Redirecting / to /mythweb

Minor tweak to make connections to http://host/ on my mythweb host redirect automatically to mythweb. Add the following to the beginning of /etc/apache2/sites-enabled/mythweb.conf (before the Directory declaration):

RedirectMatch ^/$ /mythweb/

And restart Apache:

# /etc/init.d/apache2 reload

Configuring automatic update of IP address in DynDNS and OpenDNS

Updated March 29, 2009: Removed '-daemon 300' flag from /etc/cron.daily/ddclient script.

I wanted to configure automatic updating of the dynamic IP address assigned by my ISP to both OpenDNS and DynDNS. I did this using ddclient.

Directions for configuring ddclient for OpenDNS can be found here and directions for DynDNS can be found here.

Here's what I did:

# apt-get install ddclient
I went ahead and entered configuration for DynDNS during the install when prompted.
# vi /etc/ddclient.conf
# cat ddclient.conf

# Configuration file for ddclient
#
# /etc/ddclient.conf

pid=/var/run/ddclient.pid
ssl=yes
protocol=dyndns2
use=web
server=members.dyndns.org
login=dyndns-login
password=dyndns-password
my-addr.dyndns.org

##
## OpenDNS.com account-configuration
##
use=web, web=whatismyip.org
server=updates.opendns.com
protocol=dyndns2
login=opendns-login
password=opendns-password
OpenDNS-Network-Label

# chmod 600 /etc/ddclient.conf
# vi /etc/cron.daily/ddclient
# cat /etc/cron.daily/ddclient

#!/bin/sh
/usr/sbin/ddclient -syslog

# chmod +x /etc/cron.daily/ddclient

Installing Samba on Ubuntu Server

Previously I had installed Samba via the Ubuntu desktop, but now I wanted to do it on Ubuntu server.

First, I installed samba:

apt-get install samba

At the end of the install on my VMWare host system, I got the warning below:

--------- IMPORTANT INFORMATION FOR XINETD USERS ----------
The following line will be added to your /etc/inetd.conf file:

## netbios-ssn     stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/smbd

If you are indeed using xinetd, you will have to convert the
above into /etc/xinetd.conf format, and add it manually. See
/usr/share/doc/xinetd/README.Debian for more information.
-----------------------------------------------------------

I didn't end up having to do anything special, but wanted to mention it anyways.

Next, I edited /etc/samba/smb.conf to look like the one below. (You'll want to replace "username" with an actual username or list of usernames.)

 
[global]
   workgroup = WORKGROUP
   server string = %h server (Samba, Ubuntu)
# This will prevent nmbd to search for NetBIOS names through DNS.
   dns proxy = no

# This tells Samba to use a separate log file for each machine
# that connects
   log file = /var/log/samba/log.%m

# Cap the size of the individual log files (in KiB).
   max log size = 1000

# Do something sensible when Samba crashes: mail the admin a backtrace
   panic action = /usr/share/samba/panic-action %d

# "security = user" is always a good idea. This will require a Unix account
# in this server for every user accessing the server.
   security = user
   encrypt passwords = true
   passdb backend = tdbsam
   obey pam restrictions = yes
   invalid users = root
# This option controls how nsuccessful authentication attempts are mapped 
# to anonymous connections
   map to guest = bad user
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

[tmp]
   comment = tmp
   path = /tmp
   valid users = username
   writable = yes
   create mask = 0644
   directory mask = 0755

You can validate your smb.conf file by running 'testparm', e.g:

# testparm -s
Load smb config files from /etc/samba/smb.conf
Processing section "[music]"
Loaded services file OK.
...

Restart Samba:

# /etc/init.d/samba reload
* Reloading /etc/samba/smb.conf smbd only
...done.

Add samba users via smbpassword:

smbpasswd -a username

That's it.

BTW, one tidbit, if you get "Error code -6602" on the client, this is caused by a non-existent path in /etc/samba/smb.conf.

mythtv-status missing config errors

The following cron job, running as root, kept emailing me output complaining about "No config found":

[ -x /etc/init.d/mythtv-status ] && /etc/init.d/mythtv-status reload > /dev/null

Replicating it from the commandline worked:

# mythtv-status > /dev/null
No config found; attempting to find mythbackend via UPnP.

After playing around a bit, I figured out it was coming from the MythTV Perl module:

# perl -e "require MythTV"
No config found; attempting to find mythbackend via UPnP.
No backends found. Please copy /root/.mythtv/config.xml from a working MythTV installation instead.
Compilation failed in require at -e line 1.

Copying ~/.mythtv/config.xml from the mythtv account to the root account solved the problem.

Locking, but not expiring, root

I don't want to allow direct root login (not just via ssh as described here but via console or any other way. Basically I want to make it so everything has to go through sudo. (Why? Because I like the fact everything is traceable back to given user.)

I had previously tried using 'passwd -l' as root to lock that account, but that seems to have the unwanted side effect of causing root's cron jobs to fail, as I see the following message in syslog whenever a roon cron job comes time to run:

CRON[11591]: User account has expired

The solution I found is as follows. Before you do this you want to make sure you have the ability to do things as root via sudo, or you will lock yourself out (see here for directions on this).

First, I undid what I did before and unlock the account (skip this if you didn't previously lock the root account):

# passwd -u root
Password changed.

Then edit /etc/shadow by hand and change root's password field to "!", e.g.:

# grep root /etc/shadow
root:!:14145:0:99999:7::1:

Just to make sure test the setup by running 'ssh -l root localhost' and try logging in. You shouldn't be able to.

/dev/vmon: host clock rate change request syslog messages

On my VMWare host system I was seeing frequent (2-3/minute) syslog messages like the following that was making my syslog really hard to view:

/dev/vmmon[12315]: host clock rate change request 26 -> 30

Searching around on the net, a number of other people have seen this problem. I tried several things before finding one that worked for me.

First that that didn't work for me, based on this thread, I tried removing powernowd ('apt-get remove powernowd') but that offered no change.

Next thing that didn't work, based on this blog page, I followed the advice on this vmware knowledge based page:

# cat /proc/cpuinfo | grep "MHz"
cpu MHz : 2400.000
# vi /etc/vmware/config
# tail -3 /etc/vmware/config
host.cpukHz = 2400000
host.noTSC = TRUE
ptsc.noTSC = TRUE

and restarted vmware ('/etc/init.d/vmware restart'), but no luck.

Finally, what worked, even though it wasn't supposed to solve my problem, was, based on this page, I added the following to/etc/vmware/config:

host.useFastClock = FALSE

and restarted vmware ('/etc/init.d/vmware restart'). And that did it! No more syslog message about clock rate changes.

To clean up, I re-installed powernowd ('apt-get install powernowd') and that didn't seem to have any ill effects. I left all the changes to /etc/vmware/config.

Changing the mythweb password

The Mythbuntu installation of mythweb uses htdigest instead of htpassword, with a domain of "MythTV":

# htdigest /etc/mythtv/mythweb-digest MythTV mythtv
Adding user mythtv in realm MythTV
New password:
Re-type new password:

Getting outgoing email working

I wanted outgoing email to work (should have done this a while ago). I basically followed these directions with one importance exception. When I ran "dpkg-reconfigure postfix" and it asked "Other destinations to accept mail for (blank for none):" I made this field "localhost, localhost.localdomain" - the default included the FQDN I entered for "mail name" which caused all email to that FQDN to be tried to delivered locally, which I didn't want.

This page was useful for figuring out by ISP's SMTP server.

If you have problems, look at the logs in /var/log/mail.*

Once I was sure everything was working, I added .forward files for all the users to redirect to my normal, external email account.

MythBuntu MythTV Tweaks

After getting MythBuntu installed, I did the following tweaks to MythTV:

• Disabling DPMS (screen power saver): Previously I did it with the session manager, but Mythbuntu doesn't have the equivalent. So based on this thread, I did the following:
  

  $ vi ~/.xsessionrc
  $ cat ~/.xsessionrc
  xset s noblank
  xset s off
  xset -dpms
  Now restart desktop so changes take effect
  $ sudo /etc/init.d/gdm restart
  

  Updated Oct 24, 2008: I later also disabled the gnome-screensaver
  
• I was still getting commercials during playback of recorded shows. Poking around it seemed like all the options for commercial remove were select, but then I found under Utilities/Setup -> Setup -> TV Settings -> Playback on screen 8 "Automatically Skip Commercials" which I set to "Automatically Skip"
• I wanted my familiar Blootube theme back. I found this under Utilities/Setup -> Setup -> Appearance on screen 1.
• I wanted channel changing during live TV to take effect immediately. This was done with a combination of two options: Utilities/Setup -> Setup -> TV Settings -> General screen 1, select "Change channels immediately without select", and Utilities/Setup -> Setup -> TV Settings -> Playback OSD screen 1, unselect "Always use Browse Mode"
• Under Utilities/Setup -> Setup -> TV Settings -> Playback, screen 2, I set "Action on playback exit" to "Save Position and exit" and "Prompt at end of Recording".
• Configured MythFillDatbase to run automatically. Utilities/Setup -> Setup -> TV Settings -> General screen 6, enable "Automatically run mythfilldatabase". For "Arguments" I used "--refresh-all --quiet" and for "Log Path" I used "/tmp/mythfilldatabase.log". Everything else I left as is.
• Next I wanted to get the extra buttons on my remote working. So under Utilities/Setup -> Edit Keys I bound keys to the various screens I wanted shortcuts to under "JumpPoints". (Hint: to jump to the "Watch Recordings" screen, use the "TV Recording Playback" action as the target.)
  
  A hint, run "irw" as root and press keys on your remote to figure out their names, e.g. the following shows me pressing the Blue and Go keys:
  

  # irw
  00000000000017a9 00 Blue Hauppauge_350
  00000000000017a9 01 Blue Hauppauge_350
  00000000000017a9 02 Blue Hauppauge_350
  00000000000017bb 00 Go Hauppauge_350
  00000000000017bb 01 Go Hauppauge_350
  00000000000017bb 02 Go Hauppauge_350
  

  
  
  The I edited ~/.lirc/mythtv and bound the remote commands to those keys (the "config" option).
  

  $ cd ~/.lirc
  $ cp mythtv mythtv.orig
  $ vi mythtv
  $ diff -c mythtv.orig mythtv
  *** mythtv.orig 2008-09-24 21:05:35.000000000 -0500
  --- mythtv 2008-09-24 21:39:34.000000000 -0500
  ***************
  *** 733,738 ****
  --- 733,774 ----
  begin
  remote = Hauppauge_350
  prog = mythtv
  + button = Blue
  + config = d
  + repeat = 0
  + delay = 0
  + end
  +
  + begin
  + remote = Hauppauge_350
  + prog = mythtv
  + button = Videos
  + config = r
  + repeat = 0
  + delay = 0
  + end
  +
  + begin
  + remote = Hauppauge_350
  + prog = mythtv
  + button = TV
  + config = l
  + repeat = 0
  + delay = 0
  + end
  +
  + begin
  + remote = Hauppauge_350
  + prog = mythtv
  + button = RED
  + config = m
  + repeat = 0
  + delay = 0
  + end
  +
  + begin
  + remote = Hauppauge_350
  + prog = mythtv
  button = 7
  config = 7
  repeat = 0
  

  
  Next I tried restarting lirc:
  

  
  sudo /etc/init.d/lirc restart
  

  
  But that just caused my remote to stop working with mythtv all together, so I rebooted and all worked fine.

Wow, if it is possible for something to have too many options, MythTV is guilty...

Mythbuntu install

Ok, I had previously gotten my MythTV configuration messed up, so I decided I had been itching to try Mythbuntu, I would start with a fresh installation.

Here I the steps I took:

1. Downloaded Mythbuntu 8.04.1 and burned to a CD.


2. Booted CD and ran the Mythbuntu installer.


3. I used the Manual partitioner and partitioned my 250GB disk into a 50GB partition for the OS and a 200GB partition for program storage. (This worked out, at the end I'm still only using <2GB of the 50GB partition.)


4. Did the Advanced Install and took the default for everything except:
   
   
   
   • I disable the Samba Service.
   
   
   • I set passwords on mythweb and mysql servers.
   
   


5. I enabled a "Hauppage TV card" remote.

It then did it thing and then launched Mythtv-setup (I already have a schedules direct account). In mythtv-setup I did the following:

1. Under "Capture Cards", I added a new capture card. As I did previously I used MPEG-2 encoder card (PVR-x50, PVR-500) for my WinTV-PVR 250.


2. Under "Video Sources", I added my Schedules Direct lineup. It retrieved my lineup just fine.


3. Under "Input Connections", I set the Tuner 1 video source to Schedules Direct and fetched the channels from listings source.
4. 
   
5. Under "Storage Groups", I added the directory to the 200GB partition to the Default group.

I exited from mythtv-setup and mythfilldb ran. It then restarted, ejecting the CD for me.

After the system came up, the MythTV fronend started. I could see a full program guide under Manager Recordings/Schedule Recordings/Program Guide which was good.

But "Watch TV" didn't work; the screen would just blank and then come back to the menu. Hmmm, there was a little popup in the corner about restricted drivers. I exited MythTV and clicked on the little "driver icon" in the upper right of the desktop. A menu came up wanting to know if I wanted to enable "NVIDIA accelerated graphics driver". I enabled and it tried to install nvidia-glx-new_169.12 but got a 404 error.

I opened a Terminal and run 'sudo apt-get update' and then tried the driver enable again and it worked. I then rebooted.

Damn. Watching TV still didn't work.

Under Setup/Mythbuntu, there is a Propriety Drivers section and I installed the NVIDIA configuration utility and ran it. Ran fine, and I didn't do anything with it. But it just locked up my display when I tried to quit it.

Ah, after reading the advice here and looking in /var/log/mythtv/mythbackend, that provided the missing clue:

2008-09-22 21:52:33.292 TFW, Error: Opening file '/mnt/data/mythtv/1002_20080922215232.mpg'.
eno: Permission denied (13)

The directory /mnt/data was where I had mounted the 200GB partition and then I had created mythtv but I (i.e. the user I had provided during installation) owned it. Apparently, the mythtv user needed to own it.

# chown mythtv:mythtv /mnt/data/mythtv/

And now Watch TV worked!

Some minor administration followed:

1. Reset static IP address using directions here. Note that as soon as I changed /etc/networks/interfaces, the eth0 network went away and I had to run '/etc/init.d/networking restart' to restore it.


2. Installed some utils I like:
   

   apt-get install screen cvs



3. Ran '/usr/bin/apt-get -y dist-upgrade' to update everything.


4. Ran 'apt-get autoremove' to clean up


5. And a reboot after all of that...

Ok, everything seems to be basically working at this point except for some minor tweaks with the remote and channgel changing with mythtv. But I got a bunch of recordings scheduled and that's enough for tonight.

Testing web server with nikto

I wanted to give my web server a quick test for any major security problems. nikto was recommended to me as a good way to do that. I downloaded and installed (unpacked really) it:

# cd /tmp
# wget http://www.cirt.net/nikto/nikto-current.tar.gz
# tar xvfz nikto-current.tar.gz
# mv nikto /usr/local/nikto-2.03

And then I ran it against my webserver. Seems like a number of software packages are out of date, but are the freshest in the Ubuntu repositories. All together, nothing I'm concerned about.

# /usr/local/nikto-2.03/nikto.pl -h web-server
- Nikto v2.03/2.04
---------------------------------------------------------------------------
+ Target IP: 192.168.1.11
+ Target Hostname: web-server
+ Target Port: 80
+ Start Time: 2008-09-15 16:58:59
---------------------------------------------------------------------------
+ Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.3 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g
- Root page / redirects to: /wiki/
+ Apache/2.2.8 appears to be outdated (current is at least Apache/2.2.9). Apache 1.3.39 and 2.0.61 are also current.
+ PHP/5.2.4-2ubuntu5.3 appears to be outdated (current is at least 5.2.6RC4)
+ mod_ssl/2.2.8 appears to be outdated (current is at least 2.8.31) (may depend on server version)
+ mod_ssl/2.2.8 OpenSSL/0.9.8g - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell (difficult to exploit). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0082.
+ OSVDB-3268: GET /icons/ : Directory indexing is enabled: /icons
+ OSVDB-3233: GET /icons/README : Apache default file found.
+ 3577 items checked: 6 item(s) reported on remote host
+ End Time: 2008-09-15 17:00:48 (109 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

Test Options: -h web-server
---------------------------------------------------------------------------

Installing VMware sevrer on Ubuntu server

I had previously installed vmware-server 1.0.7 on by ubuntu laptop, so now I went to install it on my server system, but I ran into the following when vmware-config.pl was running:

None of the pre-built vmmon modules for VMware Server is suitable for your
running kernel. Do you want this program to try to build the vmmon module for
your system (you need to have a C compiler installed on your system)? [yes]

Using compiler "/usr/bin/gcc". Use environment variable CC to override.

Your kernel was built with "gcc" version "4.2.3", while you are trying to use
"/usr/bin/gcc" version "4.2.4". This configuration is not recommended and
VMware Server may crash if you'll continue. Please try to use exactly same
compiler as one used for building your kernel. Do you want to go with compiler
"/usr/bin/gcc" version "4.2.4" anyway? [no]

Ok, so off to the web for help and I came across this thread. I tried installing gcc-4.2.3 as suggested, but no luck:

# dpkg -i /var/cache/apt/archives/gcc_4%3a4.2.3-1ubuntu6_i386.deb
(Reading database ... 188652 files and directories currently installed.)
Preparing to replace gcc 4:4.2.3-1ubuntu6 (using .../gcc_4%3a4.2.3-1ubuntu6_i386.deb) ...
Removing old gcc doc directory.
Unpacking replacement gcc ...
Setting up gcc (4:4.2.3-1ubuntu6) ...

root@casey:/tmp/vmware-server-distrib# ls -l /usr/bin/gcc*
lrwxrwxrwx 1 root root 7 2008-09-14 16:28 /usr/bin/gcc -> gcc-4.2
-rwxr-xr-x 1 root root 206692 2008-03-11 04:37 /usr/bin/gcc-4.1
-rwxr-xr-x 1 root root 193372 2008-09-10 14:14 /usr/bin/gcc-4.2
-rwxr-xr-x 1 root root 16312 2008-03-11 04:32 /usr/bin/gccbug-4.1
-rwxr-xr-x 1 root root 2018 2007-06-04 19:59 /usr/bin/gccmakedep
root@casey:/tmp/vmware-server-distrib# gcc --version
gcc (GCC) 4.2.4 (Ubuntu 4.2.4-1ubuntu1)
Copyright (C) 2007 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

So, I went with the comment from ztirffritz and build with gcc 4.2.4. So far it seems to be working.

Connect to Server and Bookmarks

In case you haven't discovered Ubuntu's "Connect to Server" feature you should. If you are administering, or even accessing multiple systems, it's a big help. Basically you can make any remote host you have ssh access to appear as a Nautilus (i.e. file browser) folder on your local system.

Under "Places" click on "Connect to Server". For "Service type" select "SSH". Under Server put in the remote hostname. You can probably leave Port and Folder empty. If your User Name differs on the remote system, put that in under "User Name". If you want to save it as a Bookmark for easy future connections, click "Add Bookmark" and give it a name.

Click connect. If you are running SSH-Agent and have your keys set up appropriately, you'll need to enter nothing further, you should just get a open window showing the filesystem on the remote machine. Otherwise you'll be prompted for a password.

BTW, you can access and edit your bookmarks on any open Nautilus window under the Bookmarks menu.

Installing VMware server 1.07

I saw there was a new version (1.07) of vmware-server available, so I went ahead and pulled it down and installed it.

One thing I quickly figured out was you can't skip running /usr/bin/vmware-config.pl - if you do that you won't find the VMWare Server Console in your Applications menu. I did just take the default answer for everything.

Once that was done I tried firing up the Console, but it wouldn't start. No error message, it would just appear in the task list and then disappear. Trying to run it from the commandline resulted in the following error:

# /usr/bin/vmware
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4' not found (required by /usr/lib/libcairo.so.2)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0' not found (required by /usr/lib/libstdc++.so.6)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4' not found (required by /usr/lib/libcairo.so.2)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0' not found (required by /usr/lib/libstdc++.so.6)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4' not found (required by /usr/lib/libcairo.so.2)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0' not found (required by /usr/lib/libstdc++.so.6)

Ok, time to google and, as usual, the net comes through.

# cd /usr/lib/vmware/lib
# mkdir bak
# mv libgcc_s.so.1/libgcc_s.so.1 bak

And all seems good now.

Reverse proxying with Apache

I had a network-attached webcam that I want to reverse proxy through apache to take advantage of its https support. The camera is at 192.168.1.253. Here are the steps I took:

# a2enmod proxy proxy_http
# vi /etc/apache2/sites-available/webcam-proxy
# cat /etc/apache2/sites-available/webcam-proxy
ProxyRequests Off

<Proxy *>
Order deny,allow
Allow from all
</Proxy>

ProxyPass /webcam http://192.168.1.253/
# a2ensite webcam-proxy
# /etc/init.d/apache2 reload

Time synchronization in VMs

---

This post is the wrong way to go about things, see this article for details, but basically what you want to do is make sure you have the following in the VM's .vmx file:

tools.syncTime = "TRUE"

---

I'm noticed some serious time drift in my VMs (almost a day over a couple of weeks). Since I'm not running VMWare tools (I'm not running X), I needed a way to keep things in sync.

According to this page, time is synchronized at boot, which seems to be true, but isn't enough in my case.

So as suggested on the page, I installed ntp, but apparently the ntp-simple package no longer exists:

# apt-get install ntp-simple
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package ntp-simple is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
However the following packages replace it:
ntp
E: Package ntp-simple has no installation candidate

So I installed ntp instead:

# apt-get install ntp

Then I edit /etc/ntp.conf to use all the North American servers:

# vi /etc/ntp.conf
# grep ^server /etc/ntp.conf
server ntp.ubuntu.com
server 0.north-america.pool.ntp.org
server 1.north-america.pool.ntp.org
server 2.north-america.pool.ntp.org
server 3.north-america.pool.ntp.org

Running MythWeb remotely

---

DO NOT FOLLOW THESE DIRECTIONS: They've messed with my MythTV install, causing it to become unstable and forget all its recording scheduling information.
I strongly suspect it has to do with the database tweaking I did at the end, but I'm not going to try and fix it. I'm just going to run MythWeb locally, probably on a fest mythbuntu install.

---

This describes my installation of MythWeb on a server (192.168.1.11) that was separate from the system running my MythTV front end, back end and mysql database (192.168.1.10)

First, on the mythtv system, configure MySQL to accept remote connections:

# grep bind /etc/mysql/my.cnf
bind-address = 0.0.0.0
# /etc/init.d/mysql restart
* Stopping MySQL database server mysqld [ OK ]
* Starting MySQL database server mysqld [ OK ]
* Checking for corrupt, not cleanly closed and upgrade needing tables.

Now create a mythweb user in the mysql database. Replace "XXXXXXXX" here with an actual password you'll use again later. (I think you could get away with skipping this step and then using the mythtv user later. I'm also not sure you need to "grant all" permissions.)

# mysql --user=root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 163
Server version: 5.0.51a-3ubuntu5.2 (Ubuntu)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> grant all privileges on mythconverg.* to mythweb@192.168.1.11 identified by 'XXXXXXXX';
Query OK, 0 rows affected (0.06 sec)
mysql> select host,user from user;
+--------------+------------------+
| host | user |
+--------------+------------------+
| 192.168.1.11 | mythweb |
| casey | root |
| localhost | debian-sys-maint |
| localhost | mythtv |
| localhost | root |
+--------------+------------------+
5 rows in set (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.04 sec)

Mythweb uses the MasterServerIP value from the settings table to find the backend. In my case this was set to 127.0.0.1, which was fine if Mythweb is on the same system, but breaks things if they are are different systems. So change that to tell mythweb where to find the mythtv back end:

mysql> update settings set data='192.168.1.10' where value='MasterServerIP';
Query OK, 1 row affected (0.02 sec)
Rows matched: 1 Changed: 1 Warnings: 0

mysql> select data from settings where value='MasterServerIP';
+--------------+
| data |
+--------------+
| 192.168.1.10 |
+--------------+
1 row in set (0.00 sec

Ok, now on web server system install mythweb:

# apt-get install mythweb

And tell mythweb where to find the mysql database. Replace 'XXXXXXXX' here with the password for the mythweb user you created in the mysql database previously. (If you skipping creating the mythweb user earlier, this is where you would put in your mysql mythtv login and password instead.)

# cd /etc/apache2/sites-available/
# vi mythweb.conf
# grep db_ mythweb.conf
setenv db_server "192.168.1.10"
setenv db_name "mythconverg"
setenv db_login "mythweb"
setenv db_password "XXXXXXXX"
# apache2ctl restart

And things should be working. Don't forget to require authentication.

Backups...

I'm trying sbackup for backups. We'll see how it goes.

Update: this seems to be going great. I was using NFS, but I'd like to get away from that and since I notice sbackup supports scp, I've create a backup user and am trying it with that new account.

Update(2): sbackup appeared to have hung on me, as I got email from cron: "E: Another Simple Backup daemon already running: exiting" I did a "ps auxwww | grep sbackupd" and kill the process (a python script actually) and will check on it tomorrow...

Installing NFS

Used the directions here. Nothing more to say.

What I did was to mount a USB drive attached to the VM Host system inside the VM Guest and then export it via both NFS and Samba, esentally making the USB drive available across my home network. I'm a little concerned about performance, but we'll see how it goes.