On my setup, I am using CentOS
Add epel repo
yum install inotify-tools
create a bash script at /usr/ocal/bin/inotify_daemon.sh with entry below:
#!/bin/bash
pgrep inotifywait > /dev/null
if [ $? -eq 0 ]
then
exit
else
inotifywait --format '%w%f %e %T' --timefmt '%Y/%m/%d-%H:%M:%S' -e create,delete,modify,move -mrq /path/to/folder/ |while read file;do echo $file | mail -s "activity alert" myuser@mydomain.com; done &
fi
then create a cron entry at crontab or root cron.
* * * * * /usr/ocal/bin/inotify_daemon.sh
The cron will run and if inotify_daemon.sh get accidentally killed, it will run it again. If already running, then it will exit.
I assume that the server has a working smtp and tested to relay email to a ligit and working email system.
Sample email body once it will work is below:
/path/to/folder/test2 DELETE,ISDIR 2013/06/20-05:11:09
the notification that the folder has been deleted.
Thursday, June 20, 2013
Tuesday, June 18, 2013
chroot sftp
Please update the openssl-server at least
openssh-server-5-xx or
openssh-server-6-xx
CentOS 6.3 has openssh-server-5-xx already.
Ok, assuming that above version has been aquired.
below are my process.. some process are based on results if you google sftp + chroot, just make my self a note to remember.
I am creating a user.sftp user account and sftpusers group as sample.
1. create a group named sftpusers -- groupadd sftpusers
2. mkdir /ftp/sftpusers ---------> this will be my users root home directory.
3. add a user to be used for sftp
useradd -g sftpusers -d /ftp/sftpusers/user.sftp -s /sbin/nologin user.sftp
4. edit the file /etc/ssh/sshd_config
comment out the line that contains:
Subsystem sftp /usr/libexec/openssh/sftp-server
and replaced with:
#----
#Subsystem sftp /usr/libexec/openssh/sftp-server
Subsystem sftp internal-sftp
#----
then append the Match Group entry.
#----
Match Group sftpusers
ChrootDirectory /ftp/sftpusers/%u
ForceCommand internal-sftp
#----
5. create a folder inside /ftp/sftpusers/user.sftp/ and name it anything, here, I named it upload_dir
mkdir /ftp/sftpusers/user.sftp/upload_dir
6. ownership
chown root /ftp/sftpusers/user.sftp
chmod go-w /ftp/sftpusers/user.sftp
chown user.sftp:sftpusers /ftp/sftpusers/user.sftp/upload_dir
chmod u+rwX /ftp/sftpusers/user.sftp
chmod g+rx /ftp/sftpusers/user.sftp
check the owner, should be
drwxr-xr-x. 3 root sftpusers 4096 Jun 17 21:45 user.sftp
7. restart sshd service
when user is able to login via sftp client, if he tries to travserve to other dir..
error will be like below.
ftp> cd /etc/
Couldn't canonicalise: No such file or directory
sftp> ls
Wednesday, May 29, 2013
Postgresql and setting schema search path other than public
Example DB Server: 192.168.1.10
Example DB: company_live_prod
Default Schema: public
Other Schema: com_retail_store
Upon logging on postgres cli, default schema of public will take effect. The ff: will set to change the schema so you can check the tables under that other schema.
assuming that I am now login as postgres and able to access the db on default public schema.
company_live_prod=# \dt
List of relations
Schema | Name | Type | Owner
--------+----------------------------------------------------+-------+------------
public | access_levels | table | xuser
public | to_for | table | xuser
public | super_hierarchy | table | xuser
public | sked01 | table | xuser
so that I can see the tables for the other schema, below command will do.
company_live_prod=# SET search_path TO com_retail_store;
SET
ces_live_final=# \dt
List of relations
Schema | Name | Type | Owner
-----------------+----------------------+-------+---------
com_retail_store | com_assign_module | table | xuser
com_retail_store | com_cart | table | xuser
com_retail_store | com_category | table | xuser
com_retail_store | com_item_storage | table | xuser
com_retail_store | com_manual_upload | table | xuser
com_retail_store | com_point_metrics | table | xuser
(06 rows)
Default schema is now the none public schema.
Example DB: company_live_prod
Default Schema: public
Other Schema: com_retail_store
Upon logging on postgres cli, default schema of public will take effect. The ff: will set to change the schema so you can check the tables under that other schema.
assuming that I am now login as postgres and able to access the db on default public schema.
company_live_prod=# \dt
List of relations
Schema | Name | Type | Owner
--------+----------------------------------------------------+-------+------------
public | access_levels | table | xuser
public | to_for | table | xuser
public | super_hierarchy | table | xuser
public | sked01 | table | xuser
so that I can see the tables for the other schema, below command will do.
company_live_prod=# SET search_path TO com_retail_store;
SET
ces_live_final=# \dt
List of relations
Schema | Name | Type | Owner
-----------------+----------------------+-------+---------
com_retail_store | com_assign_module | table | xuser
com_retail_store | com_cart | table | xuser
com_retail_store | com_category | table | xuser
com_retail_store | com_item_storage | table | xuser
com_retail_store | com_manual_upload | table | xuser
com_retail_store | com_point_metrics | table | xuser
(06 rows)
Default schema is now the none public schema.
Friday, May 24, 2013
How to Reset mysql root password if you forgot it
1. Login as root on the server
2. Stop the mysql service
3. start the mysql service on safemode
command: mysqld_safe --skip-grant-tables
4. Login or if you have a ready alternate console, you can now do mysql command which will login with out password then do the sql command below:
update mysql.user set Password=PASSWORD('NeWPassWord') WHERE User='root';
5. Exit and restart the mysql service as normal restart.
6. You can now login using the new password.
2. Stop the mysql service
3. start the mysql service on safemode
command: mysqld_safe --skip-grant-tables
4. Login or if you have a ready alternate console, you can now do mysql command which will login with out password then do the sql command below:
update mysql.user set Password=PASSWORD('NeWPassWord') WHERE User='root';
5. Exit and restart the mysql service as normal restart.
6. You can now login using the new password.
Friday, April 19, 2013
MYSQL Securing users password
A note on securing users password using hash on mysql
Login inside mysql shell
once login, issue the command
select password('internet');
assuming internet is the clear password
result below for the command:
mysql> select password('internet');
+-------------------------------------------+
| password('internet') |
+-------------------------------------------+
| *797420C584EBF42750EB523104268BA0FD87FBC8 |
+-------------------------------------------+
1 row in set (0.00 sec)
*797420C584EBF42750EB523104268BA0FD87FBC8 secure password that can be use
upon granting DB rights.
mysql> grant select,insert,update on dummy-db.* to 'testuser'@'%.%.%.%' identified by password '*797420C584EBF42750EB523104268BA0FD87FBC8';
Query OK, 0 rows affected (0.00 sec)
Query above will encrypt the defined password of user testuser on access to dummy-db and able to access from any remote ip. If you verify by using the mysql DB and select * from user;
| %.%.%.% | testuser | *797420C584EBF42750EB523104268BA0FD87FBC8 |
the cleartext password would be "internet".
Login inside mysql shell
once login, issue the command
select password('internet');
assuming internet is the clear password
result below for the command:
mysql> select password('internet');
+-------------------------------------------+
| password('internet') |
+-------------------------------------------+
| *797420C584EBF42750EB523104268BA0FD87FBC8 |
+-------------------------------------------+
1 row in set (0.00 sec)
*797420C584EBF42750EB523104268BA0FD87FBC8 secure password that can be use
upon granting DB rights.
mysql> grant select,insert,update on dummy-db.* to 'testuser'@'%.%.%.%' identified by password '*797420C584EBF42750EB523104268BA0FD87FBC8';
Query OK, 0 rows affected (0.00 sec)
Query above will encrypt the defined password of user testuser on access to dummy-db and able to access from any remote ip. If you verify by using the mysql DB and select * from user;
| %.%.%.% | testuser | *797420C584EBF42750EB523104268BA0FD87FBC8 |
the cleartext password would be "internet".
Friday, April 5, 2013
Using proxy on yum and wget
1. do the command "export http_proxy=xxx.xxx.xxx.xxx:yyyy" assuming that you will be using ip address as your proxy and you are login as user or root, the proxy will be exported on your environment.
example:
export http_proxy=192.168.1.1:8080
2. for directly set the proxy at yum configuration. Append the line
proxy=http://192.168.1.1:8080
at /etc/yum.conf
that way, proxy is directly set at yum
thanks to those document found when googling. this is just my reference.
example:
export http_proxy=192.168.1.1:8080
2. for directly set the proxy at yum configuration. Append the line
proxy=http://192.168.1.1:8080
at /etc/yum.conf
that way, proxy is directly set at yum
thanks to those document found when googling. this is just my reference.
Wednesday, March 6, 2013
Dump Certain table from postgresql Server-A to postgresql Server-B
Problem:
Need to Dump Table user_data_login and restore it at Server-B from Server-A
DataBase Name: users_DB
User: postgres
At Server A
as postgres user
pg_dump --table=user_data_login users_DB -f /tmp/users_data.sql
At Server B
assuming that the users_DB.sql has been copied at /tmp/users_data.sql
execute the command below as postgres user
Problem:
Need to Dump Table user_data_login and restore it at Server-B from Server-A
DataBase Name: users_DB
User: postgres
At Server A
as postgres user
pg_dump --table=user_data_login users_DB -f /tmp/users_data.sql
At Server B
assuming that the users_DB.sql has been copied at /tmp/users_data.sql
execute the command below as postgres user
psql -d users_DB -f /tmp/users_data.sql
that's it.
Subscribe to:
Posts (Atom)