Reliable Penguin

Linux Server Migrations, Systems Administration & Programming

Category: Project Gallery

Pages: 1 2 3 >>

02/20/10

05:11:19 am, by admin

, 694 words

Categories: Project Gallery, MySQL

Setup Alternate MySQL Instance

To setup an alternate instance of MySQL listening on TCP port 3307 on a RHEL5 server follow these steps.

1. Setup a new MySQL config file.

cp /etc/my.cnf /etc/my-3307.cnf

Add a line like this:

port = 3307

to the "[mysqld]" section.

Edit /etc/my-3307.cnf and change:

datadir=/var/lib/mysql

datadir=/var/lib/mysql-3307

Change:

socket=/var/lib/mysql/mysql.sock

to:

socket=/var/lib/mysql-3307/mysql.sock

Change the following lines:

log-slow-queries=/var/lib/mysqllogs/slow-log log-bin=/var/lib/mysqllogs/bin-log log-bin-index=/var/lib/mysqllogs/bin-log.index relay-log=/var/lib/mysqllogs/relay-log relay-log-index=/var/lib/mysqllogs/relay-log.index log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid

to:

log-slow-queries=/var/lib/mysqllogs-3307/slow-log log-bin=/var/lib/mysqllogs-3307/bin-log log-bin-index=/var/lib/mysqllogs-3307/bin-log.index relay-log=/var/lib/mysqllogs-3307/relay-log relay-log-index=/var/lib/mysqllogs-3307/relay-log.index log-error=/var/log/mysqld-3307.log pid-file=/var/run/mysqld/mysqld-3307.pid

Change server-id to a unique value:

server-id=2

2. Setup a new service control script.

cp /etc/init.d/mysqld /etc/init.d/mysqld-3307

Edit /etc/init.d/mysqld-3307 and add this line:

MYCNF=/etc/my-3307.cnf

directly after:

# Source networking configuration. . /etc/sysconfig/network

so that you have:

# Source networking configuration. . /etc/sysconfig/network MYCNF=/etc/my-3307.cnf

Next change this function:

get_mysql_option(){ result=`/usr/bin/my_print_defaults "$1" | sed -n "s/^--$2=//p" | tail -n 1` if [ -z "$result" ]; then # not found, use default result="$3" fi }

to:

get_mysql_option(){ result=`/usr/bin/my_print_defaults -c $MYCNF "$1" | sed -n "s/^--$2=//p" | tail -n 1` if [ -z "$result" ]; then # not found, use default result="$3" fi }

Notice that the change is to add "-c $MYCNF" to the call to "my_print_defaults".

Finally run the following search/replace commands to fixup the program name, add defaults file to mysqld_safe call and set unique pid and subsys files:

replace 'prog="MySQL"' 'prog="MySQL-3307"' -- /etc/init.d/mysqld-3307 replace '/usr/bin/mysqld_safe' '/usr/bin/mysqld_safe --defaults-file=$MYCNF' \ -- /etc/init.d/mysqld-3307 replace 'mysqld.pid' 'mysqld-3307.pid' -- /etc/init.d/mysqld-3307 replace '/var/lock/subsys/mysqld' '/var/lock/subsys/mysqld-3307' -- /etc/init.d/mysqld-3307

3. Setup directories

mkdir /var/lib/mysql-3307 /var/lib/mysqllogs-3307 chown mysql.mysql /var/lib/mysql-3307/ /var/lib/mysqllogs-3307 chmod o-rwx /var/lib/mysqllogs-3307

4. Set service to start on boot

/sbin/chkconfig mysqld-3307 on

5. Start the new instance:

/sbin/service mysqld-3307 start

On the first startup you should see some output like this:

Initializing MySQL database: Installing MySQL system tables... OK Filling help tables... OK To start mysqld at boot time you have to copy support-files/mysql.server to the right place for your system PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER ! To do so, start the server, then issue the following commands: /usr/bin/mysqladmin -u root password 'new-password' /usr/bin/mysqladmin -u root -h 244418-web3.www.idtweet.com password 'new-password' Alternatively you can run: /usr/bin/mysql_secure_installation which will also give you the option of removing the test databases and anonymous user created by default. This is strongly recommended for production servers. See the manual for more instructions. You can start the MySQL daemon with: cd /usr ; /usr/bin/mysqld_safe & You can test the MySQL daemon with mysql-test-run.pl cd mysql-test ; perl mysql-test-run.pl Please report any problems with the /usr/bin/mysqlbug script! The latest information about MySQL is available on the web at http://www.mysql.com Support MySQL by buying support/licenses at http://shop.mysql.com [ OK ] Starting MySQL-3307: [ OK ]

6. Set MySQL root password.

/usr/bin/mysqladmin -P 3307 -h 127.0.0.1 -u root --password="" password password 'new-password'

And that's it. You now have an new instance of MySQL listening on port 3307.

Remember that you must tell the mysql command line utilities where to find the instance. For example:

mysql -P 3307 -h 127.0.0.1

mysql -S /var/lib/mysql-3307/mysql.sock

Also keep in mind that by default any .my.cnf file in your home directory will be used. You may have to override settings in the .my.cnf file and explicitly provide the user and password when connecting.

Permalink Leave a comment »

11/17/09

07:29:12 am, by admin

, 113 words

Categories: Project Gallery

IPTables - Filter ICMP Address Mask Request & Replies

Here's how to filter or block ICMP address mask requests and replies.

On Redhat/CentOS, edit /etc/sysconfig/iptables and add the following lines

-A RH-Firewall-1-INPUT -p ICMP --icmp-type address-mask-request -j DROP
-A RH-Firewall-1-INPUT -p ICMP --icmp-type address-mask-reply -j DROP

and then run:

/sbin/iptables restart

Or run the following commands:

/sbin/iptables -I RH-Firewall-1-INPUT 1 -p ICMP --icmp-type address-mask-request -j DROP
/sbin/iptables -I RH-Firewall-1-INPUT 1 -p ICMP --icmp-type address-mask-reply -j DROP
/sbin/service iptables save

Recently on an Ubantu server we just added these lines to /etc/rc.local:

/sbin/iptables -I INPUT 1 -p ICMP --icmp-type address-mask-request -j DROP
/sbin/iptables -I INPUT 1 -p ICMP --icmp-type address-mask-reply -j DROP

Permalink Leave a comment »

10/19/09

07:24:03 am, by admin

, 36 words

Categories: Project Gallery, PHP

Upgrade CentOS4 to PHP 5.2.9 with SQLite

Here's an update to this article:

Upgrade CentOS4 to PHP 5.2.9

The spec file has been modified to build the php-sqlite module which is needed by Plesk Sitebuilder. Here's the new package:

php-5.2.9_for_centos4.2.tar.gz

Permalink Leave a comment »

09/25/09

12:38:13 pm, by admin

, 64 words

Categories: Project Gallery, Apache

Self-signed cert for Apache

Here are the steps to create a self signed certificate. Replace [domain_name] with the actual domain name of the virtual host.

1. create key

openssl genrsa -out [domain_name].key 4096

2. generate certificate signing request

openssl req -new -key [domain_name].key -out [domain_name].csr

3. generate the certificate

openssl x509 -req -days 365 -in [domain_name].csr -signkey [domain_name].key \ -out [domain_name].crt

Permalink Leave a comment »

05/07/09

05:44:34 am, by admin

, 121 words

Categories: Project Gallery

RewriteCond -d/-f Not Working With HTTP Basic Auth.

Lets say you have this is the document root .htaccess:

RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L]

This is the kind of rewrite that WordPress, Mambo and others use to provide SEO urls.

Now create a folder in the document root and add a .htaccess to the folder with commands to require HTTP Basic authentication.

Requests to the folder will end up being sent to /index.php and the application will generate a 404 error.

The fix is to change the rewrite rules to:

RewriteCond %{REQUEST_FILENAME} !\.shtml$ RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L]

This allows the invisible /401.shtml request needed for authentication to skip the rewrite rule and function corrrectly.

Permalink Leave a comment »

1 2 3 >>

July 2010
Sun	Mon	Tue	Wed	Thu	Fri	Sat
<< <		> >>
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Reliable Penguin

Reliable Penguin offers Linux Server Migrations, Systems Administration & Programming. Visit our main website at:

http://www.reliablepenguin.com

Search

XML Feeds

RSS 2.0: Posts, Comments
Atom: Posts, Comments