Monday, April 28, 2014
SVN-Subversion installation and configuration
Installing SVN
yum install mod_dav_svn subversion
Add it in httpd conf or in httpd/conf.d/subversion.conf
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
<Location /svn>
DAV svn
SVNParentPath /var/www/svn
AuthType Basic
AuthName "Subversion repositories"
AuthUserFile /etc/svn-auth-users
Require valid-user
</Location>
Creating User for accessing the SVN
htpasswd -cm /etc/svn-auth-users user1
New password:
Re-type new password:
Adding password for user user1
## Create user2 ##
htpasswd -m /etc/svn-auth-users user2
New password:
Re-type new password:
Adding password for user user2
Creating the directories and correcting permissions
mkdir /var/www/svn
cd /var/www/svn
Creating repositories
svnadmin create testrepo
chown -R apache.apache testrepo
## If you have SELinux enabled (you can check it with "sestatus" command) ##
## then change SELinux security context with chcon command ##
chcon -R -t httpd_sys_content_t /var/www/svn/testrepo
## Following enables commits over http ##
chcon -R -t httpd_sys_rw_content_t /var/www/svn/testrepo
or else disable the selinux
setenforce 0
Restart the service
systemctl restart httpd.service
## OR ##
service httpd restart
## CentOS / RHEL ##
/etc/init.d/httpd restart
## OR ##
service httpd restart
Friday, April 25, 2014
Linux Acl in detail
Let's assume we have /dev/sda1 mounted on /data1 and we want to enable the acl option.
[root@server ~]# tune2fs -l /dev/sda1
To enable ACLs on a filesystem, we must set the fs default and remount:
[root@server ~]# tune2fs -o acl /dev/sda1
[root@server ~]# mount -o remount,acl /data1
Use getfacl to view ACLs:
[root@server ~]# touch /data1/foo.txt
[root@server ~]# getfacl /data1/foo.txt
getfacl: Removing leading '/' from absolute path names
# file: data1/foo.txt
# owner: root
# group: root
user::rw-
group::r--
other::r--
Use setfacl to set ACLs, with -m to modify and -x to remove a given ACL.
give user ram read+write+execute on a file:
[root@server ~]# setfacl -m u:ram:rwx /data1/foo.txt
give group peeps read+write on a file:
[root@server ~]# setfacl -m g:peeps:rw /data1/foo.txt
remove ram's ACL permissions:
[root@server ~]# setfacl -x u:ram /data1/foo.txt
set the default ACL permissions on a directory:
[root@server ~]# setfacl -m d:g:peeps:rw /data1/stuff/
revoke write permission for everyone:
[root@server ~]# setfacl -m m::rx /data1/foo.txt
When ACLs are present, an ls -l will show a plus sign to notify you:
[root@server ~]# ls -l /data1/foo.txt
-rw-rwxr--+ 1 root root 0 Dec 3 14:54 /data1/foo.txt
Note that the mv and cp -p commands will preserve ACLs. If you have defaults set on a parent directory, new files in that directory will inherit those settings.
If you want to remove all ACLs, reverting back to the base unix permissions of owner, group and other:
[root@server ~]# setfacl --remove-all /data1/foo.txt
[root@server ~]# tune2fs -l /dev/sda1
To enable ACLs on a filesystem, we must set the fs default and remount:
[root@server ~]# tune2fs -o acl /dev/sda1
[root@server ~]# mount -o remount,acl /data1
Use getfacl to view ACLs:
[root@server ~]# touch /data1/foo.txt
[root@server ~]# getfacl /data1/foo.txt
getfacl: Removing leading '/' from absolute path names
# file: data1/foo.txt
# owner: root
# group: root
user::rw-
group::r--
other::r--
Use setfacl to set ACLs, with -m to modify and -x to remove a given ACL.
give user ram read+write+execute on a file:
[root@server ~]# setfacl -m u:ram:rwx /data1/foo.txt
give group peeps read+write on a file:
[root@server ~]# setfacl -m g:peeps:rw /data1/foo.txt
remove ram's ACL permissions:
[root@server ~]# setfacl -x u:ram /data1/foo.txt
set the default ACL permissions on a directory:
[root@server ~]# setfacl -m d:g:peeps:rw /data1/stuff/
revoke write permission for everyone:
[root@server ~]# setfacl -m m::rx /data1/foo.txt
When ACLs are present, an ls -l will show a plus sign to notify you:
[root@server ~]# ls -l /data1/foo.txt
-rw-rwxr--+ 1 root root 0 Dec 3 14:54 /data1/foo.txt
Note that the mv and cp -p commands will preserve ACLs. If you have defaults set on a parent directory, new files in that directory will inherit those settings.
If you want to remove all ACLs, reverting back to the base unix permissions of owner, group and other:
[root@server ~]# setfacl --remove-all /data1/foo.txt
Thursday, April 24, 2014
Flush Your Local DNS Cache
Windows Vista/Windows 7:
ipconfig /flushdns
Successfully flushed the DNS Resolver Cache.
Windows XP
ipconfig /flushdns
Successfully flushed the DNS Resolver Cache.
Mac OS X 10.5.2 and above
dscacheutil -flushcache
Mac OS X 10.5.1 and below
Click on the Finder icon in your dock. Open your Applications folder.
Inside the Applications folder, click on Utilities and then Terminal.
Type the following command in the Terminal window and press Enter:
lookupd -flushcache
Linux
nscd -i hosts
– Clear local DNS cache for current user.
nscd -I hosts
– Clear local DNS cache for all users.
Wednesday, April 23, 2014
Creating a custom Nagios function
Nagios Exit Codes
Exit Code Status
0 OK
1 WARNING
2 CRITICAL
3 UNKNOWN
Create the Script to be added as the Plugin
#!/bin/bash
used_space=`df -h / | grep -v Filesy | awk '{print $5}' | sed 's/%//g'`
case $used_space in
[1-84]*)
echo "OK - $used_space% of disk space used."
exit 0
;;
[85]*)
echo "WARNING - $used_space% of disk space used."
exit 1
;;
[86-100]*)
echo "CRITICAL - $used_space% of disk space used."
exit 2
;;
*)
echo "UNKNOWN - $used_space% of disk space used."
exit 3
;;
esac
try to put the script in same plugin directory with the other ones
/usr/lib/nagios/plugins/
make it executable
Add Your New Command to Nagios Checks on Nagios Monitoring Server
Define new command in /etc/nagios/objects/commands.cfg
define command{
command_name usedspace_bash
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c usedspace_bash
}
Add Your Script to NRPE configuration on client host
command[usedspace_bash]=/usr/lib/nagios/plugins/usedspace.sh
adding to configuration
/etc/nagios/servers/<name-0f-config>.cfg
define service {
use generic-service
host_name Hostname
service_description Custom Disk Checker In Bash
check_command usedspace_bash
}
Exit Code Status
0 OK
1 WARNING
2 CRITICAL
3 UNKNOWN
Create the Script to be added as the Plugin
#!/bin/bash
used_space=`df -h / | grep -v Filesy | awk '{print $5}' | sed 's/%//g'`
case $used_space in
[1-84]*)
echo "OK - $used_space% of disk space used."
exit 0
;;
[85]*)
echo "WARNING - $used_space% of disk space used."
exit 1
;;
[86-100]*)
echo "CRITICAL - $used_space% of disk space used."
exit 2
;;
*)
echo "UNKNOWN - $used_space% of disk space used."
exit 3
;;
esac
try to put the script in same plugin directory with the other ones
/usr/lib/nagios/plugins/
make it executable
Add Your New Command to Nagios Checks on Nagios Monitoring Server
Define new command in /etc/nagios/objects/commands.cfg
define command{
command_name usedspace_bash
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c usedspace_bash
}
Add Your Script to NRPE configuration on client host
command[usedspace_bash]=/usr/lib/nagios/plugins/usedspace.sh
adding to configuration
/etc/nagios/servers/<name-0f-config>.cfg
define service {
use generic-service
host_name Hostname
service_description Custom Disk Checker In Bash
check_command usedspace_bash
}
Tuesday, April 22, 2014
Adding ESXI to Nagios
yum install perl-Pod-Perldoc perl-CPAN openssl-devel
# wget http://dl.fedoraproject.org/pub/epel/6/i386/perl-Nagios-Plugin-0.35-1.el6.noarch.rpm
# wget http://mirror.centos.org/centos/6/os/i386/Packages/perl-Config-Tiny-2.12-7.1.el6.noarch.rpm
# wget http://mirror.centos.org/centos/6/os/i386/Packages/perl-Params-Validate-0.92-3.el6.i686.rpm
# rpm -ivh perl-Nagios-Plugin-0.35-1.el6.noarch.rpm perl-Config-Tiny-2.12-7.1.el6.noarch.rpm perl-Params-Validate-0.92-3.el6.i686.rpm
# cd /root
# tar xvzf VMware-vSphere-Perl-SDK-4.1.0-254719.i386.tar.gz
# cd vmware-vsphere-cli-distrib/
# ./vmware-install.pl
# cd /usr/lib/nagios/plugins/
Download check_esx3.pl and make it executable
http://exchange.nagios.org/components/com_mtree/attachment.php?link_id=2154&cf_id=29
chmod +x check_esx3.pl
vim /usr/local/nagios/etc/objects/vmware.cfg
First define all your hosts as shown below
# Host esx01
define host{
use vmware-server
host_name esxi01
alias VMWare ESXi 01
address IP Address
}
define host{
use vmware-server
host_name esxi02
alias VMWare ESXi 02
address IP Address
}
# Similarly you can define all the hosts
# Now define a hostgroup for your Esxi Hosts:
define hostgroup{
hostgroup_name Esxi-Servers ; The name of the hostgroup
alias Vmware Servers ; Long name of the group
members esxi01,esxi02
}
# Now create the service definition as shown below
# check cpu
define service{
use generic-service
host_name esxi01
service_description ESXi CPU Load
check_command check_esx_cpu!80!90
}
# check memory usage
define service{
use generic-service
host_name esxi01
service_description ESXi Memory usage
check_command check_esx_mem!80!90
}
# check net
define service{
use generic-service
host_name esxi01
service_description ESXi Network usage
check_command check_esx_net!102400!204800
}
# check runtime status
define service{
use generic-service
host_name esxi01
service_description ESXi Runtime status
check_command check_esx_runtime
}
# check io read
define service{
use generic-service
host_name esxi01
service_description ESXi IO read
check_command check_esx_ioread!40!90
}
# check io write
define service{
use generic-service
host_name esxi01
service_description ESXi IO write
check_command check_esx_iowrite!40!90
}
Define the commands related to ESXi in the /usr/local/nagios/etc/objects/command.cfg file
vim /usr/local/nagios/etc/objects/commands.cfg
# check vmware esxi machine
# check cpu
define command{
command_name check_esx_cpu
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l cpu -s usage -w $ARG1$ -c $ARG2$
}
# check memory usage
define command{
command_name check_esx_mem
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l mem -s usage -w $ARG1$ -c $ARG2$
}
# check net usage
define command{
command_name check_esx_net
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l net -s usage -w $ARG1$ -c $ARG2$
}
# check runtime status
define command{
command_name check_esx_runtime
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l runtime -s status
}
# check io read
define command{
command_name check_esx_ioread
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l io -s read -w $ARG1$ -c $ARG2$
}
# check io write
define command{
command_name check_esx_iowrite
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l io -s write -w $ARG1$ -c $ARG2$
}
Adding configuration to nagios
vim /usr/local/nagios/etc/nagios.cfg
cfg_file=/usr/local/nagios/etc/objects/vmware.cfg
# wget http://dl.fedoraproject.org/pub/epel/6/i386/perl-Nagios-Plugin-0.35-1.el6.noarch.rpm
# wget http://mirror.centos.org/centos/6/os/i386/Packages/perl-Config-Tiny-2.12-7.1.el6.noarch.rpm
# wget http://mirror.centos.org/centos/6/os/i386/Packages/perl-Params-Validate-0.92-3.el6.i686.rpm
# rpm -ivh perl-Nagios-Plugin-0.35-1.el6.noarch.rpm perl-Config-Tiny-2.12-7.1.el6.noarch.rpm perl-Params-Validate-0.92-3.el6.i686.rpm
# cd /root
# tar xvzf VMware-vSphere-Perl-SDK-4.1.0-254719.i386.tar.gz
# cd vmware-vsphere-cli-distrib/
# ./vmware-install.pl
# cd /usr/lib/nagios/plugins/
Download check_esx3.pl and make it executable
http://exchange.nagios.org/components/com_mtree/attachment.php?link_id=2154&cf_id=29
chmod +x check_esx3.pl
vim /usr/local/nagios/etc/objects/vmware.cfg
First define all your hosts as shown below
# Host esx01
define host{
use vmware-server
host_name esxi01
alias VMWare ESXi 01
address IP Address
}
define host{
use vmware-server
host_name esxi02
alias VMWare ESXi 02
address IP Address
}
# Similarly you can define all the hosts
# Now define a hostgroup for your Esxi Hosts:
define hostgroup{
hostgroup_name Esxi-Servers ; The name of the hostgroup
alias Vmware Servers ; Long name of the group
members esxi01,esxi02
}
# Now create the service definition as shown below
# check cpu
define service{
use generic-service
host_name esxi01
service_description ESXi CPU Load
check_command check_esx_cpu!80!90
}
# check memory usage
define service{
use generic-service
host_name esxi01
service_description ESXi Memory usage
check_command check_esx_mem!80!90
}
# check net
define service{
use generic-service
host_name esxi01
service_description ESXi Network usage
check_command check_esx_net!102400!204800
}
# check runtime status
define service{
use generic-service
host_name esxi01
service_description ESXi Runtime status
check_command check_esx_runtime
}
# check io read
define service{
use generic-service
host_name esxi01
service_description ESXi IO read
check_command check_esx_ioread!40!90
}
# check io write
define service{
use generic-service
host_name esxi01
service_description ESXi IO write
check_command check_esx_iowrite!40!90
}
Define the commands related to ESXi in the /usr/local/nagios/etc/objects/command.cfg file
vim /usr/local/nagios/etc/objects/commands.cfg
# check vmware esxi machine
# check cpu
define command{
command_name check_esx_cpu
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l cpu -s usage -w $ARG1$ -c $ARG2$
}
# check memory usage
define command{
command_name check_esx_mem
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l mem -s usage -w $ARG1$ -c $ARG2$
}
# check net usage
define command{
command_name check_esx_net
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l net -s usage -w $ARG1$ -c $ARG2$
}
# check runtime status
define command{
command_name check_esx_runtime
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l runtime -s status
}
# check io read
define command{
command_name check_esx_ioread
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l io -s read -w $ARG1$ -c $ARG2$
}
# check io write
define command{
command_name check_esx_iowrite
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l io -s write -w $ARG1$ -c $ARG2$
}
Adding configuration to nagios
vim /usr/local/nagios/etc/nagios.cfg
cfg_file=/usr/local/nagios/etc/objects/vmware.cfg
Tuesday, April 15, 2014
Openssl-heartbleed-fix
Downloading and updating the SSL.
cd /usr/src
wget http://www.openssl.org/source/openssl-1.0.1g.tar.gz
tar -zxf openssl-1.0.1g.tar.gz
cd openssl-1.0.1g
./config shared
make
make test
make install
cd /usr/src
rm -rf openssl-1.0.1g.tar.gz
rm -rf openssl-1.0.1g
to over write the current open ssl use the following config mode .
./config --prefix=/usr --openssldir=/usr/local/openssl shared Sunday, April 13, 2014
Ubuntu- DNS - setting it to static and dynamic
In case of static
cat /etc/network/interfaces
cat /etc/network/interfaces
# The loopback network interfaceSetting it to dhcp
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.58
gateway 192.168.1.1
network 192.168.1.0
broadcast 192.168.1.255
dns-nameservers 66.212.63.228 66.212.48.10
iface eth0 inet dhcp
Subscribe to:
Posts (Atom)