HowTo recover MySQL root password

By default, MySQL Server will be installed with root superuser without any password. You can connect to MySQL server as root without requiring password or by keying in blank password. However, if you have set the password for root and forget or unable to recall the password, then you will need to reset the root password for MySQL.

Step 1 is to stop MySQL service with

# /etc/init.d/mysql stop


# service mysqld stop

Step 2 is to start MySQL w/o root password

# mysqld_safe --skip-grant-tables &

Step 3 is to connect with mysql client

# mysql -u root

Step 4 is to finally change old root password with

mysql> use mysql;
mysql> update user set password=PASSWORD("NEW-ROOT-PASSWORD") where User='root';
mysql> flush privileges;
mysql> quit

Step 5 is to stop mysql server and restart it without –skip-grant-tables parameter

# /etc/init.d/mysql stop

Step 6 is to start mysql server and test it with

# /etc/init.d/mysql start
# mysql -u root -p


After you install your new server, it is very good idea to improve the security of your MySQL installation with

# mysql_secure_installation

With mysql_secure_installation wizard you can set a password for root account, you can remove root accounts that are accessible from outside the local host, you can remove anonymous-user accounts and you can remove the test database, which by default can be accessed by anonymous users. The script will prompt you to determine which actions to perform.

RPMforge howto

The RPMforge project is an open source project that provides RPM packages for various distributions (RH, CentOS, Fedora, …). To enable RPMforge you can install the rpmforge-release package for your distribution.

For RHEL5 / CentOS-5:

# wget
# rpm -Uvh rpmforge-release-0.5.1-1.el5.rf.i386.rpm


# wget
# rpm -Uvh rpmforge-release-0.5.1-1.el5.rf.x86_64.rpm

For older releases (RHEL 4 / CentOS 4) please follow the instructions available on RPMrepo Wiki

Set date and time from command prompt

If the Linux server time and date is wrong and you need to set it to new values from the shell prompt, you should use date command. You must login as root user to use date command. Also from command prompt you can check and set system clock (hwclock command).

Use the following syntax to set new data and time:

# date -s "16 MAR 2010 09:36:00"

Also you can use next syntax:

date set="16 MAR 2010 09:36:00"

After you set date and time, it is good idea to check your system clock with

# hwclock --show

If there is some difference you can sync system date and time with

# hwclock --systohc

How to whitelist hosts or IP addresses in Postfix

If you are administrating a mail server and use blacklists to block spam, sometimes you may have a problem with certain mail servers. This happens because a specific mail server was blacklisted. You can see that one server was blacklisted if you trace your maillog:

reject: RCPT from unknown[]: 554 5.7.1 Service unavailable; Client host [] blocked using; Blocked - see; from=<> to=<> proto=SMTP helo=<>

In this example, the mail server is blacklisted and therefore blocked (also in this case, message was spam and we won’t whitelist

To whitelist servers, we need one file (for example /etc/postfix/rbl_whitelist) where we will list all IP addresses or host names marked for whitelist.

# nano /etc/postfix/rbl_whitelist

Every line should contain only one IP address or one hostname in next format OK OK

Save file and then run:

# postmap /etc/postfix/rbl_whitelist

After you created whitelist in postfix format, open /etc/postfix/ and search for the smtpd_recipient_restrictions parameter. Add
check_client_access hash:/etc/postfix/rbl_whitelist
after reject_unauth_destination, but before the first blacklist.

Remember BEFORE the first blacklist or this won’t work.

smtpd_recipient_restrictions = reject_invalid_hostname,
                               check_client_access hash:/etc/postfix/rbl_whitelist,

The lines shown above is only example. Please check all those blacklist because some of them are not active any more….

And finally reload postfix with

# service postfix restart


# /etc/init.d/postfix restart

Remember that smtpd_recipient_restrictions section mentioned above is just for reference. Please double check this blacklists before you use them. (Some of them doesn’t work any more). Especially if you find this post 3 years after I wrote it…

SysBench on CentOS – HowTo

If you want to test server performance, you can think about SysBench. SysBench is a modular, cross-platform and multi-threaded benchmark tool for evaluating OS parameters that are important for a system running a database under intensive load. The idea of this benchmark suite is to quickly get an impression about system performance without setting up complex database benchmarks or even without installing a database at all.

Current features allow to test the following system parameters:

* file I/O performance
* scheduler performance
* memory allocation and transfer speed
* POSIX threads implementation performance
* database server performance (OLTP benchmark)
(Primarily written for MySQL server benchmarking, SysBench will be further extended to support multiple database backends, distributed benchmarks and third-party plug-in modules)

I couldn’t find CentOS RPM so here are few tips how to install it manually.

Download Sysbench (current version is 0.4.12)

# wget

Then unpack it and install with

# tar -xvzf sysbench-0.4.12.tar.gz
# cd sysbench-0.4.12
# libtoolize --force --copy 
# ./
# ./configure
# make
# make install

To test CPU performance you can try

# sysbench --test=cpu --cpu-max-prime=20000 run

For MySQL test, you’ll need to prepare database for testing with

# sysbench --test=oltp --mysql-table-engine=innodb --oltp-table-size=500000 --mysql-user=test_database --mysql-password=test_database_password --mysql-socket=/var/lib/mysql/mysql.sock prepare

(replace test_database with valid username and test_database_password with valid password)

This command will create sample table inside test_database and it will have 500 000 rows (InnoDB engine).

sysbench 0.4.12:  multi-threaded system evaluation benchmark
No DB drivers specified, using mysql
Creating table 'test-database'...
Creating 500000 records in table 'test-database'...

Now to start read test

# sysbench --num-threads=16 --max-requests=100000 --test=oltp --oltp-table-size=500000 --mysql-socket=/var/lib/mysql/mysql.sock --oltp-read-only --mysql-user=test_database --mysql-password=test_database_password run

For read-write test you can try

# sysbench --num-threads=16 --max-requests=10000 --test=oltp --oltp-table-size=500000 --mysql-socket=/var/lib/mysql/mysql.sock --oltp-test-mode=complex --mysql-user=test_database --mysql-password=test_database_password run

More info about specific parameters can be found in official docs (

tftp server on CentOS/RHEL/Fedora

Trivial File Transfer Protocol (TFTP) is a file transfer protocol, with the functionality of a very basic form of File Transfer Protocol (FTP). It was first defined in 1980 and it is used for operations like firmware upgrade on network devices. This post won’t be the history lesson :). To install tftp server on RH based distros, follow the next steps

Install tftp-server with

# yum install tftp-server xinetd

Now you will need to set up some things before you can start and use tftp server

# nano /etc/xinetd.d/tftp
service tftp
        socket_type             = dgram
        protocol                = udp
        wait                    = yes
        user                    = root
        server                  = /usr/sbin/in.tftpd
        server_args             = -s /var/lib/tftpboot
        disable                 = no
        per_source              = 11
        cps                     = 100 2
        flags                   = IPv4

To enable tftp server, set “disable” to no. Also, check server_args. In this case, all files will be/must be in /var/lib/tftpboot. If you have any problems with permissions, try to chmod 777 /var/lib/tftpboot and fix perms later.

Restart xinetd to apply settings you just made

# service xinetd restart

Setting “disable” to yes will disable tftp server and for security reasons, you should disable tftp whenever you don’t need it.

TFTP has been implemented on top of the User Datagram Protocol (UDP) using port number 69. TFTP is designed to be small and easy to implement, therefore, lacks most of the features of a regular FTP. TFTP only reads and writes files (or mail) from/to a remote server. It cannot list directories, and currently has no provisions for user authentication.

In TFTP, any transfer begins with a request to read or write a file, which also serves to request a connection. If the server grants the request, the connection is opened and the file is sent in fixed length blocks of 512 bytes. Each data packet contains one block of data, and must be acknowledged by an acknowledgment packet before the next packet can be sent. A data packet of less than 512 bytes signals termination of a transfer. If a packet gets lost in the network, the intended recipient will timeout and may retransmit his last packet (which may be data or an acknowledgment), thus causing the sender of the lost packet to retransmit that lost packet. The sender has to keep just one packet on hand for retransmission, since the lock step acknowledgment guarantees that all older packets have been received. Notice that both machines involved in a transfer are considered senders and receivers. One sends data and receives acknowledgments, the other sends acknowledgments and receives data.

Check dir size howto

It is useful to know how to check the size of a folder. All you need to do is to run next command:

# du -hs /dir/location/

For example:

[root@myserver /]# du -hs /mail/
837M    /mail/

In this case, the size is shown in MBs.

Small update…

Hi there… Its been a while since my last post and that seems like a tradition for my blogs… Few posts and then couple months of inactivity… Well, you know, I’m busy, I’m sick, tired etc.. At the end I would like to announce a couple articles about Sysbench, mod_fcgid and other “Nuclear science” utilities…

see ya …

How do I check what version of Centos/Fedora/RH my server is running?

You can run the command below at a command prompt to see what version of Centos/Fedora/RH your server is running.

[root@hydra:~]# cat /etc/redhat-release
CentOS release 5.2 (Final)

Fedora sample:

[root@s2 ~]# cat /etc/redhat-release
Fedora release 7 (Moonshine)

Upgrading to PHP 5.2.5 on RHEL and CentOS

As you probably know, the latest CentOS and RHEL distros are available only with PHP 5.1.6 and if you want to upgrade PHP, you need to install it manually (or to find someone to do it for you 🙂 ). The 5.2.5 release brings several security enhancements, more than 60 bug fixes, and improved performance for those of you that like arrays (and really, who doesn’t?). I wanted to install latest RoundCube webmail application and it won’t work if you don’t have PHP> 5.2. Also, latest Vivvo won’t work without 5.2.x

So, if you don’t want to build rpms or to go through ./configure, make, make install nightmare, you can enable Jason Litka yum repository to your RHEL or CentOS system. To do this please follow next few steps.

First you need to validate that the packages came from Jason Litka and you’ll do it with next command:

#rpm --import

After you added his public GPG key, you’ll need to adjust yum so he can search at his repo. To do this, please follow next steps:

#nano -w /etc/yum.repos.d/utterramblings.repo

Now copy next lines inside this file and save those changes.

name=Jason's Utter Ramblings Repo

Now you can upgrade your PHP installation with simple:

#yum update php

More information about this can be found HERE.

#php -v

should return

[root@ns1 ~]# php -v
PHP 5.2.6 (cli) (built: May  5 2008 10:32:59)
Copyright (c) 1997-2008 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies
[root@ns1 ~]#

I forget to say that you should restart httpd after upgrade.