Linux Tips & Tricks ,Helps, Tutorials and An Ideas: May 2009

Friday, May 15, 2009

Caching LDAP Server

Caching server is required when LDAP server is down and Client want to login in the local machine. If LDAP server is down then even if client is valid then also he/she is not able to login into the local machine.

So to prevent this situation we need to implement Cached credential at client side.

Step 1 : Install required packages

# apt-get install nss-updatedb libnss-db libpam-ccreds

Step 2 : Configure OpenLDAP authentication profile

# vim /etc/auth-client-config/profile.d/open_ldap

[open_ldap]

nss_passwd=passwd: compat ldap [NOTFOUND=return] db

nss_group=group: compat ldap [NOTFOUND=return] db

nss_shadow=shadow: compat ldap

nss_netgroup=netgroup: nis

pam_auth=auth      optional     pam_group.so

        auth       required     pam_env.so

        auth      [success=done default=ignore]   pam_unix.so nullok_secure try_first_pass

        # If LDAP is unavailable, go to next line. If authentication via LDAP is successful, skip 1 line.

        # If LDAP is available, but authentication is NOT successful, skip 2 lines.

        auth       [authinfo_unavail=ignore success=1 default=2] pam_ldap.so use_first_pass

        auth       [default=done] pam_ccreds.so action=validate use_first_pass

        auth       [default=done] pam_ccreds.so action=store

        auth       [default=bad]   pam_ccreds.so action=update

        auth       required     pam_deny.so

pam_account=account     [user_unknown=ignore authinfo_unavail=ignore default=done] pam_unix.so

account     [user_unknown=ignore authinfo_unavail=ignore default=done] pam_ldap.so

        account     required       pam_permit.so

pam_password=password   sufficient   pam_unix.so nullok md5 shadow use_authtok

        password   sufficient   pam_ldap.so use_first_pass

        password   required     pam_deny.so

pam_session=session    required     pam_limits.so

        session    required     pam_mkhomedir.so skel=/etc/skel/ umask=0077

        session    required     pam_unix.so

        session    optional     pam_ldap.so

Save the file.

Step 3: Create a script for configuration

#vi script.sh

echo '#!/bin/sh'               | sudo tee    /etc/cron.daily/upd-local-nss-db

echo `which nss_updatedb` ldap | sudo tee -a /etc/cron.daily/upd-local-nss-db

sudo chmod +x /etc/cron.daily/upd-local-nss-db

cp open_ldap /etc/auth-client-config/profile.d/

auth-client-config -a -p open_ldap

Save the file and make it executable.

#chmod +x script.sh

#./script.sh

Step 4: Configure /etc/ldap.conf file.

Check the parameter

host example.com

base dc=example,dc=com

uri ldap://example.com/

rootbinddn cn=admin,dc=example,dc=com

bind_policy soft

Save file and exit.

# cp /etc/ldap.conf /etc/ldap/ldap.conf

# nss_updatedb ldap

(it will create a passwd.db and group.db )

Step 4 : Test the LDAP client.

#reboot

For caching users in client machine you must need to login one time into the local machine so that your data is stored into the databases. So next time even LDAP server is not available you can able to login into the local machin

#ssh sanjay@ldapclientip

Now Shutdown LDAP service from Server to test caching server

# /etc/init.d/slapd stop.

Now try to login into the LDAP server

#ssh sanjay@ldapclientip

It will permit you to login into the local machine and authentication is based on the data stored in the nss database on local machine.

Enable Caching Server for LDAP client

Configure OpenLDP Server & LDAP Client in Ubuntu

Configure Server

Step 1 : Install Packages

#apt-get install slapd ldap-utils migrationtools

During the installation you will be prompted to supply an Admin password and then to confirm .

Admin password: secret

Confirm password: secret

Step 2 : Reconfigure OpenLDP Server

    #dpkg-reconfigure slapd

This will also prompt you for some information

No

DNS domain name: example.com

Name of your organization: example.com

Admin password: secret

Confirm password: secret

OK

BDB

No

Yes

No

Step 3 : Generate a encrypted password using slappasswd

    #slappasswd

      New password : password

        Conf password : password

        {SSHA}iJE9RpyiswdfdE10MQGof6lNycmGjG0edXd

Step 4 : Check /etc/ldap/slapd.conf file parameter

     # vi init.ldif

database        bdb

suffix          "dc=example,dc=com"

rootdn          "cn=admin,dc=example,dc=com"

rootpw          {SSHA}iJE9RpyiswdfdE10MQGof6lNycmGjG0edXd

    #paste the password we have generated using slappasswd

Step 5 : Reboot the server and start slapd service

# reboot

# /etc/init.d/slapd start

Step 6 : Generate ldif files for user group & organization data

Sample file : # vi init.ldif

dn: dc=example,dc=com

objectClass: dcObject

objectClass: organizationalUnit

dc: example

ou: Example Dot Com

dn: cn=admin,dc=example,dc=com

objectClass: simpleSecurityObject

objectClass: organizationalRole

cn: admin

description: LDAP administrator

userPassword: <password>

dn: ou=people,dc=example,dc=com

objectClass: organizationalUnit

ou: people

dn: ou=groups,dc=example,dc=com

objectClass: organizationalUnit

ou: groups

dn: uid=lionel,ou=people,dc=example,dc=com

objectClass: inetOrgPerson

objectClass: posixAccount

objectClass: shadowAccount

uid: lionel

sn: Porcheron

givenName: Lionel

cn: Lionel Porcheron

displayName: Lionel Porcheron

uidNumber: 1000

gidNumber: 10000

userPassword: <password>

gecos: Lionel Porcheron

loginShell: /bin/bash

homeDirectory: /home/lionel

shadowExpire: -1

shadowFlag: 0

shadowWarning: 7

shadowMin: 8

shadowMax: 999999

shadowLastChange: 10877

mail: lionel.porcheron@example.com

postalCode: 31000

l: Toulouse

o: Example

mobile: +33 (0)6 xx xx xx xx

homePhone: +33 (0)5 xx xx xx xx

title: System Administrator

postalAddress:

initials: LP

dn: cn=example,ou=groups,dc=example,dc=com

objectClass: posixGroup

cn: example

gidNumber: 10000

dn: cn=example2,ou=groups,dc=example,dc=com

objectClass: posixGroup

cn: example2

memberUid: lionel

gidNumber: 10001

save the file

Step 7: Finalize process

#/etc/init.d/slapd stop

# rm -rf /var/lib/ldap/*

# slapadd -l init.ldif

# chown -R openldap:openldap /var/lib/ldap

# /etc/init.d/slapd start

Step 8 : Test Server

#ldapsearch -x -b "cn=admin,dc=example,dc=com"

If It shows the result then server is working fine.

Configure Client

Step 1 : Install required packages

#apt-get install auth-client-config libpam-ldap libnss-ldap

Answer the questions with the following (customize if you need to):

Should debconf manage LDAP configuration?: Yes

LDAP server Uniform Resource Identifier: ldapi://example.com

Distinguished name of the search base: dc=example,dc=com

LDAP version to use: 3

Make local root Database admin: Yes

Does the LDAP database require login? No

LDAP account for root: cn=admin,dc=example,dc=com

LDAP root account password: secret

Step 2: Configure /etc/ldap.conf file

Backup files

#cp /etc/ldap.conf /etc/ldap.conf.org

#cp /etc/ldap/ldap.conf /etc/ldap/ldap.conf.org

Modify the below content from the file /etc/ldap.conf

host example.com

base dc=example,dc=com

uri ldap://example.com/

rootbinddn cn=admin,dc=example,dc=com

bind_policy soft

#cp /etc/ldap.conf /etc/ldap/ldap.conf

Step 3: Configure OpenLDAP authentication profile

Create a new file open_ldap

# vim /etc/auth-client-config/profile.d/open_ldap

Put below content

[open_ldap]

nss_passwd=passwd: compat ldap

nss_group=group: compat ldap

nss_shadow=shadow: compat ldap

pam_auth=auth       required     pam_env.so

auth       sufficient   pam_unix.so likeauth nullok

auth       sufficient   pam_ldap.so use_first_pass

auth       required     pam_deny.so

pam_account=account    sufficient   pam_unix.so

account    sufficient   pam_ldap.so

account    required     pam_deny.so

pam_password=password   sufficient   pam_unix.so nullok md5 shadow use_authtok

password   sufficient   pam_ldap.so use_first_pass

password   required     pam_deny.so

pam_session=session    required     pam_limits.so

session    required     pam_mkhomedir.so skel=/etc/skel/ umask=0077

session    required     pam_unix.so

session    optional     pam_ldap.so

Step 4 : Backup files

#cp /etc/nsswitth.conf /etc/nsswith.conf.org

#cp –ra /etc/pam.d/* /tmp/backup

Step 5 : Enable the new OpenLDAP profile

# auth-client-config -a -p open_ldap

Step 6: Test ldap client

#getent passwd (will show the ldapserver database users created in init.ldif file)

#getent group    (will show the ldapserver group created in init.ldif file)

If above command shows the users then add new user and try to login on client

# vi newuser.ldif

dn: uid=sanjay,ou=People,dc=example,dc=com

uid: sanjay

cn: sanjay

objectClass: account

objectClass: posixAccount

objectClass: top

objectClass: shadowAccount

userPassword: sanjay

shadowLastChange: 14301

shadowMax: 99999

shadowWarning: 7

loginShell: /bin/bash

uidNumber: 1009

gidNumber: 1002

homeDirectory: /home/sanjay

save above file and exit.

#/etc/init.d/slapd stop

#slapadd –l newuser.ldif

#/etc/init.d/slapd start

Try to login to the client machine using

#ssh sanjay@ipaddress

If you are able to login then your configuration is correct otherwise you have missed some points. Check again…enjoy!!!!!!!!!!!!!!!!

Tuesday, May 12, 2009

Installing Gnome Desktop on CentOs/RHEL/Fedora/Ubuntu Server installation

# yum groupinstall “X Window System” “GNOME Desktop Environment”

This should install GNOME Desktop on your System…

For Ubuntu server

#aptitute install ubuntu-desktop or

#apt-get install ubuntu-desktop

Enjoy.......

Friday, May 8, 2009

Import data to mysql database from .txt files using "Sed"

Review the post :http://sanjaybdalal.wordpress.com/2009/05/08/export-mysql-tables-in-txt-files/ . In this post we have export the mysql database data into the .txt files.

Now we are import the data from .txt files to mysql database. For that we have to reformate the .txt files data which will support in the sql format.

#cat example.txt

1,SANJAY,AHMEDABAD,SYSTEM ADMIN

1,PRIYA,PUNE,PERL DEVELOPER

1,AKSHAY,GONDAL,PERL DEVELOPER

1,MIHIR,MUMBAI,PERL DEVELOPER

Now using "sed" command we will format this file to support sql.

sed -e 's/,/","/g' -e 's/^/insert into example values("/g' -e 's/$/");/g' example.txt

#sed -e 's/,/","/g' -e 's/^/insert into example values("/g' -e 's/$/");/g' example.txt > example.txt.new

where ^ represent start to the line and $ represent end of the line.

Output :

#cat example.txt.new

insert into example values("1","SANJAY","AHMEDABAD","SYSTEM ADMIN");

insert into example values("1","PRIYA","PUNE","PERL DEVELOPER");

insert into example values("1","AKSHAY","GONDAL","PERL DEVELOPER");

insert into example values("1","MIHIR","MUMBAI","PERL DEVELOPER");

Thursday, May 7, 2009

Export mysql tables in .txt files

Wednesday, May 6, 2009

Read File using Shell Script

#!/bin/bash

FILENAME="filename.txt"

exec 0< $FILENAME

while read LINE

echo $LINE

done

#!/bin/bash

FILENAME="filename.txt"

exec 0< $FILENAME

while read LINE

echo $LINE

done

Remove Blank lines from file

sed '/./!d' backupfilelist.txt > temp1.txt

sed '/^$/d' backupfilelist.txt > temp1.txt

grep -v '^

filename.txt > temp1.txt

Tech 1 : sed '/./!d' filename.txt > temp1.txt

Tech 2 : sed '/^$/d' filename.txt > temp1.txt

Tech 3 : grep -v '^$' filename.txt > temp1.txt

Shell Script to take Backup Files & Directory

Step 1 : create a file /path/to/backupfilelist.txt which contains the files & directory which you want to take bacup

Step 2 : Write a script backup_files_and_directory.sh

#!/bin/sh

#Script for take a backup of list of files and directory in one compress file

#file format which contains backup files & directory

FILENAME="`date +%d-%m-%Y`.tar.gz"

#This file contains the files & directory which we are going to take backup

BACKUPFILELIST="/path/to/backupfilelist.txt"

#Directory where backup kept

BACKUPDIRECTORY="/root/filebackup"

TAR=`which tar`

#create backup directory if not exist

if [ ! -d $BACKUPDIRECTORY ]; then

mkdir -p /root/filebackup

fi

#check backupfilelist.txt is available or not

if [ -f $BACKUPFILELIST ]; then

        BACKUPFILE=`cat $BACKUPFILELIST | grep -E -v "^#"`

else

        echo "File not Exist...Please create Backup file first"

        exit 1

fi

#check for the backupfilelist.txt null or not

if [ $BACKUPFILELIST = "" ]; then

        echo "Backup file list is empty..Please add some files or directory to take backup"

        exit 2

fi

#take a bakcup

$TAR -zcvf $BACKUPDIRECTORY/$FILENAME $BACKUPFILE > /dev/null

Step 3 : make script executable

#chmod +x backup_file_and_directory.sh

Step 4 : execute file

#./backup_file_and_directory.sh

Mysql database Backup Script

#!/bin/bash

MYSQL=`which mysql` #mysql version

MYSQLDUMP=`which mysqldump` #mysqldump file

HOSTNAME=`hostname` #hostname of backup server

USERNAME="username" #mysql server user

PASSWORD="password" #mysql user password

LOCALSERVER="localhost" #mysql local server name

BACKUPDIRECTORY=/root/mysqldbbackup #backup directory where backup is stored

NOW="$(date +"%d-%m-%Y")" #Backup file format

DATATBASELIST="" #Mysql database list

IGNOREDATABASE="exampledb" #Ignore database not to be include in backup

GZIP=`which gzip` #Gzip to compress the backup file

FILENAME="" #Database backup file names

#store the database list in DATABASELIST

DATABASELIST=`$MYSQL -u $USERNAME -h $LOCALSERVER -p$PASSWORD -Bse 'show databases'`

#Fetch database on by one and take a backup

for db in $DATABASELIST

do

   skipdatabase=-1

   if [ "$IGNOREDATABASE" != "" ]; then

   for i in $IGNOREDATABASE #check the ignore database list

   do

   if [ "$db" = "$i" ]; then

   skipdatabase=1 #it will skip this database and move to second database list

   fi

   done

   fi

   if [ "$skipdatabase" = "-1" ]; then

   FILE="$BACKUPDIRECTORY/$db.$HOSTNAME.$NOW.gz" #Backup file format & Backup directory

   #ALL in one command to take backup & compress the backup file

$MYSQLDUMP -u $USERNAME -h $LOCALSERVER -p$PASSWORD $db | $GZIP -9 > $FILE

Install Joomla how to

It seems that a lot of new Joomla users want to know how to install Joomla. It’s obviously very easy and when I started writing tutorials for Jooma I skiped that step. Of, course that must be the first tutorial but…

You must decide where to install Joomla on your domain. The following paths can be used: http://www.yourdomain.com or http://www.yourdomain.com/Joomla . You you don’t have anything on your domain I will suggest to install on http://www.yourdomain.com. You can also change http://www.yourdomain.com/joomla to http://www.yourdomain.com/site or anything you want.

After you downloaded the package you must decompress it to your hard drive before upload. Decompress and open your FTP client. Login with your Ftp client to your site and upload all your files in the desired directory.

Until all the files upload let’s prepare our database. Login to your cpanel and go to “MySQL databases”. Serach for the button “add db” and type in the form the name of the new database (ex: joomladatabase). Press “add db” button. The new database is created. Now, let’s add a user to that database. Look for “Add User” button. Type your uservame and a password and press “add User”. (don’t forget the password). The next step is to add the user to our database. Below databases are 2 dropdown spots where you see a user and a database. Select yournew user and database. Below select the desired privileges and press “Adduser to DB”.

Wow, finished with our database! You can close now the Cpanel because we don’t need it at this point.

or you can use with phpmyadmin or using command line

mysql -u root -p

password: (your password)

create database joomla; <———– use your databasename

quit:

If the upload is over we can start installing Joomla. Open your browser and type in the adressbar http://www.yourdomain.com or http://www.yourdomain.com/joomla. The browser will load the first page in our installation process. It shoul look like the image below.

If something goes wrong and you don’t see the images above type in your browser http://www.yourdomain.com/installation/index.php. I still the page is stange you must verify if:

you uploaded all your files

you uploaded your files on another directory of your site

you have Apache / SQL / PHP server

Our screen have 3 sections: The first checks that your system is able to run Joomla, the second part are some PHP settings and the thrid part checks several file and directory permissions. All parts must be exacly like our image. If the first 2 are not the same ask your web hosting provider about them and maybe they will make corrections. The 3rd part must be modiied by you. This can be done with your ftp client. You must give the directory permisions (CHMOD) so the files to be writeable.

If everything is ok click “Next” button.

The next screen is Joomla Licence and “Terms and Conditions”. read it and if you agree click the checkbox “I Accept the GPL License” and click “next” button on the top-right.

Next page is the “STEP 1″ in our configuration. We have to fill our database configuration. Your hostname is usually “localhost”. We created before the database, username and password. Now, all you have to do is to fill the spaces with the name of the database, username and password. The MySQL Table prefix can be left “jos_” . If is your first installation click the checkbox “Install Sample data”. Click “Next”. A pop-up window will appear to ask you if all info are correct. Verify again and click “Ok”.

Next page is very simple. Type your Site Name and click “Next”. You can Modify you Site name if you want later in the administration area.

In “STEP 3″ you will confirm your URL, path, email and password. The URL and path are usually right and you don’t need to make modifications. The e-mail and password is your “Super Administrator” e-mail and password. Type your e-mail and a password. Remember the password because you won’t be able to login in the Administrator Section i you forgot it. Your username is by default “admin”. You can change your username, password and e-mail later in the “Administration Section”. If all done press “Next”.

Last Step! You see in this screen your username and password. Also Joomla remember you to delete the “Installation” directory. (Use ftp client for that). Also, you have the configuration file typed. Select all and copy. With your ftp client edit “configuration.php” and type (better “paste”) what is written in this last Step.

That’s all! You can press “View Site” to view your new Joomla Site, or “Administration” to enter in the “Administration Area”.

Tuesday, May 5, 2009

Find Command Tips

Find out multiple files
Find out multiple extention files with Total size

find / $ -name '*.mpg' -o -name '*.mp3' -o -name '*.mov' -o -name '*.wma' $ -exec du -sk {} \; | awk '{c+=$1} END {printf "%s KB\n", c}'

#find / $ -name '*.mpg' -o -name '*.mp3' -o -name '*.mov' -o -name '*.wma' $ -exec du -sk {} \;

Find out multiple extention files with Total size

find / $ -name '*.mpg' -o -name '*.mp3' -o -name '*.mov' -o -name '*.wma' $ -exec du -sk {} \; | awk '{c+=$1} END {printf "%s KB\n", c}'

Monday, May 4, 2009

Adjusting qmail queue time / lifetime

set the queuelifetime:

# echo 86,400" > /var/qmail/control/queuelifetime

# /etc/init.d/qmail restart

The above example is for 1 days (qmail needs the time length in seconds). Just take the days and multiply by 86,400 seconds to get your result.

Saturday, May 2, 2009

Mysql Replication status notification

Using the script you can get the alert message from the replication server if replication is down or not working.

--------------------------------------------------------------------------------------------

#!/bin/bash

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

#script checking the replication is running or not.

#If replication is down then sent the alert mail.

slave_server_hostname=192.168.10.1

###check if already notified###

cd /root

if [ -f slave_problem.txt ]; then

rm -rf /root/slave_problem.txt

exit 1;

fi

###Check if slave running###

(

echo "show slave status \G;"

) | mysql -u username -h $slave_server_hostname -ppassword 2>&1 | grep "Slave_IO_Running: No"

if [ "$?" -ne "1" ]; then

echo "Replication Failed"

echo "Replication failed" > /root/slave_problem.txt

fi

###Send notification if replication down###

cd /root

if [ -f slave_problem.txt ]; then

#mail -s "Replication problem" mail_id@domainname.com< /root/slave_problem.txt

echo "Problem in replicaition"

fi

----------------------------------------------------------------------------------------------

Setup this script in conrtab of Master server

#chmod +x /path/to/Checkreplication.sh

#crontab -e

* * * * * /path/to/Checkreplication.sh

Linux Tips & Tricks ,Helps, Tutorials and An Ideas