Linux tutorials Archives

In our previous tutorials, we have discussed,

Today, we will see how to create OpenVZ Container in OpenVZ.

What is Containers?

The Virtual machines are known as Containers in OpenVZ. Unlike the traditional virtual machines of VMWare, KVM, Oracle VirtualBox, the main advantage of Containers is that they will share the resources of the physical machine dynamically. That means, a particular amount of RAM or Disk space will not be allocated to any particular container. The pool of resources will be equally shared by all Containers on demand.

Creating Containers in OpenVZ

The list of available pre-created templates will be found in this location: http://openvz.org/Download/template/precreated

Here, we’ll be creating a CentOS 7 Container and assign IP address to that container as 192.168.1.103/24.

Log in to OpenVZ physical server, and go to the /vz/template/cache which is the default directory to store the downloaded templates.

cd /vz/template/cache/

Download CentOS 7 minimal template:

wget http://download.openvz.org/template/precreated/centos-7-x86_64-minimal.tar.gz

Be mindful that you should unpack the tar file. Just place it in your Physical server as it was downloaded.

Now, Enter the following command to create the first virtual machine.

vzctl create 101 --ostemplate centos-7-x86_64-minimal

Sample output:

Creating image: /vz/private/101.tmp/root.hdd/root.hdd size=2306867K
Creating delta /vz/private/101.tmp/root.hdd/root.hdd bs=2048 size=4614144 sectors v2
Storing /vz/private/101.tmp/root.hdd/DiskDescriptor.xml
Opening delta /vz/private/101.tmp/root.hdd/root.hdd
Adding delta dev=/dev/ploop42825 img=/vz/private/101.tmp/root.hdd/root.hdd (rw)
mke2fs 1.41.12 (17-May-2010)
Discarding device blocks: done                            
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
144288 inodes, 576256 blocks
28812 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=4294967296
18 block groups
32768 blocks per group, 32768 fragments per group
8016 inodes per group
Superblock backups stored on blocks: 
    32768, 98304, 163840, 229376, 294912

Writing inode tables: done                            
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 35 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.
tune2fs 1.41.12 (17-May-2010)
Setting maximal mount count to -1
Setting error behavior to 2
Setting interval between checks to 0 seconds
Creating balloon file .balloon-c3a5ae3d-ce7f-43c4-a1ea-c61e2b4504e8
Mounting /dev/ploop42825p1 at /vz/private/101.tmp/root.hdd/root.hdd.mnt fstype=ext4 data='' 
Unmounting device /dev/ploop42825
Opening delta /vz/private/101.tmp/root.hdd/root.hdd
Adding delta dev=/dev/ploop42825 img=/vz/private/101.tmp/root.hdd/root.hdd (rw)
Mounting /dev/ploop42825p1 at /vz/root/101 fstype=ext4 data='balloon_ino=12,' 
Creating container private area (centos-7-x86_64-minimal)
Unmounting file system at /vz/root/101
Unmounting device /dev/ploop42825
Opening delta /vz/private/101/root.hdd/root.hdd
Adding delta dev=/dev/ploop42825 img=/vz/private/101/root.hdd/root.hdd (rw)
Mounting /dev/ploop42825p1 at /vz/root/101 fstype=ext4 data='balloon_ino=12,' 
Performing postcreate actions
Unmounting file system at /vz/root/101
Unmounting device /dev/ploop42825
CT configuration saved to /etc/vz/conf/101.conf
Container private area was created

Here,

101 – Container ID (It typically starts from 100)

Next, we have to setup the IP address to the Container, fro example: 192.168.1.103.

vzctl set 101 --ipadd 192.168.1.103 --save

Sample output:

CT configuration saved to /etc/vz/conf/101.conf

Assign DNS servers:

vzctl set 101 --nameserver 8.8.8.8 --save

Sample output:

CT configuration saved to /etc/vz/conf/101.conf

That’s it. We have successfully created and assigned IP address to the new container.

Starting Containers

Run the following command to start our newly created container.

vzctl start 101

Sample output:

Starting container...
Opening delta /vz/private/101/root.hdd/root.hdd
Adding delta dev=/dev/ploop42825 img=/vz/private/101/root.hdd/root.hdd (rw)
Mounting /dev/ploop42825p1 at /vz/root/101 fstype=ext4 data='balloon_ino=12,' 
Container is mounted
Adding IP address(es): 192.168.1.103
Setting CPU units: 1000
Container start in progress...

You can verify it by pinging the container from the Physical server.

ping 192.168.1.103

Sample output:

PING 192.168.1.103 (192.168.1.103) 56(84) bytes of data.
64 bytes from 192.168.1.103: icmp_seq=1 ttl=64 time=0.063 ms
64 bytes from 192.168.1.103: icmp_seq=2 ttl=64 time=0.081 ms
64 bytes from 192.168.1.103: icmp_seq=3 ttl=64 time=0.073 ms

Entering to the Container

Now, we can log in to the Container using command:

vzctl enter 101

Sample output:

entered into CT 101

From now on, you are in the newly created container. Just play with your new virtual machine and do what you want to do.

To exit, and return back to your original physical computer, just enter:

exit

Sample output:

logout
exited from CT 101

Adjust Firewall To Access Containers from Remote systems

Edit /etc/sysconfig/iptables:

vi /etc/sysconfig/iptables

Find the following two lines:

:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]

Add the following lines(marked in bold letters) between the above two lines.

:FORWARD ACCEPT [0:0]
-P FORWARD ACCEPT
-F FORWARD
:OUTPUT ACCEPT [0:0]

Also, make sure the following has been commented out.

#-A FORWARD -j REJECT –reject-with icmp-host-prohibited

Refer the following screenshot of my testing machine.

Save and close the file.

Then, Restart iptables service to take effect the saved changes.

service iptables restart

Now, you can access the newly created Container from outside of your network.

For example, I can SSH to the Vm from my Ubuntu desktop.

ssh root@192.168.1.103

Adding more RAM and Disk space to the Container

Please not that we haven’t assigned any specific RAM or disk size to the Container. By default, the new Container will have the 256 MB RAM, 512 MB vSwap Memory and 2 GB disk space. If you want to assign more RAM and disk space, you have to edit and adjust the /etc/vz/conf/101.conf file. Here 101.conf is the Container conf file which has the Container ID 101. You can view the list of configurations for all containers under /etc/vz/ directory.

Let us increase the RAM and disk size of tour new VM (ID: 101).

To do that, log in to the physical server(not in the VM) and edit file,

vi /etc/vz/conf/101.conf

Find the following lines, and change as per your wish.

# RAM
PHYSPAGES="0:256M"

# Swap
SWAPPAGES="0:512M"

# Disk quota parameters (in form of softlimit:hardlimit)
DISKSPACE="2G:2.2G"
DISKINODES="131072:144179"
QUOTATIME="0"

That’s it. Start using the VM in OpenVZ.

Want to know more about OpenVZ? Well, check out the official OpenVZ user documentation.

Cheers!

Advertise here with BSA

---------------------------------------------------------------------
How To Create OpenVZ Container In OpenVZ

About Jenkins

From Wikipedia,

Jenkins is an open source continuous integration tool written in Java. The project was forked from Hudson after a dispute with Oracle. Jenkins provides continuous integration services for software development. It is a server-based system running in a servlet container such as Apache Tomcat. It supports SCM tools including AccuRev, CVS, Subversion, Git, Mercurial, Perforce, Clearcase and RTC, and can execute Apache Ant and Apache Maven based projects as well as arbitrary shell scripts and Windows batch commands. The primary developer of Jenkins is Kohsuke Kawaguchi, and it is released under the MIT License.

Install Jenkins in centos 7 (Master)

1. First install wget

yum install -y wget

2. Add jenkins repository

sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo
sudo rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key

3. Install jenkins

sudo yum install jenkins

4. Install java

sudo yum install java-1.7.0-openjdk

5. Configure firewall

firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --reload

6. Start Jenkins

sudo /etc/init.d/jenkins restart
systemctl restart jenkins.service

7. Open your browser http://ip-addre:8080

For Debian based systems (Master)

1. Update your system first

# apt-get update
# apt-get upgrade

2. You need apache installed configure jenkins

# apt-get install apache2

3. Install Java

# apt-get install openjdk-7-jdk

4. Check you java installed

# java -version

5. Install Jenkins

5.1 Add the key and source list to apt.

# wget -q -O - https://jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add -

5.2 Create a sources list for Jenkins:

# sh -c 'echo deb http://pkg.jenkins-ci.org/debian binary/ > /etc/apt/sources.list.d/jenkins.list'

6. Update the cache

# apt-get update

7. Start The installation

# apt-get install jenkins

8. Start Jenkins

/etc/init.d/jenkins start

The log file will be placed in /var/log/jenkins/jenkins.log.

9-Open your browser http://ip-addre:8080

That’s it. In our upcoming articles, we will see how to deploy things from master to slave systems.

Advertise here with BSA

---------------------------------------------------------------------
How To Install Jenkins In Ubuntu 14.10 And CentOS 7

About HomeBank

HomeBank is a free, open source, personal finance and money management application that can be used to manage your daily and monthly finance details easily as well as effectively. It has built-in powerful filtering tools and graphs that will help you to analyze your everyday transactions. It is a cross platform tool which will work on almost all common devices and operating systems, including Linux, Windows, FreeBSD, and Mac OS X.

Features at a glance

HomeBank has the following notable features.

Cross platform, supports GNU/Linux, Microsoft Windows, Mac OS X;
Import easily from Intuit Quicken, Microsoft Money or other software;
Import bank statements (OFX, QIF, CSV, QFX);
Duplicate transaction detection;
Automatic cheque numbering;
Various account types : Bank, Cash, Asset, Credit card, Liability;
Scheduled transaction;
Category split;
Internal transfer;
Month/Annual budget;
Dynamic powerful reports;
Automatic category/payee assignment;
Vehicule cost;
And more yet to come.

The complete and comprehensive feature details are given here.

Installation

On Ubuntu:

HomeBank team has created a official PPA to make the installation much easier.

Run the following commands one by one to install it in Ubuntu 13.10, and 14.04.

sudo add-apt-repository ppa:mdoyen/homebank
sudo apt-get update
sudo apt-get install homebank

On Debian:

It is available in the official Debian repositories since debian lenny (5.0).

sudo apt-get install homebank

On Fedora:

It is available in the official repositories since Fedora core 6.

sudo yum install homebank

On openSUSE/SUSE:

zypper in homebank

yast -i homebank

On Mandriva:

urpmi homebank

On Gentoo:

emerge homebank

On Arch:

pacman -S homebank

Also, you can download and compile it using the binary package.

Usage

The HomeBank default interface will look like below.

Creating Accounts:

The first step is to create accounts.

To do that, go to Manage -> Accounts from the Menu bar. Click on the Add button and enter the name of your account.

Then, select the type of the account(Bank, Cash, Asset, Credit card, etc.) from the ‘Type’ drop down box of the General section. Next, enter the Starting balance, Check book number, etc.

Also, you can specify the bank name where the account is registered, and the minimum balance.

Finally, click Close.

The account details(Opening, Closing, and Future balance) will be shown in the main interface.

Creating Payees:

Here, you will define the Payees. Payee is who the transaction actually goes to. Payees can be a person, a restaurants, Hotels or anything.

To add a payee, go to Manage -> Payee from the Menu bar. Enter the name of the payee, and press Enter button.

You can add as many as you want. All payee’s names will be listed in alphabetical order.

Creating Categories

Categories are what the transaction is related to. This can be either Income or expenses. To create a new Category, go to Manage -> Category. Enter the name of the Category.

Let us define a sample ‘Expense’ category.

You can also create sun categories under any main category.

In case, you want to create a category for Income, click the Income option in the above window.

Adding transaction:

Now, let us do a sample transaction. For example, I am going to add the Mobile bill..

To do that, go to Transactions -> Add from the Menu bar.

Fill up the details such, as date, amount, payment type, account, payee, category and status etc. Click Add to complete the transaction.

That’s it. Now, return back to main window and double click the Account. It will display the recent transaction details.

Also, you can check where your money goes every month.

Using HomeBank, you can keep an eye on your Income and expenses every month.

That’s it. Refer the complete HomeBank user manual for more details.

Advertise here with BSA

---------------------------------------------------------------------
HomeBank: A Personal Money And Finance Account Manager

Install OpenVZ Web panel

In our previous tutorials, We have seen,

In this tutorial, let us see how to manage OpenVZ using OpenVZ web panel.

Why OpenVZ Web panel?

Very simple, just to make the OpenVZ management more easier. Working on command line might be tedious to new and intermediate users. Using openVZ Web panel, anyone can easily create, delete, manage VMs via a web browser in minutes without having to know all OpenVZ commands.

Installing OpenVZ Web panel

Well, let us install the Web panel.

Run the following command under root user to install OpenVZ Web Panel:

wget -O - http://ovz-web-panel.googlecode.com/svn/installer/ai.sh | sh

The above command will work on almost all Linux operating systems.

Sample output:

 Removing downloaded archive: rm -f /opt/ovz-web-panel//ovz-web-panel-2.4.tgz
 Installation finished.
 Product was installed into: /opt/ovz-web-panel/
 [...]
 Starting services...
 Starting OpenVZ Web Panel...
 Starting watchdog daemon...
 [OK] Watchdog daemon was started.
 Starting web server webrick on 0.0.0.0:3000...
 [OK] Web server was started.
 Starting hardware node daemon...
 [OK] Hardware node daemon was started.
 Syncing hardware nodes states...
 [OK] Hardware nodes information was synced.
 Adding localhost to the list of controlled servers...
 Panel should be available at:
 hostname: Unknown host

http://:3000

 Default credentials: admin/admin
 -----------------------------------

That’s it. OpenVZ Web panel has been installed now.

Adjust IPTABLES for RPM based distributions

If you’re accessing the URL from a remote system, you should allow the web panel default port 3000 through your firewall/router.

To do that edit:

vi /etc/sysconfig/iptables

Add the following line:

-A INPUT -m state --state NEW -m tcp -p tcp --dport 3000 -j ACCEPT

Save and exit. Restart iptables service.

service iptables restart

Accessing OpenVZ Web panel

Open up your web browser and enter the following URL in the address bar.

http://<your-host>:3000

Default administrator’s credentials are: admin/admin. Don’t forget to change default password.

Now, you’ll be redirected to the OpenVZ web panel dashboard:

The Dashboard will have the information about logged user and statistics of panel usage. By default, the physical server is localhost itself. Also, it is possible to many physical servers without having to install Web panel on every physical server.

Changing Default Admin user password

As I mentioned before, the default user name and password to login to Wen panel is admin/admin. It is hightly recommended to change the admin user password to something different and stronger.

To do that, Click on the My Profile on the left pane of the Dash board. Enter the new password twice and click the Save button.

Now, let us see how to create Virtual machines, Virtual servers, and users etc.

Download And Install OS Templates

Before creating Virtual machines or VPS, the first step is to install OS templates.

To do that, click on the Physical server (localhost) on the left pane of the Dashboard. Then, click on the OS Templates button on the right side.

The installed OS templates will be listed here. As you see above I have already installed a CentOS 7 template. To create a new Template, click on the Install New OS Template button.

The list of available OS templates will be shown in the next window. Select the OS template of your choice and click Install button. In my case, I selected Ubuntu 14.04 minimal template.

The installing process will be scheduled and new templates will be appeared soon.

After few minutes(depending upon the size of the template), refresh the OS templates list. You’ll, there, see the newly installed OS templates.

As you see above, the Ubuntu 14.04 OS template has been installed now.

Creating Virtual Servers

We have installed the OS templates in our previous steps. Now, we will create new Virtual servers using the OS templates.

Go back to the localhost (Just click on the localhost button under the Physical Servers section) window. Click Create New Virtual Server button.

Enter the Server ID, select the OS template, enter IP address and hostname, enter the root password etc. Also, you can define the disk space size, RAM, Swap, DNS server etc,, in the Additional Settings. I go with default values. Finally, click Create button.

Hurray! We have created a new Virtual server.

If you don’t want the Virtual server, select the Virtual server, and click Remove Virtual server button.

Also, you can change the settings of the Virtual server by clicking on the Change Settings button next to the Remove Virtual Server button. And, you also can start/stop/restart the virtual server using the Change state button next to the Change Settings button..

Creating Server Templates

Server templates are used as a source of quality of service limits during virtual server creation. They could be used to simplify new virtual servers creation for different purposes. You can create, edit and remove templates, but, you can’t remove the default template for the physical server.

Click on the localhost button under the Physical Servers section on the left pane of the Dashboard. Then, click Server Templates on the right side.

The list of available Server Templates will be shown. Select the template of your Choice and Click Add Template button.

Adding more Physical servers

As I mentioned before, the localhost itself is the default Physical server. You can add more physical server if you want. You don’t have to install OpenVZ web panel on extra physical servers.

To add an extra physical server, click on the Physical Servers button on the left pane of the Dashboard. Then, click Connect new server button.

Enter the hostname, and root password of the new OpenVZ server. Then, click Connect.

New virtual servers or OS templates can be installed directly on the server using command line tools. In such case need to select physical server and click “Synchronization” button to perform synchronization between panel’s database and actual state of the server.

Creating Users

By default, there will be two users automatically created while installing OpenVZ. One is admin, the infrastructure administrator, and the another is virtual server owner. If you want new users, you can add them too. Also, you can assign any user as a owner to any VPS. The owners can manage, edit the particular VPS details.

To create a new user, Click on the Users button on the left. Then, click Add user.

Fill up the user details, and select the role of the new user(infrastructure owner or Virtual server owner). Finally, click Create.

Now, we can assign the new user to any VPS.

Viewing Event logs

Event logs will give you the recent activities of the OpenVZ server.

Conclusion

In this series of tutorials, we have seen how to install and configure OpenVZ on CentOS and Ubuntu systems. Also, we have seen how to create and manage VMS both in text and graphical mode methods. As far as I know, OpenVZ will be very useful in development environments and other R&D departments that are using multiple and different kind of Virtual machines. You can easily create, edit, delete VM in minutes using OpenVZ within minutes. Hope this tutorial series will give you a basic usage and ideas about OpenVZ. For more details, refer the OpenVZ official website.

OpenVZ Web Panel Home page:

https://github.com/sibprogrammer/owp

Advertise here with BSA

---------------------------------------------------------------------
OpenVZ Web Panel: Managing OpenVZ Containers Graphically

Introduction

Apache is the world’s most widely used web server software. It was developed and maintained by an open community of developers. Furthermore, it is available for various operating systems such as: Unix, FreeBSD, Linux, Solaris, Novell NetWare, Windows, OS/2, TPF and OpenVMS. It is released under the Apache license and it is a free and open source system. It enables users to run websites with less configuration and administration. This helps to be more productive since it has various pre-installed modules. So if you want to maximize your performance, you need to know some important points that will be outlined in this article.

Unload Unneeded Modules

While using Ubuntu or Debian based systems you will remark the existence of various modules which can’t be useful. But you need to be careful, since the needed modules aren’t clear and you need know the dependencies between them. So as a suggestion, it will more beneficial if you list the current modules and try to disable them one-by-one with restarting of Apache and discovering what will be the cause of each error.

To disable a module on Ubuntu and Debian you just need to use the command autoindex. You can disable the following modules if you don’t need them:

PHP, Perl, Python, Rewrite, Rack/Ruby/Passenger and SSL

Mostly, those modules aren’t used but if you need them you just have to re-enable them and restart your Apache. So, after you finish this, it is time for checking errors after reload you Apache configuration. In Ubuntu and Debian, to check the error messages you have to use: /var/log/apache2/error.log.

My first error is:

Syntax error on line 6 of /etc/apache2/sites-enabled/site1:
Invalid command 'DAVLockDB', perhaps misspelled or defined by a module not included in the server 
configuratin
Action 'configtest' failed.

So I can understand that what I have disabled is needed. Indeed, I re-enable it using:

sudo a2enmod dav_fs

Then, I restart Apache and check which next error is. It may take several tries before you get the minimum list. But don’t worry you just need to be patient.

Code out of Apache

With PHP site, you are using mod-php and with a ruby site Passenger Phusion, aka mod-rails and mod-rack may be used. But the problem here that there is some losses. For example, if you have a page which will cause 40 HTTP requests, just one will be for the dynamic page and 39 are for images, javascript and css. So why this loss of using more than 30 requests and no dynamic content is responded. This problem is happen because the C language for the interpreter is embedded into Apache that is why an overflow memory for every page view.

Enabling the mod-php may lead to use over 100MB of RAM of consumption per Apache child process. Could you imagine the important losses because you will not have just one running process.

To solve this problem, it is recommended to do as follow:

Use php-fpm with PHP which is a separate process
Use uWSGI or gnunucorn with Python
And use Rails, Unicorn with Rails

So after using those advices, a new server process for PHP or Python or Rails will be launched. Then Apache, instead of dealing with the concerned requests through embedded code, merely forwards the call for dynamic content onto this backend process.

You will remark the difference. After removing mod-php from your server, to size of your Apache process will move from 100-120MB to under 10MB. It is a magic.

Limit number of Apache Processes and Children

The default Apache configurations aren’t suited with many operations systems while using small servers (30 child processes or more). Since, if each one of them uses 125MB of your RAM, so your VPS will need at least 3GB which is. If around ten peoples will load a page, your cloud server at this time will become overloaded.

If your VPS gets overloaded, and reaches the maximum number of clients, some will be served and others will get a failure. They can then reload the page and maybe have greater success on the second try. Which is not always guarantee, so it will be better to have fewer children processes to respond rapidly than to have a huge number of child processes and unable to operate.

As an example, a WordPress is hosted on a 1GB droplet using 4 php-fpm processes and is able to operate with over 900 simultaneous users at once. Which is equivalent to have 40 million viewers of your page per day, can you imagine!!

Consider Alternate MPM Configuration

Previously, the most use of Apache configuration were with prefork MPM, the suitable one to be used with PHP and other embedded languages. But if you can use the worker MPM which is faster than perfork with PHP and Rails.

So to enable this module you just need to install it using:

sudo apt-get install apache2-mpm-worker

On Ubuntu if you enable it so the prefork module will be automatically disabled and also mod-php and others will be uninstalled.

Conclusion

I strongly encourage you to try this with a simple test and to make your own comparison. Don’t forget to leave your comment after your test.

Advertise here with BSA

---------------------------------------------------------------------
Apache Performance Tuning

Nagios is the leader and industry standard in enterprise-class monitoring solutions. Nagios provides two monitoring tools Nagios Core and Nagios XI.

Nagios Core is a free and open source tool that allows you to monitor your entire IT infrastructure to ensure hosts, services and applications are functioning properly. For more information, you can visit the website of Nagios. This article is intended for use by Nagios Administrators who wish to monitor Linux servers with Nagios Core using the linux NRPE agent.

The linux NRPE agent must be installed on the target linux machine and configured before Nagios Core can monitor system metrics, services, processes, or performance data on the target machine. NRPE is able to perform two types of checks, Direct and Indirect. In Direct checks the Nagios server executes check_nrpe which then connects to the NRPE daemon which is running on the client. The NRPE daemon then will execute the command that was requested from the Nagios server. The command could also execute any script on the client whether it be a bash shell script, a Perl script or any other type of script.

If you still didn’t install Nagios Core , check the following articles.

In this article we will show you how to install and configure NRPE AGENT in the remote server and how to add the host to Nagios Core.

Installing and Configuring NRPE On The Remote

Linux Machine

Download the Linux NRPE agent to the /tmp directory on the Linux server you wish to monitor.

cd /tmp

For RHEL/CentOS 5+, Fedora 14+, SLES 11+, OpenSUSE 11+, Ubuntu 12+, and Debian 6+:

wget http://assets.nagios.com/downloads/nagiosxi/agents/linux-nrpe-agent.tar.gz

For RHEL 4 & CentOS 4 (el4):

wget http://assets.nagios.com/downloads/nagiosxi/agents/linux-nrpe-agent-el4.tar.gz

Unpack the installation archive you just downloaded:

tar xzf linux-nrpe-agent.tar.gz

Enter the newly created agent sub-directory:

cd linux-nrpe-agent

You need to run the wrapper script as root (if using Ubuntu you’ll need to either run sudo -i to run as root):

sudo ./fullinstall

The script will stop to prompt you once, to ask for the IP address(es) for your monitoring server(s).

You will need to type the ip address, of your Nagios server and then press enter. This will allow connections from your monitoring server to the agent process.

nagios6

By default there are several commands that are preconfigured for NRPE in the /usr/local/nagios/etc/nrpe.cfg file.
They are listed here.

command[check_users]=/usr/local/nagios/libexec/check_users w 5 c 10 
command[check_load]=/usr/local/nagios/libexec/check_load w 15,10,5 c 30,25,20 
command[check_hda1]=/usr/local/nagios/libexec/check_disk w 20 c 10 p /dev/hda1 
command[check_zombie_procs]=/usr/local/nagios/libexec/check_procs w 5 c 10 s Z 
command[check_total_procs]=/usr/local/nagios/libexec/check_procs w 150 c 200

In order to add additional commands you will need to construct them in the same format and add them to this file. If any changes are made the xinetd daemon must be restarted.

Configuring Nagios Core to Monitor the Linux Host

You have now successfully installed and configured the monitoring agent and required plugins on the Linux server. In order to monitor the server using Nagios Core, you will need to add the host and services to nagios server from the command line.

Now login into your Nagios Server from the command line you will need to do following steps:

Install NRPE Plugin
Add the Linux Server to the host file
Configure Services

Let’s start by the first step. Once the remote host has been set up, configure the Nagios monitoring server by installing the NRPE plugin. NRPE plugins only, need to be installed on the Nagios server.

Download latest NRPE Plugin with wget command.

cd /tmp
wget http://sourceforge.net/projects/nagios/files/nrpe-2.x/nrpe-2.15/nrpe-2.15.tar.gz

Then extract the NRPE source.

tar xzf nrpe-2.15.tar.gz
cd nrpe-2.15

Compile and install the NRPE addon.

./configure
make all
make install-daemon

Now make sure your nagios is able to connect nrpe client on remote Linux system. Try to execute following command. In this example 192.168.5.178 is the ip address of the remote host.

# /usr/local/nagios/libexec/check_nrpe -H 192.168.5.178
NRPE v2.15

If you see output that is similar it is functioning correctly.

Then add host entry for each remote box you will monitor. This example is using the linuxserver template, be sure to
check that template out to verify the settings are the ones you want to use.

Edit the hosts.cfg file and add the default host template name and define remote hosts as shown below

nano /usr/local/nagios/etc/hosts.cfg

define host{ 
 use linuxserver
 host_name class 
 alias Base 
 address 192.168.5.178 
 }

The last step is the configure services. Each service you want to monitor on the remote host must be entered individually.The check_nrpe command is used to access the remote server and then execute the Nagios plugin that is on the remote server and retrieve the information.

Now open services.cfg file add the following services to be monitored.

define service{
        use                     generic-service
        host_name               class 
        service_description     CPU Load
        check_command           check_nrpe!check_load
        }

define service{
        use                     generic-service
        host_name               class
        service_description     Total Processes
        check_command           check_nrpe!check_total_procs
        }

define service{
        use                     generic-service
        host_name               class
        service_description     Users Load
        check_command           check_nrpe!check_users
        }

define service{
        use                     generic-service
        host_name               class
        service_description     Check Zombies
        check_command           check_nrpe!check_zombie_procs
        }

define service{
        use                     generic-service
        host_name               class
        service_description     Check hda1
        check_command           check_nrpe!check_hda1
        }

Next, verify Nagios Configuration files for any errors.

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
Total Warnings: 0
Total Errors:   0

Finally, restart Nagios.

service nagios restart

Log into the web interface via : http://[SERVER_IP]/nagios , enter your login information and check for new Linux hosts added in nagios core service.

That’s all.

Congratulations! Enjoy your Monitoring platform Nagios Core.

Advertise here with BSA

---------------------------------------------------------------------
How to Monitor Linux Server Using Nagios Core And NRPE

About TYPO3

If you want to create your own website Free , Fast and Easy, Typo3 is the best solution for your needs.

Typo3 is the one of the best CMS (content management system) on the internet. It allows you to easily set up flexible blogs and websites on top of a MySQL backend with PHP processing. Typo3 has seen incredible adoption and is a great choice for getting a website up and running quickly.

Typo3 offers many features as :

Open Source Enterprise CMS
Scalable Web Application Framework
Large, active global community
User friendly with unlimited extendability
Integrated Development and Editing Workflows

For more information, you can visit the website of Typo3.

This tutorial explains the process of installing Typo3 7.1.0 on Ubuntu 14.04 in the form of a simple-to-follow guide.

Prerequisites

This guide is based on Ubuntu 14.04 server. Before you start install of Typo3, you need to to have LAMP server (Apache, PHP, and MySQL) configured on your website server.

sudo apt-get install apache2 mysql-server php5 libapache2-mod-php5 php5-gd php5-curl libssh2-php

While Apache, PHP, and MySQL have already been installed, you can start the installation.

Database and MySQL user creation for your website

You start the creation of your website by setting up the mysql user and database.

You need to have the password of the MySQL root user.

Log into MySQL:

mysql -u root -p

After successful authenticated, you need to create the database for the Typo3 Website.

CREATE DATABASE typo;

The database Name is typo. You will need this information later.

Now, you should create the database administrator.

CREATE USER typoadmin@localhost IDENTIFIED BY 'typopassword';

Next, you need to give this user permissions to administer the database you created.

GRANT ALL PRIVILEGES ON typo.* TO typoadmin@localhost;

You need to flush the privilege information to disk to activate the new MySQL user:

FLUSH PRIVILEGES;
exit

PHP and Apache Configuration

Next, you need to make some configuration in PHP Apache file.

Open the Apache PHP configuration file with sudo privileges in your text editor:

sudo nano /etc/php5/apache2/php.ini

Search for the expose_php directive and the allow_url_fopen directive and set them both to “Off”:

. . .
expose_php = Off
. . .
allow_url_fopen = Off
max_execution_time = 240
post_max_size = 10M
upload_max_filesize = 10M
. . .

Save and close the file when you are finished.

Next, you need to enable rewrite functionality for your Apache server.

To enable mod_rewrite modules, type this command:

sudo a2enmod rewrite

This module will be enable the next after reboot of Apache service.

But before restarting the Apache service, you need to make some change in the virtual host file to allow the use of an .htaccess file.

So, open the virtual host file which contain the actual rewrite rules and will include by default in the Typo3 installation.

sudo nano /etc/apache2/sites-enabled/000-default.conf

In this file, you must add a directory block that redirect into your web root.

Maybe you need also ServerName directive to point to your domain name and change the ServerAdmin directive to reflect a valid email address:

<VirtualHost *:80>
   ServerAdmin admin@your-domain.com
   DocumentRoot /var/www/html/
   ServerName your-domain.com
   ServerAlias www.your-domain.com
      <Directory /var/www/html/>
         Options Indexes FollowSymLinks MultiViews
         AllowOverride All
	 Order allow,deny
         allow from all
      </Directory>
   ErrorLog /var/log/apache2/your-domain.com-error_log
   CustomLog /var/log/apache2/your-domain.com-access_log common
</VirtualHost>

Download and Install Typo3

Now that our system is ready, we can start the installation of Typo3 into our web root.

Back on your server, change to your tmp directory and use wget to download the project file using the link you copied:

cd /tmp

wget http://sourceforge.net/projects/typo3/typo3_src-7.1.0.tar.gz

once the download is finished start the process by , extracting the application directory using this command:

tar xzvf typo*

Now, you need to copy the newly extracted directory structure into the web root directory of your server and it’s recommended to use the rsync utility to safely copy all of the files into the web root directory of your server. We are using the dot in this command to specify the current directory. This is necessary in order to copy some hidden files that we need:

cd typo*
sudo rsync -avz . /var/www/html

Now you can check that has been copied, into the web root directory.

cd /var/www/html
ls -lsa

Make the document root and the Typo3 files and directories in it writable by the Apache service which is running as user ‘www-data’ and group ‘www-data’ by executing the following command:

chown www-data:www-data -R /var/www/html/

After finished this step, to enable the new configuration you need to restart your Apache server.

sudo service apache2 restart

Web Install Typo3

Now that you have your files in place and your software is configured, you can complete the installation through the web interface.

In your web browser, navigate to your server’s domain name or public IP address:

http://server_domain_name_or_IP

You will see the Typo3 initial configuration page.

Now give the values of the database created above.

Now select the database which we have created before.

typo3

Next you need to set the password in this screen and choose a name for your website.

typo4

Click Continue one last time and the installation will be completed:

Now click Open the backend It will direct to your newly-installed TYPO3 system.

Advertise here with BSA

---------------------------------------------------------------------
How To Install TYPO3 CMS On Ubuntu

About BSD

Berkeley Software Distribution, abbreviated as BSD, is a UNIX operating system derivative, developed and distributed at the university of California, Berkeley, from 1977 to 1995 by a group of programmers (Bill Joy, Marshall Kirk McKusick, Kenneth Thompson etc…) at the Computer Systems Research Group (CSRG).

BSD systems are renowned due to their organization and their performance in their applications: reliability as a server for FreeBSD, portability for NetBSD and security for OpenBSD. Their exceptional stability allows them to operate without stopping or restarting during extremely long periods (several years).

Also be aware that BSD is a license, as well as the GPL. Basically, the BSD license is “laxer” than the GPL, to the extent that it doesn’t require that the code created from a BSD code must be a BSD one also.

The BSD license (Berkeley Software Distribution License) is a free license used for software distribution. It allows to reuse all or part of the Software without restriction, to be integrated into a free software or owner.

The original version of the BSD license included a particularly restrictive advertising clause which required a reference to copyright in any publicity or document provided with it, which could cause some problems when using a large number of components under this license. Besides, the new version of this license does not contain this advertising clause.

The BSD licensed code can be published under the GPL license without the consent of the original authors, as the terms of the GPL respect all policies of the BSD license.

Contrariwise: GPL code can’t be putted under the BSD license without the permission of the authors. Since, the BSD license does not respect all the constraints imposed by the GPL. By transforming GPL code to the BSD license, for example, it will allow the redistribution without providing the source code which it is prohibited by the terms of the GPL.

Now make a small tour to see wholesale what are the particularities of each declination of BSD. After each presentation, I will summarize in a few words for whom and for what we can use the corresponding distribution.

FreeBSD

FreeBSD is a free UNIX operating system. “Free” has a connoted meaning: firstly it means that the software is free for use even for commercial purpose, and secondly that anyone is free to submit his source code, to remove a bug or improve the software.

The goal of the FreeBSD Project is to provide software for any use, with the least possible restrictions. It provides advanced capabilities in terms of network performance, security and compatibility. There is especially a Linux binary compatibility and Windows NT (XP included). The first allows the execution of Linux compiled programs, the second allows the use of Windows NT drivers, of wireless LAN cards and Wi-Fi AirPort (Apple WiFi). This software is industrial standard in the servers market. Many hosting companies use FreeBSD, including Walnut Creek CDROM, Yahoo! Inc. or Netcraft.

The developers of FreeBSD put a big effort into developing the system to be the easiest version if it possible. Indeed, FreeBSD has one of the easiest installs of all the UNIX platforms. Once the system has been installed, it is possible to easily download, compile, and install additional packages through the built-in ports system. The Ports Collection downloads the necessary files, checks the files for integrity, builds the application, and then installs the application. This simplifies one of the most time-consuming aspects of deploying applications to different computers.

PC-BSD

PC-BSD is a user friendly desktop Operating System based on FreeBSD. Known widely for its stability and security in server environments since FreeBSD provides it an excellent base on which it is possible to build a desktop operating system. It is not a modified version (fork) of FreeBSD. Instead, it appears as an additional layer, allowing the easy installation of an office environment ready to use. It is available for 32-Bit and 64-Bit.

Thus, PC-BSD is simply a FreeBSD to which we added the “LiveCD”. So this distribution is the easiest one that could be installed. This is the one I recommend to those who don’t know exactly how to use FreeBSD and don’t have enough informatics knowledge, and want to benefit from a huge part of the advantages of BSD systems.

Net-BSD

NetBSD was released a few months before FreeBSD. Unlike FreeBSD, which concentrated on the performance and best-quality support for its main target platform, NetBSD was developed to support as wide a platform base as possible. It is the most common operating system (fifty different architectures); this portability is also his great pride. It is a completely free software based system, most of its components are released under the BSD License. NetBSD is “admin friendly” rather than “user friendly”. However, for a programmer or system administrator, the system is much easier to be understandable. All interfaces and drivers are documented in man pages, not in text files scattered in various places.

NetBSD runs on much more powerful hardware than is supported by other distributions. Higher-end dedicated Unix workstations from Sun, Hewlett-Packard, and the old Digital/Compaq Alpha platform can be used with NetBSD to provide all of the stability and performance of the BSD platform while giving a new lease of life to older available hardware.

The portability is also a major attraction as a deployment and re-development choice for building your own computers, or using one of the many embedded hardware solutions. This keeps NetBSD as a popular choice in universities and science labs.

From any installation of NetBSD, it is possible from a single made command to rebuild the entire NetBSD distribution for any architecture. It is even possible to compile a NetBSD distribution from FreeBSD or Linux. This makes NetBSD system the choice to develop the embedded systems (routers, firewalls, IP video cameras, etc…)

In award: if you do not have a very strong background in Network and Information System, it is not even bother to touch it. NetBSD is for professional systems, not for daily use.

Open-BSD

OpenBSD is a free Unix-like operating system derived from BSD. Created in 1994 by Theo de Raadt, OpenBSD was developed after a disagreement over the future of the NetBSD code, the oldest of the three other major family of BSD operating systems. The OpenBSD project is renowned due to its intransigence on free software and source code, the quality of its documentation, and the importance attached to its security and integrated cryptography. It includes a range of built-in cryptography standards, such as RSA, Blowfish, DES, and full support for the IPSec TCP/IP security system.

The project follows strict policies on licensing and prefers the open source BSD license and its variants: in the past, this has led to a comprehensive license audit and replacements indeed suppression’s of some code released under a license considered as less acceptable.

OpenBSD is at a very high level, either in terms of knowledge to master it or in terms of security and stability. It is made to run on servers or computers that can’t afford to restart or to stop (eg banks, real-time systems, etc.).

OpenBSD is the obvious choice on the server because of its very high security principles. But if you need a UNIX environment but also want access to commercial applications like Microsoft Office, or products from Adobe, Alias, and others, Mac OS X delivers the best of both worlds. The FreeBSD-like kernel provides a complete set of standard UNIX utilities and libraries that enable you to use the BSD and OS X elements simultaneously. For a pure Web server, FreeBSD is also a good choice purely because of its stability on key hardware platforms like x86.

DragonFlyBSD

DragonFlyBSD is a BSD operating system. It results from a fork of FreeBSD 4.8 in 2003 conducted by Matt Dillon, judging the new threading system and SMP FreeBSD 5 inefficient and difficult to maintain.

This project promises to be the logical continuation of the FreeBSD 4. It is available as a “LiveCD”. Matt Dillon considers DragonFlyBSD, is addressed to administrators and users who have neither the utility nor the desire to compile all of their applications. DragonFlyBSD will eventually employ primarily a “packet” system does not have the Common problems such as conflict of libraries, and the complex inter-dependencies, which complicate updates. All without omitting the possibility of compiling from source to adapt the application to individual needs.

Conclusion

Different BSD distributions were outlined above. Personally I am interested in FreeBSD, OpenBSD and NetBSD system, the others are optional for me. And you what is your choice?

Advertise here with BSA

---------------------------------------------------------------------
The Most Important BSD Distributions

About Squid Proxy

Squid Proxy is a a great proxy server mainly used for caching frequently requested web content in order to speed up response time and also save network bandwidth. It supports many different protocols such as HTTP, FTP, TLS, SSL, Internet Gopher and HTTPS. Although it was originally designed to run as a daemon on Unix-like systems there have been several ports to windows, but according to wikipedia more current versions are not being developed.

Squid Proxy is released under the GNU General Public License.

In this tutorial you will learn how to install and setup Squid Proxy on Ubuntu and Debian Linux distributions. Just follow each step of this guide carefully and everything will be ok.

How To Install Squid Proxy

There are many ways to install Squid Proxy on Ubunu and Debian systems, one of them is to use the command apt-get install since there is a package of this proxy available in the default repo. First open a new terminal emulator (CTRL+ALT+T) and update the package index like shown below.

sudo apt-get update

Once the update is finished installing Squid Proxy server on Ubuntu and Debian computers is very easy. All you have to do is run the following command.

sudo apt-get install squid

Then you will be asked if you want to continue with the installation. Type Y.

Wait for the download and installation to finish.

Squid Configuration

Before playing with this proxy there is something we need to do. Open the configuration file of Squid Proxy which is located under the directory /etc.

Depending on the version installed on your system you have to look for a specific path. Try to look for /etc/squid3/squid.conf or /etc/squid/squid.conf. Once you know where your squid.conf configuration file is located then use your favorite text editor to edit it.

I use vim for text editing.

vim /etc/squid3/squid.conf

Once you have opened the squid.conf file you will see something similar to the following.

Look for http_access. Nobody can access the Squid Proxy server by default as http_access is set to deny all.

The line will look like shown below.

http_access deny all

In order to start using the Squid Proxy change http_access to allow.

http_access allow

Save the file but do not close it yet. We need to setup a hostname for our proxy server. You can use any name you like as Squid Proxy server allows to do that. The default one is localhost.

Find visible_hostname and give the name you want.

Now use the following command to restart the Squid Proxy.

sudo service squid3 restart

If the above command does not work for you just try the other one shown below.

sudo service squid restart

I get the following output.

oltjano@baby:~/Desktop$ sudo service squid3 restart
squid3 stop/waiting
squid3 start/running, process 4025

It is time to test if our proxy server is working or not. Go to your web browser’s settings and configure it to use a proxy server. I use Mozilla Firefox so I am going to show you how to do it for this browser. In case you are using Google Chrome or another web browser just google on how to configure your browser to use a proxy server.

Client Side Configuration

For Firefox:

Go to Preferences -> Advanced -> Network and click on Settings under Connection. And click on Manual Proxy Configuration like shown below.

Inside HTTP Proxy pus the ip address of the Squid server and port 3128 which is the default port being used by Squid Proxy. You can also change the default port by editing it in squid.conf.

Click on Ok and the proxy should work.

Enjoy it!

Advertise here with BSA

---------------------------------------------------------------------
How To Install And Configure Squid Proxy On Ubuntu And Debian

About IT Automation Tools

A specific tools are required when we talk about continuous deployment or IT automation. Currently, we need to be able to build reproducible artifacts and a reproducible infrastructure which we can rapidly manage. Puppet, Jenkins and CFEngine ones from the most important free deployment tools will be outlined in this article.

Puppet

Puppet is a free and open source configuration management system in computing field. You can use it either with many Unix-like systems or Microsoft Windows. To add, it has its own declarative language for the description of your system configuration.

Open source Puppet enables users to check the state of their IT infrastructure and also to correct the state automatically if there are some problems. With just few servers or even with thousands of physical and virtual machines, Puppet does the manual sysadmins tasks automatically.

In 2005, the first version of Puppet was created by Puppet Labs and CEO Luke Kanies in order to help administrators to do their tasks automatically and then reduce human errors. The basic idea was to make an easy to use configuration system. In fact, Puppet language is declarative rather to be procedural one. You can define which operating systems should be running rather to defining the steps to follow them while making their configurations. This tool is simple and easy to use. So even others can use it not only sysadmins or developers. Puppet is written in Ruby, and comprises a configuration language to write manifests and modules.

With the major of the current distros, Puppet packages must be available if it isn’t the case just search and install the missing one. While you are working with Puppet, you are using different resources such as: users, packages, files, services … and each resource is used for a specific goal. Some of them could be found on the language resource guide on the Puppet Labs site.

If you are working with a just one system, so Puppet will be used to execute a manifest which has different instructions describing how each resource could be configured or manipulated. For local system, you will find also with Puppet a shell that helps to configure such system.

To summarize: Puppet is an open source system used to centralize and standardize the configuration and the administration of your systems. This can be desktop systems, workstations, servers, or others. You can also use Puppet with different OS. It’s licensed under the GNU General Public License.

Jenkins

Jenkins also is an open source tool but written in Java. It provides a continuous integration services for software development. It is a server based system which supports SCM tools including AccuRev, CVS, Subversion, Git, Mercurial, Perforce, Clearcase and RTC. Jenkins was originally developed as the Hudson project. It enables users to monitor executions of repeated tasks, especially: building/testing software projects continuously and monitoring executions of externally run jobs.

Among its features, we can list the following:

It is characterized by its easy installation, no additional install and no database. You just need Java.
It is also characterized by its easy configuration. Indeed, it could be entirely configured from the web GUI so no need to adjust XML manually.
This tool can generate a several of changes made into the build from Subversion/CVS
You will have a clean and readable URLs
You will receive notifications and e-mails while there are some problems
You can also write plugins to make it supports your tools using by your group

Concerning its plugins they could be found written in other languages than Java. They are used to integrate Jenkins with several version of control systems and big databases.

As part of its installation as a package, there is no special configuration required. As part of its installation as a War file deployed in Tomcat, it is necessary to do as follow:

First, create the directory / usr / share / tomcat6 / jenkins-work and assign the rights and groups from tomcat6
Then edit the file /etc/init.d/tomcat6 and check that the TOMCAT6_SECURITY parameter has the value “no”.
Next, edit the / etc / default / tomcat6 and within the JAVA_OPTS variable, add the option -DJENKINS_HOME = / usr / share / tomcat6 / jenkins-work
Restart finally Tomcat

CFEngine

It is our third open source system listed in this article. It is written by Mark Burgess and it is basically used to provide automated configuration and maintenance of computer systems: such as the desktops, consumer and industrial devices, mobile smartphones and tablet computers.

It is used in both large and small companies, as well as in many universities and governmental institutions. It deploys a model-based configuration which changes across 50,000 servers in 5 minutes.

cfengine

It is actually significantly older than Puppet, dating back to 1993, like Puppet, started out as an open-source configuration management tool, not an enterprise Configuration Management product. It wasn’t commercialized in 2008. CFEngine has been described as the grandfather of configuration management tools. It runs on C, as opposed to Puppet’s use of Ruby.

Conclusion

With those tools mentioned above, nowadays, people are able to maintain and configure their systems rapidly and remotely. Depending on the users need, one of those tool may be the suitable solution for them

Advertise here with BSA

---------------------------------------------------------------------
List Of Free IT Automation Tools

About Apache Tomcat

From Wikipedia,

Apache Tomcat is an open source web server and servlet container developed by the Apache Software Foundation (ASF). Tomcat implements the Java Servlet and the JavaServer Pages (JSP) specifications from Sun Microsystems, and provides a pure Java HTTP web server environment for Java code to run in. In the simplest config Tomcat runs in a single operating system process. The process runs a Java virtual machine (JVM). Every single HTTP request from a browser to Tomcat is processed in the Tomcat process in a separate thread.

My testbox details:

root@Freebsd-unixmen:~ # uname -a
FreeBSD Freebsd-unixmen 10.1-RELEASE-p6 FreeBSD 10.1-RELEASE-p6 #0: Tue Feb 24 19:00:21 UTC 2015 

root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64
root@Freebsd-unixmen:~

This article has been edited from old article about install apache 7 on freebsd 9.3

Install Tomcat 8 In FreeBSD 10

I was trying to install from the ports (/usr/ports/www/tomcat7 ) then i got many issues, finally i stopped the installation and started with the pkg tool.

Now, lets start:

root@Freebsd-unixmen:~ # pkg   install tomcat8
Updating FreeBSD repository catalogue...
Fetching meta.txz: 100%    944 B   0.9kB/s    00:01    
Fetching packagesite.txz: 100%    5 MiB 486.0kB/s    00:11    
Processing entries: 100%
FreeBSD repository update completed. 24086 packages processed
The following 5 packages will be affected (of 0 checked):

New packages to be INSTALLED:
        tomcat8: 8.0.18
        openjdk: 7.76.13_1,1
        java-zoneinfo: 2015.a
        javavmwrapper: 2.5
        jakarta-commons-daemon: 1.0.15

The process will require 165 MiB more space.
57 MiB to be downloaded.

Proceed with this action? [y/N]:

Configuration

This OpenJDK implementation requires fdescfs(5) mounted on /dev/fd and procfs(5) mounted on /proc for some functionality.

If you have not done it yet, please do the following:

mount -t fdescfs fdesc /dev/fd
mount -t procfs proc /proc

To make it permanent, you need the following lines in /etc/fstab:

fdesc   /dev/fd         fdescfs         rw      0       0
proc    /proc           procfs          rw      0       0

Now, Tomcat is ready to start. Before that lets edit the user files to add users/admins and managers.

Edit the users file (my example file):

vim  /usr/local/apache-tomcat-8.0/conf/tomcat-users.xml

<tomcat-users xmlns="http://tomcat.apache.org/xml"
              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
              version="1.0">


<role rolename="manager-gui"/>
 <role rolename="manager-script"/>
 <role rolename="manager-jmx"/>
 <role rolename="manager-status"/>
 <role rolename="admin-gui"/>
 <role rolename="admin-script"/>
 <user username="admin" password="admin" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script"/>


</tomcat-users>

Lets start Tomcat

root@FreeBSd9:/usr/ports/www/tomcat7 # cd /usr/local/apache-tomcat-8.0/bin/

root@Freebsd-unixmen:/usr/local/apache-tomcat-8.0/bin # ./startup.sh 
Using CATALINA_BASE:   /usr/local/apache-tomcat-8.0
Using CATALINA_HOME:   /usr/local/apache-tomcat-8.0
Using CATALINA_TMPDIR: /usr/local/apache-tomcat-8.0/temp
Using JRE_HOME:        /usr/local
Using CLASSPATH:       /usr/local/apache-tomcat-8.0/bin/bootstrap.jar:/usr/local/apache-tomcat-8.0/bin/tomcat-juli.jar
Tomcat started.
root@Freebsd-unixmen:/usr/local/apache-tomcat-8.0/bin #

Check if the port 8080 listening

root@Freebsd-unixmen # netstat -an | grep 8080
tcp46      0      0 *.8080                 *.*                    LISTEN

Now, navigate to http://ip:8080 or http://hostname:8080.

Done!

Advertise here with BSA

---------------------------------------------------------------------
Install Tomcat 8 In FreeBSD 10/10.1

About MySQL

MySQL is an open source database management software that helps users store, organize, and retrieve data. It is a very powerful program with a lot of flexibility.

mysql

This tutorial will explains how to install MySQL, create a sample database, create a table, insert records into the table, and select records from the table.

Installation

You can install mysql using the following command:

On Ubuntu:

sudo apt-get install mysql-server

On Centos:

sudo yum install mysql-server

Follows the steps below to stop and start MySQL

service mysql start 
Starting MySQL.                                            [  OK  ]
service mysql status
MySQL running (12588) 
service mysql stop
Shutting down MySQL.                                       [  OK  ]

Verifying Installation

You can check the MySQL installed version by performing mysql -V as shown below:

[local-host]# mysql -V
mysql  Ver 14.14 Distrib 5.1.25-rc, for redhat-linux-gnu (i686) using readline 5.1

Access the MySQL shell

Once you have MySQL installed on your droplet, you can access the MySQL shell by typing the following command into terminal:

mysql -u root -p

After entering the root MySQL password into the prompt, you will be able to start building your MySQL database.

mysql -u root -p
Enter password: password
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 13
Server version: 5.1.25-rc-community MySQL Community Server (GPL)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql>

Creating Databases

After connecting as MySQL root user, you can use this command to create database.

In this example, we will create unixmen database.

mysql> create database;

You can check what databases are available by typing this command:

SHOW DATABASES;

Your screen should look something like this:

 mysql> SHOW DATABASES;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
| test               |
| unixmen            |  
|                    |
+--------------------+
5 rows in set (0.01 sec)

Creating Tables

Before you create a mysql table, you need to choose the database that you want to use:

USE unixmen;
Database changed

The following example creates a article table.

create table article (
id INT AUTO_INCREMENT PRIMARY KEY,
name varchar(20),
number varchar(10),
page int(10)
writing_date DATE);

The command show tables to view all the tables available in the database.

mysql> SHOW TABLES;
+------------------+
| Tables_in_unixmen |
+------------------+
| article         |
+------------------+
1 row in set (0.01 sec)

To view the table description, do the following command

 mysql>DESCRIBE article;
+-------------+-------------+------+-----+---------+----------------+
| Field       | Type        | Null | Key | Default | Extra          |
+-------------+-------------+------+-----+---------+----------------+
| id          | int(11)     | NO   | PRI | NULL    | auto_increment |
| name        | varchar(20) | YES  |     | NULL    |                |
| number      |  int(11)    | YES  |     | NULL    |                |
| page        | char(1)     | YES  |     | NULL    |                |
| writing_date| date        | YES  |     | NULL    |                |
+-------------+-------------+------+-----+---------+----------------+
5 rows in set (0.01 sec)

Add Information to Tables

Use the following sample insert commands to insert some records to the article table.

insert into article values(1,'article1','4','a','2012-04-13');

insert into article values(2,'article2','5','b','2012-04-14');

insert into article values(3,'article3','6','C','2012-04-15');

insert into article values(4,'article4','7','d','2012-04-16');

You can take a look at your table using this command

mysql> SELECT * FROM article
+----+------- +----------------+-----------+-------------+
| id | name   | number         | page      |wrinting_date|
+----+------- +----------------+-----------+-------------+
|  1 |article1| 1              | a         | 2012-04-13  |
|  2 |article2| 2              | b         | 2012-04-14  |
|  3 |article3| 3              | c         | 2012-04-15  |
|  4 |article4| 4              | d         | 2012-04-16  |
+----+--------+----------------+-----------+-------------+
4 rows in set (0.00 sec)

Update Information in the Table

You can update a stored information in the table with this command:

UPDATE `article` 
SET 
`number` = '6' 
WHERE `article`.`name` ='article4';

Delete a Row, a Column and a Table

You can delete rows from the table with the following command:

DELETE from  where [column name]=[field text];

mysql> DELETE from article  where name='article2';
Query OK, 1 row affected (0.00 sec)

mysql> SELECT * FROM article
+----+------- +----------------+-----------+-------------+
| id | name   | number         | page      |wrinting_date|
+----+------- +----------------+-----------+-------------+
| 1 |article1 | 1              | a          | 2012-04-13 |
| 3 |article3 | 3              | c          | 2012-04-15 |
| 4 |article4 | 4              | d          | 2012-04-16 |
+----+--------+----------------+-----------+-------------+
3 rows in set (0.00 sec)

You can also delete a column using this command

ALTER TABLE  [column name];

And type this command if you want to delete all table

ALTER TABLE ;

That’s all for this article.

Advertise here with BSA

---------------------------------------------------------------------
An Introduction To MySQL Database

Let me show you How to Reset or Recover Root Password on FreeBSD 10.

My system:

root@Freebsd-unixmen:~ # uname -a
FreeBSD Freebsd-unixmen 10.1-RELEASE-p6 FreeBSD 10.1-RELEASE-p6 #0: Tue Feb 24 19:00:21 UTC 2015     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64
root@Freebsd-unixmen:~ #

Step 1: Start FreeBSD server/workstation.

Step 2: type number 2 key to access single user mode

Next you will see the following prompt from system:

When prompted Enter full path name of shell or RETURN for /bin/sh:

Press Enter key to boot into a single user mode. Next, you will be immediately dropped into a single user mode without a root password.

Step 3: Mount the file system

You need to remount / (root) file system in read and write mode with mount command, type the following commands:

# mount -u /
# mount -a

if you get this problem above . please fix it like this.

#fsck -y

# mount -u /
# mount -a

Step 4: Setup a new password for root user:

# passwd

Next type exit command to boot FreeBSD into multi-user mode environment:

# exit; exit

OR You can just reboot the system:

# sync;sync
# reboot

Enjoy !!

Advertise here with BSA

---------------------------------------------------------------------
How To Reset Or Recover Root Password On FreeBSD 10

MySQL is one of the most widely used relational database management system, and one of the most widely used open source database system. It is released under GNU General Public License. SQL is abbreviated to Structured Query Language. If you are looking for the scalability, centralization and control of your applications while you are using Ruby on Rails. So you will need to use MySQL with them and for that we will show you within this article how to set up a Ruby on Rails development environment to enable your applications use the MySQL database on the Ubuntu 14.04 server. We will discover how to install the MySQL and later how to develop Ruby on Rails application using MySQL too.

Before starting the installation there are some required things before: so for that you will need to have the Ruby on Rails development environment already installed and also to have access to a “superuser” or “sudo” to be able to install the MySQL database system.

Installing the MySQL

Before starting installing the MySQL database software type the following command in order to update the “apt-get”:

sudo apt-get update

Then use the following command to start the installation, while you will be asking to choose a password for the MySQL root user:

sudo apt-get install mysql-server mysql-client libmysqlclient-dev

After installing the MySQL database software, we need to create the database directory where our information will be stocked. For that, you have just to use the following command:

sudo mysql_install_d

Now it is recommended to add some security script by using the following command while you be asked also to add the same password entered previously. Of course you can change this password:

sudo mysql_secure_installation

By default you can keep the some chosen values by hitting the “Enter” key through each prompt. Now your MySQL is installed but it is missed to install the MySQL gem.

Installing the MySQL Gem

In order to enable Rails application to connect to the MySQL database, it is important to install the MySQL adapter. So you have to install the “mysql2” using:

gem install mysql2

Develop Ruby on Rails application using MySQL

It is recommended to create a new Rails application in the home directory by using “-d mysql” in order to setting MySQL as the used database:

cd ~rails newappname -d mysql

Then move to the application’s directory using the following command:

cd appname

Configure database connection:

Now you have to configure the application’s connection for that you will need the chosen password during the previous steps. So start by opening your application’s database configuration file in a text editor. For us we have chosen vi by typing the following command:

vi config/database.yml

Then search the “password” under the default section, once you find it add your password and save and exit the application.

Create application database:

Now, you have to create the application’s development and test database by typing the following command:

rake db:create

By default, two databases will be created within your MySQL. It means that if you have an application called “myapp” so the created databases will be: “myapp_development” and “myapp_test”.

Test configuration

Now after installing and configuring the recommended things, it is time to test your created application and check if it uses the MySQL database already installed. So you have just to run it. For that use the following command under the development environment which will run your Rails application on your local host under the port 3000:

rails server

In the other hand, if you want to have access to your Rails application through a web browser which is on a remote server, so it is recommended to bind it to the public IP address of your server. Use the following command after finding the public IP address of your server:

rails server --binding=server_public_IP

Now you will have access to your Rails application through a web browser and if there is “Welcome Abroad” Ruby on the Rails page, so your application is configured and connected to the MySQL database. For that you have to use the following command:

http://server_public_IP:3000

Conclusion

Within this article you are able to start developing Ruby on Rails application using MySQL database on Ubuntu 14.04. We hope that we helped you and gave responses to your requests.

Advertise here with BSA

---------------------------------------------------------------------
How To Develop Ruby On Rails Application Using MySQL On Ubuntu

About Sandstorm

Sandstorm is an open source platform for personal servers. Sandstorm is a easier way to run personal instances of web apps. It allows you to have your own personal server and install apps to it through an app store interface as easily as you would install apps on a phone. A few examples of the apps that can be installed using Sandstorm are WordPress, GitLab, MediaWiki, Apache Wave, and webmail. The real motivation for Sandstorm is, and always has been, making it possible for open source and indie developers to build successful web apps.

Features

Sandstorm offers many features as :

Usability: Sandstorm is designed from the ground up to be radically easier to use than any other server platform.
Security: Sandstorm is designed by security wonks. Where most developers don’t want to think about security, we care deeply about it, and have designed the whole system to protect you.
Freedom: Run any app you want. You are not limited to what’s in the app market. Any developer can build a Sandstorm package, and you can upload any package to your server. You can even run Open Source and Indie apps from developers who don’t have the funding to run their own servers.

It is open source and available on Github. You can see it in action in the video above, or by trying the demo. You can install it for yourself, or request an invite to our shared server at sandstorm.io.

This tutorial explains the process of installing and configuring of Sandstorm on Ubuntu 14.04.

Prerequisites

This guide is based on Ubuntu 14.04 server. Before you start install of Sandstorm, you need to have a frech install of your server. In this article Sandstorm was tested with Ubuntu 14.04, but Sandstorm should work with any Linux distribution x86_64, with kernel version 3.13 or later.

Installing Sandstorm

To install on your own Linux machine, just do:

curl https://install.sandstorm.io | bash

Or, if you don’t like piping directly to shell, download first:

curl https://install.sandstorm.io > install.sh
bash install.sh

This will install a self-contained and (optionally) auto-updating Sandstorm bundle. It won’t touch anything on your system other than your chosen installation directory, optionally installing an init script, and placing two symlinks (spk and sandstorm) under /usr/local/bin.

Configuring Sandstorm

Now, you have now installed Sandstorm. In your web browser, navigate to your server’s domain name or public IP address:

http://server_domain_name_or_IP:6080

You will see this initial configuration page.

Click on Sign in. You will be asked to choose one login method Google login or Github login. It is also possible to configure both of them, in which case you can log in with both credentials to your Sandstorm server.

If you choose Google login, Flow this instructions:

If you choose Github login, Follow this instructions

click Save Configuration after completed making the Client ID and Client secret.

Then after log in to Sandstorm by clicking Sign in with GitHub or Sign in with Google. You will see the main page.

Now we will show you an example how to use Sandstorm to install WordPress on one click.

First, click Install apps. The next screen will show you various free and no free applications that you can install.

Then choose you apps and click Install next to any app you want to install. You will be redirected to your installation, which will show a progress page.

After the WordPress CMS has been downloaded, click New WordPress Site. Then, you will be redirected to the new website.

Now your wordpress webiste is created with only two click.

Sandstorm is in the very early stages of development.It is an interesting and useful tool for developers to play with it :)

Advertise here with BSA

---------------------------------------------------------------------
Sandstorm: Owning Your Personal Cloud Platform

Django is a high-level and powerful Python Web framework. In fact, this tool will help to make rapid development and concrete design. It is free and open source application that can help you to have your python application and website rapidly. In this article, we will give you the procedure how to configure Django with Apache in CentOS 7.

We will start our article by giving the historic of Django and listing its features.

What Is Django?

Django was created at the end of 2003 by Adrian Holovaty and Simon Willison, two developers at the Lawrence Journal-World newspaper. It was released under the BSD license.

Regarding its features, Django:

Helps developers to finish their applications rapidly.
Is a secure tool and developers work in a safe environment.
Takes care of user authentication, RSS feeds, content administration and many others.
Could be used to develop social networks, scientific computing platforms and content management.

Install Django in CentOS 7

First steps:

Before starting the configuration, it is required to configure your CentOS 7 server instance with “sudo” privileges. The installation of Django it will be with a Python virtual environment. Later the “mod_wsgi” Apache module will be needed to configure the Apache with Django application.

Installing CentOS’s packages:

Different items need to be installed at the beginning. So, we will need to have the Apache web server, “mod_wsgi”, “pip” and Python package manager which could be used to download Python related tools.

So let’s start, to have “pip” it is required to enable the EPEL repository by typing:

sudo yum install epel-release

After enabling EPEL repository, the needed tools will be installed by using:

sudo yum install python-pip httpd mod_wsgi

Configure the Python virtual environment:

Before starting our Django project, it is also required to create the Python virtual environment. So, we need to install “virtualenv” to create our environment by using:

sudo pip install virtualenv

Now after installing the “virtualenv” we will create our project directory using:

mkdir ~/myprojectcd ~/myproject

After creating our directory, we are able to create our Python virtual environment using:

virtualenv myprojectenv

So to summarize, within our project directory “myproject” we will have our environment called “myprojectenv”. And automatically, the “pip” and the local version of Python are installed in our directory which could be used for the installation and configuration of a Python environment. Later, we will enable the virtual environment using:

source myprojectenv /bin/activate

Now after following us, you will work with your Python virtual environment which is checked if you have something like:

(myprojectenv)user@host:~/myproject$

As we finished the all required steps, we can install the Django using:

pip install django

So it is time now to start creating our Django project.

Create the Django project:

Now after installing Django in our directory, we will use it to install files in the same folder. Then a second directory will be created where we will make the management script. We will use the following command:

django-admin.py startproject myproject .

Don’t forget the “.” It is very important to create the files in this directory. Now, it is important to adjust the settings of our project. So firstly you have to open the settings file using:

nano myproject/settings.py

SQlite database will be used now. After opening the settings file, at the botton of it, a specific command will be added to configure our made directory.

So at the bottom of the settings file, add:

STATIC_ROOT = os.path.join(BASE_DIR, "static/")

Then you can save and close this file. Now we will transfer the database of our project to the SQLite database using:

cd ~/myproject./manage.py makemigrations./manage.py migrate

And use the following command to create an administrator user while you will be asked to select a username, give an e-mail address and enter your password.

./manage.py createsuperuser

At the end, you will be able to test your Django project by using:

./manage.py runserver 0.0.0.0:8000

Then you can visit your server’s domain name using:

http://server_domain_or_IP:8000

If you use the “/admin” at the end of the URL, you will be asked to enter your administrative username and password you have already created. Later, you can check your Django admin interface.

To leave the virtual environment you just have to type:

deactivate

Configure Django With Apache

After checking your rDjango project, it is time to configure Apache. All the clients requests are translated to WSGI format which is by default used with Django with “mod_wsgi”. You have to create a new configuration file in order to define WSGI pass. You just have to use:

sudo nano /etc/httpd/conf.d/django.conf

Where the file were called “django.conf ”. Then the following command will be used in order to set up the needed alias to map the requests started by “/static” to the static folder.

Alias /static /home/user/myproject/static

Next, we will have access to the “wsgi” file within the second level project directory where the Django code is stored.

Alias /static /home/user/myproject/static
<Directory /home/user/myproject/static>   
 Require all granted
</Directory> 
<Directory /home/user/myproject/myproject>    
<Files wsgi.py>        
Require all granted    
</Files></Directory>

Now it is recommended to use the daemon mode to run the WSGI process. The “WSGIDaemonProcess” will be used for that. You have to specify the name for the process because an arbitrary one will be used. Two paths will be used. One for our project and other, “lib/pythonx.x/site-packages”. In order to find all the needed Python code bu Apache to run our project.

Then, the script alias which will help to transfer the requests from the root folder to the “wsgi.py” file will be configured using:

Alias /static /home/user/myproject/static
<Directory /home/user/myproject/static>    
Require all granted</Directory> 
<Directory /home/user/myproject/myproject>  
  <Files wsgi.py>        
Require all granted 
   </Files>
</Directory> 
WSGIDaemonProcessmyproject python-
path=/home/user/myproject:/home/user/myproject/myprojectenv/lib/python2.7/site-packages
WSGIProcessGroup myproject 
WSGIScriptAlias / /home/user/myproject/myproject/wsgi.py

Then save and close the file. Now we will describe how we can fix some permissions sets in order to give Apache possibility to get access to our files. Generally, each user’s home directory will be locked down with the CentOS. So we will need the “apache” user in our user’s group in order have access to such files. You can make this by using:

sudo usermod -a -Guser apache

Now the different member of the user group will have permissions to use the concerned home directory. If the SQLike database is used so several steps need to be followed to allow the Apache process to have access to the database file. Firstly, the group owner of the database need to have permissions to read and write. The file is called “db.sqlite3” generally and must be transferred to your base project directory:

chmod 664 ~/myproject/db.sqlite3

Secondly, the Apache group need to have a group ownership of the file:

sudo chown :apache ~/myproject/db.sqlite3

Finally, the Apache group have to get the ownership of the database’s parent directory using:

sudo chown :apache ~/myproject

Now Apache can be used by this command:

sudo systemctl start httpd

After this configuration the Django site may be checked within the server’s domain name or IP address without need to specify the port. And then you can enable the Apache server to run using:

sudo systemctl enable httpd

Conclusion

The Django project was installed in a virtual environment and the Apache was configured with “mod_wsgi” in this article. We hope that it is a helpful article for you.

Advertise here with BSA

---------------------------------------------------------------------
How To Configure Django With Apache In CentOS 7

GoAccess is a free and open source web log analyzer program which is able to analyze and check the web server logs rapidly. It allow system administrators to have a fast and valuable HTTP statistics which require a visual server report. It is released under GPL so it is an open source tool besides it runs as a command line within Unix and Linux operating systems.

We will start our article by describing this tool and later explaining how to install it and how to use it as command line.

GoAccess Web Log Analyzer Features

As it was mentioned GoAccess is a free and open source web log analyzer. It has several features where we can list the following:

It parses the specified web log file and outputs the data to the X terminal
It allows any custom log format string
It is able to rapidly analyze and view web server statistics in real time without having to generate an HTML report.

Prerequisites

Before starting the installation of this tool, it is required to do the following conditions:

Debian 7 must be the operating system VPS
User account on the VPS with “sudo
Install Apache web server with active HTTP traffic

Installation

To make the installation of the GoAccess Web Log Analyzer, we will do as follow:

Update and upgrade system packages:

The following command must be used to have “ssh” into the server as a user which has “sudo” elevation privileges

ssh root@your_server_ip

And to update the packages, the “apt-get” is used as follow:

apt-get update

You can install the updates to the Debian system packages using:

apt-get upgrade

Install the build essential package:

To install the “build essential” package the same tool “apt-get” is used by typing:

apt-get install build-essential

This package “build essential” has various important subsidiary packages like “make” which is required to compile software in Debian and Linux.

Install GoAccess dependencies:

It is important to install GoAccess dependencies on your VPS by using:

sudo apt-get install libncursesw5-dev libglib2.0-dev libgeoip-dev libtokyocabinet-dev

Set up the build directory:

To install the GoAccess, you need to define your directory. The “/usr/local/src” is the suitable one where you can build your GoAccess software. You have also to give the read, write and execute permissions. Indeed, the following command is used to do that:

sudo chown $USER /usr/local/srcsudo chmod u+rwx /usr/local/src

To change to the chosen directory, the “cd” command is used:

cd /usr/local/src

Download and extract GoAccess source code:

To download GoAccess software, you have to use the following command:

wget http://tar.goaccess.io/goaccess-0.8.5.tar.gz

And you can extract and unpack the downloaded “.tar.gz” file by typing:

tar -zxvf goaccess-0.8.5.tar.gz

Compile and install the source code:

To be within the new directory, we will do as follow:

cd goaccess-0.8.5/

Then, type the following code to run the configure script:

./configure —enable-geoip —enable-utf8

Before the installation of the GoAccess, the makefile must be built by using:

make

Then type the following command in order to install GoAccess which will be executed by Debian to the system directories:

sudo make install

Edit the GoAccess config file:

Several comment will be deactivated to be able to use the other features of the tool. The GoAccess config file will be edited using the vig text editor by typing:

sudo vi /usr/local/etc/goaccess.conf

The comment starting by “#” will removed since the server ignore such information. So we will start by removing the “date-format” setting which is described as follow:

# Apache log date format. The following date format works with any
# of the Apache's log formats below.
##date-format %d/%b/%Y

To remove the “#” you have just to use the key “j” several times to drop your cursor on the “date-format” line. Then select the “#” and press “x” to delete it. If it is correctly deleted so you will have something like this:

# Apache log date format. The following date format works with any
# of the Apache's log formats below.
#date-format %d/%b/%Y

Then, we will remove the “log-format”. In our case, we are running Apache host which is not virtual host but if you are using a virtual hosts set up so you will not be able to use the following instructors.

For our case the same steps will be used while removing the “#” symbol.

# NCSA Combined Log Format#log-format %h %^[%d:%^] "%r" %s %b "%R" "%u"#

Then, you have to disconnect from your VPS using the “exit” command and then log back with your “sudo” user:

exit ssh root@your_server_ip

Locate the log files:

Generally, with Debian systems, the Apache log files are stocked in: “/var/log/apache2”. We need to know where the Apache stores its logs in order to be able to use them. To check are the contents of this directory you can type the following command:

ls /var/log/apache2

Run GoAccess:

The following command will enable you to run GoAccess on your Apache server:

goaccess -f/var/log/apache2/access.log -a

Don’t forget to substitute the “/var/log/apache2/access.log” by your own log file directory path if it is not the same.

After typing the above command, the GoAccess dashboard will appear.

Navigate GoAccess:

goaccess dashboard

To be able to interact with GoAccess dashboard, you have to know some information which will help you to facilitate your work with GoAccess:

To find the help window and get some helpful information, you have just to press the “F1” of “h” keys.
The selected module on the dashboard could be expanded using the “o” or “enter”
“j” is used to scroll down under an expanded active module, and “k” is used to scroll back up under the expanded active module.
To see the set of the available options for the active module, you have to use “s” key.
“q” is used to exit the program or the opened window.
“g” is used to scroll to the last item of the dashboard screen.
“F5” as it is known is used to refresh and redraw the dashboard.
The “TAB” key will enable you to progress from one module to the following.

GoAccess modules:

Now after taking a basic background how to interact with the GoAccess dashboard, let us understand the signification of each module.

Within the dashboard, you can find the valid requests, invalid requests, time taken to analyze the provided data, URLs and many others information.

Unique visitors: in this module, you will find the HTTP requests having the same IP, the same date and the same representative which are considered as a unique visitor.
The requested files module indicate the most requested files on the web server.
The requested static files include only static files the most frequently requested such as: “jpg”, “css”, “swf”, “js”, “gif “ and “png” files.
HTTP 404 URLs module list the most HTTP 404: not found error requests
On the operating system module the host’s operating system is shown and the OS usage is classified.

There are others modules we will not describe here but if you want to know the signification of one of a missing one leave a comment.

To add, you can move to your user’s home directory with “cd” and “~” command. You can print you current working directory by using the “pwd” command.

cd ~pwd

Conclusion

In this article the important steps to follow to install GoAccess were described. In fact, you will able to install GoAccess and to know how it works.

Advertise here with BSA

---------------------------------------------------------------------
Use GoAccess Web Log Analyzer With Apache In Debian 7

Weak passwords are the most common threats to the Information Security. Many users, still, are using the weak passwords which contains their first or last name, DOB, mobile number, father’s/mother’s maiden name, birth place, crush name, so and so. In this fast-faced technology world, it is such a worst idea to have these kind of silly and weak passwords.

As we all know, “the passwords should be easy to remember, but hard to guess”. The strong password should consists of;

At-least 12 or more characters,
Upper/lower characters,
Numeric characters,
Special characters etc.

Also, it is very very bad idea to have the same password for multiple accounts.

But, how do we know the passwords are really strong? Is there any programs or tools to test the strength of the passwords? Indeed, Yes!! Here is where John the Ripper comes in handy. Using this tool, we can easily check the strength of the passwords. John the Ripper will break or crack the simple passwords in minutes, whereas it will take several hours or even days for the complex passwords.

About John the Ripper

John the Ripper is a fast password cracker that can be used to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version. It is currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS.

Install John the Ripper In Linux

John the Ripper is available in the default repositories of the most modern Linux distributions. So, we can easily install it with ‘root’ privileges as shown below depending upon your distribution type.

On DEB based systems, Ex. Ubuntu:

apt-get install john

On RPM based systems, Ex.CentOS:

yum install epel-release
yum install john

On SUSE/openSUSE:

zypper install john

On Arch Linux:

pacman -S john

On Gentoo:

emerge johntheripper

Usage

John the Ripper’s usage is quite simple. You don’t have to use any special cryptographic methods or don’t have to memorize lot of commands to find and break a weak password.

Before Using John tool, It is recommended to check John the Ripper’s efficiency and capabilities.To do this, run:

john -test

Sample output:

Benchmarking: descrypt, traditional crypt(3) [DES 128/128 SSE2-16]... DONE
Many salts:    3144K c/s real, 3150K c/s virtual
Only one salt:    3005K c/s real, 3011K c/s virtual

Benchmarking: bsdicrypt, BSDI crypt(3) ("_J9..", 725 iterations) [DES 128/128 SSE2-16]... DONE
Many salts:    102809 c/s real, 102809 c/s virtual
Only one salt:    100352 c/s real, 100553 c/s virtual

Benchmarking: md5crypt [MD5 32/64 X2]... DONE
Raw:    8897 c/s real, 8915 c/s virtual

Benchmarking: bcrypt ("$2a$05", 32 iterations) [Blowfish 32/64 X2]... DONE
Raw:    566 c/s real, 567 c/s virtual

Benchmarking: LM [DES 128/128 SSE2-16]... DONE
Raw:    41587K c/s real, 41670K c/s virtual

Benchmarking: AFS, Kerberos AFS [DES 48/64 4K]... DONE
Short:    292147 c/s real, 292732 c/s virtual
Long:    936089 c/s real, 936089 c/s virtual

Benchmarking: tripcode [DES 128/128 SSE2-16]... DONE
Raw:    2770K c/s real, 2770K c/s virtual

Benchmarking: dummy [N/A]... DONE
Raw:    50894K c/s real, 50996K c/s virtual

Benchmarking: crypt, generic crypt(3) [?/64]... DONE
Many salts:    240480 c/s real, 240480 c/s virtual
Only one salt:    238982 c/s real, 239461 c/s virtual

As you in the above output, this will give the insights about how many username/password combinations per second (c/s) your system will theoretically run for each password hash encryption type.

Well, now, I will show you how to break a simple, weak password.

Let me create a ‘test’ user.

sudo useradd test

Set password to the ‘test’ account:

sudo passwd test

Here, I set the password to the ‘test’ user account as ‘test’, i.e the user name and password are both ‘test’.

There are two ways to break the password.

Method 1:

First, create a text file called ‘recoverpassword.txt‘ in any location.

Then, list the /etc/shadow file contents to find the password entry to the ‘test’ user.

sudo cat /etc/shadow

Sample output:

 root:!:16384:0:99999:7:::
 daemon:*:16273:0:99999:7:::
 bin:*:16273:0:99999:7:::
 sys:*:16273:0:99999:7:::
 sync:*:16273:0:99999:7:::
 games:*:16273:0:99999:7:::
 man:*:16273:0:99999:7:::
 lp:*:16273:0:99999:7:::
 mail:*:16273:0:99999:7:::
 news:*:16273:0:99999:7:::
 uucp:*:16273:0:99999:7:::
 proxy:*:16273:0:99999:7:::
 www-data:*:16273:0:99999:7:::
 backup:*:16273:0:99999:7:::
 list:*:16273:0:99999:7:::
 irc:*:16273:0:99999:7:::
 gnats:*:16273:0:99999:7:::
 nobody:*:16273:0:99999:7:::
 libuuid:!:16273:0:99999:7:::
 syslog:*:16273:0:99999:7:::
 messagebus:*:16273:0:99999:7:::
 usbmux:*:16273:0:99999:7:::
 dnsmasq:*:16273:0:99999:7:::
 ntp:*:16273:0:99999:7:::
 whoopsie:*:16273:0:99999:7:::
 lightdm:*:16273:0:99999:7:::
 sk:$6$9LCW3/tG$uJqyynHfU454yhu5eF3dpUTiZg0cAm7NGJbzV/BsLIsmKACE5wWQgQuUAVHlMGNBzZK5mOV9b3Yt2I5KDJbsG.:16384:0:99999:7:::
 sshd:*:16385:0:99999:7:::
 saned:*:16398:0:99999:7:::
 test:$6$/SjwqqdA$y2VzePBBBiwNpL5D5dSEShqHkk9sT3xpMtz1/wJSsyEV3hYlXveLhs.h8Yh72Pr1dz6iMNprRfrQ1aQOPU05E/:16518:0:99999:7:::

Scroll down to the end. There you’ll find the entry for the ‘test’ user something like below.

[...]
test:$6$/SjwqqdA$y2VzePBBBiwNpL5D5dSEShqHkk9sT3xpMtz1/wJSsyEV3hYlXveLhs.h8Yh72Pr1dz6iMNprRfrQ1aQOPU05E/:16518:0:99999:7:::
[...]

Copy the above line and paste it into the recoverpassword.txt file.

vi recoverpassword.txt

Paste the ‘test’ entry from the /etc/shadow file.

test:$6$/SjwqqdA$y2VzePBBBiwNpL5D5dSEShqHkk9sT3xpMtz1/wJSsyEV3hYlXveLhs.h8Yh72Pr1dz6iMNprRfrQ1aQOPU05E/:16518:0:99999:7:::

Save and close the file.

Now, let us start to break the password using command:

john recoverpassword.txt

Sample output:

 Loaded 1 password hash (crypt, generic crypt(3) [?/64])
 Press 'q' or Ctrl-C to abort, almost any other key for status
 test             (test)
 1g 0:00:00:00 100% 1/3 1.562g/s 150.0p/s 150.0c/s 150.0C/s test..t99999!
 Use the "--show" option to display all of the cracked passwords reliably
 Session completed

Hurray! As you see above, the password for ‘test’ user has been cracked.

Important: Be mindful that this process will take several minutes, or even days to break a complex password.

Let us take another example. I am going to change the password of the ‘test’ user and see whether the John the Ripper would crack the password.

Let us set different password and try to break the password of ‘test’ user.

Change the ‘test’ user password using command:

sudo passwd test

Enter the new password twice, for example I am going to use the password as ‘welcome’.

Now, list out the /etc/shadow file contents. Then, copy the ‘test’ user entry to the recoverpassword.txt file as shown above.

Now, run the following command:

john recoverpassword.txt

Sample output:

 Loaded 1 password hash (crypt, generic crypt(3) [?/64])
 Press 'q' or Ctrl-C to abort, almost any other key for status
 welcome (test)
 1g 0:00:00:15 100% 2/3 0.06591g/s 205.1p/s 205.1c/s 205.1C/s piglet..knight
 Use the "--show" option to display all of the cracked passwords reliably
 Session completed

As you see, the password for ‘test’ user has been displayed. This process could take only a few minutes, because we’re breaking the very simple password. In case of complex passwords, this take several hours or days. So be prepared accordingly.

To view the cracked passwords, run:

john --show revoverpassword.txt

Sample output:

test:welcome:16518:0:99999:7:::
1 password hash cracked, 0 left

Method 2:

This is somewhat similar to method 1.

Create a new text, for example recoverpassword.txt in any location.

Then, append the contents of /etc/passwd and /etc/shadow files using John the Ripper’s effective utility called ‘unshadow’ .

unshadow /etc/passwd /etc/shadow > recoverpassword.txt

Now, run the following commands to crack the passwords.

john recoverpassword.txt

Now, you can view the cracked passwords using command:

john --show recoverpassword.txt

Just think what if a hacker could get the /etc/passwd and /etc/shadow files of your Linux server? This could lead you to worst nightmare if your system got compromised by hackers using the passwd and shadow files that he/she has. That’s why we need to audit the passwords regularly and must set a strong password to our system.

To know more examples, refer the following link.

John the Ripper’s usage examples

John the Ripper’s Cracking Modes

John the Ripper combines several cracking modes in one program and is fully configurable for your particular needs.

Wordlist mode
Single Crack mode
Incremental mode
External mode

1. Wordlist mode

It is the Simplest mode supported by John the Ripper. In this mode, you have to specify a wordlist ( i.e a text file containing one word per line) and some password files.

Example:

john --wordlist=mywordlist.lst --rules recoverpassword.txt

Be mindful that the wordlist should not contain any duplicate entries.

2. Single Crack mode

It is the recommended and fastest mode of all. You can even make the cracking process much faster by specifying multiple password files. John the Ripper will start to crack the passwords first using this mode.

3. Incremental mode

In this mode, John the Ripper will try with multiple combination of words to crack the passwords. It is the most powerful of all modes.

Example:

john --incremental recoverpassword.txt

4. External mode

In this mode, you have to create a configuration file section called [List.External:MODE], where MODE is any name that you assign to the mode. The section should contain some functions programmed in a subset of the C language. John will compile and use the functions if you enable this cracking mode via the command line.

For more details about the John the Ripper’s modes can be found here.

Conclusion

What we have seen so far is how to test the strength of the passwords using John the Ripper command line utility. You can come to a conclusion if this tool cracks your passwords in minutes, then it will definitely be a weak password. If it took long time, then you, somewhat, have a strong password and you’re safe. I suggest you to periodically audit and change the passwords.

I sincerely recommend you to use this tool for a good cause. Please don’t attempt to break or steal passwords of others using this tool.

References:

Advertise here with BSA

---------------------------------------------------------------------
John The Ripper: The Fast, Multi-platform Password Cracking Tool

About Nux Dextop

Nux Dextop is a RPM repository specially made for installing popular desktop and multimedia related packages such as VLC, Flash player, Shutter etc., in RHEL, CentOS, and Scientific Linux distributions. It is currently available for RHEL/CentOS/Scientific Linux 6 and 7 versions. This repository is made to coexist with EPEL Repository. And more importantly, Nux Dextop repository may or may not be up to date. Use it at your own risk.

Install Nux Dextop

On RHEL/CentOS/Scientific Linux 6:

First, install EPEL repository as described in the following link.

Install EPEL Repository On RHEL / CentOS / Scientific linux 6.x, 5.x

Then, install Nux Dextop repository using command:

rpm -Uvh http://li.nux.ro/download/nux/dextop/el6/x86_64/nux-dextop-release-0-2.el6.nux.noarch.rpm

Add the Nux-Dextop GPG key using command:

rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro

Then, update the repository list using command:

yum repolist

On RHEL/CentOS/Scientific Linux 7:

Install EPEL repository using command:

yum install epel-release

Now, add the Nux Dextop repository and it’s GPG key using the following commands:

rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-1.el7.nux.noarch.rpm

rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro

Update repository lists using command:

yum repolist

Sample output:

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: centos.excellmedia.net
 * epel: mirrors.ispros.com.bd
 * extras: centos.excellmedia.net
 * nux-dextop: li.nux.ro
 * rpmforge: kartolo.sby.datautama.net.id
 * updates: centos.excellmedia.net
repo id                                                           repo name                                                                                       status
base/7/x86_64                                                     CentOS-7 - Base                                                                                 8,465
epel/x86_64                                                       Extra Packages for Enterprise Linux 7 - x86_64                                                  7,195
extras/7/x86_64                                                   CentOS-7 - Extras                                                                                 104
nux-dextop/x86_64                                                 Nux.Ro RPMs for general desktop use                                                             1,889
rpmforge                                                          RHEL 7 - RPMforge.net - dag                                                                       245
updates/7/x86_64                                                  CentOS-7 - Updates                                                                              1,725
repolist: 19,623

That’s it. Now, you can install the multimedia packages of your choice.

Example:

yum install shutter vlc smplayer HandBrake-gui

Since Nux Dextop is ‘noarch’ type, you can use it for both 32bit and 64bit distributions.

Known issues with RepoForge and other Repositories

It will probably conflict badly with Repoforge/RPMforge and ATrpms and possibly other repos.In such cases, disable the Nux Dextop as and use it whenever you want.

To disable Nux Dextop, edit /etc/yum.repos.d/nux-dextop.repo file,

vi /etc/yum.repos.d/nux-dextop.repo

Disable it as shown below.

[nux-dextop]
name=Nux.Ro RPMs for general desktop use
baseurl=http://li.nux.ro/download/nux/dextop/el7/$basearch/ http://mirror.li.nux.ro/li.nux.ro/nux/dextop/el7/$basearch/
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-nux.ro
protect=0
[...]

Save and close file.

Update repository lists:

yum replolist

Now, install multimedia packages by enabling it temporarily as shown below.

Example:

yum --enablerepo=nux-dextop install HandBrake-gui

That’s it.

Cheers!

Advertise here with BSA

---------------------------------------------------------------------
Nux Dextop: A Desktop And Multimedia Oriented RPM Repository

Introducing Blueberry

Clement Lefebvre, the Founder and lead developer of LinuxMint, has introduced the brand new bluetooth setup and configuration tool called “Blueberry”. It is a front-end for Gnome-bluetooth-3.14, and it shows a systray icon in your panel and doesn’t annoy you if you don’t have a Bluetooth adapter. It works on any Desktop environment, including MATE, Cinnamon, GNOME, XFCE, and Unity. And ofcourse, it should work on any distribution as long as gnome-bluetooth 3.14 is installed.

Why Blueberry?

According to Clem’s blog post,

We were experiencing issues with blueman within the MATE edition.. and we wondered why we were working on a bluetooth tool for just one particular edition and trying to get an external tool working for us on another, when instead we could simply design a solution that would work across the board for all our desktops.

So we made Blueberry.

He further added,

One key reason why cinnamon-bluetooth isn’t a core part of Cinnamon in the first place, is because we didn’t want Cinnamon to depend on a particular version of gnome-bluetooth. Instead, we want Cinnamon to work everywhere, whether that means it supports bluetooth (like in Mint 17.x) or whether that means it doesn’t (like in Arch/Fedora…etc). As gnome-bluetooth 3.14 no longer provides RFKILL functionality, this functionality had to be part of cinnamon-settings-daemon. Of course we could still package it within the cinnamon-bluetooth project… but we didn’t like that design and the way this was going.

Blueberry will be shipped with upcoming Linux Mint Debian Edition 2 release. Like I said, this is going to be a universal Bluetooth configuration tool for any distributions(Ex.Arch/Fedora, etc.) with any any Desktop environments(Ex.MATE, Cinnamon, Unity, etc).

Advertise here with BSA

---------------------------------------------------------------------
Blueberry: LinuxMint’s Brand New Bluetooth Configuration Tool