Privileges Access Root, Ex/Import File .csv, VHOST HTTP, Scalpel, and Little Sequel from Maisikwel

Dulu saya mengira banyaknya catatan2 hasil struggle saya cukup disimpan di personal computer. Tapi kok rasanya saya terlalu naif ya, dan kadang2 perlu juga diakses dari segala tempat. Sudah hampir ‘seabrek oprekkan (semisal masalah Big Data dengan Hadoop, dll) saya namun cuma ‘secuil yang baru bisa ditulis. Contoh ‘puaaling kecil itu seperti mengatur privileges di sistem UNIX/ Linux. Okelah.. yg lain menyusul saja.

Privileges Access Root
Whatever your level, if you’re registered with gid root, you’ll role is admin you know!!..
~# useradd -u 0 -g 0 -o -G 0,1,2,3,4,6,10 -M johndoe
whereis,
-g, –gid group (force registered group into new account as a root)
-u, –uid group (force registered uid into new account as a root)
-o, –non-unique (non-redundance or non-unique id)
-M, (didn’t create directory user)-G, –groups (regitered group into new account like groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) ).
Then, you can see your level with these params:
~# id <your_account>o

Or

If you debian, you can use these params to register your account id into root:
~# useradd hary
~# passwd hary
~# adduser hary sudo

VHOST HTTP
Thinking you are implementing this method with two different servers. One as act as a forwarder and source or destination web server for the others. Users access as though as destination server In example :
[target web server] <———- [ server balancer with proxypass ] <——-user
This is an example http config on target web server :
/etc/httpd/conf.d/vhost17135.conf
that containing:
Listen 17135
<VirtualHost *:17135>
DocumentRoot /var/www/html/
ErrorLog /home/hary/logs/error_log
CustomLog /home/hary/logs/access_log common
<Directory “/var/www/html/”>
Options -Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>

And, this is an example http config on  balancer server :
/etc/httpd/conf.d/proxypass_to_17135.conf
That containing:
Listen 17135

<VirtualHost *:17135>
ServerAdmin <Host_Public_IP_Server>
ServerName <Host_Public_IP_Server>
ServerAlias <Host_Public_IP_Server>

ProxyRequests On
ProxyVia On
<Proxy *>
Order Allow,Deny
Allow from all
</Proxy>

ProxyPass / http://%5Btarget web server]:[port]/
ProxyPassReverse / http://%5Btarget web server]:[port]/

ErrorLog /var/log/<your_path>/wordpress-forwarding-error_log

RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* – [F]

</VirtualHost>

For the information, above rules should be allowed or controlled by your shorewall, iptables, calamaris etc. It may looks like these if you were using shorewall and your [target web server] has an local ip 10.1.5.32.

#
# Shorewall version 4.0 - Sample Rules File for one-interface configuration.
# Copyright (C) 2006 by the Shorewall Team
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# See the file README.txt for further details.
#------------------------------------------------------------------------------------------------------------
# For information on entries in this file, type "man shorewall-rules"
#############################################################################################################
#ACTION         SOURCE          DEST            PROTO   DEST    SOURCE          ORIGINAL        RATE            USER/   MARK
#                                                       PORT    PORT(S)         DEST            LIMIT           GROUP


# ALLOW  NET to  HOST

Ping(ACCEPT)    net                     $FW
ACCEPT          net                     $FW     tcp     22,80,161,443,3306,5666,9090,9091,5222,97
ACCEPT          net                     $FW     udp     161,3306


# ALLOW  HOST to NET

ACCEPT          $FW             net             icmp
ACCEPT          $FW             net:10.1.5.32,10.1.5.33   tcp     22
ACCEPT          $FW             net             tcp     25,465,80,443,9090,9091,5222,97,10000
ACCEPT          $FW             net             tcp     3306
ACCEPT          $FW             net             tcp     9790
ACCEPT          $FW             net             udp     53

Second, if you want to by pass those port make sure if iptables (if it is do)  is allowing the target server to be accessed and please put these params in wp-config.php if you were using wordpress as a blog.
-A INPUT -p tcp -m state –state NEW -m tcp –dport 17135 -j ACCEPT

define( 'WP_SITEURL', 'http://example.com/path/to/wordpress );
 Dynamically set WP_SITEURL based on $_SERVER['HTTP_HOST']
 define( 'WP_SITEURL', 'http://' . $_SERVER['HTTP_HOST'] . '/path/to/wordpress' );

Ex/Import File .csv
Following step to export and import file into / from .csv file
mysql -h192.168.0.77 -usms -p’sms_pwd!!’ –local-infile mmscms -A
Then (by example, you can merge this params with login actually)

select * INTO OUTFILE ‘/tmp/subscription3.csv’ FIELDS TERMINATED BY ‘,’ LINES TERMINATED BY ‘\n’ FROM subscription where active=’1′ and service=’Video2_99228_Push’;

Using LOAD DATA LOCAL INFILE instead LOAD DATA INFILE, if it couldn’t works

LOAD DATA LOCAL INFILE “/tmp/subscription4.csv” INTO TABLE subscription FIELDS TERMINATED BY ‘,’ ENCLOSED BY ‘”‘ LINES TERMINATED BY ‘\n’ IGNORE 1 ROWS;

It will create file with name user.csv in path /tmp/ on server 192.168.0.76. Next we’ll prove it.
mysqlimport  –ignore-lines=1 –fields-terminated-by=, –columns=’id, login, pw, real_name, extra_info, email, tmp_mail, access_level, service, active’ –local -u root -p’password’ mmscms /path/to/csvfile/user.csv
Noted : if the problem has occured like “mysqlimport: Error: 1148, The used command is not allowed with this MySQL version, when using table: user”

Use this params :
mysql -u’root’ -p’password’  database_name -e “load data infile ‘/path/to/user.csv’ into table tbl_msgtransact FIELDS TERMINATED BY ‘,’ ENCLOSED BY ‘\”‘ LINES TERMINATED BY ‘\n’ (id, login, pw, real_name, extra_info, email, tmp_mail, access_level, service, active);”

Those are faster than backup with original method, Trust me ;).

SCALPEL
Foremost is an alternative besides scalpel, but nevermind.we’ll try this one. It is the one which is supporting type of file system like php (as far as i knew..things that i didn’t found in foremost lists of signature sites), jpg, gif, png, bmp, avi, exe, mpg, wav, riff, wmv, mov, pdf, ole, doc, zip, rar, htm, cpp, office documents. First, get it from the official sites. Then extract and configure:
~# wget -c “http://pkgs.repoforge.org/scalpel/scalpel-1.60-1.el5.rf.i386.rpm&#8221;
~# rpm -ivh scalpel-1.60-1.el5.rf.i386.rpm

Then, edited /path/to/scalpel.conf by adding the line depend your requirement,
in example:
php     n       50000   <?php                   ?>

Execute these command, then finally it takes a little bit of work to search your file:
~# scalpel “<your_path_device_or_directory_source>” -o “<your_path_destination_directory>”
~# grep ‘<file_name>’ <your_path_destination_directory>

SVN (Subversion)
This things that i have to kept.
If you’ve done with step above, compare them to make sure all are ok.
~# diff <directory_checkout> <directory_backup_ori> > result.diffou

MySQL
Now if you wish to re-set password that did not change on side of apps dramatically, do this step.
~# /etc/init.d/mysql stop
~# /refer/to/myqld_safe –skip-grant-tables &
~# mysql -uroot -e “update user set password=PASSWORD(“mynewpassword”) where User=’root’;”
~# mysql -u root -e “flush privileges”
~# /etc/init.d/mysql stop
~# /etc/init.d/mysql start
~# echo “Lets say Horray”

And, if you are facing problem while try to restore binary file of MySQL both .frm and .ibd files just doing by these step.
1. Login into your MySQL
2. Create table like table yoou want to restore
3. Execute this params : alter table <your_table> discard tablespace;
4. Move your .ibd file Only to datadir MySQL installation.
5. Execute this params : alter table <your_table> import tablespace;
6. If you’re luck, all of field type of result will be match.
7. Dump it!!
8. Still need an effort in order to dump file looks like smoother. You can use it by grep, sed, etc.
9. Enjoy!!

*************************************************************************
Least but not last about user in MySQL
. First you’ve to make sure no user make previously with

drop user 'user'@'hostname'

Now add the new one, after insert the specific Host, User, Password, etc by create user ‘hostname_or_user’@’%_or_specific_host’ identified by ‘your_password”  .. do not forget to give them ‘total’ privileges by grant all privileges on database_name.* to ‘hostname_or_user’@’%_or_specific_host’ . Then flush them by flush privileges

One way to speed up login into database without checking or looking up your hostname/ DNS, please add this params below [mysqld] in my.cnf files.
skip-name-resolve

One way to change host from (looking up BOLD characters):
root@Hary:/# netstat -tapn | grep 3306 | head -1
tcp        0      0 0.0.0:3306          0.0.0.0:*               LISTEN      16638/mysqld
To:
tcp        0      10.1.5.31:3306          0.0.0.0:*               LISTEN      16638/mysqld

One way to change your hostname:
please change this params on your /etc/sysconfig/network (if it is redhat base distros)
HOSTNAME=<ChangeWithYourProperHostname>

with your proper hostname server
**************************************************************************

Extra: Url HTTP snoop log with tcpdump and Analyzing your log with goaccess
tcpdump -i eth0 -X -s 0 ‘src host <ipp_source_host>  and (((ip[2:2] – ((ip[0]&0xf)<<2)) – ((tcp[12]&0xf0)>>2)) != 0)’

/usr/local/bin/goaccess -c –time-format=%H:%M:%S –date-format=%d/%b/%Y –log-format=’%v:%^ %h %^[%d:%t %^] “%r” %s %b “%R” “%u”‘  -o html5 -f /home/harysmatta/Downloads/other_vhosts_access.log.10 >> /home/harysmatta/Downloads/result.html5

Synchronize Timezone Server :
~# ntpdate pool.ntp.org
–Skip–
~# echo ‘Asia/Jakarta’ > /etc/timezone
~# dpkg-reconfigure –frontend noninteractive tzdata

Split file on Linux
~#split -b <size><K or M or G> <file_origin> <file_origin_with_point_on_end>

—————————-
Cheers

Advertisements

Tinggalkan pesan atau komentar

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s