Lucid IT dreams

In sftp, how to set the default permission for all files in a folder? For centos  put two consecutive lines at the end of /etc/ssh/sshd_config       Match Group www-data    ForceCommand internal-sftp -u 2   this will setup umask and files will be 644

EXCEPTION: parent directory is world writable *** EXCEPTION: parent directory is world writable, FileUtils#remove_entry_secure does not work; abort: "/tmp/passenger.1xu4rh9" (parent directory mode 40777) (ArgumentError)     /home/pubuntu/.rvm/rubies/ ruby-1.9.3-p448/lib/ruby/1.9. 1/fileutils.rb:708:in `remove_entry_secure'     /home/pubuntu/.rvm/gems/ruby- 1.9.3-p448/gems/passenger-4.0. 21/lib/phusion_passenger/ utils/tmpio.rb:61:in `ensure in mktmpdir'     /home/pubuntu/.rvm/gems/ruby- 1.9.3-p448/gems/passenger-4.0. 21/lib/phusion_passenger/ utils/tmpio.rb:61:in `mktmpdir'     /home/pubuntu/.rvm/gems/ruby- 1.9.3-p448/gems/passenger-4.0. 21/lib/phusion_passenger/ platform_info.rb:158:in `create_temp_file'     /home/pubuntu/.rvm/gems/ruby- 1.9.3-p448/gems/passenger-4.0. 21/lib/phusion_passenger/ platform_info/compiler.rb:236: in `try_compile'     /home/pubuntu/.rvm/gems/ruby- 1.9.3-p448/gems/passenger-4.0. 21/lib/phusion_passenger/ platform_inf

SSH using public key authentication to IOS Create a user: username test priv 15 secret supers3cr3tn0bdyw1llgue55 You need to make sure this public key is trusted by our router. ip ssh pubkey-chain      username test           key-string                copy the entire public key as appears in the cat id_rsa.pub including the ssh-rsa and [email protected].                please note that some IOS versions will accept maximum 254 characters.                you can paste multiple lines.                exit      exit Please also make sure that you generate RSA keys on Server larger than 768 bits. You can also set SSHv2 on server side (although strictly speaking it's not required if you're using SSH 1.99)   ip ssh version 2   found at https://supportforums.cisco.com/document/110946/ssh-using-public-key-authentication-ios-and-big-outputs

How to connect cisco router as client of NTT FLETS VPN WIDE フレッツ・VPN ワイド https://flets.com/vpnwide/manual.html Here is configuration for IOS 15.1. interface GigabitEthernet0/0  description LAN-SIDE-INTERFACE  ip address 192.168.0.1 255.255.255.0  no ip redirects  no ip unreachables  no ip proxy-arp  duplex auto  speed auto  no cdp enable  ! interface GigabitEthernet0/1  description interface-connected-to-ONU  no ip address  no ip redirects  no ip unreachables  no ip proxy-arp  ip tcp adjust-mss 1414  duplex auto  speed auto  pppoe enable group global  pppoe-client dial-pool-number 1  ! interface Dialer1  description dialer-interface-for-NTT-FLETS-VPN-WIDE  ip unnumbered GigabitEthernet0/0  no ip unreachables  ip mtu 1454  ip virtual-reassembly in  encapsulation ppp  dialer pool 1  dialer idle-timeout 0  ppp authentication pap callin  ppp chap refuse  ppp pap sent-username [email protected] password 7 12345678901  no cdp enable If cannot connect check MTU and MRU and re

A Recipe for a haproxy 1.5 stable version RPM on CentOS  Perform the following on a build box as a regular user. Create an RPM Build Environment  Install rpmdevtools from the EPEL repository:  sudo yum install rpmdevtools pcre-devel  run  rpmdev-setuptree  Install Prerequisites for RPM Creation  sudo yum groupinstall 'Development Tools'  sudo yum install openssl-devel   Download haproxy wget http://www.haproxy.org/download/1.5/src/haproxy-1.5.4.tar.gz  mv haproxy-1.5.4.tar.gz ~/rpmbuild/SOURCES/  Get Necessary System-specific Configs git clone git://github.com/bluerail/haproxy-centos.git  cp haproxy-centos/conf/* ~/rpmbuild/SOURCES/  cp haproxy-centos/spec/* ~/rpmbuild/SPECS/   edit ~/rpmbuild/SPECS/haproxy.spec  and change to the latest version at:   %define version 1.5.4  Build the RPM  cd ~/rpmbuild/ rpmbuild -ba SPECS/haproxy.spec The resulting RPM will be in ~/rpmbuild/RPMS/x86_64 install built rpm  yum localinstall /root/rpmbuild/RPMS/x86_

Linux Change Default User Home Directory While Adding A New User B y default base directory for the system user is set to /home directory. I'd like to add user to /iscsi/home/${user} directory instead of the default /home. How do I force useradd command to add user to /iscsi/home under CentOS / RHEL / Fedora Linux server? Default values for account creation defined in /etc/default/useradd file under CentOS / RHEL / Fedora / Debian / Ubuntu and other Linux distros. Simply open this file using a text editor, type:   # vi /etc/default/useradd The default home directory defined by HOME variable, find line that read as follows: HOME=/home Replace with: HOME=/iscsi/user Save and close the file. Now you can add user using regular useradd command:  # useradd vivek # passwd vivek Verify user information: # finger vivek Output: Login: vivek Name: Vivek Gite Directory: /iscsi/user/vivek Shell: /bin/bash Last login Thu

If you are not sure how to setup cron this site will help http://cronchecker.net/

Creating site and local keyfile pass-phrases At first install from epel repository.     [[email protected] ~]# tripwire-setup-keyfiles ---------------------------------------------- The Tripwire site and local passphrases are used to sign a  variety  of files, such as the configuration, policy, and database files. Passphrases should be at least 8 characters in length and contain  both letters and numbers. See the Tripwire manual for more information. ---------------------------------------------- Creating key files... (When selecting a passphrase, keep in mind that good passphrases typically have upper and lower case letters, digits and punctuation marks, and are at least 8 characters in length.) Enter the site keyfile passphrase:     ## Enter site pass-phrase ## Verify the site keyfile passphrase:     ## Re-enter pass-phrase ## Generating key (this may take several minutes)...Key generation complete. (When selecting a passphrase, keep in mind that good passphrases typically h

Sending commands to a process which runs inside screen   [The script screen-test.sh runs the secondary script] NB: nothing gets output in the screen session window itself - if you want that then use tee 2>&1 | tee $TMPFILE cat screen-test.sh #!/bin/sh # Send command to screen session # - if you have more than one screen session, you'll # need to find out the right session and use it # specifically. #screen -r 10345.root -X exec ${PWD}/screen-test2.sh screen -r -X exec ${PWD}/screen-test2.sh # Give job time to complete before continuing.... sleep 1 # Get output file name (was created in other script with mktemp) MYFILE=$(ls -rt /tmp/screen-test.*|tail -1) # Display file and remove it cat $MYFILE && rm $MYFILE cat screen-test2.sh #!/bin/sh TMPFILE=$(mktemp -p /tmp screen-test.XXXXXX) ( echo "+====+ $TMPFILE +====+" echo "Running in dir: $(pwd)" echo "-----------------------" # command(s) to run in session to cre

How Cron Job Prevent the sending of errors and output To prevent the sending of errors and output, add any one of the following at the end of the line for each cron job to redirect output to /dev/null. >/dev/null 2>&1. OR &> /dev/null Cron Job Example Edit/Open your cron jobs, enter: $ crontab -e Append string >/dev/null 2>&1 to stop mail alert: 0 1 5 10 * /path/to/script.sh >/dev/null 2>&1 OR 0 1 5 10 * /path/to/script.sh &> /dev/null Save and close the file. Restart the crond: # /etc/init.d/crond restart MAILTO variable As pointed out by Anand Sharma, you can set MAILTO="" variable at the start of your crontab file. This will also disable email. Edit/Open your cron jobs   $ crontab -e At the top of the file, enter: MAILTO=""

Get list of installed RPMs on your box: yum list installed |tail -n +3|cut -d' ' -f1 > installed_packages.txt   Install packages onto new server: yum -y install $(cat installed_packages.txt) That`s all found at:  http://unix.stackexchange.com/questions/71/duplicating-a-linux-installation-yum-based

If you got this problem after converting live Centos 6.5 into VMplayer image 1. Download minimal image of centos 2. mount this image at VMplayer 3. boot from minimal Centos image 4. go to Rescue mode 5. run bash 6. type  chroot /mnt/sysimage cd /boot 7.type   mkinitrd -v -f initrd and press TAB to autocomplete so command should looks like: mkinitrd -v -f initrd2.6.32-431.3.1.img 2.6.32-431.3.1   wait until finished. 8. type exit and again exit and from main menu choose reboot 9. boot from local drive  if still does not work follow again points 1-6 7. you have to recreate initramfs - at first create a backup copy of the current initramfs:  type: cp -p /boot/initramfs-$(uname -r).img /boot/initramfs-$(uname -r).img.bak 8. Now create the initramfs for the current kernel, type dracut -f ** If you need to build it for a specific kernel version (replace the version appropriately): dracut -f /boot/initramfs-2.6.32-431.3.1.el6.x86_64.img 2.6.32-431.3.1.el6.

If you cannot access /server-status page on apache which is behind nginx 1. check if elinks are installed rpm -aq|grep elinks elinks-0.12-0.6.pre2.fc10.i386 (Checks if elinks is installed.  Do this before installing elinks.) yum install elinks ( IF elinks is NOT  installed) rpm -aq|grep elinks elinks-0.12-0.6.pre2.fc10.i386 (To verify installation worked)  2. Check if status is enabled in httpd.conf vi /etc/httpd/conf/httpd.conf Find and uncomment the line ExtendedStatus On (Remove # from start of line) Find and uncomment the following directives.  Change configuration From #<Location /server-status> #   SetHandler server-status #    Order deny,allow #    Deny from all #    Allow from example.com #</Location> To <Location /server-status>     SetHandler server-status     Order deny,allow     Deny from all     Allow from localhost 127.0.0.1 </Locati

Add a user who can execute some specific commands.    [1] Create a link named 'rbash' from bash. [[email protected] ~]# ln -s /bin/bash /opt/rbash [2] Add a user that his default shell is rbash and set he can execute only 'ping'. [[email protected] ~]# useradd cern -s /opt/rbash [[email protected] ~]# passwd cern [[email protected] ~]# mkdir /home/cern/bin [[email protected] ~]# ln -s /bin/ping /home/cern/bin/ping [[email protected] ~]# chown root. /home/cern/.bash_profile [[email protected] ~]# chmod 755 /home/cern/.bash_profile [[email protected] ~]# vi /home/cern/.bash_profile # change PATH like follows PATH= $HOME/bin [3] Login with the test user. [[email protected] ~]$ cd -rbash: cd: restricted # denied [[email protected] ~]$ ls -rbash: ls: command not found # none [[email protected] ~]$ ping localhost PING localhost (127.0.0.1) 56(84) bytes of data. 64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.045 ms 64 bytes from localhost (12

Magento - dbModel read resource does not implement Zend_Db_Adapter_Abstract  or   Magento install error - Exception printing is disabled If you enabled full page cache on Zend server this error shows up: dbModel read resource does not implement Zend_Db_Adapter_Abstract Trace : #0 C:\xampp\htdocs\magento\app\code\core\Mage\Core\Model\Mysql4\Collection\Abstract.php(68): Varien_Data_Collection_Db->setConnection(false) What you should do next: 1. try to clear cache - erase all files from MAGENTO_ROOT/var/cache/ directory 2. change settings  1. Navigate to the \"errors\" folder. 2. Change local.xml.sample to local.xml 3. You should now see a new list of crazy errors all over the Magento page - this is okay. 4. Open magento/lib/Zend/Cache/Backend/File.php and look for: protected  $_options  = array( \ 'cache_dir\'  =>  \ 'null\' , 5. Change it to: protected  $_options  = array( \ 'cache_dir\'  =>  \ 'tmp