ubuntu

Ubuntu may refer to: read more at WikiPedia

  • backup_debian_ubuntu_server

    I am using ReoBack for this duty

    REOBack (pronounced "ray-o-back") is a backup solution designed for Linux users and system administrators. It is designed to be simple to set up, and easy to use. It is great as a quick solution for those who procrastinate about backups. It supports automatic full/incremental backups of files you define, remote backups via NFS or FTP, as well as auto deletion of old backups.

    And here is my how to install for Debian /Ubuntu distribution taken from my notes

    Download Reoback 1.0.3, convert it into a Debian package with alien and install it

    wget http://puzzle.dl.sourceforge.net/sourceforge/reoback/reoback-1.0-3.noarch.rpm
    apt-get install alien
    alien reoback-1.0-3.noarch.rpm
    dpkg -i reoback_1.0-4_all.deb

    Configure ReoBack by editing the file settings.conf

    vi /etc/reoback/settings.conf
    Here is a sample configuration file to save your backup to a remote FTP server (but it could be also a NFS share)
    host            = myhostname.com
    backupdays      = 7
    files           = /etc/reoback/files.conf
    tmpdir          = /var/lib/reoback/tmp/
    datadir          = /var/lib/reoback/data/
    localbackup     = /var/lib/reoback/backups/
    keeplocalcopy   = 1
    remotebackup    = 1
    rbackuptype     = FTP
    localmount      = /mnt/server/
    remotehost      = xxxxxxxxx
    remotepath      = /reobackup/
    ftpuser         = xxxxxxxxx
    ftppasswd       = xxxxxxxxx

    Specify which files on your server  need to be saved by editing the file files.conf

    vi /etc/reoback/files.conf

    Here is a sample, I exclude some files that are changing all the time since they are maintained by the Linux kernel or some processes

    File: homes
    /home/
    
    File: var
    /var
    Skip: /var/run/*
    Skip: /var/lib/mysql/*
    Skip: /var/lib/reoback/*
    
    File: mysql
    /var/lib/mysql
    /tmp/mysql.sock
    Skip: /var/lib/mysql/mysql.sock
    Skip: /var/lib/mysql/mysqld.pid
    
    File: plesk
    /opt/psa
    /etc/psa
    /usr/local/psa

    Adapt the location path of these 2 files (files.conf / settings.conf) in  run_reoback.sh

    vi /etc/reoback/run_reoback.sh

    content of file

    # Location of the configuration file.
    config="/etc/reoback/settings.conf"
    
    # Change to reflect where REOBack is installed
    reoback="/usr/bin/reoback.pl"
    
    # Do not modify this line.
    $reoback $config

    Finally you can now test your backup

    /etc/reoback/run_reoback.sh

    or place this command in crontab

    * 19 * * * /etc/reoback/run_reoback.sh > backup.txt ;
    mail -s "automatisches Backup" This email address is being protected from spambots. You need JavaScript enabled to view it. < backup.txt

    Tips

    Depending where you visitor come from (America or Asia or Europe) it may be recommended to not start your backup during peak of visits, You can also nice the process to a lower priority

    * 19 * * * nice –19 /etc/reoback/run_reoback.sh > backup.txt ; 
    mail -s "automatisches Backup" This email address is being protected from spambots. You need JavaScript enabled to view it. < backup.txt
  • Ubuntu 10.10 (Maverick) is offering as for today a relative old version PHP 5.3.3, if you want to have a better version, you’ll have to trust an unofficial APT repository. Here is How

    Thanks to the NGINX team, you can find nearly the latest version of PHP online at https://launchpad.net/~nginx/+archive/php5

    Create a new file php5-ppa.list

    vi /etc/apt/sources.list.d/php5-ppa.list

    and depending on the version of your ubuntu, you can replace the word maverick with the oldest oneiric, natty, or the latest lucid

    deb http://ppa.launchpad.net/nginx/php5/ubuntu maverick main
    deb-src http://ppa.launchpad.net/nginx/php5/ubuntu maverick main

    run an update, to get the latest PHP version

    # apt-get update
    # apt-get dist-upgrade

    Alternatively you can still compile PHP on your own..

  • Munin is a networked resource monitoring tool that can help analyze resource trends and "what just happened to kill our performance?" problems. It is designed to be very plug and play. A default installation provides a lot of graphs with almost no work.

    In Norse mythology Hugin and Munin are the ravens of the god king Odin. They flew all over Midgard for him, seeing and remembering, and later telling him. "Munin" means "memory".

    Install Munin&160;by issuing as root

    apt-get install munin munin-node munin-plugins-extra

    Activate as many plugins as required, there is more than 230 plugins!

    acpi                      jmx_                     qmailscan-simple
    amavis                    load                     quota_usage_
    apache_accesses           loggrep                  samba
    apache_processes          lpar_cpu                 selinux_avcstat
    apache_volume             lpstat                   sendmail_mailqueue
    apc_envunit_              mailman                  sendmail_mailstats
    apc_nis                   mailscanner              sendmail_mailtraffic
    apt                       mbmon_                   sensors_
    apt_all                   memcached_               slapd_
    asterisk_channels         memory                   slapd_bdb_cache_
    asterisk_channelstypes    mhttping                 slony_lag_
    asterisk_codecs           multigraph_tester        smart_
    asterisk_meetme           multiping                snmp__cpuload
    asterisk_meetmeusers      multips                  snmp__df
    asterisk_sipchannels      multips_memory           snmp__fc_if_
    asterisk_sippeers         munin_stats              snmp__fc_if_err_
    asterisk_voicemail        munin_update             snmp__if_
    bind9                     mysql_                   snmp__if_err_
    bind9_rndc                mysql_bytes              snmp__if_multi
    bonding_err_              mysql_innodb             snmp__load
    buddyinfo                 mysql_isam_space_        snmp__memory
    cmc_tc_sensor_            mysql_queries            snmp__netapp_diskusage_
    colour_tester             mysql_slowqueries        snmp__netapp_inodeusage_
    courier_                  mysql_threads            snmp__netstat
    courier_mta_mailqueue     named                    snmp__print_pages
    courier_mta_mailstats     netopia                  snmp__print_supplies
    courier_mta_mailvolume    netstat                  snmp__processes
    cps_                      nfs4_client              snmp__rdp_users
    cpu                       nfs_client               snmp__sensors_fsc_bx_fan
    cpuspeed                  nfsd                     snmp__sensors_fsc_bx_temp
    cupsys_pages              nfsd4                    snmp__sensors_fsc_fan
    df                        nginx_request            snmp__sensors_fsc_temp
    df_abs                    nginx_status             snmp__sensors_mbm_fan
    df_inode                  nomadix_users_           snmp__sensors_mbm_temp
    dhcpd3                    ntp_                     snmp__sensors_mbm_volt
    digitemp_                 ntp_kernel_err           snmp__swap
    diskstat_                 ntp_kernel_pll_freq      snmp__uptime
    diskstats                 ntp_kernel_pll_off       snmp__users
    ejabberd_                 ntp_offset               snmp__winload
    entropy                   ntp_states               snmp__winmem
    env                       nut_misc                 snort_alerts
    exim_mailqueue            nutups_                  snort_bytes_pkt
    exim_mailqueue_alt        nut_volts                snort_drop_rate
    exim_mailstats            nvidia_                  snort_pattern_match
    extinfo_tester            open_files               snort_pkts
    fail2ban                  open_inodes              snort_traffic
    files_                    openvpn                  spamstats
    foldingathome             perdition                squeezebox_
    foldingathome_rank        ping_                    squid_cache
    foldingathome_wu          plugin.sh                squid_icp
    forks                     plugins.history          squid_objectsize
    freeradius_acct           pm3users_                squid_requests
    freeradius_auth           pop_stats                squid_traffic
    freeradius_proxy_acct     port_                    surfboard
    freeradius_proxy_auth     postfix_mailqueue        swap
    fw_conntrack              postfix_mailstats        sybase_space
    fw_forwarded_local        postfix_mailvolume       tcp
    fw_packets                postgres_bgwriter        threads
    haproxy_                  postgres_cache_          tomcat_
    hddtemp                   postgres_checkpoints     tomcat_access
    hddtemp2                  postgres_connections_    tomcat_jvm
    hddtempd                  postgres_connections_db  tomcat_threads
    hddtemp_smartctl          postgres_locks_          tomcat_volume
    http_loadtime             postgres_querylength_    uptime
    id                        postgres_scans_          users
    if_                       postgres_size_           varnish_
    if_err_                   postgres_transactions_   vlan_
    ifx_concurrent_sessions_  postgres_tuples_         vlan_inetuse_
    interrupts                postgres_users           vlan_linkuse_
    iostat                    postgres_xlog            vmstat
    iostat_ios                processes                vserver_cpu_
    ip_                       proc_pri                 vserver_loadavg
    ipac-ng                   proxy_plugin             vserver_resources
    ipmi_                     ps_                      warning_tester
    ipmi_sensor_              psu_                     yum
    ircu                      qmailqstat               zimbra_
    irqstats                  qmailscan

    Here are some I did add to the list of already activated one. Some were added for obvious reason like mysql, nginx and fail2ban to monitor SSH brute force attempt…

    cd /etc/munin/plugins/

    ln -s /usr/share/munin/plugins/nginx_status nginx_status

    ln -s /usr/share/munin/plugins/nginx_request nginx_request

    ln -s /usr/share/munin/plugins/mysql_ mysql

    ln -s /usr/share/munin/plugins/mysql_queries mysql_queries

    ln -s /usr/share/munin/plugins/fail2ban fail2ban

    Fail2Ban require root access to the socket of fail2ban, so edit munin-node

    vi /etc/munin/plugin-conf.d/munin-node

    And append at the end

    [fail2ban*]
    user root

    Restart Munin-node and force the munin-cron process to run the initial html reports or wait 5 minutes…

    /etc/init.d/munin-node restart
    sudo -u munin munin-cron

    Add to the crontab of the user Munin the command to run Munin every 5 minutes:

    sudo -u munin crontab –e
    */5 * * * * /usr/bin/munin-cron

    Protect the server host where Munin&160;will output its reports

    htpasswd -c /etc/nginx/.htpasswd username

    Now add a new site to nginx

    vi /etc/nginx/sites-enabled/waltercedric
    And put at least the following inside

    server {
    listen&160;&160;&160;&160;&160;&160; 80;
    server_name&160; munin.acme.com;
    root /var/cache/munin/www;
    location / {
    &160;&160;&160; expires off;
    &160;&160;&160; auth_basic "Munin";
    &160;&160;&160; auth_basic_user_file /etc/nginx/.htpasswd;
    }
    }

    And reload nginx configuration with service nginx reload

    You can now point any browser to http://munin.acme.com

  • What is mod_evasive?

    mod_evasive is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive presently reports abuses via email and syslog facilities.

    Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denying any single IP address from any of the following:

    • Requesting the same page more than a few times per second
    • Making more than 50 concurrent requests on the same child per second
    • Making any requests while temporarily blacklisted (on a blocking list)

    Installation

    apt-get install libapache2-mod-evasive
    mkdir /var/log/apache2/mod_evasive
    chown www-data:www-data /var/log/apache2/mod_evasive

    Configuration

    Create a new file

    vi /etc/apache2/conf.d/01_modevasive.conf

    with this content

    <ifmodule mod_evasive20.c>
     DOSHashTableSize 3097
     DOSPageCount 2
     DOSSiteCount 50
     DOSPageInterval 1
     DOSSiteInterval 1
     DOSBlockingPeriod 10
     DOSLogDir /var/log/apache2/mod_evasive
     DOSEmailNotify root@localhost
     DOSWhitelist 127.0.0.1
    </ifmodule>

    Restart Apache to activate the new module

    /etc/init.d/apache2 restart

    Documentation

    • DOSHashTableSize: Size of the hash table used to store the IPs.
    • DOSPageCount: Number of pages allowed per DOSPageInterval.
    • DOSPageInterval: Time in seconds used by DOSPageCount.
    • DOSSiteCount: Number of objects allowed per DOSSiteInterval.
    • DOSSiteInterval: Time in seconds used by DOSSiteCount.
    • DOSBlockingPeriod: Time in seconds that IPs will be banned. If an IP tries to access the server within this period, the count will be restarted.
    • DOSLogDir: Optional. Directory to store the logs. If not specified, /tmp will be used.
    • DOSEmailNotify: Optional. Mail where notifications will be sent.

    DOSSystemCommand: is Optional.&160; Command to execute if an IP is blocked. For example using iptables:

    DOSSystemCommand "/sbin/iptables -I INPUT -p tcp --dport 80 -s %s -j DROP"
  • joomla_cms

    joomla_socialsharing_logo_thumb4

    This small plugin add automatically to any articles a set of social icons that let your reader increase your social ranking. It support

  • Watch Linux Ubuntu 6.10 with its compositing manager (XGL) on a Gnome desktop.

    Download latest version of Flash to view video! .

    Click Here to View in Full Screen Mode

    And what does that cost? $0
  • Official version of nginx for Ubuntu Precise is 1.1.19 but the latest available stable version is 1.2.2 (Changes), In this post I will present you how to update to the latest available version.

    vi /etc/apt/sources.list

    and add depending on your Ubuntu version either

    For Ubuntu 10.04 Lucid:

    deb http://nginx.org/packages/ubuntu/ lucid nginx
    deb-src http://nginx.org/packages/ubuntu/ lucid nginx

    For Ubuntu 12.04 Precise:

    deb http://nginx.org/packages/ubuntu/ precise nginx
    deb-src http://nginx.org/packages/ubuntu/ precise nginx

    Now you can run

    apt-get update

    When using the public nginx repository for Ubuntu, you’ll get this error

    W: GPG error: http://nginx.org lucid Release: The following signatures 
    couldn't be verified because the public key is not available: NO_PUBKEY ABF5BD827BD9BF62

    First of all this is only warning and you can ignore it, if you know what are you doing and in case you prefer to add public key, used for signing packages and repository, just run:

    gpg -a --export 7BD9BF62 |  sudo apt-key add -

    or

    wget http://nginx.org/packages/keys/nginx_signing.key
    cat nginx_signing.key | sudo apt-key add -

    apt-get update should now run fine, however after running an

    apt-get install nginx

    you may still get this kind of error:

    dpkg: error processing /var/cache/apt/archives/nginx_1.2.2-1~precise_amd64.deb (--unpack):
     trying to overwrite '/etc/logrotate.d/nginx', which is also in package nginx-common 1.1.19-1
    dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
    Errors were encountered while processing:
     /var/cache/apt/archives/nginx_1.2.2-1~precise_amd64.deb

    just remove nginx-common and retry

    apt-get remove nginx-common

    More at http://wiki.nginx.org/Install

  • ubuntu.book

    The PDF Edition of Ubuntu Pocket Guide and Reference is available entirely free of charge. It is practically identical to the Print Edition. You can download it by clicking the links below. Over 250,000 people already have!

    You can share the PDF file with people you know, and even upload it to file sharing networks. You may NOT sell the PDF! Click here for more information, or check out the FAQs.

    Download this book or buy it at www.ubuntupocketguide.com

  • Here is how to update in Ubuntu Oneiric 11.10&160; to the latest development version of nginx (1.1.13). The latest stable version being the 1.0.11

    add-apt-repository ppa:chris-lea/nginx-devel
    apt-get update
    apt-get upgrade

  • Make sure that your data are safe and that your backups are working and in a safe place: obviously not on the server you are currently upgrading!

    While being logged in as root, you’ll have to edit the file /etc/update-manager/release-upgrades and set the value prompt to normal.

    vi /etc/update-manager/release-upgrades
    set prompt=normal

    The update process will update your server to every single releases of Ubuntu (200MB download for each step and a restart required)

    apt-get update
    apt-get upgrade
    apt-get install update-manager-core
    do-release-upgrade -d

    You are now on Ubuntu 10.10 Maverick Meerkat run one more time:

    do-release-upgrade

    You are now on Ubuntu 11.04 Natty Narwhal run one more time:

    do-release-upgrade

    to finally enjoy using Ubuntu 11.10 Oneiric Ocelot!

    Ubuntu version names

    • Ubuntu 11.10 - the current stable version, released in October 2011, codenamed Oneiric Ocelot.
    • Ubuntu 11.04 - previous version, released in April 2011, codenamed Natty Narwhal.
    • Ubuntu 10.10 - previous version, released in October 2010, codenamed Maverick Meerkat.
    • Ubuntu 10.04 LTS - the current long term support version, released in April 2010, codenamed Lucid Lynx.
  • Thanks to Nathan Rennie-Waldock. you can have the latest PHP5 5.3.10 running in Ubuntu Oneiric, Natty, Maverick and Lucid.

    PHP 5.3.10 fixes critical remote code execution vulnerability

    The vulnerability was introduced by the fix for a hash collision denial-of-service flaw

    Proof-of-concept code that exploits this vulnerability has already been published online

    Nathan Rennie-Waldock Personal Package Archives (PPA) is located at https://launchpad.net/~nathan-renniewaldock/+archive/ppa

    Just run as root the following to use PHP 5.3.10

    sudo add-apt-repository ppa:nathan-renniewaldock/ppa
    sudo apt-get update
    sudo apt-get upgrade

    Canonical should be a little bit ashamed to not deliver these security patches for the server edition! relying on individuals to provide the latest version of secure software is not promoting Linux in enterprise.

  • Thanks to Ondřej Surý,&160; maintainer for some Debian packages, you can have the latest PHP5 maintained by Debian PKG PHP Team in Ubuntu Oneiric, Natty, Maverick and Lucid.

    Currently it is the previous version 5.3.9, but that’s already a lot better than 5.3.6 (Official in Ubuntu 11.10 Oneiric). I did contact Ondřej to ask him for updating the Personal Package Archive to 5.3.10.

    Personal Package Archives (PPA) allow you to upload Ubuntu source packages to be built and published as an apt repository by Launchpad.

    Ondřej Surý’s Personal Package Archives (PPA) is located at https://launchpad.net/~ondrej/+archive/php5

    Just run as root the following to use PHP 5.3.9

    sudo add-apt-repository ppa:ondrej/php5 
    sudo apt-get update
    sudo apt-get upgrade

    I did create an account at https://launchpad.net/~cedric-walter just in case I would like to build some packages for Ubuntu.

  • Download and install VMware Player 4.0.2 to run this Virtual Appliance “Ubuntu 11.10 x64 Server”

    ubuntu-logo_05

    Ready to user stock Ubuntu 64 bit Desktop 11.10 (Oneiric Ocelot) on Vmware

    This virtual appliance may be used by multi purpose operations, such as source control management server, development server, ftp server, and so on…

    &160;



    Download for FREE Ubuntu 11.10 x64 Desktop.7z (4.65GB) for Vmware&160;

    From http://linux.waltercedric.com/

    • VM Information
      • CPU's :1
      • Memory :1G
      • Disk :20G
    • Authentication Credentials
      • Username :user
      • Password :user1234

    Root password is not set!

    Some operating systems does not enable root password by default in order to protect the system files. In these systems, user may gain root access by using "sudo" command, with determining his/her own password.

    Example : with this command, user will be able of restarting the system.

    sudo init 1 user

    If the system does not set root password during the installation time, again by default we are not setting any root password.

    But if you want to enable the root password, after logging in with your user you may always use the command

    sudo passwd root

    and then start to use the root account too.

  • Download and install the latest&160; VMware Player 4.0.2 to run this Virtual Appliance “Ubuntu 11.10 x64 Server”

    ubuntu-logo_0

    Ready to user stock Ubuntu 64 bit Server 11.10 (Oneiric Ocelot) on Vmware

    This virtual appliance may be used by multi purpose operations, such as source control management server, development server, ftp server, or for testing some changes before rolling them out against your productive server and so on…

    &160;

    &160;

    Download for FREE&160; Ubuntu 11.10 x64 Server.7z (2.2GB) for Vmware

    From http://linux.waltercedric.com/

    • VM Information
      • CPU's :1
      • Memory :1G
      • Disk :20G
    • Authentication Credentials
      • Username :user
      • Password :user1234

    Root password is not set!

    Some operating systems does not enable root password by default in order to protect the system files. In these systems, user may gain root access by using "sudo" command, with determining his/her own password.

    Example : with this command, user will be able of restarting the system.

    sudo init 1 user

    If the system does not set root password during the installation time, again by default we are not setting any root password.

    But if you want to enable the root password, after logging in with your user you may always use the command

    sudo passwd root

    and then start to use the root account too.