Wednesday, August 24, 2016

Cloning a VPS into a local VM

Cloning a VPS into a local VM?

This will work perfectly for you ...
On the source VM instance ...

sudo su
cd /
tar cvpzf backup.tgz --exclude=/proc --exclude=/lost+found --exclude=/backup.tgz --exclude=/mnt --exclude=/sys /

On the target machine (dedicated or VPS)

tar xvpfz backup.tgz -C /

And make sure any dirs excluded are re-created

mkdir proc
mkdir lost+found
mkdir mnt
mkdir sys

Friday, August 12, 2016

Install xrdp Remote Desktop to CentOS 6 / RHEL 6

Prerequisites:

Install EPEL repository on CentOS 6.
32 Bit

# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

64 Bit

# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Installation:

Issue the following command to install xrdp

# yum -y install xrdp tigervnc-server

You will get the following output, make sure you are getting package from the newly created repository.

Installed:
  tigervnc-server.x86_64 0:1.1.0-8.el6_5      xrdp.x86_64 0:0.5.0-0.13.el6
 
Dependency Installed:
  libXmu.x86_64 0:1.1.1-2.el6
  xorg-x11-fonts-misc.noarch 0:7.2-9.1.el6
  xorg-x11-xauth.x86_64 1:1.0.2-7.1.el6

Once it is installed, lets start the xrdp service.

# service xrdp start

xrdp will listen on 3389, lets confirm this by issuing following command.

# netstat -antup | grep xrdp
tcp        0      0 127.0.0.1:3350              0.0.0.0:*                   LISTEN      11299/xrdp-sesman
tcp        0      0 0.0.0.0:3389                0.0.0.0:*                   LISTEN      11295/xrdp

By default, services wont auto start after system reboot. Issue the following command to enable the service at system start up.

# chkconfig xrdp on
# chkconfig vncserver on

Test:

Now take rdp from any windows machine using Remote Desktop Connection, enter ip address of Linux server in computer field and click on connect.

Friday, August 5, 2016

installing JBoss 7.1.1 on CentOS 6.x.

JBoss 7.1.1 will work with JDK 6 or JDK 7.

Download jdk from http://www.oracle.com/technetwork/java/javase/downloads/index.html

Downloads]# rpm -ivh jdk-7u7-linux-x64.rpm

Downloads]# wget http://download.jboss.org/jbossas/7.1/jboss-as-7.1.1.Final/jboss-as-7.1.1.Final.zip

unzip jboss-as-7.1.1.Final.zip -d /usr/share/

cd /usr/share

mv jboss-as-7.1.1.Final/ jboss-as

Create a new group, jboss, and then create the user jboss and add the user to the jboss group.

Downloads]# groupadd jboss;useradd -s /bin/bash -g jboss jboss

Downloads]# chown -Rf jboss.jboss /usr/share/jboss-as/

Downloads]# passwd jboss

Downloads]# cat /root/.bash_profile

JAVA_HOME=/usr/java/jdk1.7.0_07

export JAVA_HOME

PATH=$JAVA_HOME/bin:$PATH

export PATH

Downloads]# . ~/.bash_profile

java version "1.7.0_07"

Java(TM) SE Runtime Environment (build 1.7.0_07-b10)

Java HotSpot(TM) 64-Bit Server VM (build 23.3-b01, mixed mode)

Downloads]# java -version

java version "1.7.0_07"

Java(TM) SE Runtime Environment (build 1.7.0_07-b10)

Java HotSpot(TM) 64-Bit Server VM (build 23.3-b01, mixed mode)

Downloads]# su - jboss

vellore ~]$ java -version

java version "1.6.0_24"

OpenJDK Runtime Environment (IcedTea6 1.11.1) (rhel-1.45.1.11.1.el6-x86_64)

OpenJDK 64-Bit Server VM (build 20.0-b12, mixed mode)

vellore ~]$ exit

Downloads]# cp /usr/share/jboss-as/bin/init.d/jboss-as-standalone.sh /etc/init.d/jboss

Downloads]# vim /etc/init.d/jboss

5 # chkconfig: 234 80 20

18 JBOSS_USER=jboss

19 export JBOSS_USER

Downloads]# chmod 755 /etc/init.d/jboss

Downloads]# chkconfig --add jboss

Downloads]# chkconfig --level 234 jboss on

Downloads]# service jboss start

Starting jboss-as: [ OK ]

Downloads]# service jboss stop

vim /usr/share/jboss-as/standalone/configuration/standalone.xml

By default, JBoss 7.1.1 is bound to the loopback IP of 127.0.0.1, so if we want to make it available on the web, we need to change this.

Locate standalone.xml under /usr/share/jboss-as/standalone/configuration/.

Open standalone.xml in vi or a text editor and look for the public interfaces node as shown below.

<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface>

To make JBoss publicly accessible, change 127.0.0.1 to either 0.0.0.0 to allow access on all interfaces or to your public IP.

So, for example, if your public IP is 10.66.191.232, you would change it as so:

[root@vellore ~]# vim /usr/share/jboss-as/standalone/configuration/standalone.xml

275 <interfaces>

276 <interface name="management">

277 <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>

278 </interface>

279 <interface name="public">

280 <inet-address value="${jboss.bind.address:10.66.191.232}"/>

281 </interface>

282

283 <interface name="unsecure">

284 <!--

285 ~ Used for IIOP sockets in the standard configuration.

286 ~ To secure JacORB you need to setup SSL

287 -->

288 <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>

289 </interface>

[root ~]# service jboss start

adding a Management user as shown on the error page:

# cd /usr/share/jboss-as/bin

Issue './add-user.sh' to run the script to add a Management user. Follow the prompts. Some defaults are provided.

bin]# ./add-user.sh

What type of user do you wish to add?

a) Management User (mgmt-users.properties)

b) Application User (application-users.properties)

(a):

Enter the details of the new user to add.

Realm (ManagementRealm) :

Username : amit

Password : ------ > should not give user name as password

Re-enter Password :

* Error *

JBAS015238: Username must not match the password.

Enter the details of the new user to add.

Realm (ManagementRealm) :

Username (amit) :

Password :

Re-enter Password :

About to add user 'amit' for realm 'ManagementRealm'

Is this correct yes/no? yes

Added user 'amit' to file '/usr/share/jboss-as/standalone/configuration/mgmt-users.properties'

Added user 'amit' to file '/usr/share/jboss-as/domain/configuration/mgmt-users.properties'

[root@vellore bin]#

While you can now access the Admin console on localhost (127.0.0.1), if you want to access it publicly, we need to update standalone.xml under /usr/share/jboss-as/standalone/configuration/ as we did earlier.

Open standalone.xml in vi or a text editor and look for the management interface node as shown below.

<interface name="management">
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
</interface>

To make the JBoss Admin console publicly accessible, change 127.0.0.1 to your your public IP or to 0.0.0.0 for all interfaces.

So, for example, if your public IP is 10.66.191.232, you would change it as so:

[root@vellore bin]# vim /usr/share/jboss-as/standalone/configuration/standalone.xml

275 <interfaces>

276 <interface name="management">

277 <inet-address value="${jboss.bind.address.management:10.66.191.232}"/>

278 </interface>

279 <interface name="public">

280 <inet-address value="${jboss.bind.address:10.66.191.232}"/>

281 </interface>

282

283 <interface name="unsecure">

284 <!--

285 ~ Used for IIOP sockets in the standard configuration.

286 ~ To secure JacORB you need to setup SSL

287 -->

288 <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>

289 </interface>

290 </interfaces>

Again, if you wish to have the Admin console publicly accessible on all interfaces, use 0.0.0.0 in place of your IP above.

Retstart JBoss to reload the the change to standalone.xml:

[root@vellore bin]# service jboss restart

Stopping jboss-as: *** JBossAS process (16532) received TERM signal ***

[ OK ]

Starting jboss-as: [ OK ]

website excess : http://10.66.191.232:8080

website Deployed path: -

/usr/share/jboss-as/standalone/deployments

example:- [root@mail deployments]# ls
bkchindiagro.war WelcomHelloJBoss.war
bkchindiagro.war.deployed WelcomHelloJBoss.war.deployed
README.txt

then service restart

First check 127.0.0.1:9990 then chang configration file after that excess your ip http://10.66.191.232:9990

OpenLDAP server Backup & Restore

Backup

To backup the entire LDAP database we can make use of the command slapcat. The slapcat command genetates a LDIF (LDAP Directory Interchange Format) file contianing the dump of entire LDAP database.

slapcat -v -l ldap-backup.ldif

The above command generates a backup file named ldap-backup.ldif in the current directory.

Without the -l option slapcat writes the content to standard output.

The slapcat command reads the ldap configuration file at the default location (/etc/openldap/slapd.conf) and takes the database dump. We can provide a LDAP configuartion file at a different location using -f option as given below.

slapcat -v -f /etc/openldap/slapd.conf -l ldap-backup.ldif

Restore

To restore the database from the earlier backup LDIF file we can use slapadd command.

slapadd -l ldap-backup.ldif

In case files already exist in the LDAP database location we have to clear them before restoring using slapadd while retaining the DB_CONFIG file. The sample DB_CONFIG file should be in /etc/openldap/DB_CONFIG.example.

rm -fr /var/lib/ldap/example.in/*

Once the files are cleared you should be able to restore the database using slapadd given above.

On successful completion of the restoration restart the LDAP server.

service ldap restart

basic command in ldap:-

ldapsearch -x -b "dc=amit,dc=com"

ldapsearch -x -D "uid=mukesh,ou=People,dc=amit,dc=com" -W -H ldap://puppet.amit.com -b "ou=People,dc=amit,dc=com" -s sub 'uid=mukesh'

Install phpLDAPadmin to Manage LDAP with a Web Interface

Install phpLDAPadmin

CentOS/RHEL 6, 32 Bit:
# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
# rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

CentOS/RHEL 6, 64 Bit:
# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

 yum --enablerepo=remi install httpd

# service httpd start
# chkconfig httpd on

 yum --enablerepo=remi install mysql mysql-server

service mysqld start
# /usr/bin/mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):     ## Press Enter ## 
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n]     ## Press Enter ##
New password:                ## Enter new password ##
Re-enter new password:       ## Re-enter new password ##
Password updated successfully!
Reloading privilege tables..
 ... Success!

By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n]     ## Press Enter ##
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n]     ## Press Enter ## 
... Success!
By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n]     ## Press Enter ##
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n]     ## Press Enter ##
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!

yum -y install php php-mysql

yum --enablerepo=remi install php-common php-cli php-mysql php-devel

Install PHP

 yum install php php-mysql php-devel php-gd php-pecl-memcache php-pspell php-snmp php-xmlrpc php-xml

PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely used open-source general purpose scripting language that is especially suited for web development and can be embedded into HTML.

Install PHP with following command:

# yum install php -y

Test PHP

Create a sample “testphp.php” file in Apache document root folder and append the lines as shown below:

# vi /var/www/html/testphp.php

Add the following lines.

Install phpLDAPadmin to Manage LDAP with a Web Interface

yum install epel-release

yum install phpldapadmin

Now we configure phpldapadmin

sudo vim /etc/phpldapadmin/config.php

Change dc=yourdomain,dc=com/in etc

On line 300

$servers->setValue(‘server’,’base’,array(‘dc=example,dc=com’));

On line 397: uncomment, line 398: comment out

$servers->setValue(‘login’,’attr’,’dn’);

// $servers->setValue(‘login’,’attr’,’uid’);

On line 326 or 332

$servers->setValue(‘login’,’bind_id’,’cn=Manager,dc=example,dc=com’);

Now, we edit permission for accessing phpldapadmin on network

vi /etc/httpd/conf.d/phpldapadmin.conf

<Directory /usr/share/phpldapadmin/htdocs> Order Deny,Allow Deny from all Allow from 127.0.0.1 192.168.1.0/24 (your IP range)

Allow from ::1 </Directory>

Now restart httpd service

/etc/rc.d/init.d/httpd restart

Stopping httpd:                     [  OK  ]
Starting httpd:                     [  OK  ]

# service httpd restart
# chkconfig httpd on
# service mysqld restart
# chkconfig mysqld on

check http://serverhostname/ldapadmin in browser.

squid server configuration with few ACL

yum install squid*

vim /etc/squid/squid.conf

##
get new ad server list curl-sS -L --compressed"http://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml&showintro=0&mimetype=plaintext"
> /etc/squid/ad_block.txt 

##refresh squid

/usr/local/sbin/squid -k reconfigure or squid -z
make to transparent proxy
# Squid normally listens to port 3128
http_port 192.168.101.97:3128 transparent
visible_hostname localhost

acl use to without restriction access web site
acl Boss_IP src 192.168.101.230 192.168.101.88 192.168.101.20 192.168.101.83 192.168.101.19
http_access allow Boss_IP

## disable ads ( http://pgl.yoyo.org/adservers/ )
acl ads dstdom_regex "/etc/squid/ad_block.txt"
http_access deny ads

acl limited_users src 192.168.101.0/24 # downlord limit_rule_
reply_body_max_size 330 MB limited_users

acl blockfiles urlpath_regex -i "/etc/squid/blocks.files.acl"

\.[Ee][Xx][Ee]$
\.[Aa][Vv][Ii]$ # .avi or .AVI
\.[Mm][Pp]3$ # .mp3 or .MP3
\.[Zz][Ii][Pp]$
\.[Mm][Ss][Ii]$
\.[Mm][Pp]4$
\.[Ff][Ll][Vv]$
\.[Rr][Pp][Mm]$
\.[Tt][Zz]$
\.[Bb][Zz]$
\.[Mm][Ss][Ii]$

# Deny all blocked extension
#deny_info ERR_BLOCKED_FILES blockfiles
http_access deny blockfiles home ;;--yellow is my network acl

acl blockeddomain dstdomain "/etc/squid/blocked.domains.acl"
http_access deny blockeddomain
http_reply_access deny CONNECT blockeddomain

join Linux client to Samba4 Domain server

join Linux client to Samba4 Domain server

http://download1.beyondtrust.com/Technical-Support/Downloads/PowerBroker-Identity-Services-Open-Edition/?Pass=True

Q: Is it possible to join Linux client to Samba4 Domain server? If Yes, How?

A: Yes it is possible. You can use a third party client tool to do the same i.e. Power Breaker Integration Services i.e PBIS earlier known as Likewise which is now purchased by BeyondTrust.

For this article I will assume that you already have a working Samba 4 Domain Controller.

Login to the client Linux machine and download the pbis package from the below link
Download BeyondTrust PBIS package for linux or Mac

NOTE: Since I am using RedHat I have used rpm package for the demo, please download the package as per your OS and bit size
To check the bit size of your linux machine follow the below link
Find bit size of your *nix machine

Once the package is downloaded, make the file executable as shown below
# chmod +x pbis-open-8.0.0.2016.linux.x86_64.rpm.sh
Install the package

# ./pbis-open-8.0.0.2016.linux.x86_64.rpm.sh

Creating directory pbis-open-8.0.0.2016.linux.x86_64.rpm

Verifying archive integrity... All good.

Uncompressing pbis-open-8.0.0.2016.linux.x86_64.rpm............

Would you like to install package for legacy links? (i.e.  /opt/likewise/bin/lw
                                                                        
                 -find-user-by-name -> 
/opt/pbis/bin/find-user-by-name) (yes/no) yes

Would you like to install now? (yes/no) yes

Installing packages and old packages will be removed

Preparing...                ########################################### [100%]

   1:pbis-open-upgrade      ########################################### [100%]

Preparing...                ########################################### [100%]

   1:pbis-open              ########################################### [100%]

Setting up SELinux Policy Module



Importing registry...



Preparing...                ########################################### [100%]

   1:pbis-open-gui          ########################################### [100%]

Preparing...                ########################################### [100%]

   1:pbis-open-legacy       ########################################### [100%]

Installing Packages was successful



New libraries and configurations have been installed for PAM and NSS.

Please reboot so that all processes pick up the new versions.



As root, run domainjoin-gui or domainjoin-cli to join a domain so you can log o                                                                                         n

with Active Directory credentials. Example:

domainjoin-cli join MYDOMAIN.COM MyJoinAccount

So the installation step was complete successfully now time to join your linux client to the domain server

# domainjoin-cli join TEST.COM administrator

Joining to AD Domain:   TEST.COM

With Computer DNS Name: server2.test.com



administrator@TEST.COM's password: [administrator password of Samba4 Domain server]

Warning: System restart required

Your system has been configured to authenticate to Active Directory for 
the first time.  It is recommended that you restart your system to 
ensure that all applications

recognize the new settings.



SUCCESS

Once the machine is successfully joined reboot the client machine for the change to take affect

After reboot verify if all the users under domain server are reflected on your client

NOTE: Since you are using pbis so the commands to list users will differ, you can get list of all the commands under /opt/likewise/bin or /opt/pbis/bin

Use the below command and syntax domain\\username

# /opt/pbis/bin/find-user-by-name test.com\\administrator

User info (Level-0):

====================

Name:              administrator

SID:               S-1-5-21-2928479140-2576742891-3975546437-500

Uid:               1709179380

Gid:               1709179393

Gecos:             <null>

Shell:             /bin/sh

Home dir:          /home/administrator

Logon restriction: NO

So as you see administrator user from my domain server is visible on my client. Now I also have a domain user "deepak" on my domain server. let me try to login from deepak on my client

login as: test.com\deepak

Using keyboard-interactive authentication.

Password: [password for deepak]

Last login: Wed May  7 11:16:29 2014 from 192.168.1.2

sh-4.1$ pwd

/home/local/TEST/deepak

So I have successfully logged in but into "sh" shell and my home location also shows different.

Well these are few things which has to be manually changed. Follow the below steps to do the same

On client
You can view all the configuration using the below command
# /opt/pbis/bin/config --dump
Look out for the parameters you want to change. For example

To avoid using your domain name every time you login for a user (in case you only have one domain added to your client)
# /opt/pbis/bin/config AssumeDefaultDomain true
To change the default home directory location for domain users

# /opt/pbis/bin/config HomeDirTemplate "%H/%U"

# /opt/pbis/bin/config Local_HomeDirTemplate "%H/%U"

To change the default login shell

# /opt/pbis/bin/config LoginShellTemplate /bin/bash

# /opt/pbis/bin/config Local_LoginShellTemplate /bin/bash

Next try to view your domain users

# /opt/pbis/bin/find-user-by-name deepak

User info (Level-0):

====================

Name:              deepak

SID:               S-1-5-21-2928479140-2576742891-3975546437-1107

Uid:               1709179987

Gid:               1709179393

Gecos:             deepak

Shell:             /bin/bash

Home dir:          /home/deepak

Logon restriction: NO

http://www.golinuxhub.com/2014/05/how-to-configure-linux-client-to-join.html

Tuesday, August 2, 2016

useful document link-

useful document link-

1. ldap server :- http://linuxoperatingsystem.info/ldap-server-configuration-in-centos-6-step-by-step/
http://linuxoperatingsystem.info/ldap-server-configuration-in-centos-6-step-by-step/

2. bacula :- http://linuxgateway.in/bacula-server-installation-and-configuration-on-centos-6-2/
3. webmin: - http://www.webmin.com/rpm.html
4. Cluster1:- https://www.youtube.com/watch?v=-AnoLFwBWHg
5. Cluster2:- https://imanudin.net/2015/03/18/how-to-configure-online-failoverfailback-on-centos-6-using-heartbeat/

6. chatserver :- https://yogilinux.com/2014/11/01/install-openfire-3-9-3-on-centos-6-6-x86_64/

samba :-
http://linuxgateway.in/samba-pdc-with-ldap-backend-on-centos-6-5/
http://www.linuxpcfix.com/samba-4-ad-dc-on-centos/
http://easylinuxtutorials.blogspot.in/search?q=samba
http://albertolarripa.com/2012/08/12/samba4-installation-and-configuration

JBOSS 7: -
http://visitmeranjith.blogspot.in/2013/05/how-to-install-jboss-in-rhel-6x-centos.html

squid:-

https://www.howtoforge.com/squid-proxy-on-rhel5-centos-everything-that-you-should-know-about

postfix:-

https://www.unixmen.com/install-postfix-mail-server-with-dovecot-and-squirrelmail-on-centos-6-4/

phmyadmin

https://www.unixmen.com/install-lamp-server-in-centos-6-4-rhel-6-4/

Appche tuning link

https://www.interserver.net/tips/kb/apache-tuning-parameters/

cpanal

https://www.interserver.net/tips/kb/everything-cpanel-directory-structure/

http://minimallinux.blogspot.in/2013/04/centos-6rhel-install-yed-graph-editor.html

downlord link software http://www.getdriver.com/download/6985/broadcom-wireless-lan-driver-for-microsoft-windows-7-version-5-100-82-139-35-3-mb-hp-pavilion-g6-1d60us-driver-windows-7-32-bit-64-bit/

cluster type http://freecode.com/articles/linux-clustering-software

https://vedpuran.net/

https://sensuapp.org/docs/0.24/platforms/sensu-on-rhel-centos.html#sensu-core

useful document link-

https://www.howtoforge.com/squid-proxy-on-rhel5-centos-everything-that-you-should-know-about

postfix:-

https://www.unixmen.com/install-postfix-mail-server-with-dovecot-and-squirrelmail-on-centos-6-4/

phmyadmin

https://www.unixmen.com/install-lamp-server-in-centos-6-4-rhel-6-4/

Monday, August 1, 2016

HP printer install on ubuntu and centos operating system

HPprinter install on ubuntu and centos operating system

https://sourceforge.net/projects/hplip/files/

downland and install

./hplip-3.16.7.run
or hp-install

if geting any error then use it
hp-docter