How to configure Ubuntu 12.04 with Gmail SMTP

For this we need Ubuntu 12.04 LTS installed in your physical or virtual system. 

Lets get started with this,

We need to install required packages for the same,

sudo apt-get install mailutils postfix libsasl2-2 ca-certificates libsasl2-modules

When you install postfix for the first time, system will ask you for the smtp domain name and smtp type. Select "Internet Site" and "smtp.yourdomain.com" where ever applicable. (Where 'yourdomain.com' is your working domain name)

Now lets start configuring SMTP in postfix.

sudo vim /etc/postfix/main.cf

(Edit configuration file, so that it looks like this..)

relayhost = [smtp.gmail.com]:587

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_use_tls = yes

(Save & Exit)

Now your google user name and password goes in this file:

vim /etc/postfix/sasl_passwd

(Edit as below)

[smtp.gmail.com]:587    <GMAILUSERNAME>:<GMAILPASSWD>

(Save & Exit)

Lets make sure postfix can read this file and not everyone else:

sudo chmod 400 /etc/postfix/sasl_passwd

sudo postmap /etc/postfix/sasl_passwd

Lets use the certificate for the authentication:

cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem | sudo tee -a /etc/postfix/cacert.pem

and finally lets restart the postfix service:

/etc/init.d/postfix reload

Now let's test our configuration if its working or not:

echo "Test email from Postfix" | mail -s "Test Postfix" USERNAME@gmail.com

Verify is the mail is sent:

tail -f /var/log/mail.log

If required we can also add your gmail account in aliases:

vim /etc/aliases

root: GMAILADDRESS@gmail.com

(save & exit)

newaliases

Thanks for the visit

:)

Working with apt-get and dpkg package manager tools of 'Debian'

First of all we are going to work with Apt-get package manager. For those who are already familiar with Yum of Red Hat based distros may find this quite identical tool. Apt-get pulls and installs packages from the online repository to ease your pain to find, download and install packages and its dependency manually.

You have to be root using for the following hands-on, Let's get started:

root@yogeshkk21:~# apt-get update

This command pulls package information from repository server and caches the same locally

root@yogeshkk21:~# apt-cache search nginx

We can search for a specific package in the entire cache using this command


root@yogeshkk21:~# apt-get install nginx

This command is to install a package

root@yogeshkk21:~# which nginx

To verify nginx is installed

root@yogeshkk21:~# apt-cache search apache2

Let's search for Apache2 package as well

root@yogeshkk21:~# apt-get install apache2

And Install it same as nginx

root@yogeshkk21:~# apt-get remove ngnix

Now, let's learn How to remove it

root@yogeshkk21:~# apt-get remove --purge nginx

apt-get remove only removes the binary, but keeps associated library and configuration files. So to remove everything, use purge.

root@yogeshkk21:~# apt-get autoremove

This command removes unnecessary packages alongside the removed package

root@yogeshkk21:~# which ngnix

Let's verify

root@yogeshkk21:~# apt-get remove apache2 ; apt-get autoremove apache2

This removed apache2 package along with unnecessary packages of it

root@yogeshkk21:~# which apache2

Let's verify again

root@yogeshkk21:~# apt-get install apache2

Let us install apache2 package again

root@yogeshkk21:~# apt-get upgrade

This command allows you to upgrade any packages required for apache2

root@yogeshkk21:~# apt-get dist-upgrade

This command allows you to upgrade distribution kernel if available

Now if we talk about dpkg package manager, it's the little bit different from the apt-get. This does not pull the dependencies automatically like apt-get does. Let's see:

root@yogeshkk21:~# wget https://www.dropbox.com/download?dl=packages/ubuntu/dropbox_2015.02.12_amd64.deb

Let's try to install Dropbox application on our Ubuntu 12.04 distro.

root@yogeshkk21:~# mv download\?dl\=packages%2Fubuntu%2Fdropbox_2015.02.12_amd64.deb dropbox.deb

Let's rename this downloaded file to something more simple.

root@yogeshkk21:~# dpkg -i dropbox.deb

To install the Deb file, use -i option. Now you will see that lots of dependency errors are been thrown at you. Its simply because, dpkg can't pull all those dependency for you. So, what now? Should I download and install them manually? No, there is a way out.

root@yogeshkk21:~# apt-get update

Let's update our cache once again

root@yogeshkk21:~# apt-get -f upgrade

And this command will do the job for us. It automatically pulls all the required library packages along with other dependencies. Nice, right?

root@yogeshkk21:~# dpkg -i dropbox.deb

Now, let's try that deb file again for installation. And you will notice, it gets installed! :)

root@yogeshkk21:~# which dropbox

Let's verify! Worked well.

root@yogeshkk21:~# dpkg --get-selections

Now let's also find out, how can we list all installed packages. This command will do the magic for us.

root@yogeshkk21:~# dpkg --get-selections  |grep -i dropbox

We can find specific package name from the output using grep.

root@yogeshkk21:~# dpkg --remove dropbox

Just like apt-get we have remove command as well in dpkg and it removes all binary for us.

root@yogeshkk21:~# dpkg --purge dropbox

To remove the application completely, using this command.

So that's how we can use apt-get and dpkg.

HTH ^_^

Above command is tested and worked on:

root@yogeshkk21:~# lsb_release -a
No LSB modules are available.
Distributor ID:    Ubuntu
Description:    Ubuntu 12.04.5 LTS
Release:    12.04
Codename:    precise

How to configure LAMP and Wordpress 4.0 on CentOS 7.0

How to configure LAMP and Wordpress 4.0 on CentOS 7.0 

Lets get started, shall we ;)

Check your IP address:
ip addr

Check available Repos:
yum repolist

If you want to save time, downloading at least 'base' packages, configure local 'base'repo.

First install FTP daemon,
yum -y install vsftpd ftp

Loop mount your DVD ISO to copy packages,

mount -o loop,ro /home/yogesh/Downloads/CentOS7.iso /mnt

To check run,
mount  

Now, create folder,
mkdir -p /var/ftp/pub/Centos7

And copy cd contains to your newly created folder,
rsync -av -P /mnt/* /var/ftp/pub/Centos7/.
restorecon -RFvv /var/ftp/pub/Centos7*

Install createrepo package if not installed,
yum -y install createrepo

Execute createrepo,
createrepo -v /var/ftp/pub/Centos7

Start FTP daemon, and open ftp ports in local host.
systemctl start vsftpd
systemctl enable vsftpd
firewall-cmd --permanent --add-service=vsftp
firewall-cmd --permanent --add-service=ftp

Change default repo,
cd /etc/yum.repos.d/

vim CentOS-Base.repo   <Add following line in 'base' section,

enabled=0

Create local repo,

vim local-base.repo

[localbase]

name=CentOS 7 Local Repo

baseurl=ftp://192.168.1.253/pub/Centos7

enabled=1

gpgcheck=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

Lets also install EPEL repo for CentOS 7,

yum install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-1.noarch.rpm
yum clean all ; yum repolist

Now Let is install LAMP packages. System will not download 'Base' packages present in your DVD.  because of local-repo.

First we will install & configure apache,
yum -y install httpd
systemctl start httpd
systemctl enable httpd
firewall-cmd --permanent --add-service=http
systemctl restart firewalld

We will test with web page later,

Now lets install mariadb database,
yum -y install mariadb-server mariadb
systemctl start mariadb 
systemctl enable mariadb 
mysql_secure_installation 

Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Y
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!

Remove anonymous users? [Y/n] Y

 ... Success!

Disallow root login remotely? [Y/n] 
 ... Success!

Remove test database and access to it? [Y/n] 
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reload privilege tables now? [Y/n] 
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

After mariadb, we will install php.

yum -y install php php-mysql php-gd php-pear
vim /var/www/html/testphp.php

<?php
phpinfo();
?>

You can install GUI Web based php admin console called 'phpmyadmin',

yum -y install phpmyadmin
vim /etc/httpd/conf.d/phpMyAdmin.conf 

Comment and add following lines:

#<Directory /usr/share/phpMyAdmin/>
#   <IfModule mod_authz_core.c>
#     # Apache 2.4
#     <RequireAny>
#       Require ip 127.0.0.1
#       Require ip ::1
#     </RequireAny>
#   </IfModule>
#   <IfModule !mod_authz_core.c>
#     # Apache 2.2
#     Order Deny,Allow
#     Deny from All
#     Allow from 127.0.0.1
#     Allow from ::1
#   </IfModule>
#</Directory>

<Directory /usr/share/phpMyAdmin/>
        Options none
        AllowOverride Limit
        Require all granted
</Directory>

Now open following file:

vim /etc/phpMyAdmin/config.inc.php 

<And  replace 'cookie' with 'http' in following line>

$cfg['Servers'][$i]['auth_type']     = 'http';    // Authentication method (config, http or cookie based)?

Now restart httpd daemon,
systemctl restart httpd

Now your are ready with LAMP server!! :D

Lets see how do we install Wordpress 4.0 (Latest) in the same,

Lets first add hostname in following hosts file,
vim /etc/hosts
192.168.1.25    centos7.localdomain   centos7   <Change as per your hostname and IP>

Download latest package file from wordpress,
wget http://WordPress.org/latest.zip

Unzip and copy over to http root,
unzip latest.zip 
cp -R wordpress/. /var/www/html/

Also make sure you have taken care of Selinux context(If you are using selinux in enforcing mode)

getsebool -a |grep home
setsebool -P httpd_enable_homedirs on
restorecon -RFvvv /var/www/html/*

Now lets setup mariadb for wordpress database,

mysql -u root -p

Enter password: 
MariaDB [(none)]> create database wpdb;
Query OK, 1 row affected (0.01 sec)

MariaDB [(none)]> GRANT ALL ON wpdb.* TO wpuser@localhost IDENTIFIED BY 'centos';
Query OK, 0 rows affected (0.01 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> exit
Bye

Next we have to get a sample file to configure wordpress. This sample file is already shipped in package. Simply copy it and change values in it,

cd /var/www/html/
cp wp-config-sample.php wp-config.php
vim wp-config.php 

define('DB_NAME', 'wpdb');                    <Wordpress database name>

/** MySQL database username */
define('DB_USER', 'wpuser');                  <Wordpress user name>

/** MySQL database password */
define('DB_PASSWORD', 'centos');        <Wordpress user password>

Rest just keep default values.

Now, you are ready with Word press. Open your system URL in browser, in my case its, http://192.168.1.253

Word press will ask you for basic inputs like Site Title, Username, password, email address, etc. After providing those you can open and start using your wordpress! 

:)

Happy Wordpressing!!! 

How to configure VNC server in Ubuntu 12.04

Install Gnome basic desktop.

sudo apt-get install gnome-core

when prompted type Y and then press Enter. This will install the gnome desktop components.
Reboot

sudo reboot now -h

To keep the desktop and login window from opening in Ubuntu everytime it starts we want to mask out the few lines which start the service.

sudo vim /etc/init/gdm.conf

The first few lines of the script should look like this once you've edited it:

# gdm - GNOME Display Manager
#
# The display manager service manages the X servers running on the
# system, providing login and auto-login services

description "GNOME Display Manager"
author "William Jon McCann <mccann@jhu.edu>"

#start on ((filesystem
# and runlevel [!06]
# and started dbus
# and (drm-device-added card0 PRIMARY_DEVICE_FOR_DISPLAY=1
# or stopped udev-fallback-graphics))
# or runlevel PREVLEVEL=S)

stop on runlevel [016]

emits login-session-start

esc :wq to save the changes or :q! to start over. Now the desktop and login won't start in Ubuntu.

NOTE: This only installs a basic desktop, if you want to be able to use programs from your virtual desktop, network manager, media players, office, etc, they will need to be installed after vnc server is installed.

Reboot

sudo reboot now -h

We need to install VNC server to be able to interact with the gnome components for the desktop.

sudo apt-get install vnc4server

When prompted type Y and press Enter. This will install VNC Server which is required for running a virtual desktop on another machine.

Next type:

vncserver

You'll then be prompted to create and verify a new password.
We now need to kill the session we just created and make change the startup script for VNCServer to make it work properly.

So, type the following command to kill the session:

vncserver -kill :1

Now type the following command to open up the file we need to edit:

sudo vim .vnc/xstartup

Change it to look like this:

#!/bin/sh

# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
#exec /etc/X11/xinit/xinitrc
gnome-session --session=gnome-classic &

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
#x-terminal-emulator -geometry 1280x1024+10+10 -ls -title "$VNCDESKTOP Desktop" &
#x-window-manager &

 When you're done editing the file press the Esc key once and type :wq
This should save the changes and bring you back to the command line. If you make a mistake editing the file then issue :q! instead of :wq to abort your changes.

Next type the following command to create the VNC Session once more:

vncserver -geometry 1366x750

Now you can access the ubuntu box using:

ubuntubox.example.com:1

Cheers

How to change Local Time zone and configure NTP

If you want to set time yourself try the following command:

date 07241503

where 07 is month, 24 is date, 15 is hour and 03 is minute.

Or if you want to use NTP server, use the following command to synchronize:

ntpdate  0.centos.pool.ntp.org

If ntp server is taking wrong time because of wrong time zone, then you can easily check timezone.

service ntpd stop

cp /usr/share/zoneinfo/Asia/Kolkata /etc/localtime 

ntpdate  0.centos.pool.ntp.org

service ntpd start

chkconfig ntpd on

:)

Thanks,

(The above is tested on CentOS 6.5 - Suitable for CentOS 5,6,6.x and RHEL5,6,6.x)

How to configure LDAP client on RHEL 6.x


First we have to make sure, that we have LDAP client group installed.

#yum -y groupinstall directory-client

After installing package group, we can configure LDAP client either using GUI tool or using CLI tool:

#system-config-authentication &

GUI Tool for configuration of ldap

                    -OR-


#authconfig  --enableldap  --enableldapauth
--ldapserver=ldapsrv.ynetwork.org  
--ldapbasedn="dc=ynetwork,dc=org"
--enableldaptls 
--ldaploadcacert=http://ldapsrv.ynetwork.org/pub/ynetwork-ca.crt 
--enablesssd 
--enablesssdauth 
--update 

CLI Tool to configure LDAP client

#getent passwd user1        

Assuming you have 'user1' created in LDAP server

#ssh user1@localhost

Test using ssh or su in your local system with ldap user account

Now its not possible to create home directory of all ldap based users in all hosts, so we shall use NFS to automatically mount their home directory with they log in.

#vim /etc/auto.master 

/home/remote /etc/auto.remote

(Assuming /home/remote/user1 is the home directory for 'user1')

#showmount -e ldapsrv.ynetwork.org

Our ldap server can also be a NFS server, hosting home directories for all users, so determine NFS shares using above command.

#vim /etc/auto.remote

user1   -rw   ldapsrv.ynetwork.org:/home/remote/user1

(SYNTAX: username  -options    nfsserver.fqdn:/home/dir)

#service autofs reload

Reload all indirect maps

#ssh user1@localhost

Test again with user1

How to configure LDAP client using kerberos authentication

#yum -y install krb5-workstation openldap-clients

Install required packages for kerberos authentication(Assuming you already have all required ldap packages)

#authconfig  --enableldap  --disableldapauth
--ldapserver=ldapsrv.ynetwork.org  
--ldapbasedn="dc=ynetwork,dc=org"
--enableldaptls 
--ldaploadcacert=http://ldapsrv.ynetwork.org/pub/ynetwork-ca.crt 
--enablekrb5 
--krb5kdc=ldapsrv.ynetwork.org 
--krb5adminserver=ldapsrv.ynetwork.org 
--krb5realm=YNETWORK.ORG 
--enablesssd 
--enablesssdauth 
--update 

(Configuring LDAP with kerberos using cli tool of 'authconfig')

#getent passwd user1

Test your communication using one of the user.

#ssh user1@localhost

Use kerberos password instead of ldap password.

Iptables basic configurations on RHEL 6.x

IPtables on Redhat Enterprise Linux 6.x

Here we will learn iptables packet filtering tool ships along with most RHEL distros. We will concentrate on Filter chain of iptables.

#mkdir -p /root/bin

#cd /root/bin

#vim firewallconf.sh

#!/bin/bash

iptables -F

## Clears all previous rules

iptables -A INPUT -i lo -j ACCEPT

## Allowing all localhost (Local loopback) traffic

iptables -I INPUT -m state --state ESTABLISHED,RELATED -s 192.168.0.0/24 -j ACCEPT

## Allowing all Established and related packets for local network (192.168.0.0 in our case)

iptables -I INPUT -m state --state NEW -s 192.168.0.0/24 -p tcp --dport 22 -j ACCEPT

## Allowing SSH traffic for all new connection 'made' to your local system, only for your local Lan

iptables -A INPUT -j REJECT

## Rejecting all other traffic which is initiated to your local host

<save and exit>

#chmod 755 firewallconf.sh

#./firewallconf.sh

# service iptables save

# iptables -L

<List all written rules in Filter Chain>

# iptables -nvL --line-numbers

<Lists all rules along with all dropped/rejected and accepted packets>