OpenSSH SFTP chroot() with ChrootDirectory

(via www.debian-administration.org)

The upcoming version of OpenSSH (4.8p1 for the GNU/Linux port) features a new configuration option : ChrootDirectory. This has been made possible by a new SFTP subsystem statically linked to sshd.

sandboxed Python development environments with pythonbrew

(via suvashthapaliya.com)

As developers get started with a project, they prefer having total control over the development environment, as much as possible to perfectly match the deployment environment. The other strong requirement, especially in a team with mutiple developers would be to work on exactly replicated environments.

MySQL Database Restore

I've had to do mysql database restores based on lvm snapshot backups, one too many times... from damaging sql statements. So here is some notes from the last one for future reference:

* Prior to restore, make sure no writes are coming to the corresponding db schema.

* Restore the database schema from the daily archived snapshot:

service msyqld stop
mv /var/lib/mysql/db1 /var/lib/mysql/db1_old
cd /var/lib
tar -xzf /opt/bak/db/latest_db.tgz mysql/db1
tar -xvzf /opt/bak/db/latest_db.tgz mysql/snapshot.log
service mysqld start

Note: The above process is for database schema with MyISAM tables only, so just restoring the corresponding db folder was sufficient.

The snapshot.log file has the status of the master/slave replicated positions shown via "show master status\G" and "show slave status\G". Additionally, I also pipe in the file sizes of the mysql bin logs at the time the lvm snapshot was taken.

Once the database has been restored from the daily snapshot archive, begin restoring from the binary logs to bring the data up to date.

* Extract from bin log using position recorded in the snapshot.log file:

mysqlbinlog --database db1 --start-position=XXXXXX mysql-bin.[0-9]* >db1.sql

* Edit the db1.sql file and remove the unwanted transaction.

Note: If you do not have exact positions, you could playback the logs with an approximate start and end date in the below format:

--start-datetime="YYYY-MM-DD HH:MM:SS" --stop-datetime="YYYY-MM-DD HH:MM:SS"

* However, If duplicate error occurs, change "INSERT" to "INSERT IGNORE" or "REPLACE" to overwrite:

perl -pi -e 's/^INSERT /INSERT IGNORE /g' db1.sql

* Check to make sure that no other database schema is being used, if found you will have to remove those lines as well if playing back just a single schema:

grep -i "^use" db1.sql

* Run import:

mysql db1 <db1.sql

With that import, the datbase schema should be caught up and restored back to it's current state with the unwanted transaction/s removed.

Access VirtualBox Guest via Host

Go to VirtualBox Preferences and under "Network", add host-only network. This will add a new vboxnet0 interface, which comes up as "192.168.56.1/24"

In the Guest Settings, add the "Host-only" to a second "Network Adapter"

Once Guest boots up, assign a static IP to the second adapter.

For Debian based servers, edit /etc/network/interfaces and add the below, which should bring up the network upon reboot:

auto eth1
iface eth1 inet static
address 192.168.56.101
netmask 255.255.255.0

You should now be able to ping and ssh to the guest via the host server on the second interface.

Ensim Zone File Template

All bind templates are at "/usr/lib/opcenter/bind" location.

Modify "named_conf_zone.tmpl" file to allow for transfers adding in the IP addresses of secondary DNS.

Changing IP address of Ensim server

To change the IP address of an Ensim server, modify the following files replacing any instance of the old IP address with the new one:

/etc/hosts
/etc/resolv.conf
/etc/sysconfig/network
/etc/sysconfig/network-scripts/ifcfg-eth0
/etc/virtualhosting/namebased_ip_addrs
/etc/httpd/conf/httpd20_app.conf
/etc/virtualhosting/localnameserver
/etc/bind/options.conf.wp
/home/virtual/FILESYSTEMTEMPLATE/siteinfo/etc/resolv.conf

Reboot the server, then run the "NBDetectchanges"

/usr/local/bin/NBDetectchanges

How to install Icinga (Nagios Fork) in Ubuntu 12.10 server

Icinga is an enterprise grade open source monitoring system which keeps watch over networks and any conceivable network resource, notifies the user of errors and recoveries and generates performance data for reporting. Scalable and extensible, Icinga can monitor complex, large environments across dispersed locations.

manually updating java in ubuntu

Below is outlined the process of updating to the latest JDK in ubuntu and updating the alternatives link manually to point the the latest java:

Step 1: Download:

wget http://download.oracle.com/otn-pub/java/jdk/7u15-b03/jdk-7u15-linux-x64.tar.gz
cd /usr/lib/jvm/
tar -xzf ~/downloads/jdk-7u15-linux-x64.tar.gz

Step 2: If java-7-sun already exists, the below is all that is needed if not skip to step 3 if this is the first time it is setup:

unlink java-7-sun
ln -s jdk1.7.0_15 java-7-sun

Step 3: If java-7-sun link does not already exists:

ln -s jdk1.7.0_15 java-7-sun
update-alternatives --install "/usr/bin/java" "java" "/usr/lib/jvm/java-7-sun/bin/java" 1
update-alternatives --install "/usr/bin/javac" "javac" "/usr/lib/jvm/java-7-sun/bin/javac" 1
update-alternatives --install "/usr/lib/mozilla/plugins/libjavaplugin.so" "mozilla-javaplugin.so" "/usr/lib/jvm/java-7-sun/jre/lib/amd64/libnpjp2.so" 1
update-alternatives --install "/usr/bin/javaws" "javaws" "/usr/lib/jvm/java-7-sun/bin/javaws" 1

Step 4: Choose the java just installed as default:

update-alternatives --config java
update-alternatives --config javac
update-alternatives --config javaws
update-alternatives --config mozilla-javaplugin.so

Resetting WordPress admin password

Here is the sql to reset admin password for wordpress:

update wp_users set user_pass=md5("NEWPASS") where ID=1;

Even if the passwords are salted, you can still replace the password with an MD5 hash.

Install yum from centos vault

I had to update an old release of CentOS-5.5 on an OpenVZ container where yum was not available.

The below script should automatically download and install the required rpms from "vault.centos.org".

#!/bin/bash
# install_yum.sh
rpms="
        rpm-libs-4.4.2.3-18.el5.x86_64.rpm
        popt-1.10.2.3-18.el5.x86_64.rpm
        rpm-4.4.2.3-18.el5.x86_64.rpm
        python-elementtree-1.2.6-5.x86_64.rpm
        python-iniparse-0.2.3-4.el5.noarch.rpm
        python-sqlite-1.1.7-1.2.1.x86_64.rpm
        rpm-python-4.4.2.3-18.el5.x86_64.rpm
        python-urlgrabber-3.1.0-5.el5.noarch.rpm
        yum-fastestmirror-1.1.16-14.el5.centos.1.noarch.rpm
        yum-metadata-parser-1.1.2-3.el5.centos.x86_64.rpm
        yum-3.2.22-26.el5.centos.noarch.rpm
"
for rpm in $rpms
do
rpm -Uvh --nodeps http://vault.centos.org/5.5/os/x86_64/CentOS/${rpm};
done

Syndicate content
Comment