Category: Linux Administration

Home / Category: Linux Administration

Install WordPress Locally – The Easy-way

July 16, 2020 | DEV-OPS, Linux Administration, Shell Scripting | No Comments

1. Introduction

This is a very short post which guides you how to install WordPress on Oracle Virtual box using a automated script.

2. Setup the environment

We will use virtual box as out hypervisor where our WordPress virtual machine is going to hosted.

Download Virtual Box: https://www.virtualbox.org/wiki/Downloads

We will use vagrant to manage and build virtual machines on the hypervisor.

Download Vagrant: https://www.vagrantup.com/downloads

Installation scripts can be found as a git repository. We shall install git to clone this repository.

Git for widows: https://git-scm.com/book/en/v2/Getting-Started-Installing-Git

Git for MacOS: https://sourceforge.net/projects/git-osx-installer/files/

A complete guide [optional] to install git: https://www.atlassian.com/git/tutorials/install-git

3. Clone the git Repository

At this point it has been assumed that Oracle virtual box, Vagrant and git applications are installed in your local machine.

git clone https://github.com/krishanthisera/WP-EZY.git

In this case you may use the terminal(on Linux, OSX) or CMD(for windows).

4. Bootstrap the Server

CD in to the cloned directory (WP-EZY).

cd WP-EZY

Bootstrap the server.

vagrant up

Now you may wait until the bootstrapping process complete it may take some time depending on your internet connection.

5. Verify the installation

URL: http://192.168.5.50/blog/wp-admin/

User Name: admin

Password: password

–Enjoy–

6. Note

You may change the configuration using install.sh file. For an example,

  1. MySQL configuration
  2. IP Configuration
  3. Apache2 Configuration

If you are OSX user, you might encounter an error when you ought to install VirtualBox.

-> Go to your system preference

  • -> Unlock to make the changes
  • -> Allow VIrtual Box as a system app

Install.sh

#Install dependencies
sudo apt-get 
DB_ROOT_PASS=root-pass
DB_WP_PASS=wp-pass

sudo debconf-set-selections <<< 'mysql-server mysql-server/root_password password ${DB_PASS}'
sudo debconf-set-selections <<< 'mysql-server mysql-server/root_password_again password ${DB_PASS}'
sudo apt-get update -y
sudo apt-get install -y wordpress php libapache2-mod-php mysql-server php-mysql apache2 mysql-client ufw

sudo service mysql start
mkdir -p /etc/apache2/sites-available

#Configure mysql 
mysql -u "root" -p'$DB_ROOT_PASS' -e "CREATE DATABASE wordpress;"
mysql -u "root" -p'$DB_ROOT_PASS' -e "GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER ON wordpress.* TO wordpress@localhost IDENTIFIED BY '${DB_WP_PASS}';"
mysql -u "root" -p'$DB_ROOT_PASS' -e "FLUSH PRIVILEGES;"


#Configure Apache2 server
cat <<EOF | sudo tee /etc/apache2/sites-available/wordpress.conf
Alias /blog /usr/share/wordpress
<Directory /usr/share/wordpress>
    Options FollowSymLinks
    AllowOverride Limit Options FileInfo
    DirectoryIndex index.php
    Order allow,deny
    Allow from all
</Directory>
<Directory /usr/share/wordpress/wp-content>
    Options FollowSymLinks
    Order allow,deny
    Allow from all
</Directory>	
EOF


mkdir -p /etc/wordpress


cat <<EOF | sudo tee /etc/wordpress/config-localhost.php 
<?php
define('DB_NAME', 'wordpress');
define('DB_USER', 'wordpress');
define('DB_PASSWORD', '${DB_WP_PASS}');
define('DB_HOST', 'localhost');
define('DB_COLLATE', 'utf8_general_ci');
define('WP_CONTENT_DIR', '/usr/share/wordpress/wp-content');
?>
EOF



sudo service mysql start
sudo a2ensite wordpress
sudo a2enmod rewrite
sudo service apache2 reload

Thank you 🙂

Read More
By krishan.thisera@yahoo.com

RHEL Recover your root Password

December 30, 2017 | Linux Administration | 1 Comment

Root Password recovery

In this tutorial I will demonstrate you how to recover you lost password.
This tutorial is for RHEL 7 Password recovery.
Before we go further I would like to brief Linux boot process,
  • When pushed power button your PC/Server it will powered on and the system firmware will runs POST (Power On Self Test) which will check and initiate attached hardware. You can do modifications to these process by BIOS/UFFI configuration
  • After POST, system firmware will look for bootable device in other words it look for Master Boor Record (MBR)
  • Then the System will reads the boot loader from the disk and let boot loader to take control of the system
  • Now the boot loader loads its configuration from disk, at that point you may display the boot options
  • Depends on your selection boot loader will load the kernel and initramfs from disk to you memory(RAM). Initramfs  is some gziped archive contains kernel modules for hardware all hardware which requires on boot.  
  • Now boot loader hand over control to kernel with the optional commands to the kernel and memory location for initramfs.
  • Then kernel will initialize all the hardware according to the driver which found in initramfs. This process will execute as PID 1.  Further initramfs contains copy of systemd and also an udev (for hardware initialization)
  • Now at this point root file system will mount on /sysroot
  • Afterwards initramfs root file system which mounted on /sysroot will switched to system root file system. and re-executed the copy of systemd which is installed on the system
  • And finally system will look for the default target and start it by resolving dependencies   
Now Lets get back to our issue,
To resolve this issue, we can pause initramfs at some point and provide a shell and do the changes that we requires and continue when our shell exists.
Following Steps will do the trick,
  1. Reboot the System
  2. Interrupt the boot loader
  3. Select the entry which need to be booted
  4. Edit the entry
  5. And boot the system with changes 
  6. remount the /sysroot with read write permission
  7. Switch to chroot jail
  8. Change your password 
  9. Make system to relabel its file system (This is for SELinux purposes)
Now after rebooting the system interrupt the boot loader by pressing a arrow key, and it may look like this.

Select your desired entry to boot and press e to edit

Now find the the line that starts with “linux16” line and jump to the end of the line press (“END” button on key board) remove it till ro and add the entry

          rd.break

And it will look like this
Press CTRL+X to boot with changes
At the completion system will be mounted on /sysroot and but it will be read only mount
In order to the changes it is required re-mount  /sysroot with read-write permission
         #mount -oremount,rw /sysroot
At this point we want system to treat /sysroot as our root file system. In order to that you may switch in to a chroot jail
 
          #chroot /sysroot
 
Now you may change the root password 
 
          #passwd root
 
And in order to make sure all the unlabeled files relabel during the boot you may create a file call “.autorelabel” on the root directory
 
          #touch /.autorelabel
Now you may exit from chroot jail and also from iniframs debugging shell by using exit command.
Now it will continue the boot process but it may take some time since relabeling takes some time.

Afterwards your may use newly configured password to log in to the system.

Read More
By Krishan Thisera

Asterisk on Docker

August 25, 2017 | Linux Containers, Linux Tools, VoIP | No Comments

This Document covers asterisk basic installation on docker. Since till now there is no official asterisk image on Docker hub we will use Debian core to install the asterisk.

Prerequisites Linux host to install docker, Internet connectivity and docker account to download docker images.

1. Installing Docker (Ensure your Internet connectivity)

  • Centos 7

          #wget http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
#rpm -ivh epel-release-latest-7.noarch.rpm
#yum install docker

  •  Install Docker on RHEL and CentOS 6
         # yum install epel-release
# yum install docker-io

2. Start Docker

  • Centos 7

         # systemctl start docker
# systemctl status docker
# systemctl enable docker

  •  On RHEL/CentOS 6

         # service docker start
# service docker status
# chkconfig docker on


Our Asterisk PBX will reside on Debain, So first we must set our Debian container to install asterisk. (Please ensure that you docker is up running without any issue, If you wish to verify you docker engine please use hello world application “# docker run hello-world” )
If everything went well as we expected, you will see something like this.

 3. Pull Debian Image to Docker

         # docker pull debian


This might take some time.

4. Now Lets run our New Debian container using pulled image

First we shall get the Debian image ID by using

            # docker images
You will get someting like this (This will show your all docker images),

Now we shall Start our container using Our Debian image (My Debian image ID appears to be a20fd0d59cf1 )

       # docker run -it –name=<Container Name> –network=host <Image ID>

I’ve used -i and -t option to Keep STDIN open even when container is detached :i and to allocate  pseudo-TTY :t. Plus I’ve used –network option to connect my container with my host network.

After creating your Debian container you will be inside the Container.

5. Install Asterisk

Update your Debain distribution

       # apt-get update
Install asterisk

        # apt-get -y install asterisk
This will take some time to install the packages.

Now After completion of the installation, we might configure the asterisk.

6. Asterisk Configuration

Configure the asterisk RTP Port Limitation.

       #vim /etc/asterisk/rtp.conf

(Use #apt-get install vim-nox To Install VIM)

Change rtpstart and rtpend parameters.

Save and Exit
This will help us wo bind the ports when we running our Asterisk container.
Now We shall start the asterisk.
 

       # /etc/init.d/asterisk start
Use # rasterisk to check if you can  access the Asterisk CLI.

Type exit and Hit Enter to exit Asterisk CLI

Now we shall commit our changes to keep our container configuration.

7. Committing the Container configuration

use Ctrl + p + q to detach from the container
Now issue docker ps  command to see running containers.

        # docker commit -m “<Commit Message>” -a “<author’s name>” <ContainerID or Name to commit> <Repository>:<tag>

Now you can check your committed Docker images by using # docker images

8. Run our Committed Image

        docker run -itd –name=PBX-Asterisk –network=host -p 5060:5060/tcp -p 5060:5060/udp -p 10010:10010/udp -p 10011:10011/udp -p 10012:10012/udp -p 10013:10013/udp -p 10014:10014/udp -p 10015:10015/udp -p 10016:10016/udp -p 10017:10017/udp -p 10018:10018/udp -p 10019:10019/udp -p 10020:10020/udp <Commited Docker ImageID to run>


 I’ve used the –name option to assign a name to my container, and use -p to map the container port with host port. 

9. Configure the sip peers

Lets jump in to our asterisk container
You can use

        # docker exec -it <Your Container ID> bash

or

         # docker attach <Your Container ID>

 Let’s configure our sip peers in # vim /etc/asterisk/sip.conf

       [100]
       secrete=abc123
       context=home
       type=friend
       allow=ulaw,alaw
       host=dynamic

10. Dialplan configuration

11. Complete Asterisk configuration

Now we shall start the asterisk if we already haven’t,

        # service asterisk start


Jump to Asterisk CLI

         # rasterisk
Reload the sip and dialplans

          localhost*CLI> sip reload
localhost*CLI> dialplan reload
You can connect youe sip phones now…..

Note that, If you have iptables service aka firewalls up on your host machine you may need to do some changes accordance.

Read More
By Krishan Thisera

FreePBX-Installation

March 26, 2017 | Linux Administration, Linux Tools, VoIP | No Comments

FreePBX-Installation

 

1. Pre-installation

In order to setup call center server first we have to confirm that our system is full filled the minimum requirements. This asterisk deployment is based on RedHat distribution aka CentOS.  To full-fill the above requirement we are going to setup asterisk 11 on CentOS 6.5 (x64).

1.2 CentOS 6.5×64 installation 

It is recommended to install CentOS 6.5×64 minimum version and manually install all the other package as our requirement. 
 
At the beginning it recommended to configure the logical disk drives aka Raid. 
 
Note that some of the server-rigs will not compatible to centos 6.5×64, most of the time it’s because the particular server’s Raid drivers might not be found in centos 6.5×64 disk. In such scenario please follow the below instruction.
First we have to download the Raid driver from relevant vendor. (If it’s HP you will find somewhat like this hpvsa-X.X.X-X.rhel6u.5x86_64.dd).
 
Note that if the driver has compressed with gzip(.gz) it is recommended to extract by using “tar” in a Linux platform.
Use your Fat32 formatted usb stick and copy those extracted driver (.dd) files.
Now boot your server with centos 6.5×64 and plug your USB stick during the boot time.  At the installation menu, select the installation method and hit “ESC” key to receive the “boot:” prompt. In the boot prompt enter following command 
 

                linux dd blacklist=ahci

 
and then let your system to boot (Don’t reboot the system).
 
And during the installation you will be prompted a window to select the Raid driver and select the relevant driver. On successful driver installation you will be able to see your Logical (Raid driver).
 
And install the centos 6.5×64 without customize any package.
 
Note that it is recommended to customize your Logical disk in order to accommodate root user to enough space.  

2 Asterisks Installation

2.2 Disable SELinux

First You have to disable SELinux
 

             # sed -i ‘s/(^SELINUX=).*/SELINUX=disabled/’ /etc/sysconfig/selinux

Afterwards to affect the system changes restart the PC.
 

           # init 6

 
Now check selinux stats by using
 

          # sestatus

 
 
 
Or you can confirm it on “/etc/sysconfig/selinux” file
 
 

2.3 Network Configuration 

          # vim /etc/sysconfig/network-scripts/ifcfg-<netowrk card>`

   Note that network card name can be found using

         # ifconfig

 
This an example network scripts for network card called “eth0” assign with the IP address “192.168.1.250”.
Make sure that your changes only limited to following parameters,

ONBOOT 
BOOTPROTO 
IPADDR 
NETMASK 
GATEWAY 
DNS1 
DNS2

 
You are always welcome to use `[root@localhost ~]# setup` in order to perform following configurations.

2.4 Update the System

Then you have to update your system.
 
Make sure that internet connectivity of the server is alive.
 
Now using yum application manger lets update the server,
 

            # yum -y update

These Updating processes will take a while.

         # yum groupinstall core
         # yum groupinstall base

 

2.5 Install essential dependencies 

In order to deploy the system, we have to install some additional packages aka dependencies.  
 

           # yum install gcc gcc-c++ lynx bison mysql-devel mysql-server php php-mysql php-pear php-mbstring tftp-server httpd make ncurses-devel libtermcap-devel sendmail sendmail-cf caching-nameserver sox newt-devel libxml2-devel libtiff-devel audiofile-devel gtk2-devel subversion kernel-devel git subversion kernel-devel php-process crontabs cronie cronie-anacron wget vim php-xml uuid-devel libtool sqlite-devel unixODBC mysql-connector-odbc

2.6 Disabling Default IP tables 

Then you have to disable default IP tables and you may enable them again after the installation.
 

 

            chkconfig –level 0123456 iptables off`

 

2.7 Configurations on MySQL and Apache

It is required MySQL and Apache servers to perform Both asterisk and FreePBX operations and it’s recommended if MySQL and Apache services start at the server boot time.
 
          chkconfig –level 345 mysqld on

 

          chkconfig –level 345 Apache on

 

 
Let’s bring up the Both Apache and MySQL server
 
          service mysqld start

 

          service httpd start

 

2.8 PearDB Installation

PearDB is a database abstraction library which allows to connect to different kinds of databases such as    PostgreSQL, MySQL using a consistent API.
 
             # pear channel-update pear.php.net
   # pear channel-update pear.php.net
You may found some warnings saying “WARNING: “pear/DB” is deprecated in favor of “pear/MDB2″”, You can just ignore them.
 
It is preferred to reboot the system before continue further.
 

         # init 6

2.9 Setup the Asterisk user

Then it is required add user to the system  with relevant permission to perform asterisk activities.
 
          # adduser asterisk -M -c “Asterisk User”
 

2.10 Download Asterisk Source Files

 
Use following links to download asterisk sources files. 
 
Note that it is preferred  to download the following files to “/usr/src/”.

       # cd /usr/src
       # wgethttp://downloads.asterisk.org/pub/telephony/dahdi-linux-complete/dahdi-linux-complete-current.tar.gz
       # wget http://downloads.asterisk.org/pub/telephony/libpri/libpri-current.tar.gz
       # wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-11-current.tar.gz
       # git clone https://github.com/akheron/jansson.git
       # wget http://www.pjsip.org/release/2.2.1/pjproject-2.2.1.tar.bz2

2.11 LibPRI and DAHDI

        # cd /usr/src
        # tar xvfz dahdi-linux-complete-current.tar.gz
        # tar xvfz libpri-current.tar.gz
        # rm -f dahdi-linux-complete-current.tar.gz libpri-current.tar.gz
        # cd dahdi-linux-complete-…… Folder……
        # make all
        # make install
        # make config
        # cd /usr/src/libpri-……Folder……
        # make
        # make install

 
These modules are recommended to install even those modules required only if you are using physical devices.
 

2.12 Pjproject Setup

 
pjproject is a collection of utilities, libraries for building and testing SIP based applications.
 

         # cd /usr/src`
         # tar -xjvf pjproject-2.2.1.tar.bz2`
         # cd pjproject-2.2.1`
         # CFLAGS=’-DPJ_HAS_IPV6=1′ ./configure –prefix=/usr –enable-shared –disable-sound –disable-resample –disable-video –disable-opencore-amr –libdir=/usr/lib64`
         # make dep`
         # make`
         # make install`

 

2.13 Jansson Setup 

Jansson is a C library for encoding, decoding and manipulating JSON (JavaScript Object Notation is a lightweight data-interchange format. It is easy for humans to read and write. It is easy for machines to parse and generate. It is based on a subset of the JavaScript Programming) data. 
 

         # cd /usr/src/jansson
         # autoreconf -i
         #./configure –libdir=/usr/lib64
         # make
         # make install

2.14 Asterisk Setup

        # cd /usr/src
        # tar xvfz asterisk-13-current.tar.gz
        # rm -f asterisk-13-current.tar.gz
        # cd asterisk-…..Folder….
        # contrib/scripts/install_prereq install
        #./configure –libdir=/usr/lib64
        # contrib/scripts/get_mp3_source.sh
        #make menuselect

 
Now you must be prompted with “Asterisk Module and Build Option Selection”.
 
 
 
Add mp3 format support if you’re required too compatible mp3 formats on your asterisk server and then press “Save & Exit”.
Finally let’s complete the asterisk installation process.
 

        # make
        # make install
        # make config
        # ldconfig

 
You may need to install Asterisk-Extra-Sound
 

           # mkdir -p /var/lib/asterisk/sounds
           # cd /var/lib/asterisk/sounds
           # wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-extra-sounds-en-wav-current.tar.gz
          # tar xfz asterisk-extra-sounds-en-wav-current.tar.gz
          # rm -f asterisk-extra-sounds-en-wav-current.tar.gz
          # wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-extra-sounds-en-g722-current.tar.gz
         # tar xfz asterisk-extra-sounds-en-g722-current.tar.gz
         # rm -f asterisk-extra-sounds-en-g722-current.tar.gz

3 FreePBX Installation

 
Note that asterisk is our actual PBX aka core switch, while FreePDB can defined as a web-based GUI and configuration file writer which will write asterisk dial planes and configuration for you.
 

3.1 Download FreePBX Source Files

        # cd /usr/src

        # wget http://mirror.freepbx.org/modules/packages/freepbx/freepbx-12.0-latest.tgz
        #tar vxfz freepbx-12-latest.tgz

 

3.2 Setup Relevant permission on Asterisk

It is required to setup couple of ownership permissions as follows.

 

         #chown asterisk. /var/run/asterisk
         #chown -R asterisk. /etc/asterisk
         #chown -R asterisk. /var/{lib,log,spool}/asterisk
         #chown -R asterisk. /usr/lib/asterisk
         #chown -R asterisk. /usr/lib64/asterisk
         #mkdir /var/www/html
         #chown -R asterisk. /var/www/

3.3 Configuration on Apache Server

FreePBX use Apache web server to provide web-based GUI, Following modifications are essential on Apache server.

 

            #sed -i ‘s/(^upload_max_filesize = ).*/120M/’ /etc/php.ini
            #cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf_orig
           #1 asterisk/’ /etc/httpd/conf/httpd.conf
           #service httpd restart

3.4 Configuration on MySQL Server

 
Asterisk uses MySQL database engine to perform its database activities, These Following modifications are essential on MySQL database.
 

          #cd /usr/src/freepbx
          #export ASTERISK_DB_PW=amp109
          #mysqladmin -u root create asterisk
          #mysqladmin -u root create asteriskcdrdb

 
Now It’s required Grant relevant permissions on asterisk database.

 

         #mysql -u root -e “GRANT ALL PRIVILEGES ON asterisk.* TO asteriskuser@localhost IDENTIFIED BY ‘${ASTERISK_DB_PW}’;”
        #mysql -u root -e “GRANT ALL PRIVILEGES ON asteriskcdrdb.* TO asteriskuser@localhost IDENTIFIED BY ‘${ASTERISK_DB_PW}’;”
        #mysql -u root -e “flush privileges;”

3.5 Finalize the FreePBX installation

        #cd /usr/src/freepbx
         #./start_asterisk start
         #./install_amp –installdb –username=asteriskuser –password=${ASTERISK_DB_PW}
         #amportal chown
         #amportal a ma installall
         #amportal a reload
         #amportal a ma refreshsignatures
         #amportal chown

Let’s Start the FreePBX
 

          #ln -s /var/lib/asterisk/moh /var/lib/asterisk/mohmp3
          #amportal restart

Note that amportal is the Linux command which is use to controls FreePBX by using Linux command prompt.
 
 
 
 
 
 
 
 
 
 
 

Reference

Nagy, A. (2014). Version 12.0 Installation – FreePBX OpenSource Project – Documentation. [online] Wiki.freepbx.org. Available at: https://wiki.freepbx.org/display/FOP/Version+12.0+Installation [Accessed 7 Mar. 2016].

Jordan, M. (2019). Asterisk 11 Documentation – Asterisk Project – Asterisk Project Wiki. [online] Wiki.asterisk.org. Available at: https://wiki.asterisk.org/wiki/display/AST/Asterisk+11+Documentation [Accessed 3 Mar. 2014].

Read More
By Krishan Thisera

Simple Squid (Proxy server) Configuration

August 18, 2016 | Linux Administration, Linux Tools, Proxies and Load balancing | 5 Comments

Install and configure SQUID Proxy Server

Introduction

A proxy server is a server which acts as an intermediary for clients seeking resources from other servers such as Web servers, File servers… etc. Whenever a client requests resources, the proxy server will evaluate the request as a way to simplify and control its complexity. Today, most proxies are web proxies, facilitating access to content on the World Wide Web and providing anonymity.

Use of Proxy servers

  • Firewall and network data filtering support
  • Data caching
  • Accessing services anonymously

Overview

For the demonstration purpose, Cent OS 6.5 and Fedora 17 are installed in VMWare Workstation (9.0.1 build-894247).

Fedora 17 – Configured as a client machine.

Cent OS 6.5 – Configured as a router and Proxy server was installed and configured there.

Overview Diagram

Network Diagram – Description

After installation of OS s in VMWare. Following IP addresses were assigned to network interfaces accordingly.

Fedora Client

Eth0 – 192.168.2.2 (LAN 111)

Cent OS – Server

Eth1 – 192.168.2.1 (LAN 111)

Eth0 – 192.168.1.12 (This will be changed as IP addresses assigned through DHCP)

Proxy server port – 3128

Configurations

Cent OS 6.5 – Interfaces Details (After configuration of network addresses)

Fedora 17 – Interfaces Details (After configuration of network addresses)

Configuring Cent-OS 6.5 as a Router.

When Fedora client requesting web traffic through Cent OS machine, it should be able to redirect web traffic towards the Access point (192.168.1.1). So the following steps were done to fulfil the requirement.

1) To send packets through IP forwarding following command was used.

2) Enabling NAT on the server

3) Set up Fedora client to access AP through Cent OS, had to do some modifications to the IP-tables. For it following commands were used.

Now it is all configured to access the internet via Cent OS for Fedora client.

Installing/Configuring Squid

In Cent OS machine squid proxy server was installed using following command.

Changing the squid.conf file to work as a transparent proxy.

For newer versions of squid proxy server to enable transparent proxy, in squid.conf file word “intercept” should be given as follows

Allowing HTTP traffic through squid proxy server. Uncomment these lines as following

To allow Fedora client’s network (192.168.2.0/24) for accessing squid proxy server. (Highlighted the line which was added by myself)

After saving squid.conf file started the squid service using the following command.

It’s all configured properly but Fedora client still doesn’t access the internet through the proxy server. It is needed to access port 3128 which is for the proxy server by Fedora client. For the requirement following modification was done to the IP table.

NAT table changed as following after the modifications.

To verify that fedora client is using squid proxy server following command was used.

If logfile is filled like above, It means that Fedora client access internet via Proxy server.

IF not Fedora client doesn’t access the internet via a Proxy server. (If the log file is empty)

Caching

For enable caching squid.conf file was modified as follows.

That’s it 🙂

 

Read More
By Krishan Thisera

RSYNC

June 22, 2016 | Linux Administration, Linux Tools | No Comments

RSYNC

is one of the most popular File Copying/Synchronizing service among Linux people. Its synchronizing while copping and consume Less network resources for its operations.
 
CAUTION!!!! Miss use may cause original data overwrite or
deletion.
As an example, here in iPhonik (iPhonik was formed as a company in the business of developing an
Unified Communication Solution product and related services.) we use rsync
to take realtime backups and duplicate them on the redundant servers. Call recording which stores
in the real-time server will be synchronized/ copied to the redundant server (We
are using NFS as the file sharing mechanism share-directory-between-two-server-nfs ).

 How to USE

Most of the time your Linux distributions comes with the
installed rsync service but if you don’t have installed rsync on your Linux
distribution,

Debian distributions

apt-get install rsync

RedHat distributions

yum install rsync

Now if you
wish to use rsync with the remote host

rsync -avz -e ssh remotepeers@remotedomain:/remotepeers/dirA/dirB/ /local-this-user/dirE/dirF

If you wish to use
rsync through server

First you have to setup
rsync as a daemon process, to do that find the /etc/xinetd.con file
and add following lines below the very last line of the file,

rsync stream tcp nowait root
/usr/bin/rsync rsync –daemon
Let’s create the rsync configuration file as “/etc/rsyncd.conf” And add following configuration,
max connections = 1 log file = /var/log/rsync.log timeout = 300 [usersfiles] comment = Rsync user’s cache path = /usr/local/usersfiles read only = no list = yes uid = nobody gid = nogroup #auth users = user list = yes hosts allow = 127.0.0.0/8 192.168.1.0/24 secrets file = /etc/rsyncd.sec
Save and Exit
By commenting very last two line
will allow anonymous access.
Afterward let’s create the /etc/rsyncd.sec
file and add user name and
passwords for the allowed users (if you didn’t allow anonymous access).
To start the syncronisation,
rsync -avz
rsync://your_ip-addresses_or_domain/public

Click here for rsync manual (Man page).

Read More
By Krishan Thisera

Service-Start-Linux

April 23, 2016 | Linux Administration, Linux Tools | No Comments

Service-Start-Linux

Click Here to Download zip

Author ::krishees@gmail.com      
Features,     
Check the status of the given services (as a command line argument)  
and if that particular service is in down status./checksrv.sh <service> 
program can turn up the particular service.    
======================================================================= 
pattern->        
./checksrv.sh <service-1> <service-2>.....<service-n>   
ex-> for httpd and mysqld     
./checksrv.sh httpd mysqld     
======================================================================= 
Usage->   
Using crontab (crontab -e)      
* * * * *  ./checksrv.sh <service>     
Check the status of the service every 60 seconds and if the particular 
service not up then the ./checksrv.sh will bring up the particular  
services          
------------------------------------------------------------------------
Using inittab (/etc/inittab)      
Check the status of a service after particular run-level reset. After  
particular run-level change and if particular service is not up then    
 ./checksrv.sh will bring up  the particular services    

 
 
#./checksrv.sh
#!/bin/bash
echo "   ======================================================================= +   Author ::krishees@gmail.com +   Features, +   Check the status of the given services (as a command line argument) +   and if that particular service is in down status./checksrv.sh <service> +   program can turn up the particular service. +   ======================================================================= +   pattern-> +   ./checksrv.sh <service-1> <service-2>.....<service-n> +   ex-> for httpd and mysqld +   ./checksrv.sh httpd mysqld +   ======================================================================= +   Usage-> +   Using crontab (crontab -e) +   * * * * * ./checksrv.sh <service> +   Check the status of the service every 60 seconds and if the particular +   service not up then the ./checksrv.sh will bring up the particular +   services +   ------------------------------------------------------------------------+   Using inittab (/etc/inittab) +   Check the status of a service after particular run-level reset. After +   particular run-level change and if particular service is not up then +   ./checksrv.sh will bring up the particular services +   ======================================================================= +   "   if [ "$#" = 0 ]   then   echo "Usage $0 <service>"   exit 1   fi       for i;do   service=$i   is_running=`ps aux | grep -v grep| grep -v "$0" | grep $service| wc -l | awk '{print $1}'`   if [ $is_running != "0" ] ;   then   echo "Nothing to do!!! $service Service is already up and running...."   else   echo   initd=`ls /etc/init.d/ | grep $service | wc -l | awk '{ print $i }'`   if [ $initd = "1" ];   then   startup=`ls /etc/init.d/ | grep $service`   echo "   =======================================================================   $i   ======================================================================="   echo "Waiting for service $i..."   /etc/init.d/${startup} start   else   echo "$i No such a service!!!"   fi   fi   done

Read More
By Krishan Thisera

Share-A-Directory-between-two-server-NFS

March 5, 2016 | Linux Administration, Linux Tools | No Comments

Share-A-Directory-between-two-server-NFS

Please grant the relevant permission on the shell scripts
./client_Export.sh
  Takes three argument as follows

    1. server ip address to be exported

    2. client directory which should be exported to the particular server

    3. options aka permission for the expoted folder

                    rw: This option allows the client server to both read and write within the shared directory

                    sync: Sync confirms requests to the shared directory only once the changes have been committed.

                    no_subtree_check: This option prevents the subtree checking. When a shared directory is the subdirectory of a larger filesystem, nfs performs scans of every directory above it, in order to verify its permissions and details. Disabling the subtree check may increase the reliability of NFS, but reduce security.

                    no_root_squash: This phrase allows root to connect to the designated directory
    Eg:-:
      [root@localhost ~]# ./clint_Export.sh 192.168.1.78 /home/cli rw,sync,no_root_squash,no_subtree_check
./server_Mount.sh
  Takes three argument as follows

    1. client (Provider of the Shared file) ip address 

    2. client directory which has exported to the server

    3. server directory which client's directory to be mounted

      Eg:-
       [root@localhost ~]# ./server_Mount.sh 192.168.1.78 /home/cli /home/cliatserver

client_Export.sh

#!/bin/sh 
 echo Author krishan thisera @iPhonik.com
 
 
 
if [ "$#" != 3 ]
 
then
 
echo
 
echo "Usage $0 <Where to export:ServerIP> <What should export:Exporting Dirctory> <Set permission>"
 
echo "Please reffer : https://github.com/krishanthisera/Share-A-Directory-between-two-server-NFS"
 
echo
 
exit 1
 
fi
 
 
 
ipaddr=$1
 
dir=$2
 
opt=$3
 
echo "Checking nfs-utils"
 
if ! rpm -qa | grep -qw nfs-utils; then
 
echo "Installing nfs-utils"
 
yum install nfs-utils
 
else
 
echo "nfs-utils Installed. Nothing to DO"
 
fi
 
 
 
echo "Checking nfs-utils-lib"
 
if ! rpm -qa | grep -qw nfs-utils-lib; then
 
echo "Installing nfs-utils"
 
yum install nfs-utils-lib
 
else
 
echo "nfs-utils-lib Installed. Nothing to DO"
 
fi
 
 
 
chkconfig --levels 235 nfs on
 
/etc/init.d/nfs start
 
 
 
if [ -d "$dir" ]; then
 
echo "$dir Found"
 
else
 
echo "Creating a new directory.."
 
mkdir "$dir"
 
chown 65534:65534 "$dir"
 
chmod 777 "$dir"
 
echo "Directory created.."
 
fi
 
echo "Updating Export Script..."
 
echo "$dir" " " " " "$ipaddr""("$opt")" >> /etc/exports
 
exportfs -a
 
echo "Export Script Updated..." 


#!/bin/sh
 
if [ "$#" != 3 ]
 
then
 
echo
 
echo "Usage $0 <What is the source(Mount From):Clientip> <What is to mount:What is the client directory to be mount> <Where to Mount>"
 
echo "Please reffer : https://github.com/krishanthisera/Share-A-Directory-between-two-server-NFS"
 
echo
 
exit 1
 
fi
 
 
 
 
 
echo Author krishan thisera @iPhonik.com
 
ipaddr=$1
 
clidir=$2
 
srvdir=$3
 
echo "Checking nfs-utils"
 
if ! rpm -qa | grep -qw nfs-utils; then
 
echo "Installing nfs-utils"
 
yum install nfs-utils
 
else
 
echo "nfs-utils Installed. Nothing to DO"
 
fi
 
 
 
echo "Checking nfs-utils-lib"
 
if ! rpm -qa | grep -qw nfs-utils-lib; then
 
echo "Installing nfs-utils"
 
yum install nfs-utils-lib
 
else
 
echo "nfs-utils-lib Installed. Nothing to DO"
 
fi
 
 
 
chkconfig --levels 235 nfs on
 
/etc/init.d/nfs start
 
 
 
if [ -d "$srvdir" ]; then
 
echo "$srvdir Found"
 
else
 
echo "Creating a new directory.."
 
mkdir -p "$srvdir"
 
chown 65534:65534 "$srvdir"
 
chmod 777 "$srvdir"
 
echo "Directory created.."
 
fi
 
 
 
echo "Mounting $clidir in $srvdir"
 
mount "$ipaddr"":""$clidir" """$srvdir"
 
echo "Mounted $clidir to $srvdir"
 
df -h

Read More
By Krishan Thisera

How-to-Encrypt-a-shell-script

February 8, 2016 | Linux Administration, Linux Tools, Shell Scripting | No Comments

How-to-Encrypt-a-shell-script
If you’re really concerning about the privacy of your shell scripts(Source),
I have use Ubuntu 14.04 server with the root Privilage. The source of the program ‘SCH’ which I’m using here is from
    http://www.datsi.fi.upm.es/
At first lets download some packeges which required to run our shell encryption program
You will need to download gcc compilers
    root@ubuntu:/usr/src# apt-get install gcc
You will need to install ‘make’ utility if it required (Depend on your system)
    root@ubuntu:/usr/src# apt-get install make
After that lets download our encryption program/ source [from http://www.datsi.fi.upm.es/]
Or you can download the ‘SCH’ source file which I’ve attached to this repository from from http://www.datsi.fi.upm.es/
    root@ubuntu:/usr/src# wget http://www.datsi.fi.upm.es/~frosal/sources/shc-3.8.7.tgz
Lets extract the ‘.tgz’ file
    root@ubuntu:/usr/src# tar xvf shc-3.8.7.tgz
    shc-3.8.7/CHANGES
    shc-3.8.7/Copying
    shc-3.8.7/Makefile
    shc-3.8.7/match
    shc-3.8.7/pru.sh
    shc-3.8.7/shc-3.8.7.c
    shc-3.8.7/shc.1
    shc-3.8.7/shc.README
    shc-3.8.7/shc.c
    shc-3.8.7/shc.html
    shc-3.8.7/test.bash
    shc-3.8.7/test.csh
    shc-3.8.7/test.ksh
Let jump in to the ‘shc’ source folder
    root@ubuntu:/usr/src# cd shc-3.8.7
In here I’m going to encrypt a shell script in the
    /home/encrypt
Let’s look inside the Shell script
    vim /home/encrypt/checksrv.sh
alt tag
Now lets Encrypt our Shell file Note that you always welcome to change password file in the shc-3.8.7 as you desire.
    root@ubuntu:/usr/src/shc-3.8.7# ./shc -f /home/encrypt/checksrv.sh
There will be two additional files
    root@ubuntu:/usr/src/shc-3.8.7# ls  /home/encrypt/
    checksrv.sh  checksrv.sh.x  checksrv.sh.x.c
‘checksrv.sh’ is our original (Unencrypted) shell source ‘checksrv.sh.x’ is the Encrypted Shell source ‘checksrv.sh.x.c’ c files was created in order to perform encryption
Lets check on our encrypted source file
    root@ubuntu:/usr/src/shc-3.8.7# vim  /home/encrypt/checksrv.sh.x
alt tag
Now you can see some binary stuffs instead of the plain shell text.
Now you can share the ‘.sh.x’ so your source will be hidden

Read More
By Krishan Thisera