Editing or Adding Grub 2 Menu Entries

Open these three entering via terminal 

$ sudo gedit /etc/default/grub

$ sudo gedit /etc/grub.d/40_custom

$ sudo gedit /boot/grub.cfg

From the grub.conf copy the content which starts from 
#BEGIN
menuentry

After u done that you run the command :

$  sudo update-grub


at No comments:

CREATE JAIL FOR USER TO THEIR HOME DIRECTORY


-->
  • You need the GNU Compiler Collection to install these programs.
yum install gcc

  • Install zlib
--------------------------------------------------------------------------------------------------------------------------------------
cd /tmp
mkdir -p /opt/zlib
mkdir zlib1.25
cd zlib1.25/
wget http://zlib.net/zlib125.zip
unzip zlib125.zip
make
make install prefix=/opt/zlib/
--------------------------------------------------------------------------------------------------------------------------------------
  • Now we install openssl into the opt directory as well
The make commands here take forever to run. If the 'make test' command returns any errors, you will need to fix them before continuing.

--------------------------------------------------------------------------------------------------------------------------------------
cd /tmp
mkdir -p /opt/openssl
wget http://www.openssl.org/source/openssl-1.0.0e.tar.gz
tar xvzf openssl-1.0.0e.tar.gz
cd openssl-1.0.0e
./config --prefix=/opt/openssl --openssldir=/opt/openssl
make
make test
make install
--------------------------------------------------------------------------------------------------------------------------------------
  •  Next we will download openssh
--------------------------------------------------------------------------------------------------------------------------------------
cd /tmp
mkdir -p /opt/openssh
wget http://mirror.team-cymru.org/pub/OpenBSD/OpenSSH/portable/openssh-5.9p1.tar.gz
tar xvzf openssh-5.9p1.tar.gz
cd openssh-5.9p1
--------------------------------------------------------------------------------------------------------------------------------------
  • Now we will install openssh. To find where your xauth file is located you may need to run the "which xauth" command. If you know what you are doing you may add your own options to the configure command below.
Some of these commands make take some time to run. Go grab a coke.
REMEMBER: This tutorial is meant for setting up a server for the first time. You may need to copy your sshd_config file (or at least the directives you want to keep) from /etc/ssh to save your old settings.

--------------------------------------------------------------------------------------------------------------------------------------
./configure --prefix=/opt/openssh --with-ssl-dir=/opt/openssl --with-xauth=/usr/X11R6/bin/xauth --with-zlib=/opt/zlib
make
make install
--------------------------------------------------------------------------------------------------------------------------------------


  • To automatically run the new ssh shell, we will use init. You need to change the following lines in /etc/init.d/sshd
--------------------------------------------------------------------------------------------------------------------------------------
# Some functions to make the below more readable
KEYGEN=/opt/openssh/bin/ssh-keygen
SSHD=/opt/openssh/sbin/sshd
RSA1_KEY=/opt/openssh/etc/ssh_host_key
RSA_KEY=/opt/openssh/etc/ssh_host_rsa_key
DSA_KEY=/opt/openssh/etc/ssh_host_dsa_key
--------------------------------------------------------------------------------------------------------------------------------------
  • Then we will restart ssh and test to see if it is running smoothly.
--------------------------------------------------------------------------------------------------------------------------------------
/etc/init.d/sshd restart
telnet localhost 22
--------------------------------------------------------------------------------------------------------------------------------------

The telnet command should return some lines looking like this:
You need to be sure that the last line includes the "OpenSSH_5.9" to confirm that it is the version we just installed.

--------------------------------------------------------------------------------------------------------------------------------------
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
SSH-2.0-OpenSSH_5.9
--------------------------------------------------------------------------------------------------------------------------------------


  • Next you need to edit '/opt/openssh/etc/sshd_config' to enable the jail.
    Replace any lines starting with 'subsystem' with this line:
--------------------------------------------------------------------------------------------------------------------------------------
Subsystem sftp internal-sftp
--------------------------------------------------------------------------------------------------------------------------------------
Also add (at the bottom of the file) the following lines
--------------------------------------------------------------------------------------------------------------------------------------
Match Group sftponly
ChrootDirectory /home/%u
ForceCommand internal-sftp
AllowTcpForwarding no
Now, all users added to the 'sftponly' group will be jailed to their home directory.
--------------------------------------------------------------------------------------------------------------------------------------
  • We will need to create the 'sftponly' group so we can add our untrustworthly users to it. Also, we set up the environment to allow jailing.
--------------------------------------------------------------------------------------------------------------------------------------
groupadd sftponly
chown root:root /home
chmod 755 /home
--------------------------------------------------------------------------------------------------------------------------------------
Now when you create users that need to be jailed, make sure they belong to the 'sftponly' group. For the user "mark" with the password "test", you will need to do the folling steps.

--------------------------------------------------------------------------------------------------------------------------------------
useradd mark
usermod -g sftponly mark
usermod -s /bin/false mark
usermod -d /home/mark mark
passwd mark
--------------------------------------------------------------------------------------------------------------------------------------

  • To set up the jail run the following commands
--------------------------------------------------------------------------------------------------------------------------------------
chmod 755 /home/mark
chown root:root /home/mark
mkdir /home/mark/public_html
chown mark:sftponly /home/mark/public_html
--------------------------------------------------------------------------------------------------------------------------------------

Try to log in as mark through putty (or any ssh terminal). You should get some sort of error involving an abort or denied access.
(optinal for ftp users )
Install vsftpd
#yum install vsftpd
Now it is done 
at No comments:

MYSQL MASTER-SLAVE REPLICATION

MySQL Master-Slave Replication on CentOS / RHEL

 This was using MySQL 5.0 and CentOS 5.3, but this should work for most semi-recent versions of both.In this setup, transactions are mirrored to the slave server as they happen on the master.
In this tutorial I’ll use the following setup:
Master Server: 10.1.100.1
Slave Server: 10.2.200.2
MySQL Data path: /var/lib/mysql
MySQL slave user named slave_user

[Master]

First, edit the master server MySQL config file. Add/Replace the following lines

vim /etc/my.cnf
# [mysqld] section
# Start Modification
# First line is probably already there
datadir = /var/lib/mysql
server-id = 1
relay-log = /var/lib/mysql/mysql-relay-bin
relay-log-index = /var/lib/mysql/var/mysql-relay-bin.index
log-error = /var/lib/mysql/mysql.err
master-info-file = /var/lib/mysql/mysql-master.info
relay-log-info-file = /var/lib/mysql/mysql-relay-log.info
log-bin = /var/lib/mysql/mysql-bin
# Stop Modification
Restart MySQL to load the changes
1
service mysqld restart

[Slave]

Now we’ll do about the same thing on the slave server
1
vim /etc/my.cnf
# [mysqld] section
# Start Modification
# First line is probably already there
datadir = /var/lib/mysql
server-id = 2
relay-log = /var/lib/mysql/mysql-relay-bin
relay-log-index = /var/lib/mysql/mysql-relay-bin.index
log-error = /var/lib/mysql/var/mysql.err
master-info-file = /var/lib/mysql/mysql-master.info
relay-log-info-file = /var/lib/mysql/mysql-relay-log.info
# Stop Modification
Restart MySQL to load the changes
1
service mysqld restart

[Master]

Now we need to tell MySQL where we are replicating to and what user we will do it with.





mysql -u root -p
mysql> STOP SLAVE;
mysql> GRANT REPLICATION SLAVE ON *.* TO 'slave_user'@'%' IDENTIFIED BY 'slave_password';
mysql> FLUSH PRIVILEGES;
Now we will test that this side of the replication is working and get the location that we will start the replication from.









mysql> USE Any_database_name;
mysql> FLUSH TABLES WITH READ LOCK;mysql> SHOW MASTER STATUS;

+------------------+----------+--------------+------------------+
| File             | POSITION | Binlog_Do_DB | Binlog_Ignore_DB |
+------------------+----------+--------------+------------------+
| mysql-bin.000001 |   451228 |              |                  |
+------------------+----------+--------------+------------------+
1 ROW IN SET (0.00 sec)
Write down the File, Position number, as this is where we will start the replication from.
Here it is a good idea to do a dump of your master database(s) and pipe it into your slave server.


mysqldump -u root --all-databases --single-transaction --master-data=1 > /home/MasterSnapshot.sql

[Slave]

First grab your SQL dump file from the master server. You can use whatever method you would like to transfer the file. SCP example:



scp root@10.1.100.1:/path/to/MasterSnapshot.sql root@10.2.200.2:/home/MasterSnapshot.sql
Import the SQL file into MySQL


mysql -u root -p < /home/MasterSnapshot.sql
Now we’ll set the slave to read from the master server, starting at the record position we wrote down earlier. Make sure you use the MASTER_LOG_FILE and MASTER_LOG_POS from a few steps back.




mysql> CHANGE MASTER TO MASTER_HOST='10.1.100.1', MASTER_USER='slave_user', 
MASTER_PASSWORD='slave_password', MASTER_LOG_FILE='mysql-bin.000001',
  MASTER_LOG_POS=451228;
mysql> START SLAVE;
mysql> SHOW SLAVE STATUS\G;
Make sure that from the resulting output you have the following:
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
If you don’t, check the MySQL error log to find out what is causing the problem :)

AFTER DOING THIS IF WE WANT TO KEEP DELAY FROM MASTER TO SLAVE WE SHOULD USE MAAKIT :

#rpm -Uvh http://download.fedora.redhat.com/pub/epel/6/i386/epel-release-6-5.noarch.rpm

#yum install maatkit 
#mk-slave-delay --delay 1m --interval 15s --run-time 10m slavehost
 
at No comments:
Subscribe to: Posts (Atom)

Start and Stop ssh-agent

Below is the bash script used to start and stop ss-agent #!/bin/bash ## in .bash_profile SSHAGENT=`which ssh-agent` SSHAGENTARGS="...