security = user
[foldername]
path = /data/test
valid users = john
writeable = yes
create mask = 0664
directory mask = 0775
vfs objects = full_audit
full_audit:prefix = %u|%I
full_audit:success = open unlink rename chdir rmdir
full_audit:failure = none
Rabu, 12 September 2012
Selasa, 11 September 2012
amazon s3 with fuse
/* http://code.google.com/p/s3fs/wiki/InstallationNotes */
wget http://s3fs.googlecode.com/files/s3fs-1.61.tar.gz
sudo apt-get install build-essential libfuse-dev fuse-utils libcurl4-openssl-dev libxml2-dev mime-support
/* compile s3fs and install */
tar xvzf s3fs-1.61.tar.gz
cd s3fs-1.61/
./configure --prefix=/usr
make
sudo make install
/* put your aws keys */
echo "AccessKey:SecretKey" | sudo tee -a /etc/passwd-s3fs && sudo chmod 0600 /etc/passwd-s3fs
/* prepare mount point at /vol */
sudo mkdir -p -m 000 /vol
echo "s3fs#{your-bucket-name} /vol fuse nosuid,nodev,allow_other 0 0" | sudo tee -a /etc/fstab
wget http://s3fs.googlecode.com/files/s3fs-1.61.tar.gz
sudo apt-get install build-essential libfuse-dev fuse-utils libcurl4-openssl-dev libxml2-dev mime-support
/* compile s3fs and install */
tar xvzf s3fs-1.61.tar.gz
cd s3fs-1.61/
./configure --prefix=/usr
make
sudo make install
/* put your aws keys */
echo "AccessKey:SecretKey" | sudo tee -a /etc/passwd-s3fs && sudo chmod 0600 /etc/passwd-s3fs
/* prepare mount point at /vol */
sudo mkdir -p -m 000 /vol
echo "s3fs#{your-bucket-name} /vol fuse nosuid,nodev,allow_other 0 0" | sudo tee -a /etc/fstab
Extended vsFTPd builds
tar xzvf vsFTPd-2.3.5-ext1.tgz
cd vsFTPd-2.3.5-ext.1
sudo apt-get install make gcc libwrap0-dev libcap-dev libpam-dev libssl-dev
make
sudo make install
sudo cp vsftpd.8 /usr/share/man/man8/
sudo cp vsftpd.conf.5 /usr/share/man/man5/
sudo mkdir -p /srv/ftp
sudo addgroup --system ftp
sudo adduser --system --home /srv/ftp --no-create-home --ingroup ftp --disabled-password --disabled-login ftp
sudo /etc/init/vsftpd.conf
sudo ln -s /lib/init/upstart-job /etc/init.d/vsftpd
sudo nano /etc/vsftpd/vsftpd.conf
cd vsFTPd-2.3.5-ext.1
sudo apt-get install make gcc libwrap0-dev libcap-dev libpam-dev libssl-dev
make
sudo make install
sudo cp vsftpd.8 /usr/share/man/man8/
sudo cp vsftpd.conf.5 /usr/share/man/man5/
sudo mkdir -p /srv/ftp
sudo addgroup --system ftp
sudo adduser --system --home /srv/ftp --no-create-home --ingroup ftp --disabled-password --disabled-login ftp
sudo /etc/init/vsftpd.conf
# vsftpd - FTP Daemon # description "vsftpd daemon" author "Chuck Short" start on (filesystem and net-device-up IFACE!=lo) stop on runlevel [!2345] respawn pre-start script check_standalone_mode() { # Return 1 if vsftpd.conf doesn't have listen yes or listen_ipv6=yes CONFFILE="/etc/vsftpd/vsftpd.conf" if [ -e "${CONFFILE}" ] && ! egrep -iq "^ *listen(_ipv6)? *= *yes" "${CONFFILE}" then echo "${CONFFILE}: listen disabled - service will not start" return 1 fi } [ -d /usr/share/empty ] || install -m 755 -o root -g root -d /usr/share/empty check_standalone_mode || stop end script exec /usr/local/sbin/vsftpd
sudo ln -s /lib/init/upstart-job /etc/init.d/vsftpd
sudo nano /etc/vsftpd/vsftpd.conf
anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 chroot_local_user=YES pam_service_name=vsftpd pasv_min_port=49152 pasv_max_port=65535 hide_ids=YES allow_writable_root=YES local_max_rate=1000000 # Maximum data transfer rate in bytes per second max_clients=50 # Maximum number of clients that may be connected max_per_ip=4 # Maximum connections per IP
mysql backup using mysqldump
mysqldump -u user -ppass mydatabase | gzip > /vol/mydatabase_`date '+%Y-%m-%d'`.sql.gz
raid 1+0 with 10 disks
sudo mdadm --create md0 --level=10 --chunk=64 --raid-devices=10 /dev/xvdf1 /dev/xvdf2 /dev/xvdf3 /dev/xvdf4 /dev/xvdf5 /dev/xvdf6 /dev/xvdf7 /dev/xvdf8 /dev/xvdf9 /dev/xvdf10
sudo mdadm --detail --scan | sudo tee -a /etc/mdadm/mdadm.conf
echo "/dev/md/ip-xx-xx-xx-xx:md0 /data auto defaults,nobootwait,noatime,data=writeback,barrier=0,nobh 0 0" | sudo tee -a /etc/fstab
sudo mdadm --detail --scan | sudo tee -a /etc/mdadm/mdadm.conf
echo "/dev/md/ip-xx-xx-xx-xx:md0 /data auto defaults,nobootwait,noatime,data=writeback,barrier=0,nobh 0 0" | sudo tee -a /etc/fstab
postfix basic essentials
check postfix supported lookup table types: "sudo postconf -m"
# header checks lookup
# generic - virtual - sasl_passwd
sudo postmap /etc/postfix/generic
. . regexp . .sudo nano /etc/postfix/header_checks
/^Received:/ IGNORE /^Reply-To:/ IGNORE /^X-/ IGNOREsudo nano /etc/postfix/main.cf
# header checks lookup
header_checks = regexp:/etc/postfix/header_checks# lookup tables
virtual_alias_maps = hash:/etc/postfix/virtual smtp_generic_maps = hash:/etc/postfix/generic# relay to external sender
smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd relayhost = [domain.com]:587
# generic - virtual - sasl_passwd
generic: www-data user@domain.com virtual: @domain.com user@domain.net sasl_passwd: domain.com user@domain.com:pass# same goes to other hash tables
sudo postmap /etc/postfix/generic
Senin, 13 Agustus 2012
smtp service
perl -MMIME::Base64 -e 'print encode_base64("\000username\@your-domain-name.com\000password-here")'
openssl s_client -starttls smtp -crlf -connect mail.domain.com:587
[or]
openssl s_client -crlf -connect mail.domain.com:465
#------------------------------
ehlo testing
auth plain {encoded-text-from-base64}
mail from: <user@domain.com>
rcpt to: <someone@other.com>
data
from: blabla <user@domain.com>
to: jdoe <someone@other.com>
subject: testing
{this is body part}
.
#-------------------------------
Langganan:
Postingan (Atom)