Apache

Posted on November 13th, 2013

php and mysql

install php5 php5-mysql to have support for php and mysql

Apache2

this apache2 configuration is very confusing. i guess i need to learn a lot and soon will update this page as i learn and have more time to update…
……09/09/2007 10.10 pm the file that you need to edit are
/etc/apache2/sites-enabled/000-default
/etc/apache2/apache2.conf
Edit the apache2.conf to add the virtual hosts Include /etc/apache2/sites-enabled/
edit the file 000-default which will be the default virtual host
What is favicon.ico

I always wondered about the icons that is displayed in front of the url in the address bar and how to get it. But I never did anything to get that, as I thought that it is an advanced server setup. Recently I found out that there are so many error messages in my apache error_log that favicon.ico is not found. I thought that it is some file in my html code, so i tried to eliminate that line and to my surprise, there was none. Then as usual i googled for favicon.ico. Created one, without knowing what it is going to do and I was astonished when i saw the icon next to the url for my website. Not bad JC.
——03/18/2005 8.25AM
Virtual Hosts and SubDomain

Finally i got it working. I think may be I didn’t try that seriously last time. It has been my dream to develop sub-domains such as
Home Page http://jaya.homelinux.org
Music Page http://music.jaya.homelinux.org
We can do that with the help of Virtual hosts.

DocumentRoot <path_to_my_webdir> Servername jaya.homelinux.org

DocumentRoot <path_to_my_webdir>/music
Servername music.jaya.homelinux.org

The important thing being the declaration of the main domain using virtual host which i missed in my earlier attempts.
———03/09/05 12.31 AM
Install apache, php, mysql, perl

My best advice is don’t install as rpm.
If you need php, mysql, perl everything to work properly install in the following order.
Download the sources from the respective websites
Mysql
openssl
apache Apache
curl curl.haxx.se
php
mod_perl
Don’t worry about the mod_ssl package as that was included with apache up from apache2.
Compile and Install Apache

Download the source tarball from the website and compile with the following options
./configure –enable-so –prefix=/usr/local/apache –enable-ssl=shared
To enable htaccess and htpasswd under the option Directory for the document root
Options Indexes FollowSymLinks
AllowOverride Options FileInfo AuthConfig Limit
Order allow, deny
Allow from all
To enable CGI and Perl script execution, remove the # in front of AddHandler .cgi .pl
———-01-02-2003
Compile and Install Curl

./configure --with-ssl
make
make install

Compile and Install mod_perl

perl Makefile.PL USE_APXS=1 MP_APXS=/usr/local/apache/bin/apxs EVERYTHING=1
make
make install

Edit httpd.conf

< IfDefine SSL>
AddModule mod_ssl.c
< /IfDefine>
AddModule mod_php4.c
AddModule mod_perl.c
User nobody
Group nobody
< IfModule mod_dir.c>
DirectoryIndex index.html index.php
< IfModule>
AddType application/x-httpd-php .php

Limiting access to websites

First edit the httpd.conf as follows which will request apache to check the particular directory for the presence of .htaccess, instead of checking every directory it opens.

< Directory the-directory-you-are-protecting>
Options FollowSymLinks Indexes
AllowOverride AuthConfig
< /Directory >

Restart the apache server.
Create the .htpasswd file by using the following command

/usr/local/apache/bin/htpasswd -c .htpasswd jaya

Copy that file to the DocumentRoot directory
Create the .htaccess file to the folder that you want to protect
Enter the following and save as .htaccess

AuthUserFile /usr/local/myweb/.htpasswd
AuthName "Username and password required"
AuthType Basic
< Limit GET POST >
require user jaya
< /Limit >
Enable CGI-bin

Open the httpd.conf and find this line #ScriptAlias /cgi-bin/ “/usr/local/apache/cgi-bin/”
remove the # and also change the path to where you store your files find this line

#AddHandler cgi-script .cgi

and remove the #
Edit the Directory as follows

< Directory /usr/local/myweb/cgi-bin >
AllowOverride None
Allow None
< /Directory >

If you get an error that it could not spawn the child process make sure that the path to the perl executable is correct.
Enable directory listing

Sometimes we wish to have a directory listing instead of showing the index.html or any files on startup. If you are the administrator for your then you can enable it by
Options Indexes
in httpd.conf. If you don’t have access to the httpd.conf, then you can accomplish the adding the same in .htaccess files
Forbidden Error #403 Blah Blah Blah

If you get this error, first check the User/Group option in the httpd.conf file. If it is set to nobody or blank, then smack yourself on your head or ask somebody else(who will be glad to do for you) and change it to some exisiting group/user in your system, who owns the folders.

Posted in Uncategorized

Android mount

Posted on November 13th, 2013 
$ adb -d shell
$ mount
mount
rootfs / rootfs ro,relatime 0 0
tmpfs /dev tmpfs rw,relatime,mode=111 0 0
devpts /dev/pts devpts rw,relatime,mode=600 0 0
proc /proc proc rw,relatime 0 0
sysfs /sys sysfs rw,relatime 0 0
none /acct cgroup rw,relatime,cpuacct 0 0
tmpfs /mnt/asec tmpfs rw,relatime,mode=755,gid=1000 0 0
tmpfs /mnt/obb tmpfs rw,relatime,mode=755,gid=1000 0 0
tmpfs /mnt/usb tmpfs rw,relatime,mode=755,gid=1000 0 0
tmpfs /app-cache tmpfs rw,relatime,size=7168k 0 0
none /dev/cpuctl cgroup rw,relatime,cpu 0 0
/dev/block/mmcblk0p9 /system ext4 ro,relatime,barrier=1,data=ordered 0 0
/dev/block/mmcblk0p7 /cache ext4 rw,nosuid,nodev,noatime,barrier=1,data=ordered
/dev/block/mmcblk0p1 /efs ext4 rw,nosuid,nodev,noatime,barrier=1,data=ordered 0
nil /sys/kernel/debug debugfs rw,relatime 0 0
/dev/block/mmcblk0p10 /data ext4 rw,nosuid,nodev,noatime,barrier=1,data=ordered,
/dev/block/mmcblk0p4 /mnt/.lfs j4fs rw,relatime 0 0
/dev/block/vold/179:11 /mnt/sdcard vfat rw,dirsync,nosuid,nodev,noexec,noatime,n
epage=cp437,iocharset=iso8859-1,shortname=mixed,utf8,errors=remount-ro,discard 0
I followed this link and tried to mount the filesystem as follows but I got a permission error.

$ mount -o rw,remount -t yaffs2 /dev/block/mmcblk0p9 /system
mount: Operation not permitted 

adb push foo.txt /sdcard/foo.txt
Posted in android

Install Debian from scratch

Posted on November 13th, 2013

Install Debian from Scratch

In case you want to recover debian.
get the recovery cd.
install the linux in a minor partition and then go back and remedy your screw-ups.

But my computer crashed when there was a power surge.
So i had to clean install the system.
installed the basic debian potato which has kernel 2.2.20 (ugh)
now i have to find a way to install my network card(broadcom 4400) which is similar to
to nvidia card(i.e., not supported by kernels before 2.6) and once that is done
i download the linux source code driver for my network card
Install a Base Kernel
best way is to install debian with 2.4 kernel
this is done by typing bf24 (next the boot: prompt after you boot the system with your cd)
Recompile a custom Kernel
and before this make sure you download the current 2.4 kernel source
reconfigure your kernel using the config file of the current kernel which you can find
at the boot folder.
most probably menuconfig won’t work. so make sure that you open the .config file and edit
the modversion is yes and also config packet and filter are yes(this is very important
for the etherconf) and if something fails don’t worry just install pump(which is another
dhcp client) and connect to the internet and upgrade your system.
Make the network work
compile the kernel, install it and then reboot the system using the new kernel.
use the source code for the network card. compile and install the driver for the network card.

if you want to get the apt sources don’t worry. just type apt-setup and this will
bring up the list of available mirrors and all you have to do is choose and
the sources.list will be automatically created for you.

now install etherconf using apt-get
Upgrade your system
now you are almost ready to upgrade your computer through internet.
Now you have to install the 2.6 kernel and upgrade your distro to prepare for the 2.6 kernel.

there are so many things that i learned today
don’t ever mess with apt
especially the files /var/lib/dpkg/{available,status}.
they have the important informations such as the installed packages and their info. so if you
mess with them then you are lost(you may have to reinstall the entire os).

it looks like the dhclient required PACKET AND FILTER configured in the kernel. if something
fails during your apt-get just start the package pump.
Some points for X
startx belongs to xbase-clients

when the x fails to load with the error message that it couldn’t not find the configured
mouse /dev/input/mice and to your surprise that it magically disappeared, then all
you have to do is create those device files as follows
$mknod /dev/input/mice c 13 63

then restart the device. udev will cache all the device and will promptly create them
for you. i have to find out whether you need to reboot the system or not.
Pine Setup
incoming-folders={mail.softhom­e.net/pop3/user=tvar}inbox,
{mail.isp2.com/pop3/user=isp2u­sername}inbox,
{mail.isp3.com/imap/user=isp3u­sername}inbox

when pine complains
Can’t open folder ……inbox:invalid remote…
that means that pine is not compiled with ssl support.
so you have to install openssl before you compile pine. i.e., we need the include files
of the openssl for the pine.

download openssl and compile and install in your system

Posted in System

mysql

Posted on October 29th, 2013

Backup Mysql Database:

you can use mysqldump to backup a database. If i want to backup the database mileage into the sql file mileage.sql.

$mysqldump -u root -p mileage > mileage.sql

You will be prompted to enter the password for the root. This will dump the data and the commands to create the table in the new machine.

You can use rsync to move the database file from one server to another server

$rsync -avz mileage.sql jc@192.168.0.185:/home/jc/

this will move the mileage.sql from the local server to the machine whose ip-address is 192.168.0.185 and put it in the folder /home/jc

Restoring the database

To restore a database from a previous backup you can use the output of the mysqldump.
First we have to create the database inside the mysql as follows

mysql> create database mileage;

Now get out of the mysql. issue the following command

$mysql -u root -p mileage < mileage.sql

You will be prompted to enter the password for root. This will create all the tables, and import all the data

Grant access to remote IP address

If the ip address of your server is 192.168.0.185, open the file /etc/mysql/my.conf

find the line

bind-address=127.0.0.1

and it should look like

bind-address=192.168.0.185

Connect to mysql server:
$ mysql -u root -p mysql

Grant access to a new database

If you want to add a new database called foo for user bar and remote IP 202.54.10.20 then you need to type the following commands at mysql> prompt:mysql> CREATE DATABASE foo;
mysql> GRANT ALL ON foo.* TO bar@'202.54.10.20' IDENTIFIED BY 'PASSWORD';

How Do I Grant Access To An Existing Database?

Let us assume that you are always making connection from remote IP called 202.54.10.20 for database called webdb for user webadmin, To grant access to this IP address type the following command At mysql> prompt for existing database, enter:
mysql> update db set Host='202.54.10.20' where Db='webdb';
mysql> update user set Host='202.54.10.20' where user='webadmin';

 

Posted in mysql

PHP Mail and Gmail

Posted on October 18th, 2013

I used to run my own mail server from my linux machine. Then due to FCC guidelines, comcast blocked the port for the smtp and pop mail, this way i cannot send or receive emails through that linux server.

The other option is enable secure ports for the smtp and the pop and get somebody to redirect that to my server.

So now if i have to send an email from my wordpress based server, i’m going to use the service of google and use that to relay my emails to the users.

What do we need.

First install sSMTP

apt-get install ssmpt

Now open the php.ini, in the /etc/php5/apache2 folder and make sure that the line sendmail_path is uncommented and reads as follows

sendmail_path = /usr/sbin/ssmtp -t

after this you need to restart your webserver.

Now to configure your ssmtp.conf

#
# Config file for sSMTP sendmail
#
# The person who gets all mail for userids < 1000
# Make this empty to disable rewriting.
root=<yourgmail id>

# The place where the mail goes. The actual machine name is required no
# MX records are consulted. Commonly mailhosts are named mail.domain.com
mailhub=smtp.gmail.com:587

# Where will the mail seem to come from?
rewriteDomain=<the website from which the email appears to come from>

# The full hostname
hostname=<the website from which the email appears to come from>

# Are users allowed to set their own From: address?
# YES - Allow the user to specify their own From: address
# NO - Use the system generated From: address
FromLineOverride=YES
AuthUser=<the gmail account you are using to relay through>
AuthPass=<gmail password>
UseSTARTTLS=yes
UseTLS=yes
AuthMethod=LOGIN

Now the other config file revaliases

# sSMTP aliases
#
# Format: local_account:outgoing_address:mailhub
#
# Example: root:your_login@your.domain:mailhub.your.domain[:port]
# where [:port] is an optional port number that defaults to 25.
root::smtp.gmail.com:587
mainuser::smtp.gmail.com:587

Now test your setup from the command line

echo test | sendmail -v -s "testing ssmtp setup" <any_email_id>
Posted in Uncategorized

mysql change password

Posted on October 17th, 2013

There are a couple of ways to change a user password including root for the mysql databases.

one is using mysqladmin(which i’m not that fluent with)

the other is directly go into mysql and change the password.

$mysql -u root - p

Now enter password (your old password for root)

mysql > use mysql;

mysql> update user set password=PASSWORD("new_password") where User='root';

mysql> flush privileges;

mysql> quit;

You can login again to check whether the password change took effect

Posted in mysql

SSH

Posted on September 25th, 2013

tunnel ports settings in Windows 7

if you try to setup tunneling in the ssh clients mostly the client will crash. the easy way is to find the config file for ssh client in the folder

C:\Users\kamarj\AppData\Roaming\SSH

each profile will be stored as default.ssh2 or jc.ssh2 (the two profiles that i have now).
Open the file in a text editor and type the following for tunneling vnc through ssh2

[Outgoing Tunnels]
Tunnel=S:vnc,5901,localhost,5901,1,tcp
Tunnel=S:vnc2,5902,localhost,5902,1,tcp

save the file and restart the client. you will see the tunneling options appear in the corresponding tab.

tunnel ports

ssh -N -l someuser -L 143:localhost:143 -L 25:localhost:25 jaya.homelinux.org

Forward X11

if you want to forward X through ssh we call as follows
ssh -X jc@servername
if you find that you cannot open any X clients and we get the following error message
xterm Xt error: Can’t open display:
xterm: DISPLAY is not set
then you can find out what is happening by using the following
ssh -X -v jc@servername
which will give verbose information such as
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: Remote: No xauth program; cannot forward with spoofing.
then xauth was not installed.
this xauth is part of the package xbase-clients.

SSH login Banner

I always that it is cool to get the banner that gives some security warning before you login to the server. My school systems had it and never bothered to install it in mine.
Open /etc/ssh/sshd_config
uncomment or add this line

Banner /etc/issue.net

Edit the file issue.net with the contents that you want to display. now you got a dialog box with the message. The other type of message is motd or “Message of the day”. just edit the file /etc/motd and that will be printed everytime you login.
———–18-August-2006.

SSH Server Configuration

I had some problem with the debian SSH server for some time. It is not that i can’t use it at all. The problem is with the authentication. It is something like challenge/response authentication which i never liked. I wanted to change it to normal Password authentication and no luck. Finally I got it from someplace here. All i had to was to configure the server to accept Password Authentication instead of the default Public Key Authentication.
Open the /etc/ssh/sshd_config file
Locate the line below in config file

   PasswordAuthentication yes
   ChallengeResponseAuthentication no
   PubKeyAuthentication no

and disable the above option by place a # in front of it.
——————06/28/04

X11 over SSH for Root

May be I’m not lucky anymore. usually whenever i have trouble, i google it and within two or three tries, i get the answer, because i had the correct keywords. This is the problem I had
I ssh to my debian machine from my work laptop(windows 2000, cygwin X Server), forward X11 and run X application. Suddenly one fine day I cannot run application esp “make xconfig” as a super user.
I got different error messages

X11 server shutdown 
X11 server reset

my google result didn’t get me any answer, because my keywords were not good enough. But i got the perfect keyword, which was

X11 connection rejected because of wrong authentication

with this keyword i got the most appropriate result for my quest. from google group or usenet.
The answer is simple
The default location of the Xauthority file is changed. And when you ssh, normally export XAUTHORITY=/tmp/whatever was done, now it doesn’t work that way anymore. So now once you su(again you don’t want to ssh to your machine as root, that will open a huge can of worms), all you have to do is let the system know about the .Xauthority file as follow

export XAUTHORITY=/home/jc/.Xauthority

or copy this into the roots home directory.
Now when i play with xserver sometimes some of the packages get lost, and then when i try to forward X through ssh, i get the following warning

(application:number):Gtk-WARNING ** : error cannot open display:

SSH disconnect

This might help. open sshd config
ClientAliveInterval 45 ClientAliveCountMax 50

Posted in SSH

Git

Posted on September 23rd, 2013

How to use Git

  1. Create a remote repository
  2. Create a local repository
  3. Add files to the local repository
  4. push the local files to the remote repository

Create a remote repository

How to setup a git server is in a different page.
I’m going to concentrate on how to create a repository in a remote server which is already setup for the git.
Our goal is to create a remote repository for the projects makefiles. This has files that automate my build processes.

  1. Login to the remote server as the git user
  2. go to the root folder of your git repositories
    • in my case it will be /home/git
  3. create a folder called makefiles.git 
    $mkdir makefiles.git
  4. change to the folder as 
    $cd makefiles.git
  5. initialize the repository inside the makefiles.git folder as 
    $git --bare init

Setup the local repository

If you are adding a folder which contains the files for your project then go that folder.

  1. Initialize git in the folder as 
    $git init
  2. Mark to add all the files to the git as 
    $git add *
  3. Add all the files by committing the add as 
    $git commit -a

Setting the remote server for the local repository

We need to setup the local repository with the information about the remote repository

  1. first clear any settings about the remote server as 
    $ git remote rm origin
  2. now add the remote server name as 
    $ git remote add origin ssh://git@jaya.homelinux.org/home/git/makefiles.git
  3. if you are ready, send all the files to the remote server as 
    $ git push -u origin master

    After this command both the remote and the local repositories are identical. You can either choose to continue working
    or delete the local repository and get a copy from the remote

Working with the project

You would want to have a copy of the entire repository which can be done as follows

$ git clone ssh://git@jaya.homelinux.org/home/git/makefiles.git

Git Branches

the branches that you create are local and then you can send those branches online by pushing the changes to the repository.

$git branch <branch_name>

will create a branch branch_name for you now we can make a branch active by checkingout that branch

$git checkout <branch_name>

make sure that the changes on master appear in your new branch as follows

$git rebase master

now you can push these changes to the remote branch as follows

$git push origin <branch_name>

Merge

This is when you are working with a different branch. say you are working with a branch br_9_22_2012 and you want to merge into master.
First switch to master

$git checkout master

now merge the br_9_22_2012 to the master as follows

$git merge br_9_22_2012

now commit this these changes to the source control

$git commit -a -m "merge message"

Once all the changes are merged to the master, now you can push these to the server as all these changes are local to the disk

$git push -u origin master
Posted in git

How to SSH without password

Posted on September 23rd, 2013

Sometimes you want to have the luxury of connecting to your linux server without using the password. One example is running a git server in your linux machine. If you are running a git server and every time you push your changes you have to enter the password.

If you use the RSA public and private key, then push and pull doesn’t need password anymore. Installing the RSA public and private keys doesn’t mean your security is compromised. It is even better than the using the password to login to your system.

There are two ways to create the key, one is using the putty-keygen provided by the putty software. The public key generated by the putty should be formatted if you are going to install it in your linux system. The other is using the ssh-keygen provided by the git-bash installation in your client machine. If you are going to use the putty to communicate to the server then the keys generated by putty is good. But for my purpose, i’ll be using the git-bash to communicate to my server, so i have to use ssh-keygen that is supplied with the git-bash utility.

Generate Public Key/Private Key

  1. You can generate the key from the client machine that you are using to connect to the server.
  2. Each client will have its own key pair and it has to be added to the server.
  3. Public key is always one line.
  4. Remove any extra formatting (if you are using putty-keygen) and then add ssh-rsa in front of it 
    ssh-rsa qpw8eurllk0925092384204202934029342lkrjwlkrw0234
  5. If you use ssh-keygen then it will be in the correct format. Create the key as follows 
    $ssh-keygen -t rsa
  6. It will generate both public and a private key pair. It is your choice to give a passphrase for the private key. Adding a passphrase makes it even more secure. But for my application to use it with the git server, i gave a blank passphrase (as i was avoiding to type the password everytime i push/pull updates to/from the server).

Enable RSA authentication in the server

  1. Open the /etc/sshd_config and verify the following is there and restart the ssh server 
    RSAAuthentication yes
PubkeyAuthentication yes
ChallengeResponseAuthentication no
PasswordAuthentication no
AuthorizedKeysFile %h/.ssh/authorized_keys

Install the key in the server

  1. Now move this public key to the server using sctp or any method.
  2. If the .ssh folder is not available in the home directory create one.
  3. Make sure that you and you only own the folder. (chmod 0700 to the folder)
  4. if the authorized_keys file is not there, then create one and the public key as follows 
    	touch authorized_keys
	cat id_rsa.pub >> authorized_keys
	chmod 0600 authorized_keys
  5. Now the public key is added to the authorized_keys list.

Setup private key in the client

SSH has a per-user configuration file called ‘~/.ssh/config’  or you can make it global by editing the /etc/ssh/ssh_config. that it can use to select your private keys based on the remote user name and remote host by using wildcards. Edit the config as follows

IdentityFile ~/.ssh/ids/%h/%r/id_rsa
IdentityFile ~/.ssh/ids/%h/%r/id_dsa

instead of

IdentityFile ~/.ssh/id_rsa
IdentityFile ~/.ssh/id_dsa

The percent-h and percent-r take the host and the remote user from your SSH user and hostname arguments. Consider this example command:

$ ssh remote_user@remote_hostname.example.com

From the example command, the SSH client would use the wildcards to seek the correct key to use:

~/.ssh/ids/remote_hostname.example.com/<b "="">remote_user/

This means that if you had two private keys that you used to access two different servers, you would arrange them as follows. The first one is arranged as follows:

$ ls -l ~/.ssh/ids/remote.example.com/remote_user/
total 16
-rw-------  1 kelvin  staff  668 Mar 24 20:09 id_rsa
-rw-r--r--  1 kelvin  staff  610 Mar 24 20:09 id_rsa.pub
$ ssh remote_user@remote.example.com
[remote_user@remote ~]$

 

Connect to the server as follows

$ssh -vvv user_name@server_name

The three -vvv is for three levels of debug information

Posted in SSH