Sunday, January 31, 2010

Squid Proxy server

The Squid is a good proxy server. Its configuration is very simple. Please use the following procedures.

1) Most of the standard distributions have squid packages in its repository. If you are using fedora, RHEL or centos please do the following procedurea

# yum install squid -y

If your in debian or Ubundu please use the following,

# apt-get install squid

2) Now open the squid configuration file “squid.conf” . In general it will be in /etc/squid/squid.conf . Now modify/ add the following lines.

visible_hostname machine-name
http_port 3128
cache_dir ufs /var/spool/squid 1000 16 256
access_log /var/log/squid/access.log squid

3) Now add the following in the acl section.

acl our_networks src xxx.xxx.xxx.xxx/xx
http_access allow our_networks

Here the xxx.xxx.xxx.xxx/xx is your local IP /netmask

4) Now start the squid server

# /etc/rc.d/init.d/squid start

5) Now configure your web browser as follows. ( It is my firefox configuration )

Go to Preferences -> connection settings -> manual Proxy configurations
Now configure your proxy server IP and port ( 3128)
Now click Ok.

This is the most simplest proxy server configurations over network.

Saturday, January 30, 2010

What is the difference between "su -" and "su" ?

The main difference between su - and su is that the former makes the shell a login shell. This is very important especially if the user is going to su from a regular user account to a root (superuser) account. Normal users do not usually have /sbin/ and /usr/sbin/ in their search path. Therefore if a normal user wants to execute the command ifconfig, for example, after doing su, he usually gets the error message:

bash: ifconfig: command not found

With su -, on the other hand, root's .bashrc and .bash_profile and other special environment settings get sourced and this puts the sbin directories into the search path. Below is a sample session:

[testuser@localhost ~]$ su
Password:
[root@localhost testuser]# echo $PATH
/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/home/testuser/bin
[root@localhost testuser]# ifconfig
bash: ifconfig: command not found
[root@localhost testuser]# exit
exit
[testuser@localhost ~]$ su -
Password:
[root@localhost ~]# echo $PATH
/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin
[root@localhost ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:A0:CC:39:75:41
inet addr:192.168.44.146 Bcast:172.16.45.255 Mask:255.255.254.0
inet6 addr: fe80::2a0:ccff:fe39:7541/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:21619559 errors:1 dropped:0 overruns:0 frame:87
TX packets:21190195 errors:4 dropped:0 overruns:4 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1509569968 (1.4 GiB) TX bytes:2280347397 (2.1 GiB)
Interrupt:177 Base address:0x6800

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:6159 errors:0 dropped:0 overruns:0 frame:0
TX packets:6159 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3784618 (3.6 MiB) TX bytes:3784618 (3.6 MiB)

Change hostname in Linux without rebooting server

Change hostname in Linux without rebooting server

First you need to find out your hostname, you can do this with

$ hostname
localhost.localdomain
$

Edit /etc/hosts

You need to edit /etc/hosts and add a line for your host name

$ cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
$

My new server IP is 192.168.1.1, i need to assign it hostname fedora.redhat.com, to do this, i have edited /etc/hosts as follows.

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.1.1 fedora.redhat.com fedora

Edit /etc/sysconfig/network

First lets see what is in the file

$ cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=localhost.localdomain
$

To change servers hostname to fedora.redhat.com, change the file as follows.

$ cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=fedora.redhat.com
$

$/bin/hostname fedora.redhat.com

$service syslog restart

after you can logout and login back

Saturday, January 23, 2010

RedHat/CentOS Cluster HP ilo


Posted by Picasa


1. root#mkqdisk -c /dev/sda1 -l qdisk_rac
2. root#chkconfig --level 345 qdiskd on
3. root#service qdiskd start
4. root#system-config-cluster
5. Cluster Name : apache-cluster and selected quorum disk with following options
Interval = 1
TKO = 10
votes =1
Minimum score = 3
Device = /dev/sda1
Label = qdisk_rac
6. Quorum Disk Heuristic
Program = ping -c 2 10.10.10.1
Score =1
Interval = 2
7. Add new node to cluster
Node Name = node1.example.com
Quorum votes = 1
Node Name = node2.example.com
Quorum votes = 1
8. New Fence Device
HP ILO Device
Name = ILOGB89xxxxxx
user = manage
password = manage
Hostname = 10.10.10.100
HP ILO Device
Name = ILOGB88xxxxxx
user = manage
password = manage
Hostname = 10.10.10.101

9. selected Node1 and "Manage fencing for this node"
Add New Fencing level -> Add Fencing to this Level. selected ILOGB89xxxxxx

10. selected Node2 and "Manage fencing for this node"
Add New Fencing level -> Add Fencing to this Level. selected ILOGB88xxxxxx
11. Created failover domains "failover-cluster" and selected
"node1.example.com and node2.example.com" from menu, and selected
"
"Restrict to this Failover Domain"

12. Create Resource
New Resource = Apache Server
Name = Apache HTTP Server service
Server Root = /etc/httpd
Config File = /etc/httpd/conf/httpd.conf
httpd options = /etc/rc.d/init.d/httpd

13. Create a new Resource "File system"
Name = httpd-content
File System type = ext3
Mount point = /var/www/html
device = /dev/sdb1

14. Create a new Resource "IP "
10.10.10.200

15. Create a New Service "Web-Service"
Failover Domain = failover-cluster
And selected "Add shared resource to this service"
A. Apache HTTP Server Service
B. Httpd-Content
C. IP Address (10.10.10.200)

16
#[node1@node1]scp /etc/cluster/cluster.conf node2:/etc/cluster/cluster.conf

17

#md5sum /etc/clsuter/cluster.conf

541b1dc67392b18aad7e1df3612a6afe cluster.conf (both node )

on both node

18
#service cman start
#service rgmanager start

19

#chkconfig cman on
#chkconfig rgmanager on


Posted by Picasa


20

# fence_ilo -a 10.163.16.31 -l Administrator -p password -o status -v

# fence_ilo -a 10.163.16.31 -l Administrator -p password -o reboot -v

Tuesday, January 5, 2010

FTP server

[1] Build FTP server to transfer files. Install and configure vsftpd for it.
[rajat@rajat ~]#
yum -y install vsftpd

Loading mirror speeds from cached hostfile
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for vsftpd to pack into transaction set.
vsftpd-2.0.5-10.el5.i386. 100% |========================| 16 kB 00:00
---> Package vsftpd.i386 0:2.0.5-10.el5 set to be updated
--> Running transaction check

Dependencies Resolved

===========================================================
Package
Arch
Version
Repository
Size

===========================================================
Installing:
vsftpd
i386
2.0.5-10.el5
base
137 k


Transaction Summary
===========================================================
Install
1 Package(s)

Update
0 Package(s)

Remove
0 Package(s)


Total download size: 137 k
Downloading Packages:
(1/1): vsftpd-2.0.5-10.el
100% |====================| 137 k 00:00

Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: vsftpd
#################################### [1/1]


Installed: vsftpd.i386 0:2.0.5-10.el5
Complete!
[rajat@rajat ~]#
vi /etc/vsftpd/vsftpd.conf


anonymous_enable=
NO
// line 12: no anonymous


ascii_upload_enable=YES
// line 79: make valid

ascii_download_enable=YES
(permit ascii mode transfer)


chroot_list_enable=YES
// line 94: make valid


(enable chroot list)

chroot_list_file=/etc/vsftpd/chroot_list
// line 96: make valid


(chroot list file)

ls_recurse_enable=YES
// line 102: make valid


chroot_local_user=YES
// bottom: enable chroot

local_root=public_html
// root directory

use_localtime=YES
// use local time


[root@www ~]#
vi /etc/vsftpd/chroot_list


fedora
// write users you permit


[root@www ~]#
/etc/rc.d/init.d/vsftpd start

Starting vsftpd for vsftpd:
[ OK ]