Category Archives: Tips & Tricks

CentOS server – NFS client/server howto

NFS stands for Network File System and through NFS, a client can read and/or write a remote share on an NFS server (like on local hard disk)

The first step to set up NFS client/server is to install nfs-utils and nfs-utils-lib packages on both systems (server and client)

yum install nfs-utils nfs-utils-lib
chkconfig --levels 235 nfs on 
service nfs start

For example, the server IP is 10.0.0.1 and the client 10.0.0.2.

I’d like to use /test and /var/test directories from the client system. To make them accessible we must “export” them on the server.

From the client system, the NFS share is usually accessed as the user “nobody”. If the directory isn’t owned by nobody, the read/write access from NFS client should be made as root.
In this howto, the /test dir will be used as root while the /var/test will be used as “nobody”. If /var/test directory doesn’t exist, create the dir and change the ownership to the user/group 65534 (nonexistant user/group).

mkdir /var/test
chown 65534:65534 /var/test

The next step (on the server side) is to modify /etc/exports

nano /etc/exports

and add the next lines

/test           10.0.0.2(rw,sync,no_root_squash,no_subtree_check)
/var/test        10.0.0.2(rw,sync,no_subtree_check)

The no_root_squash parameter means access dir as root (all files copied/created from client will be owned by root).

After you modify /etc/exports, run exportfs -a to make the changes effective.

exportfs -a

The next step (on the client side) is to create the directories where you want to mount the NFS shares

mkdir -p /mnt/test
mkdir -p /mnt/var/test

Mount NFS shares with

mount 10.0.0.1:/test /mnt/test
mount 10.0.0.1:/var/test /mnt/var/test

Verify the settings with:

df -h

The result should be something like

[root@client ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
....
10.0.0.1:/test    100G  25G   75G  25% /mnt/test
10.0.0.1:/var/test
                       100G  25G   75G  25% /mnt/var/test

and

mount

The result should be something like

[root@client ~]# mount
....
10.0.0.1:/test on /mnt/test type nfs (rw,addr=10.0.0.1)
10.0.0.1:/var/test on /mnt/var/test type nfs (rw,addr=10.0.0.1)

To mount the NFS shares at boot time, add the next lines in /etc/fstab file

10.0.0.1:/test  /mnt/test   nfs      rw,sync,hard,intr  0     0
10.0.0.1:/var/test  /mnt/var/test   nfs      rw,sync,hard,intr  0     0

Don’t forget to check the settings after reboot

Mint Linux Cinnamon – Invisible menu text on Netbeans

I noticed one bug with Mint Linux (Cinnamon) and Netbeans menu items that have an ‘active’ state which are completely invisible. Actually the text and the background colors are the same.

Mint 14 Nadia Cinnamon and later versions are affected (LMDE also) with NetBeans 7.3 and later.

uiissueinvisiblemenutext_585

The problem lies in the Mint-X GTK theme. To fix this problem, you need to modify /usr/share/themes/Mint-X/gtk-2.0/Styles/menu.rc file and lines

fg[ACTIVE] = @selected_fg_color

should be replaced with:

fg[ACTIVE] = @menu_fg_color

There are two lines (in style “menu” and style “menubar”)

Source: http://forums.netbeans.org/topic57068.html

Edit: 7. Aug. 2014.

The notes shown above doesn’t work on Mint 17 and it seems that Marco Moreno solved this problem

According to https://bugs.launchpad.net/linuxmint/+bug/1163030, you’ll need to change the /usr/share/themes/Mint-X/gtk-2.0/styles/menus.rc file.

Change line 53 from:

fg[ACTIVE] = @base_color

to:

fg[ACTIVE] = @fg_color

Partition X does not start on physical sector boundary

If you run “fdisk -l” and you get something like:

[root@ftp ~]# fdisk -l
 
....
 
Disk /dev/sdb: 1000.2 GB, 1000204886016 bytes
255 heads, 63 sectors/track, 121601 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disk identifier: 0xec2af3f7
 
   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1      121601   976760001   83  Linux
Partition 1 does not start on physical sector boundary.

you’ll notice the message: “Partition 1 does not start on physical sector boundary

What is the cause and do I need to fix it? If so, how?

Continue reading Partition X does not start on physical sector boundary

Heart Bleed Bug – OpenSSL

A massive vulnerability has been found in OpenSSL, the open-source software package broadly used to encrypt Web communications. The flaw allows attackers to steal the information that is normally protected by SSL/TLS encryption (web applications, e-mail, instant messaging, VPNs, etc).

Essentially, that means a lot of Internet users are affected and passwords and credit card information could be available to hackers.

CentOS released the updated OpenSSL packages which should fix this issue.

# yum update openssl
# service httpd restart

For more information:
http://www.exploit-db.com/exploits/32745/
http://heartbleed.com/

Quick search and replace inside file

sed -i 's/original/new/g' file.txt

Where

  • sed means Stream EDitor
  • -i – in-place (for example save back to the original file)
  • s – the substitute command
  • original – a regular expression describing the word to replace (or just the word itself)
  • new – the text to replace it with
  • g – global (replace all and not just the first occurrence)
  • myfile.txt – the file name

 

How to clone MySQL database

Here is a way to create a duplicate of one database, with all its tables and their data

Dump your source database into sql file

# mysqldump -uroot -p production -r production.sql

If you need only schema (database with empty tables)

# mysqldump -uroot -p production -r production.sql --no-data

Open up a MySQL shell and login as root

# mysql -uroot -p

Create a new database and populate it with the dumped data

CREATE DATABASE production_copy;
USE production_copy;
SOURCE production.sql;

Now if you like, you can create a new user and give it permissions to the new database

CREATE USER new_user IDENTIFIED BY 'some_password';
GRANT ALL ON production_copy.* TO 'new_user'@'localhost' IDENTIFIED BY 'some_password';
FLUSH PRIVILEGES;

Note: this procedure works on Windows and Linux

EoIP tunnel on Linux

Ethernet over IP (EoIP) Tunneling is a MikroTik RouterOS protocol (stateless and light ethernet point to point tunnel protocol with 28 bytes static overhead) that creates an Ethernet tunnel between two routers on top of an IP connection. The EoIP tunnel may run over IPIP tunnel, PPTP tunnel or any other connection capable of transporting IP.

To connect Linux with Mikrotik over EoIP tunnel, you’ll need THIS.

The install procedure:

# wget http://www.serveradminblog.com/wp-content/uploads/2016/03/linux-eoip-0.5.tar.gz
# tar -xvzf linux-eoip-0.5.tar.gz
# cd linux-eoip-0.5
# ./configure
# make
# make install

Copy eoip.cfg to /etc dir, change settings inside according to your needs and save the file. If you use dynamic=1 option, take attention that there is no authorization,
and it is not secure. It is not good idea to use this feature with public ip or insecure(not completely under your control, each host) network.

For not lets suppose you need only one tunnel to remote IP address 1.1.1.1

[zeoip0]
id=1
dst=1.1.1.1

On Mikrotik create EoIP tunnel with the same ID (1) and set your server’s IP address as remote IP.  Run eoio with

# /usr/local/bin/eoip /etc/eoip.cfg

Add IP address to your eoip interface

# /sbin/ifconfig zeoip0 10.254.254.2 netmask 255.255.255.252 up

And optionally add routes (if you have any)

# route add -net 10.2.0.0/16 gw 10.254.254.1

Add the last few lines inside rc.local to enable tunnel after reboot. The eoip interface can be threaten just like any other interface.

# ifconfig
zeoip0    Link encap:Ethernet  HWaddr 5B:25:C9:44:6A:79  
          inet addr:10.254.254.2  Bcast:10.254.254.3  Mask:255.255.255.252
          inet6 addr: fe80::5425:d9ff:fe80:6b79/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:167397 errors:0 dropped:0 overruns:0 frame:0
          TX packets:138861 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:14934574 (14.2 MiB)  TX bytes:12520192 (11.9 MiB)
# ps ax|grep dhcp
5180 ?        Ss     0:02 /usr/sbin/dhcpd eth1 zeoip0
27356 pts/1    S+     0:00 grep dhcp

As you can see, you can run dhcp server on eoip interface. Just open /etc/sysconfig/dhcpd and add DHCPDARGS=”eth1 zeoip0″ inside. Save the file and restart dhcp server.

Teamviewer on Linux

I suppose you have a couple of clients who believes in Teamviewer only. Teamviewer on Linux works fine but after you install it, you’ll be supprised that the proces is always running in the background (it is build to respawn) which is ok if you’re the client who needs help. The first thing which average sys admin will do is to shut down teamviewer.

To stop teamviewer you can use:

teamviewer --daemon stop

You’ll see

initctl stop teamviewerd
teamviewerd stop/waiting

To disable teamviewer on system startup you can use:

teamviewer --daemon disable

More info about the deamon you can find with:

boss init.d # teamviewer --help
 
 TeamViewer                      8.0.20931 
 
 teamviewer                      start TeamViewer user interface (if not running) 
 
 teamviewer --help               print this help screen 
 teamviewer --version            print version information 
 teamviewer --info               print version, status, id 
 teamviewer --passwd [PASSWD]    set a password (useful when installing remote (ssh) 
 teamviewer --ziplog             create a zip containing all teamviewer logs (useful when contacting support) 
 
 teamviewer --daemon status      show current status of the TeamViewer daemon 
 teamviewer --daemon start       start		TeamViewer daemon 
 teamviewer --daemon stop        stop		TeamViewer daemon 
 teamviewer --daemon restart     stop/start	TeamViewer daemon 
 teamviewer --daemon disable     disable	TeamViewer daemon - don't start daemon on system startup 
 teamviewer --daemon enable      enable		TeamViewer daemon - start daemon on system startup (default)

CentOS 5 Call to undefined function sqlite_escape_string()

If you’re using PHP 5.2.x on RHEL/CentoOS and you received error

PHP Fatal error:  Call to undefined function sqlite_escape_string()

don’t worry. The reason for this is the missing sqlite extension which is not included in RHEL/Fedora/CentOS php packages by default.

To fix this issue, you can include it manually

wget http://museum.php.net/php5/php-5.2.XX.tar.gz
tar xzvf php-5.2.XX.tar.gz
cd php-5.2.XX/ext/sqlite/
phpize
./configure
make
make install
echo extension=sqlite.so >> /etc/php.d/sqlite.ini
service httpd restart

Replace XX with your PHP version (check the php version with “php -v”)