Remove Cron Jobs from auth.log

CRON[21587]: pam_unix(cron:session): session opened for user root by (uid=0)
CRON[21587]: pam_unix(cron:session): session closed for user root

This type of logs makes you hard to read the log by you can whe you are looking for information logged by ssh.

To strip off this logs you can simply edit /etc/pam.d/cron (using sudo since you need to root privileges) and comment out the line:

    @include common-session

 

auth.log Empty

Troubleshooting auth.log empty
/var/log/auth.log can be empty due to various reasons but you can restore rsyslogd with its initial settings so that you get logs

Here is How you reinstall it:

# sudo apt-get remove rsyslog

# sudo apt-get install rsyslog

This will reinstall your rsyslog and you can get the auth logs

auth.log can also be empty when log is rotated. No action is needed in this case.

File Permission for Web Server

We need to change File permission for web server to default for web server securitywe can adjust all web page files by changing directory to web server default directory  and issuing following command as root.

find . -type f -exec chmod 644 {} ;  
find . -type d -exec chmod 755 {} ;

Squid Multiple Outgoing IP

I got lots of queries from Fellow VPS server Administrators on using all of IPs provided by provider for browsing the internet and rotating the IP addresses for squid multiple outgoing ip

When squid server is configured by using following squid acls and tcp_outgoing_address directives we can use all of IPs that are assigned.Here is configuration of  squid multiple outgoing IP address using tcp_outgoing_address

acl myip1 myip 10.0.11.2
acl myip2 myip 10.0.11.3
acl myip3 myip 10.0.11.4

tcp_outgoing_address 10.0.11.2 myip1
tcp_outgoing_address 10.0.11.3 myip2
tcp_outgoing_address 10.0.11.4 myip3

Here I take 10.0.11.2 -10.0.11.4 as your assigned IP

The acl lines tell squid to match myip which means if someone uses the IP 10.0.1.2 as their proxy server they will match the acl ip1 and so on..

Squid Reverse proxy

We can use squid as a reverse proxy for sharing a public IP with multiple server as well as web acceleration.

Below is the configuration of squid.conf for the purpose of having multiple domains in private IP and that is accessed from the same proxy

# External Port no for squid reverse proxy
http_port 8080 accel vhost

# directive to tell Squid the IP address of the servers 192.168.0.6-7 are private ip address hosted inside the network
cache_peer 192.168.0.6 parent 80 0 no-query no-digest originserver name=server1
cache_peer 192.168.0.7 parent 80 0 no-query no-digest originserver name=server2
cache_peer 192.168.0.8 parent 80 0 no-query no-digest originserver name=server3

acl sites_server1 dstdomain server1.domain.com
acl sites_server2 dstdomain server2.domain.com
acl sites_server3 dstdomain server3.domain.com

cache_peer_access server1 allow sites_server1
cache_peer_access server2 allow sites_server2
cache_peer_access server3 allow sites_server3

http_access allow sites_server1
http_access allow sites_server2
http_access allow sites_server3

Here 192.168.0.X are internal IPs and serverX.domain.com are  web address that is routed to corresponding internal websites.

Thanks to :

http://www.sweetnam.eu/index.php/Reverse_Proxy_with_Squid

Script for IP Change Alert

If you need to be notified upon the IP address of the system it can be achieved through following Perl Script

At first a sendemail needs to be installed using :
sudo apt-get install sendemail (in Debian based Distros : Ubuntu )
sudo yum install sendemail (in Redhat Based Distros :Red Hat,Fedora, Cent OS)

Else you may use another MTAs too like sendmail or postfix that is available.

This  IP change alert script alerts the admin if external IP address is changed

#!/usr/bin/perl -w
#Anwesh Tiwari Oct 12 2011

use strict;
my $today=`date +%Y-%m-%d” “%r`;
#location of TEMP file
my $ip_last_check_file = “/home/tmp/IP-Address”;
my $ip_now = `curl -s http://checkip.dyndns.org`;
$ip_now =~ s/.*?(d+.d+.d+.d+).*/$1/s;

open(IP, “<$ip_last_check_file”) or die “Cannot open $ip_last_check_file: $!”;
my $ip_last_check = ;0
close(IP);

if ($ip_now ne $ip_last_check)
{
open(IP, “>$ip_last_check_file”) or die “Cannot open $ip_last_check: $!”;
print IP $ip_now;
close(IP);
#-s “SMTP address of your SMTP server instead” of “-s localhost” if you dont have ipaddress running.
my $output = `sendemail -f [email protected] -t [email protected] -s localhost -u IP-CHANGE-ALERT -m Gateway IP-address has changed to $ip_now.\\n Event Time :$today`;
}

exit;

Make sure that port 25 is not blocked by ISP

Pending restart SQL server installation

If you  have tried to install SQL Server 2008  and cannot install, because of  the errormessage the prerequistite “Restart the computer is required”.

But every time you restart  computer and try to execute the setup of SQL Server 2008, you get the same message

Then you have change a registry entry in computer

  • Open Regedit
  • Find the key “HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession Manager”
  • Rename the “PendingFileRenameOperations” value to “PendingFileRenameOperations2”
  • Try again

This will solve the Restart Problem

Vsftpd Virtual Users

Installing Vsftpd Virtual Users and Password in text file

vsftpd is a reliable , fast and stable FTP server Daemon. In this article we’ll install the server and make it a  password text file for virtual users allowed to login.

1. Install following  packages using
sudo apt-get install  libpam-pwdfile vsftpd

2. Configure vsftpd (sudo nano /etc/vsftpd.conf)
Following variable need to be changed and leave others to default

local_enable=YES
write_enable=YES
anonymous_enable=NO
hide_ids=YES
local_umask=022
chroot_local_user=YES
virtual_use_local_privs=YES
guest_enable=YES
user_sub_token=$USER
local_root=/var/www/$USER

local_root  is user’s home directories  in the machine

3. Manage PAM to check the passwd file for users (sudo nano /etc/pam.d/vsftpd)
auth required pam_pwdfile.so pwdfile /etc/ftpd.passwd
account required pam_permit.so
Remove other configuration from file
4. The passwd file containing the users is created
sudo htpasswd -c /etc/ftpd.passwd user1

Additional users to the file as below:
sudo htpasswd /etc/ftpd.passwd user2

5. Reload vsftpd
sudo /etc/init.d/vsftpd restart

6. User home directory should be created manually  since vsftpd doesn’t do it automatically
sudo mkdir /var/www/user1

7.Appropriate Permissions need to be provided to that folder for user ftp for uploads

chown 775 ftp:ftp /var/www/user1

Change UUID of Vdi in Virtualbox

Making  copy of the .vdi file into another location will make a real copy of the virtual disk, including the UUID of the disk. If this disk is added to  the Virtual Media Manager, you  will get an error like this:

virtualbox-error.png

To chage the UUID of disk use following command

$ VBoxManage internalcommands setvdiuuid /path/to/virtualdisk.vdi
VirtualBox Command Line Management Interface Version 2.2.2
(C) 2005-2009 Sun Microsystems, Inc.
All rights reserved.

UUID changed to: 9e89fe14-d010-469e-a737-cd6521889acb

Since the old UUID is change , you can now add this virtual disk to Disk Manager

You need not use this commmad if you use clonevdi function to duplicate the virtual disk image, in the first place. The clonevdi  makes the new disk image with unique UUID.

The syntax of the clonedvi goes like this:

$ VBoxManage clonevdi_Master.vdi Clone.vdi

 

Remove SQL Server Password

Reset Forgotten Sa password

To configure startup options

  1. Login computer from administrator Account
  2. At  SQL Server Configuration Manager, click SQL Server Services.
  3. In the right side, right-click SQL Server (<instance_name>), and then click Properties.
  4. Startup Parameters boxtype the parameters separated by semicolons (;). at the Advanced tab, ,

    For example, to start in single-user mode, insert -m; in front of the existing startup options, and then restart the database.

    Important
    you must remove the -m; after  finished using single-user mode, from the Startup Parameters box before you can start a multiuser mode in production.
  5. Click OK.
  6. Restart the Database Engine.
  7. Change security authentication mode (You may not require this step if you have already enabled sa user)
    1. In SQL Server Management Studio Object Explorer, right-click the server, and  click Properties.
    2. On the Security page, under Server authentication, select the new server authentication mode, and click OK.
    3. In the SQL Server Management Studio dialog box, click OK to acknowledge the requirement to restart SQL Server.
    4. You can change password here.
  8. Enable the sa login by using Management Studio(You may not require this step if you have already enabled dual authentication )
    1. In Object Explorer, expand Security, expand Logins, right-click sa, and then click Properties.
    2. On the General page, you might have to create and confirm a password for the sa login.
    3. On the Status page, in the Login section, click Enabled, and then click OK.
  9. Now you can logon with sa user and password .You can also set permission of the local user account from that.