Some LVM Notes

September 8th, 2011 No Comments

A few LVM notes to jog the brain

A. Steps to create the logical volume..

List the current physical volumes. In this instance, were interested in a blank 20GB SATA – /dev/sdb. You can extend a logical volume by adding additional phyical volumes later.

fdisk -l
Disk /dev/sda: 21.5 GB, 21474836480 bytes
255 heads, 63 sectors/track, 2610 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000b5a0f

Read More »

High Availability Linux Web Server Example

September 8th, 2011 No Comments

Just a quick example of setting up a Linux HA failover environment for an Apache/MySQL web server. This runs through a Ubuntu installation, however RedHat shouldn’t vary too much.

2.11.1.24 – fixed IP of server1
2.11.1.25 – fixed IP of server2
2.11.1.30 – apache site1 (virtual IP)
2.11.1.31 – apache site2 (virtual IP)

Make sure both servers have a sensible hostname and ensure their hosts files relate to this:

etc/hosts
127.0.0.1 localhost
2.11.1.24 ubuntu-server-1.mydomain.com ubuntu-server-1
2.11.1.25 ubuntu-server-2.mydomain.com ubuntu-server-2

Read More »

Some NFS Notes

September 8th, 2011 No Comments

A few notes on configuring NFS on RedHat or Ubuntu

The server packages to install are:
Ubuntu:
apt-get-install nfs-kernel-server nfs-common quota
RedHat:
yum install nfs-utils nfs-utils-lib quota

The client Packages are:
Ubuntu:
apt-get install nfs-common
RedHat:
yum install nfs-utils nfs-utils-lib

A few things to configure on the server:

/etc/hosts.allow
Any hosts listed here will be granted access to everything i.e
ALL: 2.11.1.2[4-5]
ALL: 192.168.1.*

Read More »

Example IPTables rules for a webserver

May 28th, 2011 2 Comments

Just a quick and basic example IPTables ruleset to secure a web/mail server:

# Allow outgoing traffic and disallow any passthroughs

iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP

# Allow traffic already established to continue

iptables -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT

Read More »

Don’t be a Tw@t – Use At!

May 28th, 2011 No Comments

Sigh :( today I made a schoolboy error – making config changes to a live firewall on a remote server without giving myself any kind of safety net! Anyway, this is an example of where you should really use something like the at command to bail you out should anything go wrong:

get the current system time:
date

Schedule at to run a command 5 minutes from now:
at -m 13:50
service iptables stop
ctrl-d

Read More »

Android Apps for a System Administrator

May 27th, 2011 No Comments

With phones getting smarter and smarter, its now possible to monitor servers and perform basic administration tasks from your android handset. Here are a few tools I find useful.

Connectbot is a great SSH client for the Android. It is fully functional, supporting SSH keys and copy/paste etc.

 

For Windows RDP connections, I found PocketCloud to be the nicest to use free app, but at the time of writing there was a keyboard bug on Samsung handsets. Remote RDP Lite does the same thing in a less elegant way.

Read More »

Screen – Can be useful!

May 20th, 2011 No Comments

Screen is something I’ve never been interested in using previously, but to be honest, it has many benefits. Screen is basically a window manager that allows you to run many windows from your SSH session. By doing this you don’t need to initiate several SSH sessions to a box when running complex tasks. Also if your connection is terminated in the middle of your task, you can resume your screen session.

Basics:

Start screen:
screen

Create new screen window:
CTRL + A + C

Read More »

Install Java 1.6 JRE and JDK On CentOS5

May 9th, 2011 No Comments

Very busy right now, so here’s a quick and dirty writeup for install Java 1.6 on centos5.

To install the JDK

yum install -y jpackage-utils
wget http://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/VerifyItem-Start/jdk-6u14-linux-x64-rpm.bin?BundledLineItemUUID=KxWJ_hCuwSUAAAEvTWRZB8TT&OrderID=WeuJ_hCuedUAAAEvLGRZB8TT&ProductID=tPxIBe.oz2IAAAEhmh0zLjfT&FileName=/jdk-6u14-linux-x64-rpm.bin
chmod +x jdk-6u14-linux-i586-rpm.bin
./jdk-6u14-linux-i586-rpm.bin

Read More »

Roll back RPM packages – CentOS/RedHat

March 22nd, 2011 No Comments

Wouldn’t it be useful to be able to easily undo a yum/RPM change that you have just made? Well you can.
By default yum/RPM do not save roll back information. This feature can easily be enabled by doing the following, however its not perfect and can use a lot of disk space as its repackaging the files whenever you do anything. Keep an eye on /var/spool/repackage to make sure its not growing too much.

/etc/yum.conf add the line:
tsflags=repackage

/etc/rpm/macros add the line:
(create this file if it doesnt exist)
%_repackage_all_erasures 1

Once this has been enabled, any install/update/erase you do through yum or RPM will save the roll back information, allowing you to easily roll back the transaction should something bad happen.

Examples:

rpm -Uhv –rollback ’14:00′
rpm -Uhv –rollback ’9 hours ago’
rpm -Uhv –rollback ‘december 12′
rpm -Uhv –rollback ‘yesterday’

Read More »

Your WordPress.com account, xxx is not authorized to view the stats of this blog.

March 22nd, 2011 No Comments

So its fair to say that I’ve been somewhat neglecting this blog – been far too busy in the world of access control software!

Anyway, to start with a simple one, I signed into my wordpress account today and noticed that the site stats weren’t working with the following error:

Your WordPress.com account, xxx is not authorized to view the stats of this blog.

Simple fix: wordpress.com stats now seem to be integrated with jetpack. Disable the stats plugin, then install the jetpack plugin. You will need a wordpress.com account if you haven’t got one already.

Read More »
« Older Entries