Thursday, 30 June 2011

mysql Couldn't find the mysql server or manager

Solution
Step 1.)

Rem out the line in /etc/my.conf that was setting basedir to /var/lib. As seen below:

user=mysql
#basedir=/var/lib

Step 2.)

Create the directory "/var/run/mysqld" if it does not exist. Then chown that directory to mysql.mysql as below...

mkdir /var/run/mysqld
chown mysql.mysql /var/run/mysqld

Step 3.)

Start the service..

service mysql start

Sunday, 26 June 2011

OpenVPN over Virtual Private Server (VPS)


Environment:
Virtual Private Server (VPS)
  1. OS: CentOS
  2. IP Address: xxx.xxx.xxx.xxx
  3. Virtualization Platform: OpenVZ
  4. VPN Server: OpenVPN
My fresh server ip configuration
# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1  Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING  MTU:16436  Metric:1
RX packets:34 errors:0 dropped:0 overruns:0 frame:0
TX packets:34 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3101 (3.0 KiB)  TX bytes:3101 (3.0 KiB)

venet0 Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-0000-00
inet addr:127.0.0.1  P-t-P:127.0.0.1  Bcast:0.0.0.0  Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
RX packets:30678 errors:0 dropped:0 overruns:0 frame:0
TX packets:29616 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3556848 (3.3 MiB)  TX bytes:4822295 (4.5 MiB)

venet0:0 Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:64.79.205.xx P-t-P:64.79.205.xx Bcast:64.79.205.xx Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1

Client Machine:
  1. Laptop
  2. OS: Windows Vista Business
  3. VPN Client: OpenVPN client for Windows

Scenario:
Server IP Address: xxx.xxx.xxx.xxx
Server Network: 192.168.100.x/24
Client Network: 192.168.1.x/24
Tunnel: 10.8.0.0/30


Installation of OpenVPN server

# tar xzf openvpn-2.1_rc20.tar.gz
# cd openvpn-2.1_rc20
# yum install openssl  ## Install openssl if it is not installes
# ./configure --disable-lzo
# make && make install

#cd openvpn

You will find easy-rsa in openvpn extracted distribution. What I did, I created a directory openvpn in /etc and copied all files from openvpn-[version]/easy-rsa to /etc/openvpn

# mkdir /etc/openvpn
# cp -r /[path]/openvpn-[version]/easy-rsa/* /etc/openvpn


then I executed following from /etc/openvpn

#cd /etc/openvpn
#. ./vars
#./clean-all
#./build-ca

Generating a 1024 bit RSA private key
............++++++
...........++++++
writing new private key to 'ca.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [KG]:
State or Province Name (full name) [NA]:
Locality Name (eg, city) [BISHKEK]:
Organization Name (eg, company) [OpenVPN-TEST]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:LINUX-ANGELS
Email Address [me@myhost.mydomain]: saifurab@gmail.com

Note that in the above sequence, most queried parameters were defaulted to the values set in the vars. The only parameter which must be explicitly entered is the Common Name. In the example above, I used "LINUX-ANGELS".


Generate certificate & key for server

Next, we will generate a certificate and private key for the server.

#./build-key-server server


As in the previous step, most parameters can be defaulted. When the Common Name is queried, enter "server".
Two other queries require positive responses,

"Sign the certificate? [y/n]"
and "1 out of 1 certificate requests certified, commit? [y/n]".


Generate certificates & keys for 3 clients

Generating client certificates is very similar to the previous step.

#./build-key client1
#./build-key client2
#./build-key client3

Remember that for each client, make sure to type the appropriate Common Name when prompted, i.e. "client1", "client2", or "client3". Always use a unique common name for each client.

Generate Diffie Hellman parameters

Diffie Hellman parameters must be generated for the OpenVPN server. On Linux/BSD/Unix:

#./build-dh

Output:

Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time
.................+...........................................
...................+.............+.................+.........
......................................


Key Files

Now we will find our newly-generated keys and certificates in the /etc/openvpn/keys subdirectory. Here is an explanation of the relevant files:


ca.crt, ca.key, dh{n}.pem, server.crt, server.key, client1.crt,client1.key, client2.crt,
client2.key, client3.crt, client3.key


After key generation find sample-config-files in distribution files and copy server.conf to /etc/openvpn

Server Configuration File

#  grep -v # /etc/openvpn/server.conf | grep -v ^$
port 1194
proto udp
dev tun
ca keys/ca.crt
cert keys/server.crt
dh keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.100.0 255.255.255.0"
client-config-dir ccd
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 64.79.200.111"
push "dhcp-option DNS 64.79.200.113"
client-to-client
keepalive 10 120
persist-key
persist-tun
status openvpn-status.log
verb 3


Client Configuration
Download openVPN client for windows through google search and install it on your vista machine. Suppose we are setting up client for client1 certificates.

Assume that we are on vista machine for client1

copy ca.crt, client1.crt, client1.csr, client1.key in [Drivr]:Program FilesOpenVPNconfig
And configure client.ovpn file. See sample file


client
dev tun
proto udp
remote VPN Server IP 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
verb 3

FEW MORE THINGS ON SERVER:
  1. We have to create virtual interface for private IPs. In my case I assigned 192.168.100.100 IP to my server. And I have created a copy of ifcfg-venet0:0 as ifcfg-venet0:1,

    # cat /etc/sysconfig/network-scripts/ifcfg-venet0:1
    DEVICE=venet0:1

    IPADDR=192.168.100.100
    NETMASK=255.255.255.0

  1. When I tried to rung openvpn server on my openVZ platform then I got this error

Note: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (errno=13)

Note: Attempting fallback to kernel 2.2 TUN/TAP interface

Cannot open TUN/TAP dev /dev/tun0: No such file or directory (errno=2)



Solution
  1. Enter mkdir -p /dev/net
  2. Enter mknod /dev/net/tun c 10 200
  3. Enter chmod 600 /dev/net/tun
  4. Enter cat /dev/net/tun to test whether the TUN/TAP device is available:
    1. If you receive the message cat: /dev/net/tun: File descriptor in bad state your TUN/TAP device is ready for use
    2. If you receive the message cat: /dev/net/tun: No such device the TUN/TAP device was not successfully created
    3. We have to enable ip_forwarding and enable NAT by the command below. Masquerade will not work in VPS
# iptables -t nat -A POSTROUTING -j SNAT --to 64.79.205.xx

Run OpenVPN server
# openvpn server.conf

Fri Nov 27 10:10:28 2009 OpenVPN 2.1_rc20 i686-pc-linux-gnu [SSL] [EPOLL] built on Nov 11 2009
Fri Nov 27 10:10:28 2009 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Nov 27 10:10:31 2009 Diffie-Hellman initialized with 1024 bit key
Fri Nov 27 10:10:32 2009 TLS-Auth MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Nov 27 10:10:32 2009 ROUTE default_gateway=191.255.255.1
Fri Nov 27 10:10:32 2009 TUN/TAP device tun0 opened
Fri Nov 27 10:10:32 2009 Note: Cannot set tx queue length on tun0: Operation not permitted (errno=1)
Fri Nov 27 10:10:32 2009 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Fri Nov 27 10:10:32 2009 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Fri Nov 27 10:10:32 2009 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Fri Nov 27 10:10:32 2009 Socket Buffers: R=[135168->131072] S=[135168->131072]
Fri Nov 27 10:10:32 2009 UDPv4 link local (bound): [undef]:1194
Fri Nov 27 10:10:32 2009 UDPv4 link remote: [undef]
Fri Nov 27 10:10:32 2009 MULTI: multi_init called, r=256 v=256
Fri Nov 27 10:10:32 2009 IFCONFIG POOL: base=10.8.0.4 size=62
Fri Nov 27 10:10:32 2009 IFCONFIG POOL LIST
Fri Nov 27 10:10:32 2009 LINUX-ANGELS,10.8.0.4
Fri Nov 27 10:10:32 2009 LINUX-ANGELS,10.8.0.8
Fri Nov 27 10:10:32 2009 Initialization Sequence Completed


Run OpenVPN Client in windows Vista
  1. Execute openVPN GUI as administrator.
  2. You will see an icon on tray. Right click it and click Connect


Now observe client and server

See ifconfig at server
# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1  Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING  MTU:16436  Metric:1
RX packets:34 errors:0 dropped:0 overruns:0 frame:0
TX packets:34 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3101 (3.0 KiB)  TX bytes:3101 (3.0 KiB)

tun0 Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1  P-t-P:10.8.0.2  Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
RX packets:11 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:924 (924.0 b)  TX bytes:0 (0.0 b)

venet0 Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:127.0.0.1  P-t-P:127.0.0.1  Bcast:0.0.0.0  Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
RX packets:31319 errors:0 dropped:0 overruns:0 frame:0
TX packets:30110 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3608634 (3.4 MiB)  TX bytes:4883925 (4.6 MiB)

venet0:0 Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:64.79.205.xx  P-t-P:64.79.205.xx  Bcast:64.79.205.xx  Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1

venet0:1  Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:192.168.100.100  P-t-P:192.168.100.100  Bcast:192.168.100.255  Mask:255.255.255.0
UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1

See different outputs at Client
Ping tun0

C:UsersAdmin>ping 10.8.0.1

Pinging 10.8.0.1 with 32 bytes of data:

Reply from 10.8.0.1: bytes=32 time=363ms TTL=64
Reply from 10.8.0.1: bytes=32 time=363ms TTL=64
Reply from 10.8.0.1: bytes=32 time=363ms TTL=64
Reply from 10.8.0.1: bytes=32 time=363ms TTL=64

Ping statistics for 10.8.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 363ms, Maximum = 363ms, Average = 363ms

Ping OpenVPN server private IP

C:UsersAdmin>ping 192.168.100.100

Pinging 192.168.100.100 with 32 bytes of data:

Reply from 192.168.100.100: bytes=32 time=363ms TTL=64
Reply from 192.168.100.100: bytes=32 time=362ms TTL=64
Reply from 192.168.100.100: bytes=32 time=366ms TTL=64
Reply from 192.168.100.100: bytes=32 time=364ms TTL=64

Ping statistics for 192.168.100.100:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 362ms, Maximum = 366ms, Average = 363ms


C:UsersAdmin>tracert yahoo.com

Tracing route to yahoo.com [69.147.114.224]
over a maximum of 30 hops:

1   331 ms   331 ms   330 ms  10.8.0.1
2   330 ms   330 ms   330 ms  vpsl1-026.vpslink.com [66.249.15.63]
3   331 ms   331 ms   331 ms  po1-br0-tuk.wa.spry.com [64.79.223.1]
4   332 ms   331 ms   331 ms  cr1-tuk-g1-24.bb.spectrumnet.us [216.243.28.129]

5   331 ms   331 ms   331 ms  cr2-sea-B-pc1.bb.spectrumnet.us [208.76.184.69]

6   331 ms   331 ms   331 ms  six.yahoo.com [206.81.80.98]
7   424 ms   423 ms   422 ms  so-2-1-0.pat1.dce.yahoo.com [216.115.96.29]
8   425 ms   459 ms   445 ms  ae2-p140.msr1.re1.yahoo.com [216.115.108.57]
9   425 ms   426 ms   431 ms  gi1-22.bas-a1.re3.yahoo.com [68.142.238.65]
10   423 ms   424 ms   423 ms  b1.www.vip.re3.yahoo.com [69.147.114.224]

Trace complete.

This output clearly shows that now my gateway is 10.8.0.1. After testing I have connected X-Lite for it gets connected through VPN which couldn’t connect without VPN.

May be this is helpful for you

Tuesday, 21 June 2011

What is an addon domain?


An addon domain is a fully functional domain that can be created from within your control panel. Think of it as having multiple hosting packages all sharing the same control panel. You can give them email addresses, forwarders, and more the same way you do for your main domain on the account.

The addon domain will appear as a totally separate domain from your primary domain. There should be no evidence that your domain is an addon domain to incoming traffic when they visit your addon domain.

Sunday, 12 June 2011

How to change your mysql root password using command line

 Change MySQL root user password using mysql sql command
So you wanna change your root password for mysql, huh?
Follow these instructions and know in your heart that you did it, the Agaric Way....

Resolution

MySQL stores username and passwords in user table inside MySQL database.
You can directly update password using the following method to update or change password for user root:
1) Login to mysql server, type following command at shell prompt:
$ mysql -u root -p
2) Use mysql database (type command at mysql> prompt):
mysql> use mysql;

3) Change password for user root:
mysql> update user set password=PASSWORD("NEWPASSWORD") where User='root';

4) Reload privileges:
mysql> flush privileges;
mysql> quit
note: NEWPASSWORD should be replaced with desired password, everything else stays the same...

How do I change MySQL timezone?


The MySQL timezone is set to MST (-7 hours GMT/UTC) and is not configurable by you. MySQL is only capable of having 1 timezone setting per mysql daemon. Therefore, you cannot select NOW() and expect a result in a timezone other than MST.

However, there are ways for you to get results that are in your preferred timezone. First determine how many hours your desired timezone is off from MST. For example, EST is +2 hours. PST is -1 hour.

Knowing the time offset, you can replace all your SQL statements of

SELECT NOW();


with

SELECT DATE_ADD(NOW(), INTERVAL 2 HOUR);


which will give you an EST date result. For a result in PST, you would do:

SELECT DATE_SUB(NOW(), INTERVAL 1 HOUR);


If you are working with time in seconds instead of dates, then factor in the offset in seconds. Because there are 3600 seconds in an hour, and EST is 2 hours later than MST, the following converts timestamps from MST to EST:

SELECT unix_timestamp() + (3600 * 2);

SELECT FROM_UNIXTIME(UNIX_TIMESTAMP() + (3600 * 2));


See the MySQL Manual's Date and Time Functions for more information.

Depending on your application, you may also need to do one of the following (but not both):

1. Find every place in your code where a date or time is displayed to the browser and have a user defined function change it to add or subtract the appropriate number of hours before displaying it.

2. Find every place in your code where dates or times are input into your system and have a user defined function add or subtract the appropriate number of hours before storing it.

How do I create a .my.cnf MySQL preference file?


A .my.cnf file (the period at the beginning of the filename is mandatory) is a file that contains some preset MySQL preferences for you.

If the file does not exist in your home directory (top level directory) of your account, then you can create one using a plain text editor like pico or vi. If you create or edit this file on your own computer and then upload it to the server, you'll need to use a plain text editor like Notepad or Homesite, not MS Word.

Because this file name begins with a period, some FTP programs may give you trouble seeing it in directory listings. At a shell prompt, you can always see it, if it is there, by typing
ls -la /
A basic .my.cnf file has the following lines. A pound sign '#' before any line means that line should be ignored by the MySQL interpreter.
[client]
user = DBUSERNAME
password = DBPASSWORD
host = DBSERVER

[mysql]
database = DBNAME
Where DBUSERNAMEDBPASSWORDDBSERVER and
DBNAME should be replaced with your own correct database username, database hostname, database name and database password. You will not have any of these until you create a database through your Control Panel.

With a correctly setup .my.cnf file, you will be able to get a MySQL Monitor prompt by just typing
mysql
at your shell prompt without any of the arguments such as -h, -u, -p, and without having to explicitly type out your database name. The preferences also work with mysqldump and other mysql related shell commands.

Saturday, 11 June 2011

How to change Base URL in Magento, magento, Ecommerce Site


Sometimes it may be essential to change the BASE URL of Magento.
(Usually when you want to make a similar copy of Magento on another server!)
There are 2 – 3 simple steps involved in this:

Step 1: Edit old URL values in database 
Table: core_config_data
In this table you need to edit the field named value containing specific values in the field named path!
Precisely saying you need to search for web/unsecure/base_url and web/secure/base_url and replace them with new values.
Please refer the images for an example.
OLD Values:
 image
New Values:
image
Step 2: Login to backend and clear Configuration cache! This might be simply not possible and hence skip to next step!
Step 3: Find All entries of old domain name in the cache folder and replace them one by one. Magento retains all configuration cache in /var/cache folder.
This step is  good for Advanced Users who can do file search and replace such strings in one shot ;)
If you are migrating a very big site, then this step will be certainly worth.
I use this “Unix Find Command” very useful in searching:

find . -exec grep -q www.magdummy.cws '{}' ; –print 

Step 3: Now it’s time to clear the cache! (Normal User) As already specified in step2, we know that Magento retains all configuration cache in /var/cache folder.
You can clear the entire contents in this cache folder. Magento regenerates all these files when needed.
Step4: View your new site in the browser. It should now be working fine like the old one ;)
I hope this would work fine for you.
Please leave your comments or I would appreciate any idea that suits best in this case.

Thursday, 9 June 2011

Speeding Up SSH Access


There have been numerous problems that have slowed down SSH connections over the years. All are resolvable today – and could be fixed in modern operating systems, but typically aren’t. Most or all of these resolutions are related to reverse IP lookups: that is, given an IP address find out what DNS name is associated with it. These fixes turn off reverse IP lookups for the SSH client and SSH server.
The most often suggested fix is to add the following to your server configuration (sshd_config):
UseDNS no
This prevents the SSH server from making a reverse DNS lookup – that is, looking up the IP address and finding what DNS name is associated with that IP. Since the reverse lookup often does not respond, then there is a time-out involved and this is what generates the normal delay seen in SSH connections.
However, there are other things as well. In some distributions (such as Debian and Ubuntu) the system is set up to use Avahi. When SSH attempts to connect to a host, it uses Avahi as part of the authentication process. When the system uses mDNS (part of Avahi) to resolve an IP address, this resolves in a large delay until the system comes back.
Fixing this is simple as well: add this line to the SSH client:
GSSAPIAuthentication no
This authentication method triggers Avahi; by disabling GSSAPIAuthentication this skips Avahi altogether. It is also possible to rewrite the /etc/nsswitch.conf file to do the same thing. Changing the nsswitch.conf file affects the entire system, so be sure this is really what you want.
On my Ubuntu 10.04 system, the original line in nsswitch.conf looks like this:
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
To stop using mDNS entirely, change the /etc/nsswitch.conf file hosts line to this:
hosts: files dns
Reverse IP lookups are a common source of delays for all manner of services (including PPP, Sendmail, and many others!).

Getting and Verifying SSH Fingerprints


Sometimes you may log into a machine, and find that the SSH key has changed. This can happen in a man-in-the-middle attack, but more likely the host has been rebuilt and new keys generated. (This is a good reason to save and restore the SSH keys during a rebuild.)
So how do you check the fingerprints?
You can do it over the network by pulling down the public keys from the remote server:
ssh-keyscan -p 22 -t rsa,dsa remote_host > /tmp/ssh_host_rsa_dsa_key.pub
(Replace remote_host with the appropriate name or IP address.) Then you generate fingerprints from this file:
ssh-keygen -l -f /tmp/ssh_host_rsa_dsa_key.pub
However, if you are investigating why your keys changed mysteriously, you don’t want to do this over the network. Log into the actual server through other means (such as a management console or a KVM console) and generate fingerprints directly:
ssh-keygen -lf /etc/ssh/ssh_host_dsa_key
ssh-keygen -lf /etc/ssh/ssh_host_rsa_key
Then compare this with what you got over the network. If they match, you should be alright; if not, there are some serious problems.
If the fingerprints don’t match, you should do a network scan for ARP requests and see who is answering the ARP requests for the relevant IP address. Scan for ARP requests as you do a ping. If there are two hosts, then they will “fight” each other for an ARP entry, and you should see both responding.
Once you know the Ethernet address of the mysterious host, then chase it down by tracking where the ARP traffic is going by looking at router (or switch) interfaces.

How to resolve the '/bin/rm: Argument list too long' error


root@dwarf /tmp # rm spam-*
/bin/rm: Argument list too long.
Ever seen this error in Linux when you have too many files in a directory and you are unable to delete them with a simple rm -rf *? I have run into this problem a number of times. After doing a bit of research online I came across a neat solution to work around this issue.
find . -name 'spam-*' | xargs rm
In the above instance the command will forcefully delete all files in the current directorythat begin with spam-. You can replace the spam-* with anything you like. You can also replace it with just a * if you want to remove all files in the folder.
find . -name '*' | xargs rm
We have covered the Linux find command in great detail earlier. Xargs is Linux command that makes passing a number of arguments to a command easier.