Wednesday, October 14, 2015

Script to create SVN Project

1 => Create a file create_project.sh and copy below code and paste in file and save it

#vim create_project.sh

#!/bin/bash
black='\E[30m'
red='\E[31m'
green='\E[32m'
yellow='\E[33m'
blue='\E[34m'

echo -e "$blue Please Enter Project Name $black"
read PROJ

svnadmin create /opt/lampp/htdocs/sub/repos/$PROJ

#Change Directory according to your SVN Directory

touch /opt/lampp/htdocs/sub/repos/$PROJ/hooks/post-commit

chmod 777 /opt/lampp/htdocs/sub/repos/$PROJ/hooks/post-commit

echo -e "svn export --force file:///opt/lampp/htdocs/sub/repos/$PROJ/  /opt/lampp/htdocs/sub/web/$PROJ/" > /opt/lampp/htdocs/sub/repos/$PROJ/hooks/post-commit

sed -i '15i anon-access = none' /opt/lampp/htdocs/sub/repos/$PROJ/conf/svnserve.conf

sed -i '16i auth-access = write' /opt/lampp/htdocs/sub/repos/$PROJ/conf/svnserve.conf

sed -i '17i  password-db = passwd' /opt/lampp/htdocs/sub/repos/$PROJ/conf/svnserve.conf

echo -e "$Blue SVN project $black $green $PROJ $blue created sucessfully please allow users in "$green /opt/lampp/htdocs/sub/repos/$PROJ/conf/passwd
$blue"  to access $green $PROJ $blue Repository "
echo -e "SVN Repository URL for Project $green $PROJ $blue is given below "
echo -e "$grean svn://192.168.1.100:/opt/lampp/htdocs/sub/repos/$PROJ $black"

## Change your IP according to your Server


 Note: if you want to learn how to create SVN server use below link.

http://makelinuxinteresting.blogspot.in/2015/02/how-to-create-svn-server-and-add.html


Thursday, April 30, 2015

How to reset mysql user password if forgot



1 => Create a temporary SQL text file, /tmp/temp.sql

 2 => Open /tmp/temp.sql file and write below query
 

SET PASSWORD FOR root@localhost = PASSWORD('New_password')

3 =>  Add below line in your MySQL config file (on Ubuntu this is on /etc/mysql/my.cnf), under the [mysqld] section: 
 
init-file=/tmp/temp.sql

4 > Now restart MySQL service after that check your mysql password has been reset

5 =>  Now remove the init-file=/tmp/temp.sql entry from my.cnf (do not forget this). Even as the server is up and running.

6 : =>  Remove the /tmp/temp.sql file.


Note : you can use this step for xampp also just use /opt/lampp/etc/my.cnf 



###################Enjoy ##########################

Tuesday, March 24, 2015

Create SFTP User in Linux



1 => Create a folder which you want to share with sftp

#mkdir /opt/lampp/htdocs/nirmal

2 => Create a user to allow as a sftp user

#useradd -d /opt/lampp/htdocs/nirmal nirmal

# passwd nirmal
Enter new UNIX password: 123
Retype new UNIX password: 123
passwd: password updated successfully

 #chown nirmal:nirmal -R /opt/lampp/htdocs/nirmal

 
3 => Now sftp user created check it by below given command from client system

#sftp nirmal@192.168.1.100
The authenticity of host '192.168.1.100 (192.168.1.100)' can't be established.
ECDSA key fingerprint is bd:d1:10:33:31:04:14:83:b2:8d:1b:ef:97:fc:b2:67.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.100' (ECDSA) to the list of known hosts.
nirmal@192.168.1.100's password:
Connected to 192.168.1.100.
sftp> pwd
Remote working directory: /opt/lampp/htdocs/nirmal
sftp> mkdir a
sftp> ls
a
sftp> exit


4 => Now go on server and check created directory available or not

#ls -l /opt/lampp/htdocs/nirmal/
total 1drwxrwxr-x 2 nirmal nirmal 4096 Mar 24 17:22 a



5 => Now your sftp is working fine

6 => Go on client and install filezilla to access sftp graphically .

#apt-get install  filezilla



##################### Enjoy #####################

Thursday, March 19, 2015

Create User in Linux from Bash Script


To create user in Linux system use below script.



root@nirmal-desktop:~# vim userscript.sh

#!/bin/bash
for USER in test1 test2 test3 test4
do
useradd  -s /bin/bash $USER
mkdir -p /home/$USER
chown $USER:$USER -R /home/$USER
PASSINPUT=`echo $USER|cut -c1-3`123
echo "$USER:$PASSINPUT" | chpasswd
echo "$USER successfully created "
done




##################### Enjoy ########################

Tuesday, March 10, 2015

Setup Crontab Entry in Linux


To Setup crontab fallow below step



#crontab -e
# m h  dom mon dow   command


MAILTO=nirmal_singh18@yahoo.com

#below entry will run command on every 60 minute from 6:00 AM to 8:00 PM every day

00  06-20 * * * command

#below entry will run command on 1:35 AM and 1:35 PM   and save all log in /root/error.log file



35 1,13 * * * command 2>&1 | tee -a /root/error.log

#below entry will run command on 2:00 AM every day     

0 2 * * * command

#below entry will run command on 12:00 PM, 3:00 PM, 6:00 PM, 9:00 PM  every day     


0 12,15,18,21 * * * command/script


#save and exit

Note : MAILTO option will send all the cron running status on mail

Setup Virtual Network Configuration in Ubuntu Server


1 => Open /etc/rc.local  file and make entry like below  given format.


#vim /etc/rc.local


#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
ifconfig eth0:0 192.168.1.101 netmask 255.255.255.0
route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1 dev eth0:0

exit 0
~                                  




#save file and exit




Note: Modify IP address according to your need .


2 => Restart the server


3 => check


 #ifconfig
eth0      Link encap:Ethernet  HWaddr 00:50:56:bc:20:ee 
          inet addr:192.168.1.100  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::250:56ff:febc:20ee/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:251416556 errors:0 dropped:12715298 overruns:0 frame:0
          TX packets:133142418 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:205568847089 (205.5 GB)  TX bytes:238098048978 (238.0 GB)

eth0:0    Link encap:Ethernet  HWaddr 00:50:56:bc:20:ee 
          inet addr:192.168.1.101  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1











###############  Enjoy ###########################

Setup Static Network Configuration in Ubuntu Server



1 => Open /etc/network/interfaces  file and make entry like below  given format.


#vim /etc/network/interfaces

auto eth0
iface eth0 inet static
        address 192.168.1.100
        netmask 255.255.255.0
        network 192.168.1.0
        broadcast 192.168.1.255
        gateway 192.168.1.1
        dns-nameservers 8.8.8.8


#save file and exit

#/etc/init.d/networking restart

# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:50:56:bc:20:ee 
          inet addr:192.168.1.100  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::250:56ff:febc:20ee/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:251416556 errors:0 dropped:12715298 overruns:0 frame:0
          TX packets:133142418 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:205568847089 (205.5 GB)  TX bytes:238098048978 (238.0 GB)



###################   Enjoy #########################

Tuesday, March 3, 2015

How to Configure Ethernet Bonding in RedHat/CentOS/Fedora


1 => Make master and slave entry in ifcfg-eth0 configuration file

#vim /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
MASTER=bond0
USERCTL=no
SLAVE=yes
BOOTPROTO=dhcp
TYPE=Ethernet
ONBOOT=yes
IPV6INIT=no

2  => Make master and slave entry in ifcfg-eth1 configuration file

#vim /etc/sysconfig/network-scripts/ifcfg-eth1

DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
MASTER=bond0
SLAVE=yes
USERCTL=no
IPV6INIT=no

3 =>  Create a file in the /etc/sysconfig/network-scripts/ directory with ifcfg-bond0 name and put entry according to your network.

#vim /etc/sysconfig/network-scripts/ifcfg-bond0

DEVICE=bond0
IPADDR=192.168.1.135
GATEWAY=192.168.1.1
NETMASK=255.255.255.0
DNS1=8.8.8.8
#BONDING_OPTS="miimon=100 mode=1"
USERCTL=no
BOOTPROTO=none
ONBOOT=yes
TYPE=Ethernet
HWADDR=00:00:00:00:00:00
IPV6INIT=no

4 => As a root, create a new file name bonding.conf in the /etc/modprobe.d/ directory. You can use any name but it should be end with a .conf extension

#vim /etc/modprobe.d/bounding.conf

alias bond0 bonding
options bond0 miimon=100 mode=1 lacp_rate=1


#Save file and exit

5 => Update driver for bounding

#modprobe bonding


6 => Restart system and run below command to check


root@nirmal-server1]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.6.0 (September 26, 2009)

Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: eth0
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

Slave Interface: eth0
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 08:00:27:38:9a:ef
Slave queue ID: 0

Slave Interface: eth1
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 1
Permanent HW addr: 08:00:27:23:2d:47
Slave queue ID: 0


7 =>  Check IP

[root@nirmal-server1]# ifconfig

bond0     Link encap:Ethernet  HWaddr 00:0C:21:60:30:C4
          inet addr:192.168.1.135  Bcast:172.16.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe69:31c4/64 Scope:Link
          UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
          RX packets:19676 errors:0 dropped:0 overruns:0 frame:0
          TX packets:342 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1623240 (1.5 MiB)  TX bytes:42250 (41.2 KiB)

eth0      Link encap:Ethernet  HWaddr 00:0C:21:60:30:C4
          UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
          RX packets:10057 errors:0 dropped:0 overruns:0 frame:0
          TX packets:171 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:832257 (812.7 KiB)  TX bytes:22751 (22.2 KiB)
          Interrupt:19 Base address:0x2000

eth1      Link encap:Ethernet  HWaddr 00:0C:21:60:30:C4
          UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
          RX packets:9620 errors:0 dropped:0 overruns:0 frame:0
          TX packets:173 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:791043 (772.5 KiB)  TX bytes:20207 (19.7 KiB)
          Interrupt:19 Base address:0x2080

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Enjoy !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Monday, March 2, 2015

If a normal user can not shutdown system change the policy to resolve the issue.


* Change the section relating to shutdown when others are logged in from

Edit the file /usr/share/polkit-1/actions/org.freedesktop.consolekit.policy using your favorite text editor. You will need root permission

Defaults settings

<action id="org.freedesktop.consolekit.system.stop-multiple-users">
    <description>Stop the system when multiple users are logged in</description>
    <message>System policy prevents stopping the system when other users are logged in</message>
    <defaults>
      <allow_inactive>no</allow_inactive>
      <allow_active>auth_admin_keep</allow_active>
    </defaults>
  </action>
To change

<action id="org.freedesktop.consolekit.system.stop-multiple-users">
    <description>Stop the system when multiple users are logged in</description>
    <message>System policy prevents stopping the system when other users are logged in</message>
    <defaults>
      <allow_inactive>no</allow_inactive>
      <allow_active>yes</allow_active>
    </defaults>
  </action>

* And the section relating to rebooting when others are logged in from From

<action id="org.freedesktop.consolekit.system.restart-multiple-users">
    <description>Restart the system when multiple users are logged in</description>
    <message>System policy prevents restarting the system when other users are logged in</message>
    <defaults>
      <allow_inactive>no</allow_inactive>
      <allow_active>auth_admin_keep</allow_active>
    </defaults>
  </action>
To
<action id="org.freedesktop.consolekit.system.restart-multiple-users">
    <description>Restart the system when multiple users are logged in</description>
    <message>System policy prevents restarting the system when other users are logged in</message>
    <defaults>
      <allow_inactive>no</allow_inactive>
      <allow_active>yes</allow_active>
    </defaults>
  </action>

How To enable login Prompt in ubuntu 12.04

By default login prompt is disable in Ubuntu 12.04 if you want to enable it
run below command .


#/usr/lib/lightdm/lightdm-set-defauls -m true

 After running above command login prompt will enable .

How to disable guest account in ubuntu 12.04

By default guest account is enable in Ubuntu 12.04 if you have need just disable
it by below step .


1 => Open /etc/lightdm/lightdm.conf file 
#vim /etc/lightdm/lightdm.conf

allow-guest=false #make this entry inside this file 

Save file and restart the system after rebooting guest account will disable .




###########################Good Lock #############################################

Troubleshoot unable to run sudo command "error = must be set uid root "


Run below command to resolve "must be set uid root " error .
  
#chown root:root /usr/bin/sudo
#chmod 4755 /usr/bin/sudo
#chmod 0440 /etc/sudoers
#chmod 0440 /etc/sudoers.d/README
#chmod 0775 /etc/sudoers.d/

reboot system and check


Friday, February 27, 2015

MLS(Multy layer security) Troubleshooting in Centos/RHEl/Fedora (kernal panic )





Make entry inside  /etc/selinux/config file on line no 11

SELINUXTYPE=mls

Note= after this your system will not work it will give kernal panic error.

To resolve

Boot system in rescue mode and change to default mode

vim /etc/selinux/config

SELINUXTYPE=targeted

save file and exit after that restart

How To add Bridge Network in Ubuntu




#apt-get install bridge-utils
#vim /etc/network/interfaces #make below entry in this file and change app according
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet manual

auto br0
iface br0 inet static
        address 192.168.0.100
        network 192.168.0.0
        netmask 255.255.255.0
        broadcast 192.168.0.255
        gateway 192.168.0.1
        dns-nameservers 8.8.8.8 8.8.4.4
        bridge_ports eth0
        bridge_fd 9
        bridge_hello 2
        bridge_maxage 12
        bridge_stp off

Thursday, February 26, 2015

How to reset the permissions of the all installed RPM packages in Centos/RHEL/Fedora


If you run 777 permission by mistake on server then you can restore default permission by running below commands .



#for p in $(rpm -qa); do rpm --setperms $p; done

#for p in $(rpm -qa); do rpm --setugids $p; done




!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Tuesday, February 17, 2015

How to Create SVN Server and add Repository on Ubuntu Server



SVN Documentation

Svn server: 192.168.1.100
Base Directory: /opt/lampp/htdocs/sub
Subdirectories: - repos (contains all svn repos )
- data (used as a container during initial import)
- web ( extracted data from the repos is present here)

Packages Required

subversion
libapache2-svn (for apache)
rapidsvn (client side)

$ Creating svn repository

This is to be done 192.168.1.100 Server

# mkdir /opt/lampp/htdocs/sub/repos/<repo-name>   ( optional )

# svnadmin create /opt/lampp/htdocs/sub/repos/<repo-name>

$ Put data into 192.168.1.100:/opt/lampp/htdocs/sub/data/

Note : If You have initinal code to import in repository use this .
 
 Eg :
<192.168.1.100># rsync -av (project_source) 192.168.1.100:/opt/lampp/htdocs/sub/data/

<192.168.1.100># cd /opt/lampp/htdocs/sub/data

<192.168.1.100># svn import <project name> file:///opt/lampp/htdocs/sub/repos/<project name> -m "initial import <project name>"

<192.168.1.100># touch /opt/lampp/htdocs/sub/repos/<project name>/hooks/post-commit

<192.168.1.100># chmod 777 /opt/lampp/htdocs/sub/repos/<project name>/hooks/post-commit

<192.168.1.100># echo “svn export --force file:///opt/lampp/htdocs/sub/repos/(project name)/  /opt/lampp/htdocs/sub/web/<project name>/” > /opt/lampp/htdocs/sub/repos/<project name>/hooks/post-commit

$ To enable user authentication make these three entries in the file
<192.168.1.100># vim /opt/lampp/htdocs/sub/repos/<project name>/conf/svnserve.conf
anon-access = none
auth-access = write
password-db = passwd

$ To add username and password
<192.168.1.100># vim /opt/lampp/htdocs/sub/repos/<project name>/conf/passwd
  nirmal= nirmal@123


$ To configure globle svn options (Like ignoring particular files and folders)
<192.168.1.100># vim /etc/subversion/config
global-ignores = *.swf *.mkv *.flv .*.swp .git networkimage uploads


$ Start the svn server
<192.168.1.100># svnserve -d

Thursday, January 29, 2015

LVM Configuration and Management



1 => Install package for LVM

#apt-get install lvm2 
Or 
#yum install lvm2
 
2 => Create physical partition  

#pvcreate /dev/sdb1 /dev/sdb2
3 => Create volume Group
#vgcreate VG0 /dev/sdb1
         or 
#vgcreate VG0 /dev/sdb1 /dev/sda3


#vgchange -a y VG0
 
4 => Create Logical Volumes
 
#lvcreate -l 100%FREE -n LV001 VG0
#mkfs.ext4 /dev/VG0/LV001

5 => Mount Partition Permanently 

#vim /etc/fstab



/dev/VG0/LV001  /opt  ext3    defaults 0 0
 
#Save file and run below command  to check

#mount -a



TO add New harddisk or New Partation in LVM 

1 => Check current size of LVM
 #lvdisplay 
2 => Check Current physical partition   
 #pvdisplay 
3 => 
fdisk -l
pvcreate /dev/sdd1
pvcreate /dev/sdc1
pvdisplay 
vgdisplay 
vgextend VG0 /dev/sdc1
vgdisplay 
vgextend VG0 /dev/sde1
vgdisplay 
lvdisplay 
lvextend -l +100%FREE /dev/mapper/VG0-LV001
resize2fs /dev/mapper/VG0-LV001
lvdisplay 
df -h

Linux server hardening | Secure Linux Servers

 Linux server hardening is the process of securing a Linux server by reducing its attack surface and mitigating security risks. The goal is ...