Hewlett-Packard Co , the world’s top PC maker, is launching a new line of inexpensive business laptops with fresh features targeting users at small and medium-size companies.
The HP ProBook s-series, which starts shipping globally on Tuesday, is the company’s new mainstream business notebook, following the release of its higher-end, lightweight EliteBook line last year.
The ProBook replaces the HP Compaq line, although the Compaq name will continue to be used as a master brand name in other PCs.
The ProBook offers users a number of new features, including an optional Linux-based operating system pre-installed -- Novell Inc’s SuSE Linux Enterprise Desktop 11 -- for those seeking an alternative to the dominant Microsoft Corp Windows platform.
It is HP’s first-ever Linux pre-install on a standard business laptop, the company said. The PC maker does offer some netbooks with .
“It’s pretty much a natural evolution,” said Carol Hess- Nickels, HP’s director of marketing for worldwide business notebooks.
“We want to provide a different option ... it’s probably a little time yet before we’ll know exactly what the demand is, but we did think it was something worth trying.”
The ProBooks come with 14-inch, 15.6-inch and 17.3-inch screen sizes, with prices starting at $529. In another first for an HP business notebook, buyers will be able to add a color finish -- “merlot” -- if they choose.
Some models will also feature Qualcomm Inc’s Gobi technology, allowing them to use a single module to access different mobile broadband network technologies and mobile operators.
HP will also bring higher-end durability features, like its 3D DriveGuard -- which protects the hard drive if a laptop is dropped -- and a spill-resistant keyboard to the ProBook.
HP is the world’s No. 1 PC vendor, with a first-quarter global market share of more than 20 percent, according to research house IDC, well ahead of second-place Dell Inc. HP also took over the top spot in the US market from Dell in the first quarter.
The shares of Palo Alto, California-based HP closed the regular session down 35 cents at $35.45 on the New York Stock Exchange on Monday.
Wednesday, April 29, 2009
The Negative Voting Option: Elections
In the forthcoming general election, as has become the practice in India, the choice you will probably get to exercise will be between voting for either Tweedledum or Tweedledee. It’s bad enough that it’s barely a choice. Worse still, though, both Tweedledum and Tweedledee may turn out to be murderers or rapists, as has been the reality in some constituencies of late. Vote we must, but the question is for whom, if the choice happens to be between the devil and the deep sea.
Why do we have to choose between two evils? Behind the noisy and colourful facade of elections, political parties decide on which candidates they will field regardless of the background, criminal or otherwise, of the candidate. The most recent example of this phenomenon is from the Tamar constituency in Jharkhand which earned laurels for defeating Shibu Soren in January. What is perhaps not widely known is that Gopal Krishna Patar, who defeated Soren, is an accused out on bail; Patar faces a criminal case under various sections of the Indian Penal Code, including attempt to murder.
What could the voters in the Tamar constituency do if they did not want to vote for either Soren, found guilty of murder in 2006, or Patar? There is no option currently; but there could easily be one. This option is popularly called “None of the above”, or Nota.
Though the idea of Nota captured the popular imagination after the citizen protests in the wake of 26/11, it is not new. The Law Commission of India first recommended it in May 1999, in its 170th report on electoral reforms.
In its report, the Law Commission submitted its recommendation for Nota in combination with the electoral requirement that a candidate gain at least 50%+1 of the votes cast to be declared the winner. These provisions, according to the commission, would go “a long way in ensuring purity of elections, keeping out criminals and other undesirable elements and also serve to minimize the role and importance of caste and religion”.
The report noted that such provisions would achieve two objectives. The first would be “to cut down or, at any rate, to curtail the significance and role played by caste factor in the electoral process… This means that a candidate has to carry with him several castes and communities, to succeed.” This would certainly work to reduce the caste-based fragmentation of the polity and help develop holistic and pluralistic perspectives.
The second objective would be “to put moral pressure on political parties not to put forward candidates with undesirable record i.e., criminals, corrupt elements and persons with unsavoury background… It also acts as a powerful disincentive against voter intimidation.” Given that the last election put 125 candidates with pending criminal cases into the Lok Sabha, discouraging candidates with dubious backgrounds is essential.
There are, no doubt, practical difficulties in implementing these provisions, which the Law Commission observed. “If electronic voting machines (EVM) are introduced throughout the country, it will become a little more easier to implement this,” the report said.
The Election Commission of India supported these suggestions in its recommendations to the government on 10 December 2001, and reiterated then again in a letter from the then chief election commissioner to the Prime Minister on 4 July 2004.
Despite such clear and specific recommendations, and having had electronic voting machines in use for quite a few years, the government has not considered it fit to implement this provision. The Law Commission seems to have foreseen this when it said in 1999 that, “problems arise because of...lack of requisite standards of behaviour and also of cooperation and understanding among the political parties to ensure a peaceful poll. As a matter of fact, the election offences are not decreasing but are increasing, with every passing election.” Technology and a maturing democracy are supposed to make things easier; but it’s the reverse in India.
Voters having to vote without having a real choice is not really democratic.
It is under the above circumstances that an option of “None of the above” or “I do not vote for any of the above candidates” has the potential of giving voters some real choice, thus taking us closer to real democracy. It can nudge political parties to select better candidates. In case the Nota option gets the highest number of votes cast, the law would require repolling, that too with the earlier candidates not being allowed to recontest. There will be some costs to repolls, though much less now with EVMs. But democracy needs and deserves such investments. If the return is an improvement in the quality of candidates, the investment would be well worth it.
Even without a repoll, some moral pressure may be applied on political parties. When the Nota option is repeatedly exercised across India, parties are sure to learn the lesson. The purpose of the exercise is not to ask voters to “not vote”, but rather to nudge political parties to select better candidates.
Why do we have to choose between two evils? Behind the noisy and colourful facade of elections, political parties decide on which candidates they will field regardless of the background, criminal or otherwise, of the candidate. The most recent example of this phenomenon is from the Tamar constituency in Jharkhand which earned laurels for defeating Shibu Soren in January. What is perhaps not widely known is that Gopal Krishna Patar, who defeated Soren, is an accused out on bail; Patar faces a criminal case under various sections of the Indian Penal Code, including attempt to murder.
What could the voters in the Tamar constituency do if they did not want to vote for either Soren, found guilty of murder in 2006, or Patar? There is no option currently; but there could easily be one. This option is popularly called “None of the above”, or Nota.
Though the idea of Nota captured the popular imagination after the citizen protests in the wake of 26/11, it is not new. The Law Commission of India first recommended it in May 1999, in its 170th report on electoral reforms.
In its report, the Law Commission submitted its recommendation for Nota in combination with the electoral requirement that a candidate gain at least 50%+1 of the votes cast to be declared the winner. These provisions, according to the commission, would go “a long way in ensuring purity of elections, keeping out criminals and other undesirable elements and also serve to minimize the role and importance of caste and religion”.
The report noted that such provisions would achieve two objectives. The first would be “to cut down or, at any rate, to curtail the significance and role played by caste factor in the electoral process… This means that a candidate has to carry with him several castes and communities, to succeed.” This would certainly work to reduce the caste-based fragmentation of the polity and help develop holistic and pluralistic perspectives.
The second objective would be “to put moral pressure on political parties not to put forward candidates with undesirable record i.e., criminals, corrupt elements and persons with unsavoury background… It also acts as a powerful disincentive against voter intimidation.” Given that the last election put 125 candidates with pending criminal cases into the Lok Sabha, discouraging candidates with dubious backgrounds is essential.
There are, no doubt, practical difficulties in implementing these provisions, which the Law Commission observed. “If electronic voting machines (EVM) are introduced throughout the country, it will become a little more easier to implement this,” the report said.
The Election Commission of India supported these suggestions in its recommendations to the government on 10 December 2001, and reiterated then again in a letter from the then chief election commissioner to the Prime Minister on 4 July 2004.
Despite such clear and specific recommendations, and having had electronic voting machines in use for quite a few years, the government has not considered it fit to implement this provision. The Law Commission seems to have foreseen this when it said in 1999 that, “problems arise because of...lack of requisite standards of behaviour and also of cooperation and understanding among the political parties to ensure a peaceful poll. As a matter of fact, the election offences are not decreasing but are increasing, with every passing election.” Technology and a maturing democracy are supposed to make things easier; but it’s the reverse in India.
Voters having to vote without having a real choice is not really democratic.
It is under the above circumstances that an option of “None of the above” or “I do not vote for any of the above candidates” has the potential of giving voters some real choice, thus taking us closer to real democracy. It can nudge political parties to select better candidates. In case the Nota option gets the highest number of votes cast, the law would require repolling, that too with the earlier candidates not being allowed to recontest. There will be some costs to repolls, though much less now with EVMs. But democracy needs and deserves such investments. If the return is an improvement in the quality of candidates, the investment would be well worth it.
Even without a repoll, some moral pressure may be applied on political parties. When the Nota option is repeatedly exercised across India, parties are sure to learn the lesson. The purpose of the exercise is not to ask voters to “not vote”, but rather to nudge political parties to select better candidates.
Monday, April 27, 2009
Gigabyte Launches 3 WinMob Handsets in India
In Feb of this year, GIGABYTE Communications Inc. had announced its foray into the rapidly growing mobile phone market with the launch of its award winning new generation GSmart phones that included the MS820 touchscreen handset with GPS. They have now introduced two new models of touch screen Windows Mobile PDA phones for the Indian market along with the MS820 and - the MW702 and MW700.
The GSmart mobile phones being launched in India run on a Windows Mobile 6.1 Professional OS and come equipped with features that also include built-in GPS, Autofocus cameras some of which include Face Detection, Wi-Fi and Bluetooth as well as external memory support via microSD cards.
The GSmart MS820, according to the company is capable of working virtually with all audio, video and image formats and features -
The MS820, MW702 and MW700 are also available in the country for purchase and are priced at Rs. 36, 999, Rs. 29, 999 and Rs. 16, 999 respectively.
The GSmart mobile phones being launched in India run on a Windows Mobile 6.1 Professional OS and come equipped with features that also include built-in GPS, Autofocus cameras some of which include Face Detection, Wi-Fi and Bluetooth as well as external memory support via microSD cards.
The GSmart MS820, according to the company is capable of working virtually with all audio, video and image formats and features -
- 3.5G: HSDPA 7.2Mbps, WCDMA 2100, EDGE, GPRS, GSM Tri-band
- Modem: QUALCOMM MSM 6280
- CPU: Marvell PXA270, 520MHz
- 2.8-inch VGA TFT LCD touch panel
- 5M camera with Face Detection
- Smart sensor accelerometer
- Built-in GPS: SiRF Star III
- 2.75G: EDGE, GPRS, GSM 900, 1800, 1900
- CPU: Marvell PXA270, 520MHz
- Modem: Qualcomm 6235
- 2.8-inch full touch panel with high resolution screen
- “Smart Touch” Personal finger-touch UI
- 3.0 Mega pixels with Auto Focus Camera
- Built-in GPS: SiRF III Built-in
- EDGE, GPRS, GSM tri-band
- Built-in GPS: SiRF Star III
- 14.95mm thin
- Video Telephony
- Modem: QUALCOMM MSM6235
- CPU: Marvell PXA270, 520MHz
- 2.8-inch TFT LCD touch panel
- 2M camera with auto focus
The MS820, MW702 and MW700 are also available in the country for purchase and are priced at Rs. 36, 999, Rs. 29, 999 and Rs. 16, 999 respectively.
Yahoo Pulls the Plug on GeoCities
Yahoo Inc is shutting down GeoCities, a free service that hosts personal home pages for consumers, which it acquired for more than $4 billion 10 years ago during the heyday of the dotcom boom. A posting on a Yahoo Help page for GeoCities on Thursday said the service was no longer accepting new customers and that it will be closing later this year, with more details about how individuals can save their data coming this summer. The move comes a few days after Yahoo said it would lay off nearly 700 workers, or 5 percent of its workforce.
Since Chief Executive Carol Bartz took the reins in January, Yahoo has pruned various products and properties to cut costs and focus on fundamentals, as it seeks to revive growth in a tough economy and fierce competition from Google Inc. Last week, Yahoo said it was shutting down Jumpcut, an online service for editing videos. Yahoo acquired GeoCities in 1999 in a stock deal valued at roughly $4.6 billion, Reuters reported at the time.
GeoCities was among the first companies to build online communities, with more than 3.5 million websites hosted on its service in the late 1990s. But GeoCities fell out of favor in recent years, as a generation of social network sites such as Facebook and News Corp's Myspace have become popular among Web users.
"We have decided to discontinue the process of allowing new customers to sign up for GeoCities accounts as we focus on helping our customers explore and build new relationships online in other ways," Yahoo said in a statement. "As part of Yahoo's ongoing effort to build products and services that deliver the best possible experiences for consumers and results for advertisers, we are increasing investment in some areas while scaling back in others." Shares of Yahoo were up a penny to $14.49 in afternoon trading on the Nasdaq.
Since Chief Executive Carol Bartz took the reins in January, Yahoo has pruned various products and properties to cut costs and focus on fundamentals, as it seeks to revive growth in a tough economy and fierce competition from Google Inc. Last week, Yahoo said it was shutting down Jumpcut, an online service for editing videos. Yahoo acquired GeoCities in 1999 in a stock deal valued at roughly $4.6 billion, Reuters reported at the time.
GeoCities was among the first companies to build online communities, with more than 3.5 million websites hosted on its service in the late 1990s. But GeoCities fell out of favor in recent years, as a generation of social network sites such as Facebook and News Corp's Myspace have become popular among Web users.
"We have decided to discontinue the process of allowing new customers to sign up for GeoCities accounts as we focus on helping our customers explore and build new relationships online in other ways," Yahoo said in a statement. "As part of Yahoo's ongoing effort to build products and services that deliver the best possible experiences for consumers and results for advertisers, we are increasing investment in some areas while scaling back in others." Shares of Yahoo were up a penny to $14.49 in afternoon trading on the Nasdaq.
Actor Feroz Khan passes away
Bollywood actor Feroz Khan on Monday lost his battle with cancer and passed away at his farmhouse in Bangalore.
The 69-year-old actor-filmmaker died at 1:30 am at his farmhouse, family sources said. Khan is survived by actor-son Fardeen Khan and daughter Laila Khan.
He was diagnosed with cancer and was being treated at a Mumbai hospital for a long time. His funeral will take place later in the day in Bangalore, sources said.
The actor was born and brought up in Bangalore. The Bollywood actor of yesteryear was known for his hit films of the 70s and 80s which include 'Dharmatama', 'Qurbani' and 'Jaanbaz'.
The latest film he featured in was the blockbuster hit Welcome in 2007.
The 69-year-old actor-filmmaker died at 1:30 am at his farmhouse, family sources said. Khan is survived by actor-son Fardeen Khan and daughter Laila Khan.
He was diagnosed with cancer and was being treated at a Mumbai hospital for a long time. His funeral will take place later in the day in Bangalore, sources said.
The actor was born and brought up in Bangalore. The Bollywood actor of yesteryear was known for his hit films of the 70s and 80s which include 'Dharmatama', 'Qurbani' and 'Jaanbaz'.
The latest film he featured in was the blockbuster hit Welcome in 2007.
Sunday, April 26, 2009
SP rules out alliance with Third front or Left
Ruling out any post-poll tie-up with the Third Front or the Left parties as long as the Bahujan Samaj Party is with them, the Samajwadi Party on Sunday said it was, however, not averse to an alliance with the Congress.
"As long as our arch rival BSP chief Mayawati is with the Left parties or the Third Front, we are not going for any post-poll alliance them," SP general secretary Amar Singh told media-persons in Kolkata on Sunday. However, the party is not averse to an alliance with the Congress, he said.
"The Congress-led United Progressive Alliance ran the government for the last one year with our help after the Left parties withdrew support on the signing of the civil nuclear deal but they turned down our offer of 17 seats in Uttar Pradesh. We had never been so ungrateful...however, we are not averse to a tie-up with the Congress in post-poll scenario if the situation demand," Singh said.
Launching a scathing attack against the Communist Party of India-Marxist leadership, Singh said, "We had good relation with the CPM during the time of Harkishen Singh Surjeet, but Prakash Karat is altogether a different person." On the question of prime ministership, he said, "The emerging situation will decide who will be the prime minister. Let the Congress first win the confidence of magic number."
"As long as our arch rival BSP chief Mayawati is with the Left parties or the Third Front, we are not going for any post-poll alliance them," SP general secretary Amar Singh told media-persons in Kolkata on Sunday. However, the party is not averse to an alliance with the Congress, he said.
"The Congress-led United Progressive Alliance ran the government for the last one year with our help after the Left parties withdrew support on the signing of the civil nuclear deal but they turned down our offer of 17 seats in Uttar Pradesh. We had never been so ungrateful...however, we are not averse to a tie-up with the Congress in post-poll scenario if the situation demand," Singh said.
Launching a scathing attack against the Communist Party of India-Marxist leadership, Singh said, "We had good relation with the CPM during the time of Harkishen Singh Surjeet, but Prakash Karat is altogether a different person." On the question of prime ministership, he said, "The emerging situation will decide who will be the prime minister. Let the Congress first win the confidence of magic number."
10 don'ts for smart stock market investing
This is a great check list of 10 habits, impulses and tendencies you steer clear of in order to keep your investments healthy.
1. Don't be arrogant
The market teaches humility and that is how you must approach it. As soon as you believe you know why the market acts the way it does, you will be proven wrong. Arrogance can kill a portfolio. You must be able to admit defeat and preserve enough capital to fight again.
Following point and figure charts, which depict the battle between supply and demand, helps keep you out of the 'I know why' attitude of investing.
2. Don't wait until you feel comfortable to buy when a sector reverses up
Falling into the waiting trap is a great way to ensure that you buy the stock at a higher price. When sectors reverse up from oversold levels, it is often when the news is the most dire.
Conventional wisdom would suggest this is the last place in the world you would want to invest. Buying at this time is gut wrenching, but to be successful you must act with complete confidence.
As the sector moves higher, the comfort level increases. If you use comfort level as your guidance, however, you will for sure leave a lot of money on the table, or worse, buy as the sector peaks.
3. Don't be afraid to buy strong stocks
Don't avoid stocks just because they have gone up. Doing so will keep you out of the long-term winners. In the United States, for example, this mentality would have kept you out of General Electric, which was up 188 per cent between January 1995 and December 1997 only to see it rally another 96 per cent by the end of 2000. It also would have kept you out of Cisco, which was up 376 per cent between January 1995 and December 1997, and then it moved up another 312 per cent by the end of 2000. These are only two examples, but there are many others.
More important than how much the stock is up is its supply and demand relationship. By evaluating the point and figure chart, you can gain insight into this relationship and whether or not the stock is likely to move higher. Stocks that double can easily double again. Don't miss out on these great opportunities.
4. Don't sell a stock simply because it has gone up
Doing this cuts profits short. Buying a stock right is only half the battle. You have to be able to sell it right to win the war. Just because a stock has rallied 30 per cent or 50 per cent, don't be tempted to take your trade off for that reason alone.
Consider trimming the position and leave part on the table to continue in the uptrend. Let profits run.
5. Don't buy stocks in extended sectors because 'it's different this time'
On the surface, the stock market appears different all the time. The leadership changes: in come new stocks into the Nifty 50, and then out they go. Small-cap stocks outperform for a while, then it's back to the large caps.
However, the underlying forces that drive the stock market are always the same. They are true and time-tested and do not change. They are supply and demand. That's why buying sectors that are extended (overbought) will not be different this time.
6. Don't try to bottom fish a stock in a downtrend
'The trend is your friend' is a true statement. So don't go against it without some inkling that the trend has changed.
Bottom fishing a stock in a downtrend is the opposite of being afraid to buy strong stocks. Do not buy a stock just because it fell sharply. You want to buy a stock that is likely to move higher, not one that is not likely to fall further.
At a minimum, wait for the stock to show a sign that demand is back in control and suggesting higher prices. That may be a simple buy signal on the chart or a reversal back to the upside after holding an area of support. Also remember why you initiated the position. Be careful not to let a trade turn into something else.
7. Don't buy a stock simply because it is a 'good value'
These days, value is in the eyes of the holder, and therefore it is a subjective term at best. If a stock has become a good value, ask why. This is important, because a stock can stay a good value by not moving for the next decade, or worse, become a better value by dropping another 20 per cent.
The true value of a stock is determined by its capital appreciation potential, not numbers on a balance sheet. The basis for capital appreciation lies in the supply and demand relationship of the stock. Appreciation can occur only if demand grows stronger for the stock and buyers are willing to pay a higher price. Watch the point and figure charts to determine if a stock is likely to move higher in price and become a good value.
8. Don't hold on to losing stocks and hope they come back
Hope is eternal, but your portfolio is not. Holding on to a losing stock is the best way to let your losses run. Combine this mistake with selling a stock that has gone up and you can create a portfolio of dogs.
When buying stocks, there will always be some losers: Count on it. However, how you manage that loss often determines the success or failure of the overall portfolio. Keep losses small so that you have the capital to play again. Hanging on to losing positions, hoping that they will come back, can be deadly.
A $50 stock that is stopped out at $40 is a 20 per cent loss. It's a bad trade, but it is manageable. In order to recoup that loss you would have to make 25 per cent on a $40 stock. What if you held on to that $50 stock, hoping that strong earnings would come in and turn it around, but instead it continued lower to $25?
Finally, you decide to exit, but now it takes a 100 per cent return from a $25 stock just to get back to even. Those results are hard to find, and if you are able to find one, you don't want to waste it on getting back to even
Learn to recognize your losing positions for what they are. If a stock cannot trade above its support line or is not outperforming the averages, find one that is and swap it.
9. Don't pursue perfection
There are two types of mistakes to discuss here. The first is the constant belief that there is a better system out there, and you need to find it.
Using a new system to invest each week will not get you to your goal. You will become good at nothing and moderate to bad at everything. To be good requires that you stay focused, disciplined, and skilled at whatever methodology you choose.
You need to have the strength of conviction in your chosen discipline to learn from mistakes rather than to run away from them and find another methodology. There is no Holy Grail in investing.
The second mistake is to wait for the perfect trade. There is no such thing. If you only buy stocks that have all positive attributes you will maintain a portfolio of cash. Rarely, if ever, do you find a stock that has all the pluses on its side.
Look for the big ones like relative strength, trend, and signal. Also remember that 80 per cent of the cause of price movement in a stock is based on the market and sector. You are better off being approximately right than precisely wrong.
10. Don't do anything based on a magazine cover
Following the hot news that appears on magazine covers is a shortcut to the poor-house. Why should you follow the advice of someone who has just moved from the society pages to the business section?
1. Don't be arrogant
The market teaches humility and that is how you must approach it. As soon as you believe you know why the market acts the way it does, you will be proven wrong. Arrogance can kill a portfolio. You must be able to admit defeat and preserve enough capital to fight again.
Following point and figure charts, which depict the battle between supply and demand, helps keep you out of the 'I know why' attitude of investing.
2. Don't wait until you feel comfortable to buy when a sector reverses up
Falling into the waiting trap is a great way to ensure that you buy the stock at a higher price. When sectors reverse up from oversold levels, it is often when the news is the most dire.
Conventional wisdom would suggest this is the last place in the world you would want to invest. Buying at this time is gut wrenching, but to be successful you must act with complete confidence.
As the sector moves higher, the comfort level increases. If you use comfort level as your guidance, however, you will for sure leave a lot of money on the table, or worse, buy as the sector peaks.
3. Don't be afraid to buy strong stocks
Don't avoid stocks just because they have gone up. Doing so will keep you out of the long-term winners. In the United States, for example, this mentality would have kept you out of General Electric, which was up 188 per cent between January 1995 and December 1997 only to see it rally another 96 per cent by the end of 2000. It also would have kept you out of Cisco, which was up 376 per cent between January 1995 and December 1997, and then it moved up another 312 per cent by the end of 2000. These are only two examples, but there are many others.
More important than how much the stock is up is its supply and demand relationship. By evaluating the point and figure chart, you can gain insight into this relationship and whether or not the stock is likely to move higher. Stocks that double can easily double again. Don't miss out on these great opportunities.
4. Don't sell a stock simply because it has gone up
Doing this cuts profits short. Buying a stock right is only half the battle. You have to be able to sell it right to win the war. Just because a stock has rallied 30 per cent or 50 per cent, don't be tempted to take your trade off for that reason alone.
Consider trimming the position and leave part on the table to continue in the uptrend. Let profits run.
5. Don't buy stocks in extended sectors because 'it's different this time'
On the surface, the stock market appears different all the time. The leadership changes: in come new stocks into the Nifty 50, and then out they go. Small-cap stocks outperform for a while, then it's back to the large caps.
However, the underlying forces that drive the stock market are always the same. They are true and time-tested and do not change. They are supply and demand. That's why buying sectors that are extended (overbought) will not be different this time.
6. Don't try to bottom fish a stock in a downtrend
'The trend is your friend' is a true statement. So don't go against it without some inkling that the trend has changed.
Bottom fishing a stock in a downtrend is the opposite of being afraid to buy strong stocks. Do not buy a stock just because it fell sharply. You want to buy a stock that is likely to move higher, not one that is not likely to fall further.
At a minimum, wait for the stock to show a sign that demand is back in control and suggesting higher prices. That may be a simple buy signal on the chart or a reversal back to the upside after holding an area of support. Also remember why you initiated the position. Be careful not to let a trade turn into something else.
7. Don't buy a stock simply because it is a 'good value'
These days, value is in the eyes of the holder, and therefore it is a subjective term at best. If a stock has become a good value, ask why. This is important, because a stock can stay a good value by not moving for the next decade, or worse, become a better value by dropping another 20 per cent.
The true value of a stock is determined by its capital appreciation potential, not numbers on a balance sheet. The basis for capital appreciation lies in the supply and demand relationship of the stock. Appreciation can occur only if demand grows stronger for the stock and buyers are willing to pay a higher price. Watch the point and figure charts to determine if a stock is likely to move higher in price and become a good value.
8. Don't hold on to losing stocks and hope they come back
Hope is eternal, but your portfolio is not. Holding on to a losing stock is the best way to let your losses run. Combine this mistake with selling a stock that has gone up and you can create a portfolio of dogs.
When buying stocks, there will always be some losers: Count on it. However, how you manage that loss often determines the success or failure of the overall portfolio. Keep losses small so that you have the capital to play again. Hanging on to losing positions, hoping that they will come back, can be deadly.
A $50 stock that is stopped out at $40 is a 20 per cent loss. It's a bad trade, but it is manageable. In order to recoup that loss you would have to make 25 per cent on a $40 stock. What if you held on to that $50 stock, hoping that strong earnings would come in and turn it around, but instead it continued lower to $25?
Finally, you decide to exit, but now it takes a 100 per cent return from a $25 stock just to get back to even. Those results are hard to find, and if you are able to find one, you don't want to waste it on getting back to even
Learn to recognize your losing positions for what they are. If a stock cannot trade above its support line or is not outperforming the averages, find one that is and swap it.
9. Don't pursue perfection
There are two types of mistakes to discuss here. The first is the constant belief that there is a better system out there, and you need to find it.
Using a new system to invest each week will not get you to your goal. You will become good at nothing and moderate to bad at everything. To be good requires that you stay focused, disciplined, and skilled at whatever methodology you choose.
You need to have the strength of conviction in your chosen discipline to learn from mistakes rather than to run away from them and find another methodology. There is no Holy Grail in investing.
The second mistake is to wait for the perfect trade. There is no such thing. If you only buy stocks that have all positive attributes you will maintain a portfolio of cash. Rarely, if ever, do you find a stock that has all the pluses on its side.
Look for the big ones like relative strength, trend, and signal. Also remember that 80 per cent of the cause of price movement in a stock is based on the market and sector. You are better off being approximately right than precisely wrong.
10. Don't do anything based on a magazine cover
Following the hot news that appears on magazine covers is a shortcut to the poor-house. Why should you follow the advice of someone who has just moved from the society pages to the business section?
Monday, April 20, 2009
Feudalism responsible for Satyam fiasco: N R Narayana Murthy
Technology services titan and founder chairman of Infosys Technologies N R Narayana Murthy has had a deep impact on the
$60 billion IT industry which grew on the back of global sourcing of services. Over the years Mr Murthy has delivered over a 100 lectures on various fora spanning the world. Some of those select lectures on topics ranging from globalization, corporate governance, leadership and entrepreneurship are now part of the just published book: A Better India A Better World. In a 72-minute interview with ET at the company's guest house in South Delhi, Mr Murthy talks about the book, the political scene, the Satyam episode and its impact on India Inc and what the country now needs and more. Excerpts from the interview:
What all have you touched upon in this book and how are the lectures relevant now?
While the country has made considerable progress in the last 18 years after the first wave of economic reforms we are still lagging. We have one of the highest GDP growths in the world, our exports are much larger than what they were 10 years ago, our software industry has brought tremendous laurels to India, we have done well in technology industry, production and even in sports.
Yet we have been unable to redeem the pledge that our founding fathers took when India got independence. That is to provide decent access to education, nutrition, healthcare and welfare to the poorest of the poor. India has the largest mass of illiterates in the world, largest mass of poor people in the world, 250 million people don't have access to safe drinking water, 650 million people do not have access to decent sanitation. So this whole paradigm of 8-9% GDP growth becomes somewhat irrelevant when you look at these aspects.
So the real challenge we have is to bring inclusive growth. In order to bring inclusive growth in a country like India we need to solve three pieces of development -- first is creating a public opinion that values good work ethic, honesty, discipline, secularism. Second, we need to develop a cadre of leadership who espouse these values and serve as role models and demonstrate leadership by example. Third, we need the determination of the elite and the powerful in the society to eschew creation of asymmetry of benefits in their favour vis-à-vis the common man. Only when these three conditions are fulfilled will we be able to create a fair, just, equitable and inclusive growth in our society. In essence this is the fundamental thesis on which the book is based.
I have all along said that people practicing values, leaders leading by example and the elite and the powerful relating to the realities are absolutely essential for a country and a company to make progress. In some sense, on a very small, simple canvas I have painted a very simple drawing at Infosys and that painting has been reasonably successful.
Based on that experience I have been talking to people, students, in India and abroad, to enlightened citizens on various issues within this framework of values and leadership and those pieces form the basic gist of this book.
$60 billion IT industry which grew on the back of global sourcing of services. Over the years Mr Murthy has delivered over a 100 lectures on various fora spanning the world. Some of those select lectures on topics ranging from globalization, corporate governance, leadership and entrepreneurship are now part of the just published book: A Better India A Better World. In a 72-minute interview with ET at the company's guest house in South Delhi, Mr Murthy talks about the book, the political scene, the Satyam episode and its impact on India Inc and what the country now needs and more. Excerpts from the interview:
What all have you touched upon in this book and how are the lectures relevant now?
While the country has made considerable progress in the last 18 years after the first wave of economic reforms we are still lagging. We have one of the highest GDP growths in the world, our exports are much larger than what they were 10 years ago, our software industry has brought tremendous laurels to India, we have done well in technology industry, production and even in sports.
Yet we have been unable to redeem the pledge that our founding fathers took when India got independence. That is to provide decent access to education, nutrition, healthcare and welfare to the poorest of the poor. India has the largest mass of illiterates in the world, largest mass of poor people in the world, 250 million people don't have access to safe drinking water, 650 million people do not have access to decent sanitation. So this whole paradigm of 8-9% GDP growth becomes somewhat irrelevant when you look at these aspects.
So the real challenge we have is to bring inclusive growth. In order to bring inclusive growth in a country like India we need to solve three pieces of development -- first is creating a public opinion that values good work ethic, honesty, discipline, secularism. Second, we need to develop a cadre of leadership who espouse these values and serve as role models and demonstrate leadership by example. Third, we need the determination of the elite and the powerful in the society to eschew creation of asymmetry of benefits in their favour vis-à-vis the common man. Only when these three conditions are fulfilled will we be able to create a fair, just, equitable and inclusive growth in our society. In essence this is the fundamental thesis on which the book is based.
I have all along said that people practicing values, leaders leading by example and the elite and the powerful relating to the realities are absolutely essential for a country and a company to make progress. In some sense, on a very small, simple canvas I have painted a very simple drawing at Infosys and that painting has been reasonably successful.
Based on that experience I have been talking to people, students, in India and abroad, to enlightened citizens on various issues within this framework of values and leadership and those pieces form the basic gist of this book.
India launches spy satellite RISAT
Aiming to enhance India's defence surveillance capabilities, ISRO on Monday morning launched its first Radar Imaging Satellite (RISAT)
from Sriharikota.
As per specifications, RISAT is different from previous remote sensing satellites as it uses Synthetic Aperture Radar (SAR), equipped with many antennas to receive signals that are processed into high-resolution pictures.
The SAR, developed by Israel Aerospace Industries, gives RISAT defence capabilities.
from Sriharikota.
As per specifications, RISAT is different from previous remote sensing satellites as it uses Synthetic Aperture Radar (SAR), equipped with many antennas to receive signals that are processed into high-resolution pictures.
The SAR, developed by Israel Aerospace Industries, gives RISAT defence capabilities.
Cyber-squatting: The new gateway to identity theft
NEW DELHI: That old scrounge, cyber-squatting, is back with a vengeance especially for a host of global brands in India. With domain name prices
falling and more top-level domains (such as .biz, .cn, .mob and lately .in) getting accredited, cyber squatters are back in business full time.
Global brands across categories –– Monster Jobs, PepsiCo, SonyEricsson, Siemens, McAfee or search giant Google — have of late been at the receiving end of squatters. Take for instance, world’s largest job site Monster.com which was squatted in the name of one Usha Rani, a Hyderbad-based squatter which registered Monster.in and Monsterjobs.in.
The global jobsite filed a case with the .in registry saying that “the respondent had registered the domain in bad faith which impugned its brand.” After a resolution process, the domains were taken away and allotted to Monster India. “We have a fast track dispute resolution process where by decisions are transferred within 30 days of filing a complaint,” says a National Internet Exchange of India (NIXI) official, which handles the .in registry.
With little disincentive for squatting under Indian cyber laws, even Pepsico.in, Siemens.in and Sonyeriscsson.in were squatted recently. “There is no provision in the current or proposed IT act in India to punish cyber-squatters. At best, the domain name can be take back,” says cyber lawyer Pavan Duggal, who has dealt with several squatting cases.
With domain name prices falling to as low as Rs 200, squatters seem to be on a domain binging spree. Apart from global brands, celebrities domains are also targeted by squatters. For instance, AmitabhBachchan.in is currently undergoing an auction on the internet, with a minimum price bid of $1,000. Similarly, Soniagandhi.com is registered by Indianmagazine.com a news and views website. Indian film actor Gul Panag is also facing tough time to get her domain back. “I’m not going to pay the squatters $20,000 which they are demanding for GulPanag.com,” she was quoted as saying recently.
Other global brands have also been targeted. Netgear.co.in, Ushaworld.in, Baccarat.in were all squatted and won back recently by respective companies. Indian internet companies whose identities were squatted are Agencyfaqs.com and Rediff.in While Google suffered the squatting of Gmail.in. Mcafee.co.in was also squatted.
One of the world’s largest Flash memory maker Kingston also suffered with its Kingston.in and Kingston.co.in being squatted in India. Though there is no legal compensation under IT Act, .in registry has taken proactive steps to grant compensation to victim companies to deter squatters from further stealing domains. Most squatters however operate under guise of obscure names.
falling and more top-level domains (such as .biz, .cn, .mob and lately .in) getting accredited, cyber squatters are back in business full time.
Global brands across categories –– Monster Jobs, PepsiCo, SonyEricsson, Siemens, McAfee or search giant Google — have of late been at the receiving end of squatters. Take for instance, world’s largest job site Monster.com which was squatted in the name of one Usha Rani, a Hyderbad-based squatter which registered Monster.in and Monsterjobs.in.
The global jobsite filed a case with the .in registry saying that “the respondent had registered the domain in bad faith which impugned its brand.” After a resolution process, the domains were taken away and allotted to Monster India. “We have a fast track dispute resolution process where by decisions are transferred within 30 days of filing a complaint,” says a National Internet Exchange of India (NIXI) official, which handles the .in registry.
With little disincentive for squatting under Indian cyber laws, even Pepsico.in, Siemens.in and Sonyeriscsson.in were squatted recently. “There is no provision in the current or proposed IT act in India to punish cyber-squatters. At best, the domain name can be take back,” says cyber lawyer Pavan Duggal, who has dealt with several squatting cases.
With domain name prices falling to as low as Rs 200, squatters seem to be on a domain binging spree. Apart from global brands, celebrities domains are also targeted by squatters. For instance, AmitabhBachchan.in is currently undergoing an auction on the internet, with a minimum price bid of $1,000. Similarly, Soniagandhi.com is registered by Indianmagazine.com a news and views website. Indian film actor Gul Panag is also facing tough time to get her domain back. “I’m not going to pay the squatters $20,000 which they are demanding for GulPanag.com,” she was quoted as saying recently.
Other global brands have also been targeted. Netgear.co.in, Ushaworld.in, Baccarat.in were all squatted and won back recently by respective companies. Indian internet companies whose identities were squatted are Agencyfaqs.com and Rediff.in While Google suffered the squatting of Gmail.in. Mcafee.co.in was also squatted.
One of the world’s largest Flash memory maker Kingston also suffered with its Kingston.in and Kingston.co.in being squatted in India. Though there is no legal compensation under IT Act, .in registry has taken proactive steps to grant compensation to victim companies to deter squatters from further stealing domains. Most squatters however operate under guise of obscure names.
Saturday, April 18, 2009
Pirate Bay founders found guilty
"Frederik Neij, Gottfrid Svartholm Warg, Carl Lundstrom and Peter Sunde were found guilty of breaking copyright law and were sentenced to a year in jail.
"They were also ordered to pay $4.5m (£3m) in damages.
"Record companies welcomed the verdict but the men are to appeal and Sunde said they would refuse to pay the fine.
"Speaking at an online press conference, he described the verdict as "bizarre.""
"They were also ordered to pay $4.5m (£3m) in damages.
"Record companies welcomed the verdict but the men are to appeal and Sunde said they would refuse to pay the fine.
"Speaking at an online press conference, he described the verdict as "bizarre.""
New Linux rootkit technique presented
Anthony Lineberry, a Linux expert, announced during his presentation, "Alice in User-Land: Hijacking the Linux Kernel via /dev/mem", at the Black Hat security conference now taking place in Amsterdam that he will shortly be publishing the libmemrk library. He says Libmemrk works in both 32-bit and 64-bit environments.
This offers rootkit developers a new way to hide files or processes, or interfere with network traffic. The trick is that, without requiring extensive rights, libmemrk uses the /dev/mem device driver to write arbitrary code from userspace into main memory. /dev/mem is an interface that enables use of the physically addressable memory. For example XServer and DOSEmu, both use it. Lineberry says introducing rootkits via /dev/mem is also less obvious than the established route via loadable kernel modules (LKMs).
The library relieves a rootkit programmer of the "laborious" work of translating virtual memory addresses to physical ones and identifying a memory range that can be exploited for the attack. An attacker can't overwrite the existing system calls and replace them with his own code until the suitable ranges, normally used by the kernel, have been located. The real contents written into memory by the kernel are meanwhile shifted into a buffer.
The detailed steps required for a successful attack, which are handled by libmemrk, are described by Lineberry in his white paper, Malicious Code Injection via /dev/mem. However, Lineberry states there that an attack fails in virtual environments because the hypervisor behaves differently from unvirtualised hardware. Lineberry asks his audience to bear in mind that, regardless of libmemrk, the whole attack must be hand-programmed in assembly language. In future, Lineberry intends that libcc will be used in order to at least reduce the impact of this hurdle.
Lineberry also gives some tips on how the Linux world can protect itself against rootkits of this kind. He believes it should be enough to modify the memory driver so that it doesn't allow the write/read pointer lseek to look for more than 16 kilobytes in the memory area. Current versions of Red Hat and Fedora are inherently secure, because their kernel already incorporates the features of SELinux (Security Enhanced Linux).
Lineberry says there are also corresponding improvements in version 2.6.26 of the mainline kernel. For that purpose, the kernel was given two new functions: range_is_allowed() and devmem_is_allowed(). But this protection, he says, won't be effective unless the preprocessor directive CONFIG_STRICT_DEVMEM has been enabled when the kernel is compiled. Otherwise, range_is_allowed() always gives returns success. Lineberry says that the kernel configuration setting STRICT_DEVMEM, which sets CONFIG_STRICT_DEVMEM, is not activated by default during kernel compilation. He was unable to say when libmemrk would be available for downloading, as he was still engaged in eliminating its last weaknesses.
The technique of using the /dev/mem interface is not totally new. An article on Linux on-the-fly kernel patching without LKM appeared in Phrack back in 2001, describing a similar method using /dev/kmem/. The authors were already thinking about possible uses for /dev/mem then, but didn't go on to check them out.
This offers rootkit developers a new way to hide files or processes, or interfere with network traffic. The trick is that, without requiring extensive rights, libmemrk uses the /dev/mem device driver to write arbitrary code from userspace into main memory. /dev/mem is an interface that enables use of the physically addressable memory. For example XServer and DOSEmu, both use it. Lineberry says introducing rootkits via /dev/mem is also less obvious than the established route via loadable kernel modules (LKMs).
The library relieves a rootkit programmer of the "laborious" work of translating virtual memory addresses to physical ones and identifying a memory range that can be exploited for the attack. An attacker can't overwrite the existing system calls and replace them with his own code until the suitable ranges, normally used by the kernel, have been located. The real contents written into memory by the kernel are meanwhile shifted into a buffer.
The detailed steps required for a successful attack, which are handled by libmemrk, are described by Lineberry in his white paper, Malicious Code Injection via /dev/mem. However, Lineberry states there that an attack fails in virtual environments because the hypervisor behaves differently from unvirtualised hardware. Lineberry asks his audience to bear in mind that, regardless of libmemrk, the whole attack must be hand-programmed in assembly language. In future, Lineberry intends that libcc will be used in order to at least reduce the impact of this hurdle.
Lineberry also gives some tips on how the Linux world can protect itself against rootkits of this kind. He believes it should be enough to modify the memory driver so that it doesn't allow the write/read pointer lseek to look for more than 16 kilobytes in the memory area. Current versions of Red Hat and Fedora are inherently secure, because their kernel already incorporates the features of SELinux (Security Enhanced Linux).
Lineberry says there are also corresponding improvements in version 2.6.26 of the mainline kernel. For that purpose, the kernel was given two new functions: range_is_allowed() and devmem_is_allowed(). But this protection, he says, won't be effective unless the preprocessor directive CONFIG_STRICT_DEVMEM has been enabled when the kernel is compiled. Otherwise, range_is_allowed() always gives returns success. Lineberry says that the kernel configuration setting STRICT_DEVMEM, which sets CONFIG_STRICT_DEVMEM, is not activated by default during kernel compilation. He was unable to say when libmemrk would be available for downloading, as he was still engaged in eliminating its last weaknesses.
The technique of using the /dev/mem interface is not totally new. An article on Linux on-the-fly kernel patching without LKM appeared in Phrack back in 2001, describing a similar method using /dev/kmem/. The authors were already thinking about possible uses for /dev/mem then, but didn't go on to check them out.
3 Minutes to 3 Terabytes: VIA ARTiGO and FreeNAS Store Terabytes in a Shoebox
It truly is a beautiful thing when something just works. This is especially true with computers. High capacity storage has become almost a commodity with the price of an external 1 TB USB hovering around $100. All you have to do is plug in the power and connect the USB cable, and you've got instant storage expansion. Works great for a single computer, and you could even unplug it from one and plug it into another. While that does work, it tends to get old after a while, and if you're using that method for backups, you will more than likely end up forgetting or just quitting altogether at some point.
Network Attached Storage (NAS) is one answer to sharing large storage devices over a network. You could buy a NAS device from your favorite local or Internet supplier, but chances are you'll wind up with something less than what a "real" NAS has to offer. That's where VIA's ARTiGO A2000 comes in. The A2000 fits a full-featured computer with space for two 3.5" SATA drives in a package about the size of a shoebox. Add to the hardware the FreeNAS open source software and you've got a really capable storage solution.
Installation
Assembling the hardware couldn't be simpler. The ARTiGO A2000 has one screw on the rear of the box holding the case shell in place. Once that's out you can remove the front clip-on cover with two fingers. That exposes two slots for SATA hard drives and the CompactFlash slot. The hard drives slide easily on the rails and plug right into a connector at the back of the drive bay. Tighten two screws on each side to secure the drive to the frame, and you're all done. We used two Seagate Barracuda 7200.11 1.5 TB drives for this review.
Getting the software up and running is a little more involved but not much. Step one is to download the FreeNAS software image from the project download page. The one you want is the latest FreeNAS Image file. For the VIA ARTiGO you'll need the i386 version. While you're on the download page you can also get a copy of the Quick Start Guide and User Manual. Once you have the image downloaded you must write the image to a CompactFlash (CF) device. The image itself is a little under 30 MB, so you could use an old 64 MB device if you happen to have one lying around.
Writing the image to the CF disk requires root privileges. The trick is to know that the .img file is actually compressed, requiring a gunzip command before writing to the disk. You can do it with one command as follows:
root@anand-ubuntu:~/ gunzip -c FreeNAS-i386-embedded-0.69.4276.img | sudo dd of=/dev/sdc
The key here is the name of your CF device. In our case we used a small USB multi-card reader which assigns a unique device name for all the different slots. The CF slot shows up as /dev/sdc. With that piece of information you're ready to blast your image using the command line string above. You can also use the dmesg command to check yourself after inserting the CF card as in:
dmesg | tail -n 24
That will show you the last 24 kernel messages and should contain a few lines that indicate the device name of the card you just attached.
Network Attached Storage (NAS) is one answer to sharing large storage devices over a network. You could buy a NAS device from your favorite local or Internet supplier, but chances are you'll wind up with something less than what a "real" NAS has to offer. That's where VIA's ARTiGO A2000 comes in. The A2000 fits a full-featured computer with space for two 3.5" SATA drives in a package about the size of a shoebox. Add to the hardware the FreeNAS open source software and you've got a really capable storage solution.
Installation
Assembling the hardware couldn't be simpler. The ARTiGO A2000 has one screw on the rear of the box holding the case shell in place. Once that's out you can remove the front clip-on cover with two fingers. That exposes two slots for SATA hard drives and the CompactFlash slot. The hard drives slide easily on the rails and plug right into a connector at the back of the drive bay. Tighten two screws on each side to secure the drive to the frame, and you're all done. We used two Seagate Barracuda 7200.11 1.5 TB drives for this review.
Getting the software up and running is a little more involved but not much. Step one is to download the FreeNAS software image from the project download page. The one you want is the latest FreeNAS Image file. For the VIA ARTiGO you'll need the i386 version. While you're on the download page you can also get a copy of the Quick Start Guide and User Manual. Once you have the image downloaded you must write the image to a CompactFlash (CF) device. The image itself is a little under 30 MB, so you could use an old 64 MB device if you happen to have one lying around.
Writing the image to the CF disk requires root privileges. The trick is to know that the .img file is actually compressed, requiring a gunzip command before writing to the disk. You can do it with one command as follows:
root@anand-ubuntu:~/ gunzip -c FreeNAS-i386-embedded-0.69.4276.img | sudo dd of=/dev/sdc
The key here is the name of your CF device. In our case we used a small USB multi-card reader which assigns a unique device name for all the different slots. The CF slot shows up as /dev/sdc. With that piece of information you're ready to blast your image using the command line string above. You can also use the dmesg command to check yourself after inserting the CF card as in:
dmesg | tail -n 24
That will show you the last 24 kernel messages and should contain a few lines that indicate the device name of the card you just attached.
Thursday, April 16, 2009
Infosys cuts variable pay
Infosys has cut the variable pay for employees, with the cuts being deeper at the higher levels. For senior executives, the variable pa
y, which constitutes nearly 50 per cent of their total compensation, has been slashed by 58 per cent.
“Some boardroom executives have even taken a 70 per cent to 85 per cent variable pay cut,” said T V Mohandas Pai, head of HR in Infosys. The company's hiring has been steadily declining.
In Q4, it added (net) only 1,772 people, compared to 2,772 in Q3, and 2,586 in Q4 of 2007-08. In the whole of 2008-09, it hired (net) 13,663 people, down from 18,946 in the year before.
The company maintained that it will not seek to trim its payroll by laying off software professionals. There will, however, be no salary hike this year, as the company plans to keep its operational costs under control.
“We are not laying off anybody and there are no such plans,” said Infosys Technologies HR-director, TV Mohandas Pai.
Infosys plans to hire 18,000 professionals in the current fiscal, including almost 16,000 fresh graduates and experienced hires. It will also recruit around 1,000 non-Indians outside the country to increase the number of foreign professionals in its workforce.
y, which constitutes nearly 50 per cent of their total compensation, has been slashed by 58 per cent.
“Some boardroom executives have even taken a 70 per cent to 85 per cent variable pay cut,” said T V Mohandas Pai, head of HR in Infosys. The company's hiring has been steadily declining.
In Q4, it added (net) only 1,772 people, compared to 2,772 in Q3, and 2,586 in Q4 of 2007-08. In the whole of 2008-09, it hired (net) 13,663 people, down from 18,946 in the year before.
The company maintained that it will not seek to trim its payroll by laying off software professionals. There will, however, be no salary hike this year, as the company plans to keep its operational costs under control.
“We are not laying off anybody and there are no such plans,” said Infosys Technologies HR-director, TV Mohandas Pai.
Infosys plans to hire 18,000 professionals in the current fiscal, including almost 16,000 fresh graduates and experienced hires. It will also recruit around 1,000 non-Indians outside the country to increase the number of foreign professionals in its workforce.
India exercises its ballot, amid bullets and blasts
Round one of India's Election 2009 ended Thursday with millions queuing up in 17 states and union territories to vote in a new government
amid Maoist violence that marred the democratic exercise in several places and left at least 17 dead.
The world's largest democratic exercise began early at 7 a.m. and ended at most places at 5 pm. A majority of the states reported moderate turnout despite the Maoist attacks on polling centres and security personnel.
Indians voted in 124 constituencies to pick a new 545-seat Lok Sabha in the first step of a four-phased exercise that is widely expected to throw up a split verdict. The Maoist violence affected a dozen constituencies.
About 143 million of India's 714 million voters were eligible to exercise their franchise in the first of five rounds in 185,552 polling centres. A total of 1,715 candidates were in the fray, with over 300,000 electronic voting machines used.
Tens of thousands of election staff and security personnel kept vigil as people voted in all the constituencies of Kerala, Arunachal Pradesh, Meghalaya, Mizoram, Nagaland, Chhattisgarh, Andaman and Nicobar Island and Lakshwadeep. Andhra Pradesh, Assam, Bihar, Uttar Pradesh, Jammu and Kashmir, Maharashtra, Manipur, Orissa and Jharkhand saw partial voting.
But it was a bloody start to the ambitious exercise with Bihar, Chhattisgarh, Orissa, Jharkhand and Maharashtra seeing violence and intimidation as Maoist guerrillas tried to implement their election boycott through the barrel of the gun.
At least 17 people were killed as cadres of the outlawed Communist Party of India-Maoist, which seeks to carry out an agrarian-based revolution, targeted polling officials and security personnel across the insurgency hit states.
Landmine blasts in Chhattisgarh and Jharkhand saw 14 people getting killed. In Jharkhand's Latehar area, seven Border Security Force (BSF) personnel and two others heading to an election centre were killed when their bus was blown up.
In neighbouring Chhattisgarh, five polling officials died when Maoists detonated a landmine in Rajnandgaon district. A paramilitary trooper was shot dead in an exchange of bullets in the Maoist stronghold Dantewada.
In adjoining Bihar, a policeman and a Home Guard were killed when over a dozen Maoists opened fire at a polling station in Gaya district.
Reports of gun battles, booths being raided, voters being attacked and electronic voting machines being torched came in from several places in the affected states.
But voters braved it all at the end of the day.
In Andhra Pradesh, once a Maoist bastion, there was 60-65 percent voter turnout, 65 percent in the three parliamentary constituencies of Assam and 60-70 percent in Mizoram, Nagaland, Meghalaya and Arunachal Pradesh, also in the northeast. Manipur was lower at 40 to 50 percent.
In violence-hit Chhattisgarh, Jharkhand and Bihar, about 50 percent of the voters turned to cast their franchise.
Long queues were seen outside booths in Kerala with officials estimating that the turnout would be about 60 percent. It was highest in Ernakulam with 67.5 percent and surprisingly low in Thiruvananthapuram, where the Congress fielded star debutant, former UN under-secretary general Shashi Tharoor, with 45.4 percent.
With 124 of 543 seats going to the polls, the day was decisive for the main political parties battling for power with several key leaders in the fray.
One of them was Railway Minister and Rashtriya Janata Dal (RJD) chief Lalu Prasad, who accused the rivals of intimidating voters in his constituency in Saran in Bihar.
Cabinet minister and Nationalist Congress Party (NCP) leader Civil Aviation Minister Praful Patel said in his constituency Bhandara-Gondia in Maharashtra: "We are with the Congress as alliance partners. That does not stop us from having good relations with the Left. In fact, we may need them later."
Finally, Thursday was all about the struggle to reach the coveted seat of power in Delhi.
As defence minister and Congress leader A.K. Antony said: "Gone are the days of a single party ruling the country. Hence, even though there are secular parties contesting against us in states, when it comes to forming a government in Delhi we will seek the support of all secular parties."
And this is how BJP general secretary Arun Jaitley put it: "The way the campaign progressed and looking at the voting trends in all the states where we are in strength, we are going to improve our performance."
The exercise was also about the people and their determination to vote, no matter what.
Like Kamla Devi, 102, who came to vote at Gurah Brahamana in Jammu region. It was the 20th time she was doing so and the canny voter refused to disclose who she had supported.
But all will be told on May 16 when the millions of votes will be counted.
amid Maoist violence that marred the democratic exercise in several places and left at least 17 dead.
The world's largest democratic exercise began early at 7 a.m. and ended at most places at 5 pm. A majority of the states reported moderate turnout despite the Maoist attacks on polling centres and security personnel.
Indians voted in 124 constituencies to pick a new 545-seat Lok Sabha in the first step of a four-phased exercise that is widely expected to throw up a split verdict. The Maoist violence affected a dozen constituencies.
About 143 million of India's 714 million voters were eligible to exercise their franchise in the first of five rounds in 185,552 polling centres. A total of 1,715 candidates were in the fray, with over 300,000 electronic voting machines used.
Tens of thousands of election staff and security personnel kept vigil as people voted in all the constituencies of Kerala, Arunachal Pradesh, Meghalaya, Mizoram, Nagaland, Chhattisgarh, Andaman and Nicobar Island and Lakshwadeep. Andhra Pradesh, Assam, Bihar, Uttar Pradesh, Jammu and Kashmir, Maharashtra, Manipur, Orissa and Jharkhand saw partial voting.
But it was a bloody start to the ambitious exercise with Bihar, Chhattisgarh, Orissa, Jharkhand and Maharashtra seeing violence and intimidation as Maoist guerrillas tried to implement their election boycott through the barrel of the gun.
At least 17 people were killed as cadres of the outlawed Communist Party of India-Maoist, which seeks to carry out an agrarian-based revolution, targeted polling officials and security personnel across the insurgency hit states.
Landmine blasts in Chhattisgarh and Jharkhand saw 14 people getting killed. In Jharkhand's Latehar area, seven Border Security Force (BSF) personnel and two others heading to an election centre were killed when their bus was blown up.
In neighbouring Chhattisgarh, five polling officials died when Maoists detonated a landmine in Rajnandgaon district. A paramilitary trooper was shot dead in an exchange of bullets in the Maoist stronghold Dantewada.
In adjoining Bihar, a policeman and a Home Guard were killed when over a dozen Maoists opened fire at a polling station in Gaya district.
Reports of gun battles, booths being raided, voters being attacked and electronic voting machines being torched came in from several places in the affected states.
But voters braved it all at the end of the day.
In Andhra Pradesh, once a Maoist bastion, there was 60-65 percent voter turnout, 65 percent in the three parliamentary constituencies of Assam and 60-70 percent in Mizoram, Nagaland, Meghalaya and Arunachal Pradesh, also in the northeast. Manipur was lower at 40 to 50 percent.
In violence-hit Chhattisgarh, Jharkhand and Bihar, about 50 percent of the voters turned to cast their franchise.
Long queues were seen outside booths in Kerala with officials estimating that the turnout would be about 60 percent. It was highest in Ernakulam with 67.5 percent and surprisingly low in Thiruvananthapuram, where the Congress fielded star debutant, former UN under-secretary general Shashi Tharoor, with 45.4 percent.
With 124 of 543 seats going to the polls, the day was decisive for the main political parties battling for power with several key leaders in the fray.
One of them was Railway Minister and Rashtriya Janata Dal (RJD) chief Lalu Prasad, who accused the rivals of intimidating voters in his constituency in Saran in Bihar.
Cabinet minister and Nationalist Congress Party (NCP) leader Civil Aviation Minister Praful Patel said in his constituency Bhandara-Gondia in Maharashtra: "We are with the Congress as alliance partners. That does not stop us from having good relations with the Left. In fact, we may need them later."
Finally, Thursday was all about the struggle to reach the coveted seat of power in Delhi.
As defence minister and Congress leader A.K. Antony said: "Gone are the days of a single party ruling the country. Hence, even though there are secular parties contesting against us in states, when it comes to forming a government in Delhi we will seek the support of all secular parties."
And this is how BJP general secretary Arun Jaitley put it: "The way the campaign progressed and looking at the voting trends in all the states where we are in strength, we are going to improve our performance."
The exercise was also about the people and their determination to vote, no matter what.
Like Kamla Devi, 102, who came to vote at Gurah Brahamana in Jammu region. It was the 20th time she was doing so and the canny voter refused to disclose who she had supported.
But all will be told on May 16 when the millions of votes will be counted.
Wednesday, April 15, 2009
Sonia calls Advani 'a slave of RSS'
Describing the Bharatiya Janata Party's [Images] prime ministerial candidate L K Advani [Images] as a 'slave of the Rashtriya Swayamsevak Sangh', Congress president Sonia Gandhi [Images] on Wednesday said the saffron leader could not take any decision 'without the fear of the RSS'.
"It is Advani who is a slave of the RSS because he wants to protect his chair. This is the reason why he panders to each and every wish of the RSS," Gandhi told an election rally in Bidar, Karnataka.
Dismissing Advani's oft-repeated comment about Manmohan Singh [Images] being a weak prime minister, she asked whether the senior BJP leader could take any decision on his own 'without the fear of the RSS'.
Gandhi said that when Advani was the BJP president, he had given a 'secular certificate' to Jinnah during his visit to Pakistan, which created a furore in the RSS and ultimately led to his resignation from the post.
"Advani must remember that a prime minister does not belong to one party but to the whole nation and an insult to him is an insult to the whole country," she said.
"Now the choice is left to the people. They have to decide who is weak, whether it is Prime Minister Manmohan Singh or BJP leader L K Advani," Gandhi said.
Accusing the BJP of 'being sympathetic towards terrorists', Gandhi said it was during the National Democratic Alliance's rule that 'terrorists were released and escorted to Kandahar'.
She said it was the "efficient and diplomatic tackling of the Mumbai terror attacks [Images] by the United Progressive Alliance government which compelled Pakistan to concede responsibility in the issue".
"We will not tolerate any such attack against India," Gandhi said.
Attacking the BJP government in Karnataka for 'improper utilisation' of central funds allotted for development work, she said "we gave crores of Rupees to Karnataka. We really do not know how the funds have been utilised".
She also came down on the saffron party for the 'rampant corruption' in the state and appealed to the people to cast their votes judiciously.
Highlighting the achievements of the Congress government since Independence, Gandhi said whether it is industrialisation or modernisation of the country, nationalisation of banks, empowerment of women through Panchayat Raj institutions or signing the nuclear agreement, it is the Congress which has always taken the lead.
"The people have to take all this into account and make an informed choice," she said.
"It is Advani who is a slave of the RSS because he wants to protect his chair. This is the reason why he panders to each and every wish of the RSS," Gandhi told an election rally in Bidar, Karnataka.
Dismissing Advani's oft-repeated comment about Manmohan Singh [Images] being a weak prime minister, she asked whether the senior BJP leader could take any decision on his own 'without the fear of the RSS'.
Gandhi said that when Advani was the BJP president, he had given a 'secular certificate' to Jinnah during his visit to Pakistan, which created a furore in the RSS and ultimately led to his resignation from the post.
"Advani must remember that a prime minister does not belong to one party but to the whole nation and an insult to him is an insult to the whole country," she said.
"Now the choice is left to the people. They have to decide who is weak, whether it is Prime Minister Manmohan Singh or BJP leader L K Advani," Gandhi said.
Accusing the BJP of 'being sympathetic towards terrorists', Gandhi said it was during the National Democratic Alliance's rule that 'terrorists were released and escorted to Kandahar'.
She said it was the "efficient and diplomatic tackling of the Mumbai terror attacks [Images] by the United Progressive Alliance government which compelled Pakistan to concede responsibility in the issue".
"We will not tolerate any such attack against India," Gandhi said.
Attacking the BJP government in Karnataka for 'improper utilisation' of central funds allotted for development work, she said "we gave crores of Rupees to Karnataka. We really do not know how the funds have been utilised".
She also came down on the saffron party for the 'rampant corruption' in the state and appealed to the people to cast their votes judiciously.
Highlighting the achievements of the Congress government since Independence, Gandhi said whether it is industrialisation or modernisation of the country, nationalisation of banks, empowerment of women through Panchayat Raj institutions or signing the nuclear agreement, it is the Congress which has always taken the lead.
"The people have to take all this into account and make an informed choice," she said.
Build a centralized log management and monitoring system
Seasoned system administrators know that routinely reading system logs is an important task, but reading endless lines from logs is both time-consuming and boring, especially if you are responsible for a large number of busy servers. In this article I will show you how to set up a system that gathers and archives system logs from many network hosts and emails only important or irregular system events to administrators.
The majority of GNU/Linux distributions uses the good old syslogd system logger by default, which is based on the original 4.3BSD syslogd daemon. Syslogd is a fine system logger, but it lacks some advanced features modern alternatives offer. We will use syslog-ng instead, which provides all the functionality of the traditional syslogd along with some nice enhancements. Among others, it provides powerful filtering capabilities based on message content, and can also be used in a firewalled environment without problems.
Installation is a breeze since most distributions provide binary packages. If you prefer to manually build the program, check the INSTALL file included in the source tarball, which outlines all the necessary steps. Make sure to uninstall syslogd before installing syslog-ng.
The syntax of the configuration file might seem peculiar and complex compared to the traditional syslog.conf syntax, but it offers almost limitless customization options. Make sure to read the syslog-ng.conf man page for information on how to use it.
Since our logging system will gather logs from other hosts, we need to instruct it to listen for network connections. Syslog-ng supports both the TCP and UDP protocols. IANA has assigned the 514/udp port to the syslog service, so we will use that port for maximum compatibility with syslogd and network devices such as routers. If you use syslog-ng on all your hosts, it's better to use the TCP protocol, which is more reliable and firewall-friendly.
Add the following lines to your /etc/syslog-ng/syslog-ng.conf to the appropriate sections indicated by comments (lines starting with #) to enable listening for network connections on a specific IP address, and to archive logs from remote hosts as /var/log/$HOST/$FACILITY (e.g. /var/log/mailserver/mail):
## add this to the options section
create_dirs(yes);
long_hostnames(off);
keep_hostname(yes);
# uncomment the following line only on a LAN with working DNS
#use_dns(yes);
## add this to the source section
source s_udp {
udp ( ip(192.168.1.2) ); # replace with your system's IP address
};
## add this to the destination section
destination df_udp {
file ("/var/log/$HOST/$FACILITY");
};
## add this to the log section
log {
source(s_udp);
destination (df_udp);
};
On the remote hosts add the following lines in /etc/syslog-ng/syslog-ng.conf or /etc/syslog.conf, depending on whether they run syslog-ng or syslogd respectively:
## /etc/syslog-ng/syslog-ng.conf
## add this to the destination section
destination remote_udp { udp("192.168.1.2"); }; # replace with your log server's IP address
## add this to the log section
log { source(src); destination(remote_udp); };
## /etc/syslog.conf
# use tabs instead of space
*.* @192.168.1.2 # replace with your log server's IP address
You can add additional filters to better suit your needs or even log to a database like PostgreSQL. Note that syslog traffic between hosts is unencrypted; if you want to gather logs from remote hosts over the Internet, create SSH tunnels first, for security.
Logcheck
At this point you have configured a full-featured syslog server that gathers and archives logs from multiple servers, but so far you still have to read those logs manually. Now we'll add logcheck to the equation.
Logcheck is an excellent program that parses log files, filters out expected, normal events based on pre-defined regular expressions, then summarizes the remaining entries and emails them to the system administrator's account. Logcheck was previously part of the Sentry tools suite, but since it had been unmaintained for a long time, it was forked by Debian developers, who have done a wonderful job integrating logcheck into the system. Most network daemon packages include logcheck rules out of the box.
To install logcheck on a Debian-based system simply apt-get install the logcheck, logtail, and logcheck-database packages; the last of the three provides lots of ready-made rules for various system events. To install it on other distributions, download the source tarball and read the INSTALL file. Since it is just a shell script it does not need any compilation.
Configuration is simple. First enter which log files you want to be checked by logcheck in /etc/logcheck/logcheck.logfiles. Logcheck supports three levels of filtering: paranoid, server, and workstation. Each level uses a directory named /etc/logcheck/ignore.d.level_name that includes filtering rules files with different verbosity levels. Paranoid produces highly verbose output and should be used only on high-security systems running a minimum number of services. Server should be fine for most systems and is used by default. Workstation filters out most of the messages and thus produces the least verbose output of the three. You can define which filtering level should be used in /etc/logcheck/logcheck.conf, along with other parameters, such as the recipient email address and the subject of the emails.
Logcheck uses standard regular expressions to filter logs. It's not difficult to write custom rules; read the WRITING RULES paragraph of the docs/README.logcheck-database file in the source tarball (or /usr/share/doc/logcheck-database/README.logcheck-database.gz in Debian) for more information. If you're new to regular expressions, this guide might be useful. As an example, check this filter file for Dovecot:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ imap-login: Login: [.[:alnum:]-]+ \[[0-9.]+\]$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ imap-login: Disconnected \[[0-9.]+\]$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ imap\([^[:space:]]+\): File isn't in mbox format: [^[:space:]]+$
Logcheck runs periodically from cron. The default cron job installed by the Debian package (/etc/cron.d/logcheck) runs logcheck every hour or when the system reboots. Unless you want 24 logcheck email messages per day, you should adjust how often it should run by editing the file. I prefer to run it on a daily basis.
The majority of GNU/Linux distributions uses the good old syslogd system logger by default, which is based on the original 4.3BSD syslogd daemon. Syslogd is a fine system logger, but it lacks some advanced features modern alternatives offer. We will use syslog-ng instead, which provides all the functionality of the traditional syslogd along with some nice enhancements. Among others, it provides powerful filtering capabilities based on message content, and can also be used in a firewalled environment without problems.
Installation is a breeze since most distributions provide binary packages. If you prefer to manually build the program, check the INSTALL file included in the source tarball, which outlines all the necessary steps. Make sure to uninstall syslogd before installing syslog-ng.
The syntax of the configuration file might seem peculiar and complex compared to the traditional syslog.conf syntax, but it offers almost limitless customization options. Make sure to read the syslog-ng.conf man page for information on how to use it.
Since our logging system will gather logs from other hosts, we need to instruct it to listen for network connections. Syslog-ng supports both the TCP and UDP protocols. IANA has assigned the 514/udp port to the syslog service, so we will use that port for maximum compatibility with syslogd and network devices such as routers. If you use syslog-ng on all your hosts, it's better to use the TCP protocol, which is more reliable and firewall-friendly.
Add the following lines to your /etc/syslog-ng/syslog-ng.conf to the appropriate sections indicated by comments (lines starting with #) to enable listening for network connections on a specific IP address, and to archive logs from remote hosts as /var/log/$HOST/$FACILITY (e.g. /var/log/mailserver/mail):
## add this to the options section
create_dirs(yes);
long_hostnames(off);
keep_hostname(yes);
# uncomment the following line only on a LAN with working DNS
#use_dns(yes);
## add this to the source section
source s_udp {
udp ( ip(192.168.1.2) ); # replace with your system's IP address
};
## add this to the destination section
destination df_udp {
file ("/var/log/$HOST/$FACILITY");
};
## add this to the log section
log {
source(s_udp);
destination (df_udp);
};
On the remote hosts add the following lines in /etc/syslog-ng/syslog-ng.conf or /etc/syslog.conf, depending on whether they run syslog-ng or syslogd respectively:
## /etc/syslog-ng/syslog-ng.conf
## add this to the destination section
destination remote_udp { udp("192.168.1.2"); }; # replace with your log server's IP address
## add this to the log section
log { source(src); destination(remote_udp); };
## /etc/syslog.conf
# use tabs instead of space
*.* @192.168.1.2 # replace with your log server's IP address
You can add additional filters to better suit your needs or even log to a database like PostgreSQL. Note that syslog traffic between hosts is unencrypted; if you want to gather logs from remote hosts over the Internet, create SSH tunnels first, for security.
Logcheck
At this point you have configured a full-featured syslog server that gathers and archives logs from multiple servers, but so far you still have to read those logs manually. Now we'll add logcheck to the equation.
Logcheck is an excellent program that parses log files, filters out expected, normal events based on pre-defined regular expressions, then summarizes the remaining entries and emails them to the system administrator's account. Logcheck was previously part of the Sentry tools suite, but since it had been unmaintained for a long time, it was forked by Debian developers, who have done a wonderful job integrating logcheck into the system. Most network daemon packages include logcheck rules out of the box.
To install logcheck on a Debian-based system simply apt-get install the logcheck, logtail, and logcheck-database packages; the last of the three provides lots of ready-made rules for various system events. To install it on other distributions, download the source tarball and read the INSTALL file. Since it is just a shell script it does not need any compilation.
Configuration is simple. First enter which log files you want to be checked by logcheck in /etc/logcheck/logcheck.logfiles. Logcheck supports three levels of filtering: paranoid, server, and workstation. Each level uses a directory named /etc/logcheck/ignore.d.level_name that includes filtering rules files with different verbosity levels. Paranoid produces highly verbose output and should be used only on high-security systems running a minimum number of services. Server should be fine for most systems and is used by default. Workstation filters out most of the messages and thus produces the least verbose output of the three. You can define which filtering level should be used in /etc/logcheck/logcheck.conf, along with other parameters, such as the recipient email address and the subject of the emails.
Logcheck uses standard regular expressions to filter logs. It's not difficult to write custom rules; read the WRITING RULES paragraph of the docs/README.logcheck-database file in the source tarball (or /usr/share/doc/logcheck-database/README.logcheck-database.gz in Debian) for more information. If you're new to regular expressions, this guide might be useful. As an example, check this filter file for Dovecot:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ imap-login: Login: [.[:alnum:]-]+ \[[0-9.]+\]$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ imap-login: Disconnected \[[0-9.]+\]$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ imap\([^[:space:]]+\): File isn't in mbox format: [^[:space:]]+$
Logcheck runs periodically from cron. The default cron job installed by the Debian package (/etc/cron.d/logcheck) runs logcheck every hour or when the system reboots. Unless you want 24 logcheck email messages per day, you should adjust how often it should run by editing the file. I prefer to run it on a daily basis.
EC order gags media on poll eve coverage
THE Election Commission said on Tuesday that the electronic media cannot telecast anything related to elections which can influence voters in areas where polls are to take place, 48 hours preceding voting.
The Election Commissioner said, TV channels were barred from telecasting poll-related programmes like interviews, discussions and poll analyses and surveys that could influence voters 48-hour before polling day.
In a separate order issued under section 126 of the Representation of People's Act that prohibits displaying any election matter on television or any related medium 48 hours before poll, EC has also banned dissemination of results of opinion and exit polls by the media. The gag on electronic media is seen as unsuitable for multi-phase elections as well as innocent of the ways the media functions.
The official said, "the rule applies even to national channels. During this period, national channels are not allowed to telecast such programmes about Andhra Pradesh. Even animation programmes that could influence voters should not be screened."
Mr Rao explained that with the first phase polling scheduled for April 16, TV channels would not even be allowed to air poll-related analyses of seats going to the polls on April 23. Failure to comply would mean imprisonment up to two years or fine or both.
The Election Commissioner said, TV channels were barred from telecasting poll-related programmes like interviews, discussions and poll analyses and surveys that could influence voters 48-hour before polling day.
In a separate order issued under section 126 of the Representation of People's Act that prohibits displaying any election matter on television or any related medium 48 hours before poll, EC has also banned dissemination of results of opinion and exit polls by the media. The gag on electronic media is seen as unsuitable for multi-phase elections as well as innocent of the ways the media functions.
The official said, "the rule applies even to national channels. During this period, national channels are not allowed to telecast such programmes about Andhra Pradesh. Even animation programmes that could influence voters should not be screened."
Mr Rao explained that with the first phase polling scheduled for April 16, TV channels would not even be allowed to air poll-related analyses of seats going to the polls on April 23. Failure to comply would mean imprisonment up to two years or fine or both.
Tuesday, April 14, 2009
SC seeks undertaking from Varun, hearing put off
THE Supreme Court has adjourned the hearing on Varun Gandhi’s bail plea till Thursday, which means the BJP leader will have to spend a few more days in jail.
The apex court said that Varun can be free provided he gives in writing to the court that he will make no provocative speeches during his campaign. Varun's lawyer told the court that he would give the undertaking.
Now, the SC has asked the Uttar Pradesh government if Varun gives an undertaking, will it be acceptable to the UP government.
Varun Gandhi, who has been detained in the Etah jail, has challenged his detention under the National Security Act (NSA) by the Uttar Pradesh government.
The apex court bench headed by Chief Justice KG Balakrishnan will consider the plea for Varun's release to enable him to file his nomination papers as well as to contest elections from Pilibhit. The 29-year old was arrested under section 153 A of the Indian Penal Code for delivering a communal speech during an election rally in March The NSA was slapped on him following violence in Pilbhit during his surrender before the court.
While Varun's lawyers are likely to argue that the CD containing the hate speech is doctored, and therefore inadmissible as material evidence to book him under the NSA, the Uttar Pradesh government is expected to take a stand that Varun’s release would pose a threat to peace and could lead to a serious law and order problem in the state.
In its affidavit, the Mayawati government has described Varun as a "national threat to communal peace and harmony", thereby defending its action of invoking the NSA.
The apex court said that Varun can be free provided he gives in writing to the court that he will make no provocative speeches during his campaign. Varun's lawyer told the court that he would give the undertaking.
Now, the SC has asked the Uttar Pradesh government if Varun gives an undertaking, will it be acceptable to the UP government.
Varun Gandhi, who has been detained in the Etah jail, has challenged his detention under the National Security Act (NSA) by the Uttar Pradesh government.
The apex court bench headed by Chief Justice KG Balakrishnan will consider the plea for Varun's release to enable him to file his nomination papers as well as to contest elections from Pilibhit. The 29-year old was arrested under section 153 A of the Indian Penal Code for delivering a communal speech during an election rally in March The NSA was slapped on him following violence in Pilbhit during his surrender before the court.
While Varun's lawyers are likely to argue that the CD containing the hate speech is doctored, and therefore inadmissible as material evidence to book him under the NSA, the Uttar Pradesh government is expected to take a stand that Varun’s release would pose a threat to peace and could lead to a serious law and order problem in the state.
In its affidavit, the Mayawati government has described Varun as a "national threat to communal peace and harmony", thereby defending its action of invoking the NSA.
Laloo-Mulayam-Paswan claim to be kingmakers
THE strong political formation among foes-turned-friends, Laloo, Mulayam and Ram Vilas Paswan are almost confident that they would be able to have a significant say in the government formation process at the Centre after the elections.
Speaking at its first show as the 'Fourth Front' in Uttar Pradesh, the three leaders addressed a joint rally at Saifai in Etawah district of Uttar Pradesh on Thursday, claiming that the next government at the Centre cannot be formed without them.
The troika, comprising RJD, LJP and SP, was formed in March 2009, and will contest 120 seats in the three states. The leaders repeatedly said that the new coalition is part of the UPA, and will work together to stop communal forces from coming to power.
In the rally, Laloo Prasad Yadav said,"Three brothers have come together, not only to win Lok Sabha elections, but also to fight communalism. We will show our strength in the cow belt."
The three joined hands after the Congress said it would not have a nationwide alliance. After Saifai, they are planning to hold joint rallies in Varanasi, Lucknow and several places in Bihar.
Speaking at its first show as the 'Fourth Front' in Uttar Pradesh, the three leaders addressed a joint rally at Saifai in Etawah district of Uttar Pradesh on Thursday, claiming that the next government at the Centre cannot be formed without them.
The troika, comprising RJD, LJP and SP, was formed in March 2009, and will contest 120 seats in the three states. The leaders repeatedly said that the new coalition is part of the UPA, and will work together to stop communal forces from coming to power.
In the rally, Laloo Prasad Yadav said,"Three brothers have come together, not only to win Lok Sabha elections, but also to fight communalism. We will show our strength in the cow belt."
The three joined hands after the Congress said it would not have a nationwide alliance. After Saifai, they are planning to hold joint rallies in Varanasi, Lucknow and several places in Bihar.
Indian Elections - Varun Gandhi's Hate Speech
[Note to non-Indian visitors and unacquainted Indians: Varun Gandhi, 29, is the nephew of Sonia Gandhi and grandson of Indira Gandhi, former Indian Prime Minister. However, unlike Sonia and Indira who were in the Indian National Congress Party, Varun is in the Hindu nationalist Bharatiya Janta Party (translated into the Indian People’s Party). This is the first time he is running for office. BJP is not new to inciting religious violence against Muslims (to be fair, some Indian Muslim groups are often involved in acts that give the BJP ‘excuses’ to do what they do. However, the BJP and its sister and mother organizations, the Bajrang Dal, Vishva Hindu Parishad and the RSS, are no less and they are collectively ‘guilty’ at times). In India, Hindu and Muslim fundamentalism feed each other. A regressive Islamic philosophy has met a bigoted Hindu Nationalist one. The BJP derives its cadres from those who believe the Congress “appeases” the minorities (read, “Muslims”) at the expense of “Hindu interests”.]
Here are portions of the speech made by Varun Gandhi in Pilibhit amid a crowd that was reeling in anti-Muslim hatred due to certain incidents in recent local history, as appeared in the Indian Express, March 18 ’09:
I would add here that if the people of that region had really seen outrages by the Muslim community, the campaigning leaders should have spoken about bringing law-and-order and justice to the region. To call for the heads of Muslims is nothing short of barbaric.
After a CD was released of this speech by some private entities, presumably political rivals, Varun denied making any of those statements claiming that the speech was doctored and the voice isn’t his. On TV today, he gave an example of the doctoring. He said he never referred to Muslims as “Katuas” (derogatory term for a Muslim referring to their circumcision – equivalent to calling an African American as ‘nigger’) and instead was referring to “vote Katuas” which he claims means those non-serious political candidates who run in elections to “cut votes” of popular candidates. However yesterday, in the Indian Express, he claimed he was referring to “galat tatvas” roughly meaning “anti-social elements”, and not “Katuas”. He claimed that was added later. Two explanations in two days. And to top that, claims that he “never spoke those words”.
He seems guilty on the face of it. The video doesn’t seem doctored. However, I would be wrong to call him that until and unless he is proven guilty in a court of law. Innocent unless proven otherwise. But hunch is that he isn’t innocent.
Here are portions of the speech made by Varun Gandhi in Pilibhit amid a crowd that was reeling in anti-Muslim hatred due to certain incidents in recent local history, as appeared in the Indian Express, March 18 ’09:
I would add here that if the people of that region had really seen outrages by the Muslim community, the campaigning leaders should have spoken about bringing law-and-order and justice to the region. To call for the heads of Muslims is nothing short of barbaric.
After a CD was released of this speech by some private entities, presumably political rivals, Varun denied making any of those statements claiming that the speech was doctored and the voice isn’t his. On TV today, he gave an example of the doctoring. He said he never referred to Muslims as “Katuas” (derogatory term for a Muslim referring to their circumcision – equivalent to calling an African American as ‘nigger’) and instead was referring to “vote Katuas” which he claims means those non-serious political candidates who run in elections to “cut votes” of popular candidates. However yesterday, in the Indian Express, he claimed he was referring to “galat tatvas” roughly meaning “anti-social elements”, and not “Katuas”. He claimed that was added later. Two explanations in two days. And to top that, claims that he “never spoke those words”.
He seems guilty on the face of it. The video doesn’t seem doctored. However, I would be wrong to call him that until and unless he is proven guilty in a court of law. Innocent unless proven otherwise. But hunch is that he isn’t innocent.
India election 2009 : world's biggest democracy
The General elections in India are the elections by which the Indian electorate chooses the diverse members of the Lok Sabha in the Parliament for the subsequently term of five years. The voters also ultimately votes for the Prime Minister as the head chosen by the majority party or the majority alliance becomes the next Prime Minister.
The General elections is the prime election work out in the world. With the dawn of EVMs, the election process has become more protected and swift.
Indian general election, 2009
An election is a administrative process by which a inhabitants chooses an character to hold recognized office. This is the natural device by which present representative democracy fills offices in the legislature, sometimes in the executive and judiciary, and for regional and local government. This course of action is also used in many other privileged and business organizations, from clubs to voluntary associations and corporations.
The worldwide use of elections as a contrivance for selecting legislature in modern democracies is in contrast with the follow in the democratic archetype, ancient Athens. Elections were well thought-out an oligarchic institution and most political offices were onthe top using sortition, also known as allowance, by which officeholders were chosen by lot.
Electoral reform describes the process of introducing pale electoral systems where they are not in position, or humanizing the fairness or usefulness of existing systems. Psephology is the study of results and other statistics relating to elections.
Leader:- Manmohan Singh
Last election:- 145 seats, 26.7%
Leader's seat:- Assam (Rajya Sabha)
Party:- Congress
Leader:- Lal Krishna Advani
Last election:- 138 seats, 22.2%
Leader's seat:- Gandhinagar
Party:- BJP
India will seize general elections to the 15th Lok Sabha in 5 phases on April 16, April 22, April 23, April 30, May 7 and May 13, 2009. The outcome of the election will be announced in single phase on May 16, 2009.
According to the Indian Constitution, elections in India for the Lok Sabha (the national parliament) must be seized at least every five years under conventional circumstances. With the last elections held in 2004, the term of the 14th Lok Sabha expires on June 1, 2009.
The election is conducted by the Election Commission of India, which estimates an electorate of 714 million voters, an increase of 43 million over the 2004 election. During the financial plan presented in February 2009, Rupees 1,120 Crores (Approx. EUR 180 M) was budgeted for election operating expense.
Think Twice before you choose.
The General elections is the prime election work out in the world. With the dawn of EVMs, the election process has become more protected and swift.
Indian general election, 2009
All 543 seats in the Lok Sabha
An election is a administrative process by which a inhabitants chooses an character to hold recognized office. This is the natural device by which present representative democracy fills offices in the legislature, sometimes in the executive and judiciary, and for regional and local government. This course of action is also used in many other privileged and business organizations, from clubs to voluntary associations and corporations.
The worldwide use of elections as a contrivance for selecting legislature in modern democracies is in contrast with the follow in the democratic archetype, ancient Athens. Elections were well thought-out an oligarchic institution and most political offices were onthe top using sortition, also known as allowance, by which officeholders were chosen by lot.
Electoral reform describes the process of introducing pale electoral systems where they are not in position, or humanizing the fairness or usefulness of existing systems. Psephology is the study of results and other statistics relating to elections.
Leader:- Manmohan Singh
Last election:- 145 seats, 26.7%
Leader's seat:- Assam (Rajya Sabha)
Party:- Congress
Leader:- Lal Krishna Advani
Last election:- 138 seats, 22.2%
Leader's seat:- Gandhinagar
Party:- BJP
India will seize general elections to the 15th Lok Sabha in 5 phases on April 16, April 22, April 23, April 30, May 7 and May 13, 2009. The outcome of the election will be announced in single phase on May 16, 2009.
According to the Indian Constitution, elections in India for the Lok Sabha (the national parliament) must be seized at least every five years under conventional circumstances. With the last elections held in 2004, the term of the 14th Lok Sabha expires on June 1, 2009.
The election is conducted by the Election Commission of India, which estimates an electorate of 714 million voters, an increase of 43 million over the 2004 election. During the financial plan presented in February 2009, Rupees 1,120 Crores (Approx. EUR 180 M) was budgeted for election operating expense.
Think Twice before you choose.
India Election '09
Election campaigning is in full swing in India and amidst all the frenzy, the Pilbhit constituency in Uttar Pradesh, has come under the scanner after one of its young BJP candidates, Varun Gandhi courted controversy over his allegedly communal and inflammatory campaign speeches during election rallies in his constituency on March 6th and 8th, 2009.
Over the next few weeks, video footage of Varun Gandhi's speeches were repeatedly splashed across TV channels. When questioned by the media and the Election Commission. Varun stated that the audio in the footage had been doctored and it was a ploy against him. Unmoved by his denial, the Election Commission sent him a show cause notice for violating the Model Code of Conduct, and later, on 22 March 2009, found him guilty of making ‘hate speeches'.
A spate of criminal cases lodged against him, on 29th March, Varun Gandhi surrendered before a local court in Pilbhit. He was arrested and jailed. The State Government has now booked him under the National Security Act (NSA) on “charges of inciting communal passion by making provocative and inflammatory speeches during [election campaign] meetings”.
As of today, Varun Gandhi continues to be in the eye of the storm as various political parties and their leaders try to gain maximum mileage out of the incident. The Rashtriya Janata Dal supremo Lalu Prasad Yadav has gone as far as to court controversy himself after making a speech berating Varun. The BJP on the other hand, has renewed it's stance of backing it's protege Varun Gandhi with both political and legal aid.
The blogosphere too has been abuzz with opinions on the Varun Gandhi controversy.
Youth ki Awaaz writes:
If young leaders like Varun give such defamatory remarks, what can we expect from the others? The fact that India is a country with communal diversity makes it mandatory for each and every citizen to have a feeling of brotherhood.
Blogger ak too is apprehensive about young candidates like Varun Gandhi, who could also be tomorrow's leaders spewing such rhetoric. He says:
To hear someone so young like Varun Gandhi give out that hate speech against the muslims in such mean tones was just shameful. Are these the young leaders that is going to takle(sic) India forward??
Another blogger Vijay Vikram discusses what he feels was the motivation behind Varun's rhetoric.
It is a sad fact of Indian - for that matter all democratic polity - that aspiring statesmen have to appeal to the lowest common denominator for electoral gains. That is precisely what Varun Gandhi was doing. Varun Gandhi's remarks were borne out of political necessity, nothing else.
On the other hand, some bloggers have come out in support of Varun Gandhi, seeing him as a scapegoat in the drama of India's minority-vote politics. Sreekrishnan Venkatesan writes:
i did not find anything wrong in Varun Gandhi's speech. He warned any other religious fanatics killing Hindus, which to me looked very much normal. In fact this isn't as bad like congress which goes all out to playing the communal card, with non hindu religions. Hypocrisy in all its strength. Supporting a minority religious community is “Secular” while supporting Hindus is “communal”.
In this entire controversy, the role of the MSM has also come under scrutiny. Shahid Siddiqui of Media-Mania wonders why the TV channels devoted as much as over 22.57 hrs of prime time playing back the video footage. He asks:
If the media really believed that Varun Gandhi’s speech would cause unrest among a section of the people, did the repeat telecasts of the speech make any sense?…All the TV channels have overplayed the issue. It was not even authenticated if the CD was original. As per the ethics of journalism, it should not have been played as it has been done, especially during the elections….The role of media is certainly open to question. While reporting that it was a “hate speech” “blatantly communal” etc, did the media behave responsibly by telecasting the tape umpteen times a day for the last few days?
Bloggers are also discussing whether Varun Gandhi should have been booked under the NSA. Many of them seem to echo the words of the Chief Minister of Jammu & Kashmir, Omar Abdullah, who stated that “The hate speech of BJP's Lok Sabha candidate Varun Gandhi did not threaten national security and a law other than the National Security Act could have been invoked to deal with it”. In this context,Vinay writes:
… punishing him under NSA is unwarranted. Even though his speech had the potential to disturb public order, the warning by election Commission and subsequent FIRs under Representation of People Act were sufficient.
The CD containing his speech came into light some 15 days later after he gave it. It means his speech did not lead to any violence immediately, which is actually case in most of the instances.
Listening to his speech one can say that it was more of rhetoric in spite of being venomous.
Nonetheless he deserves punishment, but not under NSA.
He has been arrested under the preventive detention clause of NSA, which is clearly doctored to prevent him from contesting elections.
Varun's lawyers have challenged his detention in the Supreme Court. The case will come up for hearing on April 13th.
Script to Install CentOS 5 on Amazon
#!/bin/bash -e
# Copyright (c) 2007 RightScale Inc.
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
#
# The above copyright notice and this permission notice shall be
# included in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
# Uncomment and edit these for production use
# the full pathname is required for the certificates and
# private keys. Examples are below.
#
#export EC2_CERT=/home/ec2/etc/cert.pem
#export EC2_HOME=/home/ec2
#export EC2_PRIVATE_KEY=/home/ec2/etc/pk.pem
#export AWS_ACCOUNT_NUMBER=
#export AWS_ACCESS_KEY_ID=
#export AWS_SECRET_ACCESS_KEY=
#export AWS_BUCKET=
#export IMAGE_NAME=
echo "Hello $USER, Lets get started installing CentOS 5"
echo "........................................"
showOpts () {
echo "Please Select an Option or 8 to quit"
echo "0) Set EC2 Variables"
echo "1) Create and Mount Image"
echo "2) Installing Yum and CentOS 5 Base"
echo "3) Install Additional Packages"
echo "4) Install RightScale Customizations"
echo "5) Clean Up FileSystem and Bundle Image"
echo "6) Upload Image"
echo "7) Clean Up"
echo "8) Quit"
}
showEC2Opts () {
echo "Please Select an Option or 4 to quit"
echo "1) Set EC2 Variables"
echo "2) Show EC2 Variables"
echo "3) Set AWS Bucket & Image Name"
echo "4) Back"
}
while [ 1 ]
do
showOpts
read CHOICE
case "$CHOICE" in
"0")
while [ 1 ]
do
showEC2Opts
read EC2CHOICE
case "$EC2CHOICE" in
"1")
echo "Warning !!!"
echo "The full pathname is required for the Certificate"
echo "and Private Keys to work properly"
echo " "
echo "Please Enter Your Certificate Path"
read EC2_CERT_PATH
export EC2_CERT=$EC2_CERT_PATH
echo "Please Enter You Private Key Path"
read EC2_PRIVATE_KEY_PATH
export EC2_PRIVATE_KEY=$EC2_PRIVATE_KEY_PATH
echo "Please Enter Your AWS Account Number"
read AWS_ACCOUNT_NUMBER_TEMP
export AWS_ACCOUNT_NUMBER=$AWS_ACCOUNT_NUMBER_TEMP
echo "Please Enter Your AWS Access Key"
read AWS_ACCESS_KEY_ID_TEMP
export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID_TEMP
echo "Please Enter Your AWS Secret Access Key"
read AWS_SECRET_ACCESS_KEY_TEMP
export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY_TEMP
echo "Done"
;;
"2")
echo "------------Parameters-----------------------"
echo "EC2 Certificate Path:" $EC2_CERT
echo "EC2 Private Key Path:" $EC2_PRIVATE_KEY
echo "AWS Account Number:" $AWS_ACCOUNT_NUMBER
echo "AWS Access Key:" $AWS_ACCESS_KEY_ID
echo "AWS Secret Access Key:" $AWS_SECRET_ACCESS_KEY
echo "AWS Bucket:" $AWS_BUCKET
echo "Image Name:" $IMAGE_NAME
echo "------------End Parameters-------------------"
echo ""
;;
"3")
echo "Please enter in the AWS Bucket"
read AWS_BUCKET_TEMP
export AWS_BUCKET=$AWS_BUCKET_TEMP
echo "Please Enter Your Image Name ex: myfc6.img"
read IMAGE_NAME_TEMP
export IMAGE_NAME=$IMAGE_NAME_TEMP
showEC2Opts
;;
"4")
break
;;
esac
done
;;
"1")
echo "Creating 10GB Image"
mkdir /mnt/image
dd if=/dev/zero of=/mnt/image/$IMAGE_NAME bs=1M count=10240
echo "Creating File System"
mke2fs -F -j /mnt/image/$IMAGE_NAME
mkdir /mnt/ec2-fs
echo "Mounting File System in /mnt/ec2-fs"
mount -o loop /mnt/image/$IMAGE_NAME /mnt/ec2-fs
mkdir /mnt/ec2-fs/dev
/sbin/MAKEDEV -d /mnt/ec2-fs/dev -x console
/sbin/MAKEDEV -d /mnt/ec2-fs/dev -x null
/sbin/MAKEDEV -d /mnt/ec2-fs/dev -x zero
mkdir /mnt/ec2-fs/proc
mount -t proc none /mnt/ec2-fs/proc
mkdir /mnt/ec2-fs/etc
cat < /mnt/ec2-fs/etc/fstab
/dev/sda1 / ext3 defaults 1 1
/dev/sda2 /mnt ext3 defaults 1 2
/dev/sda3 swap swap defaults 0 0
none /dev/pts devpts gid=5,mode=620 0 0
none /dev/shm tmpfs defaults 0 0
none /proc proc defaults 0 0
none /sys sysfs defaults 0 0
EOL
echo "Finished Step 1"
;;
"2")
echo "Installing Yum 3.0"
wget http://linux.duke.edu/projects/yum/download/3.0/yum-3.0.5.tar.gz
tar -xvzf yum-3.0.5.tar.gz
cd yum-3.0.5
make DESTDIR=/ install
echo "Creating Yum Confuration"
mkdir -p /mnt/ec2-fs/sys/block
mkdir -p /mnt/ec2-fs/var/
mkdir -p /mnt/ec2-fs/var/log/
touch /mnt/ec2-fs/var/log/yum.log
cat < /mnt/image/yum.conf
[main]
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
exclude=*-debuginfo
gpgcheck=0
obsoletes=1
pkgpolicy=newest
distroverpkg=redhat-release
tolerant=1
exactarch=1
reposdir=/dev/null
metadata_expire=1800
[base]
name=CentOS 5 - $basearch - Base
baseurl=http://mirrors.kernel.org/centos/5.0/os/x86_64/
http://mirror.rightscale.com/centos/5/os/x86_64/
enabled=1
[updates-released]
name=CentOS 5 - $basearch - Released Updates
baseurl=http://mirrors.kernel.org/centos/5.0/updates/x86_64/
http://mirror.rightscale.com/centos/5/updates/x86_64/
enabled=1
[extras]
name=CentOS 5 Extras $releasever - $basearch
baseurl=http://mirror.centos.org/centos/5/extras/x86_64/
enabled=1
[epel]
name=Extra Packages for Enterprise Linux 5 - $basearch
baseurl=http://download.fedora.redhat.com/pub/epel/5/x86_64
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=x86_64
failovermethod=priority
enabled=1
EOL
echo "Running Yum"
yum -c /mnt/image/yum.conf --installroot=/mnt/ec2-fs -y groupinstall Base
echo "Finished Step 2"
;;
"3")
echo "Starting Secondary Install"
yum -c /mnt/image/yum.conf --installroot=/mnt/ec2-fs -y install wget mlocate nano logrotate ruby* postfix openssl openssh openssh-askpass openssh-clients openssh-server curl gcc* zip unzip bison flex compat-libstdc++-296 cvs subversion autoconf automake libtool compat-gcc-34-g77 mutt sysstat rpm-build fping rrdtool rrdtool-devel rrdtool-doc rrdtool-perl rrdtool-python rrdtool-tcl vim-common vim-enhanced
yum -c /mnt/image/yum.conf --installroot=/mnt/ec2-fs -y clean packages
cat < /mnt/ec2-fs/etc/sysconfig/network
NETWORKING=yes
HOSTNAME=localhost.localdomain
EOL
cat < /mnt/ec2-fs/etc/sysconfig/network-scripts/ifcfg-eth0
ONBOOT=yes
DEVICE=eth0
BOOTPROTO=dhcp
EOL
cat <> /mnt/ec2-fs/etc/rc.local
touch /var/lock/subsys/local
# Update the EC2 AMI creation tools
echo " + Updating ec2-ami-tools"
curl -o /tmp/ec2-ami-tools.noarch.rpm http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.noarch.rpm && \
rpm -Uvh /tmp/ec2-ami-tools.noarch.rpm && \
echo " + Updated ec2-ami-tools"
if [ ! -d /root/.ssh ] ; then
mkdir -p /root/.ssh
chmod 700 /root/.ssh
fi
# Fetch public key using HTTP
curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/my-key
if [ $? -eq 0 ] ; then
cat /tmp/my-key >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
rm /tmp/my-key
fi
EOL
cat <> /mnt/ec2-fs/etc/ssh/sshd_config
UseDNS no
PermitRootLogin without-password
EOL
echo "Finished Step 3"
;;
"4")
echo "Adding RightScale"
mkdir -p /tmp/updates
mkdir -p /mnt/ec2-fs/opt/rightscale/
mkdir -p /mnt/ec2-fs/opt/rightscale/bin
mkdir -p /mnt/ec2-fs/opt/rightscale/etc
mkdir -p /mnt/ec2-fs/opt/rightscale/etc/init.d
mkdir -p /mnt/ec2-fs/opt/rightscale/lib
mkdir -p /mnt/ec2-fs/var/spool/ec2/
mkdir -p /mnt/ec2-fs/var/spool/ec2/meta-data
curl -o /tmp/updates/ec2-ami-tools.noarch.rpm http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.noarch.rpm
rpm -Uvh /tmp/updates/ec2-ami-tools.noarch.rpm --force --nodeps
#fetch needed packages
echo "Fetch Needed Packages"
curl -o /tmp/updates/linux-2.6.16.33-ec2.tgz http://s3.amazonaws.com/ec2-downloads/linux-2.6.16.33-ec2.tgz
curl -o /tmp/updates/kernel-modules.2.6.16-xenU.tgz http://s3.amazonaws.com/rightscale_software/kernel-modules-2.6.16.33-xenU.tgz
tar -xvzf /tmp/updates/kernel-modules.2.6.16-xenU.tgz -C /mnt/ec2-fs/lib/modules/
#chroot Section
echo "Chroot Time"
mkdir -p /mnt/ec2-fs/tmp/updates
touch /mnt/ec2-fs/etc/mtab
cp -R /tmp/updates/ /mnt/ec2-fs/tmp/
#get rrd-tool
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-1.2.23-5.i386.rpm
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-devel-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-devel-1.2.23-5.i386.rpm
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-doc-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-doc-1.2.23-5.i386.rpm
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-perl-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-perl-1.2.23-5.i386.rpm
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-php-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-php-1.2.23-5.i386.rpm
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-python-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-python-1.2.23-5.i386.rpm
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-ruby-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-ruby-1.2.23-5.i386.rpm
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-tcl-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-tcl-1.2.23-5.i386.rpm
#get EPEL
curl -o /mnt/ec2-fs/tmp/updates/epel-release-5-2.noarch.rpm http://s3.amazonaws.com/rightscale_scripts/epel-release-5-2.noarch.rpm
cat < <'EOL' > /mnt/ec2-fs/tmp/updates/install-script
echo "starting install"
echo "127.0.0.1 localhost localhost.localdomain" > /etc/hosts
authconfig --enableshadow --useshadow --enablemd5 --updateall
mv /lib/tls /lib/tls.disabled
echo "Disabling TTYs"
perl -p -i -e 's/(.*tty2)/#\1/' /etc/inittab
perl -p -i -e 's/(.*tty3)/#\1/' /etc/inittab
perl -p -i -e 's/(.*tty4)/#\1/' /etc/inittab
perl -p -i -e 's/(.*tty5)/#\1/' /etc/inittab
perl -p -i -e 's/(.*tty6)/#\1/' /etc/inittab
perl -p -i -e 's/PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
perl -p -i -e 's/#ClientAliveInterval 0/ClientAliveInterval 60/' /etc/ssh/sshd_config
perl -p -i -e 's/#ClientAliveCountMax 3/ClientAliveCountMax 240/' /etc/ssh/sshd_config
service network start
echo "Fetching RightScale"
cat < <'SSH' >/etc/init.d/getsshkey
#!/bin/bash
# chkconfig: 4 11 11
# description: This script fetches the ssh key early. \
#
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
[ -r /etc/sysconfig/network ] && . /etc/sysconfig/network
# Check that networking is up.
[ "${NETWORKING}" = "no" ] && exit 1
start() {
if [ ! -d /root/.ssh ] ; then
mkdir -p /root/.ssh
chmod 700 /root/.ssh
fi
# Fetch public key using HTTP
curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/my-key
if [ $? -eq 0 ] ; then
cat /tmp/my-key >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
rm /tmp/my-key
fi
# or fetch public key using the file in the ephemeral store:
if [ -e /mnt/openssh_id.pub ] ; then
cat /mnt/openssh_id.pub >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
fi
}
stop() {
echo "Nothing to do here"
}
restart() {
stop
start
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|stop}"
exit 1
esac
exit $?
SSH
chmod +x /etc/init.d/getsshkey
rpm -Uvh http://s3.amazonaws.com/rightscale_scripts/syslog-ng-1.6.12-1.x86_64.rpm
curl -o /opt/rightscale_scripts.tgz http://s3.amazonaws.com/rightscale_scripts/rightscale_scripts.tgz
tar -xvzf /opt/rightscale_scripts.tgz -C /opt/
ln /opt/rightscale/etc/init.d/rightscale /etc/init.d/rightscale
chmod +x /opt/rightscale/etc/init.d/rightscale
chmod +x /etc/init.d/rightscale
echo "Modifying Services"
chkconfig --add rightscale
chkconfig --add postfix
chkconfig --add getsshkey
chkconfig --level 4 getsshkey on
chkconfig --level 4 rightscale on
chkconfig --level 4 postfix on
chkconfig --level 4 psacct on
chkconfig --level 4 syslog-ng on
chkconfig --level 4 smartd off
chkconfig --level 4 anacron off
chkconfig --level 4 avahi-daemon off
chkconfig --level 4 avahi-dnsconfd off
chkconfig --level 4 apmd off
chkconfig --level 4 acpid off
chkconfig --level 4 auditd off
chkconfig --level 4 irqbalance off
chkconfig --level 4 mdmpd off
chkconfig --level 4 portmap off
chkconfig --level 4 nfslock off
chkconfig --level 4 syslog off
chkconfig --level 4 sendmail off
chkconfig --level 4 cpuspeed off
chkconfig --level 4 cups off
chkconfig --level 4 autofs off
chkconfig --level 4 bluetooth off
chkconfig --level 4 rpcidmapd off
chkconfig --level 4 rpcsvcgssd off
chkconfig --level 4 rpcgssd off
chkconfig --level 4 pcscd off
chkconfig --level 4 gpm off
chkconfig --level 4 hidd off
chkconfig --level 4 xfs off
chkconfig --level 4 yum-updatesd off
chkconfig --del avahi-daemon
chkconfig --del acpid
chkconfig --del auditd
chkconfig --del irqbalance
chkconfig --del mdmpd
chkconfig --del avahi-dnsconfd
chkconfig --del NetworkManager
chkconfig --del NetworkManagerDispatcher
chkconfig --del dhcdbd
chkconfig --del dund
chkconfig --del firstboot
chkconfig --del irda
chkconfig --del apmd
chkconfig --del smartd
chkconfig --del kudzu
chkconfig --del hidd
chkconfig --del gpm
chkconfig --del pcscd
chkconfig --del bluetooth
chkconfig --del cpuspeed
chkconfig --del cups
chkconfig --del rdisc
chkconfig --del sendmail
chkconfig --del readahead_later
chkconfig --del syslog
chkconfig --del wpa_supplicant
chkconfig --del pand
chkconfig --del netplugd
echo "Fetching Java"
curl -o /tmp/updates/jdk-6u2-linux-amd64.rpm http://s3.amazonaws.com/rightscale_software/jdk-6u2-linux-amd64.rpm
curl -o /tmp/updates/sun-javadb-client-10.2.2-0.1.i386.rpm http://s3.amazonaws.com/rightscale_software/sun-javadb-client-10.2.2-0.1.i386.rpm
curl -o /tmp/updates/sun-javadb-common-10.2.2-0.1.i386.rpm http://s3.amazonaws.com/rightscale_software/sun-javadb-common-10.2.2-0.1.i386.rpm
curl -o /tmp/updates/sun-javadb-core-10.2.2-0.1.i386.rpm http://s3.amazonaws.com/rightscale_software/sun-javadb-core-10.2.2-0.1.i386.rpm
curl -o /tmp/updates/sun-javadb-demo-10.2.2-0.1.i386.rpm http://s3.amazonaws.com/rightscale_software/sun-javadb-demo-10.2.2-0.1.i386.rpm
curl -o /tmp/updates/sun-javadb-docs-10.2.2-0.1.i386.rpm http://s3.amazonaws.com/rightscale_software/sun-javadb-docs-10.2.2-0.1.i386.rpm
curl -o /tmp/updates/sun-javadb-javadoc-10.2.2-0.1.i386.rpm http://s3.amazonaws.com/rightscale_software/sun-javadb-javadoc-10.2.2-0.1.i386.rpm
echo "Installing Software"
cd /tmp/updates
curl -o /tmp/updates/bwm-ng-0.5-1.x86_64.rpm http://s3.amazonaws.com/rightscale_software/bwm-ng-0.5-1.x86_64.rpm
rpm -Uvh /tmp/updates/*.rpm --nodeps --force
tar -xvzf linux-2.6.16.33-ec2.tgz
mv linux-2.6.16.33-xenU/ /usr/src/
ln -sf /usr/src/linux-2.6.16.33-xenU/include/acpi /usr/include/acpi
ln -sf /usr/src/linux-2.6.16.33-xenU/include/asm /usr/include/asm
ln -sf /usr/src/linux-2.6.16.33-xenU/include/asm /usr/include/asm-generic
ln -sf /usr/src/linux-2.6.16.33-xenU/include/config /usr/include/config
ln -sf /usr/src/linux-2.6.16.33-xenU/include/keys /usr/include/keys
ln -sf /usr/src/linux-2.6.16.33-xenU/include/linux /usr/include/linux
ln -sf /usr/src/linux-2.6.16.33-xenU/include/math-emu /usr/include/math-emu
ln -sf /usr/src/linux-2.6.16.33-xenU/include/media /usr/include/media
ln -sf /usr/src/linux-2.6.16.33-xenU/include/mtd /usr/include/mtd
ln -sf /usr/src/linux-2.6.16.33-xenU/include/pcmcia /usr/include/pcmcia
ln -sf /usr/src/linux-2.6.16.33-xenU/include/rdma /usr/include/rdma
ln -sf /usr/src/linux-2.6.16.33-xenU/include/rxrpc /usr/include/rxrpc
ln -sf /usr/src/linux-2.6.16.33-xenU/include/sound /usr/include/sound
ln -sf /usr/src/linux-2.6.16.33-xenU/include/video /usr/include/video
ln -sf /usr/src/linux-2.6.16.33-xenU/include/xen /usr/include/xen
echo "Configuring Java Home"
echo "export JAVA_HOME=/usr/java/default" >> /etc/profile.d/java.sh
chmod +x /etc/profile.d/java.sh
echo "Add EC2 Tools"
mkdir /home/ec2
mkdir /home/ec2/etc
curl -o /tmp/ec2-api-tools.zip http://s3.amazonaws.com/rightscale_software/ec2-api-tools.zip
unzip /tmp/ec2-api-tools.zip -d /tmp/
mv /tmp/ec2-api-tools-1.2-13740/* /home/ec2/
ln -sf /usr/lib/site_ruby/aes/ /usr/lib/ruby/site_ruby/1.8/aes
rm -fr /tmp/ec2*
chmod -R o-w /home/ec2
echo "More EC2 Mods"
cat < <'PROMPT'> /etc/profile.d/prompt.sh
PS1="[\u@\h:\w] "
PROMPT
chmod +x /etc/profile.d/prompt.sh
cat < <'EC2'> /etc/profile.d/ec2.sh
export EC2_HOME=/home/ec2
export EC2_CERT=
export EC2_PRIVATE_KEY=
export AWS_ACCOUNT_NUMBER=
export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=
export PATH=$PATH:/home/ec2/bin/
EC2
chmod +x /etc/profile.d/ec2.sh
ln -f /opt/rightscale/etc/motd /etc/motd
echo "RubyGems"
wget http://rubyforge.org/frs/download.php/20989/rubygems-0.9.4.tgz
tar -xvzf rubygems-0.9.4.tgz
cd rubygems-0.9.4
ruby setup.rb
gem update
gem source -a http://mirror.rightscale.com
#cat < <'GEM'> /root/.gemrc
#gem: --source http://mirror.rightscale.com
#GEM
mkdir -p /tmp/updates
curl -o /tmp/updates/s3sync.gem http://s3.amazonaws.com/rightscale_software/s3sync-1.1.4.gem
gem install /tmp/updates/s3sync.gem
gem install xml-simple net-ssh net-sftp -y
updatedb
cat < /etc/cron.daily/do_amitools_update.sh
#!/bin/bash
#
# do_amitools_update.sh: updates ami-tools to the latest version..
#
## Include Files:
. /var/spool/ec2/meta-data.sh
. /var/spool/ec2/user-data.sh
# Update the EC2 AMI creation tools
echo " + Updating ec2-ami-tools"
curl -o /tmp/ec2-ami-tools.noarch.rpm http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.noarch.rpm && \
rpm -Uvh /tmp/ec2-ami-tools.noarch.rpm && \
echo " + Updated ec2-ami-tools"
## Cleanup FileSystem
rm -f /tmp/ec2-ami-tools.noarch.rpm
rm -f /tmp/ec2-ami-tools.noarch.rpm.*
AMI
chmod +x /etc/cron.daily/do_amitools_update.sh
cat < <'YUM'> /etc/yum.repos.d/CentOS-Base.repo
# CentOS-Base.repo
#
# This file uses a new mirrorlist system developed by Lance Davis for CentOS.
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#
[base]
name=CentOS-$releasever - Base
baseurl=http://mirror.rightscale.com/centos/$releasever/os/$basearch/
http://mirrors.kernel.org/centos/$releasever/os/$basearch/
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
failovermethod=priority
gpgcheck=1
enabled=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
[updates]
name=CentOS-$releasever - Updates
baseurl=http://mirror.rightscale.com/centos/$releasever/updates/$basearch/
http://mirrors.kernel.org/centos/$releasever/updates/$basearch/
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#packages used/produced in the build but not released
[addons]
name=CentOS-$releasever - Addons
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=addons
#baseurl=http://mirror.centos.org/centos/$releasever/addons/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
#baseurl=http://mirror.centos.org/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
YUM
cat < <'EOF'> /root/.bashrc
# .bashrc
# User specific aliases and functions
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
EOF
cat < <'EOF'> /root/.bash_profile
# .bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
# User specific environment and startup programs
PATH=$PATH:$HOME/bin
export PATH
unset USERNAME
EOF
cat < <'EOF'> /root/.bash_logout
# ~/.bash_logout
clear
EOF
touch /root/.bash_logout
exit
EOL
chmod +x /mnt/ec2-fs/tmp/updates/install-script
chroot /mnt/ec2-fs/ /tmp/updates/install-script
echo "all Done"
echo "Cleaning up Image"
rm -fr /mnt/ec2-fs/tmp/updates
echo "Finished Step 4"
;;
"5")
echo "Prepping for upload"
sync
#umount -dlf /mnt/ec2-fs/proc
#umount -dlf /mnt/ec2-fs
echo "Bundling Image"
#ec2-bundle-image -i /mnt/image/$IMAGE_NAME -k $EC2_PRIVATE_KEY -c $EC2_CERT -u $AWS_ACCOUNT_NUMBER
mkdir -p /mnt/tmp
ec2-bundle-vol -v /mnt/ec2-fs -d /mnt/tmp -p $IMAGE_NAME -k $EC2_PRIVATE_KEY -c $EC2_CERT -u $AWS_ACCOUNT_NUMBER
echo "Finished Step 5"
;;
"6")
echo "Uploading"
ec2-upload-bundle -b $AWS_BUCKET -m /mnt/tmp/$IMAGE_NAME.manifest.xml -a $AWS_ACCESS_KEY_ID -s $AWS_SECRET_ACCESS_KEY
echo "Finished Step 6"
;;
"7")
echo "Cleanup"
umount /mnt/ec2-fs/proc
umount /mnt/ec2-fs
rm -fr /mnt/image/
rm -fr /mnt/ec2-fs
echo "File System Cleaned"
echo "Finished Step 7"
;;
"8")
exit
;;
esac
done
# Copyright (c) 2007 RightScale Inc.
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
#
# The above copyright notice and this permission notice shall be
# included in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
# Uncomment and edit these for production use
# the full pathname is required for the certificates and
# private keys. Examples are below.
#
#export EC2_CERT=/home/ec2/etc/cert.pem
#export EC2_HOME=/home/ec2
#export EC2_PRIVATE_KEY=/home/ec2/etc/pk.pem
#export AWS_ACCOUNT_NUMBER=
#export AWS_ACCESS_KEY_ID=
#export AWS_SECRET_ACCESS_KEY=
#export AWS_BUCKET=
#export IMAGE_NAME=
echo "Hello $USER, Lets get started installing CentOS 5"
echo "........................................"
showOpts () {
echo "Please Select an Option or 8 to quit"
echo "0) Set EC2 Variables"
echo "1) Create and Mount Image"
echo "2) Installing Yum and CentOS 5 Base"
echo "3) Install Additional Packages"
echo "4) Install RightScale Customizations"
echo "5) Clean Up FileSystem and Bundle Image"
echo "6) Upload Image"
echo "7) Clean Up"
echo "8) Quit"
}
showEC2Opts () {
echo "Please Select an Option or 4 to quit"
echo "1) Set EC2 Variables"
echo "2) Show EC2 Variables"
echo "3) Set AWS Bucket & Image Name"
echo "4) Back"
}
while [ 1 ]
do
showOpts
read CHOICE
case "$CHOICE" in
"0")
while [ 1 ]
do
showEC2Opts
read EC2CHOICE
case "$EC2CHOICE" in
"1")
echo "Warning !!!"
echo "The full pathname is required for the Certificate"
echo "and Private Keys to work properly"
echo " "
echo "Please Enter Your Certificate Path"
read EC2_CERT_PATH
export EC2_CERT=$EC2_CERT_PATH
echo "Please Enter You Private Key Path"
read EC2_PRIVATE_KEY_PATH
export EC2_PRIVATE_KEY=$EC2_PRIVATE_KEY_PATH
echo "Please Enter Your AWS Account Number"
read AWS_ACCOUNT_NUMBER_TEMP
export AWS_ACCOUNT_NUMBER=$AWS_ACCOUNT_NUMBER_TEMP
echo "Please Enter Your AWS Access Key"
read AWS_ACCESS_KEY_ID_TEMP
export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID_TEMP
echo "Please Enter Your AWS Secret Access Key"
read AWS_SECRET_ACCESS_KEY_TEMP
export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY_TEMP
echo "Done"
;;
"2")
echo "------------Parameters-----------------------"
echo "EC2 Certificate Path:" $EC2_CERT
echo "EC2 Private Key Path:" $EC2_PRIVATE_KEY
echo "AWS Account Number:" $AWS_ACCOUNT_NUMBER
echo "AWS Access Key:" $AWS_ACCESS_KEY_ID
echo "AWS Secret Access Key:" $AWS_SECRET_ACCESS_KEY
echo "AWS Bucket:" $AWS_BUCKET
echo "Image Name:" $IMAGE_NAME
echo "------------End Parameters-------------------"
echo ""
;;
"3")
echo "Please enter in the AWS Bucket"
read AWS_BUCKET_TEMP
export AWS_BUCKET=$AWS_BUCKET_TEMP
echo "Please Enter Your Image Name ex: myfc6.img"
read IMAGE_NAME_TEMP
export IMAGE_NAME=$IMAGE_NAME_TEMP
showEC2Opts
;;
"4")
break
;;
esac
done
;;
"1")
echo "Creating 10GB Image"
mkdir /mnt/image
dd if=/dev/zero of=/mnt/image/$IMAGE_NAME bs=1M count=10240
echo "Creating File System"
mke2fs -F -j /mnt/image/$IMAGE_NAME
mkdir /mnt/ec2-fs
echo "Mounting File System in /mnt/ec2-fs"
mount -o loop /mnt/image/$IMAGE_NAME /mnt/ec2-fs
mkdir /mnt/ec2-fs/dev
/sbin/MAKEDEV -d /mnt/ec2-fs/dev -x console
/sbin/MAKEDEV -d /mnt/ec2-fs/dev -x null
/sbin/MAKEDEV -d /mnt/ec2-fs/dev -x zero
mkdir /mnt/ec2-fs/proc
mount -t proc none /mnt/ec2-fs/proc
mkdir /mnt/ec2-fs/etc
cat <
/dev/sda1 / ext3 defaults 1 1
/dev/sda2 /mnt ext3 defaults 1 2
/dev/sda3 swap swap defaults 0 0
none /dev/pts devpts gid=5,mode=620 0 0
none /dev/shm tmpfs defaults 0 0
none /proc proc defaults 0 0
none /sys sysfs defaults 0 0
EOL
echo "Finished Step 1"
;;
"2")
echo "Installing Yum 3.0"
wget http://linux.duke.edu/projects/yum/download/3.0/yum-3.0.5.tar.gz
tar -xvzf yum-3.0.5.tar.gz
cd yum-3.0.5
make DESTDIR=/ install
echo "Creating Yum Confuration"
mkdir -p /mnt/ec2-fs/sys/block
mkdir -p /mnt/ec2-fs/var/
mkdir -p /mnt/ec2-fs/var/log/
touch /mnt/ec2-fs/var/log/yum.log
cat <
[main]
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
exclude=*-debuginfo
gpgcheck=0
obsoletes=1
pkgpolicy=newest
distroverpkg=redhat-release
tolerant=1
exactarch=1
reposdir=/dev/null
metadata_expire=1800
[base]
name=CentOS 5 - $basearch - Base
baseurl=http://mirrors.kernel.org/centos/5.0/os/x86_64/
http://mirror.rightscale.com/centos/5/os/x86_64/
enabled=1
[updates-released]
name=CentOS 5 - $basearch - Released Updates
baseurl=http://mirrors.kernel.org/centos/5.0/updates/x86_64/
http://mirror.rightscale.com/centos/5/updates/x86_64/
enabled=1
[extras]
name=CentOS 5 Extras $releasever - $basearch
baseurl=http://mirror.centos.org/centos/5/extras/x86_64/
enabled=1
[epel]
name=Extra Packages for Enterprise Linux 5 - $basearch
baseurl=http://download.fedora.redhat.com/pub/epel/5/x86_64
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=x86_64
failovermethod=priority
enabled=1
EOL
echo "Running Yum"
yum -c /mnt/image/yum.conf --installroot=/mnt/ec2-fs -y groupinstall Base
echo "Finished Step 2"
;;
"3")
echo "Starting Secondary Install"
yum -c /mnt/image/yum.conf --installroot=/mnt/ec2-fs -y install wget mlocate nano logrotate ruby* postfix openssl openssh openssh-askpass openssh-clients openssh-server curl gcc* zip unzip bison flex compat-libstdc++-296 cvs subversion autoconf automake libtool compat-gcc-34-g77 mutt sysstat rpm-build fping rrdtool rrdtool-devel rrdtool-doc rrdtool-perl rrdtool-python rrdtool-tcl vim-common vim-enhanced
yum -c /mnt/image/yum.conf --installroot=/mnt/ec2-fs -y clean packages
cat <
NETWORKING=yes
HOSTNAME=localhost.localdomain
EOL
cat <
ONBOOT=yes
DEVICE=eth0
BOOTPROTO=dhcp
EOL
cat <
touch /var/lock/subsys/local
# Update the EC2 AMI creation tools
echo " + Updating ec2-ami-tools"
curl -o /tmp/ec2-ami-tools.noarch.rpm http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.noarch.rpm && \
rpm -Uvh /tmp/ec2-ami-tools.noarch.rpm && \
echo " + Updated ec2-ami-tools"
if [ ! -d /root/.ssh ] ; then
mkdir -p /root/.ssh
chmod 700 /root/.ssh
fi
# Fetch public key using HTTP
curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/my-key
if [ $? -eq 0 ] ; then
cat /tmp/my-key >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
rm /tmp/my-key
fi
EOL
cat <
UseDNS no
PermitRootLogin without-password
EOL
echo "Finished Step 3"
;;
"4")
echo "Adding RightScale"
mkdir -p /tmp/updates
mkdir -p /mnt/ec2-fs/opt/rightscale/
mkdir -p /mnt/ec2-fs/opt/rightscale/bin
mkdir -p /mnt/ec2-fs/opt/rightscale/etc
mkdir -p /mnt/ec2-fs/opt/rightscale/etc/init.d
mkdir -p /mnt/ec2-fs/opt/rightscale/lib
mkdir -p /mnt/ec2-fs/var/spool/ec2/
mkdir -p /mnt/ec2-fs/var/spool/ec2/meta-data
curl -o /tmp/updates/ec2-ami-tools.noarch.rpm http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.noarch.rpm
rpm -Uvh /tmp/updates/ec2-ami-tools.noarch.rpm --force --nodeps
#fetch needed packages
echo "Fetch Needed Packages"
curl -o /tmp/updates/linux-2.6.16.33-ec2.tgz http://s3.amazonaws.com/ec2-downloads/linux-2.6.16.33-ec2.tgz
curl -o /tmp/updates/kernel-modules.2.6.16-xenU.tgz http://s3.amazonaws.com/rightscale_software/kernel-modules-2.6.16.33-xenU.tgz
tar -xvzf /tmp/updates/kernel-modules.2.6.16-xenU.tgz -C /mnt/ec2-fs/lib/modules/
#chroot Section
echo "Chroot Time"
mkdir -p /mnt/ec2-fs/tmp/updates
touch /mnt/ec2-fs/etc/mtab
cp -R /tmp/updates/ /mnt/ec2-fs/tmp/
#get rrd-tool
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-1.2.23-5.i386.rpm
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-devel-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-devel-1.2.23-5.i386.rpm
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-doc-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-doc-1.2.23-5.i386.rpm
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-perl-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-perl-1.2.23-5.i386.rpm
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-php-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-php-1.2.23-5.i386.rpm
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-python-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-python-1.2.23-5.i386.rpm
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-ruby-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-ruby-1.2.23-5.i386.rpm
#curl -o /mnt/ec2-fs/tmp/updates/rrdtool-tcl-1.2.23-5.i386.rpm http://s3.amazonaws.com/rightscale_software/centos/rrdtool-tcl-1.2.23-5.i386.rpm
#get EPEL
curl -o /mnt/ec2-fs/tmp/updates/epel-release-5-2.noarch.rpm http://s3.amazonaws.com/rightscale_scripts/epel-release-5-2.noarch.rpm
cat < <'EOL' > /mnt/ec2-fs/tmp/updates/install-script
echo "starting install"
echo "127.0.0.1 localhost localhost.localdomain" > /etc/hosts
authconfig --enableshadow --useshadow --enablemd5 --updateall
mv /lib/tls /lib/tls.disabled
echo "Disabling TTYs"
perl -p -i -e 's/(.*tty2)/#\1/' /etc/inittab
perl -p -i -e 's/(.*tty3)/#\1/' /etc/inittab
perl -p -i -e 's/(.*tty4)/#\1/' /etc/inittab
perl -p -i -e 's/(.*tty5)/#\1/' /etc/inittab
perl -p -i -e 's/(.*tty6)/#\1/' /etc/inittab
perl -p -i -e 's/PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
perl -p -i -e 's/#ClientAliveInterval 0/ClientAliveInterval 60/' /etc/ssh/sshd_config
perl -p -i -e 's/#ClientAliveCountMax 3/ClientAliveCountMax 240/' /etc/ssh/sshd_config
service network start
echo "Fetching RightScale"
cat < <'SSH' >/etc/init.d/getsshkey
#!/bin/bash
# chkconfig: 4 11 11
# description: This script fetches the ssh key early. \
#
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
[ -r /etc/sysconfig/network ] && . /etc/sysconfig/network
# Check that networking is up.
[ "${NETWORKING}" = "no" ] && exit 1
start() {
if [ ! -d /root/.ssh ] ; then
mkdir -p /root/.ssh
chmod 700 /root/.ssh
fi
# Fetch public key using HTTP
curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/my-key
if [ $? -eq 0 ] ; then
cat /tmp/my-key >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
rm /tmp/my-key
fi
# or fetch public key using the file in the ephemeral store:
if [ -e /mnt/openssh_id.pub ] ; then
cat /mnt/openssh_id.pub >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
fi
}
stop() {
echo "Nothing to do here"
}
restart() {
stop
start
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|stop}"
exit 1
esac
exit $?
SSH
chmod +x /etc/init.d/getsshkey
rpm -Uvh http://s3.amazonaws.com/rightscale_scripts/syslog-ng-1.6.12-1.x86_64.rpm
curl -o /opt/rightscale_scripts.tgz http://s3.amazonaws.com/rightscale_scripts/rightscale_scripts.tgz
tar -xvzf /opt/rightscale_scripts.tgz -C /opt/
ln /opt/rightscale/etc/init.d/rightscale /etc/init.d/rightscale
chmod +x /opt/rightscale/etc/init.d/rightscale
chmod +x /etc/init.d/rightscale
echo "Modifying Services"
chkconfig --add rightscale
chkconfig --add postfix
chkconfig --add getsshkey
chkconfig --level 4 getsshkey on
chkconfig --level 4 rightscale on
chkconfig --level 4 postfix on
chkconfig --level 4 psacct on
chkconfig --level 4 syslog-ng on
chkconfig --level 4 smartd off
chkconfig --level 4 anacron off
chkconfig --level 4 avahi-daemon off
chkconfig --level 4 avahi-dnsconfd off
chkconfig --level 4 apmd off
chkconfig --level 4 acpid off
chkconfig --level 4 auditd off
chkconfig --level 4 irqbalance off
chkconfig --level 4 mdmpd off
chkconfig --level 4 portmap off
chkconfig --level 4 nfslock off
chkconfig --level 4 syslog off
chkconfig --level 4 sendmail off
chkconfig --level 4 cpuspeed off
chkconfig --level 4 cups off
chkconfig --level 4 autofs off
chkconfig --level 4 bluetooth off
chkconfig --level 4 rpcidmapd off
chkconfig --level 4 rpcsvcgssd off
chkconfig --level 4 rpcgssd off
chkconfig --level 4 pcscd off
chkconfig --level 4 gpm off
chkconfig --level 4 hidd off
chkconfig --level 4 xfs off
chkconfig --level 4 yum-updatesd off
chkconfig --del avahi-daemon
chkconfig --del acpid
chkconfig --del auditd
chkconfig --del irqbalance
chkconfig --del mdmpd
chkconfig --del avahi-dnsconfd
chkconfig --del NetworkManager
chkconfig --del NetworkManagerDispatcher
chkconfig --del dhcdbd
chkconfig --del dund
chkconfig --del firstboot
chkconfig --del irda
chkconfig --del apmd
chkconfig --del smartd
chkconfig --del kudzu
chkconfig --del hidd
chkconfig --del gpm
chkconfig --del pcscd
chkconfig --del bluetooth
chkconfig --del cpuspeed
chkconfig --del cups
chkconfig --del rdisc
chkconfig --del sendmail
chkconfig --del readahead_later
chkconfig --del syslog
chkconfig --del wpa_supplicant
chkconfig --del pand
chkconfig --del netplugd
echo "Fetching Java"
curl -o /tmp/updates/jdk-6u2-linux-amd64.rpm http://s3.amazonaws.com/rightscale_software/jdk-6u2-linux-amd64.rpm
curl -o /tmp/updates/sun-javadb-client-10.2.2-0.1.i386.rpm http://s3.amazonaws.com/rightscale_software/sun-javadb-client-10.2.2-0.1.i386.rpm
curl -o /tmp/updates/sun-javadb-common-10.2.2-0.1.i386.rpm http://s3.amazonaws.com/rightscale_software/sun-javadb-common-10.2.2-0.1.i386.rpm
curl -o /tmp/updates/sun-javadb-core-10.2.2-0.1.i386.rpm http://s3.amazonaws.com/rightscale_software/sun-javadb-core-10.2.2-0.1.i386.rpm
curl -o /tmp/updates/sun-javadb-demo-10.2.2-0.1.i386.rpm http://s3.amazonaws.com/rightscale_software/sun-javadb-demo-10.2.2-0.1.i386.rpm
curl -o /tmp/updates/sun-javadb-docs-10.2.2-0.1.i386.rpm http://s3.amazonaws.com/rightscale_software/sun-javadb-docs-10.2.2-0.1.i386.rpm
curl -o /tmp/updates/sun-javadb-javadoc-10.2.2-0.1.i386.rpm http://s3.amazonaws.com/rightscale_software/sun-javadb-javadoc-10.2.2-0.1.i386.rpm
echo "Installing Software"
cd /tmp/updates
curl -o /tmp/updates/bwm-ng-0.5-1.x86_64.rpm http://s3.amazonaws.com/rightscale_software/bwm-ng-0.5-1.x86_64.rpm
rpm -Uvh /tmp/updates/*.rpm --nodeps --force
tar -xvzf linux-2.6.16.33-ec2.tgz
mv linux-2.6.16.33-xenU/ /usr/src/
ln -sf /usr/src/linux-2.6.16.33-xenU/include/acpi /usr/include/acpi
ln -sf /usr/src/linux-2.6.16.33-xenU/include/asm /usr/include/asm
ln -sf /usr/src/linux-2.6.16.33-xenU/include/asm /usr/include/asm-generic
ln -sf /usr/src/linux-2.6.16.33-xenU/include/config /usr/include/config
ln -sf /usr/src/linux-2.6.16.33-xenU/include/keys /usr/include/keys
ln -sf /usr/src/linux-2.6.16.33-xenU/include/linux /usr/include/linux
ln -sf /usr/src/linux-2.6.16.33-xenU/include/math-emu /usr/include/math-emu
ln -sf /usr/src/linux-2.6.16.33-xenU/include/media /usr/include/media
ln -sf /usr/src/linux-2.6.16.33-xenU/include/mtd /usr/include/mtd
ln -sf /usr/src/linux-2.6.16.33-xenU/include/pcmcia /usr/include/pcmcia
ln -sf /usr/src/linux-2.6.16.33-xenU/include/rdma /usr/include/rdma
ln -sf /usr/src/linux-2.6.16.33-xenU/include/rxrpc /usr/include/rxrpc
ln -sf /usr/src/linux-2.6.16.33-xenU/include/sound /usr/include/sound
ln -sf /usr/src/linux-2.6.16.33-xenU/include/video /usr/include/video
ln -sf /usr/src/linux-2.6.16.33-xenU/include/xen /usr/include/xen
echo "Configuring Java Home"
echo "export JAVA_HOME=/usr/java/default" >> /etc/profile.d/java.sh
chmod +x /etc/profile.d/java.sh
echo "Add EC2 Tools"
mkdir /home/ec2
mkdir /home/ec2/etc
curl -o /tmp/ec2-api-tools.zip http://s3.amazonaws.com/rightscale_software/ec2-api-tools.zip
unzip /tmp/ec2-api-tools.zip -d /tmp/
mv /tmp/ec2-api-tools-1.2-13740/* /home/ec2/
ln -sf /usr/lib/site_ruby/aes/ /usr/lib/ruby/site_ruby/1.8/aes
rm -fr /tmp/ec2*
chmod -R o-w /home/ec2
echo "More EC2 Mods"
cat < <'PROMPT'> /etc/profile.d/prompt.sh
PS1="[\u@\h:\w] "
PROMPT
chmod +x /etc/profile.d/prompt.sh
cat < <'EC2'> /etc/profile.d/ec2.sh
export EC2_HOME=/home/ec2
export EC2_CERT=
export EC2_PRIVATE_KEY=
export AWS_ACCOUNT_NUMBER=
export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=
export PATH=$PATH:/home/ec2/bin/
EC2
chmod +x /etc/profile.d/ec2.sh
ln -f /opt/rightscale/etc/motd /etc/motd
echo "RubyGems"
wget http://rubyforge.org/frs/download.php/20989/rubygems-0.9.4.tgz
tar -xvzf rubygems-0.9.4.tgz
cd rubygems-0.9.4
ruby setup.rb
gem update
gem source -a http://mirror.rightscale.com
#cat < <'GEM'> /root/.gemrc
#gem: --source http://mirror.rightscale.com
#GEM
mkdir -p /tmp/updates
curl -o /tmp/updates/s3sync.gem http://s3.amazonaws.com/rightscale_software/s3sync-1.1.4.gem
gem install /tmp/updates/s3sync.gem
gem install xml-simple net-ssh net-sftp -y
updatedb
cat <
#!/bin/bash
#
# do_amitools_update.sh: updates ami-tools to the latest version..
#
## Include Files:
. /var/spool/ec2/meta-data.sh
. /var/spool/ec2/user-data.sh
# Update the EC2 AMI creation tools
echo " + Updating ec2-ami-tools"
curl -o /tmp/ec2-ami-tools.noarch.rpm http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.noarch.rpm && \
rpm -Uvh /tmp/ec2-ami-tools.noarch.rpm && \
echo " + Updated ec2-ami-tools"
## Cleanup FileSystem
rm -f /tmp/ec2-ami-tools.noarch.rpm
rm -f /tmp/ec2-ami-tools.noarch.rpm.*
AMI
chmod +x /etc/cron.daily/do_amitools_update.sh
cat < <'YUM'> /etc/yum.repos.d/CentOS-Base.repo
# CentOS-Base.repo
#
# This file uses a new mirrorlist system developed by Lance Davis for CentOS.
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#
[base]
name=CentOS-$releasever - Base
baseurl=http://mirror.rightscale.com/centos/$releasever/os/$basearch/
http://mirrors.kernel.org/centos/$releasever/os/$basearch/
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
failovermethod=priority
gpgcheck=1
enabled=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
[updates]
name=CentOS-$releasever - Updates
baseurl=http://mirror.rightscale.com/centos/$releasever/updates/$basearch/
http://mirrors.kernel.org/centos/$releasever/updates/$basearch/
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#packages used/produced in the build but not released
[addons]
name=CentOS-$releasever - Addons
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=addons
#baseurl=http://mirror.centos.org/centos/$releasever/addons/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
#baseurl=http://mirror.centos.org/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
YUM
cat < <'EOF'> /root/.bashrc
# .bashrc
# User specific aliases and functions
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
EOF
cat < <'EOF'> /root/.bash_profile
# .bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
# User specific environment and startup programs
PATH=$PATH:$HOME/bin
export PATH
unset USERNAME
EOF
cat < <'EOF'> /root/.bash_logout
# ~/.bash_logout
clear
EOF
touch /root/.bash_logout
exit
EOL
chmod +x /mnt/ec2-fs/tmp/updates/install-script
chroot /mnt/ec2-fs/ /tmp/updates/install-script
echo "all Done"
echo "Cleaning up Image"
rm -fr /mnt/ec2-fs/tmp/updates
echo "Finished Step 4"
;;
"5")
echo "Prepping for upload"
sync
#umount -dlf /mnt/ec2-fs/proc
#umount -dlf /mnt/ec2-fs
echo "Bundling Image"
#ec2-bundle-image -i /mnt/image/$IMAGE_NAME -k $EC2_PRIVATE_KEY -c $EC2_CERT -u $AWS_ACCOUNT_NUMBER
mkdir -p /mnt/tmp
ec2-bundle-vol -v /mnt/ec2-fs -d /mnt/tmp -p $IMAGE_NAME -k $EC2_PRIVATE_KEY -c $EC2_CERT -u $AWS_ACCOUNT_NUMBER
echo "Finished Step 5"
;;
"6")
echo "Uploading"
ec2-upload-bundle -b $AWS_BUCKET -m /mnt/tmp/$IMAGE_NAME.manifest.xml -a $AWS_ACCESS_KEY_ID -s $AWS_SECRET_ACCESS_KEY
echo "Finished Step 6"
;;
"7")
echo "Cleanup"
umount /mnt/ec2-fs/proc
umount /mnt/ec2-fs
rm -fr /mnt/image/
rm -fr /mnt/ec2-fs
echo "File System Cleaned"
echo "Finished Step 7"
;;
"8")
exit
;;
esac
done
Subscribe to:
Posts (Atom)