Rabu, 12 September 2012

samba configuration with audit

security = user

[foldername]
path = /data/test
valid users = john
writeable = yes
create mask = 0664
directory mask = 0775
vfs objects = full_audit
full_audit:prefix = %u|%I
full_audit:success = open unlink rename chdir rmdir
full_audit:failure = none
Diposting oleh di Tidak ada komentar:

Selasa, 11 September 2012

amazon s3 with fuse

/* http://code.google.com/p/s3fs/wiki/InstallationNotes */
wget http://s3fs.googlecode.com/files/s3fs-1.61.tar.gz
sudo apt-get install build-essential libfuse-dev fuse-utils libcurl4-openssl-dev libxml2-dev mime-support

/* compile s3fs and install */
tar xvzf s3fs-1.61.tar.gz
cd s3fs-1.61/
./configure --prefix=/usr
make
sudo make install

/* put your aws keys */
echo "AccessKey:SecretKey" | sudo tee -a /etc/passwd-s3fs && sudo chmod 0600 /etc/passwd-s3fs

/* prepare mount point at /vol */
sudo mkdir -p -m 000 /vol
echo "s3fs#{your-bucket-name} /vol fuse nosuid,nodev,allow_other 0 0" | sudo tee -a /etc/fstab
Diposting oleh di Tidak ada komentar:

Extended vsFTPd builds

tar xzvf vsFTPd-2.3.5-ext1.tgz
cd vsFTPd-2.3.5-ext.1
sudo apt-get install make gcc libwrap0-dev libcap-dev libpam-dev libssl-dev
make
sudo make install
sudo cp vsftpd.8 /usr/share/man/man8/
sudo cp vsftpd.conf.5 /usr/share/man/man5/
sudo mkdir -p /srv/ftp
sudo addgroup --system ftp
sudo adduser --system --home /srv/ftp --no-create-home --ingroup ftp --disabled-password --disabled-login ftp

sudo /etc/init/vsftpd.conf 
# vsftpd - FTP Daemon
#

description     "vsftpd daemon"
author          "Chuck Short "

start on (filesystem
        and net-device-up IFACE!=lo)
stop on runlevel [!2345]
respawn

pre-start script
        check_standalone_mode()
        {
                # Return 1 if vsftpd.conf doesn't have listen yes or listen_ipv6=yes
                CONFFILE="/etc/vsftpd/vsftpd.conf"

                if [ -e  "${CONFFILE}" ] && ! egrep -iq "^ *listen(_ipv6)? *= *yes" "${CONFFILE}"
                then
                        echo "${CONFFILE}: listen disabled - service will not start"
                        return 1
                fi
        }
        [ -d /usr/share/empty ] || install -m 755 -o root -g root -d /usr/share/empty
        check_standalone_mode || stop
end script

exec /usr/local/sbin/vsftpd

sudo ln -s /lib/init/upstart-job /etc/init.d/vsftpd
sudo nano /etc/vsftpd/vsftpd.conf 
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
chroot_local_user=YES

pam_service_name=vsftpd
pasv_min_port=49152
pasv_max_port=65535
hide_ids=YES
allow_writable_root=YES
local_max_rate=1000000 # Maximum data transfer rate in bytes per second
max_clients=50         # Maximum number of clients that may be connected
max_per_ip=4           # Maximum connections per IP
Diposting oleh di Tidak ada komentar:

mysql backup using mysqldump

mysqldump -u user -ppass mydatabase | gzip > /vol/mydatabase_`date '+%Y-%m-%d'`.sql.gz


Diposting oleh di Tidak ada komentar:

raid 1+0 with 10 disks

sudo mdadm --create md0 --level=10 --chunk=64 --raid-devices=10 /dev/xvdf1 /dev/xvdf2 /dev/xvdf3 /dev/xvdf4 /dev/xvdf5 /dev/xvdf6 /dev/xvdf7 /dev/xvdf8 /dev/xvdf9 /dev/xvdf10

sudo mdadm --detail --scan | sudo tee -a /etc/mdadm/mdadm.conf

echo "/dev/md/ip-xx-xx-xx-xx:md0 /data auto defaults,nobootwait,noatime,data=writeback,barrier=0,nobh 0 0" | sudo tee -a /etc/fstab


Diposting oleh di Tidak ada komentar:

postfix basic essentials

check postfix supported lookup table types: "sudo postconf -m" 
.
.
regexp
.
.
sudo nano /etc/postfix/header_checks 
/^Received:/ IGNORE
/^Reply-To:/ IGNORE
/^X-/ IGNORE
sudo nano /etc/postfix/main.cf

# header checks lookup 
header_checks = regexp:/etc/postfix/header_checks
# lookup tables 
virtual_alias_maps = hash:/etc/postfix/virtual
smtp_generic_maps = hash:/etc/postfix/generic
# relay to external sender 
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
relayhost = [domain.com]:587

# generic - virtual - sasl_passwd 
generic: www-data user@domain.com
virtual: @domain.com user@domain.net
sasl_passwd: domain.com user@domain.com:pass
# same goes to other hash tables
sudo postmap /etc/postfix/generic
Diposting oleh di Tidak ada komentar:

Senin, 13 Agustus 2012

smtp service 

perl -MMIME::Base64 -e 'print encode_base64("\000username\@your-domain-name.com\000password-here")'

openssl s_client -starttls smtp -crlf -connect mail.domain.com:587

[or]

openssl s_client -crlf -connect mail.domain.com:465

#------------------------------
ehlo testing
auth plain {encoded-text-from-base64}
mail from: <user@domain.com>
rcpt to: <someone@other.com>
data
from: blabla <user@domain.com>
to: jdoe <someone@other.com>
subject: testing

{this is body part}

.
#-------------------------------
Diposting oleh di Tidak ada komentar:

Minggu, 01 Juli 2012

clamav on lucid

deb http://ppa.launchpad.net/ubuntu-clamav/ppa/ubuntu lucid main sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5ADC2037
Diposting oleh di Tidak ada komentar:

Kamis, 14 Juni 2012

easily adding launchpad ppa on ubuntu

sudo apt-get install python-software-properties
sudo add-apt-repository ppa:<repository-name>

example (installing php5-fpm on ubuntu lucid): 
sudo add-apt-repository ppa:brianmercer/php
Diposting oleh di Tidak ada komentar:

Senin, 11 Juni 2012

setup apache2+fastcgi+php-fpm on ubuntu 12.04 precise

install apache2 (worker) + fastcgi + php5-fpm di ubuntu 12.04 (x64):


:~$ sudo aptitude update && sudo aptitude safe-upgrade

/* mulai dgn apache */
:~$ sudo apt-get install apache2

/* install libapache2-mod-fastcgi dari multiverse */
:~$ wget http://mirror.informatik.uni-mannheim.de/pub/linux/distributions/ubuntu/pool/multiverse/liba/libapache-mod-fastcgi/libapache2-mod-fastcgi_2.4.7~0910052141-1_amd64.deb
:~$ sudo dpkg -i libapache2-mod-fastcgi_2.4.7~0910052141-1_amd64.deb

/* install komponen yang diperlukan */
:~$ sudo apt-get install php5-fpm php5-mcrypt php5-cli php5-curl php5-gd php5-mysql mysql-server

/* setup handler di /etc/apache2/conf.d/00fastcgi */
<ifmodule mod_fastcgi.c>
  Alias /php5 /var/www/fastcgi/php5
  AddHandler php-script .php
  FastCGIExternalServer /var/www/fastcgi/php5 -socket /var/run/php5-fpm.sock
  Action php-script /php5 virtual
</ifmodule>

 /* enabled apache modul actions & rewrite */
:~$ sudo a2dismod cgid
:~$ sudo a2enmod actions rewrite

/* buat folder /fastcgi di /var/www */
:~$ sudo mkdir /var/www/fastcgi

/* edit /etc/php5/fpm/pool.d/www.conf */
/* comment-out baris 'listen = 127.0.0.1:9000', tambahkan di bawahnya: */
;listen = 127.0.0.1:9000
listen = /var/run/php5-fpm.sock

/* restart apache + php-fpm */
:~$ sudo /etc/init.d/apache2 restart
:~$ sudo /etc/init.d/php5-fpm restart

/* panggil fungsi phpinfo() di /var/www/info.php */

 /* buka http://{ip-server}/info.php, cek 'Server API' - 'FPM/FastCGI' */


Diposting oleh di Tidak ada komentar:
Langganan: Postingan (Atom)