Admins eHow SysAdmin Tips & Tricks

September 9, 2011

Install Apache2 + PHP5 on Debian

Filed under: Apache,Debian,PHP — Tags: , , , , — admin @ 8:16 am

Very Simple…

apt-get install libapache2-mod-php5
/etc/init.d/apache2 restart

Xen – PyGrub – warning: grub-probe can’t find drive for /dev/xvda1

Filed under: Debian — Tags: , , , , , , , — admin @ 8:05 am

If you get following while doing “apt-get upgrade” on Debian Squeeze :

Setting up linux-image-2.6.32-5-amd64 (2.6.32-35squeeze1) ...
Running depmod.
Running update-initramfs.
update-initramfs: Generating /boot/initrd.img-2.6.32-5-amd64
Examining /etc/kernel/postinst.d.
run-parts: executing /etc/kernel/postinst.d/initramfs-tools 2.6.32-5-amd64 /boot/vmlinuz-2.6.32-5-amd64
run-parts: executing /etc/kernel/postinst.d/zz-update-grub 2.6.32-5-amd64 /boot/vmlinuz-2.6.32-5-amd64
Searching for GRUB installation directory ... found: /boot/grub
warning: grub-probe can't find drive for /dev/xvda1.
grub-probe: error: cannot find a GRUB drive for /dev/xvda1. Check your device.map.
run-parts: /etc/kernel/postinst.d/zz-update-grub exited with return code 1
Failed to process /etc/kernel/postinst.d at /var/lib/dpkg/info/linux-image-2.6.32-5-amd64.postinst line 799, line 2.
dpkg: error processing linux-image-2.6.32-5-amd64 (--configure):
subprocess installed post-installation script returned error exit status 2

The solution is :

Run…

echo '(hd0) /dev/xvda' > /boot/grub/device.map
mknod /dev/xvda b 202 0

Edit /usr/sbin/update-grub :
Change…

find_device ()
{
if ! test -e ${device_map} ; then
echo quit | grub --batch --no-floppy --device-map=${device_map} > /dev/null
fi
grub-probe --device-map=${device_map} -t device $1 2> /dev/null
}

to…

find_device ()
{
if ! test -e ${device_map} ; then
echo quit | grub --batch --no-floppy --device-map=${device_map} > /dev/null
fi
#grub-probe --device-map=${device_map} -t device $1 2> /dev/null
echo /dev/xvda
}

Run…

update-grub 0
sed -i "s/xvda/xvda1/g" /boot/grub/menu.lst

Everything should be fixed now.

References :
http://www.sysadmintalk.net/forums/Thread-PyGrub-grub-probe-can-t-find-drive-for-dev-xvda1-error-Debian-Squeeze
http://lists.bitfolk.com/lurker/message/20080529.142153.954fedf4.el.html

September 5, 2011

IPTables packet traverse map

Filed under: CentOS,Debian,General,linux,Security — Tags: , , , , , — admin @ 7:23 am

1.

(more…)

May 4, 2011

Backup Files or MySQL DBs to a remote FTP server with compression and encryption

Filed under: CentOS,Debian,General,linux,Security — Tags: , , , , , , , — admin @ 6:30 pm

After my previous article which explained how to backup MySQL DBs to an email address , I am going to provide a more perfect solution in this article 🙂
The previous solution had some drawbacks and some advantages but the biggest problem was about the size of backup. although we compress the data with bzip2 algorithm which provides a high level of compression but in many cases, the attachment size will exceed 25MB or the limit of your email box. so it can not be used with public email services or will need a personal email server.
a better solution is to backup the data to a remote FTP server. in this case we will have almost no limit on file size (depending on your remote FTP server).
A perfect place to backup your files is fileserve.com , it offers 500GB of space for free and FTP access to it ! it is awesome ! I would recommend to upgrade to their premium service.
click on this link to signup for your free account : FileServe.com Free Account
also we will employ encryption to make sure our data is safe in transmit and in remote location.
to use this solution make sure bzip2, mcrypt and ncftp are installed on your server. I am not going into the details of installing each package, Google is your friend 🙂
so lets say you want to backup /var/www folder, use the following command :

tar jcf - /var/www | mcrypt -k 'SOME_LONG_COMPLEX_KEY' |  ncftpput -c -u FTP_USER -p FTP_PASS FTP_HOST /PREFIX-`date +%Y%m%d`

this only command will compress the whole /var/www folder by tar and bzip2 at the same time encrypt it by your key and at the same time will upload it to remote FTP server !
omg ! thats why I love Linux ! you can put it in your crontab to create automatic backups.
now lets say you want to backup all MySQL DBs , you can use the following command :

mysqldump --user=USERNAME --password=PASSWORD -A | bzip2 | mcrypt -k 'SOME_LONG_COMPLEX_KEY' |  ncftpput -c -u FTP_USER -p FTP_PASS FTP_HOST /PREFIX-`date +%Y%m%d`

the combinations and possibilities are limitless !
I just gave you the idea and showed you the power, use your own brain to make your perfect solution 😉
Just something else , if you needed to decrypt the file , you can use the following command :

mcrypt -d FILE_NAME -k 'YOUR_LONG_COMPLEX_KEY' > NEW_FILE_NAME

April 29, 2011

Backup all MySQL DBs and Compress and Email the backup

Filed under: CentOS,Debian,General,linux,MySQL — Tags: , , , , , , — admin @ 1:28 pm

Make sure mutt & bzip2 are installed on your server.
Change USERNAME & PASSWORD to your MySQL login credentials.
Change email@domain.com to your email which can accept large attachments (gmail is recommended, currently it accepts attachments up to 25MBs)
Put the following line in your crontab. you can access crontab by this command : crontab -e

0 0 * * * mysqldump --user=USERNAME --password=PASSWORD -A | bzip2 > ~/AllDBsBackup.bz2 && echo | mutt -a ~/AllDBsBackup.bz2 -s "All DBs Daily Backup" -- email@domain.com

April 27, 2011

Block BitTorrent traffic on your Linux firewall using iptables

Filed under: Debian,linux,Security — Tags: , , , , , — admin @ 7:25 pm

The following script will block and log un-encrypted BitTorrent & DHT traffic on your Linux firewall.
I have personally tested it on debian 5 lenny , but I am almost sure it should work pretty well on any new Linux distros.

iptables -N LOGDROP > /dev/null 2> /dev/null 
iptables -F LOGDROP 
iptables -A LOGDROP -j LOG --log-prefix "LOGDROP " 
iptables -A LOGDROP -j DROP

#Torrent
iptables -A FORWARD -m string --algo bm --string "BitTorrent" -j LOGDROP 
iptables -A FORWARD -m string --algo bm --string "BitTorrent protocol" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string "peer_id=" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string ".torrent" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string "announce.php?passkey=" -j LOGDROP 
iptables -A FORWARD -m string --algo bm --string "torrent" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string "announce" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string "info_hash" -j LOGDROP 

# DHT keyword
iptables -A FORWARD -m string --string "get_peers" --algo bm -j LOGDROP
iptables -A FORWARD -m string --string "announce_peer" --algo bm -j LOGDROP
iptables -A FORWARD -m string --string "find_node" --algo bm -j LOGDROP

July 29, 2010

GET: command not found

Filed under: Debian — Tags: , , , — admin @ 4:41 pm

if you get the following error on debian :

-bash: GET: command not found

install the following package :

apt-get install libwww-perl

July 16, 2010

Find the fastest apt mirrors (repos) for debian lenny

Filed under: Debian — Tags: , , , , , , , — admin @ 3:21 pm
apt-get install netselect-apt
netselect-apt -n -s lenny

How to install Byte UnixBench on debian lenny

Filed under: Debian,General — Tags: , , , , , , — admin @ 2:28 pm

From UnixBench website :

UnixBench is the original BYTE UNIX benchmark suite, updated and revised by many people over the years.

The purpose of UnixBench is to provide a basic indicator of the performance of a Unix-like system; hence, multiple tests are used to test various aspects of the system’s performance. These test results are then compared to the scores from a baseline system to produce an index value, which is generally easier to handle than the raw scores. The entire set of index values is then combined to make an overall index for the system.

Some very simple graphics tests are included to measure the 2D and 3D graphics performance of the system.

Multi-CPU systems are handled. If your system has multiple CPUs, the default behaviour is to run the selected tests twice — once with one copy of each test program running at a time, and once with N copies, where N is the number of CPUs. This is designed to allow you to assess:

  • the performance of your system when running a single task
  • the performance of your system when running multiple tasks
  • the gain from your system’s implementation of parallel processing

Do be aware that this is a system benchmark, not a CPU, RAM or disk benchmark. The results will depend not only on your hardware, but on your operating system, libraries, and even compiler.

First install required libraries for compilation :

apt-get install libx11-dev libgl1-mesa-dev libxext-dev perl  perl-modules make

Then get the unixbench and run it :

wget http://byte-unixbench.googlecode.com/files/unixbench-5.1.2.tar.gz
tar zxvf unixbench-5.1.2.tar.gz
cd unixbench-5.1.2
./Run

April 30, 2010

Connect to PPTP VPN from Linux only by one command

Filed under: CentOS,Debian,General — Tags: , , , , , , , , , — admin @ 1:03 pm

I’ve used this method to connect to a windows PPTP VPN server on PCLinuxOS 2010 , but I am sure it will work on other ditros too.
First make sure sure pptp-linux and ppp packages are installed on your client PC.
you may install them by yum or apt-get or package manager of your linux.
then use the following command to connect to VPN.

pppd pty "pptp IP_OR_FQDN_VPN_SERVER --nolaunchpppd" file /etc/ppp/options.pptp user USERNAME password PASSWORD

replace IP_OR_FQDN_VPN_SERVER with IP or DNS of your VPS server.
replace USERNAME with your VPN username.
replace PASSWORD with your VPN password.
wait for like 10-15 seconds , then run ifconfig command , you should see ppp0 interface there , if it is not there , you can troubleshoot by looking into syslog of your linux.
please note this command is good for connecting to a windows VPN server with default configuration , if you have any custom settings , you may need to edit /etc/ppp/options.pptp file.
to disconnect form VPN , use the following command :

killall pppd

if you need to route all of your traffic to VPN server ( use it as a gateway ) , do the following :
create a file named vpn-up in /etc/ppp/ip-up.d and put the following lines inside it :

#!/bin/bash
H=`ps aux | grep 'pppd pty' | grep -v grep | awk '{print $14}'`
DG=`route -n | grep UG | awk '{print $2}'`
DEV=`route -n | grep UG | awk '{print $8}'`
route add -host $H gw $DG dev $DEV
route del default $DEV
route add default dev ppp0

and make it executable by :

chmod +x vpn-up

create another file named vpn-down in /etc/ppp/ip-down.d and put the following lines inside it :

#!/bin/bash
H=`route -n | grep UGH | awk '{print $1}'`
DG=`route -n | grep UGH | awk '{print $2}'`
DEV=`route -n | grep UGH | awk '{print $8}'`
route del -host $H
route add default gw $DG dev $DEV

and make it executable by :

chmod +x vpn-down

now reconnect to VPN , and your routing will be done automatically.

« Newer PostsOlder Posts »

Powered by WordPress