8/29/2010

FTP Server

[1] Build FTP server to transfer files. Install and configure vsftpd for it.

[root@www ~]#yum -y install vsftpd
[root@www ~]#vi /etc/vsftpd/vsftpd.conf
anonymous_enable=NO // line 12: no anonymous
ascii_upload_enable=YES // line 79: make valid
ascii_download_enable=YES (permit ascii mode transfer)
chroot_list_enable=YES // line 94: make valid
(enable chroot list)
chroot_list_file=/etc/vsftpd/chroot_list // line 96: make valid
(chroot list file)
ls_recurse_enable=YES // line 102: make valid
chroot_local_user=YES // bottom: enable chroot
local_root=public_html // root directory
use_localtime=YES // use local time

[root@www ~]#vi /etc/vsftpd/chroot_list
fedora // write users you permit
[root@www ~]#/etc/rc.d/init.d/vsftpd start
Starting vsftpd for vsftpd: [ OK ]
[root@www ~]#chkconfig vsftpd on

[2] Add CNAME in DNS for FTP server.

[root@ns ~]#vi /var/named/server-linux.info.lan
ftp IN CNAME linuxbasiccommand.blogspot.com

[root@ns ~]#rndc reload
server reload successful

8/26/2010

Redhat Packet Management

RPM - Uninstall / Erase
● If you want to see the files that are being removed, you can use the -vv option.
# rpm -evv tuxpaint
● This can sometimes lead to a bunch of filenames flying down the screen. So,
you might want to pipe the output to less or to a file for you to review later.
● You can also override some problems that might arise with a simple unistall.
● You may run into a dependcy problem if you try to remove a package that
others are relying on.
# rpm -evv --nodeps tuxpaint
● The above option will uninstall the package without checking for dependencies.
# rpm -evv --noscipts tuxpaint
● The above command will unistall the package without running and preunistall
or postunistall scripts.
# rpm -evv --notriggers tuxpaint
● The above command will uninstall the package without executing scripts that
are triggered by removing the package.

RPM - Query

● You can use the query (-q) option to get information about the package.
● Here are some options you can use with query:
○ -qa : lists all installed packages.
○ -qf file : Lists the packages that owns file.
○ -qi package : Lists lots of information about the package.
○ -qR package : Lists components (such as libraries and commands) that
package depends on.
○ -ql package : Lists all the files contained in the package.
○ -qd package : Lists all documentation files that come in the package.
○ -qc package : Lists all configuration files that come in package.
● Here are some examples: (You might want to pipe these to a more command)
# rpm -qa
# rpm -qi tuxpaint
# rpm -ql tuxpaint
# rpm -qi tuxpaint
# rpm -qR tuxpaint
● Note that I am only using the package name here, and not the entire name of the RPM file.

8/25/2010

GroupManagement

groupadd

● This command will add a new group to /etc/group.
● The following will create a new group:
# groupadd -g 1024 groupname
● The -g option allows you to pick the group ID number.
● If you do not use this option, then the system picks the next available sequential number greater than 500.
● The -o option allows the group ID to be nonunique.
○ This allows multiple names for the same group ID

Groupdel

● This command is analogous to userdel.
● This command will take a group name as an argument and remove the group.
# groupdel groupname

groupmod

● This command can change the name of the group or the group ID.
# groupmod -g 1025

groupname

# groupmod -n

User Management

useradd

● Based on /etc/login.defs, the system creates a home directory for the new user.
useradd name-user
● The contents of /etc/skel is copied to the home directory.
○ This contains bash and other startup files.
● Once you have added a user, use passwd to give the user a password.

userdel

● The following command will remove a user's account: userdel -r username
● If appropriate, make a backup copy of the files belonging to the user before
deleting the account.
● The userdel command will remove the account, the user's home directory, and
all the files in the directory

Usermod

● This command can temporarily turn off a user's account.
○ You can change the expiration date for the account.
usermod -e "12/31/03" username
● This command will prevent the user from logging in

Command line basic

ls (Listing)

● This command will show you the contents of a directory.
○ls --> will show you the contents of the current directory.
○ ls /dir/name --> will show you the contents of a specified
directory.
○ ls -l --> will show you a long listing containing ownership,
permissions, time last modified, and size.
○ ls -a --> will show you all of the files in the directory, including those
starting with a .
○ ls -al --> What do you think?

[mlevan@localhost BasicCommands]$ ls -al
total 24
drwxrwxr-x 2 mlevan mlevan 4096 Apr 30 17:43 .
drwxr-xr-x 10 mlevan mlevan 4096 Apr 30 17:36 ..
-rw-rw-r-- 1 mlevan mlevan 1828 Apr 30 17:57


cd (Change Directory)


● This command will change your current working directory.
● cd --> If you just type in cd, then you will be sent to your home directory.
For example, /home/mlevan/
● cd /dir/name --> This command will send you directly into the desired
directory.
○ cd /var/log/ --> This will send us to the /var/log directory.
● What about these commands :
○ cd .
○ cd ..



cp (CoPy)


● cp filename1 filename2 --> This command will copy the first file
into the second file.
● cp Amy.txt Garret.txt
● Note that if Garret.txt is already a file, then it will be overwritten !! Be careful
with this command.
cp -i Amy.txt Garret.txt
○ If Garret.txt exists, then this command will inquire if you want to
overwrite the file.
○ If Garret.txt does not exist, then you will not be asked.
● Note that you can also add directory names to this:
● cp /home/mlevan/Amy.txt /home/guest/Garret.txt
● You can also copy files to a directory :
○ cp file1 file2 fileN directory_name
○ cp Amy.txt Garret.txt temp/
● Note that ~ can also represent your home directory. For example, say I want to
copy a file from /home/guest1/booty to the temp directory in my account:
○ cp /home/guest1/booty/blah.txt ~/temp/

Rm (ReMove)


● rm command will remove a file.
○ rm filename
● If you type in rm -i filename , then you will be asked if you really want
to remove the file.
● It is virtually impossible to regain a file after it has been removed in this
fashion


mv (MoVe)

● This is the "rename" command used in DOS.
● This command moves one filename into another filename.
○ mv filename1 filename2
●The above command automatically writes over filename2 with whatever was in filename1
○ mv -i filename1 filename2
● The above command will inquire if you really want to move the file.
● You can also move directories with this command,
○ mv dir_name1 dir_name2

touch

● This command will create a file.
○ touch filename
● If the file already exists, then touch will update the timestamp of the file.

8/23/2010

Installing Webmin Securely with SSL on CentOS 5.2

Run command:

# yum install openssl
# yum install openssl-devel
# yum install perl
# yum install perl-Net-SSLeay perl-Crypt-SSLeay
# rpm --import http://www.webmin.com/jcameron-key.asc

Create the /etc/yum.repos.d/webmin.repo file containing :

[webmin]
name=Webmin Distribution Neutral
baseurl=http://download.webmin.com/download/yum
enabled=0

Then run:

# yum --enablerepo=webmin install webmin

Check installation success with:

/etc/init.d/webmin status

If everything is good and webmin is running access it via:

https://yourdomain.com:10000/

Install and Configure PHP on Centos

Install PHP

1. Run the yum install command
yum install php

Configure PHP

1. Increase PHP script memory limit
In the /etc/php.ini file replace memory_limit = 16M with memory_limit = 128M
2. Increase PHP script max execution time
In the /etc/php.ini file replace max_execution_time = 30 with max_execution_time = 120
3. Increase PHP script max upload size
In the /etc/php.ini file replace max_upload_size = 2M with max_upload_size = 50M
In the /etc/php.ini file replace post_max_size = 8M with post_max_size = 50M
4. Create the /usr/share/phpinfo folder
mkdir /usr/share/phpinfo
5. Create the /usr/share/phpinfo/index.php file with the following text:
phpinfo();
?>
6. Change permissions on the index.php file
chmod 0755 /usr/share/phpinfo/index.php
7. Create the /etc/httpd/conf.d/phpinfo.conf file with the following text:
# phpinfo - PHP utility function for displaying php configuration
#
# Allows only localhost by default

Alias /phpinfo /usr/share/phpinfo

order deny,allow
deny from all
allow from 127.0.0.1

8. Restart Apache Server
service httpd restart

8/22/2010

DHCP Server

[root@ns ~]# yum -y install dhcp
[root@ns ~]# cp -f /usr/share/doc/dhcp-3.0.5/dhcpd.conf.sample /etc/dhcpd.conf
[root@ns ~]# vi /etc/dhcpd.conf

# line 4: specify your network and subnetmask
subnet 192.168.0.0 netmask 255.255.255.0 {

# line 7 : specify default gateway
option routers192.168.0.1;

# line 8: specify subnetmask
option subnet-mask255.255.255.0;

# line 10: specify NIS domain name iy you using.
# make it comment if you don not use.
option nis-domain"server-world.info";

# line 11: specify domain name
option domain-name"server-world.info";

# line 12: specify IP address of DNS
option domain-name-servers192.168.0.10;

# line 14: make it comment
option time-offset-18000;

# line 21: specify the range of IP addresses for clients
range dynamic-bootp 192.168.0.128 192.168.0.254;

# line 22: default's terms of lease
default-lease-time 21600;

# line 23: maximun terms of lease
max-lease-time 43200;

# line 26: make following 5 lines comment
#host ns {
#next-server marvin.redhat.com;
#hardware ethernet 12:34:56:78:AB:CD;
#fixed-address 207.175.42.254;
#}

[root@ns ~]# /etc/rc.d/init.d/dhcpd start
Starting dhcpd:[ OK ]
[root@ns ~]# chkconfig dhcpd on

8/21/2010

Backup databases by scripts on CentOS

-B1: Create backup_mysql.sh content:

*************************

# -------------------------------------------------------------------------

MyUSER="root" # USERNAME
MyPASS="Dj4uLgQd" # PASSWORD
MyHOST="localhost" # Hostname

# Linux bin paths, change this if it can't be autodetected via which command
MYSQL="$(which mysql)"
MYSQLDUMP="$(which mysqldump)"
CHOWN="$(which chown)"
CHMOD="$(which chmod)"
GZIP="$(which gzip)"

# Backup Dest directory, change this if you have someother location
DEST="/backup_mysql"

# Main directory where backup will be stored
MBD="$DEST/mysql"

# Get hostname
HOST="$(hostname)"

# Get data in dd-mm-yyyy format
NOW="$(date +"%d-%m-%Y")"

# File to store current backup file
FILE="mysql_db_backup"
# Store list of databases
DBS="sodepvn_mlmobi sodepvn_sim" # danh sach database can backup

# DO NOT BACKUP these databases
# IGGY="test"

[ ! -d $MBD ] && mkdir -p $MBD || :

# Only root can access it!
$CHOWN 0.0 -R $DEST
$CHMOD 0600 $DEST

# Get all database list first
DBS="$($MYSQL -u $MyUSER -h $MyHOST -p$MyPASS -Bse 'show databases')"

for db in $DBS
do
skipdb=-1
if [ "$IGGY" != "" ];
then
for i in $IGGY
do
[ "$db" == "$i" ] && skipdb=1 || :
done
fi

if [ "$skipdb" == "-1" ] ; then
FILE="$MBD/$db.$HOST.$NOW.gz"
# do all inone job in pipe,
# connect to mysql using mysqldump for select mysql database
# and pipe it out to gz file in backup dir :)
$MYSQLDUMP -u $MyUSER -h $MyHOST -p$MyPASS $db | $GZIP -9 > $FILE
fi
done

*********************************

-B2: Restart crontab
service crond restart
- B3: Create Crontab content:
#crontab -e
0 15 * * 1,4 sh /mnt/data/linux/code/backupbookmarks.sh
- B4: Restart crontab

Linux change root password

Linux basic commads FAQ:

Simple task for simple minds

Q. How do I change the root password on a linux ( unix ) operating system ?

R. What you need to do in order to change the root account password on a linux or unix machine is:

- open a terminal an login as root ( if the system permits loging in as root )
or
- open a terminal, login with your account and type “su” to become root.
Enter the ( old ) root password to login
then type “passwd” and it will prompt you for a new password.
—————————-

root@ibm:/# passwd

Changing password for root
Enter the new password (minimum of 5, maximum of 127 characters)
Please use a combination of upper and lower case letters and numbers.

New password: **********
Re-enter new password: **********

Password changed.

Download Linux Distro

[1] Debian 5.0

http://ftp.riken.jp/Linux/debian/debian-cd/

The ISO file is for 32 bit computer. But if your computers can adapt to 64 bit computing, it's OK to install 64 bit version of Debian Lenny which is on following place. For example, if the CPU on your computer is Athlon64/FX/X2, Turion64, Opteron by AMD, or CPU with EM64T by Intel like Pentium4 501, 504, or all CPUs later from Pentium4 6xx, Pentium D, Core 2 Duo, Core 2 Quad, Xeon and so on.(this example is for desktop computers)

⇒ http://ftp.riken.jp/Linux/debian/debian-cd/

* This site explains with 64 bit version of Debian Lenny. However, Most configurations are not different from 32 bit one.

[2] Fedora 12.0

http://fedoraproject.org/

The ISO file is for 32 bit computer. But if your computers can adapt to 64 bit computing, it's OK to install 64 bit version of Fedora 12 which is on following place. For example, if the CPU on your computer is Athlon64/FX/X2, Turion64, Opteron by AMD, or CPU with EM64T by Intel like Pentium4 501, 504, or all CPUs later from Pentium4 6xx, Pentium D, Core 2 Duo, Xeon and so on.(this example is for desktop computers)

http://fedoraproject.org/

* This site explains with 64 bit version of Fedora 12. However, Most configurations are not different from 32 bit one.

[3] Centos 5.0

http://centos.eecs.wsu.edu/5.5/isos/i386/

The ISO file is for 32 bit computer. But if your computers can adapt to 64 bit computing, it's OK to install 64 bit version of CentOS 5 which is on following place. For example, if the CPU on your computer is Athlon64/FX/X2, Turion64, Opteron by AMD, or CPU with EM64T by Intel like Pentium4 501, 504, or all CPUs later from Pentium4 6xx, Pentium D, Core 2 Duo, Xeon and so on.(this example is for desktop computers)

⇒ http://centos.eecs.wsu.edu/5.5/isos/x86_64/

* This site explains with 64 bit version of CentOS 5. However, Most configurations are not different from 32 bit one.

Configure Services

[1] Stop unnecessary services for your system which are enabled on the default settings. First, Output the list of services with following commands.

[root@ns ~]# chkconfig --list | less


[2] Stop unnecessary services. Following example, a service 'yum-updatesd' is stopped and Disable autostart function.


[root@ns ~]# /etc/rc.d/init.d/yum-updatesd stop
Stopping yum-updatesd [ OK ]
[root@ns ~]# chkconfig yum-updatesd off

[3] Or if a service is not needed for your system, Uninstall it. If you don't know the service which how to work, output documents of it. Following example, documents of 'yum-updatesd' is outputed and uninstalled.


[root@ns ~]# man yum-updatesd
[root@ns ~]# rpm -e yum-updatesd

Initial Config

[1] Add a new user. I used user name as 'cent' on following examples, but Set any names you like to use.

[root@ns ~]# useradd cent// add a user 'cent'
[root@ns ~]# passwd cent// set password for cent
Changing password for user cent.
New UNIX password:// input password you want to set
Retype new UNIX password:// verify
passwd: all authentication tokens updated successfully.
[root@ns ~]# exit// logout

[2] Try to switch by user that was added in section [1].

ns login: cent// input user name
password: // input password
[cent@ns ~]$ su -// switch to root
Password:// input password for root
[root@ns ~]#// done to switching to root

[3] Make 'cent' user that was added in section [1] be only a user who can switch to root.

[root@ns ~]# vi /etc/group// open the file with vi

wheel:x:10:root,cent// line 11: add user

[root@ns ~]# vi /etc/pam.d/su

#%PAM-1.0
auth sufficient pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
auth required pam_wheel.so use_uid // remove '#' that was on the head of line
auth include system-auth
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session optional pam_xauth.so

[root@ns ~]# vi /etc/login.defs

SU_WHEEL_ONLY yes// add this line at the bottom

[4] Set config to forward mails for root to a user who is a system administrator you set as.

[root@ns ~]# vi /etc/aliases

# Person who should get root's mail
root: cent// bottom: remove '#' and add user name

[root@ns ~]# newaliases// set new aliases
/etc/aliases: 77 aliases, longest 10 bytes, 776 bytes total