G. Richard Keech
        Chief Technology Architect
        Red Hat Asia-Pacific

My Red Hat Resume

•  acacia           Applies a packet filtering firewall configuration using iptables.
•  rkbackup     A backup control program that uses dump as the underlying backup mechanism.
•  rkutils          Utilties for various things including date manipulation.
•  rktime          A simple command-line utility for displaying the time in different time zones.
•  ntpstat      A simple utility for displaying the synchronisation state of a host using NTP.
•  color prompt      A shell configuration file to give colored prompt.
• Release listings      Release names and dates, and package listings for (eventually) every Red Hat Linux release. This version is dated 2003-08-31.

Things I have packaged for use with Red Hat Linux

•  ntpstat      A simple utility for displaying the synchronisation state of a host using NTP. This utility has been part of Red Hat's ntp package since RHEL3.
•  amavisd-new         Content filter integration for Postfix.
•  ipt_ULOG                 A kernel module for Netfilter userspace logging.
•  ulogd                         A logger daemon for Netfilter userspace logging.
•  amavisd-new           Amavisd packages for RHEL3 for email content filtering (spam and virus).
•  Dovecot IMAP        Scripts and HOWTO for migrating mbox mail storage to maildir using Dovecot on RHEL3.

The first RHCE

I sometimes get asked if I really was the first Red Hat Certified Engineer. This email is my proof. I was granted RHCE status provisionally. The proviso was that I sit and pass within one year. So I claim my RHCE from 1998-06-02 even though I did not sit and pass the RHCE exam until Feb 1999. At least one other person (David Keegel) achieved provisional RHCE at the same time as me. However, to the best of my knowledge I was the only person to meet the one-year proviso.

I know that Joshua Jensen, the first RHCE instructor, also claims to be the first RHCE. However, the first RHCE course did not run until January 1999. I leave history to judge who was first.

Things I've written

• Using a Palm Pilot with Red Hat 8.0
• Building a customised Red Hat install disc For Red Hat Enterprise Linux version 3.
• Building a customised Red Hat install disc For Red Hat Enterprise Linux version 4.
• Building a simpler customised Red Hat install disc For Red Hat Enterprise Linux version 4.

My GPG Key

The key ID is F65E404B.

The key expires on 2008-06-15.

The key can be retrieved from:

• From here.
• From MIT's public keyserver at pgp.mit.edu. Search for "Geoffrey Richard Keech".

Things that interest me

    (watch this space)

This is a bash shell configuration file which provides a colored shell prompt. This is an aid to command line readability, and since it allows root to have a distinctively colored prompt, it can also be an aid to security.

Setup. To use this simply download the file below (colorprompt.sh) and put it in /etc/profile.d/ where it must be executable.

colorprompt.sh

Note: colorprompt.sh is now included in rkutils (since version 0.8).

acacia applies a packet filtering firewall configuration using iptables. It works for two-, three- or four-port configurations. It is suitable for many typical firewall situations involving a single firewall with a protected, trusted internal network, an untrusted external network, a semi-trusted DMZ, and optionally a semi-trusted auxilliary network. The typical case of an auxilliary network is a co-location facility. acacia operates as a service control script (initscript) in the conventional manner. It does not start or stop a daemon.

acacia requires userspace logging through ulogd and the ipt_ULOG kernel module.

The latest version of Acacia is 0.9.41 dated 2007-08-30. Here is the source RPM package. Here is the end-use RPM package.

rkbackup is a backup control program. It uses dump as the underlying backup mechanism. Backups configurations are specified in a simple configuration file. The rkbackup utility is suitable for running from cron, in that it does not generate stdout. The package includes utilities for monitoring active backups and for summarising log information. Tapes created have an ascii header at the start of the tape which makes it easy to determine what is on a tape. It requires rkutils.

latest source RPM package.                             latest  end-use RPM package.

rkutils is a small set of utilites as follows:

eom                                 test for end of month.

secs-to-date                 convert a value in epoch seconds to a date (inverse of date +%s).

ancestry                         display process parental line

rpmbase                         works like the basename command on package files and returns package name.

rpmversion                     determine the version string from a package file name.

ip2country                     Look up the country associated with an IP address.

rpmdup                             determine if any package in a diretory is repesented multiple times.
 

latest source RPM package.                             latest  end-use RPM package.
 

rktime is a command-line utility which displays the time in multiple timezones in an easy-to-read way, using color to help indicate which locations are currently in business hours.

latest source RPM package.                             latest  end-use RPM package.

ntpstat is a simple utility for displaying the synchronisation state of a host using the network time protocol (NTP). The standard set of tools provided as part of the ntp package do not allow a user to ask the simple question is the clock synchronised, and if so, how well?

Typical operation of ntpstat looks like

$ ntpstat
synchronised to NTP server (203.21.84.4)
time correct to within 50 ms
polling server every 1024 s
$


latest source RPM package.                             latest  end-use RPM package.

ipt_ULOG is a Linux kernel module for userspace logging within the Netfilter packet filtering system. This module is a standard Linux kernel module and is only provided here because it is omitted from Red Hat's kernels prior to 2.4.18-17. This package designed to be able to drop the module in alongside the other kernel modules of the kernel package. The version number of the ipt_ULOG package must agree with the version number of the kernel it is used with.

This kernel module uses module versioning and can only be used with the host kernel version it is intended for.

The most likely scenario requiring the use of this module is where Red Hat Enterprise Linux is being used as the platform. This module is not required for Red Hat Linux 8.0 or Red Hat Linux 9.

latest source RPM package (will not build on 7.1 or 7.2 without changes).

latest end-use RPM package for RHEL (aka AS 2.1)

recent end-use RPM package for RHEL (aka AS 2.1)

recent end-use RPM package for RHEL (aka AS 2.1)

older end-use RPM package for 7.3

older end-use RPM package for 7.1 or 7.2

ulogd

ulogd is a daemon to provide userspace logging for the Netfilter ULOG capability. Use of this daemon requires the ipt_ULOG kernel module. The ulogd package installs a daemon managed as a regular SysV-style of service. The userspace logging from Netfilter uses the Netlink socket method of communication. The default configuration of ulogd will provide for log information to be received on netlink group 1 and send to /var/log/ulogd.syslogemu.

The source rpm for this package builds two packages; ulogd and ulog-mysql. The latter provides for storing Netfilter log entries in a Mysql database.

Building this package from source requires a header file from the ipt_ULOG package.

latest source RPM package.                             latest end-use RPM package

Dovecot IMAP

Here are the scripts to perform the migration migrate.tar.

dovecot-0.99.10.9-RHEL3grk1.i386.rpm

dovecot-0.99.10.9-RHEL3grk1.isrc.rpm

Here is a short paper describing how to perform a migration from mbox storage (ie with uw imap) to maildir storage (ie Dovecot) on Red Hat Enterprise Linux: maildir-migration.txt.

amavisd-new

Amavisd-new provides email content filtering (see http://www.ijs.si/software/amavisd/). Provided here is a build of amavisd-new for use with RHEL3. It is provided with the other packages upon which it depends in a single tar file. It does not provide an anti-virus engine, but instead provides for the integration of the MTA with the AV.

Here is a list of the packages provided:

• amavisd-new-2.1.2-2grk.i386.rpm
• arc-5.21e-0.dag.rhel3.i386.rpm
• freeze-2.5-2.rhel3.dag.i386.rpm
• lzo-1.08-3.1.el3.dag.i386.rpm
• lzo-devel-1.08-3.1.el3.dag.i386.rpm
• lzop-1.01-1.rhel3.dag.i386.rpm
• nomarch-1.3-1.dag.rhel3.i386.rpm
• perl-Archive-Tar-1.08-0.rhel3.dag.noarch.rpm
• perl-Archive-Zip-1.09-0.rhel3.dag.noarch.rpm
• perl-BerkeleyDB-0.25-1.rhel3.dag.i386.rpm
• perl-Compress-Zlib-1.33-0.rhel3.dag.i386.rpm
• perl-Convert-TNEF-0.17-2.dag.rhel3.noarch.rpm
• perl-Convert-UUlib-1.03-1.rhel3.dag.i386.rpm
• perl-IO-stringy-2.109-1.1.el3.dag.noarch.rpm
• perl-MailTools-1.60-0.rhel3.dag.noarch.rpm
• perl-MIME-tools-5.411-2.rhel3.dag.noarch.rpm
• perl-Net-Server-0.86-0.rhel3.dag.noarch.rpm
• perl-TimeDate-1.16-0.rhel3.dag.noarch.rpm
• perl-Unix-Syslog-0.100-0.dag.rhel3.i386.rpm
• unarj-2.63-0.a.rhel3.dag.i386.rpm
• unrar-3.3.6-1.rhel3.dag.i386.rpm
• zoo-2.10-1.1.el3.dag.i386.rpm

amavisd-new-et-al.tar

Here is the source package for my build of amavisd-new, based on Dag Wieer's. amavisd-new-2.1.2-2grk.src.rpm.

Here is a short paper describing how to integrate Amavisd-new with Postfix on Red Hat Enterprise Linux: rhel-postfix-amavisd.txt.