Skip to main content

Posts

Showing posts from 2008

The best putty package available

Bored of Black screened Task bar filling putty? Issues with porting Saved sessions from machine to machine? Do you like tabbed SSH sessions? Start using portaputty instead of normal putty and link it with puttycm . Puttycm supports sessions to be saved in its own Database files. You can use the Putty sessions you have saved already right inside putty. You can have any number of databases which allow you to arrange Remote servers in folders and convenient namings. I personally recommend creating Database with puttycm rather than using the sessions saved in putty which doesn't offer any option to create folders and saving sessions under that directory tree. You can even save username/password to get it logged automatically and there is an option to pass commands to be run soon after login. I can't recommend this since some bug was found with these options. Portaputty is a variant of putty which stores all the Configuration data in text files instead of MS Window

screen for Remote assistance and chat

screen is a UNIX utility for giving remote assistance/administration. Suppose an unskilled colleague of your own is struggling with a server at some remote location with no idea of troubleshooting a problem. If you are able to solve that with keeping your colleague to watch how you are sorting out the issues you can use screen . First of all ask your colleague for the username which he used to login into that remote machine. Now you can login to that remote machine as the same user. Imagine username is engineer and IP of the remote machine is 192.168.1.1. Try the below # ssh engineer@192.168.1.1 Then after getting logged in run the screen command to set a session named myscreen $ screen -S myscreen Now tell your colleague to type the below for attaching his screen to your screen. $ screen -x myscreen Thats it. Now he can watch whatever you type and vice versa.

Run X11 programs after SSH and switch to another user

This issue arises when you are logging in as root and trying to launch some X11 programs after doing a switch to user oracle. One solution is to login directly as the user as which you want to run thos X11 programs. One more workaround is there.Here you can login as a different user. Thereafter run the below command xauth list | grep "`hostname`/"| grep `echo $DISPLAY | cut -f2 -d: | cut -f1 -d.` Copy the output. Then switch to second user and run xauth add as this output as an argument as below xauth add training/unix:13 MIT-MAGIC-COOKIE-1 57f03bee06be924299b0bedde6499bd1 Now run any X11 programs.

BASH script to delete older files

# BASH Script to find files having Modification time older than 7 days and to remove. # A provisional confirmation before deletiion has been included # System files starting with "." in their names are excluded from deletion # And exclusive files that are specifies in the exclusion list are prevented from being deleted #!/bin/bash DIR=/home/hari LIST=/home/hari/DELETE_LIST EXCLUSIONS=/home/hari/EXCLUSIONS # Simply the below command will do it # find $DIR -type f -mtime +7 | grep ^./ | grep -v -f $EXCLUSIONS -exec rm {} \; # But for the time being it run on a CONFIRMATION before deleting the files. #Declaration for CONFIRM() CONFIRM() { echo "Going to remove $1" echo "Do you want to Continue? -y/n" read CHOICE if [ $CHOICE = 'y' ] then rm -f $1 elif [ $CHOICE = 'n' ] then exit else echo Invalid choice exit fi } # Function FIND_FILES FIND_FILES() { cd $DIR find

Install Linux from a remote machine

This comes into picture when one Admin doesn't have physical access to a system in which Linux needs to be installed. Here we need help from one person who is having physical access to that remote machine to get it booted from bootable media and to type the command shown below command at boot prompt. Now anaconda will start to run and will pause at a particular moment showing the below message Now try to telnet to this IP from a remote machine and proceed with installation steps as usual as we do as shown below

How to disable a specific command(s) for a certain user.

Please follow the below steps to disable a specific command(s) for a certain user. # su - hari $ which rm (Here rm command as an example) $ mkdir ~/bin $ ln -s /bin/* ~/bin/ (/bin is the PATH for rm) $ rm -rf ~/bin/rm Take the output of $PATH for this user $ echo $PATH > MyPATH.txt Edit this file and replace /bin with ~/bin Login as root $ su - # cat /home/hari/MyPATH.txt >> /home/hari/.bashrc Change the permission of /home/hari/.bashrc # chmod 444 /home/hari/.bashrc # chattr +i /home/hari/.bashrc That's all. But the user can reset the PATH variable anytime to overcome this. Please comment with alternatives for this.

MySQL Compilation

# groupadd mysql # useradd -g mysql -c "MySQL Server" mysql # tar zxf mysql-5.0.45.tar.gz # cd /usr/local/src/ mysql-5.0.45 # .chown -R root.root * # ./configure \--prefix=/usr/local/mysql \--localstatedir=/usr/local/mysql/data \--disable-maintainer-mode \--with-mysqld-user=mysql \--with-unix-socket-path=/tmp/mysql.sock \--without-comment \--without-debug \ # groupadd mysql # useradd -g mysql -c "MySQL Server" mysql # tar zxf mysql-5.0.45.tar.gz # cd /usr/local/src/ mysql-5.0.45 # chown -R root.root * # ./configure \--prefix=/usr/local/mysql \--localstatedir=/usr/local/mysql/data \--disable-maintainer-mode # \--with-mysqld-user=mysql \--with-unix-socket-path=/tmp/mysql.sock \--without-comment \--without-debug \--without-bench # make && make install # ./scripts/mysql_install_db # chown -R root:mysql /usr/local/mysql # chown -R mysql:mysql /usr/local/mysql/data # cp support-files/my-medium.cnf /etc/my.cnf # chown root:sys /etc/my.cnf # chmod 644 /etc/my.cnf #

Bugzilla installation

Reference bugzilla.org Download the latest Stable Release # cd /usr/local/src # wget http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-3.0.3.tar.gz # tar xzf bugzilla-3.0.3.tar.gz # cd bugzilla-3.0.3 First,run the checksetup.pl script to check for any dependant packages that need to be installed # ./checksetup.pl --check-modules NOTE: You must run any commands listed below as root. *********************************************************************** * REQUIRED MODULES * *********************************************************************** * Bugzilla requires you to install some Perl modules which are either * * missing from your system, or the version on your system is too old. * * * * The latest versions of each module can be installed by running the * * commands below. * **************************

Log Server using Syslog-NG

Server - RHEL 5 Stop Syslog and turn it off through Run Levels # service syslog stop # chkconfig syslog off Download syslog-ng # cd /usr/local/src # wget http://www.balabit.com/downloads/files/eventlog/0.2/eventlog-0.2.5.tar.gz # tar xzf eventlog-0.2.5.tar.gz # cd eventlog-0.2.5 # ./configure --prefix=/usr/local/eventlog # make # make install # cd /usr/local/src # wget http://www.balabit.com/downloads/files/libol/0.3/libol-0.3.18.tar.gz # tar xzf libol-0.3.18.tar.gz # cd libol-0.3.18 # ./configure --prefix=/usr/local/libol # make # make install # cd /usr/local/src # wget http://www.balabit.com/downloads/files/syslog-ng/sources/2.0/src/syslog-ng-2.0.6.tar.gz # tar xzf syslog-ng-2.0.6.tar.gz # cd syslog-ng-2.0.6 # export PKG_CONFIG_PATH=/usr/local/eventlog/lib/pkgconfig # ./configure --prefix=/usr/local/syslog-ng --with-libol=/usr/local/libol/ # make # make install # cd /usr/local/syslog-ng # mkdir etc # cd etc # vi syslog-ng.conf ### Refer http://www.campin.net/syslog-ng

Log Server using Syslog

Log Server Setup Allow remote machines to Log # vi /etc/sysconfig/syslog Replaced SYSLOGD_OPTIONS="-m 0" with SYSLOGD_OPTIONS="-rm 0" Setup Log Rotation Policy # vi /etc/logrotate.conf daily # keep 7 days worth of backlogs rotate 7 # create new (empty) log files after rotating old ones create # uncomment this if you want your log files compressed compress # RPM packages drop log rotation information into this directory include /etc/logrotate.d # no packages own wtmp -- we'll rotate them here /var/log/wtmp { monthly create 0664 root utmp rotate 1 } Customize Log types and log destination # vi /etc/syslog.conf local7.* /var/log/apache_error_log local1.info /var/log/apache_access_log Restart Syslogd to take effect of the changes made # /etc/init.d/syslog restart Client Configurations 1.RHEL5 # vi /etc/syslog.conf *.* @192.168.0.111 Restart Syslog # /etc/init.d/syslog restart L

Apache SSL Certificate Creation

# cd /usr/local/apache # mkdir cert # cd cert 1. Generate your own Certificate Authority (CA) # openssl genrsa -out ca.key 4096 # openssl req -new -x509 -days 365 -key ca.key -out ca.crt 2.Generate a server key and request for signing (csr) # openssl genrsa -out server.key 4096 # openssl req -new -key server.key -out server.csr 3.Sign the certificate signing request (csr) with the self-created certificate authority (CA) that you made earlier # openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt # vi /usr/local/apache/conf/httpd.conf ServerName xxx.xxx.xxx.xxx:443 Listen xxx.xxx.xxx.xxx:443 LoadModule ssl_module modules/mod_ssl.so SSLEngine on SSLCertificateFile /usr/local/apache/cert/server.crt SSLCertificateKeyFile /usr/local/apache/cert/server.key # /usr/local/apache/bin/apachectl restart To do the same with a Passphrase follow below # cd /usr/local/apache # mkdir cert # cd cert # openssl genrsa -des3 -out ca.key 4096

Firewall Failover with CARP,PF and PFSYNC in OpenBSD 4.2 under VMWare ESX3

CARP Setup ---------- Reference http://www.openbsd.org/faq/pf/carp.html CARP Master ----------- # cat /etc/hostname.pcn1 # ifconfig carp0 create # ifconfig pcn1 up # ifconfig carp0 vhid 2 pass mysecretpassword carpdev pcn1 advbase 1 advskew 1 state master PUB.LIC.IPA.DDR netmask 255.255.255.0 broadcast PUB.LIC.IPA.DDR # echo "inet PUB.LIC.IPA.DDR 255.255.255.0 PUB.LIC.IPA.DDR vhid 2 pass mysecretpassword carpdev pcn1 advbase 1 advskew 1 state master" > /etc/hostname.carp0 Note : Enable Promiscuous Mode for Virtual Switch related with pcn1 # ifconfig carp1 create # ifconfig carp1 vhid 1 pass mysecretpassword carpdev pcn0 advbase 1 advskew 1 state master 192.168.0.254 netmask 255.255.255.0 broadcast 192.168.0.255 Note : Enable Promiscuous Mode for Virtual Switch related with pcn0 # vi /etc/pf.conf pass out on $lan_if proto carp keep state # pfctl -f /etc/pf.conf # sysctl -w net.inet.carp.allow=1 # vi /etc/sysctl.conf net.inet.carp.allow=1 # echo "in

Squid dead but subsys locked

# /etc/init.d/squid status squid dead but subsys locked # df -h # rm -rf /var/run/squid.pid # rm -rf /var/lock/subsys/squid # tail -f /var/log/messages # tail -f /var/log/squid/cache.log # /etc/init.d/squid start 2007/12/28 09:57:16| Starting Squid Cache version 2.5.STABLE6 for i386-redhat-linux-gnu... 2007/12/28 09:57:16| Process ID 26701 2007/12/28 09:57:16| With 1024 file descriptors available 2007/12/28 09:57:16| DNS Socket created at 0.0.0.0, port 33056, FD 4 2007/12/28 09:57:16| Adding nameserver 202.XX.XX.XXX from /etc/resolv.conf 2007/12/28 09:57:16| Adding nameserver 202.XX.XX.XXX from /etc/resolv.conf 2007/12/28 09:57:16| Adding nameserver 192.168.0.254 from /etc/resolv.conf 2007/12/28 09:57:16| User-Agent logging is disabled. 2007/12/28 09:57:16| Referer logging is disabled. 2007/12/28 09:57:16| Unlinkd pipe opened on FD 9 2007/12/28 09:57:16| Swap maxSize 102400 KB, estimated 7876 objects 2007/12/28 09:57:16| Target number of buckets: 393 2007/12/28 09:57:16| Using 8192

Multiple Network connectivity issue in OpenBSD within VMWware

Only the first NIC of each Virtual machine will work .None of the rest won't. So added a Virtual Network Resource for that Virtual machine in VMWare Control Panel But it didn't work this time.Only the first NIC will work So logged into the VMWare Virtual Console and checked the Virtual Switches and VLAN Settings It was clear that there is a Virtual Switch named "vSwitch0" And this switch contains only one NIC as its member which is "vmnic0" in our case. So I decided to add the second NIC "vmnic3" to this switch. I tried # esxcfg-vswitch -L vmnic3 vSwitch0 But it created problems. After this I was unable to access the Local Network,ie the the network connected through the "vmnic0" So I removed it from the switch and added to the same switch specifying the Portgroup also # esxcfg-vswitch -U vmnic3 vSwitch0 # esxcfg-vswitch -p VM\ Network -L vmnic3 vSwitch0 But didn't work So remo

Auto Responder plugin in SquirrelMail

1.Download the compatibility plugin and Local Auto Responder plugin from http://squirrelmail.org 2.Extract it to the Squirrelmail - plugins directory # pwd /var/www/html/squirrelmail/plugins # tar xzf compatibility-2.0.9-1.0.tar.gz # cd compatibility 3.Patch it to your squirrelmail version # patch -p0 < patches/compatibility_patch-1.4.11.diff patching file ../../functions/strings.php 4.Configure the Squirrelmail to include the plugin # cd ../../config # ./conf.pl 5.Extract Local Auto Responder Plugin # cd ../plugins/ # tar xzf local_autorespond_forward-3.0-1.4.0.tar.gz # cd local_autorespond_forward 6.Compile suid_backend module # cd suid_backend/ # ./configure --enable-webuser=nobody Here my Apache is running as user "nobody".That user should have the permission to play with the directories under this. # make # make install 7.Copy the sample config.php # cd .. # cp config.sample.php config.php 8.Edit the config.php to use &q