You can check your php memory limit using the phpinfo() function.

You need to create a php file and put into it :

<?php
phpinfo();
?>

This  will show your whole php settings from browser.
To alter the memory limit  you need to create a .htaccess file and put in it :

php_value memory_limit xxM

where  xx is the memory limit in M.

Your memory limit (globally set in php.ini) is 32M at this time. This can be altered

per domain with the .htaccess file mentioned above.

Recently I had to connect to a Microsoft SQL server … I have to say that I’m not a big Windows fan, in fact I’m not at all :), so I had to look for a workaround in order to not connect via Microsoft SQL Server Studio Express. I google it for a while and in the end I’ve found iODBC. This information applies to you if you are within Ubuntu and trying to connect to any type of Microsoft SQL (MSSQL) Server. To install it go into Synaptic Package Manager and search for this packages: iodbc, libiodbc2, libct3, tdsodbc and unixodbc. Or you can install these packages from command line using “apt-get install package“. The executable is located: /usr/bin/iodbcadm-gtk. After that go to home directory into terminal and edit .iodbc.ini file.

Contents of <.iodbc.ini>

[ODBC Data Sources]
ODBCdsn = ODBC Server
[ODBCdsn]
Driver      = /usr/lib/odbc/libtdsodbc.so
Description = ODBC Server
Trace       = No
Servername  = ODBC
Database    =         [name of your database]
[Default]
Driver = /usr/lib/odbc/libtdsodbc.so
We now need to setup the FreeTDS driver which does the translation for communications purposes to MSSQL.[pensacola@pensacola-tech ~]#gedit /etc/freetds/freetds.conf

Contents of <freetds.conf>

[ODBC]
host = xxx.xxx.xxx.xxx   [IP address of your database server]
port = 1433                      [Port of your database server]
tds version = 8.0              [Google:  FreeTDS if you are on a different version of MSSQL]

Startup the iODBC  we installed above.  Goto the User DSN tab.  Click test and authenticate with a valid username and password.

So there it is!

22. June 2010 · 79 comments · Categories: Linux

A Simple Database Backup:

You can use mysqldump to create a simple backup of your database using the following syntax.

mysqldump -u [username] -p [password] [databasename] > [backupfile.sql]

  • [username] – this is your database username
  • [password] – this is the password for your database
  • [databasename] – the name of your database
  • [backupfile.sql] – the file to which the backup should be written.

The resultant dump file will contain all the SQL statements needed to create the table and populate the table in a new database server. To backup your database ‘Data’ with the username ‘pensacola’ and password ‘password’ to a file customdata.sql, you would issue the command:

[pensacola@pensacola-tech ~]#mysqldump -u pensacola -p password Data > customdata.sql

Import your data into your database:

[pensacola@pensacola-tech ~]# mysqldump -u pensacola -p password Data < customdata.sql

Backup of Mysql database using phpMyAdmin:


It is assumed that you have phpMyAdmin installed since a lot of web service providers use it.

  • Open phpMyAdmin.
  • Click Export in the Menu to get to where you can backup you MySql database. Image showing the export menu.
  • Make sure that you have selected to export your entire database, and not just one table. There should be as many tables in the export list as showing under the database name.
  • Select”SQL”-> for output format, Check “Structure” and “Add AUTO_INCREMENT” value. Check “Enclose table and field name with backquotes”. Check “DATA”, check use “hexadecimal for binary field”. Export type set to “INSERT”.
  • Check “Save as file”, do not change the file name, use compression if you want. Then click “GO” to download the backup file.


Restoring a backup of a MySql database with phpMyAdmin:

  • To restore a database, you click the SQL tab.
  • On the “SQL”-page , unclick the show query here again.
  • Browse to your backup of the database.
  • Click Go.

AutoMySQLBackup

There is a script to take daily, weekly and monthly backups of your MySQL databases using mysqldump. You can download this script from here. This can be run using the following:

[pensacola@pensacola-tech ~]#sh automysqlbackup.sh.2.5

This is a very simple way for server administrator …

If you find AutoMySQLBackup valuable please make a donation at:

09. June 2010 · 2 comments · Categories: Linux

Here is a step by step on how to set up shared folders for accessing Windows folders in a Linux guest. VirtualBox Shared Folders on inactive virtual machines are configured through the Settings dialog. This dialog is accessed by selecting the desired virtual machine from the list and clicking the Settings button in the toolbar. Once the settings dialog is displayed, click on the Shared Folders entry to display something like this:

To add a new shared folder, click on the add folder button (the top button containing an icon of a folder with a green plus sign) and select a folder on the host system to be shared with the selected guest. To browse for a specific folder, click the down arrow in the Folder Path text box and select Other… from the drop down menu. Once a suitable folder has been selected, enter a name for the share in the Folder Name field. If the guest operating system is to be denied write access to the folder, ensure that the Read-only check box is selected before clicking the OK button to create the share. Once the shared folder has been configured, start the virtual machine to access the folder.

Shared folders may be configured on a running virtual machine by selecting the Devices->Shared Folders.. menu of the virtual machine window. It will be something like this:

Add a new shared folder by clicking on the add folder button (the top button containing an icon of a folder with a green plus sign) and select a folder on the host system to be shared with the selected guest.

Shared Folders are accessed on Linux guests by mounting the folder at a suitable mount point using the mount command. This can either be an existing directory, or a new directory may be created specifically for this purpose. Use this command: sudo mount -t vboxsf share ~/host

E.g

[pensacola@pensacola-tech ~]#sudo mkdir /media/shared_folder

[pensacola@pensacola-tech ~]#sudo mount -t vboxsf shared_folder /media/shared_folder

The files are now accessible in /media/shared_folder.

Plug in the USB-Serial Port adaptor to one of your USB port, wait for a couple of second, then run:

[pensacola@pensacola-tech ~]#dmesg

The output should be something like this:

usb 2.0: new full speed USB device using uhci_and address 2

usb 2.0: configuration #1 chosen from 1 choice

Then unplug the device and type:

[pensacola@pensacola-tech ~]#lsusb

The output should be similar to this:

Bus 003 Device 001: ID 0000:0000

Bus 002 Device 007: ID 03f0:4f11 Hewlett-Packard

Bus 002 Device 006: ID 05e3:1205

Bus 002 Device 004: ID 15d9:0a33

Plug in the USB-Serial Port converter back, and run “lsusb” again, and you will see
an additional line, like this:

Bus 003 Device 001: ID 0000:0000

Bus 002 Device 007: ID 03f0:4f11 Hewlett-Packard

Bus 001 Device 002: ID 4348:5523 — — — the additional line

Bus 002 Device 006: ID 05e3:1205

Bus 002 Device 004: ID 15d9:0a33

At this point we have the vendor id and the product id of the USB-Serial Port converter, this will enable us to load the linux kernel module “usbserial” to activate the device.
[pensacola@pensacola-tech ~]#sudo modprobe usbserial vendor=0x4348 product=0x5523

After that run again:

[pensacola@pensacola-tech ~]#dmesg

… the output:

usbserial_generic 2.0:1.0: generic converter detected

usb 2.0: generic converter now attached to ttyUSB0

usbcore: registered new interface driver usbserial_generic

Now, the new serial port device is mapped to /dev/ttyUSB0.

Note:  You can instruct Ubuntu to load this module automatically by include the line :  “usbserial vendor=0×4348 product=0×5523 inside “/etc/modules” file.

Here is a simple way to backup your svn repository. Use the following command:

svnadmin dump /repository_path/project > /backup_path/project_backup

 You can test if this is okay by creating a test repository and importing the backup
file to the new test repository.

svnadmin create /repository_path/project1
svnadmin load /repository_path/project1 < /project_backup/project

 After that you cand remove it.

rm -rf /repository_path/project1

 In the end you can create a zip copy to the backup file project_backup
to project_backup.zip.

zip -r project_backup.zip project_backup
01. June 2010 · 2 comments · Categories: Linux

Under the WP admin option menu, WordPress lists four choices for permalink structure:

  1. Default: http://pensacola-tech.com/pensacola/?=123
  2. Date and name based: http://pensacola-tech.com/pensacola/2010/05/10/sample-post/
  3. Numeric: http://pensacola-tech.com/pensacola/archives/123
  4. Custom: /%year%/%monthnum%/%day%/%postname%

Note: The “default” option is to not use permalinks.

There are 2 htaccess rules for all WordPress permalinks:

1. If WordPress is installed in the root directory:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

2. If WordPress is installed in a subdirectory called "pensacola"


# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /pensacola/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /pensacola/index.php [L]
</IfModule>
# END WordPress

That's it... :)Enjoy!

10. May 2010 · 6 comments · Categories: Linux

We all know that it is possible to upgrade Linux distributions. You can upgrade Ubuntu 9.10 to the latest 10.04 Lucid Lynx release, but a clean install is the best way to go if you want to avoid update headaches. Usually this means reinstalling your favorite applications and applying tweaks all over again. Now with Ubuntu 10.04 a script called Ubuntu 10.04 Start Script can help you to install software and tweak the system very easy.

Using this script, you can add popular repositories including Ubuntu restricted extras, Medibuntu, and Getdeb. With a few clicks, you can install a wide range of useful applications such as Dropbox, Google Earth, Google Chrome, VLC media player, Ubuntu Tweak and many others. The script also lets you install different codecs, Java runtime environment, Flash plugin as well as add support for various archive types and DVD playback. In addition to that, the script can apply an assortment of tweaks to the freshly installed system.

In the terminal, switch to the resulting directory and run the script as root using the following command:

[pensacola@pensacola-tech ~]# sudo ./ubuntu-10.04-script

References: https://launchpad.net/ubuntustart/
While it is possible to upgrade Ubuntu 9.10 to the latest 10.04 Lucid Lynx release, a clean install is the best way to go if you want to avoid update headaches. Usually this means reinstalling your favorite applications and applying tweaks all over again — but now with Ubuntu 10.04. A clever script with the imaginative name Ubuntu 10.04 Start Script can help you to install software and tweak the system with a minimum of fuss.While it is possible to upgrade Ubuntu 9.10 to the latest 10.04 Lucid Lynx release, a clean install is the best way to go if you want to avoid update headaches. Usually this means reinstalling your favorite applications and applying tweaks all over again — but now with Ubuntu 10.04. A clever script with the imaginative name Ubuntu 10.04 Start Script can help you to install software and tweak the system with a minimum of fuss.
05. May 2010 · 11 comments · Categories: Linux

Linux Configure rssh Chroot Jail To Lock Users To Their Home Directories Only


rssh support chrooting option. If you want to chroot users, use chrootpath option. It is used to set the directory where the root of the chroot jail will be located. This is a security feature.

A chroot on Linux or Unix OS is an operation that changes the root directory. It affects only the current process and its children. If your default home directory is /home/pensacola normal user can access files in /etc, /sbin or /bin directory. This allows an attacker to install programs / backdoor via your web server in /tmp. chroot allows to restrict file system access and locks down user to their own directory.

Configuring rssh chroot

#Chroot directory: /users.
Note: If possible mount /users filesystem with the noexec/nosuid option to improve security.

# Required directories in jail:

  • /users/dev – Device file
  • /users/etc – Configuration file such as passwd
  • /users/lib – Shared libs
  • /users/usr – rssh and other binaries
  • /users/bin – Copy default shell such as /bin/csh or /bin/bash

# Required files in jail at /users directory (default for RHEL / CentOS / Debian Linux):

  • /etc/ld.so.cache
  • /etc/ld.so.cache.d/*
  • /etc/ld.so.conf
  • /etc/nsswitch.conf
  • /etc/passwd
  • /etc/group
  • /etc/hosts
  • /etc/resolv.conf
  • /usr/bin/scp
  • /usr/bin/rssh
  • /usr/bin/sftp
  • /usr/libexec/openssh/sftp-server OR /usr/lib/openssh/sftp-server
  • /usr/libexec/rssh_chroot_helper OR /usr/lib/rssh/rssh_chroot_helper (suid must be set on this binary)
  • /bin/sh or /bin/bash (default shell)

Note: Limit the binaries which live in the jail to the absolute minimum required to improve security. Usually /bin/bash and /bin/sh is not required but some system may give out error.

A note about jail file system

Note: The files need to be placed in the jail directory (such as /users) in directories that mimic their placement in the root (/) file system. So you need to copy all required files. For example, /usr/bin/rssh is located on / file system. If your jail is located at /users, then copy /usr/bin/rssh to /users/usr/bin/rssh. Following instuctions are tested on:

  • FreeBSD
  • Solaris UNIX
  • RHEL / Redhat / Fedora / CentOS Linux
  • Debian Linux

Building the Chrooted Jail

Create all required directories:
# mkdir -p /users/{dev,etc,lib,usr,bin}
# mkdir -p /users/usr/bin
# mkdir -p /users/libexec/openssh

Create /users/dev/null:
# mknod -m 666 /users/dev/null c 1 3
Copy required /etc/ configuration files, as described above to your jail directory /users/etc:
# cd /users/etc
# cp /etc/ld.so.cache .
# cp -avr /etc/ld.so.cache.d/ .
# cp /etc/ld.so.conf .
# cp /etc/nsswitch.conf .
# cp /etc/passwd .
# cp /etc/group .
# cp /etc/hosts .
# cp /etc/resolv.conf .
Open /usres/group and /users/passwd file and remove root and all other accounts.

Copy required binary files, as described above to your jail directory /users/bin and other locations:
# cd /users/usr/bin
# cp /usr/bin/scp .
# cp /usr/bin/rssh .
# cp /usr/bin/sftp .
# cd /users/usr/libexec/openssh/
# cp /usr/libexec/openssh/sftp-server .
OR
# cp /usr/lib/openssh/sftp-server .
# cd /users/usr/libexec/
# cp /usr/libexec/rssh_chroot_helper
OR
# cp /usr/lib/rssh/rssh_chroot_helper
# cd /users/bin/
# cp /bin/sh .
OR
# cp /bin/bash .

Copy all shared library files

The library files that any of these binary files need can be found by using the ldd / strace command. For example, running ldd against /usr/bin/sftp provides the following output:
ldd /usr/bin/sftp
Output:

linux-gate.so.1 =>  (0x00456000)

libresolv.so.2 => /lib/libresolv.so.2 (0x0050e000)

libcrypto.so.6 => /lib/libcrypto.so.6 (0x0013e000)

libutil.so.1 => /lib/libutil.so.1 (0x008ba000)

libz.so.1 => /usr/lib/libz.so.1 (0x00110000)

libnsl.so.1 => /lib/libnsl.so.1 (0x0080e000)

libcrypt.so.1 => /lib/libcrypt.so.1 (0x00a8c000)

libgssapi_krb5.so.2 => /usr/lib/libgssapi_krb5.so.2 (0x00656000)

libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0x00271000)

libk5crypto.so.3 => /usr/lib/libk5crypto.so.3 (0x00304000)

libcom_err.so.2 => /lib/libcom_err.so.2 (0x00777000)

libdl.so.2 => /lib/libdl.so.2 (0x00123000)

libnss3.so => /usr/lib/libnss3.so (0x00569000)

libc.so.6 => /lib/libc.so.6 (0x00b6c000)

libkrb5support.so.0 => /usr/lib/libkrb5support.so.0 (0x00127000)

libkeyutils.so.1 => /lib/libkeyutils.so.1 (0x00130000)

/lib/ld-linux.so.2 (0x00525000)

libplc4.so => /usr/lib/libplc4.so (0x008c9000)

libplds4.so => /usr/lib/libplds4.so (0x00133000)

libnspr4.so => /usr/lib/libnspr4.so (0x00d04000)

libpthread.so.0 => /lib/libpthread.so.0 (0x0032a000)

libselinux.so.1 => /lib/libselinux.so.1 (0x00341000)

libsepol.so.1 => /lib/libsepol.so.1 (0x00964000)

You need to copy all those libraries to /lib and other appropriate location. However, I recommend using this automated script called l2chroot:
# cd /sbin
# wget -O l2chroot http://www.cyberciti.biz/files/lighttpd/l2chroot.txt
# chmod +x l2chroot
Open l2chroot and set BASE variable to point to chroot directory (jail) location:
BASE=”/users”
Now copy all shared library files
# l2chroot /usr/bin/scp
# l2chroot /usr/bin/rssh
# l2chroot /usr/bin/sftp
# l2chroot /usr/libexec/openssh/sftp-server
OR
# l2chroot /usr/lib/openssh/sftp-server
# l2chroot /usr/libexec/rssh_chroot_helper
OR
# l2chroot /usr/lib/rssh/rssh_chroot_helper
# l2chroot /bin/sh
OR
# l2chroot /bin/bash

Modify syslogd configuration

The syslog library function works by writing messages into a FIFO file such as /dev/log. You need to pass -a /path/to/chroot/dev/log option. Using this argument you can specify additional sockets from that syslogd has to listen to. This is needed if you’re going to let some daemon run within a chroot() environment. You can use up to 19 additional sockets. If your environment needs even more, you have to increase the symbol MAXFUNIX within the syslogd.c source file. Open /etc/sysconfig/syslog file:
# vi /etc/sysconfig/syslog
Find line that read as follows:
SYSLOGD_OPTIONS=”-m 0″
Append -a /users/dev/log
SYSLOGD_OPTIONS=”-m 0 -a /users/dev/log”
Save and close the file. Restart syslog:
# /etc/init.d/syslog restart
If you are using Debian / Ubuntu Linux apply changes to /etc/default/syslogd file.

Set chroot path

Open configuration file /etc/rssh.conf:
# vi /etc/rssh.conf
Set chrootpath to /users
chrootpath=/users
Save and close the file. If sshd is not running start it:
# /etc/init.d/sshd start

Add user to jail

For example, add user pensacola in chrooted jail with the following command:
# useradd -m -d /users/pensacola -s /usr/bin/rssh pensacola
# passwd pensacola
Now pensacola can login using sftp or copy files using scp:

sftp pensacola@my-server.com

pensacola@my-server.com’s password:

sftp> ls

sftp> pwd

Remote working directory: /pensacola

sftp> cd /tmp

Couldn’t canonicalise: No such file or directory

User pensacola is allowed to login to server to transfer files, but not allowed to browse entire file system.

References: http://www.cyberciti.biz/tips/rhel-centos-linux-install-configure-rssh-shell.html#comments

css.php