November 2012 – SudoAll.com

List VMs in ESX 5.1

Posted on November 30, 2012November 30, 2012 by admin

To get a description of all the vms on an ESX 5.1 box use the following:

~ # vim-cmd vmsvc/getallvms | grep vmx | awk '{ print $2 }'

Moving a machine from one VM or physical box to another

Posted on November 29, 2012November 29, 2012 by admin

This is the simple case where all we have is one disk that needs cloning.

Assumptions for the following example

Tools including backtrack distro available and permissible by company policy ( some c**ts get all agitated when sysadmins use a ‘knife’ to cut the ‘bread’ so be warned)
Networking in place for the transfer preferable pre-organized IPs, gatway , DNS for resolving the updates like ssh etc.. , also verify the level of traffic your network guys are willing to tolerate for a long time this should be your –rate-limit value (remember this value is in Mega bytes so 9-10x the Megabit bandwidth.
Cloning one disk is enough for the volumes to move. Compex LVM / software raids and concats or stripes need further steps.
For the sake of example i assume this is a P2V but it’s just as good an approach in a V2V.

Points to perform :

Download / Burn Backtrack or Knoppix
Create a VM with large enough a disk and closely supported disk subsystem and NICs eg. SCSI and e1000
Boot the two machines e.g. physical (source) and VM (target) with BT
Enable ssh on both machines for a third person point of view even for monitoring the transfer
Connect to the receiving VM booting into the live CD.
Setup a screen session to avoid your disconnection from the session affecting the transit. Using screen -S transfer.
run nc -l -p 19000 | bzip2 -d | dd bs=16M of =/dev/sda replacing the 19000 with the port you want to use and /dev/sda with the disk you want to clone.
Connect to the transmitting side.
Setup a screen session to avoid your disconnection from the session affecting the transit. Using screen -S transfer.
run dd bs=16M if=/dev/sda | pv –rate-limit 1M | bzip2 -c | nc 192.168.1.24 19000
replacing the ip with the ip of the listener connected in point 5, and you can skip the rate limit thingy (–rate-limit 1M) if you want full throttle..
Once finished you can boot the target VM and reconfigure it as you please.

An extra help might be connecting to the target box in a target session and run iftop to see the transfers.

Njoy.

MySQL: Grant all privileges on database

Posted on November 27, 2012November 27, 2012 by admin

At mysql prompt as root user:

GRANT ALL privileges ON *.* TO ‘user’@’machine.lan’ IDENTIFIED BY ‘password’ WITH GRANT OPTION;

FLUSH PRIVILEGES;

That’s all

How to install MySQL on CentOS

Posted on November 27, 2012 by admin

Here are the steps of what you need to do in order to install and setup MySQL on a new server.

We’ll prepare a fresh CentOS 6 system (64 bit) for use as a database server. All you need is access to an SSH client and your server root credentials.

Preparing the System

The first thing I’d like to do is make sure I have all available updates. So once I log in I run

yum update

This can take some time so grab a coffee while you wait. Once yum has finished, let’s check if MySQL is already installed on your system:

mysql

If you get “command not found” then you know you need to install MySQL.

Installing MySQL and MySQL Server

MySQL consists of two parts: the client and the server. In order for our system to run the daemon which will process external requests we need both on our system. Here’s how we get those:

yum install mysql mysql-server

This will take a minute or two. No need to restart your server, all you need to to is start MySQL with

service mysql start

and it will be available for use. You’ll see the following message:

To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system

PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:

/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h yourdomain.com password 'new-password'

Alternatively you can run:
/usr/bin/mysql_secure_installation

which will also give you the option of removing the test
databases and anonymous user created by default.  This is
strongly recommended for production servers.

See the manual for more instructions.

You can start the MySQL daemon with:
cd /usr ; /usr/bin/mysqld_safe &

You can test the MySQL daemon with mysql-test-run.pl
cd /usr/mysql-test ; perl mysql-test-run.pl

Please report any problems with the /usr/bin/mysqlbug script!

Securing the installation

Looks like we need to do two things: set a root password and secure the installation. You can do these steps manually, but MySQL is rather nice in that it provides a script which you can use to secure your installation. Note that this path may be different on your system:

/usr/bin/mysql_secure_installation

The script will ask you the following questions:

current root password (in our case it’s not set so hit enter)
remove anonymous users (say yes)
disallow remote login (in our case we want remote login active so we say no here, but if you’re using MySQL on a system which will not need this then say yes here)
remove test database and access to it (say yes)
reload all privieleges (say yes)

Now you can access MySQL with the following command:

mysql -p

Starting MySQL at boot time

You will likely need to make sure MySQL is running when you reboot the server, it’s cumbersome to start it manually every time you do that. This will take care of it:

chkconfig --levels 235 mysqld on

We’re done – MySQL is now running on your server and yours to populate.

Have fun ;-)

Sharing a screen SSH session

Posted on November 21, 2012 by admin

Sharing your Session

Assuming you start a screen session using

screen -S david

Ask your partner to connect using (assuming they are logged in using the same user account):

screen -x david

Now it’s simply magical. Multiple persons can type and work on the same terminal – it works best when you’re coordinating over the phone. Note that the dimensions of your terminal output will be the same for every user – to change it, press Ctrl–A and then capital F. This will make the screen output fit your current terminal size, and change it to that size for every connected user.

Detaching from a Screen Session

Important: To detach from the screen session so that you can resume later, simply close the window. If you typeexit, you’ll end up terminating the screen session and the processes running within.

Moving SSL Certs from IIS to Apache

Posted on November 14, 2012November 14, 2012 by admin

Some instructions for converting SSL certificates generated for IIS to private key, and cert files you can use on unix, or Apache for windows.

First Export your IIS certificate into a pfx file (this is something you should do anyways for backup)

Run mmc.exe
Click the ‘Console’ menu and then click ‘Add/Remove Snap-in’.
Click the ‘Add’ button and then choose the ‘certificates’ snap-in and click on ‘Add’.
Select ‘Computer Account’ then click ‘Next’.
Select ‘Local Computer’ and then click ‘OK’.
Click ‘Close’ and then click ‘OK’.
Expand the menu for ‘Certificates’ and click on the ‘Personal’ folder.
Right click on the certificate that you want to export and select ‘All tasks’ -> ‘Export’.
A wizard will appear. Make sure you check the box to include the private key and continue through with this wizard until you have a .PFX file.

Next run openssl to extract the private key, and the cert file.

# Export the private key file from the pfx file
openssl pkcs12 -in filename.pfx -nocerts -out key.pem
# Export the certificate file from the pfx file
openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem
# This removes the passphrase from the private key so Apache won't
# prompt you for your passphase when it starts
openssl rsa -in key.pem -out server.key

Failed to run gitk: Error in startup script

Posted on November 5, 2012 by admin

Gitk is a great tool for working with Git. Unfortunately after setting up git and X11 forwarding I got this error when running gitk.

Error in startup script: (default value for "-font" in widget ".___tk_set_palette.button") invoked from within "$q .___tk_set_palette.$q" (procedure "tk_setPalette" line 82) invoked from within "tk_setPalette background $c selectColor $selc" (procedure "setui" line 8) invoked from within "setui $uicolor" (file "/usr/bin/gitk" line 11437) — Error

The error can easily be fixed by installing dejavu-sans-fonts.

yum install -y dejavu-sans-fonts

The result :

Fully working Gitk — Fully working gitk !!

Voila !

Php pecl config error on centos

Posted on November 5, 2012November 5, 2012 by admin

When installing php PECL On CentOS/RHEL (+cPanel) installations, if you get a “checking whether the C compiler works… configure: error: cannot run C compiled programs”, you may need to remount the /tmp and /var/tmp with exec permissions first:

$ mount -o remount,exec,suid /tmp
$ mount -o remount,exec,suid /var/tmp

Then:

$ pecl install {package}

And, don’t forget to remount them as noexec after.

locate: can not stat () `/var/lib/mlocate/mlocate.db’

Posted on November 4, 2012November 4, 2012 by admin

Run updatedb first. You can run it manually from the command line.

updatedb

It should have scheduled itself as a cron job when you installed slocate. If you just installed slocate, it will not have run yet. Otherwise, make sure you have a cron daemon running and that there is an updatedb task scheduled. Also, make sure your computer is on when it it is scheduled

If this is a VM and does not run continuously especially never spent days on this will happen. Just in case check the cron job found here:

The cron job is found here:

/etc/cron.daily/mlocate.cron

Thats’ pretty much it.

Centos No-IP setup

Posted on November 1, 2012October 24, 2013 by admin

Howto Install no-ip utility in CentOS to fix dynamic ip issues using a subdomain from no-ip.org.

First go to no-ip webpage http://www.no-ip.com

cd;wget "https://www.no-ip.com/client/linux/noip-duc-linux.tar.gz"
tar -xvf noip-duc-linux.tar.gz
cd noip-2.1.9-1
make
make install

Create a configuration file:

noip2 -C

The script will ask you which ethernet port to use, then write your email account you use to register with no-ip, then the password, finaly choose the host you will be using.

Now lets create init file to wake up the deamon every time we start our box.

cd /etc/init.d
nano noip2d

Add the following in noip2d :

# chkconfig: 345 20 80
# description: Starts noip2 deamon to check for dynamic ip \
# and updates new ip to no-ip.org dns cache.
#######################################################
#! /bin/sh
# . /etc/rc.d/init.d/functions # uncomment/modify for your killproc
case "$1" in
start)
echo "Starting noip2."
/usr/local/bin/noip2
;;
stop)
echo -n "Shutting down noip2."
echo "."
for i in `noip2 -S 2>&1 | grep Process | awk '{print $2}' | tr -d ','`
do
noip2 -K $i
done

##killproc -TERM /usr/local/bin/noip2
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
#######################################################

Save and Exit, now lets work on the permits:

 chmod +x /etc/init.d/noip2d
 chmod 700 /usr/local/bin/noip2
 chown root:root /usr/local/bin/noip2
 chkconfig --levels 3 noip2d on
 noip2d start

Verify the deamon is running:

 ps aux | grep noip2

If everything goes as plan, you have no-ip service in your box and will be updating every time your ip changes.

Finaly try to see your machine in your browser. http://myhostname.no-ip.org

Thanks for reading.

Older posts →