listen_addresses = '*'In the /var/lib/pgsql/data/postgresql.conf file.
Friday 25 October 2013
Configuring PostgreSQL to listen on all IPs
Tested on CentOS 6. Modify the line:
In the /var/lib/pgsql/data/postgresql.conf file.
In the /var/lib/pgsql/data/postgresql.conf file.
Tuesday 22 October 2013
Setting root password on CentOS MySQL install
After installing and starting up mysqld run the following commands to set the root password:
# /usr/bin/mysqladmin -u root password '[password here]'
# /usr/bin/mysqladmin -u root -h [hostname here] password '[password here]'
Common SELinux problems and tasks
List current selinux context labels on files:
Change the selinux context:
Enable Apache to make outbound database connections:
Enable Apache to use sendmail:
[root@machine1:/var/www/html]# ls -alZ
total 124K
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 ./
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 ../
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 administrator/
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 bin/
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 cache/
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 cli/
...
Change the selinux context:
[root@machine1:/var/www/html]# chcon -Rv --type=httpd_sys_content_t ./*
changing security context of `./administrator/templates/hathor/less/forms.less'
changing security context of `./administrator/templates/hathor/less/buttons.less'
...
Enable Apache to make outbound database connections:
[root@machine1:/var/www/html]# setsebool -P httpd_can_network_connect=1 Enable Apache to use sendmail:
[root@machine1:/var/www/html]# setsebool httpd_can_sendmail 1
Friday 18 October 2013
Finding the CWD (current working directory) of a running process
Luckily, due to the UNIX philosophy of "everything" is a file, makes it rather trivial to find what the current working directory is. You just need to look at the symbolic "cwd" link under the process directory:
# ls -al /proc/[process number here]/cwd
lrwxrwxrwx 1 build build 0 Oct 18 12:29 /proc/2506/cwd /root/run
Tuesday 19 March 2013
Gerrit and ActiveDirectory
We've recently started testing out Gerrit at work and one of the tasks when setting it up was to integrate the authentication with ActiveDirectory.
The process was fairly straight forward. For reference here is an example AD configuration:
The username/password are for the "bind" user that will be used to query the server. More information can be found on the Gerrit auth documentation page.
The process was fairly straight forward. For reference here is an example AD configuration:
[ldap]
server = ldap://dc.company.org:389
accountBase = ou=People,dc=company,dc=org
accountPattern = (&(objectCategory=Person)(sAMAccountName=${username}))
accountFullName = displayName
accountEmailAddress = mail
groupBase = ou=Groups,ou=People,dc=company,dc=org
groupMemberPattern = (&(objectClass=group)(member=${dn}))
username = cn=Gerrit User,ou=People,dc=company,dc=org
password = ********
The username/password are for the "bind" user that will be used to query the server. More information can be found on the Gerrit auth documentation page.
Wednesday 6 March 2013
Simple Perl and CGI example
This is probably the simplest possible example to get Perl working through cgi on Apache HTTPD. Instructions are for Ubuntu 12.04.
Install apache httpd:
Add the following "hello.pl" script to the /usr/lib/cgi-bin directory:
Point your browser at http://localhost/cgi-bin/hello.pl and that's it!
Install apache httpd:
sudo apt-get install apache2Add the following "hello.pl" script to the /usr/lib/cgi-bin directory:
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "Hello World!";
exit;
Point your browser at http://localhost/cgi-bin/hello.pl and that's it!
Wednesday 27 February 2013
etckeeper and bzr explorer
In my previous blog post, I talked about using the etckeeper package for keeping the entire /etc directory under version control. In this post I'll talk about how to manually audit the changes to see what changes were made and also how to reverse those changes, using the "bzr explorer" program.
To do this, we need to install the "bzr-explorer" package. Once this is done, you have to start up the GUI as the root user:
NOTE: I initially tried starting it up as a non-root user and it was not able to load the repository.
Once we've got this open, we can go to the "Open an existing location" pane and select the "Open" button. Navigate to the "/etc" directory and click on "Choose". This will load up the repository in the explorer window.
Now, if someone has modified a file under /etc but hasn't committed it, the screen will look like the following:
From here, we can see what the differences made were and also choose whether to commit the new version to the repository.
If we wanted to alternatively see a log of all of the changes that had been made, after opening the /etc repository, we could hit the "Log" button to bring up a listing of all of the commits. From there, selecting any particular commit would bring up a Diff screen showing the changes which had been made:
If we had seen a change which we didn't want and needed to roll back, right-clicking on any previous version and selecting "Revert" is enough to change the file back to it's previous state and update the repository.
To do this, we need to install the "bzr-explorer" package. Once this is done, you have to start up the GUI as the root user:
sudo bzr explorerNOTE: I initially tried starting it up as a non-root user and it was not able to load the repository.
Once we've got this open, we can go to the "Open an existing location" pane and select the "Open" button. Navigate to the "/etc" directory and click on "Choose". This will load up the repository in the explorer window.
Now, if someone has modified a file under /etc but hasn't committed it, the screen will look like the following:
From here, we can see what the differences made were and also choose whether to commit the new version to the repository.
If we wanted to alternatively see a log of all of the changes that had been made, after opening the /etc repository, we could hit the "Log" button to bring up a listing of all of the commits. From there, selecting any particular commit would bring up a Diff screen showing the changes which had been made:
If we had seen a change which we didn't want and needed to roll back, right-clicking on any previous version and selecting "Revert" is enough to change the file back to it's previous state and update the repository.
Subscribe to:
Posts (Atom)