Monday, 18 November 2013

How to install and configure Xvfb in Linux/Centos


Step to install and configure xvfb :

First check the xvfb install or not
# yum info xorg-x11-server-Xvfb

If installed then look like this :
[root@server ~]# yum info xorg-x11-server-Xvfb
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
 * base: mirror.leapswitch.com
 * epel: mirrors.vinahost.vn
 * extras: mirror.leapswitch.com
 * rpmforge: mirror-fpt-telecom.fpt.net
 * updates: mirror.leapswitch.com
 * webtatic: us-east.repo.webtatic.com
Installed Packages
Name        : xorg-x11-server-Xvfb
Arch        : x86_64
Version     : 1.13.0
Release     : 11.1.el6.centos.2
Size        : 1.8 M
Repo        : installed
From repo   : updates
Summary     : A X Windows System virtual framebuffer X server.
URL         : http://www.x.org
License     : MIT and GPLv2
Description : Xvfb (X Virtual Frame Buffer) is an X server that is able to run
            : on machines with no display hardware and no physical input
            : devices. Xvfb simulates a dumb framebuffer using virtual memory.
            : Xvfb does not open any devices, but behaves otherwise as an X
            : display.  Xvfb is normally used for testing servers.
[root@server ~]#
If it's not installed, please install it :
# yum info xorg-x11-server-Xvfb
# yum install firefox

check firewall version :
#firefox -v

Run firefox browser in backend service  :

/usr/bin/Xvfb :1 -screen 0 1024x768x24 &
export DISPLAY=:1     ( note you can change display number)
echo 'display is set'
firefox &

Tuesday, 1 October 2013

master status empty set 0.00 sec

Error :
mysql> SHOW MASTER STATUS;
Empty set (0.00 sec)

Soluton :
#touch /var/lib/mysql/mysql-bin.log
#vi /etc/my.cnf
log-bin = /var/lib/mysql/mysql-bin.log

save and exit.
#service mysqld restart
#mysql –u root –p    (login in mysql and run command)
mysql> SHOW MASTER STATUS;
+----------------+----------+--------------+------------------+
| File           | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+----------------+----------+--------------+------------------+
| mysql-bin.000001 |      107 | xyzdb        |                  |
+----------------+----------+--------------+------------------+
1 row in set (0.00 sec)

 mysql>

Sunday, 29 September 2013

Step by Step Install and configure transparent squid proxy on linux/Centos


How to install and configure squid transparent proxy on Linux/Centos 5.x

Interface configuration:

WAN IP :  eth0 – x.x.x.x   ,  LAN IP : eth1 -192.168.1.1

Hardware Requirements:

Machine configuration depends on users load. This proxy using for 0 - 250 users.

Processor : Xeon

Ram : 8 GB

OS : Centos 5.8 ( you can use it Centos 5.x series )

Packages Requirements: DNS , squid , httpd  (it’s require for sarg log report)

How to install package:

#yum install bind*  caching-nameserver*

#yum install squid*

#yum install httpd*

Before configuration DNS, please disable to selinux

# vi /etc/sysconfig/selinux

SELINUX=enforcing

Change to

SELINUX=disabled

Save and exit

#init 6 (restart system)

Configure DNS server : 

#vi /etc/hosts

127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
172.17.0.250 xbc.net  server

#vi /etc/sysconfig/network

NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=xbc.net

#hostname server.xbc.net

#vi /etc/resolv.conf

search xbc.net
nameserver 192.168.1.1

Make the entry in named.conf file

#vi  /etc/named.conf

options {

directory “/var/named”;

dump-file “/var/named/data/cache_dump.db”;

statistics-file “/var/named/data/named_stats.txt”;

memstatistics-file “/var/named/data/named_mem_stats.txt”;

query-source port 53;

};

zone “” IN {

type master;

file “xbc.net.forward”;

allow-update { none; };

};

zone “1.168.192.in-addr.arpa” IN {

type master;

file “xbc.net.reverse”;

allow-update { none; };

};

Create forward and reverse zone for DNS

#cd /var/named

# cp localhost.zone xbc.net.reverse

# cp named.local  xbc.net.reverse

#vi  xbc.net.reverse

$TTL       86400

@                            IN SOA  xbc.net.  root.xbc.net. (

                                                       42            ; serial (d. adams)

                                                      3H             ; refresh

                                                      15M           ; retry

                                                      1W            ; expiry

                                                     1D )           ; minimum

                        IN NS                             xbc.net

                                IN A                       127.0.0.1             

xbc                         IN A                       192.168.1.1

#vi  xbc.net.reverse

$TTL       86400

@       IN      SOA     xbc.net.  root.xbc.net.  (

                                      1997022700 ; Serial

                                      28800      ; Refresh

                                      14400      ; Retry

                                      3600000    ; Expire

                                      86400 )    ; Minimum

        IN      NS      xbc.net.

1       IN     PTR     xbc.net.

Restart the named service :

#service named restart

#chkconfig named on

#bind-chroot-admin -d

#bind-chroot-admin -e

#dig xbc.net

#dig  -x 192.168.1.1

Install and configure squid transparent proxy:

#yum install squid*

#vi /etc/squid/squid.conf

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?

no_cache deny QUERY

cache_dir ufs /var/spool/squid 2000 16 256

dns_nameservers 202.138.96.2 202.138.97.193 202.56.215.6 202.56.230.6

#redirect_program /usr/bin/squidguard -c /etc/squid/squidguard.conf

auth_param basic children 5

auth_param basic realm Squid proxy-caching web server

auth_param basic credentialsttl 2 hours

auth_param basic casesensitive off

refresh_pattern ^ftp:           1440    20%     10080

refresh_pattern ^gopher:        1440    0%      1440

refresh_pattern . 

acl all src 0.0.0.0/0.0.0.0

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl to_localhost dst 127.0.0.0/8

acl SSL_ports port 443 563

acl Safe_ports port 5901

acl Safe_ports port 8080         #webcache

acl Safe_ports port 2323         #tomcat

acl Safe_ports port 1023         #tomcat

acl Safe_ports port 8180         #tomcat

acl Safe_ports port 80          # http

acl Safe_ports port 20          # ftp

acl Safe_ports port 21          # ftp

acl Safe_ports port 22          # ssh

acl Safe_ports port 443 563   # https, snews

acl Safe_ports port 1494   #ctx

acl Safe_ports port 2598   #ctx

acl Safe_ports port 563    # https, snews

acl Safe_ports port 70          # gopher

acl Safe_ports port 210         # wais

acl Safe_ports port 1025-65535  # unregistered ports

acl Safe_ports port 280         # http-mgmt

acl Safe_ports port 488         # gss-http

acl Safe_ports port 591         # filemaker

acl Safe_ports port 777         # multiling http

acl Safe_ports port 25          #smtp

acl Safe_ports port 110         #smtp

acl Safe_ports port 8443        #bax

acl CONNECT method CONNECT

http_access allow manager localhost

http_access deny manager

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports

acl utsav_network src 192.168.1.0/24

acl  fullaccess  arp 38:60:77:60:6F:33

http_access allow fullaccess

acl  keybaord url_regex -i proxy gambling hacking ringtones sports spyware virusinfected warez whitelist thepiratebay orkut movie movies softonic torrent tor-browser audlts antispyware artnudes ultrasurf cric cricket crick cricinfo zapak nimbuzz music olimpic olimpics olympic olympics sex sexy pron songs song cybermediadice .orkut.* /orkut .orkut .orkut* baaja

http_access deny keybaord

acl limitedaccess  arp 20:CF:40:EA:E4:DF

http_access allow limitedaccess

acl ravi arp E0:69:97:AB:D6:6E

http_access allow ravi

acl youtube url_regex -i youtube .mp3 .mp4 .aac .flv .m4a .swf

http_access deny youtube

http_access allow utsav_network

http_access allow localhost

icp_access allow all

http_port 3128 transparent

hierarchy_stoplist cgi-bin ?

cache_mem 1024 MB

maximum_object_size_in_memory 100 KB

minimum_object_size 0 KB

maximum_object_size 4096 KB

cache_swap_low 90

cache_swap_high 95

access_log /var/log/squid/access.log squid

coredump_dir /var/spool/squid

#service squid restart

#chkconfig squid on

#squid -z

Next step work with firewall :

flush all rules of iptabes for transparent mode

iptables -F

iptables -t nat -F

iptables -t mangle -F

now delete this chanis bye

iptables -X

iptables -t nat -X

iptables -t mangle -X

now time to save iptables so type

service iptables save

service iptables restart

Now all rules and chains will clear !

check it by /etc/sysconfig/iptables which has all defaults rules set to accept.

now /etc/rc.d/rc.local

and insert line

echo ” 1 “> /proc/sys/net/ipv4/ip_forward

and then save and close.

now assuming that your internet interface is eth0 then type :

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

service iptables save

service iptables restart

#init 6  (reboot machine)

Congratulation you have successfully configured Squid Transparent proxy ,

Note : Don’t have require put proxy ip in client machine.

Friday, 27 September 2013

How to Apache Tomcat Intigration with mod_jk on Linux/Centos

httpd-devel (provides /usr/sbin/apxs )
apr-devel (provides the appropriate include files)
apr (required by apr-devel)
apr-util-devel (required by httpd-devel)
apr-util (required by apr-util)

#yum install httpd-devel apr-devel apr apr-util-devel apr-util
#cd /opt/

Download connector:
 http://www.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.37-src.tar.gz
#tar -zxvf tomcat-connectors-1.2.37-src.tar.gz
#cd tomcat-connectors-1.2.37-src/native/
#which apxs (if not getting any output please install gcc)

#yum install gcc gcc-cpp gcc-c++
#which apxs
/usr/sbin/apxs
#./configure --with-apxs=/usr/sbin/apxs --enable-api-compatibility
#find / -name mod_jk.so  (if you got mod_jk.so , it's fine)
#make
#make install

Thursday, 26 September 2013

make: Nothing to be done for `all'

If you are facing make running error on Linux/Centos please follow below step.

ERROR:
[root@locahost sarg-2.3.1]# make
make: Nothing to be done for `all'.
Solution :
[root@locahost sarg-2.3.1]# make clean
make -C po clean
make[1]: Entering directory `/opt/sarg-2.3.1/po'
rm -f *.insert-header
rm -f remove-potcdate.sed
rm -f stamp-poT
rm -f core core.* sarg.po sarg.1po sarg.2po *.new.po
rm -fr *.o
make[1]: Leaving directory `/opt/sarg-2.3.1/po'
rm -f sarg *.o core
[root@locahost sarg-2.3.1]# make distclean
make -C po clean
make[1]: Entering directory `/opt/sarg-2.3.1/po'
rm -f *.insert-header
rm -f remove-potcdate.sed
rm -f stamp-poT
rm -f core core.* sarg.po sarg.1po sarg.2po *.new.po
rm -fr *.o
make[1]: Leaving directory `/opt/sarg-2.3.1/po'
rm -f sarg *.o core
rm -f Makefile config.status config.cache config.log

After completed this task please run make command:
[root@locahost sarg-2.3.1]# make

Thursday, 25 July 2013

Working with screen in linux


Screen : most useful feature available in Linux for run command from remote end user.
without interrupting you command would be run backend.

Install screen in Linux :

#yum install screen

Work with screen :
Enter in screen
#screen
Come out from screen
Ctrl+AD
List screen id :
#screen -RD
Enter in screen( if multiple screen running)
#screen -RD screen_id
Enter in screen (if single screen running)
#screen -RD  

Thursday, 11 July 2013

Easy way to Install and configure Apache tomcat Intigration with mod_jk.so in Linux/RHEL/Centos


Apache HTTP Server : commonly none as a Apache, it's web server application. From long Apache is most popular web server in the internet. Normally Apache run on a Linux like Operating system, Apache developed and maintain by Apache software Foundation, it's open source application.
Apache handling only static pages.

Tomcat : Tomcat is a container, it's contain java servlet. Tomcat handling java servlet dynamic page requests. Tomcat latest version available here  http://tomcat.apache.org

We are here for discussing and integration of apache and tomcat on Linux platform. Now, I am using centos 6.2 server, Jre1.6, apache 2.2.x , tomcat7.0.29 for done this configuration.

1.First Install jre download from here :
http://www.oracle.com/technetwork/java/javase/downloads/jre6downloads-1902815.html

# ls
lost+found
jre-6u45-linux-x64-rpm.bin 
# chmod +x jre-6u45-linux-x64-rpm.bin
# ./jre-6u45-linux-x64-rpm.bin
# java -version
java version "1.7.0_21"
Java(TM) SE Runtime Environment (build 1.7.0_21-b11)
Java HotSpot(TM) 64-Bit Server VM (build 23.21-b01, mixed mode)
2. Install apache http server and components
#yum install httpd
#yum httpd-devel     ( it's provides /usr/sbin/apxs
#yum apr-devel       (provides the appropriate include files)
#apr                 (it's required by apr-devel)
#apr-util-devel (it's required by httpd-devel)
#apr-util           (it's required by apr-util)
# rpm -qa | grep httpd
httpd-manual-2.2.15-28.el6.centos.noarch
httpd-devel-2.2.15-28.el6.centos.x86_64
httpd-tools-2.2.15-28.el6.centos.x86_64
httpd-2.2.15-28.el6.centos.x86_64
you will see look like this, depends on Linux architecture.
Install compiler packages
#yum install gcc gcc-cpp gcc-c++
2. Download and Install apache tomcat package http://tomcat.apache.org/download-70.cgi
#tar -zxvf apache-tomcat-7.0.29.tar.gz
3. Download tomcat-connectors   http://tomcat.apache.org/connectors-doc/
#tar -xvf tomcat-connectors-1.2.37-src.tar
# cd tomcat-connectors-1.2.32-src/native/
# which usr/sbin/apxs                                                                                                                                 
# ./configure --with-apxs=/usr/sbin/apxs --enable-api-compatibility
# make
# make install 
after completed this activity you will get mod_jk.so file in /usr/lib64/httpd/modules/mod_jk.so
if get it , going well
Installation part has been completed, let's start configuration part
4. Open httpd.conf file and add end of line.
# vi /etc/httpd/conf/httpd.conf
JkWorkersFile "/etc/httpd/conf/worker.properties"
        JkLogFile "/var/log/httpd/mod_jk.log"
        JkRequestLogFormat "%w %V %T"
        JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
        JkLogLevel info
        JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
JkMount / worker1           (allow for all project)
JkMount /* worker1
allow specific project like as examples 
JkMount /examples worker1          
JkMount /examples* worker1

Note : use one given above both( allow for all project or allow specific project)
5. create worker.properties file and make the entry
#vi  /etc/httpd/conf/worker.properties
worker.list=worker1
# Define Node1
worker.worker1.port=8009
orker.worker1.host=127.0.0.1
worker.worker1.type=ajp13
worker.worker1.lbfactor=1
save and exit
6. open the server.xml file make some changes
#vi /opt/apache-tomcat-7.0.29/conf/server.xml
 <!-- You should set jvmRoute to support load-balancing via AJP ie :-->
<Engine name="Catalina" defaultHost="localhost" jvmRoute=" jvmRoute">
to 
 <Engine name="Catalina" defaultHost="localhost" jvmRoute="worker1">
and
<Engine name="Catalina" defaultHost="localhost">
to
    <!--<Engine name="Catalina" defaultHost="localhost"> -->
save and exit.
Sart process : First start Tomcat then start Apache
#/opt/apache-tomcat-7.0.29/bin/startup.sh
#/etc/init.d/httpd start
Open the Browser and check the URL : http://localhost/examples
able to find this page

Apache Tomcat Examples

You have successfully done this job congratulation!
 
 
 

Thursday, 4 July 2013

How to increase ulimit open file and user processes in Linux/Centos/RHEL


Max Number of ulimit open file : It's provide open file resource availability in linux
  
Increase max number of ulimit open file in Linux.

1- Step :  open the sysctl.conf  and add this line  fs.file-max = 65536

vi /etc/sysctl.conf   add end of line
fs.file-max = 65536

save and exit.

2. Step : vi /etc/security/limits.conf  and add below the mentioned

*          soft     nproc          65535
*          hard     nproc          65535
*          soft     nofile         65535
*          hard     nofile         65535
save and exit check max open file ulimit
[root@localhost# ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 127358
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 65535
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Increase max user processes in Linux

Follow the step:

vi /etc/security/limits.conf  and add below the menstioed

*          soft     nproc          65535
*          hard     nproc          65535
*          soft     nofile         65535
*          hard     nofile         65535
and  vi /etc/security/limits.d/90-nproc.conf

*          soft     nproc          65535
*          hard     nproc          65535
*          soft     nofile         65535
*          hard     nofile         65535
save and exit check the user max processes ulimit
[root@localhost# ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 127358
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 65535
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 65535
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited


After make changes need to reboot system.







Reset Grace Period of Windows Server 2012 RDS

Error: the remote session was disconnected because there are no remote desktop license servers available to provide license in aws Solu...