Tuesday, 16 December 2014

A foreign key constraint fails in MySQL


Scenario:

drop database databasename;
ERROR 1217 (23000): Cannot delete or update a parent row: a foreign key constraint fails

Resolution:-

mysql> SET FOREIGN_KEY_CHECKS=0;
Query OK, 0 rows affected (0.00 sec)

mysql>  drop database databasename;
Query OK, 2 rows affected (0.06 sec)

mysql> SET FOREIGN_KEY_CHECKS=1;
Query OK, 0 rows affected (0.00 sec)

Ref : - http://stackoverflow.com/questions/3334619/cannot-delete-or-update-a-parent-row-a-foreign-key-constraint-fails

Thursday, 4 December 2014

Could not chdir to home directory : Permission denied

Scenario:
While do ssh to the server,

login as: usrteam
eduteam@67.228.160.50's password:
Last login: Thu Dec  4 09:59:52 2014 from 14.141.35.194
Could not chdir to home directory /home/usrteam: Permission denied
-bash: /home/eduteam/.bash_profile: Permission denied
-bash-3.2$ pwd
/

Resolution :-

chown -R usrteam /home/usrteam
You have new mail in /var/spool/mail/root


Thursday, 27 November 2014

Couchbase Server

Couchbase Server is the world’s most complete, scalable, and highest performing NoSQL distributed database.

yum install -y pkgconfig

yum install openssl098e

wget http://packages.couchbase.com/releases/3.0.1/couchbase-server-enterprise-3.0.1-centos6.x86_64.rpm

rpm -ivh couchbase-server-enterprise-3.0.1-centos6.x86_64.rpm
Preparing...                ########################################### [100%]
Warning: Transparent hugepages may be used. To disable the usage
of transparent hugepages, set the kernel settings at runtime with
echo never > /sys/kernel/mm/transparent_hugepage/enabled
Warning: Transparent hugepages may be used. To disable the usage
of transparent hugepages, set the kernel settings at runtime with
echo never > /sys/kernel/mm/redhat_transparent_hugepage/enabled
Warning: Swappiness is not 0.
You can set the swappiness at runtime with
sysctl vm.swappiness=0
Minimum RAM required  : 4 GB
System RAM configured : 3.74 GB

Minimum number of processors required : 4 cores
Number of processors on the system    : 2 cores

   1:couchbase-server       ########################################### [100%]
Starting couchbase-server[  OK  ]

You have successfully installed Couchbase Server.
Please browse to http://mb1udarmiweb02.pearsontc.com:8091/ to configure your server.
Please refer to http://couchbase.com for additional resources.

Please note that you have to update your firewall configuration to
allow connections to the following ports: 11211, 11210, 11209, 4369,
8091, 8092, 18091, 18092, 11214, 11215 and from 21100 to 21299.

By using this software you agree to the End User License Agreement.
See /opt/couchbase/LICENSE.txt.

/etc/init.d/couchbase-server status
couchbase-server is running

Ref:
http://www.couchbase.com/nosql-databases/about-couchbase-server#ElasticScalability
http://docs.couchbase.com/couchbase-manual-2.5/cb-install/

Update time zone in Linux


date
Thu Nov 27 19:40:33 EST 2014

ls -l /etc/localtime
lrwxrwxrwx 1 root root 39 Nov 27 19:40 /etc/localtime -> /usr/share/zoneinfo/Australia/Melbourne

unlink /etc/localtime

ln -s /usr/share/zoneinfo/Asia/Kolkata /etc/localtime

ls -l /etc/localtime
lrwxrwxrwx 1 root root 32 Nov 27 14:08 /etc/localtime -> /usr/share/zoneinfo/Asia/Kolkata

date
Thu Nov 27 14:09:15 IST 2014

Ref:- http://www.linuxnix.com/2014/11/linuxunix-how-update-timezone-in-a-system.html?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+TheLinuxJuggernaut+%28The+Linux+Juggernaut%29

Wednesday, 19 November 2014

PHP Warning: PHP Startup: Unable to load dynamic library

Scenario :-

php -v

PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/module.so' - /usr/lib64/php/modules/module.so: cannot open shared object file: No such file or directory in Unknown on line 0
PHP 5.3.3 (cli) (built: Sep 10 2014 05:27:26)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies

cat /etc/php.d/mcrypt.ini
; Enable mcrypt extension module
extension=module.so

but module.so not exist in /usr/lib64/php/modules/

Resolution :-
uninstall the php-mcrypt and reinstall the suitable rpm

rpm -e php-mcrypt-5.3.3-1.el6.rf.x86_64
wget ftp://ftp.pbone.net/mirror/download.fedora.redhat.com/pub/fedora/epel/6/x86_64/php-mcrypt-5.3.3-3.el6.x86_64.rpm
rpm -ivh php-mcrypt-5.3.3-3.el6.x86_64.rpm

php -v
PHP 5.3.3 (cli) (built: Sep 10 2014 05:27:26)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies

cat /etc/php.d/mcrypt.ini
; Enable mcrypt extension module
extension=mcrypt.so

now mcrypt.so exist in /usr/lib64/php/modules/mcrypt.so


Monitor MySQL performance with innotop


Innotop is an excellent command line program, similar to ‘top command‘ to monitor local and remote MySQL servers running under InnoDB engine.

yum install innotop

innotop -u root -p 'mysqlpassword'

Innotop Help
Press “?” to get the summary of command line options and usage.

Switch to a different mode:
   A  Dashboard         I  InnoDB I/O Info     Q  Query List
   B  InnoDB Buffers    K  InnoDB Lock Waits   R  InnoDB Row Ops
   C  Command Summary   L  Locks               S  Variables & Status
   D  InnoDB Deadlocks  M  Replication Status  T  InnoDB Txns
   F  InnoDB FK Err     O  Open Tables         U  User Statistics

Actions:
   d  Change refresh interval        p  Pause innotop
   k  Kill a query's connection      q  Quit innotop
   n  Switch to the next connection  x  Kill a query

Other:
 TAB  Switch to the next server group   /  Quickly filter what you see
   !  Show license and warranty         =  Toggle aggregation
   #  Select/create server groups       @  Select/create server connections
   $  Edit configuration settings       \  Clear quick-filters
Press any key to continue

Non-Interactively

innotop -u root -p 'mysqlpassword' --count 5 -d 1 -n

Monitor Remote Database

innotop -u username -p password -h hostname

Ref : -
http://www.tecmint.com/install-innotop-to-monitor-mysql-server-performance/
http://linux.die.net/man/1/innotop

Wednesday, 22 October 2014

SeaLion Monitoring in Linux

Install and configure SeaLion

wget https://s3.amazonaws.com/sealion.com/3.2.3/sealion-agent-3.2.3-noarch.tar.gz
tar -xzvf sealion-agent-3.2.3-noarch.tar.gz
cd sealion-agent

sudo ./install.sh -o 299ade98-ab92-44bd-a9e6-3cefd1a9aeda

dependency : SeaLion agent requires python version 2.6 or above

Ref : -
https://www.youtube.com/watch?v=fLqVQd1SMmY
https://sealion.com

Monday, 29 September 2014

Bash Code Injection Vulnerability


rpm -qa | grep bash

bash-3.2-32.el5

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
vulnerable
this is a test
You have new mail in /var/spool/mail/root

yum upgrade bash

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'

rpm -qa | grep bash
bash-3.2-33.el5.1

Ref :- https://access.redhat.com/articles/1200223

Wednesday, 24 September 2014

Install mod_ssl on Apache2 - Ubuntu

Steps to install mod_ssl on Apache2 - Ubuntu

apt-get install mod_ssl

dpkg -S mod_ssl.so
apache2.2-bin: /usr/lib/apache2/modules/mod_ssl.so

a2enmod ssl
Module ssl already enabled

To make sure that the SSL module was loaded properly :

apache2ctl -t -D DUMP_MODULES | grep ssl
[Thu Sep 25 11:28:16 2014] [warn] NameVirtualHost *:80 has no VirtualHosts
Syntax OK
ssl_module (shared)



Mutual SSL authentication in Ubuntu

Two-way SSL using CA certificates

 cd /root

 mkdir CA

 cd CA

 mkdir newcerts private

vi openssl.cnf

#
# OpenSSL configuration file.
#
# Establish working directory.
dir = .
ts = 1024 # Size of keys
default_keyfile = key.pem # name of generated keys
default_md = md5 # message digest algorithm
string_mask = nombstr # permitted characters
distinguished_name = req_distinguished_name
req_extensions = v3_req

[ ca ]

default_ca = CA_default

[ CA_default ]

serial = $dir/serial
database = $dir/index.txt
new_certs_dir = $dir/newcerts
certificate = $dir/cacert.pem
private_key = $dir/private/cakey.pem
default_days = 365
default_md = md5
preserve = no
email_in_dn = no
nameopt = default_ca
certopt = default_ca
policy = policy_match

[ policy_match ]

countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional

[ req ]

default_md = sha1
distinguished_name = req_distinguished_name

[ req_distinguished_name ]

countryName = Country
countryName_default = IN
countryName_min = 2
countryName_max = 2
localityName = Locality
stateOrProvinceName_default = Karnataka
localityName_default = Bangalore
organizationName = Organization
organizationName_default = edurite
commonName = Common Name
commonName_max = 64

[ certauth ]

subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
basicConstraints = CA:true

[ server ]

basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
nsCertType = server

[ client ]

basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment, dataEncipherment
extendedKeyUsage = clientAuth
nsCertType = client

[ v3_req ]

basicConstraints = CA:FALSE
subjectKeyIdentifier = hash

Generate self-signed certificate

 openssl req -config ./openssl.cnf -newkey rsa:2048 -nodes -keyform PEM -keyout ca.key -x509 -days 3650 -extensions certauth -outform PEM -out ca.cer

 openssl genrsa -out server.key 2048

 openssl req -config ./openssl.cnf -new -key server.key -out server.req

 openssl x509 -req -in server.req -CA ca.cer -CAkey ca.key -set_serial 100 -extfile openssl.cnf -extensions server -days 365 -outform PEM -out server.cer

 rm server.req

 openssl genrsa -out client.key 2048

openssl req -config ./openssl.cnf -new -key client.key -out client.req

 openssl x509 -req -in client.req -CA ca.cer -CAkey ca.key -set_serial 101 -extfile openssl.cnf -extensions client -days 365 -outform PEM -out client.cer

 openssl pkcs12 -export -inkey client.key -in client.cer -out client.p12

 rm client.key client.cer client.req

vi /etc/apache2/sites-available/default

<VirtualHost *:443>
        ServerAdmin webmaster@localhost
        ServerName 10.98.33.136:443

        DocumentRoot /var/www
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>

        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
        <Directory "/usr/lib/cgi-bin">
                AllowOverride None
                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                Order allow,deny
                Allow from all
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog ${APACHE_LOG_DIR}/access.log combined

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>
SSLEngine on
LogLevel warn
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM
SSLVerifyClient require
SSLVerifyDepth 10
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
#SSLCACertificateFile /etc/apache2/ssl/ca.cer
</VirtualHost>

/etc/init.d/apache2 restart

./OpenSSL_Client rname@some.com 365 passwd /var/www/html/CERT

Now Import the P12 file to the browser.

Ref :- http://www.flatmtn.com/article/setting-openssl-create-certificates

Tuesday, 23 September 2014

Two-way SSL authentication


Two-way SSL authentication or mutual SSL authentication or client
authentication works by resolving its identity to SSL server with a use of
the client certificate.

All certificates will be issued by using OpenSSL application and openssl.cnf
configuration file.

 cd /root

 mkdir CA

 cd CA

 mkdir newcerts private

 vi /root/CA/openssl.cnf

#
# OpenSSL configuration file.
#
# Establish working directory.
dir = .
ts = 1024 # Size of keys
default_keyfile = key.pem # name of generated keys
default_md = md5 # message digest algorithm
string_mask = nombstr # permitted characters
distinguished_name = req_distinguished_name
req_extensions = v3_req

[ ca ]

default_ca = CA_default

[ CA_default ]

serial = $dir/serial
database = $dir/index.txt
new_certs_dir = $dir/newcerts
certificate = $dir/cacert.pem
private_key = $dir/private/cakey.pem
default_days = 365
default_md = md5
preserve = no
email_in_dn = no
nameopt = default_ca
certopt = default_ca
policy = policy_match

[ policy_match ]

countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional

[ req ]

default_md = sha1
distinguished_name = req_distinguished_name

[ req_distinguished_name ]

countryName = Country
countryName_default = IN
countryName_min = 2
countryName_max = 2
localityName = Locality
stateOrProvinceName_default = Karnataka
localityName_default = Bangalore
organizationName = Organization
organizationName_default = edurite
commonName = Common Name
commonName_max = 64

[ certauth ]

subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
basicConstraints = CA:true

[ server ]

basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
nsCertType = server

[ client ]

basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment, dataEncipherment
extendedKeyUsage = clientAuth
nsCertType = client

[ v3_req ]

basicConstraints = CA:FALSE
subjectKeyIdentifier = hash

 echo '01' > serial
 touch index.txt

 to generate self-signed certificate

 openssl req -config ./openssl.cnf -newkey rsa:2048 -nodes -keyform PEM -keyout ca.key -x509 -days 3650 -extensions certauth -outform PEM -out ca.cer

 openssl genrsa -out server.key 2048

 openssl req -config ./openssl.cnf -new -key server.key -out server.req

 openssl x509 -req -in server.req -CA ca.cer -CAkey ca.key -set_serial 100 -extfile openssl.cnf -extensions server -days 365 -outform PEM -out server.cer

 rm server.req

 openssl genrsa -out client.key 2048

openssl req -config ./openssl.cnf -new -key client.key -out client.req

 openssl x509 -req -in client.req -CA ca.cer -CAkey ca.key -set_serial 101 -extfile openssl.cnf -extensions client -days 365 -outform PEM -out client.cer

 openssl pkcs12 -export -inkey client.key -in client.cer -out client.p12

 rm client.key client.cer client.req

vi /etc/httpd/conf.d/ssl.conf

LoadModule ssl_module modules/mod_ssl.so
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl

Listen 443

<VirtualHost 172.16.0.14:443>
DocumentRoot "/var/www/SSL/digitally"
CheckSpelling on
DirectoryIndex opsindex.php
ServerName 172.16.0.14
ServerAdmin root@localhost
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM
SSLCertificateFile /etc/httpd/conf/ssl/server.cer
SSLCertificateKeyFile /etc/httpd/conf/ssl/server.key
SSLVerifyClient require
SSLVerifyDepth 10
SSLCACertificateFile /etc/httpd/conf/ssl/ca.cer
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

 httpd -S

 /etc/init.d/httpd/restart

 mkdir -p /var/www/html/CERTS

./OpenSSL_Client rname@some.com 365 passwd /var/www/html/CERTS

Now Import the P12 file to the browser.

Ref :- http://www.flatmtn.com/article/setting-openssl-create-certificates

Thursday, 11 September 2014

Purge logs of MySQL


The PURGE BINARY LOGS statement deletes all the binary log files listed in the log index file prior to the specified log file name or date. BINARY and MASTER are synonyms. Deleted log files also are removed from the list recorded in the index file, so that the given log file becomes the first in the list.

Examples:-

mysql> SHOW BINARY LOGS;
+------------------+-----------+
| Log_name         | File_size |
+------------------+-----------+
| mysql-bin.000034 |  14785707 |
| mysql-bin.000035 |       143 |
| mysql-bin.000036 |       143 |
| mysql-bin.000037 |       120 |
+------------------+-----------+
4 rows in set (0.00 sec)

mysql> PURGE BINARY LOGS BEFORE '2014-09-10';

mysql> PURGE BINARY LOGS BEFORE '2013-04-22 09:55:22';

mysql>PURGE BINARY LOGS TO 'mysql-bin.000015';


ref : https://mariadb.com/kb/en/mariadb/documentation/sql-commands/administration-commands/sql-commands-purge-logs/

Sunday, 24 August 2014

rsync without prompt for password

Do rsync without prompt for password, useful for cronjob and scripting.

sshpass -p "password" Source-path Destination-path

example:-
sshpass -p "mypassword" rsync -avzpW --recursive root@10.11.11.10:/data/testdata /data/

Friday, 22 August 2014

SSL Certificate on Ubuntu Server

Install SSL Certificate on Ubuntu Server

sudo apt-get install apache2
ifconfig
brose 10.98.33.136
It works!

a2enmod ssl

service apache2 restart

mkdir /etc/apache2/ssl

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:KA
Locality Name (eg, city) []:Bangalore
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Pearson
Organizational Unit Name (eg, section) []:Pearson
Common Name (e.g. server FQDN or YOUR name) []:10.98.33.136
Email Address []:jojan.paul@pearson.com

vi /etc/apache2/sites-available/default

<VirtualHost *:443>
        ServerAdmin webmaster@localhost
        ServerName 10.98.33.136:443
--------------
--------------
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
</VirtualHost>

Service apache2 restart

brose 10.98.33.136

It will prompt for This Connection is Untrusted and follow, I Understand the Risks-Add Exception-On Add Security-Exception window-Confirm Security Exception

It works!

Ref: https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-14-04

Remove the apache2 in Ubuntu

To remove the apache2 service using Terminal:

First stop the apache2 service if it is running with:

sudo service apache2 stop

Now remove and cleanup all the apache2 packages with:

sudo apt-get purge apache2 apache2-utils apache2.2-bin apache2-common

run in case any other cleanup in needed

sudo apt-get autoremove 

You can do the following two tests to confirm apache has been removed:

which apache2
- should return a blank line

sudo service apache2 start 
apache2: unrecognized service

Installing WordPress Apache on RHEL


Download WordPress for apache
wget http://wordpress.org/latest.tar.gz

tar -xvzf latest.tar.gz -C /data

Configure MySQL Database

Connect to MySQL Server & Enter Password
mysql -u root -p
Enter password:

Creating New User for WordPress Database

CREATE USER wordpress@localhost IDENTIFIED BY "your_password_here";

Create New Database
create database wordpress;

Grant Privileges to Database
GRANT ALL ON wordpress.* TO wordpress@localhost;

FLUSH privileges
FLUSH PRIVILEGES;

exit

Configure Apache VirtualHost

vi /etc/httpd/conf/httpd.conf

<VirtualHost 10.33.68.27:80>
ServerAdmin test@test.com
DocumentRoot /data/wordpress
ServerName www.wordpresstest.com
        <Directory /data/wordpress>
        Options FollowSymLinks
        AllowOverride ALL
        </Directory>
</VirtualHost>

service httpd restart

vi /etc/hosts

127.0.0.1  wordpress

Configuring WordPress

cd /data/wordpress
cp wp-config-sample.php wp-config.php

vi wp-config.php

/** The name of the database for WordPress */
define('DB_NAME', 'wordpress');

/** MySQL database username */
define('DB_USER', 'wordpressuser');

/** MySQL database password */
define('DB_PASSWORD', 'Pearson1');

/** MySQL hostname */
define('DB_HOST', '10.161.141.36');

Open your browser and type any of the following address.

http://wordpress/
http://localhost
http://your-ip

Ref: http://www.tecmint.com/install-wordpress-using-lamp-or-lemp-on-rhel-centos-fedora/

Tuesday, 15 July 2014

Install Drupal 7 on Linux


Install the PHP 5.3.3 and Apache 2.2.15,

restart your apache server:
/etc/init.d/httpd restart

To function Drupal properly with apache and php

vi /etc/httpd/conf/httpd.conf
AddType application/x-httpd-php .html

vi /data/testphp.php
and enter this then save :

<?php
phpinfo();
?>

restart your apache server:

/etc/init.d/httpd restart

Configure Mysql to work with Drupal

Install MySQL-5.6

mysql -u root -p
mysql> CREATE DATABASE drupal;
mysql> CREATE USER drupaluser@localhost;
mysql> SET PASSWORD FOR drupaluser@localhost= PASSWORD('typepasswordhere');
mysql> GRANT ALL PRIVILEGES ON drupal.* TO drupaluser@localhost IDENTIFIED BY 'password';
mysql> quit

Finally lets start with Drupal

Get the latest package here : http://drupal.org/project/drupal

Copy the file to /data
and unpack it by typing :

tar -xvzf drupal-7.28.tar.gz
cd drupal-7.28
chmod a+w sites/default
cd sites/default
cp default.settings.php settings.php
chmod a+w settings.php
mkdir files
chmod a+w files

vi /etc/httpd/conf.d/vhost

<VirtualHost 10.10.xx.xxx:80>
    ServerName www.testsite.com
    ServerAlias testsite.com
    DocumentRoot "/data/drupal"
    DirectoryIndex index.php
    <Directory "/data/drupal">
        AllowOverride All
        Allow from All
        Options -Indexes
    </Directory>
</VirtualHost>

/etc/init.d/httpd restart

Add an entry in C:\Windows\System32\drivers\etc\hosts
10.10.xx.xxx www.testsite.com

Open up browser and go to :
http://www.testsite.com/drupal-7.28
it will open up a Drupal page !

To prevent unwanted users working on them..

chmod go-w settings.php
chmod 757 files

Ref: http://altinukshini.wordpress.com/2011/01/09/how-to-install-drupal-7-on-linux/

Monday, 7 July 2014

Set Up Master Slave Replication in MySQL


MySQL replication is a process that allows you to easily maintain multiple copies of a MySQL data by having them copied automatically from a master to a slave database. This can helpful for many reasons including facilating a backup for the data,a way to analyze it without using the main database, or simply as a means to scale out.

For the process to work you will need two IP addresses: one of the master server and and one of the slave.

10.10.0.39- Master Database
10.10.0.40- Slave Database

User with sudo privileges and have MySQL installed.

rpm -qa | grep MySQL
MySQL-client-5.6.12-1.el6.x86_64
MySQL-server-5.6.12-1.el6.x86_64
MySQL-devel-5.6.12-1.el6.x86_64
MySQL-shared-compat-5.6.12-1.el6.x86_64
MySQL-shared-5.6.12-2.el6.x86_64

Configure the Master Database

Open up the mysql configuration file

vi /etc/my.cnf
bind-address = 10.10.0.39
log_bin = /data/var/lib/mysql/mysql-bin.log
binlog_do_db = newdatabase
server-id=1

service mysql restart

Grant privileges to the slave.

mysql -u root -p

mysql> GRANT REPLICATION SLAVE ON *.* TO '10.10.0.40'@'%' IDENTIFIED BY 'IctdscayK4blr';
Query OK, 0 rows affected (0.00 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

mysql> USE newdatabase;
Database changed

mysql> FLUSH TABLES WITH READ LOCK;
Query OK, 0 rows affected (0.01 sec)


mysql> SHOW MASTER STATUS;
+------------------+----------+--------------+------------------+-------------------+
| File             | Position | Binlog_Do_DB | Binlog_Ignore_DB | Executed_Gtid_Set |
+------------------+----------+--------------+------------------+-------------------+
| mysql-bin.000032 |      523 | newdatabase  |                  |                   |
+------------------+----------+--------------+------------------+-------------------+
1 row in set (0.00 sec)

The File and Position details are required while configuring slave.

mysqldump -u root -p --opt newdatabase > newdatabase.sql

mysql> UNLOCK TABLES;

mysql> QUIT;


Configure the Slave Database

mysql -u root -p

mysql> CREATE DATABASE newdatabase;

mysql> QUIT;

Import the database that you previously exported from the master database.

mysql -u root -p newdatabase < /path/to/newdatabase.sql

vi /etc/my.cnf
#Slave
relay-log = /data/var/lib/mysql/mysql-relay-bin.log
log_bin = /data/var/lib/mysql/mysql-bin.log
binlog_do_db = newdatabase
server-id=2

service mysql restart

Enable the replication from within the MySQL shell.

mysql -u root -p

mysql> CHANGE MASTER TO MASTER_HOST='10.10.0.39',MASTER_USER='root', MASTER_PASSWORD='IctdsdkMSK4blr', MASTER_LOG_FILE='mysql-bin.000001', MASTER_LOG_POS=  523;
Query OK, 0 rows affected, 2 warnings (0.01 sec)

The above step designates, (1) the current server as the slave of our master server. (2) It provides the server the correct login credentials. (3) Last of all, it lets the slave server know where to start replicating from; the master log file and log position come from the numbers we wrote down previously.

mysql> START SLAVE;

mysql> SHOW SLAVE STATUS\G;

mysql> QUIT;


If there is an issue in connecting, you can try starting slave with a command to skip over it:

mysql> STOP SLAVE;

mysql> SET GLOBAL SQL_SLAVE_SKIP_COUNTER = 1;

mysql> START SLAVE;

Ref :- https://www.digitalocean.com/community/tutorials/how-to-set-up-master-slave-replication-in-mysql

Friday, 20 June 2014

Remove LVM Partitions in Linux


vi /etc/fstab
remove the present lvm entry.

lvremove /dev/VGdata/LVdata
Do you really want to remove active logical volume LVdata? [y/n]: y
  Logical volume "LVdata" successfully removed

vgremove VGdata
  Volume group "VGdata" successfully removed

pvremove /dev/sdb1
  Labels on physical volume "/dev/sdb1" successfully wiped

fdisk /dev/sdb

WARNING: DOS-compatible mode is deprecated. It's strongly recommended to
         switch off the mode (command 'c') and change display units to
         sectors (command 'u').

Command (m for help): p

Disk /dev/sdb: 26.8 GB, 26843545600 bytes
64 heads, 32 sectors/track, 25600 cylinders
Units = cylinders of 2048 * 512 = 1048576 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000b6891

   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1       25600    26214384   8e  Linux LVM

Command (m for help): d
Selected partition 1

Command (m for help): p

Disk /dev/sdb: 26.8 GB, 26843545600 bytes
64 heads, 32 sectors/track, 25600 cylinders
Units = cylinders of 2048 * 512 = 1048576 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000b6891

   Device Boot      Start         End      Blocks   Id  System

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.
You have new mail in /var/spool/mail/root

partprobe
Warning: WARNING: the kernel failed to re-read the partition table on /dev/sda (Device or resource busy).  As a result,

it may not reflect all of your changes until after reboot.

reboot

Broadcast message from arao9aj@mb1utarmiweb01.pearsontc.com
        (/dev/pts/0) at 16:12 ...

The system is going down for reboot NOW!

Ref: http://www.linuxspy.com/1810/how-to-remove-lvm-partitions/

Change the default size of an inode


It is possible to define a non-standard sized inode by using the mke2fs tool with an undocumented option, -I. The size of the inode has to be a power of two and between the size of EXT2_GOOD_OLD_INODE_SIZE (128 bytes) and size of blocks in bytes. One reason for doing this could be that user is going to use extended attributes. Extended attributes are arbitrary name/value pairs used to store system objects like Access Control Lists (ACL). If the size of the inodes is larger than the default size, then sufficiently small attributes can be stored in inode

tune2fs -l /dev/mapper/VGdata-LVdata | grep Inode
Inode count:              1572864
Inodes per group:         8192
Inode blocks per group:   512
Inode size:               256

mke2fs -I 8192 /dev/mapper/VGdata-LVdata
mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
1572864 inodes, 6291456 blocks
314572 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=4294967296
192 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
        32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
        4096000

Writing inode tables: done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 35 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.

tune2fs -l /dev/mapper/VGdata-LVdata | grep Inode
Inode count:              3276800
Inodes per group:         16384
Inode blocks per group:   1024
Inode size:               256

Ref: http://magazine.redhat.com/2007/04/23/how-can-i-change-the-default-size-of-an-inode-when-i-create-an-ext2ext3-filesystem/

Wednesday, 11 June 2014

Commonly Used Shell Variables


echo $BASH_VERSION --holds the version of this instance of bash
3.2.25(1)-release

echo $HOSTNAME --the name of the your computer
LinuxHost

echo $CDPATH --the search path for the cd command

echo $HISTFILE --the file in which command history is saved
/root/.bash_history

echo $HISTFILESIZE --the maximum number of lines contained in the history file
1000

echo $HISTSIZE --the number of commands to remember in the command history
1000

echo $HOME --the home directory of the current user
/root

echo $IFS --the Internal Field Separator

echo $LANG --used to determine the lang

echo $PATH --the search path for commands
/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin

echo $PS1 --shows prompt settings
[\u@\h \W]\$

echo $TMOUT --the default timeout for the read builtin command

echo $TERM --the login terminal type
xterm
export TERM=vt100
export TERM=xterm

echo $SHELL --set path to login shell
/bin/bash

echo $DISPLAY --Set X display name
export DISPLAY=:0.1

export EDITOR=/usr/bin/vim --name of default text editor

Tuesday, 10 June 2014

Find out built in or an external command


type -a bind
bind is a shell builtin

type -a cat
cat is /bin/cat

type -a awk
awk is /bin/awk
awk is /usr/bin/awk

type -a true
true is a shell builtin
true is /bin/true

type -a select
select is a shell keyword


Basic Command Line Editing


Use the following key combinations to edit and recall commands:

CTRL + L : Clear the screen.

CTRL + W : Delete the word starting at cursor.

CTRL + U : Clear the line i.e. Delete the all words from command line.

Up and Down arrow keys : Recall commands (see command history).

Tab : Auto-complete files, directory, command names and much more.

CTRL + R : Search through previously used commands (see command history)

CTRL + C : Cancel currently running commands.

CTRL + T : Swap the last two characters before the cursor.

ESC + T : Swap the last two words before the cursor.

Find out current shell


To find all of the available shells in your system,

echo $SHELL

/bin/bash

To find out your current shell,

which bash


/bin/bash

ps $$

PID TTY      STAT   TIME COMMAND
29893 pts/0    Ss     0:00 -bash

ps -p $$

PID TTY          TIME CMD
29893 pts/0    00:00:00 bash

Valid login shells

cat /etc/shells

/bin/sh
/bin/bash
/sbin/nologin
/bin/tcsh
/bin/csh
/bin/ksh

Wednesday, 28 May 2014

Ways to check Linux OS is 32 bit or 64 Bit


uname -m

x86_64 ==> 64-bit kernel
i686   ==> 32-bit kernel

/bin/uname -m

x86_64 ==> 64-bit kernel
i686   ==> 32-bit kernel

getconf LONG_BIT

64 ==> 64-bit kernel
32 ==> 32-bit kernel

arch

x86_64 ==> 64-bit kernel
i686   ==> 32-bit kernel

file /sbin/init

/sbin/init: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped    ==> 64-bit kernel

/sbin/init: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.6.9, dynamically linked (uses shared libs), for GNU/Linux 2.6.9, stripped   ==> 32-bit kernel

In Ubuntu

dpkg --print-architecture

amd64 ==> 64-bit kernel
amd32 ==> 32-bit kernel

Ref: http://stackoverflow.com/questions/246007/how-to-determine-whether-a-given-linux-is-32-bit-or-64-bit



Tuesday, 27 May 2014

Change Run Levels in Linux


Find Out Current Run Level

who -r
run-level 3  2014-05-27 17:04

Or

runlevel
N 3

Use the init command to change rune levels:

init 1

To change the default run level:

vi /etc/inittab
id:5:initdefault:

Reboot the system to see changes:

reboot

Ref:
http://www.cyberciti.biz/tips/linux-changing-run-levels.html
http://www.ibm.com/developerworks/library/l-lpic1-v3-101-3/

Monday, 19 May 2014

Clear Memory Cache on Linux Server

Flush file system buffers by executing,

# sync

Kernels 2.6.16.x and newer versions of kernel provide a mechanism to have the kernel drop the page cache and/or inode and dentry caches on command, which can be helpful to free up a lot of memory.

To free page cache:

# echo 1 > /proc/sys/vm/drop_caches

To free dentries and inodes:

# echo 2 > /proc/sys/vm/drop_caches

To free page cache, dentries and inodes:

echo 3 > /proc/sys/vm/drop_caches

or

sync; echo 3 > /proc/sys/vm/drop_caches

Sync should be run because this is a non-destructive operation, and dirty objects are not freeable.
So you run sync in order to make sure all cached objects are freed.

To do clearing memory cache on a particular interval, just add the command to cron job

vi cacheclear.sh

#!/bin/sh
sudo sh -c "sync; echo 3 > /proc/sys/vm/drop_caches"

Ref: http://www.unixmen.com/how-to-clear-memory-cache-on-linux-servers/

Sunday, 18 May 2014

Force fsck in Linux


fsck stands for "file system check" and it is used to check and optionally repair one or more Linux file systems. Normally, the fsck program will try to handle filesystems on different physical disk drives in parallel to reduce the total amount of time needed to check all of the filesystems

Login as the root:
su root

Change directory to root (/) directory:
cd /

Create a file called forcefsck:
touch /forcefsck

Now reboot the system:
reboot

login as root and type the following command to reboot and run fsck:

shutdown -rF now

The -F option force fsck on reboot.


Ref:
http://www.cyberciti.biz/faq/linux-force-fsck-on-the-next-reboot-or-boot-sequence/
https://wiki.archlinux.org/index.php/fsck


Thursday, 15 May 2014

Recursively list all hidden files and directories


The basic syntax is as follows:

find /dir/to/search/ -name ".*" -print

find /dir/to/search/ -name ".*" -ls

search only hidden files:

find /dir/to/search/ -type f -iname ".*" -ls

search only hidden directories:

find /dir/to/search/ -type d -iname ".*" -ls
find /dir/to/search -path '*/.*' -print
find /dir/to/search -path '*/.*' -ls

In this example, search $HOME for all hidden files and dirs:

find $HOME -name ".*" -ls

135237    4 -rw-r--r--   1 root     root           18 May 20  2009 /root/.bash_logout
137605    4 -rw-------   1 root     root           32 May 15 01:08 /root/.mysql_history
135240    4 -rw-r--r--   1 root     root          100 Sep 22  2004 /root/.cshrc
131153    4 drwxr-----   3 root     root         4096 Feb 27 19:28 /root/.pki
136444    4 -rw-r--r--   1 root     root          686 Feb 27 07:22 /root/.bash_profile
137510    4 drwx------   2 root     root         4096 May  8 02:00 /root/.ssh
135241    4 -rw-r--r--   1 root     root          129 Dec  3  2004 /root/.tcshrc
136494    4 -rw-r--r--   1 root     root          310 Feb 27 07:22 /root/.bashrc
137490   16 -rw-------   1 root     root        14970 May 15 01:02 /root/.bash_history

Ref: http://www.cyberciti.biz/faq/unix-linux-centos-ubuntu-find-hidden-files-recursively/

Recursively list all files and directories


ls -alR

find . -exec ls -dl \{\} \; | awk '{print $3, $4, $9}'

find . -printf "%u %g %p\n"

tree -p -u -g -f -i

tree -p -u -g -f

find $PWD -type f

find . -ls

List only .html files

find . -name "*.html"

Ref: http://stackoverflow.com/questions/501367/how-to-recursively-list-all-files-and-directories

Wednesday, 14 May 2014

History Command in Linux


List All Executed Commands in Linux

history

List All Commands with Date and Timestamp

export HISTTIMEFORMAT='%F %T  '
history
%F Equivalent to %Y - %m - %d
%T Replaced by the time ( %H : %M : %S )

Filter Commands in History

export HISTIGNORE='ls -l:pwd:date:'
history

Ignore Duplicate Commands in History

export HISTCONTROL=ignoredups
history

Unset export Command

unset export HISTCONTROL
history

Save export Command Permanently

vi .bash_profile
PATH=$PATH:$HOME/bin
export PATH

Disable Storing History of Commands

vi .bash_profile
PATH=$PATH:$HOME/bin
HISTSIZE=0
export PATH
.bash_profile (END)

source .bash_profile

Delete or Clear History of Commands

history -c

Search Commands in History Using Grep Command

history | grep pwd

Recall Lastly Executed Command

Bang and 8 (!8)

Recall Lastly Executed Specific Command

!net

List last 25 commands

history 25

Ref: 

http://www.tecmint.com/history-command-examples/
https://www.digitalocean.com/community/articles/how-to-use-bash-history-commands-and-expansions-on-a-linux-vps

DoS and DDoS attack

A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is a attack in which the server resources become unavailable to its intended users.

A DOS attack is an attempt to make a system or server unavailable for legitimate users and, finally, to take the service down. This is achieved by flooding the server’s request queue with fake requests. After this, server will not be able to handle the requests of legitimate users.

In general, there are two forms of the DOS attack. The first form is on that can crash a server. The second form of DOS attack only floods a service.

In simple words DDOS attack is, when a server system is being flooded from fake requests coming from multiple sources (potentially hundreds of thousands), it is known as a DDOS attack. In this case, blocking a single or few IP address does not work. The more members in the zombie network, more powerful the attack it. For creating the zombie network, hackers generally use a Trojan.

There are basically three types of DDOS attacks:

Application layer DDOS attack: Application-layer DDOS attacks are attacks that target Windows, Apache, OpenBSD, or other software vulnerabilities to perform the attack and crash the server.

Protocol DDOS attack: A protocol DDOS attacks is a DOS attack on the protocol level. This category includes Synflood, Ping of Death, and more.

Volume-based DDOS attack: This type of attack includes ICMP floods, UDP floods, and other kind of floods performed via spoofed packets.

How to troubleshoot,

list of IP’s with maximum number of connections to server,

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

remember that ddos becomes more complex as attackers are using fewer connections with more number of attacking IP’s,

the number of active connections open to server,

netstat -n | grep :80 |wc -l

netstat -n | grep :80 | grep SYN |wc -l

Ex:
cd /edu-log/edurite/
cat 20140505.access.log | awk '{print $1}' |sort |uniq -c |sort -nr |more

------------
110.85.112.16
27.153.209.89
120.33.245.187
27.150.229.164
121.205.197.8
121.205.196.173
27.153.186.129
------------

Trace the IP using the follwoing URL,

http://tools.whois.net/whoisbyip/

One example for how to block a particular IP on the server,

iptables -A INPUT -s 27.153.186.129 -j DROP

/etc/init.d/iptables save
/etc/init.d/firewall restart

Ref:

http://webhosting.uk.com/kb/how-to-check-if-your-linux-server-is-under-ddos-attack/
http://resources.infosecinstitute.com/dos-attacks-free-dos-attacking-tools/

Monday, 28 April 2014

Configure NFS in Linux

Three rpm's are required to configure nfs server.
nfs, portmap and xinetd, check them if not found then install them,

rpm -qa nfs*
nfs-utils-1.0.9-66.el5
nfs-utils-lib-1.0.8-7.9.el5

rpm -qa portmap*
portmap-4.0-65.2.2.1

rpm -qa xinetd*
xinetd-2.3.14-17.el5


/etc/init.d/portmap restart
/etc/init.d/xinetd restart
/etc/init.d/nfs restart


chkconfig portmap on
chkconfig xinetd on
chkconfig nfs on

mkdir /data
chmod 777 /data
vi /etc/exports

/data   192.168.209.128 (rw,sync)

exportfs -r

showmount -e 192.168.209.128

Export list for 192.168.209.128:
/data (everyone)

mount -t nfs 192.168.209.128:/data/ /mnt

cd /mnt/

cat > test
This is testfile

cd
umount /mnt

mkdir /temp

vi /etc/fstab

192.168.209.128:/data /temp nfs defaults 0 0

reboot

cd /temp
ls
test

ref : http://computernetworkingnotes.com/network-administrations/nfs-server.html

Windows Useful Commands


Application = Command

Accessibility Controls = access.cpl
Add Hardware Wizard = hdwwiz.cpl
Add/Remove Programs = appwiz.cpl
Administrative Tools = control admintools
Automatic Updates = wuaucpl.cpl

Bluetooth Transfer Wizard = fsquirt
Calculator = calc
Certificate Manager = certmgr.msc
Character Map = charmap
Check Disk Utility = chkdsk

Clipboard Viewer = clipbrd
Command Prompt = cmd
Component Services = dcomcnfg
Computer Management = compmgmt.msc
Date and Time Properties = timedate.cpl

DDE Shares = ddeshare
Device Manager = devmgmt.msc
Direct X Control Panel (If Installed)* = directx.cpl
Direct X Troubleshooter = dxdiag
Disk Cleanup Utility = cleanmgr

Disk Defragment = dfrg.msc
Disk Management = diskmgmt.msc
Disk Parmelonion Manager = diskpart
Display Properties = control desktop/desk.cpl
Dr. Watson System Troubleshooting Utility = drwtsn32

Driver Verifier Utility = verifier
Event Viewer = eventvwr.msc
File Signature Verification Tool = sigverif
Findfast = findfast.cpl
Folders Properties = control folders

Fonts = control fonts
Fonts Folder = fonts
Free Cell Card Game = freecell
Game Controllers = joy.cpl
Group Policy Editor (XP Prof) = gpedit.msc

Hearts Card Game = mshearts
Iexpress Wizard = iexpress
Indexing Service = ciadv.msc
Internet Properties = inetcpl.cpl
IP Configuration = ipconfig

Java Control Panel (If Installed) = jpicpl32.cpl
Java Application Cache Viewer (If Installed) = javaws
Keyboard Properties = control keyboard
Local Security Settings = secpol.msc
Local Users and Groups = lusrmgr.msc

Logs You Out Of Windows = logoff
Microsoft Chat = winchat
Minesweeper Game = winmine
Mouse Properties = control mouse
Mouse Properties = main.cpl

Network Connections = control netconnections
Network Connections = ncpa.cpl
Network Setup Wizard = netsetup.cpl
Notepad = notepad
Nview Desktop Manager (If Installed) = nvtuicpl.cpl

Object Packager = packager
ODBC Data Source Administrator = odbccp32.cpl
On Screen Keyboard = osk
Opens AC3 Filter (If Installed) = ac3filter.cpl
Password Properties = password.cpl

Performance Monitor = perfmon.msc
Performance Monitor = perfmon
Phone and Modem Options = telephon.cpl
Power Configuration = powercfg.cpl
Printers and Faxes = control printers

Printers Folder = printers
Private Character Editor = eudcedit
Quicktime (If Installed) = QuickTime.cpl
Regional Settings = intl.cpl
Registry Editor = regedit

Registry Editor = regedit32
Remote Desktop = mstsc
Removable Storage = ntmsmgr.msc
Removable Storage Operator Requests = ntmsoprq.msc
Resultant Set of Policy (XP Prof) = rsop.msc

Scanners and Cameras = sticpl.cpl
Scheduled Tasks = control schedtasks
Security Center = wscui.cpl
Services = services.msc
Shared Folders = fsmgmt.msc

Shuts Down Windows = shutdown
Sounds and Audio = mmsys.cpl
Spider Solitare Card Game = spider
SQL Client Configuration = cliconfg
System Configuration Editor = sysedit

System Configuration Utility = msconfig
System File Checker Utility = sfc
System Properties = sysdm.cpl
Task Manager = taskmgr
Telnet Client = telnet

User Account Management = nusrmgr.cpl
Utility Manager = utilman
Windows Firewall = firewall.cpl
Windows Magnifier = magnify
Windows Management Infrastructure = wmimgmt.msc

Windows System Security Tool = syskey
Windows Update Launches = wupdmgr
Windows XP Tour Wizard = tourstart
Wordpad = write

Friday, 25 April 2014

Increasing group_concat_max_len param in MySQL


SET GLOBAL group_concat_max_len=1024M

vi /etc/my.cnf

group_concat_max_len = 1024M

/etc/init.d/mysql restart

Shutting down MySQL......                                  [  OK  ]
Starting MySQL..                                           [  OK  ]

mysql -u root -p

Enter password:

mysql>SHOW VARIABLES LIKE "%group_concat_max_len";
+----------------------+------------+
| Variable_name        | Value      |
+----------------------+------------+
| group_concat_max_len | 1073741824 |
+----------------------+------------+
1 row in set (0.00 sec)

Copying files using pscp

Copying files from your UNIX host to your Windows PC

C:\Program Files (x86)>pscp "H:\Digitally_3.6_International\vmware.log" root@172
.16.0.134:/tmp/

root@172.16.0.134's password:
vmware.log                | 84 kB |  84.0 kB/s | ETA: 00:00:00 | 100%

http://www.nber.org/pscp.html

Limit number of simultaneous logins attempts for a user


To limit the max number of logins to 2 for user vivek

vi /etc/security/limits.conf

vivek         hard    maxlogins       2

ref:http://nixcraft.com/centos-rhel-fedora/13764-ssh-limit-number-simultaneous-logins-attempts-each-user.html

Thursday, 24 April 2014

Change SVN Server IP


Modify when SVN server IP address changes

cd /data/mysql-svn-bkp/ObjectMap/

svn switch --relocate svn://172.16.0.25/db-backup/Trunk/mysql/ svn://10.98.33.63/db-backup/Trunk/mysql/


Shrink VMware Virtual Disk File (.vmdk)


To remove any unneeded files from the virtual machine to free space

yum clean

To fill the unused space with zeros

cat /dev/zero > zero.fill;sync;sleep 1;sync;rm -f zero.fill

poweroff

Start cmd

C:\Program Files (x86)\VMware\VMware Player>vmware-vdiskmanager.exe -k "H:\Digit
ally_3.6\Edulinux_en-gb.vmdk"

  Shrink: 100% done.
Shrink completed successfully.

Ref:- http://www.howtoforge.com/how-to-shrink-vmware-virtual-disk-files-vmdk

Wednesday, 23 April 2014

Change the MySQL data default directory


Steps for MySQL data directory change,

Stopping the MySQL server

service mysql stop

Create a new data directory and move the content from the old data directory

mkdir /data/var/lib/mysql

chown mysql:mysql /data/var/lib/mysql

mv /var/lib/mysql/* /data/var/lib/mysql

Correct the MySQL configuration file

vi /etc/my.cnf

[mysqld]

datadir = /data/var/lib/mysql

socket = /data/var/lib/mysql/mysql.sock

slow_query_log_file = /data/var/lib/mysql/mysql-slow.log

general_log_file = /data/var/lib/mysql/general.log

[client]

socket = /data/var/lib/mysql/mysql.sock

Adjust SELinux parameters to accept our new change

getenforce
Disabled

If semanage SELinux Command Not Found

yum install policycoreutils-python

man semanage

rpm -qf `which semanage`
policycoreutils-python-2.0.83-19.39.el6.x86_64

semanage fcontext -a -t mysqld_db_t "/data/var/lib/mysql(/.*)?"

grep -i mysql /etc/selinux/targeted/contexts/files/file_contexts.local
/data/var/lib/mysql(/.*)?    system_u:object_r:mysqld_db_t:s0

restorecon -Rv data/var/lib/mysql

Starting the MySQL server

service mysql start

mysql -u root -p

mysql> show databases;

Optionally you can just use

mysql -u root -p --protocol tcp


Ref:-  

 http://crashmag.net/change-the-default-mysql-data-directory-with-selinux-enabled

https://blogs.oracle.com/jsmyth/entry/selinux_and_mysql

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Managing_Confined_Services/sect-Managing_Confined_Services-MySQL-Configuration_Examples.html

Restore Power School Database


Stop Power Teacher Services

Stop Report Works Services

start cmd

cd \oracle\scripts

DropSchema.bat PRODDB

(Restart Oracle Services if schemas are fail to drop)

sqlplus / as sysdba

create user PS identified by password;

create user PS_MGMT identified by password;

grant create session, dba to PS;

grant create session, dba to PS_MGMT;

CREATE OR REPLACE DIRECTORY DATA_PUMP_DIR AS 'E:\oradata\PSPRODDB\data_pump_dir';

GRANT READ, WRITE ON DIRECTORY DATA_PUMP_DIR TO PS;

exit

replace the .dmp file in data_pump_dir

SYS@PSPRODDB AS SYSDBA>Import.bat PRODDB EXPDP_FULLDB Y

Start Power Teacher Services

Start Report Works Services


To reset user Passowrd

SYS@PSPRODDB AS SYSDBA>ALTER USER PS IDENTIFIED BY edurite;

User altered.

SYS@PSPRODDB AS SYSDBA>ALTER USER PS_MGMT IDENTIFIED BY edurite;

User altered.


To Unlock the user Accounts

SYS@PSPRODDB AS SYSDBA>ALTER USER PS_MGMT IDENTIFIED BY edurite ACCOUNT UNLOCK;

User altered.

SYS@PSPRODDB AS SYSDBA>ALTER USER PS IDENTIFIED BY edurite ACCOUNT UNLOCK;

User altered.



Backup Oracle Database in Windows Server


Start cmd

sqlplus / as sysdba

SYS@PRODDB AS SYSDBA>CREATE OR REPLACE DIRECTORY DATA_PUMP_DIR1 AS 'E:\Oracle_Backup';

Create Oracle_Backup directory if necessary.

E:\oracle\product\11.2.0\dbhome_1\BIN>expdp.exe '/ as sysdba' full=y directory=DATA_PUMP_DIR1 dumpfile=expdp_fulldb.dmp logfile=expdp_fulldb.log


Tuesday, 15 April 2014

httpd and php Installation in RHEL 6

httpd 2.2.15-30 and php 5.5.9-1 Installation in RHEL 6

2.6.32-431.3.1.el6.x86_64

yum install httpd

rpm -qa | grep httpd
httpd-tools-2.2.15-30.el6_5.x86_64
httpd-2.2.15-30.el6_5.x86_64

vi /etc/httpd/conf/httpd.conf
AllowOverride All

http://rpm.pbone.net/
search php55w-common-5.5.9-1.w6

wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-5.5.9-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-cli-5.5.9-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-common-5.5.9-1.w6.x86_64.rpm

rpm -ivh php55w-common-5.5.9-1.w6.x86_64.rpm
rpm -ivh php55w-cli-5.5.9-1.w6.x86_64.rpm
rpm -ivh php55w-5.5.9-1.w6.x86_64.rpm

wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-mcrypt-5.5.9-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-soap-5.5.9-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-pecl-apcu-devel-4.0.3-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-opcache-5.5.9-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-bcmath-5.5.9-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-mysqlnd-5.5.9-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-odbc-5.5.9-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-xml-5.5.9-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-pecl-apcu-4.0.3-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-pecl-memcache-3.0.8-2.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-pdo-5.5.9-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-mbstring-5.5.9-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-xmlrpc-5.5.9-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-devel-5.5.9-1.w6.x86_64.rpm
wget ftp://ftp.pbone.net/mirror/repo.webtatic.com/yum/el6/x86_64/php55w-pecl-xdebug-2.2.3-2.w6.x86_64.rpm
wget ftp://ftp.uni-bayreuth.de/pub/redhat.com/fedora/linux/releases/10/Everything/ppc/os/Packages/php-pear-1.7.2-2.fc10.noarch.rpm

rpm -ivh php55w-bcmath-5.5.9-1.w6.x86_64.rpm
rpm -ivh php55w-mbstring-5.5.9-1.w6.x86_64.rpm
rpm -ivh php55w-pdo-5.5.9-1.w6.x86_64.rpm
rpm -ivh php55w-mysqlnd-5.5.9-1.w6.x86_64.rpm
rpm -ivh php55w-soap-5.5.9-1.w6.x86_64.rpm
rpm -ivh php55w-xmlrpc-5.5.9-1.w6.x86_64.rpm

yum install autoconf automake pcre-devel
rpm -ivh php55w-devel-5.5.9-1.w6.x86_64.rpm


wget ftp://ftp.pbone.net/mirror/ftp5.gwdg.de/pub/opensuse/repositories/home:/csbuild:/centosextra/RHEL_5/x86_64/libtool2-ltdl-2.2.6b-3.4.x86_64.rpm
wget ftp://ftp.univie.ac.at/systems/linux/fedora/epel/6/x86_64/libmcrypt-2.5.8-9.el6.x86_64.rpm

rpm -ivh libmcrypt-2.5.8-9.el6.x86_64.rpm
rpm -ivh libtool2-ltdl-2.2.6b-3.4.x86_64.rpm

rpm -ivh php55w-mcrypt-5.5.9-1.w6.x86_64.rpm

wget ftp://ftp.muug.mb.ca/mirror/centos/6.5/os/x86_64/Packages/unixODBC-2.2.14-12.el6_3.x86_64.rpm

rpm -ivh unixODBC-2.2.14-12.el6_3.x86_64.rpm
rpm -ivh php55w-odbc-5.5.9-1.w6.x86_64.rpm

wget ftp://ftp.pbone.net/mirror/ftp5.gwdg.de/pub/opensuse/repositories/home:/tsariounov:/tools/RedHat_RHEL-6/x86_64/libxslt1-1.1.28-66.1.x86_64.rpm
rpm -ivh libxslt1-1.1.28-66.1.x86_64.rpm
rpm -ivh php55w-xml-5.5.9-1.w6.x86_64.rpm

wget ftp://ftp.icm.edu.pl/vol/rzm2/linux-fedora-secondary/archive/development/ia64/os/Packages/php-pear-1.7.2-2.fc10.noarch.rpm
rpm -ivh php-pear-1.7.2-2.fc10.noarch.rpm

rpm -ivh php55w-pecl-apcu-4.0.3-1.w6.x86_64.rpm
rpm -ivh php55w-pecl-apcu-devel-4.0.3-1.w6.x86_64.rpm
rpm -ivh php55w-pecl-memcache-3.0.8-2.w6.x86_64.rpm
rpm -ivh php55w-pecl-xdebug-2.2.3-2.w6.x86_64.rpm

rpm -ivh php55w-opcache-5.5.9-1.w6.x86_64.rpm

pear list

Installed packages, channel pear.php.net:
=========================================
Package          Version State
Archive_Tar      1.3.7   stable
Console_Getopt   1.2.3   stable
PEAR             1.9.4   stable
Structures_Graph 1.0.4   stable
XML_RPC          1.5.4   stable
XML_Util         1.2.1   stable

pear install Auth_SASL Config Log MDB2 MDB2_Driver_mysqli Mail Mail_Mime Mail_mimeDecode Net_SMTP Net_Socket XML_Parser

pear list

Installed packages, channel pear.php.net:
=========================================
Package            Version State
Archive_Tar        1.3.2   stable
Auth_SASL          1.0.6   stable
Config             1.10.12 stable
Console_Getopt     1.2.3   stable
Log                1.12.7  stable
MDB2               2.4.1   stable
MDB2_Driver_mysqli 1.4.1   stable
Mail               1.2.0   stable
Mail_Mime          1.8.8   stable
Mail_mimeDecode    1.5.5   stable
Net_SMTP           1.6.2   stable
Net_Socket         1.0.14  stable
PEAR               1.7.2   stable
Structures_Graph   1.0.2   stable
XML_Parser         1.3.4   stable
XML_RPC            1.5.1   stable
XML_Util           1.2.1   stable

vi /var/www/html/index.php

<?php
 phpinfo();
?>

:wq

/etc/init.d/httpd restart

Now browse on any web browser with IP



Monday, 14 April 2014

Grant usage for a specific user in MySQL


Grant usage for a specific user

mysql -u root -p
Enter password:

mysql> use mysql;

mysql> grant all on *.* to 'username'@'%' identified by 'password';

mysql> flush privileges;


Wednesday, 9 April 2014

sar command in Linux


sar - Collect, report, or save system activity information.

yum install sysstat

cd /var/log/sa

sar

Linux 2.6.18-238.9.1.el5         04/09/2014

04:40:01 AM       CPU     %user     %nice   %system   %iowait    %steal     %idle
04:50:01 AM       all      9.93      0.00      1.04      1.02      0.00     88.01
05:00:01 AM       all      8.56      0.00      0.79      1.07      0.00     89.58
05:10:01 AM       all      6.81      0.00      0.65      1.18      0.00     91.36
05:20:01 AM       all      7.63      0.10      0.68      0.91      0.00     90.69
05:30:01 AM       all      6.95      0.00      0.64      0.79      0.00     91.62
05:40:01 AM       all     10.36      0.00      0.83      0.97      0.00     87.83
05:50:01 AM       all      9.30      0.00      0.82      0.92      0.00     88.96
06:00:01 AM       all      9.34      0.00      0.81      0.90      0.00     88.95
06:10:01 AM       all     12.96      0.00      0.81      0.81      0.00     85.43
06:20:01 AM       all     11.03      0.10      1.03      0.58      0.00     87.27
06:30:01 AM       all     12.49      0.00      1.10      0.70      0.00     85.72
06:40:01 AM       all      9.44      0.00      0.82      0.66      0.00     89.07
06:50:01 AM       all      9.09      0.00      0.79      0.56      0.00     89.56
07:00:01 AM       all     10.42      0.00      0.93      0.61      0.00     88.04
07:10:01 AM       all     10.75      0.00      0.91      0.63      0.00     87.71
Average:             all      9.67      0.01      0.84      0.82      0.00     88.65


             %user
                     Percentage of CPU utilization that occurred while execut-
                     ing at the user level (application).

              %nice
                     Percentage of CPU utilization that occurred while execut-
                     ing at the user level with nice priority.

              %system
                     Percentage of CPU utilization that occurred while execut-
                     ing at the system level (kernel).

              %iowait
                     Percentage of time that the CPU or CPUs were idle  during
                     which the system had an outstanding disk I/O request.

              %idle
                     Percentage of time that the CPU or CPUs were idle and the
                     system did not have an outstanding disk I/O request.

Ref:- http://www.linuxcommand.org/man_pages/sar1.html

Friday, 4 April 2014

MySQL 5.6 Installation in RHEL 6


Download the rpm's to the /usr/local/src

wget https://downloads.skysql.com/archives/mysql-5.6/MySQL-client-5.6.12-1.el6.x86_64.rpm
wget https://downloads.skysql.com/archives/mysql-5.6/MySQL-server-5.6.12-1.el6.x86_64.rpm
wget https://downloads.skysql.com/archives/mysql-5.6/MySQL-shared-compat-5.6.12-1.el6.x86_64.rpm
wget https://downloads.skysql.com/archives/mysql-5.6/MySQL-devel-5.6.12-1.el6.x86_64.rpm
wget https://downloads.skysql.com/archives/mysql-5.6/MySQL-shared-5.6.12-2.el6.x86_64.rpm

rpm -e mysql-libs-5.1.71-1.el6.x86_64 --nodeps

rpm -ivh MySQL-client-5.6.12-1.el6.x86_64.rpm MySQL-devel-5.6.12-1.el6.x86_64.rpm MySQL-server-5.6.12-1.el6.x86_64.rpm MySQL-shared-5.6.12-2.el6.x86_64.rpm MySQL-shared-compat-5.6.12-1.el6.x86_64.rpm

/etc/init.d/mysql restart
Shutting down MySQL..                                      [  OK  ]
Starting MySQL.                                            [  OK  ]

Ref :- https://downloads.skysql.com/archive/index/p/mysql/v/5.6.12

Thursday, 3 April 2014

Display recently modified files in Linux


Display Today’s modified Files in Linux

ls -al --time-style=+%D | grep `date +%D`
find . -maxdepth 1 -mtime -1
find . -mtime -1 -print
find . -mtime -1 -printf "%u %p\n" | sort

Display recently modified file in present working directory

find -maxdepth 1 -type f -mtime -1
find -maxdepth 1 -type f -daystart -mtime -1
find "pwd" -mtime -1 -type f -print
find . -type f -printf '%TY-%Tm-%Td %TT %p\n' | sort -r


Display recently modified directory in present working directory

find -maxdepth 1 -type d -mtime -1
find -maxdepth 1 -type d -daystart -mtime -1
find "pwd" -mtime -1 -type d -print
find . -type d -printf '%TY-%Tm-%Td %TT %p\n' | sort -r


Wednesday, 2 April 2014

Installing PHPUnit in RHEL


 wget https://phar.phpunit.de/phpunit.phar

 chmod +x phpunit.phar

 mv phpunit.phar /usr/local/bin/phpunit

Friday, 28 March 2014

Script for disc space alert in Linux


#!/bin/bash

#admin email account
ADMIN="mymailid@domain.com"

# set usage alert threshold
THRESHOLD=95

#hostname
HOSTNAME=$(hostname)

#mail client
MAIL=/bin/mail

# store all disk info here
EMAIL=""

for line in $(df -hP | egrep '^/dev/' | awk '{ print $6 "_:_" $5 }')
do

        part=$(echo "$line" | awk -F"_:_" '{ print $1 }')
        part_usage=$(echo "$line" | awk -F"_:_" '{ print $2 }' | cut -d'%' -f1 )

        if [ $part_usage -ge $THRESHOLD -a -z "$EMAIL" ];
        then
                EMAIL="$(date): Running out of diskspace on $HOSTNAME\n"
                EMAIL="$EMAIL\n$part ($part_usage%) >= (Threshold = $THRESHOLD%)"

        elif [ $part_usage -ge $THRESHOLD ];
        then
                EMAIL="$EMAIL\n$part ($part_usage%) >= (Threshold = $THRESHOLD%)"
        fi
done

if [ -n "$EMAIL" ];
then
        echo -e "$EMAIL" | $MAIL -s "Alert: Partition(s) almost out of diskspace on $HOSTNAME" "$ADMIN"
fi

Script to Delete file older than 30 days in Linux


#! /bin/bash
find /backup/mysql/* -type f -mtime +30 -exec rm {} \;



Thursday, 27 March 2014

Determine the File System type in Linux


blkid /dev/sda1

blkid -t TYPE=ext4

sudo parted -l

file -s /dev/sda1

tune2fs -l /dev/sda1 | grep features

df -T

mount

cat /proc/mounts

cd /proc/fs and ls

cd /sys/fs and ls

cat /etc/fstab

dumpe2fs /dev/sdb1 | head -15 -- has_journal means it is ext3.

dumpe2fs /dev/sdb1 | head -15 -- has_journal means it is ext4.

Ref : - http://unix.stackexchange.com/questions/60723/how-do-i-know-if-a-partition-is-ext2-ext3-or-ext4

Thursday, 6 March 2014

Listing only Directory in Linux


The following commands will list all of the sub directories in the present directory,



ls -d */ | xargs -l basename

ls -d */ | cut -d/ -f1

ls -d */ | cut -f1 -d'/'

ls -p | grep "/" | cut -f1 -d'/'


echo */ | cut -f1 -d'/'


find . -maxdepth 1 -mindepth 1 -type d -printf %P\\n

find . -mindepth 1 -maxdepth 1 -type d  \( ! -iname ".*" \) | sed 's|^\./||g'

find [!.]* -maxdepth 0 -type d


for f in *;do if [[ -d $f  ]]; then echo $f;fi; done;


Thursday, 20 February 2014

Cygwin


Cygwin is a Unix-like environment and command-line interface for Microsoft Windows.
Cygwin provides native integration of Windows-based applications, data, and other system resources with applications, software tools, and data of the Unix-like environment.
Thus it is possible to launch Windows applications from the Cygwin environment, as well as to use Cygwin tools and applications within the Windows operating context.


Ref: http://en.wikipedia.org/wiki/Cygwin
http://cygwin.com/install.html

Jenkins On RedHat

Jenkins Prerequisites

httpd
subversion
java

Installation
Add the Jenkins repository to the yum repos, and install Jenkins from here.
Installation of a stable version
Installation of Java
Jenkins requires Java in order to run, yet certain Fedora-based distros don't include this by default. To install the Open Java Development Kit (OpenJDK) run the following:
sudo yum install java

Start/Stop
 
  • sudo service jenkins start/stop/restart
  • sudo chkconfig jenkins on
What does this package do?
  • Jenkins will be launched as a daemon up on start. See /etc/init.d/jenkins for more details.
  • The 'jenkins' user is created to run this service. If you change this to a different user via the config file, you must change the owner of /var/log/jenkins, /var/lib/jenkins, and /var/cache/jenkins.
  • Log file will be placed in /var/log/jenkins/jenkins.log. Check this file if you are troubleshooting Jenkins.
  • /etc/sysconfig/jenkins will capture configuration parameters for the launch.
  • By default, Jenkins listen on port 8080. Access this port with your browser to start configuration.  Note that the built-in firewall may have to be opened to access this port from other computers.  (See http://www.cyberciti.biz/faq/disable-linux-firewall-under-centos-rhel-fedora/ for instructions how to disable the firewall permanently)
  • A Jenkins RPM repository is added in /etc/yum.repos.d/jenkins.repo

IPtables and SELinux

sudo iptables –L
getenforce
Disabled

Port Listen Test

sudo netstat -tnlp | grep 8080
sudo netstat –tulpen
sudo lsof -i :8080

Run Jenkins

sudo locate jenkins.war
sudo java -jar /usr/lib/jenkins/jenkins.war

sudo ps -u jenkins
 PID TTY          TIME CMD
22623 ?        00:00:17 java

Error

WARNING: FAILED SelectChannelConnector@0.0.0.0:8080: java.net.BindException: Address already in use.
sudo netstat -tnlp | grep 8080
sudo ps -u jenkins
Check the firewall and network configuration, proxy or your antivirus etc.

Packages Installed

sudo rpm -qa | grep httpd
httpd-tools-2.2.15-29.el6_4.x86_64
httpd-2.2.15-29.el6_4.x86_64

sudo rpm -qa | grep subversion
subversion-1.6.11-9.el6_4.x86_64

sudo rpm -qa | grep java
tzdata-java-2013i-1.el6.noarch
java-1.7.0-openjdk-1.7.0.45-2.4.3.4.el6_5.x86_64

sudo rpm -qa | grep jenkins
jenkins-1.551-1.1.noarch

Ref: