upgrade ubuntu to next release from command line

It is better to update the current installation with latest packages first:

$ sudo apt-get update

Install update manager core if not:

sudo apt-get install update-manager-core

Start the command line upgrade tool

$ sudo do-release-upgrade

svn+ssh with custom port number and public key authentication

To make custom configurations for svn+ssh:

Edit ~/.subversion/config

- add the ssh configuration details under [tunnels]
like:
foobar = /usr/bin/ssh -i /home/foo/.ssh/foobar.private -p 12345

Now use:
svn co svn+foobar://user@svn.test.com/home/test/repos/foobar

create svn repository and initial check in

To create svn repository login to the svn server:

$ sudo -u svnuser svnadmin create --fs-type fsfs /path/to/repository
* we can use bdb as well as db format

To make all the group members privilege to write access the repository:

$chmod g+w /path/to/repository

and add the user to svn group.

To create initial contents:
either you can check out the repository and create the file structure like:

[local_machine]$ svn co svn+ssh://user@svnhost/path/to/repos localdirectory
[local_machine]$ mkdir -p localdirectory/trunk localdirectory/tags localdirectory/branches
[local_machine]$ cd localdirectory; svn commit -m "initial repository structure"

or you can do the same from the svn server itself using file:///

Mysql one way DB replication

One way replication of mysql database:

Mysql replication help us in keeping the data replicated to one or more sites reliably with binary logs. Apart from good amount of advantages Mysql replication doesn't help with data corruption, since the corrupted data is replicated in all slaves. It is good to have periodic backup of database apart from replication.

Replication Steps

- Create database with same name on all servers
> mysql -u db_user -p -e "CREATE DATABASE db_name"

- Create database user with replication privilege on master
> GRANT REPLICATION SLAVE ON *.* TO 'replication_user'@'replication_clients" IDENTIFIED BY 'replication_password'
This can be also supplied with particular database name with ;db_name.*' instead of *.*

- Edit Mysql master configuration (my.cnf) to allow replication
[mysqld]
server-id = 1 # Important with replication
log-slave-updates
log-bin = /var/lib/mysql/mysql-bin
log-bin-index = /var/lib/mysql/mysql-bin.index
replicate-do-db = db_name # specify the dbs to replicate
log-warnings
innodb_flush_log_at_trx_commit=1
sync-binlog=1
innodb_safe_binlog

- Take dump of master db and put them on all replicas

use db_name;
FLUSH TABLES WITH READ LOCK;


$ mysqldump -u dbuser -p db_name > db_dump.sql
install on slaves
$ mysql -u dbuser -p db_name > db_dump.sql


use db_name;
UNLOCK TABLES;


- Edit mysql configuration on replicas with master credentials

[mysqld]
old_passwords=1
server-id=2
innodb_file_per_table
log-slave-updates
master-host = master_hostname
master-port = master_port
master-user = master_user
master-password = master_password
log-bin = /var/lib/mysql/mysql-bin
log-bin-index = /var/lib/mysql/mysql-bin.index


Restart the Mysql daemon on all servers and check the replication status:
Master: > show master status;
Replicas: > show slave status;

Share internet with MAC OS X

There are situations we need to share internet connection from one machine, MAC support to share internet
From: Firewire, Ethernet, Airport, Bluetooth To: Firewire or Airport or Bluetooth PAN or Ethernet.

Simply get your mac connected to internet, say with ethernet

Enabled Internet sharing:
System Preference --> Sharing --> Internet Sharing

Select source of connection and mode of sharing
If you share via airport you have options to set encryption to avoid anonymous to use your connection.

Also to make your internet kinda nat'd,
Assign different network ip to the airport interface.

Say :
You are connected to internet with a dhcp ip 192.168.10.6 on ethernet port
Assign a different network ip 10.1.1.1 to the Airport interface and set gateway as 192.168.10.6
Configure 10.1.1.2 with gateway 10.1.1.1 on the client machine.

This way all the connection will be shown as single ip to the provider ;)

Hardening Apache webserver

Tips to harden apache webserver:

Disable weak SSLV2 siphers
edit ssl.conf and add
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:+EXP

Restrict apache to giveout minimum informations
Edit httpd.conf and change
ServerTokens ProductOnly

Disable track and trace in every virtual hosts
LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]

Always better to configure apache to Loan minimal/required modules and include only necessary config files.

./arun

Mysql backup script

To backup mysql on a daily/hourly basis with time stamp and compress it after backup also it will remove the files older than x days.

#!/bin/bash
# Arun N S
# variables
DATE="$(date +"%d-%m-%Y")"
TIME="$(date +"%d-%m-%Y-%H%M")"
USER=username
PASSWORD=password
DATABASE=dbname



# Directories and dump
/bin/mkdir -p /backup/Mysql/$DATE
/usr/bin/mysqldump -l -F -u $USER --password=$PASSWORD $DATABASE > /backup/Mysql/$DATE/backup_$TIME.sql



# Compressing
/usr/bin/bzip2 /backup/Mysql/*/*.sql



#Removing files older than x days eg: 90 days
for i in `/usr/bin/find /backup/Mysql/ -maxdepth 1 -type d -mtime +90 -print`; do
/bin/echo -e "Deleting old directories $i"; /bin/rm -rf $i; done


Fix for - - mixing * ports and non-* ports with a NameVirtualHost address is not supported

If you happend to see this error in apache logs,

- mixing * ports and non-* ports with a NameVirtualHost address is not supported, proceeding with undefined results

Check your apache configuration, to make sure that there is no VirtualHost defined without port numbers like : <VirtualHost 127.0.0.1>, if existing fix it with port number.

Mysql Queries and Tips

Some useful database queries:

login to mysql database:

$ mysql $database_name -u $user_name -h $host_name -p

Take a dump by locking transactions

$ mysqldump -l -F $database_name -u $user_name -h $host_name -p > file.sql
*need lock table and read privilege from the host you trying

Take backup of only some tables
$ mysqldump -l -F $database_name -u $user_name -h $host_name --tables $tables_name -p > file.sql

Take backup of only database structure , without data
$ mysqldump -l -F -d $database_name> -u $username -h $hostname -p > file.sql

List the permissions assigned for a user
login to mysql:
> show grants for 'user'@'hostname';


sed tips

Remove trailing space from a file using sed

$cat | sed 's/[ \t]*$//' >

Find Tips

Remove files older than certain days (using find/mtime)
find -name "" -mtime +N -exec rm -r {} \;

Eg : find /var/log/ -name "*.log" -mtime +5 -exec rm -r {} \;
This will remove the *.log files older than 5 days in directory /var/log/

Find with file type

directories : find / -type d -print0
files: find / -type f -print0

Remove held messages from mailman queue

If you have too many mails/spams tend to pending moderator requests in mailman queue it can be removed by:

$ cd ~mailman
$ bin/discard /var/lib/mailman/data/heldmsg--*

And if the no. of argument list exceeds you can try:

$ find /var/lib/mailman/data -name heldmsg--\* -print | xargs bin/discard

* the path of mailman depends on your implementation anyway.