Saturday, 28 February 2009

Some simple Tricks

1. Create a Directory with different permission-: 

when we need a directory with specific permission , we created directory 
using the mkdir command then set the permission using chmod command.Define 
the access permission while creating the directory &  set permission. 
try to following command-: 
# mkdir /test -v -m 700 
where we used the -m option for define the permission,we need to set. Option 
v use for verbose mode. 

now check the directory permission. 
# ls -ld /test 

2. Take Hardware information on live server -:  Do you know Ram, Bious
Motherboard,processor,cache , slot status information form live server. We 
can use following command. 
# dmidecode --type bious 
# dmidecode --type processor 
# dmidecode --type memory

Thursday, 26 February 2009

Basic Samba Configuration step by step

We are trying to share knowledge about a samba by example.

we are going to create a directory path /home/data/sales.set the ownership and permission on the drectory such that people in the sales group can add/delete file but other can not.
first create a directory & set group & permission.
$ mkdir -p /home/data/sales
$ chgrp sales /home/data/sales
$ chmod 770 /home/data/sales
$ chmod g+s /home/data/sales note-: we have set special permission for group can add/delete file other can not.

# yum install samba*

open smb.conf file & add some line.

[sales]
comment = sales 's file
path = /home/data/sales
public = no
write list = @sales
: writable = yes

save & exit file.
$ /etc/init.d/smb restart

make a samba users & set smbpasswd-
$ smbpasswd -a user1

Selinux- if your selinux is inforce mode then you will need to allow selinux policy
$ getsebool -a | grep sam
$ setsebool -P samba_enable_home_dirs on

Iptables- if your pc firewall is enable then you will need set rules for allow.
$ iptables -I INPUT -s 192.168.10.0/24 -p tcp --dport 137:139 -J ACCEPT
$ iptables -I INPUT -s 192.168.10.0/24 -p tcp --dport 445 -J ACCEPT
$ iptables -I INPUT -s 192.168.10.0/24 -p udp --dport 137:139 -J ACCEPT
$ iptables -I INPUT -s 192.168.10.0/24 -p udp --dport 445 -J ACCEPT
$ /etc/init.d/iptables save
$ /etc/init.d/iptables restart
$ /etc/init.d/smb restart

Client side-
$ smbclient //servername/sales -U user1

if you want to permantly mount when system boot. you should be make fstab entry
add some line in fstab file.

$ vim /etc/fstab
//192.168.100.10/sales /mnt cifs username=user1,passwd=matix 0 0
save this file
$ umount -a
$ mount -a
$ df -kh (for check mount enrty)

Monday, 23 February 2009

CHKCONFIG on Ubuntu

If you want to use chkconfig command on ubantu. you can use following process..

$ apt-get install libnewt0.52

$ ln -s /usr/lib/libnewt.so.0.52 /usr/lib/libnewt.so.0.50

$ wget http://www.tuxx-home.at/projects/chkconfig-for-debian/chkconfig_1.2.24d-1_i386.deb

$ dpkg --force-all -i chkconfig_1.2.24d-1_i386.deb

chkconfig --list

Sunday, 22 February 2009

Nis Server Configuration for RHEL-5

Server side-: Install following package.
# yum install Ypserv
# yum install Ypbind
# yum install tools

# chkconfig ypserv on

# chkconfig yppasswdd on

# chkconfig ypxfrd on

# /etc/init.d /portmap restart

# chkconfig portmap on

Open file vim /etc/sysconfig/network

make this entry in file.


NISDOMAIN= ABC    "abc is a domian name"

save & exit file.

# service ypserv restart

# service yppasswd start

Make new user

adduser "username"

passwd "enter password"

enter new password “typpe new password”

retype new password “retype new password”

*remote home directory-:

# mkdir /abc

#chmod 777 /abc


#creaton of the user #

useradd -d /abc/test1 test1

passwd test1

useradd -d /abc/test2 test2

passwd test2

* type following command-:

# /usr/lib/yp/ypinit -m

 It will ask u next host to add#

Press CTR+D#

you will get below message #

The current list of NIS servers looks like this:

linux1.abc.com

Is this correct? [y/n: y]

#

#Press Y#




# Install nfs service#

chkconfig nfs on

chkconfig portmap on

chkconfig nfslock on



vim /etc/exports

 make the foolowing entry to share abc folder


/abc    *.192.168.10.0/24(rw,sync)


vim /etc/sysconfig/nfs

#make following entries in this file#

MOUNTD_PORT="4002"

STATD_PORT="4003"

LOCKD_TCPORT="4004"

LOCKD_UDPPORT="4004"

/etc/init.d/nfs restart

/etc/init.d/nfslock restart

/etc/init.d/portmap restart

exportfs -avf

show the exported folder

Client Side-:

now configure auto.misc and auto.master on client machine

make following entry in auto.misc

* -rw,soft,intr serveripaddress:/abc/&

make following entry in auto.master

/testhome etc/auto.misc

/etc/init.d/autofs restart

now run authconfig-tui

select nis domain

put ABC in domain fiels

server's ipaddress in server field

now login with user test1 from client machine in cmd prompt




Enjoy.........





Saturday, 21 February 2009

Squid Installation & Configuration

Server Configuration

  • Step #1 : Squid configuration so that it will act as a transparent proxy
  • Step #2 : Iptables configuration
    • a) Configure system as router
    • b) Forward all http requests to 3128 (DNAT

# yum install squid*

First, Squid server installed (use up2date squid) and configured by adding following directives to file:
# vi /etc/squid/squid.conf

Modify or add following squid directives:

http_port 3128
list of networks from where browsing should be allowed.uncommnet this 2 line & define spacified network.acl our_networks src 192.168.0.0/24     http_access allow our_networks  

If you want to block perticular website then you can set follwoing below process.but this line should be add in first of above 2 line, then it will be affected For a example we are ging to block orkut.com.

acl blocksite dstdomain .orkut.com

http_access deny blocksite


save & exit file.

Iptables configuration

Next, I had added following rules to forward all http requests (coming to port 80) to the Squid server port 3128 :
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.0.0:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -I INPUT -s 192.168.0.0/24 -p tcp --dport 3128 -j ACCEPTiptables -I INPUT -s 192.168.0.0/24 -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -s 192.168.0.0/24 -p udp --dport 3128 -j ACCEPT
iptables -I INPUT -s 192.168.0.0/24 -p udp --dport 80 -j ACCEPT
# /etc/init.d/iptables save# /etc/init.d/iptables restartStart or Restart the squid:

# /etc/init.d/squid restart

# chkconfig squid on

Friday, 20 February 2009

NFS Installation & configuration in fedora & RHEL-5

Server Side-
set repository ( if you are using RHEL-5)

# yum install nfs*
# yum install nfslock
# yum install portmap*

now restart all services
# /etc/init.d/nfs restart
# /etc/init.d/portmap restart
# /etc/init.d/nfslock restart

# chkconfig nfs on
# chkconfig portmap on

Make directory for share in network.
# mkdir /data
give permission as per your user management.
# chmod -R 777 /data (full permission)
Open /etc/exportfs file & edit this file.

# vim /etc/exportfs
/data *. 192.168.10.0/24(rw,sync)


file save in exit.

ro: The directory is shared read only; the client machine will not be able to write it. This is the default.
rw: The client machine will have read and write access to the directory.
sync: By default, all but the most recent version (version 1.11) of the exportfs command will use async behaviour.

# /etc/init.d/iptables start
open vim /etc/sysconfig/nfs & add following line for set port for nfs in iptables running mode.
MOUNTD_PORT="4002"
STATD_PORT="4003"
LOCKD_TCPPORT="4004"
LOCKD_UDPPORT="4004"

save & exit file.
# iptables -I INPUT -s 192.168.10.0/24 -p tcp --dport 111 -j ACCEPT
# iptables -I INPUT -s 192.168.10.0/24 -p tcp --dport 2049 -j ACCEPT
# iptables -I INPUT -s 192.168.10.0/24 -p tcp --dport 4002 -j ACCEPT
# iptables -I INPUT -s 192.168.10.0/24 -p tcp --dport 4003 -j ACCEPT
# iptables -I INPUT -s 192.168.10.0/24 -p tcp --dport 4004-j ACCEPT
# iptables -I INPUT -s 192.168.10.0/24 -p udp --dport 111 -j ACCEPT
# iptables -I INPUT -s 192.168.10.0/24 -p udp --dport 4002 -j ACCEPT
# iptables -I INPUT -s 192.168.10.0/24 -p udp --dport 4003 -j ACCEPT
# iptables -I INPUT -s 192.168.10.0/24 -p udp --dport 4004 -j ACCEPT
# iptables -I INPUT -s 192.168.10.0/24 -p udp --dport 2049 -j ACCEPT

# /etc/init.d/iptables save
# /etc/init.d/iptables restart
# /etc/init.d/nfs/restart
# showmount -e 192.168.10.10
It will be display share directory.
(note 192.168.100.10 - nfs configuration server ip )

Client Side-:
start portmap or nfs services.
/etc/init.d/nfs/restart
/etc/init.d/portmap restart

Mount nfs share directory temparly
mount -t nfs 192.168.10.10:/data /mnt

if you want to mount permanatly then open file vim /etc/fstab file & add this line.

# vim /etc/fstab

192.168.10.10:/data /mnt nfs defaults 0 0

Then file save & exit

# umount -a
# mount -a
# df -kh
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 73G 5.9G 63G 9% /
tmpfs 248M 124K 248M 1% /dev/shm
gvfs-fuse-daemon 73G 5.9G 63G 9% /root/.gvfs
192.168.10.10:/data
97G 77G 21G 80% /mnt
Enjoy...........................

Wednesday, 18 February 2009

Import & Export Mail from Outlook express/Microsoft outlook to Thunderbord

Microsoft Outlook Express

These instructions are intended for users of Microsoft Outlook Express 6. If you are a user of a different version ofOutlook Express

Exporting the address book

  1. Open Outlook Express and press File → Export → Address Book...

  2. The Address Book Export Tool will start. Select the option Text File (Comma Separated Values) and then pressExport.

  3. Save the file in a memorable location. Give the file a descriptive name, such as mail_address_book.csv, and pressNext.

  4. Select the details from the address book which you would like to export. If you are unsure, tick all of the options. Then, press Finish.

  5. You should receive a message stating that the Address book export process has completed. Press OK and thenClose. Your address book should now have been exported successfully.

Exporting mail messages from Outlook Express

Because Microsoft Outlook Express is unable to export its mail messages to an intermediate format, you must install another piece of software in order to export your email.

Microsoft Office Outlook

These instructions are intended for users of Microsoft Office Outlook 2003. If you are a user of a different version ofOutlook, you may find instructions specific to that version on the wiki.

Exporting all Outlook data

[Caution]

This method may be unreliable and should be used for backup purposes only.

  1. Open Outlook and press Tools → Options...

  2. Select the Mail Setup tab and press Data Files...

  3. A screen called Outlook Data Files will be displayed. Select the first file in the list, make a note of its name, and pressOpen Folder...

  4. A folder will open. Find the file you just selected. If you have difficultly finding the file, it should be of type Office Data File or have the file extension .pst.

  5. Copy the file into the location you are using to store your exported settings.

  6. Repeat this process for all of the files which were listed on the Outlook Data Files screen.

Exporting your contacts

  1. Open Outlook and press File → Import and Export...

  2. The Import and Export Wizard will start. Select the option Export to a file and then press Next.

  3. Select Comma Separated Values (DOS) and press Next

  4. Select the Contacts folder and press Next. Then, choose where to save the file and press Next.

  5. A screen listing Actions to be performed will be shown. Press Finish to export your contacts to the location you selected in the previous step.

Exporting mail messages

Because Microsoft Outlook is unable to fully export its mail messages to a usable intermediate format, you must install another piece of software in order to export your email.

Preparing email for export using Mozilla Thunderbird

Because some mail clients (such as Microsoft Outlook and Microsoft Outlook Express) do not store their mail messages in a standard format, an additional piece of software must be used to convert the mail before export. Mozilla Thunderbird is a free, open-source application which is able to do this.

The following instructions explain how to obtain Thunderbird and then use it to prepare mail messages for export:

  1. Open a web browser and navigate to the Mozilla Thunderbird website. Follow the link to download Mozilla Thunderbird.

  2. Once the download has completed, run the installer package. Follow the instructions to install Thunderbird.

  3. Once the installer has completed, start Mozilla Thunderbird. You should be greeted with the Import Wizard. Follow the instructions to import all settings - this should import your mail and some other data.

  4. If the Import Wizard does not appear, press Tools → Import... and choose the Mail option. Follow the instructions to import your mail.

Exporting email messages from Mozilla Thunderbird

These instructions are intended for users of Mozilla Thunderbird and users of Outlook and Outlook Express who imported their mail into Thunderbird (see the section called “Preparing email for export using Mozilla Thunderbird”).

  1. Press Start → Run, type %AppData%\Thunderbird\Profiles\ into the box provided, and then press OK. A folder will open.

  2. In the newly-opened folder, you should find another folder with a name made up mostly of random characters, for example fyhsxlr3.default. Open this folder.

  3. In this folder, locate a folder named Mail or ImapMail. Select this folder and copy it to a safe location.

  4. When you switch to Ubuntu, make a back-up copy of the folder you just made a copy of. This folder contains all of your mail folders from Thunderbird, in the mbox format.

Basic installation for phpmyadmin in ubuntu

*Basic installation for phpmyadmin in ubuntu-:

$ apt-get install apache2 

*Install php5 libapache2-mod-php5* 



$  apt-get install php5 libapache2-mod-php5 

$  /etc/init.d/apache2 restart 

*Install mysql-Server-:* 



$ apt-get install mysql-server 

 If you are running a server you should probably bind your address by 
editing *bind-address* 

$ vim  /etc/mysql/my.cnf and replacing its value (127.0.0.1) by your IP 
address 

 Set your root password in mysql during installation. 

mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('xxxxxx') 

*xxx is your password* 

$ apt-get install libapache2-mod-auth-mysql php5-mysql phpmyadmin 

Restart apache service 

$ /etc/init.d/apache2 restart 

$ apt-get install phpmyadmin 

$ vi /etc/apache2/apache2.conf 

                                      Include this line in apache 

Include /etc/phpmyadmin/apache.conf 

$ /etc/init.d/apache2 restart 

$ apt-get install php5-mysql mysql-client 

$ vi /etc/php5/apache2/php.ini 

                                         Check it " extensions=mysql.so" is 
there 

$ /etc/init.d/apache2 restart 

$ /etc/init.d/mysql restart 


installation & configuration backuppc in fedora 9/10

Installing backuppc in fedora9/10

I have been given the task of setting up one backuppc server, and below are the steps on how I did it :)

Server setup

                         #yum install backuppc          

                         the perl module needed using yum

    • # yum install perl-Compress-Zlib perl-Archive-Zip perl-File-RsyncP perl-XML-RSS httpd
    • # rpm -Uvh backuppc-3.1.0-1%{dist}.i386.rpm
  1. User backuppc will be created upon installation. Change apache user to backuppc.
    • # vi /etc/httpd/conf/httpd.conf
    • Change 'User apache' to 'User backuppc'
    • Save
  2. Edit file /etc/httpd/conf.d/backuppc.conf
    • # vi /etc/httpd/conf.d/backuppc.conf
    • change 'Allow from 127.0.0.1' to 'Allow from all'
    • Save
  3. Create password for cgi-bin admin user
    • # htpasswd -c /var/lib/backuppc/passwd/htpasswd admin
  4. Edit backuppc config file
    • # vi /etc/BackupPC/config.pl
    • Find and change accordingly
      • $Conf{ServerHost} = 'localhost';
      • $Conf{SplitPath} = '/usr/bin/split';
        $Conf{CatPath} = '/bin/cat';
        $Conf{GzipPath} = '/bin/gzip';
        $Conf{Bzip2Path} = '/usr/bin/bzip2';
      • $Conf{BackupPCUser} = 'backuppc';
      • $Conf{TopDir} = '/var/lib/backuppc';
        $Conf{ConfDir} = '/etc/BackupPC';
        $Conf{LogDir} = '/var/log/BackupPC';
        $Conf{InstallDir} = '/usr';
        $Conf{CgiDir} = '/usr/share/backuppc/cgi-bin';
      • $Conf{ServerInitdPath} = '/etc/init.d/backuppc';
        $Conf{ServerInitdStartCmd} = '$sshPath -q -x -l root $serverHost$serverInitdPath start';
      • $Conf{SshPath} = '/usr/bin/ssh';
      • $Conf{NmbLookupPath} = '/usr/bin/nmblookup';
      • $Conf{PingPath} = '/bin/ping';
      • $Conf{CgiAdminUsers} = 'admin';
    • Save
  5. Grant passwordless sudo for user backuppc to run /bin/gtar and /bin/tar
    • # visudo
    • Add these entries
      • Defaults !lecture # to disable lecture
      • backuppc ALL=NOPASSWD:/bin/gtar,/bin/tar # enable user backuppc to run /bin/tar and /bin/gtar without authentication.
    • Comment this entry
      • #Defaults requiretty
    • Save
  6. Restart apache and backuppc service
    • # /etc/init.d/http restart
    • # /etc/init.d/backuppc restart
  7. Open your browser and point it to 'http://backuppc_server_ip/backuppc' and you should see the backuppc web interface 
  8. After this, you have to do almost all the configuration through the web interface. To test, you can run localhost backup first. You have to create the host, fill up all the setting and you are ready to go. Record the host and ip in /etc/hosts.
Client setup
  1. Create new user
    • # useradd backupuser
    • # passwd backupuser
  2. Grant passwordless sudo for user backupuser
    • # visudo
    • Add these entries
      • Defaults !lecture # to disable lecture
      • backupuser ALL=NOPASSWD:/bin/gtar,/bin/tar # enable user backuppc to run /bin/tar and /bin/gtar without authentication.
    • Comment this entry
      • #Defaults requiretty 
    • Save
  3. From the server using backuppc user, create ssh public key
    • # su -s /bin/bash backuppc
    • $ mkdir .ssh
    • $ chown backuppc.backuppc .ssh
    • $ chmod 700 .ssh
    • $ ssh-keygen -t rsa
    • $ ssh-copy-id -i .ssh/id_rsa.pub backupuser@client
  4. To make sure that the 3rd step is a success, try to ssh to backupuser@client using backuppc user from the server. If no password is asked, then you are ready.
    • # su -s /bin/bash backuppc
    • $ ssh backupuser@client
  5. You can start entering the client to the list of host and start backing up :)

Netdump configuration

Netdump configuration HOWTO
To log VPS host machine crashes you can configure 'netdump' services.

Netdump configuration requires two computers:
- One acts as the netdump server - the box where all crash logs will be stored;
- The other one acts as the netdump client - the VPS host machine.


I. Prepare boxes

1). Install the "netdump-server" package on the server and the "netdump" package on the client (VPS host).
You can use any update agent (up2date, yum, swup) or download and install packages manually via RPM.
For example:
Quote:
# rpm -ivh netdump-0.7.14-4.i386.rpm
# rpm -ivh netdump-server-0.7.14-4.i386.rpm
2). Make sure that netdump servers partition where /var/crash directory located (by default the directory where all crashes will be stored) have enough free disk space, at least as your netdump client (VPS host) box RAM size.


II. Configuration

1). On the netdump server, as root, type:
Quote:
# passwd netdump
and supply a password for netdump user just like what you do to an ordinary user. Then do the following:
Quote:
# chkconfig netdump-server on
# service netdump-server start
2). On the netdump client (VPS host), edit /etc/sysconfig/netdump then uncomment and set the NETDUMPADDR variable to the IP address of the netdump server.
For example:
Quote:
NETDUMPADDR=10.199.243.39
Then execute:
Quote:
# service netdump propagate
and supply the netdump password that was configured on the netdump server. Finally, execute:
Quote:
# chkconfig netdump on
# service netdump start

III. Testing (optional)

To test if the netdump configuration is correct, perform the following
on the netdump client:
Quote:
# cp /usr/share/doc/netdump-xxxxxx/crash.c .
# gcc -DKERNEL -DMODULE -I/lib/modules/$(uname -r)/build/include -c crash.c
# insmod ./crash.o
This will crash the system and you will see a kernel dump on the netdump server in the directory /var/crash//. You will see the file "vmcore-incomplete" while the client is dumping data to the server. The file is renamed to "vmcore" once it is completed.

The size of "vmcore" will vary and may reach several gigs. On a system
with 512Mb of RAM, the above test created a vmcore of approximately
510Mb.