Wednesday, May 26, 2010

New link

Thank you for visiting our blog. We have imported the blog to a new link due to some circumstances.



CLICK HERE:

Monday, April 19, 2010

Fedora: Change Root Directory of Httpd

I recently try to install apache on fedora 12. I need to change the root directory to ease me editing file and avoiding permission. It is quite different when I was configuring on ubuntu. After read through several forums I come to this post. So, I won't be crazy for the next time.. haha

The default root directory is at /var/www/html. In my case, I want to change it to /home/user1/web.

Step 1: Edit apache configuration file (as root)
# gedit /etc/httpd/conf/httpd.conf

Find these two lines
DocumentRoot "/var/www/html"
...
...
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/var/www/html">

Then, change to
DocumentRoot "/home/user1/web"
...
...
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/home/user1/web">
Save and close this file.

Step 2: Changing permission
# chmod 711 /home/user1
# chmod -R 755 /home/user1/web

This step is necessary since in fedora, httpd process will be executed by user 'apache', thus permission need to be change.
By default, the permission for each user directory is drwx------, so that other users can't access to files in this directory and its subdirectories.

# setsebool -P httpd_enable_homedirs 1
# chcon -R -t httpd_sys_content_t /home/user1/web

Note: httpd by default is not allowed to access users home directories, see this page

Step 3: Restart apache
# service httpd restart

Hope this will help a little bit :)

References:

Sunday, April 18, 2010

Never Ends

Now, our FYP is finish but research is just begun :)
Erm..I think the blog title need to be changed. Hehe.

Wednesday, February 10, 2010

Setting Up LAMP + memcached on Ubuntu Server 9.10

This post will show a guide on how to setup LAMP with memcached on three machines. Perhaps this will help us on writing technical report..huahuha
We are currently running our performance test on our web and database server using memcached. The test is used to monitor the cpu and memory usage using cacti. Thanks to khairina for SNMP and cacti configuration :)

We have installed LAMP server in two 64-bit machines, whereas 1 machine running apache2 with php5 while another one running MySQL 5.1.
We also have a dedicated memcached server. Since we are using php5, thus we chosen php as our memcached client.
Then it can be simply tested using 'ab' (apache bench).

Step 1: Setting up Web Server (192.168.0.101)
Installing apache2 and php5
$ sudo apt-get install apache2 php5 libapache2-mod-php5

Note: In ubuntu, php5 will use php5-prefork by default

Installing MySQL module for php5
$ sudo apt-get install libapache2-mod-auth-mysql php5-mysql

Then, edit php configuration file to add mysql extension
$ sudo vi /etc/php5/apache2/php.ini

Then add this line
extension=msql.so

Installing memcache module for php5
$ apt-get install php5-memcache

Then, edit php configuration file to add memcached extension
$ sudo vi /etc/php5/apache2/php.ini

Then add this line
extension=memcache.so

To ease us in locating our php file on our web server, we have changed the default location.
Edit /etc/apache2/sites-available/default. Don't forget to backup it first. (use gedit,vi or nano)
$ sudo vi /etc/apache2/sites-available/default

Then, find this two lines.
DocumentRoot /var/www/

Edit it into preferred directory, so it become
DocumentRoot /home/username/web/

Make sure the directory exists
$ mkdir /home/username/web/

Restart apache2
$ sudo /etc/init.d/apache2 restart

Now, we can create our php code inside the web directory.

Step 2: Setting up Database Server (192.168.0.102)
Installing MySQL server 5.1
$ sudo apt-get install mysql-server

Then edit mysql configuration file to bind address so it can be connected from any machines
$ sudo vi /etc/mysql/my.cnf

Edit this line
bind-address = 127.0.0.1
to (MySQL server IP address)
bind-address = 192.168.0.102

then, restart mysql server
$ sudo /etc/init.d/mysql restart

Add a user to enable to mysql client connect from different host (as mysql server) see the manual here

Step 3: Installing Memcached (192.168.0.103)
Get the latest memcached source file (current version is 1.4.4) that can be download from this site. Then, follow this guide

Or simply install using apt-get. In ubuntu 9.10 the memcached version is 1.2.8
$ sudo apt-get install memcached

Create a file, put the php code below and save it as index.php into /home/username/web directory (or /var/www/ if haven't do any changes)


Open web browser the type http://webserver_ipaddress/index.php. Then, the memcached module for php5 can be found in this page as figure below

Now, we can test our web and database server :D

References:

Tuesday, February 9, 2010

SNMP & Cacti Configuration (PART 2)

SNMP configuration updated. Previously, I have posted SNMP & Cacti Configuration. I want to add some additional necessary information to configure which I have done.
Firstly I checked my SNMP if it's working or not:
$snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex

It suppose to return your ip as output like below:


In my case, SNMP is not working and return many different errors. What I have done to solve the problem is just edit snmpd configuration file (snmpd.conf). Below is my snmpd.conf (/etc/snmp/snmpd.conf), you could simply copy paste and try to your PC. (Copy the original file first so you have backup if something happen) -- I put the lines you have to check in red.


##########################################
# EXAMPLE.conf:
# An example configuration file for configuring the ucd-snmp snmpd agent.
#
##########################################
# This file is intended to only be an example. If, however, you want
# to use it, it should be placed in /etc/snmp/snmpd.conf.
# When the snmpd agent starts up, this is where it will look for it.
#
# You might be interested in generating your own snmpd.conf file using
# the "snmpconf" program (perl script) instead. It's a nice menu
# based interface to writing well commented configuration files. Try it!
#
# Note: This file is automatically generated from EXAMPLE.conf.def.
# Do NOT read the EXAMPLE.conf.def file! Instead, after you have run
# configure & make, and then make sure you read the EXAMPLE.conf file
# instead, as it will tailor itself to your configuration.

# All lines beginning with a '#' are comments and are intended for you
# to read. All other lines are configuration commands for the agent.

# PLEASE: read the snmpd.conf(5) manual page as well!

##########################################
# Access Control
##########################################
# YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY
# KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO
# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.

# By far, the most common question I get about the agent is "why won't
# it work?", when really it should be "how do I configure the agent to
# allow me to access it?"
#
# By default, the agent responds to the "public" community for read
# only access, if run out of the box without any configuration file in
# place. The following examples show you other ways of configuring
# the agent so that you can change the community names, and give
# yourself write access as well.
#
# The following lines change the access permissions of the agent so
# that the COMMUNITY string provides read-only access to your entire
# NETWORK (EG: 10.10.10.0/24), and read/write access to only the
# localhost (127.0.0.1, not its real ipaddress).
# For more information, read the FAQ as well as the snmpd.conf(5)
# manual page.

##########################################
# First, map the community name (COMMUNITY) into a security name
# (local and mynetwork, depending on where the request is coming
# from):
# sec.name source community
com2sec local localhost public
com2sec mynetwork 10.101.95.0/24 public

##########################################
# Second, map the security names into group names:
# sec.model sec.name
group MyROSystem v1 paranoid
group MyROSystem v2c paranoid
group MyROSystem usm paranoid
group MyROGroup v1 local
group MyROGroup v2c local
group MyROGroup usm local
group MyRWGroup v1 mynetwork
group MyRWGroup v2c mynetwork
group MyRWGroup usm mynetwork

##########################################
# Third, create a view for us to let the groups have rights to:
# incl/excl subtree mask
view all included .1 80
view system included .iso.org.dod.internet.mgmt.mib-2.system

##########################################
# Finally, grant the 2 groups access to the 1 view with different
# write permissions:
# context sec.model sec.level match read write notif
access MyROSystem "" any noauth exact system none none
access MyROGroup "" any noauth exact all none none
access MyRWGroup "" any noauth exact all all none

#--------------------------------------------

#############################################
# System contact information
# It is also possible to set the sysContact and sysLocation system
# variables through the snmpd.conf file. **PLEASE NOTE** that setting
# the value of these objects here makes these objects READ-ONLY
# (regardless of any access control settings). Any attempt to set the
# value of an object whose value is given here will fail with an error
# status of notWritable.
#Editing this value is optional, i dont do any changes
syslocation Unknown (configure /etc/snmp/snmpd.local.conf)
syscontact Root (configure /etc/snmp/snmpd.local.conf)

End changes. Leave code below this line as it is
################################################

After edit this file, save it. Then restart SNMP. Make sure you restart.
$sudo service snmpd restart

Then, do check again.
$snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex

That's all. :)

Friday, February 5, 2010

Join Freenode

I had joined Freenode :)
I am cool :P

I am using X-Chat (also could use Pidgin, web or other IRC)
$sudo apt-get install xchat

You can use any channel available on freenode. (In the picture, I joined #ubuntu). After connecting to a channel, you could add channel, so dont worry :)
You could also build your own channel.

Done. Happy chatting :)

Friday, January 29, 2010

SNMP & Cacti Configuration

Basically, i refer my SNMP and Cacti installation here. It works nicely. I would like to paste here everything i have done to make it works in my PC.

Below is how the architecture looks since I want Cacti to monitor many devices at a time. Firstly, assign one PC as manager (which Cacti will be installed) and all of devices to be monitored. They are connected using SNMP.


Below is the setting I had done to my manager:

1) Firstly, install SNMP
$sudo apt-get install snmpd

2) Then check
$sudo gedit /etc/default/snmpd

Make sure
# snmpd control (yes means start daemon).
SNMPDRUN=yes

# snmpd options (use syslog, close stdin/out/err).
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'

3) Next,
$sudo gedit /etc/snmp/snmpd.conf

In the line of com2sec setting, I have adjusted as below (slightly different from How-To)
# sec.name source community
com2sec readonly localhost public

If you have your own community, you could use it for better security.

4) Check SNMP configuration
$snmpwalk -Os -c public -v 1 localhost system

(If you use your community, replace 'public' with your community name)

This command will return result something like this:


5) CACTI- Installation
I did exactly like here.

For all other devices, configure SNMP server same like above. That's all :)