Friday, December 5, 2014

In sftp, how to set the default permission for all files in a folder?

In sftp, how to set the default permission for all files in a folder?


For centos  put two consecutive lines at the end of /etc/ssh/sshd_config
 
  
 
Match Group www-data 
 
ForceCommand internal-sftp -u 2
 
this will setup umask and files will be 644 

Thursday, November 27, 2014

problem installing passenger

EXCEPTION: parent directory is world writable


*** EXCEPTION: parent directory is world writable, FileUtils#remove_entry_secure does not work; abort: "/tmp/passenger.1xu4rh9" (parent directory mode 40777) (ArgumentError)
    /home/pubuntu/.rvm/rubies/
ruby-1.9.3-p448/lib/ruby/1.9.1/fileutils.rb:708:in `remove_entry_secure'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/gems/passenger-4.0.21/lib/phusion_passenger/utils/tmpio.rb:61:in `ensure in mktmpdir'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/gems/passenger-4.0.21/lib/phusion_passenger/utils/tmpio.rb:61:in `mktmpdir'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/gems/passenger-4.0.21/lib/phusion_passenger/platform_info.rb:158:in `create_temp_file'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/gems/passenger-4.0.21/lib/phusion_passenger/platform_info/compiler.rb:236:in `try_compile'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/gems/passenger-4.0.21/lib/phusion_passenger/platform_info/apache.rb:550:in `apr_config_needed_for_building_apache_modules?'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/gems/passenger-4.0.21/lib/phusion_passenger/platform_info.rb:96:in `apr_config_needed_for_building_apache_modules?'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/gems/passenger-4.0.21/bin/passenger-install-apache2-module:77:in `dependencies'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/gems/passenger-4.0.21/lib/phusion_passenger/abstract_installer.rb:134:in `check_dependencies'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/gems/passenger-4.0.21/bin/passenger-install-apache2-module:104:in `run_steps'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/gems/passenger-4.0.21/lib/phusion_passenger/abstract_installer.rb:69:in `run'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/gems/passenger-4.0.21/bin/passenger-install-apache2-module:298:in `<top (required)>'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/bin/passenger-install-apache2-module:23:in `load'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/bin/passenger-install-apache2-module:23:in `<main>'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/bin/ruby_executable_hooks:15:in `eval'
    /home/pubuntu/.rvm/gems/ruby-1.9.3-p448/bin/ruby_executable_hooks:15:in `<main>'
solution is:
The parent directory in question is /tmp. The error is a security
precaution, warning you that you have your permissions wrong. Your
/tmp directory should have the sticky bit turned on.  


Monday, November 17, 2014

SSH using public key authentication to IOS

SSH using public key authentication to IOS



Create a user:
username test priv 15 secret supers3cr3tn0bdyw1llgue55

You need to make sure this public key is trusted by our router.
ip ssh pubkey-chain
     username test
          key-string
               copy the entire public key as appears in the cat id_rsa.pub including the ssh-rsa and [email protected]
               please note that some IOS versions will accept maximum 254 characters.
               you can paste multiple lines.     
          exit
     exit

Please also make sure that you generate RSA keys on Server larger than 768 bits.
You can also set SSHv2 on server side (although strictly speaking it's not required if you're using SSH 1.99)
 
ip ssh version 2
 
found at https://supportforums.cisco.com/document/110946/ssh-using-public-key-authentication-ios-and-big-outputs 

Wednesday, October 15, 2014

How to connect cisco router as client of NTT FLETS VPN WIDE フレッツ・VPN ワイド

How to connect cisco router as client of NTT FLETS VPN WIDE フレッツ・VPN ワイド

https://flets.com/vpnwide/manual.html

Here is configuration for IOS 15.1.

interface GigabitEthernet0/0
 description LAN-SIDE-INTERFACE
 ip address 192.168.0.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 duplex auto
 speed auto
 no cdp enable
 !
interface GigabitEthernet0/1
 description interface-connected-to-ONU
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip tcp adjust-mss 1414
 duplex auto
 speed auto
 pppoe enable group global
 pppoe-client dial-pool-number 1
 !
interface Dialer1
 description dialer-interface-for-NTT-FLETS-VPN-WIDE
 ip unnumbered GigabitEthernet0/0
 no ip unreachables
 ip mtu 1454
 ip virtual-reassembly in
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 0
 ppp authentication pap callin
 ppp chap refuse
 ppp pap sent-username [email protected] password 7 12345678901
 no cdp enable

If cannot connect check MTU and MRU and reduce.
you can add to Dialer1
ppp lcp echo mru verify
so you can check in logs which MRU and MTU was negotiated.


Also there is ppp authentication bug with some IOS 15.x so the best way is update to the latest MD release.

there is no need adding any vpdn settings.

Friday, October 3, 2014

Build haproxy 1.5 stable version RPM on CentOS 6.x

A Recipe for a haproxy 1.5 stable version RPM on CentOS

 Perform the following on a build box as a regular user.

Create an RPM Build Environment  Install rpmdevtools from the EPEL repository:
 sudo yum install rpmdevtools pcre-devel 
run 

rpmdev-setuptree 

Install Prerequisites for RPM Creation

 sudo yum groupinstall 'Development Tools'
 sudo yum install openssl-devel 

 Download haproxy
wget http://www.haproxy.org/download/1.5/src/haproxy-1.5.4.tar.gz 
mv haproxy-1.5.4.tar.gz ~/rpmbuild/SOURCES/ 

Get Necessary System-specific Configs
git clone git://github.com/bluerail/haproxy-centos.git 
cp haproxy-centos/conf/* ~/rpmbuild/SOURCES/
 cp haproxy-centos/spec/* ~/rpmbuild/SPECS/ 
 edit ~/rpmbuild/SPECS/haproxy.spec
 and change to the latest version at:
 %define version 1.5.4

 Build the RPM
 cd ~/rpmbuild/ rpmbuild -ba SPECS/haproxy.spec

The resulting RPM will be in ~/rpmbuild/RPMS/x86_64

install built rpm

 yum localinstall /root/rpmbuild/RPMS/x86_64/haproxy-1.5.4-1.el6.x86_64.rpm


Credits Based on the Red Hat 6.4 RPM spec for haproxy 1.4. Maintained by Martijn Storck
 Found at:
https://github.com/bluerail/haproxy-centos

Configs and manual:

http://cbonte.github.io/haproxy-dconv/configuration-1.5.html

Wednesday, September 17, 2014

Linux Change Default User Home Directory

Linux Change Default User Home Directory While Adding A New User


By default base directory for the system user is set to /home directory. I'd like to add user to /iscsi/home/${user} directory instead of the default /home. How do I force useradd command to add user to /iscsi/home under CentOS / RHEL / Fedora Linux server?

Default values for account creation defined in /etc/default/useradd file under CentOS / RHEL / Fedora / Debian / Ubuntu and other Linux distros. Simply open this file using a text editor, type:

 # vi /etc/default/useradd

The default home directory defined by HOME variable, find line that read as follows:
HOME=/home
Replace with:
HOME=/iscsi/user

Save and close the file. Now you can add user using regular useradd command:  # useradd vivek
# passwd vivek

Verify user information:
# finger vivek

Output:
Login: vivek                            Name: Vivek Gite
Directory: /iscsi/user/vivek                Shell: /bin/bash
Last login Thu Sep 13 07:58 2007 (IST) on pts/1 from 10.16.15.2
No mail.
No Plan.

How Do I Change Existing User's Home Directory?

You need to use the usermod command to set the user's new login directory. The syntax is as follows:
 
usermod -m -d /path/to/new/home/dir userNameHere
 
Where,
  1. -d dirnanme : Path to new login (home) directory.
  2. -m : The contents of the current home directory will be moved to the new home directory, which is created if it does not already exist.
In this example set the user's new login directory to /users/v/vivek from /home/vivek, enter:

# usermod -m -d /users/v/vivek vivek

Wednesday, September 3, 2014

Cron checker

If you are not sure how to setup cron this site will help


http://cronchecker.net/

Installing and configuring Tripwire on CentOS

Creating site and local keyfile pass-phrases

At first install from epel repository. 
 
 
[[email protected] ~]# tripwire-setup-keyfiles 

----------------------------------------------
The Tripwire site and local passphrases are used to sign a  variety  of
files, such as the configuration, policy, and database files.

Passphrases should be at least 8 characters in length and contain  both
letters and numbers.

See the Tripwire manual for more information.

----------------------------------------------
Creating key files...

(When selecting a passphrase, keep in mind that good passphrases typically
have upper and lower case letters, digits and punctuation marks, and are
at least 8 characters in length.)

Enter the site keyfile passphrase:     ## Enter site pass-phrase ##
Verify the site keyfile passphrase:     ## Re-enter pass-phrase ##
Generating key (this may take several minutes)...Key generation complete.

(When selecting a passphrase, keep in mind that good passphrases typically
have upper and lower case letters, digits and punctuation marks, and are
at least 8 characters in length.)

Enter the local keyfile passphrase:     ## Enter local pass-phrase ##
Verify the local keyfile passphrase:     ## Re-enter pass-phrase ##
Generating key (this may take several minutes)...Key generation complete.

----------------------------------------------
Signing configuration file...
Please enter your site passphrase:      ## Enter site pass-phrase ##
Wrote configuration file: /etc/tripwire/tw.cfg

A clear-text version of the Tripwire configuration file:
/etc/tripwire/twcfg.txt
has been preserved for your inspection.  It  is  recommended  that  you
move this file to a secure location and/or encrypt it in place (using a
tool such as GPG, for example) after you have examined it.

----------------------------------------------
Signing policy file...
Please enter your site passphrase:     ## Enter site pass-phrase ##  
Wrote policy file: /etc/tripwire/tw.pol

A clear-text version of the Tripwire policy file:
/etc/tripwire/twpol.txt
has been preserved for  your  inspection.  This  implements  a  minimal
policy, intended only to test  essential  Tripwire  functionality.  You
should edit the policy file to  describe  your  system,  and  then  use
twadmin to generate a new signed copy of the Tripwire policy.

Once you have a satisfactory Tripwire policy file, you should move  the
clear-text version to a secure location  and/or  encrypt  it  in  place
(using a tool such as GPG, for example).

Now run "tripwire --init" to enter Database Initialization  Mode.  This
reads the policy file, generates a database based on its contents,  and
then cryptographically signs the resulting  database.  Options  can  be
entered on the command line to specify which policy, configuration, and
key files are used  to  create  the  database.  The  filename  for  the
database can be specified as well. If no  options  are  specified,  the
default values from the current configuration file are used.

Initializing Tripwire Database

[[email protected]rver ~]# tripwire --init
Please enter your local passphrase: 
Parsing policy file: /etc/tripwire/tw.pol
Generating the database...
*** Processing Unix File System ***
### Warning: File system error.
### Filename: /dev/kmem
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /proc/ksyms
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /proc/pci
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /usr/sbin/fixrmtab
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /usr/bin/vimtutor
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /usr/local/lib64
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /usr/lib64
### No such file or directory
### Warning: File system error.
### Filename: /sbin/fsck.reiserfs
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /bin/tcsh
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /root/.Xresources
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /root/.esd_auth
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /root/.gnome
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /root/.ICEauthority
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /root/.Xauthority
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /dev/cua0
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /dev/initctl
### No such file or directory
### Continuing...
Wrote database file: /var/lib/tripwire/server.ostechnix.com.twd
The database was successfully generated.

Modifying Tripwire policy file

As per the above result, you may get an error like No such file or directory or File system error.  This means that your tripwire scans every files which are mentioned in the tripwire config file. Comment out the files which are doesn’t exist in your system in the tripwire config file.
[[email protected] ~]# vi /etc/tripwire/twpol.txt 
{
#     /dev/kmem                         -> $(Device) ;
     /dev/mem                          -> $(Device) ;
     /dev/null                         -> $(Device) ;
     /dev/zero                         -> $(Device) ;
     /proc/devices                     -> $(Device) ;
     /proc/net                         -> $(Device) ;
     /proc/sys                         -> $(Device) ;
     /proc/cpuinfo                     -> $(Device) ;
     /proc/modules                     -> $(Device) ;
     /proc/mounts                      -> $(Device) ;
     /proc/dma                         -> $(Device) ;
     /proc/filesystems                 -> $(Device) ;
#     /proc/pci                         -> $(Device) ;
     /proc/interrupts                  -> $(Device) ;
     /proc/driver/rtc                  -> $(Device) ;
     /proc/ioports                     -> $(Device) ;
     /proc/scsi                        -> $(Device) ;
     /proc/kcore                       -> $(Device) ;
     /proc/self                        -> $(Device) ;
     /proc/kmsg                        -> $(Device) ;
     /proc/stat                        -> $(Device) ;
Once modifying all the files, update the tripwire policy file.
[[email protected] ~]# tripwire --update-policy --secure-mode low /etc/tripwire/twpol.txt 
Parsing policy file: /etc/tripwire/twpol.txt
Please enter your local passphrase: 
Please enter your site passphrase: 
======== Policy Update: Processing section Unix File System.
======== Step 1: Gathering information for the new policy.
### Continuing...
### Warning: Policy Update Added Object.
### An object has been added since the database was last updated.
### Object name: /var/lib/tripwire/server.ostechnix.com.twd
### Continuing...
### Warning: Policy Update Changed Object.
### An object has been changed since the database was last updated.
### Object name: Conflicting properties for object /root
### > Modify Time
### > Change Time
### Continuing...
======== Step 2: Updating the database with new objects.
======== Step 3: Pruning unneeded objects from the database.
Wrote policy file: /etc/tripwire/tw.pol
Wrote database file: /var/lib/tripwire/server.ostechnix.com.twd

Checking for any changes in files/directories

[[email protected] ~]# tripwire --check --interactive
Once you entered this command tripwire will collect all the details and open the result automatically in your vi editor. The report might be too long. Scroll down to view any changes in files or folders. As per the below result the newly Added and Modified files will have check mark(The Added and Modified sections are highlighted in bold). Finally save and quit the report by typing :wq. The Added and Modified files will be automatically updated to Tripwire policy file.
Open Source Tripwire(R) 2.4.1 Integrity Check Report

Report generated by:          root
Report created on:            Fri 10 May 2013 12:26:58 PM IST
Database last updated on:     Fri 10 May 2013 12:23:43 PM IST

===============================================================================
Report Summary:
===============================================================================

Host name:                    server.ostechnix.com
Host IP address:              Unknown IP
Host ID:                      None
Policy file used:             /etc/tripwire/tw.pol
Configuration file used:      /etc/tripwire/tw.cfg
Database file used:           /var/lib/tripwire/server.ostechnix.com.twd
Command line used:            tripwire --check --interactive

===============================================================================
Rule Summary:
===============================================================================

-------------------------------------------------------------------------------
Section: Unix File System
-------------------------------------------------------------------------------

  Rule Name                       Severity Level    Added    Removed  Modified
  ---------                       --------------    -----    -------  --------
  Invariant Directories           66                0        0        0
  Temporary directories           33                0        0        0
* Tripwire Data Files             100               1        0        1
  Critical devices                100               0        0        0
  User binaries                   66                0        0        0
  Tripwire Binaries               100               0        0        0
  Critical configuration files    100               0        0        0
  Libraries                       66                0        0        0
  Operating System Utilities      100               0        0        0
  Critical system boot files      100               0        0        0
  File System and Disk Administraton Programs
                                  100               0        0        0
  Kernel Administration Programs  100               0        0        0
  Networking Programs             100               0        0        0
  System Administration Programs  100               0        0        0
  Hardware and Device Control Programs
                                  100               0        0        0
System Information Programs     100               0        0        0
  Application Information Programs
                                  100               0        0        0
  Shell Related Programs          100               0        0        0
  Critical Utility Sym-Links      100               0        0        0
  Shell Binaries                  100               0        0        0
  System boot changes             100               0        0        0
  OS executables and libraries    100               0        0        0
  Security Control                100               0        0        0
  Login Scripts                   100               0        0        0
* Root config files               100               0        0        1

Total objects scanned:  10071
Total violations found:  3
===============================================================================
Object Summary:
===============================================================================

-------------------------------------------------------------------------------
# Section: Unix File System
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Rule Name: Tripwire Data Files (/var/lib/tripwire)
Severity Level: 100
-------------------------------------------------------------------------------

Remove the "x" from the adjacent box to prevent updating the database
with the new values for this object.

Added:
[x] "/var/lib/tripwire/server.ostechnix.com.twd.bak"

-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Rule Name: Tripwire Data Files (/etc/tripwire/tw.pol)
Severity Level: 100
-------------------------------------------------------------------------------

Remove the "x" from the adjacent box to prevent updating the database
with the new values for this object.

Modified:
[x] "/etc/tripwire/tw.pol"

-------------------------------------------------------------------------------
Rule Name: Root config files (/root)
Severity Level: 100
-------------------------------------------------------------------------------

Remove the "x" from the adjacent box to prevent updating the database
with the new values for this object.

Modified:
[x] "/root"

===============================================================================
.
.
.
.
.
Open Source Tripwire 2.4 Portions copyright 2000 Tripwire, Inc. Tripwire is a registered
trademark of Tripwire, Inc. This software comes with ABSOLUTELY NO WARRANTY;
for details use --version. This is free software which may be redistributed
or modified only under certain conditions; see COPYING for details.
All rights reserved.
Integrity check complete.
Please enter your local passphrase: 
Wrote database file: /var/lib/tripwire/server.ostechnix.com.twd
Now let us add a new file called sk.
[[email protected] ~]# touch sk
Now check this file with tripwire –check –interactive command. You may find the file sk under the Added section in the result.
[[email protected] ~]# tripwire --check --interactive
.
.
.
-------------------------------------------------------------------------------
Rule Name: Root config files (/root)
Severity Level: 100
-------------------------------------------------------------------------------

Remove the "x" from the adjacent box to prevent updating the database
with the new values for this object.

Added:
[x] "/root/sk"
.
.
.
Now the new file sk is updated automatically in the tripwire policy file.

Viewing the tripwire report file

All tripwire report files having extension .twr are stored in /var/lib/tripwire/report/ directory. These are not text files, so you can’t view them using any editor. First convert them using the following command to human readable format.
[[email protected] ~]# twprint --print-report --twrfile /var/lib/tripwire/report/server.ostechnix.com-20130510-124159.twr > /tmp/twrreport.txt
Now open the file using any editor.
[[email protected] ~]# vi /tmp/twrreport.txt 
Note: Report is not encrypted.
Open Source Tripwire(R) 2.4.1 Integrity Check Report

Report generated by:          root
Report created on:            Fri 10 May 2013 12:41:59 PM IST
Database last updated on:     Fri 10 May 2013 12:37:53 PM IST

===============================================================================
Report Summary:
===============================================================================

Host name:                    server.ostechnix.com
Host IP address:              Unknown IP
Host ID:                      None
Policy file used:             /etc/tripwire/tw.pol
Configuration file used:      /etc/tripwire/tw.cfg
Database file used:           /var/lib/tripwire/server.ostechnix.com.twd
Command line used:            tripwire --check --interactive
.
.
.
.

Viewing tripwire configuration and policy file locations

To view the policy file locations enter the following command.
[[email protected] ~]# twadmin --print-polfile
# policy:

# Global Variable Definitions

@@section GLOBAL
TWROOT=/usr/sbin;
TWBIN=/usr/sbin;
TWPOL="/etc/tripwire";
TWDB="/var/lib/tripwire";
TWSKEY="/etc/tripwire";
TWLKEY="/etc/tripwire";
TWREPORT="/var/lib/tripwire/report";
HOSTNAME=server.ostechnix.com;
.
.
.
.
To view the configuration files enter the following command.
[[email protected] ~]# twadmin --print-cfgfile
ROOT                   =/usr/sbin
POLFILE                =/etc/tripwire/tw.pol
DBFILE                 =/var/lib/tripwire/$(HOSTNAME).twd
REPORTFILE             =/var/lib/tripwire/report/$(HOSTNAME)-$(DATE).twr
SITEKEYFILE            =/etc/tripwire/site.key
LOCALKEYFILE           =/etc/tripwire/$(HOSTNAME)-local.key
EDITOR                 =/bin/vi
LATEPROMPTING          =false
LOOSEDIRECTORYCHECKING =false
MAILNOVIOLATIONS       =true
EMAILREPORTLEVEL       =3
REPORTLEVEL            =3
MAILMETHOD             =SENDMAIL
SYSLOGREPORTING        =false
MAILPROGRAM            =/usr/sbin/sendmail -oi -t

Scheduling Tripwire Check

You may find a cron file tripwire-check might be created automatically in the /etc/cron.daily/ directory. If it isn’t created, open your crontab file and add lines as shown below. The following example will execute the tripwire daily at 5 am.
[[email protected] ~]# vi /etc/crontab 
# Tripwire Monitor process
00 5 * * * /usr/sbin/tripwire  --check

found at: http://ostechnix.wordpress.com/2013/05/10/install-tripwire-intrusion-detection-system-on-centos-6-4-rhel-6-4-scientific-linux-6-4/

Thursday, August 14, 2014

Sending commands to a process which runs inside screen

Sending commands to a process which runs inside screen

 

[The script screen-test.sh runs the secondary script]
 NB: nothing gets output in the screen session window itself
 - if you want that then use tee
     2>&1 | tee $TMPFILE


cat screen-test.sh
#!/bin/sh

# Send command to screen session
# - if you have more than one screen session, you'll
#   need to find out the right session and use it
#   specifically.
#screen -r 10345.root -X exec ${PWD}/screen-test2.sh
screen -r -X exec ${PWD}/screen-test2.sh

# Give job time to complete before continuing....
sleep 1

# Get output file name (was created in other script with mktemp)
MYFILE=$(ls -rt /tmp/screen-test.*|tail -1)

# Display file and remove it
cat $MYFILE && rm $MYFILE



cat screen-test2.sh
#!/bin/sh

TMPFILE=$(mktemp -p /tmp screen-test.XXXXXX)

(
echo "+====+ $TMPFILE +====+"
echo "Running in dir: $(pwd)"
echo "-----------------------"
# command(s) to run in session to create desired output
/bin/ls
echo -e "======================="
) 2>&1 > $TMPFILE
 
 
found at https://lists.gnu.org/archive/html/screen-users/2011-04/msg00006.html 

Tuesday, April 8, 2014

Stop cron to send emails after job

How Cron Job Prevent the sending of errors and output

To prevent the sending of errors and output, add any one of the following at the end of the line for each cron job to redirect output to /dev/null.
>/dev/null 2>&1.
OR
&> /dev/null

Cron Job Example

Edit/Open your cron jobs, enter:
$ crontab -e

Append string >/dev/null 2>&1 to stop mail alert:
0 1 5 10 * /path/to/script.sh >/dev/null 2>&1

OR

0 1 5 10 * /path/to/script.sh &> /dev/null

Save and close the file. Restart the crond:

# /etc/init.d/crond restart

MAILTO variable

As pointed out by Anand Sharma, you can set MAILTO="" variable at the start of your crontab file. This will also disable email. Edit/Open your cron jobs
 
$ crontab -e

At the top of the file, enter:
MAILTO=""

Tuesday, March 18, 2014

Duplicating linux installation using yum (install the same packages on other server)



Get list of installed RPMs on your box:

yum list installed |tail -n +3|cut -d' ' -f1 > installed_packages.txt

 
Install packages onto new server:
yum -y install $(cat installed_packages.txt)

That`s all

found at: http://unix.stackexchange.com/questions/71/duplicating-a-linux-installation-yum-based

Monday, January 27, 2014

vmware player mounting /dev/vg_server/lv_root on /sysroot failed: No such device

If you got this problem after converting live Centos 6.5 into VMplayer image

1. Download minimal image of centos
2. mount this image at VMplayer
3. boot from minimal Centos image
4. go to Rescue mode
5. run bash
6. type 
 chroot /mnt/sysimage
 cd /boot
7.type
 
mkinitrd -v -f initrd and press TAB to autocomplete so command should looks like:

mkinitrd -v -f initrd2.6.32-431.3.1.img 2.6.32-431.3.1
 
wait until finished.
 
8. type exit and again exit and from main menu choose reboot
9. boot from local drive 

if still does not work

follow again points 1-6

7. you have to recreate initramfs - at first create a backup copy of the current initramfs: 
 type:
cp -p /boot/initramfs-$(uname -r).img /boot/initramfs-$(uname -r).img.bak

8. Now create the initramfs for the current kernel, type
dracut -f

** If you need to build it for a specific kernel version (replace the version appropriately):

dracut -f /boot/initramfs-2.6.32-431.3.1.el6.x86_64.img 2.6.32-431.3.1.el6.x86_64


9. type exit and again exit and from main menu choose reboot
10. boot from local drive 

 

Monday, January 20, 2014

apache server-status behind nginx

If you cannot access /server-status page on apache which is behind nginx

1. check if elinks are installed
  • rpm -aq|grep elinks
    elinks-0.12-0.6.pre2.fc10.i386
    (Checks if elinks is installed.  Do this before installing elinks.)
  • yum install elinks
    (IF elinks is NOT installed)
  • rpm -aq|grep elinks
    elinks-0.12-0.6.pre2.fc10.i386
    (To verify installation worked) 
2. Check if status is enabled in httpd.conf
  • vi /etc/httpd/conf/httpd.conf
  • Find and uncomment the line ExtendedStatus On (Remove # from start of line)
  • Find and uncomment the following directives.  Change configuration From #<Location /server-status>
    #   SetHandler server-status
    #    Order deny,allow
    #    Deny from all
    #    Allow from example.com
    #</Location>
    To <Location /server-status>
        SetHandler server-status
        Order deny,allow
        Deny from all
        Allow from localhost 127.0.0.1
    </Location>
  • Save the configuration file and exit (In vi type :wq )
  • service httpd restart
    (Restart the httpd service) 
 If still cannot access add to nginx/conf.d/default.conf

location /server-status/ {
           fastcgi_pass 127.0.0.1:9000 #if using php-fpm
           proxy_pass http://127.0.0.1:8080 #to your local listening apache on port 8080 or other
}

3. restart nginx

4. if still does not work - check if you use virtual host on apache, if yes move your block  

<Location /server-status> inside <VirtualHost *:8080> 

and restart apache

5. check if you can access

lynx -dump http://127.0.0.1:8080/server-status


6. if still does not work check if there is no redirection problem in .htaccess file and add

RewriteCond %{REQUEST_URI} !=/server-status



 



Wednesday, January 8, 2014

CentOS 6 - user with limited commands and access - restricted bash


Add a user who can execute some specific commands. 
 
[1] Create a link named 'rbash' from bash.
[[email protected] ~]#
ln -s /bin/bash /opt/rbash
[2] Add a user that his default shell is rbash and set he can execute only 'ping'.
[[email protected] ~]#
useradd cern -s /opt/rbash

[[email protected] ~]#
passwd cern

[[email protected] ~]#
mkdir /home/cern/bin

[[email protected] ~]#
ln -s /bin/ping /home/cern/bin/ping

[[email protected] ~]#
chown root. /home/cern/.bash_profile

[[email protected] ~]#
chmod 755 /home/cern/.bash_profile

[[email protected] ~]#
vi /home/cern/.bash_profile
# change PATH like follows

PATH=
$HOME/bin

[3] Login with the test user.
[[email protected] ~]$
cd

-rbash: cd: restricted
# denied

[[email protected] ~]$
ls

-rbash: ls: command not found
# none

[[email protected] ~]$
ping localhost

PING localhost (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.045 ms
64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.008 ms
64 bytes from localhost (127.0.0.1): icmp_seq=3 ttl=64 time=0.008 ms
--- localhost ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2157ms
rtt min/avg/max/mdev = 0.008/0.020/0.045/0.017 ms
# executed


found at: http://www.server-world.info/en/note?os=CentOS_6&p=rbash

Monday, January 6, 2014

[Solved] Magento - dbModel read resource does not implement Zend_Db_Adapter_Abstract or Magento install error - Exception printing is disabled

Magento - dbModel read resource does not implement Zend_Db_Adapter_Abstract 

or 

Magento install error - Exception printing is disabled


If you enabled full page cache on Zend server this error shows up:


dbModel read resource does not implement Zend_Db_Adapter_Abstract
Trace
:#0 C:\xampp\htdocs\magento\app\code\core\Mage\Core\Model\Mysql4\Collection\Abstract.php(68): Varien_Data_Collection_Db->setConnection(false)


What you should do next:

1. try to clear cache - erase all files from MAGENTO_ROOT/var/cache/ directory

2. change settings 



1. Navigate to the \"errors\" folder.
2. Change local.xml.sample to local.xml
3. You should now see a new list of crazy errors all over the Magento page - this is okay.
4. Open magento/lib/Zend/Cache/Backend/File.php and look for:

protected $_options = array(\'cache_dir\' => \'null\',

5. Change it to:


protected $_options = array(\'cache_dir\' => \'tmp/\',

6 .Save it.
7. Now the final step is to go create a tmp folder in the root Magento folder. (make permission 777 and ownership as web server user)
8. That’s it.  

Cybermap

Internet Storm Center Infocon Status

Internet Storm Center Infocon Status
Internet Storm Center Infocon Status