FQDN – Fully Qualified Domain Name

What is exactly the meaning of the term Fully Qualified Domain Name (FQDN). I was thinking that www.webplay.pro is a FQDN for example. While reading the great book Pro DNS and BIND 10 By Ron Aitchison I found out that technically an FQDN unambiguously defines a domain name to the root and therefore must terminate with the normally silent dot.

So the valid FQDN for www.webplay.pro domain is:

www.webplay.pro. 

 

Enable – Disable Firewall in Windows Server 2012

I can tell that I am not experienced at all with Windows Server Operating System. The last year I had some experience with Windows Server 2003, 2008 and 2012 but that was for some little projects, and I have not in depth knowledge. Today I tried to turn off firewall on windows server 2012. The metro style got me on firewall rules when I typed firewall on search. Then the first thing I though as a linux admin was to stop the service and not keep searching for firewall turn off feature, I saw sometimes here and there.

I stopped the service and Ooops the Remote Desktop Connection was broken. I thought it might needs some time to reinitialize network interfaces. Waiting for a ping response from the server, I googled about that incident and I found a great powershell command to turn off and on the firewall:

netsh advfirewall set allprofiles state off
 netsh advfirewall set allprofiles state on

I posted this command just to remember that there is a simple way to just do it, even in Windows. 🙂

 

Now it’s time to describe the other way ( the gui one ) for Windows lovers:

Go to Control Panel -> System and Security -> Windows Firewall

windows-server-2012-enable-disable-firewall

Click on the left sidebar the link:

Turn Windows Firewall on or off

and then select for each level to turn it on or off.

windows-server-2012-enable-disable-firewall-2

 

The last thing I want to to say, either you are getting dirty hands on linux or windows, do not turn off firewall. You can disable it for a while or for testing purposes, but if you want to stay secure ( as secure as you can ) do not turn it off.

How to see the output of a program and simultanesously write it to a file

In order to collect the stdout and stderr of a command into a single file and see the output interactively, run the following”

some_command 2>&1 | tee filename

this is usually called, io redirection and it is very usefull to all linux users, so I decided to add it to my blog.

To get some deeper, I refer that there are three types of I/O, which each have their own identifier, called a file descriptor:

  • standard input: 0
  • standard output: 1
  • standard error: 2

so, now it’s getting clear what the 2,1 arguments means in the redirection and notice that the ampersand here is not used to run a process in the background but, it merely serves as an indication that the number that follows is not a file name, but rather a location that the data stream is pointed to. Also note that the bigger-than sign should not be separated by spaces from the number of the file descriptor.

Install Nagios to Centos 6.4

In this step by step guide, we will install nagios. Nagios is a great (if not the greatest) opensource monitoring tool. You can use to monitor your hole datacenter, or lot’s of datacenters, services and networks.

1. Install the epel repository

Supposing you have not allready installed epel repository, run the following command:

# rpm -ivh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

2. Disable selinux, iptables

In order to disable selinux edit /etc/selinux/config

# vi /etc/selinux/config

and set

SELINUX=disabled

I do not recommend to disable iptables, but setting correctly it depends on your servers configuration

I disabled iptables here just to ensure that everything works and then I will apply my firewall policy.

To disable iptables you have to run the following command:

# service iptables stop
# chkconfig iptables off

To confirm that the service is not running, run the following command:

# service iptables status

and the output should be like this:

iptables: Firewall is not running.

Then run the following command to ensure that is turned off, on boot

# chkconfig --list iptables

and the output should be this:

iptables        0:off   1:off   2:off    3:off    4:off    5:off    6:off

reboot your system to take effect selinux configuration.
To confirm that your system has disabled selinux run:

# sestatus
SELinux status: disabled

Be carefull if you didn’t run

# chkconfig iptables off

then after the system reboots, the iptables service will be up.

3. Nagios Installation

Now you can install nagios using yum

# yum install nagios

When the installation completes it’s procedure, you should run:

# service httpd restart
# service nagios restart

and then visit:

http://your-ip/nagios/

there will be a basic authentication, and you can login giving the following default credentials for nagios:

username: nagiosadmin
password: nagiosadmin

You can also change these credentials to whatever you want:

# htpasswd /etc/nagios/htpasswd nagiosadmin

and here enter the password you want.

 4. Change the theme of nagios

You can stay with the nagios default theme, but you can also change it to one of your choice. I like this theme:

http://www.be-root.com/downloads/nagios/vautour/vautour_style.zip

and here I will describe how to install it.

# cd /tmp
# wget http://www.be-root.com/downloads/nagios/vautour/vautour_style.zip
# mkdir vautour
# mv vautour_style.zip vautour
# cd vautour
# unzip vautour_style.zip
# mv vautour/ /usr/share/nagios/.
# cd /usr/share/nagios/
# mv html html-backup
# mv vautour/ html
# chmod 775 html

if you miss unzip package install it via yum.

# yum install unzip

5. Install check_mysql_health

I found this plugin very helpfull to monitor my MySQL server.

to install it follow these instructions:

# cd /tmp
# wget http://labs.consol.de/download/shinken-nagios-plugins/check_mysql_health-2.1.8.2.tar.gz
# gtar -xzpf check_mysql_health-2.1.8.2.tar.gz
# cd check_mysql_health-2.1.8.2
# ./configure -prefix=/usr/lib64/nagios/ --with-nagios-user=nagios --with-nagios-group=nagios --with-perl=/usr/bin/perl --with-mymodules-dir=/usr/lib64/nagios/plugins --with-mymodules-dyn-dir=/usr/lib64/nagios/plugins
# cp -p /usr/lib64/nagios/libexec/check_mysql_health /usr/lib64/nagios/plugins/.

 

6. Configure nagios

In order to organize better your configuration files, I recommend that you should separate each configuration file for each purpose.

I add a file in /etc/nagios/conf.d/

hostgroups.cfg

and a file

servicegroups.cfg

where I include the declaration of the hostgroups and servicegroups respectively.

Then I create files for each servicegroup in /etc/nagios/objects/ for example I have a hostgroup of webservers, then I create a file webservers.cfg in this directory where I declare hosts and services. Then I add this file path to /etc/nagios/nagios.cfg as here:

# Definitions for monitoring the webservers
cfg_file=/etc/nagios/objects/webservers.cfg

7. Validate Configuration

Before restarting the nagios service, you should check the configuration spelling. This can be done, by run:

nagios -v /etc/nagios/nagios.cfg

I ‘ll try to update this post, and describe how to use check_mysql_health and other tools of nagios.

view files permissions in octal format

I was wondering which is the way to list file’s permissions in octal format. I tried to find out how to do it, using ls, but I conclude that a way to do it is to use stat command:

stat -c '%A %a %n' file

Macbook air mid 2013 review

There hasn’t been more than two hours from the moment I opened my new Macbook Air mid 2013. It’s a 13.3 inch Macbook Air with 128Gb ssd, 8Gb ram and an Intel i5 processor.

Firstly, let me explain, why I decided to buy a Mac. Since 1995 I have been A Microsoft’s Windows user exploring each one of it’s Operating System’s version. I was in love with Windows, but when I firstly got into touch with Linux (Debian and Ubuntu Distros), I started to reconsider Windows functionality and even more stability.

As a developer and System Administrator I admit that Microsoft’s Windows is a more Enterprise Environment. I can develop projects, using php, java, c, c++ on Linux Environment, but I cannot use Office Suite or other Alternatives, to be productive. On the other side I could use office suite on a Windows Environment, lot of developing tools (exceptions are all but git guis but for Source Tree, and terminal emulators – Putty it’s good but not as linux terminal). So I got my self balancing between Linux and Windows, Virtualised Environments and making use both of them.

One month ago, I decided that I have to replace my old laptop, because at first it was getting slower and slower, day by day and I cannot develop lots and big projects. I started searching which laptop fits my needs and expectations. There were lot’s of factors. First one, was the money I wanted to spend for my new laptop. I didn’t want to give more than 500 €.

Another factor was the performance, an intel i3 3rd generation processor, memory expandable upto at least 8gb ram. I would give 300 € more to upgrade memory to top and buy an ssd, to reach my performance expectations. So the total price was 800 €.

There was a problem, found on all laptops. I don’t like their display’s resolution. On 13.3 up to 15.6 inch laptops there is a screen with 1366×768 resolution. Trying to find a more suitable solution for my needs I found lenovo ideapad y500 model with a 1920×1080. The price was about 1000 € and I decided not to upgrade it’s ram and hdd to an ssd. I decided to buy it, because it has the capability to get a secondary hdd, and I like lenovo’s laptop. Another problem with all 15.6 inch laptops is the keyboard with the numpad. I don’t like it so much, but this was a minor issue. The time I was ordering my “new” laptop an newsletter arrived, and a notification from thunderbird push the message headline to my screen. It was the upcoming week’s crazy deals from a local store, and this newsletter interrupted my order’s procedure.

I thought let’s get a glance before buying my new laptop. I saw that the great deal for this week, was this macbook air. I said myself, forget about it, I am out of budget already. The price was 1219 € for this cute laptop. I admit it, that I find cute almost every apple’s product, but I am not a apple “golden boy”. I thought as an idiot consumer that was a victim of apple’s propaganda, but then thinking a bit more clearer I saw that the lenovo was out of budget too, and with cost of the upgrade it will be more expensive than this macbook. Maybe more powerful at graphics when playing games ( I don’t play games at this phase of my life ) or video editing but with some bad critics about temperature management and power consumption. Recalling that lenovo has a keyboard with numpad, I took the decision to buy this macbook.

It got the store two weeks to ship my item. These two weeks was the most decision balancing weeks of my life. I was thinking to call and cancel my order thinking that too much money for an operating system that you had never tested, for a mainstream product that you may never like. From the other side I was thinking that I can have a uix like operating system ( bsd based to be more precise ) with the goods of the “Enterprise” products like Microsoft Office, Adobe Suite. The two most valuable products that I could not find on a Linux System. There are good alternatives on Linux but I feel like home with Microsoft Office and Adobe Photoshop and Illustrator. I also thought there is my chance to test this Operating System, apple’s products and develop on cocoa. The next time I felt like a fool, asking my self  if I could  connect to my office “Microsoft’s vpn”, could make remote desktop connections, could run vsphere client? Googling on all issues I thought on these two weeks.

The truth is that some tools I use daily, are missing from OS X, but I believe that I can find a way to do my job. I cannot tell you this time how satisfied I am from the laptop or from the operating system. The only thing I can tell is that I was worried about big temperatures when running three or four applications (skype, office, netbeans, chrome) at a time.

I hope that I made the right decision.

How to view the members of a mailman list via command line

All the time when I need to find out how to get a list of members in a mailman list through command line, I am searching using google to find out how to do it. It’s a command that I run once every three or four months.

Today I decided to make a post for this mailman command in order to find it, easily on my blog!

 

list_members listname

 

and that’s all!

How to view the moderators of a mailman list via command line

All the time when I need to find out how to get a list of moderators in a mailman list through command line, I am searching using google to find out how to do it. It’s a command that I run once every three or four months.

Today I decided to make a post for this mailman command in order to find it, easily on my blog!

 

list_owners -m listname

 

and that’s all!

 

To find out the corresponding command for an ezmlm list read this post

How to view the moderators of a ezmlm list via command line

All the time when I need to find out how to get a list of moderators in a ezmlm list through command line, I am searching using google to find out how to do it. It’s a command that I run once every three or four months.

Today I decided to make a post for this ezmlm command in order to find it, easily on my blog!

 

ezmlm-list /full-path-to-list-directory/mod

 

As an addition to this post, I will show the way to remove a moderator from an ezmlm list:

ezmlm-unsub /full-path-to-list-directory/mod mail@example.com

 

install trac 1.1.2-dev on ubuntu 12.04

I tried to make a good tutorial to figure out, how to install trac 1.1.2-dev on ubuntu 12.04. This was mainly done as a walkthrough for me, and I hope that you ‘ll find nice too.

I asume that you have a fresh install of ubuntu 12.04, so you firstly have to do:

sudo apt-get update
sudo apt-get upgrade.

Out of our scope I am just saying that, I allways want to take the role of root, even on an ubuntu linux system so the first thing I do is:

sudo passwd root

after setting a password for a root user, you are able to do:

su

and then you are logged in a root session.

One more thing that helps me a lot is to set bash_autocompletion for root user. This is tricky and easy in Ubuntu. You have to edit the the .bashrc file in your home directory. For the root user is:

/root/.bashrc

so lets do it:

vi /root/.bashrc

and then just comment out the 3 last lines in this file and more accurately these 3 lines:

if [ -f /etc/bash_completion ] && ! shopt -oq posix; then
 . /etc/bash_completion
fi

now we are ready to proceed to the installation guide.

install trac 1.1.2-dev on ubuntu 12.04

lets apt-get install all packages needed:

apt-get -y install python-setuptools python-genshi python-genshi-doc mysql-client-5.5 mysql-server-5.5 python-mysqldb python-babel python-docutils enscript subversion git apache2 libapache2-mod-python mercurial python-dev python-pygments

I hope that I haven’t forget a package 😛

Database preparation

At the time of installing mysql-server-5.5 you will be asked to set a root password for the database server. Choose one to enter. After the successful installation of mysql server and all the other package, lets prepare our database server for the trac installation.

use the mysql client you just installed:

mysql -u root -p

enter the root password you have chosen

In this section I have to say that for each trac project you will need a database, so lets the database a relative name. I named mine trac_myproject. So enter on mysql console the following commands:

CREATE DATABASE trac_myproject DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_bin;
GRANT ALL ON trac_myproject.* TO tracuser@localhost IDENTIFIED BY 'tracpass';
flush privileges;

tracuser and tracpass in the above example are just example names.

Now write down the db connection string, that you will need when you will create your first trac project.

mysql://tracuser:tracpass@localhost:3306/trac_myproject

As an advice I ‘ll say that you shouldn’t use the char @ as member of the password beacuse trac will fail to make the connection to the database.

Once we are ready with the database lets get our hands dirty with trac!

Trac latest dev and TracMercurial plugin installation

we have to get the sources for the trac and TracMercurial:

I got the clones of these repositories to my root directory:

cd /root

clone repositories

svn co http://svn.edgewall.org/repos/trac/trunk/
hg clone http://hg.edgewall.org/trac/mercurial-plugin#1.0

install trac

get into the directory trunk

cd trunk
python setup.py install

install TracMercurial

get into mercurial-plugin directory

cd ../mercurial-plugin
python setup.py bdist_egg

After this procedure a python egg file has been created for the plugin, which we will copy into our project’s folder later. After this procedure we can use trac commands to create environment to create projects and more.

Create our trac environment directory

We can now create our trac environment diractory. You can initialize anywhere you want. My opinion is to create a directory under /usr/share/ directory named trac. Under this directory you can deploy your trac projects. Keep in mind that this directory will be exposed to web access.

mkdir /usr/share/trac
trac-admin /usr/share/trac/myproject initenv

now you will  be asked for a name of the project and the db connection string for this project ( mysql://tracuser:tracpass@localhost:3306/trac_myproject )

chown -R www-data:www-data /usr/share/trac/myproject

with the trac-admin command we created and initialized a project environemnet. Now you can create and initialize as much projects as you want under /usr/share/trac directory

We changed the group and owner of the project directory to apache user (www-data) to the project because we will now setup apache with mod_python module to serve the trac projects.

Apache Configuration

Usually main apache configuration file is /etc/apache2/apache2.conf, and we will edit it a litle to use python module for apache.

vi /etc/apache2/apache2.conf

Add the following lines at the end of the file:

<Location "/trac">
SetHandler mod_python
PythonInterpreter main_interpreter
PythonHandler trac.web.modpython_frontend
PythonOption TracEnvParentDir /usr/share/trac
PythonOption TracUriRoot /trac
</Location>

You should now check if module mod_python is enabled. Check if a file python.load exists under /etc/apache2/mods-enabled/ directory. If it does not exist create it your self:

vi /etc/apache2/mods-enabled/python.load

and add this line to the file:

LoadModule python_module /usr/lib/apache2/modules/mod_python.so

 

Basic Authentication

If you want basic authentication via apache then add to the /etc/apache2/apache2.conf file the following lines:

vi /etc/apache2/apache2.conf

add the following

<LocationMatch "/trac/[^/]+/login">
 AuthType Basic
 AuthName "Trac"
 AuthUserFile /etc/trac/trac.htpasswd
 Require valid-user
</LocationMatch>

save and exit

mkdir /etc/trac
htpasswd -c /etc/trac/trac.htpasswd admin

enter a password for the admin user

Now restart apache:

service apache2 restart

You can now visit the http://your-ip/trac/ or if you want to visit it locally http://127.0.0.1/trac/

I installed trac to a remote server so I visit my projects by using it’s ip. Keep in mind that you should check for firewall settings to allow access to port 80.

Configure the project to use TracMercurial

now we should copy the python egg file we created when installing the TracMercurial plugin into project’s plugin directory.

cp /root/mercurial-plugin/dist/TracMercurial-1.0.0.3dev-py2.7.egg /usr/share/trac/myproject/plugins/.

the name of the egg may vary depending of the dev version.

now lets make a profile for the mercurial, because it will be needed at next steps.

vi /root/.hgrc

and add the following lines by your needs.

[ui]
username = Administrator <admin@trac>

Ofcourse this is a test environment, and we will create the repository inside the trac project directory. In an mercurial server environment you can include the actual repository directories.

mkdir -p /usr/share/trac/myproject/hg/
cd /usr/share/trac/myproject/hg/

now lets init a hg project

hg init (project-directory)
cd (project-directory)
------
(add some files)
------
hg add
hg commit -m 'Initial commit'

Our last configuration step is to configure project see the repository

vi /usr/share/trac/myproject/conf/trac.ini

check if these lines exist and if not, add them

[hg]
node_format = short
show_rev = yes
[components]
tracext.hg.* = enabled

then under [trac] tag edit the corresponding to match:

repository_dir = /usr/share/trac/myproject/hg/(project-directory)
repository_type = hg

now you should do one more time:

chown -R www-data:www-data /usr/share/trac/myproject
service apache2 restart

I hope that all work fine!!!

References: