New link

Thank you for visiting our blog. We have imported the blog to a new link due to some circumstances.

CLICK HERE:

http://angkatbahu.blogspot.com

Fedora: Change Root Directory of Httpd

I recently try to install apache on fedora 12. I need to change the root directory to ease me editing file and avoiding permission. It is quite different when I was configuring on ubuntu. After read through several forums I come to this post. So, I won't be crazy for the next time.. haha

The default root directory is at /var/www/html. In my case, I want to change it to /home/user1/web.

Step 1: Edit apache configuration file (as root)

# gedit /etc/httpd/conf/httpd.conf

Find these two lines

DocumentRoot "/var/www/html"

...

...

#

# This should be changed to whatever you set DocumentRoot to.

#

<Directory "/var/www/html">

Then, change to

DocumentRoot "/home/user1/web"

...

...

#

# This should be changed to whatever you set DocumentRoot to.

#

<Directory "/home/user1/web">

Save and close this file.

Step 2: Changing permission

# chmod 711 /home/user1

# chmod -R 755 /home/user1/web

This step is necessary since in fedora, httpd process will be executed by user 'apache', thus permission need to be change.

By default, the permission for each user directory is drwx------, so that other users can't access to files in this directory and its subdirectories.

# setsebool -P httpd_enable_homedirs 1

# chcon -R -t httpd_sys_content_t /home/user1/web

Note: httpd by default is not allowed to access users home directories, see this page

Step 3: Restart apache

# service httpd restart

Hope this will help a little bit :)

References:

http://forums.fedoraforum.org/showthread.php?t=233130

Never Ends

Now, our FYP is finish but research is just begun :)

Erm..I think the blog title need to be changed. Hehe.

Setting Up LAMP + memcached on Ubuntu Server 9.10

This post will show a guide on how to setup LAMP with memcached on three machines. Perhaps this will help us on writing technical report..huahuha

We are currently running our performance test on our web and database server using memcached. The test is used to monitor the cpu and memory usage using cacti. Thanks to khairina for SNMP and cacti configuration :)

We have installed LAMP server in two 64-bit machines, whereas 1 machine running apache2 with php5 while another one running MySQL 5.1.

We also have a dedicated memcached server. Since we are using php5, thus we chosen php as our memcached client.

Then it can be simply tested using 'ab' (apache bench).

Step 1: Setting up Web Server (192.168.0.101)

Installing apache2 and php5

$ sudo apt-get install apache2 php5 libapache2-mod-php5

Note: In ubuntu, php5 will use php5-prefork by default

Installing MySQL module for php5

$ sudo apt-get install libapache2-mod-auth-mysql php5-mysql

Then, edit php configuration file to add mysql extension

$ sudo vi /etc/php5/apache2/php.ini

Then add this line

extension=msql.so

Installing memcache module for php5

$ apt-get install php5-memcache

Then, edit php configuration file to add memcached extension

$ sudo vi /etc/php5/apache2/php.ini

Then add this line

extension=memcache.so

To ease us in locating our php file on our web server, we have changed the default location.

Edit /etc/apache2/sites-available/default. Don't forget to backup it first. (use gedit,vi or nano)

$ sudo vi /etc/apache2/sites-available/default

Then, find this two lines.

DocumentRoot /var/www/

Edit it into preferred directory, so it become

DocumentRoot /home/username/web/

Make sure the directory exists

$ mkdir /home/username/web/

Restart apache2

$ sudo /etc/init.d/apache2 restart

Now, we can create our php code inside the web directory.

Step 2: Setting up Database Server (192.168.0.102)

Installing MySQL server 5.1

$ sudo apt-get install mysql-server

Then edit mysql configuration file to bind address so it can be connected from any machines

$ sudo vi /etc/mysql/my.cnf

Edit this line

bind-address = 127.0.0.1

to (MySQL server IP address)

bind-address = 192.168.0.102

then, restart mysql server

$ sudo /etc/init.d/mysql restart

Add a user to enable to mysql client connect from different host (as mysql server) see the manual here

Step 3: Installing Memcached (192.168.0.103)

Get the latest memcached source file (current version is 1.4.4) that can be download from this site. Then, follow this guide

Or simply install using apt-get. In ubuntu 9.10 the memcached version is 1.2.8

$ sudo apt-get install memcached

Create a file, put the php code below and save it as index.php into /home/username/web directory (or /var/www/ if haven't do any changes)

<?php phpinfo(); ?>

Open web browser the type http://webserver_ipaddress/index.php. Then, the memcached module for php5 can be found in this page as figure below

Now, we can test our web and database server :D

References:

https://help.ubuntu.com/community/ApacheMySQLPHP

http://ubuntuforums.org/showthread.php?t=440526

SNMP & Cacti Configuration (PART 2)

SNMP configuration updated. Previously, I have posted SNMP & Cacti Configuration. I want to add some additional necessary information to configure which I have done.

Firstly I checked my SNMP if it's working or not:

$snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex

It suppose to return your ip as output like below:

In my case, SNMP is not working and return many different errors. What I have done to solve the problem is just edit snmpd configuration file (snmpd.conf). Below is my snmpd.conf (/etc/snmp/snmpd.conf), you could simply copy paste and try to your PC. (Copy the original file first so you have backup if something happen) -- I put the lines you have to check in red.

##########################################

# EXAMPLE.conf:

# An example configuration file for configuring the ucd-snmp snmpd agent.

#

##########################################

# This file is intended to only be an example. If, however, you want

# to use it, it should be placed in /etc/snmp/snmpd.conf.

# When the snmpd agent starts up, this is where it will look for it.

#

# You might be interested in generating your own snmpd.conf file using

# the "snmpconf" program (perl script) instead. It's a nice menu

# based interface to writing well commented configuration files. Try it!

#

# Note: This file is automatically generated from EXAMPLE.conf.def.

# Do NOT read the EXAMPLE.conf.def file! Instead, after you have run

# configure & make, and then make sure you read the EXAMPLE.conf file

# instead, as it will tailor itself to your configuration.

# All lines beginning with a '#' are comments and are intended for you

# to read. All other lines are configuration commands for the agent.

# PLEASE: read the snmpd.conf(5) manual page as well!

##########################################

# Access Control

##########################################

# YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY

# KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO

# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.

# By far, the most common question I get about the agent is "why won't

# it work?", when really it should be "how do I configure the agent to

# allow me to access it?"

#

# By default, the agent responds to the "public" community for read

# only access, if run out of the box without any configuration file in

# place. The following examples show you other ways of configuring

# the agent so that you can change the community names, and give

# yourself write access as well.

#

# The following lines change the access permissions of the agent so

# that the COMMUNITY string provides read-only access to your entire

# NETWORK (EG: 10.10.10.0/24), and read/write access to only the

# localhost (127.0.0.1, not its real ipaddress).

# For more information, read the FAQ as well as the snmpd.conf(5)

# manual page.

##########################################

# First, map the community name (COMMUNITY) into a security name

# (local and mynetwork, depending on where the request is coming

# from):

# sec.name source community

com2sec local localhost public

com2sec mynetwork 10.101.95.0/24 public

##########################################

# Second, map the security names into group names:

# sec.model sec.name

group MyROSystem v1 paranoid

group MyROSystem v2c paranoid

group MyROSystem usm paranoid

group MyROGroup v1 local

group MyROGroup v2c local

group MyROGroup usm local

group MyRWGroup v1 mynetwork

group MyRWGroup v2c mynetwork

group MyRWGroup usm mynetwork

##########################################

# Third, create a view for us to let the groups have rights to:

# incl/excl subtree mask

view all included .1 80

view system included .iso.org.dod.internet.mgmt.mib-2.system

##########################################

# Finally, grant the 2 groups access to the 1 view with different

# write permissions:

# context sec.model sec.level match read write notif

access MyROSystem "" any noauth exact system none none

access MyROGroup "" any noauth exact all none none

access MyRWGroup "" any noauth exact all all none

#--------------------------------------------

#############################################

# System contact information

# It is also possible to set the sysContact and sysLocation system

# variables through the snmpd.conf file. **PLEASE NOTE** that setting

# the value of these objects here makes these objects READ-ONLY

# (regardless of any access control settings). Any attempt to set the

# value of an object whose value is given here will fail with an error

# status of notWritable.

#Editing this value is optional, i dont do any changes

syslocation Unknown (configure /etc/snmp/snmpd.local.conf)

syscontact Root (configure /etc/snmp/snmpd.local.conf)

End changes. Leave code below this line as it is

################################################

After edit this file, save it. Then restart SNMP. Make sure you restart.

$sudo service snmpd restart

Then, do check again.

$snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex

That's all. :)

http://www.cyberciti.biz/nixcraft/linux/docs/uniqlinuxfeatures/mrtg/mrtg_config_step_3.php

http://www.debianhelp.co.uk/snmp.htm

Join Freenode

I had joined Freenode :)

I am cool :P

I am using X-Chat (also could use Pidgin, web or other IRC)

$sudo apt-get install xchat

You can use any channel available on freenode. (In the picture, I joined #ubuntu). After connecting to a channel, you could add channel, so dont worry :)

You could also build your own channel.

Done. Happy chatting :)

SNMP & Cacti Configuration

Basically, i refer my SNMP and Cacti installation here. It works nicely. I would like to paste here everything i have done to make it works in my PC.

Below is how the architecture looks since I want Cacti to monitor many devices at a time. Firstly, assign one PC as manager (which Cacti will be installed) and all of devices to be monitored. They are connected using SNMP.

Below is the setting I had done to my manager:

1) Firstly, install SNMP

$sudo apt-get install snmpd

2) Then check

$sudo gedit /etc/default/snmpd

Make sure

# snmpd control (yes means start daemon).

SNMPDRUN=yes

# snmpd options (use syslog, close stdin/out/err).

SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'

3) Next,

$sudo gedit /etc/snmp/snmpd.conf

In the line of com2sec setting, I have adjusted as below (slightly different from How-To)

# sec.name source community

com2sec readonly localhost public

If you have your own community, you could use it for better security.

4) Check SNMP configuration

$snmpwalk -Os -c public -v 1 localhost system

(If you use your community, replace 'public' with your community name)

This command will return result something like this:

5) CACTI- Installation

I did exactly like here.

For all other devices, configure SNMP server same like above. That's all :)

Mysql Cluster with Mysql 5.1 on Ubuntu Server 9.10

We're currently implementing memcached on mysql cluster using mysql 5.1. So, to make it quick, i followed a guide from howtoforge written by Peter Okupski in this site. It works for me.

There are several things need to be concerned before implementing this guide on ubuntu server 9.10.

1. Don't install mysql-server5.1 from the repository using apt-get.
   For me, it's easier to install mysql cluster by using source code in ubuntu. Source code can be downloaded form mysql site. On 'select platform' option, choose 'source code' and download the tar file mysql-cluster-gpl-[version].tar.gz
   (Note: register, it is free!)
   
   
2. Install build-essential package to allow compiling source file
   $ sudo apt-get install build-essential
   
   
3. Install developer's library for ncurses
   $ sudo apt-get install libncurses5-dev
   
   This will avoid an error:
   configure error: No curses/termcap library found
   

Now, it's ready :-)

References:

http://www.howtoforge.com/setting-up-a-loadbalanced-mysql-cluster-with-mysql5.1
http://www.spiration.co.uk/post/1391/

Setting Up Gateway in Ubuntu

I just think how to set up simple gateway server for a LAN. After searched for a while, i found some useful guide (see references).

First, the server machine needs to have at least two interfaces, e.g. eth0 and eth1. In my case, I used eth0 for connecting to internet and eth1 for connecting LAN connection.

It is not necessarily use eth0 to be connected to Internet. It depends on your Internet connection. It could be wlan0, ppp0 etc. This also useful for connecting two different networks.

Assume that your machine will be used as a gateway. This guide will be based on the figure below:


IP address Configuration

In this guide, IP address for each host in LAN need to be configured manually, unless DHCP server is installed.

DNS Server and Gateway

All hosts in LANneed to have same DNS server as your machine has and add the IP address of your machine as a gateway in LAN hosts, so that the IP packets will be route to the Internet through your machine.

Configuration of 'Gateway' machine

Step 1: Find DNS server on your machine

$ cat /etc/resolv.conf

The output will be like this

# Generated by NetworkManager

nameserver 10.1.2.21

nameserver 10.0.0.92

Step 2: Enable IP forwarding

First, check the default value. There are two ways.

Note: 0 means it is disabled

1. using sysctl command.

$ sysctl net.ipv4.ip_forward

net.ipv4.ip_forward = 0

2. cat the file /proc/sys/net/ipv4/ip_forward.

$ cat /proc/sys/net/ipv4/ip_forward

0

Second, change the value temporarily, so that, it will reset to 0 when you have shutting down the machine.

$ sudo sysctl -w net.ipv4.ip_forward=1

Try to check again to see the changed value.

To permanently enable the IP forwarding, you need to edit sysctl configuration file. Use any familiar text editor such as nano, vi and gedit.

$ sudo gedit /etc/sysctl.conf

Find these two lines, and uncomment the second line (remove the # symbol)

Before:

# Uncomment the next line to enable packet forwarding for IPv4

#net.ipv4.ip_forward=1

After:

# Uncomment the next line to enable packet forwarding for IPv4

net.ipv4.ip_forward=1

or simply edit using this command:

$ sudo sed -i 's/#net.ipv4.ip_forward/net.ipv4.ip_forward/g' /etc/sysctl.conf

Then update the change made.

$ sudo sysctl -p /etc/sysctl.conf

Step 3: Configure NAT on IP tables

iptables is very useful for maintain tables of IPv4 packet filtering in linux kernel. It has lots of chain rule. For performing NAT we have the command above (see manual for details):

$ sudo iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE

-t nat, an option of IP table to perform NAT at each packet matching.

-A POSTROUTING. The –A is used for append chain rule of –t and we use POSTROUTING for altering packets as they are about to go out.

-s indicates as source address from where the IP packet can route through the NAT. it should be followed by IP address along with the netmask. In this command it shows and IP address of 192.168.1.0 with subnet mask 255.255.255.0, which need to be written as 192.168.1.0/24. This IP will be used in LAN from 192.168.1.1 - 192.168.1.254. Your machine can use 192.168.1.1 for eth0 interface. (Google IP and subnet mask tutorial)

-o is used for name of an interface via which a packet is going to be sent (POSTROUTING). In this example, we used eth0 since it is the only interface that can be connected to internet.

-j should be followed by target extension. In this option we choose MASQUERADE. This target is only valid in the NAT table, in the POSTROUTING chain. Masquerading is equivalent to specifying a mapping to the IP address of the interface the packet is going out.

Now, restart your network service (not necessary)

$ sudo /etc/init.d/networking restart

We are done configuring IP forwarding, NAT and gateway on your machines. The next step is configuring IP address on LAN hosts.

Configuration of Hosts in LAN

Enter IP address to the hosts in range 192.168.1.2 - 192.168.1.254.

in the gateway field, put the IP address of 'gateway' machine, which is 192.168.1.1

Then, restart the network for linux host. Note that the configuration will be the same for Windows hosts.
Done.

Check internet connection for the hosts in LAN

Hope this will help you. Enjoy!

References:

http://www.debian-administration.org/article/Setting_up_a_simple_Debian_gateway

http://myhowtosandprojects.blogspot.com/2009/01/sharing-internet-on-linux.html