Showing posts with label linux. Show all posts
Showing posts with label linux. Show all posts

Thursday, May 8, 2014

How To Install PhpMyAdmin On CentOS 6

It's very easy, just follow the steps:

1. Download the epel repo :

cd /tmp
wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

2. Install the epel repo :

cd /tmp
rpm -ivh epel-release-6-8.noarch.rpm

3. install phpmyadmin using yum :

yum install phpmyadmin

=======================================================
 Package               Arch         Version                 Repository     Size
=======================================================
Installing:
 phpMyAdmin            noarch       3.5.8.2-1.el6           epel          4.3 M

Installing for dependencies:
 libmcrypt             x86_64       2.5.8-9.el6             epel           96 k
 php-gd                x86_64       5.3.3-27.el6_5          updates       107 k
 php-mbstring          x86_64       5.3.3-27.el6_5          updates       455 k
 php-mcrypt            x86_64       5.3.3-3.el6             epel           19 k
 php-php-gettext       noarch       1.0.11-3.el6            epel           21 k
4. Config phpmyadmin, we change the Apache configuration so that phpMyAdmin allows connections not just from localhost (add or just replace):

vi /etc/httpd/conf.d/phpmyadmin.conf

<Directory /usr/share/phpMyAdmin/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
       Require ip ::1
       Require ip 192.168.0.6
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
     Allow from 192.168.0.6
   </IfModule>
</Directory>
 
5. Restart httpd service.

Now test from your browser!
Posted by at
Labels: , , , ,

Friday, April 20, 2012

SAN Storage : How To Remove LUN

I did this on SLES11, but i think it can be applied on other distro also.

1. Unmap the LUN from the SAN controller.
2. To list down the current mapped LUN : multipath -ll

360050768028082bde800000000000008 dm-2 IBM,2145
size=70G features='1 queue_if_no_path' hwhandler='0' wp=rw
|-+- policy='round-robin 0' prio=0 status=active
| |- 1:0:0:1 sdc 8:32 failed faulty running
| `- 2:0:0:1 sdg 8:96 failed faulty running
`-+- policy='round-robin 0' prio=0 status=enabled
|- 1:0:1:1 sde 8:64 failed faulty running
`- 2:0:1:1 sdi 8:128 failed faulty running

3. multipath -f (LUN Id)
regdb02:~ # multipath -f 360050768028082bde800000000000008

4. clean up the scsi device record :

regdb02:~ # echo "1" > /sys/class/scsi_device/1\:0\:0\:1/device/delete
regdb02:~ # echo "1" > /sys/class/scsi_device/2\:0\:0\:1/device/delete
regdb02:~ # echo "1" > /sys/class/scsi_device/1\:0\:1\:1/device/delete
regdb02:~ # echo "1" > /sys/class/scsi_device/2\:0\:1\:1/device/delete

5. list down back the mapped LUN :

regdb02:~ # multipath -ll
regdb02:~

* empty already

5. rescan the bus

regdb02:~ # cd /usr/bin/
regdb02:/usr/bin # ./rescan-scsi-bus.sh

Done

Posted by at No comments:
Labels: , , , , ,

NTPD Error : Cannot update the dynamic configuration policy.

If you face this error during configuring ntpd server, here is the simple steps :

1. cat /etc/resolv.conf.netconfig
2. edit the /etc/resolv.conf and make it same with /etc/resolv.conf.netconfig
3. retry the ntpd configuration
4. change back /etc/resolv.conf to the old

We can trace the error when tailf /var/log/messages.

Thanks
Posted by at No comments:
Labels: , , , ,

How To Recover Lost Root Passwd on Linux Server (Using Rescue cd)

Situation

Lost or forgot the root password on Linux server

Resolution

  1. Boot server from the installation CD.
  2. Then select any installation method or Rescue System.
  3. At the first installation screen when selecting language, press ctrl-alt-f2 to open a virtual console.

    Note: If you selected Rescue System, select your keyboard language and then a Rescue Login prompt should appear. Login as root.

  4. Type
    fdisk -l
    to list the partitions. Locate the Linux root partition.
  5. Type
    mount /dev/sda4 /mnt
    (replace sda4 with the device name for the Linux root partition identified in the previous step).
  6. Run
    mount -o bind /dev /mnt/dev
    to make the device files available (this is needed for access to the urandom device which may be used by thepasswd command below).
  7. Enter
    chroot /mnt
  8. Now enter
    passwd root
    and reset the root password.
  9. Type
    exit
    to leave the chroot environment.
  10. Reboot the system.
Posted by at No comments:
Labels: , , , , ,

Friday, September 9, 2011

How to Configure Sudo And Adding Users To Wheel Group

Configuring sudo and adding users to Wheel group

Posted by Nikesh Jauhari
If a server needs to be administered by a number of people it is normally not a good idea for them all to use the root account. This is because it becomes difficult to determine exactly who did what, when and where if everyone logs in with the same credentials. The sudo utility was designed to overcome this difficulty.

With sudo (which stands for "superuser do"), you can delegate a limited set of administrative responsibilities to other users, who are strictly limited to the commands you allow them. sudo creates a thorough audit trail, so everything users do gets logged; if users somehow manage to do something they shouldn't have, you'll be able to detect it and apply the needed fixes. You can even configure sudo centrally, so its permissions apply to several hosts.

The privileged command you want to run must first begin with the word sudo followed by the command's regular syntax. When running the command with the sudo prefix, you will be prompted for your regular password before it is executed. You may run other privileged commands using sudo within a five-minute period without being re-prompted for a password. All commands run as sudo are logged in the log file /var/log/messages.


The sudo configuration file is /etc/sudoers. We should never edit this file manually. Instead, use the visudo command: # visudo

This protects from conflicts (when two admins edit this file at the same time) and guarantees that the right syntax is used (the permission bits are correct). The program uses Vi text editor.

All Access to Specific Users
You can grant users bob and bunny full access to all privileged commands, with this sudoers entry.
user1, user2 ALL=(ALL) ALL
This is generally not a good idea because this allows user1 and user2 to use the su command to grant themselves permanent root privileges thereby bypassing the command logging features of sudo.

Access To Specific Users To Specific Files
This entry allows user1 and all the members of the group operator to gain access to all the program files in the /sbin and /usr/sbin directories, plus the privilege of running the command /usr/apps/check.pl.
user1, %operator ALL= /sbin/, /usr/sbin, /usr/apps/check.pl

Access to Specific Files as Another User
user1 ALL=(accounts) /bin/kill, /usr/bin/kill, /usr/bin/pkill

Access Without Needing Passwords
This example allows all users in the group operator to execute all the commands in the /sbin directory without the need for entering a password.
%operator ALL= NOPASSWD: /sbin/

Adding users to the wheel group
The wheel group is a legacy from UNIX. When a server had to be maintained at a higher level than the day-to-day system administrator, root rights were often required. The 'wheel' group was used to create a pool of user accounts that were allowed to get that level of access to the server. If you weren't in the 'wheel' group, you were denied access to root.

Edit the configuration file (/etc/sudoers) with visudo and change these lines:
# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL

To this (as recommended):

# Uncomment to allow people in group wheel to run all commands
%wheel ALL=(ALL) ALL

This will allow anyone in the wheel group to execute commands using sudo (rather than having to add each person one by one).

Now finally use the following command to add any user (e.g- user1) to Wheel group
# usermod -G10 user1
Posted by at No comments:
Labels: , , , , ,

How To SCP Between Servers Without Passwd Authentication

First of all, we need to generate rsa private key and public key for the source server (vice versa).

ssh-keygen -t rsa

then just hit enter until 2 files is generated in /root/.ssh/ :

1. id_rsa
2. id_rsa.pub

then copy the value of id_rsa.pub into /root/.ssh/authorized_keys in any related servers

after that u can scp to the targeted server without passwd authentication :

1. to get file :

scp root@192.168.2.1:/opt/example /opt

2. to get directory and its content :

scp - r root@192.168.2.1:/opt/example /opt

3. to send file :

scp /root/example root@192.168.2.1:/root

4. to send directory and its content :

scp -r /root/example root@192.168.2.1:/root
Posted by at No comments:
Labels: , , ,

Tuesday, September 6, 2011

How To List 10 Biggest Directory

How to list 10 biggest directories in whole system or such directory? These 2 commands can be used,either one :


1. du -x --block-size=1024K | sort -nr | head -10

2. du -a / | sort -n -r | head -n 10
Posted by at No comments:
Labels: , ,

Monday, August 29, 2011

How To Install Nagios NRPE Plugin

Concepts of Installation :

1. Download the source file for Nagios plugin + nrpe plugin on host and client.
2. Install the source files.
4. Add client to the host.
3. Config the sensor on host and client.

1. Installation on Client

1.1 Nagios Plugin

Download the source code tarball of the Nagios plugins (visit http://www.nagios.org/download/ for links to the latest versions).

At the time of writing, the latest stable version of the Nagios plugins was 1.4.6.

wget http://osdn.dl.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.6.tar.gz

Extract the Nagios plugins source code tarball.

tar xzf nagios-plugins-1.4.6.tar.gz

cd nagios-plugins-1.4.6

Compile and install the plugins.

./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install

The permissions on the plugin directory and the plugins will need to be fixed at this point, so run the following commands.

chown nagios.nagios /usr/local/nagios
chown -R nagios.nagios /usr/local/nagios/libexec

1.2 NRPE Plugin

Download the source code tarball of the NRPE addon (visit http://www.nagios.org/download/ for links to the latest versions).

** At the time of writing, the latest version of NRPE was 2.8.

wget http://osdn.dl.sourceforge.net/sourceforge/nagios/nrpe-2.8.tar.gz

Extract the NRPE source code tarball.

tar xzf nrpe-2.8.tar.gz

cd nrpe-2.8

Compile the NRPE addon.

./configure
make all

** Install the NRPE plugin (for testing), daemon, and sample daemon config file.

make install-plugin
make install-daemon
make install-daemon-config

Install the NRPE daemon as a service under xinetd.

make install-xinetd

Edit the /etc/xinetd.d/nrpe file and add the IP address of the monitoring server to the only_from directive.

** only_from = 127.0.0.1

Add the following entry for the NRPE daemon to the /etc/services file.

nrpe 5666/tcp # NRPE

Restart the xinetd service.

service xinetd restart

Test the NRPE daemon locally :

** Its time to see if things are working properly...
** Make sure the nrpe daemon is running under xinetd.

netstat -at | grep nrpe

The output out this command should show something like this:

tcp 0 0 *:nrpe *:* LISTEN

** If it does, great! If it doesn't, make sure of the following:

- You added the nrpe entry to your /etc/services file
- The only_from directive in the /etc/xinetd.d/nrpe file contains an entry for "127.0.0.1"
- xinetd is installed and started
- Check the system log files for references about xinetd or nrpe and fix any problems that are reported

** Next, check to make sure the NRPE daemon is functioning properly. To do this, run the check_nrpe plugin that was installed for testing purposes.

/usr/local/nagios/libexec/check_nrpe -H localhost

** You should get a string back that tells you what version of NRPE is installed, like this:

NRPE v2.8

Open firewall rules :

Make sure that the local firewall on the machine will allow the NRPE daemon to be accessed from remote servers.

To do this, run the following iptables command :

** Note that the RH-Firewall-1-INPUT chain name is Fedora specific, so it will be different on other Linux distributions.

iptables -I RH-Firewall-1-INPUT -p tcp -m tcp –dport 5666 -j ACCEPT

Save the new iptables rule so it will survive machine reboots.

service iptables save

Customize NRPE Plugin :

vi /usr/local/nagios/etc/nrpe.cfg

The commands should be synchronized with Nagios host configuration for client.


Posted by at No comments:
Labels: , , , ,

How To Clear SSH Session On Linux

If you found that there are too many idle users in your servers and you want to kill them? You can do that by this simple command :

kill -9 `ps aux|grep sshd|awk '{print $2}'`

This command will simply kill all the process based on "process id" on run by all "sshd connections".
Posted by at No comments:
Labels: , ,

Wednesday, June 1, 2011

How To Install PhpMyAdmin On CentOS

CentOS 5.5 version :

1. import key :

rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt

2. install rpm :

cd /tmp
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.i386.rpm ( https://rpmrepo.org/RPMforge/Using )
rpm -ivh rpmforge-release-0.5.1-1.el5.rf.i386.rpm

3. install phpmyadmin using yum :

yum install phpmyadmin

4. config phpmyadmin :

4.1 Now we configure phpMyAdmin. We change the Apache configuration so that phpMyAdmin allows connections not just from localhost (by commenting out the stanza):

vi /etc/httpd/conf.d/phpmyadmin.conf


# Web application to manage MySQL
#
#
# Order Deny,Allow
# Deny from all
# Allow from 127.0.0.1
#
Alias /phpmyadmin /usr/share/phpmyadmin
Alias /phpMyAdmin /usr/share/phpmyadmin
Alias /mysqladmin /usr/share/phpmyadmin

4.2 Next we change the authentication in phpMyAdmin from cookie to http:

vi /usr/share/phpmyadmin/config.inc.php

[...]
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'http';
[...]

5. restart apache

========================================================================================================================

Additional case :

1. Error : The configuration file now needs a secret passphrase (blowfish_secret)

To fix:

nano /usr/share/phpmyadmin/conf.inc.php

Look for a line and enter any password. Just dont leave it empty!

$cfg['blowfish_secret'] = 'mydemopass'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

Posted by at No comments:
Labels: , , , ,

Cannot Umount /tmp : Drive Is Busy

umount: /tmp: device is busy + Resolved

Guys,

Just check who is accessing the device. Here are the commands to check who are using it.

=======
lsof |grep /tmp
=======

You'll get the process ID and kill the processes like kill -9 PID. Here is an example(Second column is PID) :

=======
root@server [~]# lsof |grep /tmp
mysqld 2579 mysql 4u REG 7,0 0 6098 /tmp/ibZGlGm2 (deleted)
mysqld 2579 mysql 5u REG 7,0 68 6100 /tmp/ibgWnlrp (deleted)
mysqld 2579 mysql 6u REG 7,0 0 6101 /tmp/ib7XB0vM (deleted)
mysqld 2579 mysql 7u REG 7,0 0 6102 /tmp/ibQx1jB9 (deleted)
mysqld 2579 mysql 11u REG 7,0 0 6103 /tmp/ibBSaB7w (deleted)
=======

Then retry to umount the device like : umount /tmp_device_name //You'll get device from /etc/fstab. This file contains the mounting file system table information after system reboot and /etc/mtab holds the current mounted table information.

=======
fuser -m /dev/sda3 //You can also get the PID from here also. But note that deleting all the PID related to this device may cause the problem on the system and you may need to restart the machine.
=======

That's it. Try :)
Posted by at No comments:
Labels: , , , , ,

How To Clear /tmp For Over Period Of Time

You may need to use a command called tmpwatch which removes files which haven’t been accessed for a period of time. Normally, it’s used to clean up directories which are used for temporary holding space such as /tmp.

Following code will remove all files/dirs from /tmp if they are not accessed in last 2 weeks (24 * 14 days = 336)

Code:
tmpwatch --mtime --all 336 /tmp

You can also add this command to the crontab.
Posted by at No comments:
Labels: , , , , ,

Common SSH Commands - Linux Shell Commands

Common SSH Commands - Linux Shell Commands :

ls : list files/directories in a directory, comparable to dir in windows/dos.
ls -al : shows all files (including ones that start with a period), directories, and details attributes for each file.

cd : change directory · · cd /usr/local/apache : go to /usr/local/apache/ directory
cd ~ : go to your home directory
cd - : go to the last directory you were in
cd .. : go up a directory cat : print file contents to the screen

cat filename.txt : cat the contents of filename.txt to your screen

chmod: changes file access permissions
The set of 3 go in this order from left to right:
USER - GROUP - EVERONE

0 = --- No permission
1 = --X Execute only
2 = -W- Write only
3 = -WX Write and execute
4 = R-- Read only
5 = R-X Read and execute
6 = RW- Read and write
7 = RWX Read, write and execute

Usage:
chmod numberpermissions filename

chmod 000 : No one can access
chmod 644: Usually for HTML pages
chmod 755: Usually for CGI scripts


chown: changes file ownership permissions
The set of 2 go in this order from left to right:
USER - GROUP

chown root myfile.txt : Changes the owner of the file to root
chown root.root myfile.txt : Changes the owner and group of the file to root


tail : like cat, but only reads the end of the file
tail /var/log/messages : see the last 20 (by default) lines of /var/log/messages
tail -f /var/log/messages : watch the file continuously, while it's being updated
tail -200 /var/log/messages : print the last 200 lines of the file to the screen

more : like cat, but opens the file one screen at a time rather than all at once
more /etc/userdomains : browse through the userdomains file. hit Spaceto go to the next page, q to quit

pico : friendly, easy to use file editor
pico /home/burst/public_html/index.html : edit the index page for the user's website.


File Editing with VI ssh commands
vi : another editor, tons of features, harder to use at first than pico
vi /home/burst/public_html/index.html : edit the index page for the user's website.
Whie in the vi program you can use the following useful commands, you will need to hit SHIFT + : to go into command mode

:q! : This force quits the file without saving and exits vi
:w : This writes the file to disk, saves it
:wq : This saves the file to disk and exists vi
:LINENUMBER : EG :25 : Takes you to line 25 within the file
:$ : Takes you to the last line of the file
:0 : Takes you to the first line of the file

grep : looks for patterns in files
grep root /etc/passwd : shows all matches of root in /etc/passwd
grep -v root /etc/passwd : shows all lines that do not match root

ln : create's "links" between files and directories
ln -s /usr/local/apache/conf/httpd.conf /etc/httpd.conf : Now you can edit /etc/httpd.conf rather than the original. changes will affect the orginal, however you can delete the link and it will not delete the original.


last : shows who logged in and when
last -20 : shows only the last 20 logins
last -20 -a : shows last 20 logins, with the hostname in the last field

w : shows who is currently logged in and where they are logged in from.
who : This also shows who is on the server in an shell.

netstat : shows all current network connections.
netstat -an : shows all connections to the server, the source and destination ips and ports.
netstat -rn : shows routing table for all ips bound to the server.

top : shows live system processes in a nice table, memory information, uptime and other useful info. This is excellent for managing your system processes, resources and ensure everything is working fine and your server isn't bogged down.
top then type Shift + M to sort by memory usage or Shift + P to sort by CPU usage

ps: ps is short for process status, which is similar to the top command. It's used to show currently running processes and their PID.
A process ID is a unique number that identifies a process, with that you can kill or terminate a running program on your server (see kill command).
ps U username : shows processes for a certain user
ps aux : shows all system processes
ps aux --forest : shows all system processes like the above but organizes in a hierarchy that's very useful!

touch : create an empty file
touch /home/burst/public_html/404.html : create an empty file called 404.html in the directory /home/burst/public_html/

file : attempts to guess what type of file a file is by looking at it's content.
file * : prints out a list of all files/directories in a directory

du : shows disk usage.
du -sh : shows a summary, in human-readble form, of total disk space used in the current directory, including subdirectories.
du -sh * : same thing, but for each file and directory. helpful when finding large files taking up space.

wc : word count
wc -l filename.txt : tells how many lines are in filename.txt

cp : copy a file
cp filename filename.backup : copies filename to filename.backup
cp -a /home/burst/new_design/* /home/burst/public_html/ : copies all files, retaining permissions form one directory to another.
cp -av * ../newdir : Copies all files and directories recurrsively in the current directory INTO newdir

mv : Move a file command
mv oldfilename newfilename : Move a file or directory from oldfilename to newfilename

rm : delete a file
rm filename.txt : deletes filename.txt, will more than likely ask if you really want to delete it
rm -f filename.txt : deletes filename.txt, will not ask for confirmation before deleting.
rm -rf tmp/ : recursively deletes the directory tmp, and all files in it, including subdirectories. BE VERY CAREFULL WITH THIS COMMAND!!!

TAR: Creating and Extracting .tar.gz and .tar files
tar -zxvf file.tar.gz : Extracts the file
tar -xvf file.tar : Extracts the file
tar -cf archive.tar contents/ : Takes everything from contents/ and puts it into archive.tar
gzip -d filename.gz : Decompress the file, extract it

ZIP Files: Extracting .zip files shell command
unzip file.zip


Firewall - iptables commands
iptables -I INPUT -s IPADDRESSHERE -j DROP : This command stops any connections from the IP address
iptables -L : List all rules in iptables
iptables -F : Flushes all iptables rules (clears the firewall)
iptables --save : Saves the currenty ruleset in memory to disk
service iptables restart : Restarts iptables

Apache Shell Commands
httpd -v : Outputs the build date and version of the Apache server.
httpd -l : Lists compiled in Apache modules
httpd status : Only works if mod_status is enabled and shows a page of active connections
service httpd restart : Restarted Apache web server

MySQL Shell Commands
mysqladmin processlist : Shows active mysql connections and queries
mysqladmin drop databasenamehere : Drops/deletes the selected database
mysqladmin create databasenamehere : Creates a mysql database

Restore MySQL Database Shell Command
mysql -u username -p password databasename < databasefile.sql : Restores a MySQL database from databasefile.sql

Backup MySQL Database Shell Command
mysqldump -u username -p password databasename > databasefile.sql : Backup MySQL database to databasefile.sql




kill: terminate a system process
kill -9 PID EG: kill -9 431
kill PID EG: kill 10550
Use top or ps ux to get system PIDs (Process IDs)

EG:
PID TTY TIME COMMAND
10550 pts/3 0:01 /bin/csh
10574 pts/4 0:02 /bin/csh
10590 pts/4 0:09 APP
Each line represents one process, with a process being loosely defined as a running instance of a program. The column headed PID (process ID) shows the assigned process numbers of the processes. The heading COMMAND shows the location of the executed process.

Putting commands together
Often you will find you need to use different commands on the same line. Here are some examples. Note that the | character is called a pipe, it takes date from one program and pipes it to another.
> means create a new file, overwriting any content already there.
>> means tp append data to a file, creating a newone if it doesn not already exist.
< send input from a file back into a command.

grep User /usr/local/apache/conf/httpd.conf |more
This will dump all lines that match User from the httpd.conf, then print the results to your screen one page at a time.

last -a > /root/lastlogins.tmp
This will print all the current login history to a file called lastlogins.tmp in /root/

tail -10000 /var/log/exim_mainlog |grep domain.com |more
This will grab the last 10,000 lines from /var/log/exim_mainlog, find all occurances of domain.com (the period represents 'anything',
-- comment it out with a so it will be interpretted literally), then send it to your screen page by page.

netstat -an |grep :80 |wc -l
Show how many active connections there are to apache (httpd runs on port 80)

mysqladmin processlist |wc -l
Show how many current open connections there are to mysql
Posted by at No comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)