No problem, check out this nice tutorial on email notification for root logins. Keeping track of who logs into your server and when is very important, especially when you’re dealing with the super user account. We recommend that you use an email address not hosted on the server your sending the alert from

1. Login to your server and su to root, I know the irony!

2. cd /root

3. pico .bashrc

4. Scroll to the end of the file then add the following:
echo ‘ALERT – Root Shell Access (YourserverName) on:’ `date` `who` | mail -s “Alert: Root Access from `who | cut -d”(” -f2 | cut -d”)” -f1`” you@yourdomain.comThis e-mail address is being protected from spam bots, you need JavaScript enabled to view it

Replace YourServerName with the handle for your actual server
Replace you@yourdomain.comThis e-mail address is being protected from spam bots, you need JavaScript enabled to view it with your actual email address

5. Crtl + X then Y

Now logout of SSH, close the connection?and log back in! You should receive an email address of the root login alert a few minutes afterwards.

Note: This is a great tool for servers that have multiple admins or if you give someone SSH access for whatever reason, although you should give out the root password to as few people as humanly possible and be sure to change it often.

This will not magically alert you when a hacker runs the latest kernel exploit on your server and logs into SSH because they will create their own SSH/telnet connection. You should keep your system up to date, install a firewall and follow the latest security releases.

No related posts.

Hope that helped a little

And if you want to check out whats happening in the mySql cache just run this comand

mysql -e “SHOW STATUS LIKE ‘%qcache%’;”

Related posts:

1. Linux Server Type: Restoring MySQL SimLink. If you’re unable to restart mysqld and troubleshooting the cause:...

mysqldump -uUSER -pPASSWORD txp_database > txp_database.sql

puts the entire thing in one nicely portable text file.

on a new server it takes

mysql -uUSER -pPASSWORD txp_database < txp_database.sql

to import it.

Related posts:

1. Linux Server Type: Restoring MySQL SimLink. If you’re unable to restart mysqld and troubleshooting the cause:...

The Crontab File’s Syntax
To tell cron what you want it to run, and how often you want it to run it, you need to create a crontab file. A crontab file is just a text file with the following syntax:

Code:

minute hour day-of-month month-of-year day-of-week command

Each of the above columns can be in one of the following formats (these examples are for the minute column):
30
Run command at 30 minutes past the hour.

0-59/10
Run command once every 10 minutes, for entire hour.

15-30
Run command once every minute, from 15 to 30 minutes past the hour.

0,10,50
Run command at 0 minutes past the hour, 10 minutes past the hour, and 50 minutes past the hour.
*
Run command once every minute.

And here’s the range of numbers available for each of the time and date columns:
Minute : 0-59
Hour : 0-23
day-of-month : 0-31
month-of-year : 1-12
day-of-week : 0-6
(0=Sun, 1=Mon, 2=Tue, 3=Wed, 4=Thu, 5=Fri, 6=Sat)
Here’s an example crontab file:

Code:

30 0 * * * ./backup.sh
0,10,50 9-15 * * * ./compute.sh
0-59/10 * * * 1,3,5 ./netgrab.sh
30 0 * * * ./backup.sh

Run the backup.sh script (located in your home directory) at half-past (30) midnight (0), on every day of the month (*), and every day of the year (*), and every day of the week (*).
0,10,50 9-15 * * * ./compute.sh

Run the compute.sh script every 0 minutes, 10 minutes, and 50 minutes past the hours (0,10,50), between 9am and 5pm (9-15), every day of the year.

0-59/10 * * * 1,3,5 ./netgrab.sh

Run the netgrab.sh script every 10 minutes (0-59/10), every Monday, Wednesday, and Friday (1,3,5).

Creating and Submitting Your Crontab File to Cron

There are two methods to create/modify and submit a crontab file:

Method 1
Create a crontab file in a text editor. You can call it whatever you want and save it wherever you like. Now you have to submit the crontab file. To do this enter:
crontab filename
…replacing filename with the location and name of your crontab file e.g. if the file was named crontab and was in your current directory you would enter:
crontab crontab

Method 2

crontab -e
To open your default editor (which is Vi). When saving the file just enter :wq without specifying a Filename; to quit Vi, and automatically submit the crontab file.

Note
When you sumbit a file, a copy of it is stored in the /var/spool/cron directory, with your username as the filename. So if I submitted the file mycron whilst logged into the account laurence, a copy would be stored as /var/spool/cron/laurence. It’s this file the cron daemon uses, and not the master file you created if you used method 1. If you used Method 2 then only one copy of the file exists. Never directly edit files in /var/spool/cron. Cron will not be updated and you can potentially mess things up. Instead use either Method 1 or 2 again, to modify your crontab file.

Listing and Removing Your Crontab File
To display the contents of your crontab file held in the /var/spool/cron directory, enter:
crontab -l
And to remove your crontab file from the /var/spool/cron directory, enter:
crontab -r

Restricting Users
By default only root can submit and modify a crontab file. To allow users to have their own crontab file add their username to the /etc/cron.allow file, e.g:
john
julie
Indicating that john and julie are now permitted to submit their own crontab file.

Putting Theory Into Practice
Here’s a handy little automation exercise for you to try out. It will backup the contents of your home directory to a .tar.gz file each morning at 2.30a.m.
If you haven’t already done so, enter:
su -c ‘pico /etc/cron.allow’
…and add your username to this file to allow you to submit crontab files.
/ 1
If you’re not already in your home directory, enter:
cd
/ 2
Enter:
pico backup
…and enter the following:
rm backup.tar.gz
tar cfz backup.tar.gz .
…then press Ctrl+o to save the file, and Ctrl+x to exit.

/ 3 -
Now make the script executable by entering:
chmod +x backup

/4 -
Enter:
crontab -e

/ 5 -
Press i to enter Insert mode and enter the following:

30 2 * * * ./backup

…then press Esc to return to Command mode, and enter:
:wq
…to exit Vi and submit your crontab file. That’s all there is to it. Now you can spend hours thinking of bigger and better ways to make your life as a system administrator an easy one.

If you don’t have access to cron, consult your local admin. And
remember, in shell you can access the cron manual by doing :

man cron
Or
man crontab

Some good additional links:

1. http://www.clockwatchers.com/cron_main.html
2. http://www.linuxforums.org/tutorial…orial-4017.html

Related posts:

1. Rebuilding/Restarting Exim Mail Server When troubleshooting the Exim log file: tail -f /var/log/exim_mainlog If...

Create a file called database_backup.sh and also an empty directory called mysql_backup. The database_backup.sh script should have the following info :

————————————————-
#!/bin/sh

date=`date ‘+%m-%d-%y’`
mysqldump -u database_username -pdatabase_password database_name > ~/mysql_backup/database_name.$date
————————————————-

Run the script that performs the backup job.

————————————————-
* 23 * * * your_userid /path/to/backup/script
————————————————-

Set this script up to run every night, etc. as a cron job. It will save an sql dump of your database every night in the mysql_backup.

No related posts.

PRM (Process Resource Monitoring) monitors the process table on a given system and matches process id’s with set resource limits in the config file or per-process based rules. Process id’s that match or exceed the set limits are logged and killed; includes e-mail alerts, kernel logging routine and more…

Installation:

First  the package:
wget http://www.rfxnetworks.com/downloads/prm-current.tar.gz

Extract it:

tar xvfz prm-current.tar.gz

The current version of prm as of this writing is 0.5, so lets cd to the 0.5 extracted path:
cd prm-0.5/

And finally run the enclosed install.sh script:
./install.sh

Download the current release of PRM distributed under the GNU GENERAL PUBLIC LICENSE:
- http://www.r-fx.ca/downloads/prm-current.tar.gz

All projects on rfxnetworks.com are free for use and distribution in accordance with the gnu gpl; funding for the continued development and research into this and other projects, is solely dependent on public contributions and donations.

R-FX Networks
ReadMe
http://www.rfxnetworks.com/appdocs/README.prm
Version History:
http://www.rfxnetworks.com/appdocs/CHANGELOG.prm

No related posts.

The compromise is at the root level and a rootkit has been installed. This rootkit will attach to several syscalls within the kernel and begin serving malicious javascript to random web visitors.

This root compromise is not related to cPanel directly, as it has been reported on many different control panels on many different servers. The compromise is at the system level, and only Redhat 4, CentOS 4, and FC6 appear to be vulnerable at this time. We are actively researching this issue and will have an in-depth analysis of current information posted soon.

http://forums.cpanel.net/showthread.php?t=74963&page=10&highlight=centos5

[root\@cpanel ~]# mkdir 1
mkdir: cannot create directory `1': No such file or directory
[root\@cpanel ~]# touch 2
touch: cannot touch `2': No such file or directory

tcpdump -nAs 2048 src port 80 | grep "[a-zA-Z]\{5\}\.js'"

root@server log]# tcpdump -nAs 2048 src port 80 | grep "[a-zA-Z]\{5\}\.js'"
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 2048 bytes
<script language='JavaScript' type='text/javascript' src='ateyc.js'></script>
<script language='JavaScript' type='text/javascript' src='taopp.js'></script>
1311 packets captured
2627 packets received by filter
0 packets dropped by kernel

No related posts.

I will use the following software:

• Web Server: Apache 2.2 with PHP 5.1.6
• Database Server: MySQL 5.0
• Mail Server: Postfix
• DNS Server: BIND9 (chrooted)
• FTP Server: Proftpd
• POP3/IMAP server: Dovecot
• Webalizer for web site statistics

In the end you should have a system that works reliably, and if you like you can install the free webhosting control panel ISPConfig (i.e., ISPConfig runs on it out of the box).

I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

Read the full article here

Related posts:

1. Linux Server Type: Restoring MySQL SimLink. If you’re unable to restart mysqld and troubleshooting the cause:...

mod_gzip – what’s that, anyway?

mod_gzip – serving compressed content by the Apache webserver
mod_gzip is an external extension module for the WWW’s most popular web server Apache, created in autumn, 2000.
Its implementation allows for using the compression method gzip for a significant reduction of the volume of web page content served over the HTTP protocol.

If you are having difficulties with getting mod_gzip to work when compiled with using easyapache, then you can go and use this step by step manual install.

Log into you server using shell and your root account and download mod_gzip-1.3.26.1a.tgz (or whatever the latest version) from sourceforge.net

I used

wget http://optusnet.dl.sourceforge.net/sourceforge/mod-gzip/mod_gzip-1.3.26.1a.tgz
after that

tar -zxvf mod_gzip-1.3.26.1a.tgz
cd mod_gzip-1.3.26.1a

make APXS=/usr/local/apache/bin/apxs
make install APXS=/usr/local/apache/bin/apxs

Then edit your httpd.conf file

pico /etc/httpd/conf/httpd.conf

and add the following (in the AddModule stuff):

first uncomment:

#LoadModule gzip_module libexec/mod_gzip.so
to
LoadModule gzip_module libexec/mod_gzip.so

and

#AddModule mod_gzip.c
to
AddModule mod_gzip.c

and after AddModule mod_gzip.c add this below

<IfModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_can_negotiate Yes
mod_gzip_static_suffix .gz
AddEncoding gzip .gz
mod_gzip_update_static No
mod_gzip_command_version ‘/mod_gzip_status’
mod_gzip_temp_dir /tmp
mod_gzip_keep_workfiles No
mod_gzip_minimum_file_size 500
mod_gzip_maximum_file_size 500000
mod_gzip_maximum_inmem_size 60000
mod_gzip_min_http 1000
mod_gzip_handle_methods GET POST
mod_gzip_item_exclude reqheader “User-agent: Mozilla/4.0[678]”
mod_gzip_item_include file \.html$
mod_gzip_item_include file \.shtml$
mod_gzip_item_include file \.htm$
mod_gzip_item_include file \.shtm$
mod_gzip_item_include file \.php$
mod_gzip_item_include file \.phtml$
mod_gzip_item_exclude file \.js$
mod_gzip_item_exclude file \.css$
mod_gzip_item_exclude file \.wml$
mod_gzip_item_include file \.pl$
mod_gzip_item_include file \.cgi$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/html$
mod_gzip_item_include mime ^text/plain$
mod_gzip_item_include mime ^httpd/unix-directory$
mod_gzip_item_include mime ^application/x-httpd-php
mod_gzip_item_include handler ^perl-script$
mod_gzip_item_exclude mime ^image/
mod_gzip_dechunk Yes
mod_gzip_add_header_count Yes
mod_gzip_send_vary Yes
</IfModule>

Then restart apache with

service httpd restart

That’s about it. There is nothing too typical about installtion and getting it to work, except for in cases where one is using mod_proxy also for proxying a back-end httpd in which case mod_gzip would fail because of a bug. Other than that it works fine.

Compiled tutorial with info from Anup

Oh, and nearly forgot; you can check if you have successfully installed gZip by going here : http://leknor.com/code/gziped.php?

No related posts.

Denial-of-service attack

A denial-of-service attack (also, DoS attack) is an attack on a computer system
or network that causes a loss of service to users, typically the loss of network
connectivity and services by consuming the bandwidth of the victim network or
overloading the computational resources of the victim system.
Attacks can be directed at any network device, including routers and Web, electronic
mail, and Domain Name System servers.

A DoS attack can be perpetrated in a number of ways. There are four basic types
of attack:

1) consumption or overload of system or network resources, such as bandwidth,
disk space, or CPU time
2) disruption of configuration information, such as routing information
3) disruption of physical network components
4) disruption of normal operating-system functionality by exploiting a software
vulnerability.

Attempts to “flood” a network with bogus packets, thereby preventing
legitimate network traffic, are the most common form of attack, often conducted
by disrupting network connectivity with the use of multiple hosts in a distributed
denial-of-service attack or DDoS. Such attacks can consume the resources of
intervening systems and networks over which the attack is transmitted. Other
than incorrectly formed packets or random traffic, two specific sophisticated
means of attack include:

1) a smurf attack, in which ICMP requests are sent to the broadcast address
of misconfigured networks, with a faked, or spoofed, source IP Address set to
the one of the target
2) a SYN flood, in which bogus SYN requests to a service (often HTTP) cause
a server to be overloaded by spawning half-open connections
You can check the current http usage by firing the shell command

top -d2

If you are getting lots of httpd processes, then you have to check if it is
a DoS attack and the server is flooded with SYN packets. You can check this
by the following command.

netstat -nap | grep SYN | wc -l

If you are getting abnormal numbers then your server is under attack.
You can check from which IPs the SYN packets are coming. Give the following
command

netstat -nap | less

You will get all the details of kernel routing table also the IPs from where
the packets are coming. If it is coming from any particular IP then you can
simply block that IP on the server. Or if its from one network then you will
have to block the range of IPs.
If there are multiple IPs which are attacking then you will have to find which
site is under attack.
To check this go to /usr/local/apache/domlogs/
Check how stat’s date is defined. Then run the command “date“.
Check the current time of the server. Then you have to check which site was
under attack before few mins ago. Suppose current time is Sep 15 02:03:38 then
run the command

grep “15/Sep/2005:02:01″ *

It will show you the list of sites accessed at that time. If you see any particular
site is being accessed multiple times, then the site is under attack. You can
chnage the time to check if different sites are under attack. You can suspend
that site to prevent the server from overloading.

Many times the attack hits a particular IP and all the sites having that IP
get attacked. All you have to do is change the IP of those sites and then null-route
that IP.

These are the simple steps you have to follow when attack is going on. Obviously
you have to use your presence of mind while working on it. You will find many
ways to solve this issue.

No related posts.

Here are the simple steps to downgrade the database (this should only be done on a new server without any account on it yet)

Log into SSH as root and modify the cpanel.config

nano /var/cpanel/cpanel.config

search for the mysql version

Ctrl + w , mysql

Now log into WHM and make sure MySQL 4.1 is checked in

Main >> Server Configuration >> Tweak Settings

And now change the version from 5.0 to 4.1

and now you need to run

/scripts/mysqlup –force

to force the downgrade .

No related posts.

$pw is:
";
echo "
" . strtoupper(md5($pw)) . "";
}
?>

No related posts.

The cause of the EasyApache failure, according to the log, was a failure of the package manager, in this case yum.  This was caused by a problem with domain name resolution, which was preventing yum from accessing its mirrors.  Here is what I found:

[root@server ~]# yum check-update
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=5&arch=x86_64&repo=os error was
[Errno 4] IOError: <urlopen error (-2, ‘Name or service not known’)>
Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify its path and try again
[root@server ~]# host mirrorlist.centos.org
[root@server ~]#

Note that no result was returned for mirrorlist.centos.org.  To correct this, I added the following to the top of the /etc/resolv.conf file:

nameserver 4.2.2.1

This is one of the root nameservers.  After I made this change, mirrorlist.centos.org was resolvable, and yum worked correctly:

[root@server ~]# host mirrorlist.centos.org
mirrorlist.centos.org has address 72.21.40.11
[root@server ~]# yum check-update
base                      100% |=========================| 1.1 kB    00:00    
updates                   100% |=========================|  951 B    00:00    
addons                    100% |=========================|  951 B    00:00    
extras                    100% |=========================| 1.1 kB    00:00    
Excluding Packages in global exclude list
Finished

wget.x86_64                              1.10.2-7.el5           base           
[root@server ~]#

Adding a root nameserver to /etc/resolv.conf is meant to be a temporary measure, so you will need to take a look at the other nameservers listed in the file and make sure they are valid recursive nameservers that will do host look-ups for domains that they do not host.

EasyApache should work properly now.

No related posts.

/sbin/ifconfig | grep -i hwaddr

The sequence of hexadecimal digits that appears to the right of eth0 HWAddr (e.g. 08:00:27:ED:DA:8b) is
your network card’s MAC Address

No related posts.

The reason you’re having trouble is because CentOS 5 uses bind-9.3 and CentOS 4 uses bind-9.2 – The changes between these versions is significant enough that cPanel won’t work with it properly.

For instance by default there is no /etc/named.conf file created when bind-9.3 is installed and the default named.conf file for bind-9.3 is significantly different than in older versions.

Until the code is updated to work with bind-9.3, I have found the workaround to be to remove bind-9.3 packages and install bind-9.2 packages as follows:
 

Log into your servers via SSH and firstly we BIND

yum remove bind-*

yum remove bind

Then we ll install the old BIND rpm’s from a mirror closed to you

rpm -Uvh –nodeps http://ftp.monash.edu.au/pub/linux/CentOS/4.6/os/x86_64/CentOS/RPMS/bind-libs-9.2.4-28.el4.x86_64.rpm
rpm -Uvh –nodeps http://ftp.monash.edu.au/pub/linux/CentOS/4.6/os/x86_64/CentOS/RPMS/bind-utils-9.2.4-28.el4.x86_64.rpm
rpm -Uvh –nodeps http://ftp.monash.edu.au/pub/linux/CentOS/4.6/os/x86_64/CentOS/RPMS/bind-9.2.4-28.el4.x86_64.rpm
rpm -Uvh –nodeps http://ftp.monash.edu.au/pub/linux/CentOS/4.6/os/x86_64/CentOS/RPMS/caching-nameserver-7.3-3.noarch.rpm

simlink this
ln -s ../../lib/libcrypto.so.0.9.8b /usr/lib/libcrypto.so.4

service named start

The –nodeps flag is tagged on because of dependency "libcrypto.so.4" for the bind packages.
IMPORTANT!

Run those cPanel SSH comands

/scripts/fixndc
/scripts/rebuildnamedconf

You’ll also need to edit /etc/yum.conf and add a line in the [main] section
 that starts "exclude=" or append to this line if it already exists "bind* caching-nameserver".

nano  /etc/yum.conf

This prevents yum from updating bind-9.2 to bind-9.3 and in the process breaking cPanel.
If you fail to do this when cPanel update is run BIND will get updated and the DNS functionality of cPanel will break.
I hope this helps shed some light on this anoying issue.

PS: To find the dowload mirrors appropiate to your location please go here

http://www.centos.org/modules/tinycontent/index.php?id=13 

No related posts.

uname -a

and to upgrade your kernel

yum update \kernel*

check if your kernel is added to grub

cat /boot/grub/grub.conf

and then reboot

shutdown -rf now

No related posts.

mkdir $HOME/.ssh
chmod -R og= $HOME/.ssh
cd .ssh
nano authorized_keys2

Add your key you created with PuttyGen , make absolutly sure you r key is in one line ONLY , otherwise it wont work!

Adjust your  sshd_config

nano /etc/ssh/sshd_config

to

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys2

No related posts.

Firstly login to your Windows server via Remote Desktop, launch IE, and go to the following address:

http://download.r1soft.com

Click on the Windows Stable link under CDP Agent, and download the latest Windows Agent. Once it is downloaded, run it.

You will see the following screen:

{gallery}winagent1{/gallery}

This is just a typical Windows installation program; follow through the prompts and install it. You will then be shown the following screen:

{gallery}winagent2{/gallery}

 Click on Finish, and the Windows Agent Key Utility will load. Click on Next, accept the license agreement, and you will be presented with the following screen:

{gallery}winagent3{/gallery}

Click on CDP Server Allow, and then click on the "Add Server Key" button (padlock with the little green +).  Leave the protocol as http and the port as 80 (unless your setup is different; if so, adjust accordingly)and enter the host name of your central backup server. Click OK, and the utility will add the backup server key to the server to be backed up.

One last thing to do; open up TCP port 1167 on the server firewall.
This can be done through the Windows Firewall or your hosting control panel (e.g. Plesk).

Everything is now completed on the server to be backed up; now you
just need to add it in the CDP interface. Login as administrator and
click on the New Host button.

{gallery}winagent4{/gallery}

Now fill out the form like this:

Host Name or IP: The IP address/hostname of the server you just installed the agent on.
Host Description: A description of the server you installed the agent on
Host Type: Select "Windows"
Tick the Use Default Network Settings box

Leave both "Licensed Addon Module" checkboxes blank.

Now select the Volume you want the server to place the backups in, check the "Create Disk Safe Next" box, and click on OK.

These settings are usually fine for a standard CDP server setup;
however, keep in mind that your server setup may mean that you need to
use different settings from the ones listed here.

The next page contains Disk Safe configuration settings.

{gallery}agentcompression{/gallery}

The first,
Compression Level, I would recommend setting to at least 1.
Uncompressed backups can use up all the available disk space on your
backup server quickly; setting the Compression Level to 1 can reduce
backup size by up to 50% without too significant a hit on CPU
consumption. Leaving the Defragment setting at 5% is fine.

I would not recommend encryption unless the data you are backing up sensitive data. Now click on OK.

You should now be directed to the host summary page. CDP
automatically attempts to find the host; click on History at the top
and see if it was successful or not.

{gallery}hosthistory{/gallery}

If it was, you can now start the
first backup and setup a recurring backup schedule to your liking in
the Backup and Restore tab in the host’s page.

{gallery}backupandrestore{/gallery}

Here is a brief overview of setting up a recurring backup schedule:

1. Login to CDP as admin
2. Click on the Host
3. Click on the "Backup and Restore" option
4. Click on "Schedule Backup"

Now fill out the settings to your liking. If you have a separate backup drive, I recommend skipping it. 

If you now need to setup a granular MySQL backup using the MySQL addon, click on the MySQL button.

{gallery}agentmysql{/gallery}

Fill out the description and the root username and password of your MySQL server. I recommend changing the Connection Type to Socket File – the default socket file location on CentOS servers is:

/var/lib/mysql/mysql.sock

CDP will now backup your MySQL databases table by table in line with your backup schedule. 

All done, you have setup a Windows server to be backed up by R1soft

No related posts.

First of all, download the latest disc image from the SystemRescueCD website:

http://www.sysresccd.org/Main_Page

Burn it to disc, pop it in the CD drive of the server and boot. Check in BIOS to make sure the cdrom drive has boot priority. Then reboot and the server should boot into SystemRescueCD.

You can pass a number of options to the operating system before it boots; I find the following the most useful:

docache – Load the entire OS into RAM, freeing up the CD drive
rootpass – Define the root password, useful for SSH
dodhcp – Try to enable networking via DHCP

These parameters are passed like so:

rescuecd rootpass=password docache

More options can be viewed by pressing the F keys.

Once you have entered the options you want (always remember to put rescuecd first), press enter to boot. Once the system has booted, you will be presented with a standard root command prompt. If you did not choose DHCP at the boot prompt, you can either do it now by typing:

dhcpcd eth0  (replace eth0 with another network device if necessary)

Alternatively, you can set up the network manually by using this command:

net-setup eth0 

Once the network is setup, you can SSH into the server; SSH is started automatically on boot.

Probably the most useful aspect of a live cd is copying files from a partition on the server hard disk, which is otherwise inaccessible. To mount a partition, first of all get a list of existing partitions:

fdisk -l 

Here is an example output:

Disk /dev/sda: 150.0 GB, 150039945216 bytes
255 heads, 63 sectors/track, 18241 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x0009e255

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1          64      514048+  83  Linux
/dev/sda2              65         586     4192965   82  Linux swap / Solaris
/dev/sda3             587        1108     4192965   83  Linux
/dev/sda4            1109       18241   137620822+   5  Extended
/dev/sda5            1109       18241   137620791   83  Linux

In this case, we will mount the partition sda5. Navigate to the mnt directory:

cd /mnt

Create a directory with the same name as the partition:

mkdir sda5

Now mount the partition with the following command:

mount /dev/sda5 /mnt/sda5

This command should work for most Linux filesystems (ext2, ext3 etc). NTFS filesystems must be mounted by using the NTFS-3g driver; here is an example:

mount -t ntfs-3g /dev/sda5 /mnt/sda5

Once the disk is mounted, you can perform all the usual filesystem operations e.g. read, copy, write, delete. An example scenario would be if a web server had died due to hardware failure and you need to recover a specific home directory. A fast way of doing this is to simply plug in a USB stick using the instructions above and transfer the directory across to that.

Once the USB stick is mounted, browse to the home folder and locate the folder you want to transfer. Then, use the following command:

cp -v -R examplefolder /mnt/sdc1/

Replace examplefolder with the folder name, and sdc1 with the partition name. The -v switch enables verbose mode (so it tells you what its doing in a detail), and -R enables recursive mode, so it goes into the directory and copies all files within it. 

There are a number of partitioning tools included in SystemRescueCD such as cfdisk and parted.

There is also a full graphical environment including tools like gparted for graphical manipulation of partitions. To start the graphical system, just type wizard at the command line.  

No related posts.

First, login to the new server as root. Then browse to the following page:

http://download.r1soft.com/

Click on the Linux Stable link under CDP Agent, and copy the link location of the latest CentOS agent.

Now, go back to the server, and execute the following command:

For 64bit CentOS : wget http://download.r1soft.com/d/linux-agent/1.46.5-x86_64/linux-agent-64-1.46.5-centos.run

For 32bit CentOS : wget http://download.r1soft.com/d/linux-agent/1.46.5-x86/linux-agent-32-1.46.5-centos.run

for newer kernels go to the Pre
Release
section

wget http://download.r1soft.com/d/linux-agent/1.47.0-x86_64/linux-agent-64-1.47.0-centos.run

The link will look different depending on the release you download. Once this has finished, execute the file:

sh linux-agent-64-1.46.5-centos.run

or

sh linux-agent-32-1.46.5-centos.run

If you are installing a custom kernel then you need to install the headers first

yum install kernel-devel

A graphical wizard will appear. Just go through here accepting the defaults; they usually work fine. Once this is done, we need to create the server key. Browse to the following directory:

cd /etc/buagent/server.allow/

Now create a file called the IP of your main backup server.

nano 111.222.333.444 (Your backup server IP)

Browse to your main backup server, login as administrator, click on Options, then click on Server Key. You need to copy this key into the file you just created on the server to be backed up. Once this is done, save the file. The path to the file should look like this:

/etc/buagent/server.allow/SERVER_IP

One last thing to do; open up TCP port 1167 on the server firewall. This can easily be done through a iptables frontend like csf, or just use iptables via the command line.

Everything is now completed on the server to be backed up; now you just need to add it in the CDP interface. Login as administrator and click on the New Host button.

{gallery}winagent4{/gallery}

Now fill out the form like this:

Host Name or IP: The IP address/hostname of the server you just installed the agent on.

Host Description: A description of the server you installed the agent on

Host Type: Select “Linux”

Tick the Use Default Network Settings box

In the “Licensed Add-on Modules” section, you need to tick the Control Panel option if you want CDP to integrate with a hosting

control panel (like cPanel or Plesk), and you need to tick the MySQL module if you want CDP to perform a proper granular (table by

table) backup of the databases on the server.

Now select the Volume you want the server to place the backups in, check the “Create Disk Safe Next” box, and click on OK.

These settings are usually fine for a standard CDP server setup; however, keep in mind that your server setup may mean that you need to use different settings from the ones listed here.

The next page contains Disk Safe configuration settings.

{gallery}agentcompression{/gallery}

The first, Compression Level, I would recommend setting to at least 1. Uncompressed backups can use up all the available disk space on your backup server quickly; setting the Compression Level to 1 can reduce backup size by up to 50% without too significant a hit on CPU consumption. Leaving the Defragment setting at 5% is fine.

I would not recommend encryption unless the data you are backing up sensitive data. Now click on OK.

You should now be directed to the host summary page. CDP automatically attempts to find the host; click on History at the top and see if it was succesful or not.

{gallery}hosthistory{/gallery}

If it was, you can now start the first backup and setup a recurring backup schedule to your liking in the Backup and Restore tab in the host’s page.

{gallery}backupandrestore{/gallery}

Here is a brief overview of setting up a recurring backup schedule:

1. Login to CDP as admin

2. Click on the Host

3. Click on the “Backup and Restore” option

4. Click on “Schedule Backup”

Now fill out the settings to your liking. Do backup the swap partition (CDP will skip it anyway), disable the tmp partition. If you have a second hard drive for backups (for example, for cPanel backups), do not include it.

If you now need to setup a granular MySQL backup using the MySQL addon, click on the MySQL button.

{gallery}agentmysql{/gallery}

Fill out the description and the root username and password of your
MySQL server. I recommend changing the Connection Type to Socket File -
the default socket file location on CentOS servers is:

/var/lib/mysql/mysql.sock

CDP will now backup your MySQL databases table by table in line with your backup schedule.

All done, you have setup a Linux server to be backed up by R1soft

No related posts.