Configurations (Linux)

How to Allow MySQL Client to Connect to Remote MySQL server

by

By default, MySQL does not allow remote clients to connect to the MySQL database.

If you try to connect to a remote MySQL database from your client system, you will get “ERROR 1130: Host is not allowed to connect to this MySQL server” message as shown below.

$ mysql -h 192.168.1.8 -u root -p
Enter password:
ERROR 1130: Host '192.168.1.4' is not allowed to connect to this MySQL server

You can also validate this by doing telnet to 3306 mysql port as shown below, which will also give the same “host is not allowed to connect to this mysql server” error message as shown below.

Read more

Share

Recover MySQL root Password

by

 

Step # 1 : Stop mysql service
# /etc/init.d/mysql stop
Output:

Stopping MySQL database server: mysqld.

Step # 2: Start to MySQL server w/o password:

# mysqld_safe --skip-grant-tables &
Output:[1] 5988 Starting mysqld daemon with databases from /var/lib/mysql mysqld_safe[6025]: started

Step # 3: Connect to mysql server using mysql client:

# mysql -u root
Output:Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 1 to server version: 4.1.15-Debian_1-log Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql>

Step # 4: Setup new MySQL root user password

mysql> use mysql;
mysql> update user set password=PASSWORD("NEW-ROOT-PASSWORD") where User='root';
mysql> flush privileges;
mysql> quit

Step # 5: Stop MySQL Server:
# /etc/init.d/mysql stop
Output:
Stopping MySQL database server: mysqld STOPPING server from pid file /var/run/mysqld/mysqld.pid mysqld_safe[6186]: ended [1]+ Done mysqld_safe –skip-grant-tables

Step # 6: Start MySQL server and test it

# /etc/init.d/mysql start
# mysql -u root -p

Src: http://www.cyberciti.biz/tips/recover-mysql-root-password.html
Share

Virtual USB and VBoxusergroup Troubleshoot on Linux Host

by

I faced USB issues on both Virtualbox installation on both Debian and CentOS linux host. I really didn't notice the urgency of vboxusers group in running VBox in headless mode!

Anyway, following snippets of texts really did help me out solving my USB problems. All credits goes to the VBox manual documents. The manual page links are provided below for future refences-

Read more

Share

CentOS – Enable or Disable SELinux in command interface

by

From the command line, you can edit the /etc/sysconfig/selinux file. This file is a symlink to /etc/selinux/config. The configuration file is self-explanatory. Changing the value of SELINUX or SELINUXTYPE changes the state of SELinux and the name of the policy to be used the next time the system boots.

[root@host2a ~]# cat /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=permissive
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
SELINUXTYPE=targeted

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0
Share

VBoxHeadless – Running Virtual Machines With VirtualBox 4.0 On A Headless CentOS 5.6 Server

by

This guide explains how you can run virtual machines with VirtualBox 4.0 on a headless CentOS 5.6 server. Normally you use the VirtualBox GUI to manage your virtual machines, but a server does not have a desktop environment. Fortunately, VirtualBox comes with a tool called VBoxHeadless that allows you to connect to the virtual machines over a remote desktop connection, so there's no need for the VirtualBox GUI.

I do not issue any guarantee that this will work for you!

 

1 Preliminary Note

I have tested this on a CentOS 5.6 server (host system) with the IP address 192.168.0.100 where I'm logged in as a normal user (user name admin in this example) instead of as root.

If you only have a root account, but no normal user account, create one as follows (user admin, group admin)…

# groupadd admin
# useradd -d /home/admin -m -g admin -s /bin/bash admin

… create a password for the new user…

# passwd admin

… and log in as that user.

Read more

Share

Icinga Sample Host cfg file to monitor Windows Server

by

define host{
use             windows-server  ; Inherit default values from a template
host_name blk-smsgw ; The name we're giving to this host
alias           Windows Server       ; A longer name associated with the host
address        10.10.10.1    ; IP address of the host
        }

definehostgroup{

alias           Windows Servers ; Long name of the group
members localhost, blk-smsgw     ; Comma separated list of hosts that belong to this group
        }
define service{
use                     generic-service
host_name               blk-smsgw
service_description     NSClient++ Version
check_command           check_nt!CLIENTVERSION
}

Read more

Share

Monitor Windows Service using Nagios (Icinga)

by

On the Nagios Server edit the file /usr/local/nagios/etc/objects/windows.cfg:

# vi /usr/local/nagios/etc/objects/windows.cfg

Add the following to create a new service definition to monitor the process state of WinVNC.exe (VNC Server):

# Create a service for monitoring the WinVNC.exe process
# Change the host_name to match the name of the host you defined above

define service{
        use                     generic-service
        hostgroup_name          windows-servers
        service_description     VNC
        check_command           check_nt!PROCSTATE!-d SHOWALL -l WinVNC.exe
        }

Add the following to create a new service definition to monitor the Service state of the Print Spooler service:

define service{
        use                     generic-service
        hostgroup_name          windows-servers
        service_description     eTrust ITM Web Access Service
        check_command           check_nt!SERVICESTATE!-d SHOWALL -l "Print Spooler"
        }

To monitor a Service other then the Print Spooler, substitute Print Spooler with how the Name of the service appears in the Services window Name column

Windows_Services

Share

Postfix Configuration on Centos 5.x

by

Let's install Postfix and Dovecot (Dovecot will be our POP3/IMAP server):

yum install cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi cyrus-sasl-md5 cyrus-sasl-plain postfix dovecot

Next we configure SMTP-AUTH and TLS:

postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
postconf -e 'inet_interfaces = all'
postconf -e 'mynetworks = 127.0.0.0/8'

We must edit /usr/lib/sasl2/smtpd.conf so that Postfix allows PLAIN and LOGIN logins. On a 64Bit Centos 5.0 you must edit the file /usr/lib64/sasl2/smtpd.conf instead. It should look like this:

Read more

Share

How to install Java SDK (1.6) and Apache Ant (1.7) on CentOS

by

I had enough with some package managers or alternative ways of installing Java on a server which is running CentOS (RHEL) 4.4 . I think the most straight forward way is the following. I promise by the end of this post you will have Java and Apache Ant running on you server!

SETUP JAVA

Step 1: Download Java SDK for Linux (I have used the .bin file)

Step 2: upload the .bin file to your server – I have picked the following folder /usr/lib/
So it would be /usr/lib/jdk-6u1-linux-i586.bin (this is JDK1.6 update 1 for my case maybe when you read this post is jdk1.7).

Step 3: Unpack – extract the bin file contents of the bin file

    > chmod 777 jdk-6u1-linux-i586.bin
    > ./jdk-6u1-linux-i586.bin

Step 4: Follow the instructions and type yes when prompted to do so! After unpacking you should have the following folder /usr/lib/jdk1.6.0_01/

Read more

Share

How to setup an OpenLDAP server on Debian or Ubuntu

by

Most enterprises use LDAP as interface to their company structure database. In the Microsoft world is Active Directory the implementation for LDAP. Under Linux is OpenLDAP the common choice for admins. Such LDAP directories are tree based. OpenLDAP is the reference implementation for LDAP v3.

The JNDI API inside the Java SDK is usable as implementation to access such LDAP directories. With Spring LDAP is more sophisticated API available.

My first code sample works in the company against their OpenLDAP server. For security reasons is the access not possible from outside. So my JUNIT Tests was code red after running in my homeoffice. Maven standard is to run all test prior to build a package like a J2EE war or ear file. So i decided to setup a OpenLDAP server inside my ubuntu 8.10 server vmware server vm.

Read more

Share