Add EPEL Repo to CentOS or SL 6

For 64 Bit

rpm –import http://fedoraproject.org/static/0608B895.txt
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm

For 32 Bit

rpm –import http://fedoraproject.org/static/0608B895.txt
wget http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm

Additional Add Remi Repo

rpm –import http://rpms.famillecollet.com/RPM-GPG-KEY-remi
rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

yum install yum-priorities

Edit /etc/yum.repos.d/epel.repo

vi /etc/yum.repos.d/epel.repo

Share

Open Sourced Load Balancer

Linux Virtual Server
The Linux Virtual Server Project is a project to cluster many real servers together into a highly available, high-performance virtual server. The LVS load balancer handles connections from clients and passes them on the the real servers (so-called Layer 4 switching) and can virtualize almost any TCP or UDP service, like HTTP, HTTPS, NNTP, FTP, DNS, ssh, POP3, IMAP4, SMTP, etc. It is fully transparent to the client accessing the virtual service.
Homepage: http://www.LinuxVirtualServer.org/

BalanceNG
BalanceNG is a modern software IP load balancing solution. It is small, fast, and easy to use and setup. It offers session persistence, different distribution methods (Round Robin, Random, Weighted Random, Least Session, Least Bandwidth, Hash, Agent, and Randomized Agent) and a customizable UDP health check agent in source code. It supports VRRP to set up high availability configurations on multiple nodes. It supports SNMP, integrating the BALANCENG-MIB with Net-SNMPD. It implements a very fast in-memory IP-to-location database, allowing powerful location-based server load-balancing.
Homepage:http://www.inlab.de/balanceng/

HAproxy 
HAproxy is a high-performance and highly-robust TCP and HTTP load balancer which provides cookie-based persistence, content-based switching, advanced traffic regulation with surge protection, automatic failover, run-time regex-based header control, Web-based reporting, advanced logging to help trouble-shooting buggy applications and/or networks, and a few other features. Its own event-driven state machine achieves 20,000 hits per second and surpasses GigaEthernet on modern hardware, even with tens of thousands of simultaneous connections.
Homepage:http://haproxy.1wt.eu/ Continue reading “Open Sourced Load Balancer” »

Share

MySQL Master-Master Replication

This article is about setting up MySQL Master-Master database replication between two Cloud Servers. Master-Master data replication allows for replicated data, stored on multiple computers, to be updated by any authorized contributing member of the group. This allows for more open collaboration than Master-Slave replication where any needed changes identified by a group member must to be submitted to the designated “master” of the node.

The operating system we will use is Debian 5 (Lenny).

Setup Outline

  • We will have two Cloud Servers, named debian501 and debian502 for the purpose of this exercise. Both servers have two IP addresses (one public, one private). We will configure the replication to be done over the private IP interface so that we don’t incur any bandwidth charges.

Installing MySQL

  • First we need to install MySQL on both the Debian Cloud Servers. As always, prior to installing any packages, we need to make sure that our package list is up to date and our locale/language settings are configured properly.
  • Update the package database:
 #aptitude update
  • Install locales (optional):
 #aptitude install locales #dpkg-reconfigure locales
  • The dpkg-reconfigure locales command will bring up a locales setting window where you can choose the locales for your system depending on your country and region. In this case we have chosen en_GB.UTF-8.
  • Now, you can run the following commands to install MySQL:
 #aptitude install mysql-server mysql-client libmysqlclient15-dev

Continue reading “MySQL Master-Master Replication” »

Share

Install Perfect Mail Server with ISPConfig and Horde 5.0 on Debian Wheezy- Part-2

Install necessary packages

apt-get install php5-sasl php5-intl libssh2-php php5-curl php-http php5-xmlrpc php5-geoip php5-ldap php5-memcache php5-memcached php5-tidy

Register the Horde Pear channel

pear channel-discover pear.horde.org

Set the Horde installation directory

pear install horde/horde_role
pear run-scripts horde/horde_role

You'll be asked the following question:

Filesystem installation for base Horde application: /var/www/horde

You can also chose another folder for the web-accessible horde files. However you'll need to adjust the path in the following steps then. Continue reading “Install Perfect Mail Server with ISPConfig and Horde 5.0 on Debian Wheezy- Part-2” »

Share

Install Perfect Mail Server with ISPConfig and Horde 5.0 on Debian Wheezy- Part-1

First, Install Basic Debian Wheezy. Make sure your network configurations are ok.

Once installed start doing following-

Fixing hostname-

edit /etc/hosts. Make it look like this:

vi /etc/hosts

127.0.0.1 localhost.localdomain localhost
192.168.0.100 server1.example.com server1

# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

Continue reading “Install Perfect Mail Server with ISPConfig and Horde 5.0 on Debian Wheezy- Part-1” »

Share

Fixing Bind for Webmin

First get rid of bind-chroot (if it is installed!)

yum -y remove bind-chroot

edit /etc/sysconfig/named and remove/comment out any lines that look like ROOTDIR="/var/named/chroot"

Fix the owner of /etc/named.conf with

chown named:named /etc/named.conf

In Webmin go to Servers > Bind DNS Server > Module Config and check the following configs Continue reading “Fixing Bind for Webmin” »

Share

Bash Shellshock fix with scripts for Debian, Ubuntu, CentOS and other distros. including old

First check if your Bash is vulnerable, execute the following command-

env x='() { :;}; echo vulnerable’ bash -c ‘echo this is a test’

If your system is vulnerable, you will see:

vulnerable

this is a test

If your system is not vulnerable, you will see:

bash: warning: x: ignoring function definition attempt

bash: error importing function definition for `x’

this is a test

To check for the vulnerability CVE-2014-6271, run the following in Bash:

env X='() { (a)=>\’ sh -c “echo date”; cat echo

If your system is vulnerable, you will see:

bash: X: line 1: syntax error near unexpected toke `=’

bash: X: line 1: `’

bash: error importing function for `X’

Sun Sep 08:17:32 EST 2014

If your system is not vulernable, you will see:

date

cat: echo: No such file or directory

To test the vulnerability CVE-2014-7186, run the following in Bash:

bash -c ‘true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF’ || echo “CVE-2014-7186 vulnerable, redir_stack”

If your system is not vulnerable, you will see:

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

So, let’s start fixing it!

 

Below, I’ve tried to put various contributors solution to place in a single entry.

For Debian 6 (Squeeze)

 

Append this to your sources.list:

deb http://http.debian.net/debian squeeze-lts main contrib non-free

deb-src http://http.debian.net/debian squeeze-lts main contrib non-free

and then run

apt-get update

apt-get install -t squeeze-lts –only-upgrade bash Continue reading “Bash Shellshock fix with scripts for Debian, Ubuntu, CentOS and other distros. including old” »

Share

PHPSysinfo Installation and Configuration on Debain

PhpSysInfo is an awesome PHP script that displays system and other monitoring information for Linux. phpSysInfo pulls data from /proc and other locations to display on an easy to read page.

On Ubuntu or Debian, install phpsysinfo with:

$ sudo apt-get install phpsysinfo

The config file is then located in:

/etc/phpsysinfo/config.php

Debian / Ubuntu Security concern: Continue reading “PHPSysinfo Installation and Configuration on Debain” »

Share