Friday, February 27, 2015

MLS(Multy layer security) Troubleshooting in Centos/RHEl/Fedora (kernal panic )





Make entry inside  /etc/selinux/config file on line no 11

SELINUXTYPE=mls

Note= after this your system will not work it will give kernal panic error.

To resolve

Boot system in rescue mode and change to default mode

vim /etc/selinux/config

SELINUXTYPE=targeted

save file and exit after that restart

How To add Bridge Network in Ubuntu




#apt-get install bridge-utils
#vim /etc/network/interfaces #make below entry in this file and change app according
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet manual

auto br0
iface br0 inet static
        address 192.168.0.100
        network 192.168.0.0
        netmask 255.255.255.0
        broadcast 192.168.0.255
        gateway 192.168.0.1
        dns-nameservers 8.8.8.8 8.8.4.4
        bridge_ports eth0
        bridge_fd 9
        bridge_hello 2
        bridge_maxage 12
        bridge_stp off

Thursday, February 26, 2015

How to reset the permissions of the all installed RPM packages in Centos/RHEL/Fedora


If you run 777 permission by mistake on server then you can restore default permission by running below commands .



#for p in $(rpm -qa); do rpm --setperms $p; done

#for p in $(rpm -qa); do rpm --setugids $p; done




!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Tuesday, February 17, 2015

How to Create SVN Server and add Repository on Ubuntu Server



SVN Documentation

Svn server: 192.168.1.100
Base Directory: /opt/lampp/htdocs/sub
Subdirectories: - repos (contains all svn repos )
- data (used as a container during initial import)
- web ( extracted data from the repos is present here)

Packages Required

subversion
libapache2-svn (for apache)
rapidsvn (client side)

$ Creating svn repository

This is to be done 192.168.1.100 Server

# mkdir /opt/lampp/htdocs/sub/repos/<repo-name>   ( optional )

# svnadmin create /opt/lampp/htdocs/sub/repos/<repo-name>

$ Put data into 192.168.1.100:/opt/lampp/htdocs/sub/data/

Note : If You have initinal code to import in repository use this .
 
 Eg :
<192.168.1.100># rsync -av (project_source) 192.168.1.100:/opt/lampp/htdocs/sub/data/

<192.168.1.100># cd /opt/lampp/htdocs/sub/data

<192.168.1.100># svn import <project name> file:///opt/lampp/htdocs/sub/repos/<project name> -m "initial import <project name>"

<192.168.1.100># touch /opt/lampp/htdocs/sub/repos/<project name>/hooks/post-commit

<192.168.1.100># chmod 777 /opt/lampp/htdocs/sub/repos/<project name>/hooks/post-commit

<192.168.1.100># echo “svn export --force file:///opt/lampp/htdocs/sub/repos/(project name)/  /opt/lampp/htdocs/sub/web/<project name>/” > /opt/lampp/htdocs/sub/repos/<project name>/hooks/post-commit

$ To enable user authentication make these three entries in the file
<192.168.1.100># vim /opt/lampp/htdocs/sub/repos/<project name>/conf/svnserve.conf
anon-access = none
auth-access = write
password-db = passwd

$ To add username and password
<192.168.1.100># vim /opt/lampp/htdocs/sub/repos/<project name>/conf/passwd
  nirmal= nirmal@123


$ To configure globle svn options (Like ignoring particular files and folders)
<192.168.1.100># vim /etc/subversion/config
global-ignores = *.swf *.mkv *.flv .*.swp .git networkimage uploads


$ Start the svn server
<192.168.1.100># svnserve -d

Linux server hardening | Secure Linux Servers

 Linux server hardening is the process of securing a Linux server by reducing its attack surface and mitigating security risks. The goal is ...