a CD/DVD image from it’s internal files. For example, Debian has been using it for years for distributing the entire distribution: you downloaded a .jigdo file, and then, using the utility jigdo-lite (package jigdo-file on Debian like and RPM based1. This way, you only downloaded small files from servers, preventing line failures, spreading load between several servers, etc. Furthermore, if you already had some files (for example if you started at version X and have been downloading and keeping all files until X.Y, jigdo, can use those updated files to compare them against the .jigdo file and avoid downloading duplicated files… ...

Introduction I’m working for a “very concerned about security” firm, that makes mandatory using VPN for accessing their network, and internal services: IMAPS SMTP Intranet Forums Online training, etc As it should, we provided services for a client, also very concerned about security, thus not allowing internet access despite of using two squid proxies with a network appliance filtering protocols, scripts, viruses and malware. They only allow FTP, HTTP and HTTPS. ...

Prior to using the following info for creating own-made packages, let’s test if everything is working fine. I’ve created a NSIS script that writes into registry in a key called HKLMSOFTWAREOCS and puts a key named “cert” with value creilla. If we create a package with action “LAUNCH”, and attach the regcert.zip with command to execute regcert.exe, all clients with functional package deployment, will add that key to registry, so we can check, using OCS registry query function for a key named “cert” into: HKLM SOFTWAREOCS. ...