Configure phpmyadmin for connect to RDS AWS MariaDB

30 03 2017

Ensure that “/etc/phpmyadmin/config-db.php” doesn’t haven any configured values:

$dbuser='';
$dbpass='';
$basepath='';
$dbname='';
$dbserver='';
$dbport='';
$dbtype='';

Create a new file with for your particular values in “/etc/phpmyadmin/conf.d/myconf.php”

<?phpConfigure phpmyadmin for connect to RDS AWS MariaDB
$cfg['Servers'][$i]['extension'] = 'mysql';
$cfg['Servers'][$i]['host'] = 'name.of.rds.amazonaws.com';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = TRUE;

Go to the phpmyadmin website and log with the administrative account.

More info: http://stackoverflow.com/questions/4402482/using-phpmyadmin-to-administer-amazon-rds





Quick vsftp install and configuration

4 12 2016

This is the simple method for install and have a basic configuration for log into the ftp server with the local users of the system:
apt-get install vfstp
vi /etc/vsftpd.conf
Uncomment the following lines:
local_enable=YES
write_enable=YES

Restart the service and enjoy!
/etc/init.d/vsftpd restart





Testing virtual interface inside a namespace

12 09 2016

One virtual interface (veth0/1) into one namespace (blue) with internet conectivity

– First of all, enable ip forward:

echo 1 > /proc/sys/net/ipv4/ip_forward

– Create the virtual ethernet interface, a veth pair, and bring one side up:

ip link add veth0 type veth peer name veth1
ip link set veth0 up

– Create the network namespace, called blue, in which the other side of the veth is going to reside:

ip netns add blue

– Put the corresponding veth side, veth1, into the namespace. Take into account that the other side, veth0, reside in the system namespace:

ip link set veth1 netns blue

– Configure the veth1 with an IP address and bring it up. The command is executed inside the namespace:

ip netns exec blue ifconfig veth1 10.1.1.1/24 up

– Bring up lo interface too for avoid extrange problems:

ip netns exec blue ip link set dev lo up

– Create the bridge, called br0, and bring it up:

ip link add name br0 type bridge
ip link set br0 up

– Assign an IP address to the bridge interface for gain the level3 behaviour, if not, only works as level2:

ip addr add 10.1.1.254/24 dev br0

– Include the veth0, which is outside the namespace, into the bridge:

ip link set veth0 master br0

– Add a default route for the namespace inside it:

ip netns exec blue ip route add default via 10.1.1.254

– Add the iptables rules for allow NAT in the host system:

iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

– Test 1. Ping and traceroute from the host to the namespace:

ping -c1 10.1.1.1
PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data.
64 bytes from 10.1.1.1: icmp_seq=1 ttl=64 time=0.063 ms

traceroute 10.1.1.1
traceroute to 10.1.1.1 (10.1.1.1), 30 hops max, 60 byte packets
1 10.1.1.1 (10.1.1.1) 0.051 ms 0.012 ms 0.010 ms

– Test 2. Ping and traceroute from the namespace to the bridge:

ip netns exec blue ping -c1 10.1.1.254
PING 10.1.1.254 (10.1.1.254) 56(84) bytes of data.
64 bytes from 10.1.1.254: icmp_seq=1 ttl=64 time=0.038 ms

ip netns exec blue traceroute 10.1.1.254
traceroute to 10.1.1.254 (10.1.1.254), 30 hops max, 60 byte packets
1 10.1.1.254 (10.1.1.254) 0.059 ms 0.013 ms 0.009 ms

– Test 3. Ping and traceroute from the namespace to internet:

ip netns exec blue ping -c1 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=57 time=0.838 ms

ip netns exec blue traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 10.1.1.254 (10.1.1.254) 0.050 ms 0.012 ms 0.008 ms
...
9 google-public-dns-a.google.com (8.8.8.8) 0.884 ms 0.701 ms 0.681 ms

Two virtual interfaces (veth0/1 and veth10/11) into two different namespaces each one (blue and green) using the same subnet with internet conectivity

– Plus the steps done above…

– Create the virtual ethernet interface, and bring it up:

ip link add veth10 type veth peer name veth11
ip link set veth10 up

– Create the network namespace, and include the veth11 interface into it:

ip netns add green
ip link set veth11 netns green

– Include the veth10 into the bridge:

ip link set veth10 master br0

– Configure the veth11 with an IP address, bring it up, the same for lo, and add the default route to the bridge:

ip netns exec green ifconfig veth11 10.1.1.11/24 up
ip netns exec green ip link set dev lo up
ip netns exec green ip route add default via 10.1.1.254

– Test 4. Ping and traceroute from the blue namespace to the green:

ip netns exec blue ping -c1 10.1.1.11
PING 10.1.1.11 (10.1.1.11) 56(84) bytes of data.
64 bytes from 10.1.1.11: icmp_seq=1 ttl=64 time=0.059 ms

ip netns exec blue traceroute 10.1.1.11
traceroute to 10.1.1.11 (10.1.1.11), 30 hops max, 60 byte packets
1 10.1.1.11 (10.1.1.11) 0.055 ms 0.015 ms 0.015 ms

– Test 5. Ping and traceroute from the green namespace to the blue:

ip netns exec green ping -c1 10.1.1.1
PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data.
64 bytes from 10.1.1.1: icmp_seq=1 ttl=64 time=0.068 ms

ip netns exec green traceroute 10.1.1.1
traceroute to 10.1.1.1 (10.1.1.1), 30 hops max, 60 byte packets
1 10.1.1.1 (10.1.1.1) 0.060 ms 0.010 ms 0.008 ms

– Test 6. Ping and traceroute from green namespace to internet:

ip netns exec green ping -c1 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=57 time=0.804 ms

ip netns exec green traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 10.1.1.254 (10.1.1.254) 0.073 ms 0.010 ms 0.007 ms
...
9 google-public-dns-a.google.com (8.8.8.8) 0.663 ms 0.726 ms 0.680 m





Install VMWare Tools in Debian – 2016

1 09 2016

Since the supoort for the official and propietary VMWare Tools shiped from VMWare are ended in favour of the Open VM Tools, the execution of the “vmware-install.pl” script passed away.

The official document pointed to this change is the “VMware support for Open VM Tools (2073803)”, highlightning from there the following lines:

– VMware recommends using OVT redistributed by operating system vendors.
– VMware fully supports virtual machines that include OVT redistributed by operating system vendors, which is done in collaboration with the OS vendor and OS communities. However, the operating system release must be published as certified by the specific VMware product in the online VMware Compatibility Guide.
– VMware provides assistance to operating system vendors and communities with the integration of open-vm-tools with OS releases.
– VMware fully supports virtual appliances that include OVT , which is done in collaboration with the virtual appliance vendor.
– VMware does not recommend removing OVT redistributed by operating system vendors.

So, now, installing Open VM Tools is as easier as other package:

# apt-get install open-vm-tools

https://packages.debian.org/search?keywords=open-vm-tools

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2073803





Boot Debian system with EFI Stub kernel

31 08 2016

I try to explain the process of install a Debian system with UEFI and use the EFI Stub property for load the kernel and the ram disk directly from the EFI system firmware, leaving aside “grub-efi” and scratching some seconds at boot time.

– Be sure that UEFI is enabled in your system booting firmware.

– Install Debian following the normal way until the partitioning step.

– UEFI require the following partitioning points:

* Around "500MB" of space
* Bootable flag on
* Partition type "EFI System Partition"

You can select automatic partitioning, and the Debian Installation process will create it automatically or doing the partitioning by hand using the indicated values.

Don’t create this partition under software RAID or LVM, the UEFI won’t read the files under that.

– End with the installation and reboot. If it went correctly, you have a polish running system, booted with grub-uefi, with the UEFI partition mounted under /boot/efi:

/dev/sda1 on /boot/efi type vfat (rw,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=utf8,shortname=mixed,errors=remount-ro)

– Now is time to change the boot process into a EFI Stub, copy the kernel and the ram disk into the UEFI partition:

# cp /vmlinuz /initrd.img /boot/efi/EFI/debian/

– Look for your root filesystem UUID (in this example is sda2, the place were the linux is installed):

# blkid /dev/sda2
/dev/sda2: UUID="955548bd-9c77-4893-8633-3a5e7966dfc9" TYPE="ext4" PARTUUID="4cd59271-18a2-4d00-a65a-a106ee030a1a"

– And create an entry into the UEFI firmware for the linux EFIStub (replace the UUID number with your particular reference):

# efibootmgr -c -g -L "Debian (EFI stub)" -l '\EFI\debian\vmlinuz' -u "root=UUID=955548bd-9c77-4893-8633-3a5e7966dfc9 ro quiet rootfstype=ext4 add_efi_memmap initrd=\\EFI\\debian\\initrd.img"

– Check the UEFI information, the new entry is at the bottom:

# efibootmgr -v
BootCurrent: 0004
BootOrder: 0005,0004,0000,0001,0002,0003
Boot0000* EFI Virtual disk (0.0)
Boot0001* EFI VMware Virtual IDE CDROM Drive (IDE 1:0)
Boot0002* EFI Network
Boot0003* EFI Internal Shell (Unsupported option)
Boot0004* debian
Boot0005* Debian (EFI stub)
root@uefi:/boot/efi/EFI/debian# efibootmgr -v
BootCurrent: 0004
BootOrder: 0005,0004,0000,0001,0002,0003
Boot0000* EFI Virtual disk (0.0) ACPI(a0341d0,0)PCI(15,0)PCI(0,0)SCSI(0,0)
Boot0001* EFI VMware Virtual IDE CDROM Drive (IDE 1:0) ACPI(a0341d0,0)PCI(7,1)ATAPI(1,0,0)
Boot0002* EFI Network ACPI(a0341d0,0)PCI(16,0)PCI(0,0)MAC(MAC(005056948a0a,1)
Boot0003* EFI Internal Shell (Unsupported option) MM(b,e1a3000,e42ffff)FvFile(c57ad6b7-0515-40a8-9d21-551652854e37)
Boot0004* debian HD(1,800,ee000,4f3b579c-10cb-44ca-b845-475b2409eaf7)File(\EFI\debian\grubx64.efi)
Boot0005* Debian (EFI stub) HD(1,800,ee000,4f3b579c-10cb-44ca-b845-475b2409eaf7)File(\EFI\debian\vmlinuz)r.o.o.t.=.U.U.I.D.=.9.5.5.5.4.8.b.d.-.9.c.7.7.-.4.8.9.3.-.8.6.3.3.-.3.a.5.e.7.9.6.6.d.f.c.9. .r.o. .q.u.i.e.t. .r.o.o.t.f.s.t.y.p.e.=.e.x.t.4. .a.d.d._.e.f.i._.m.e.m.m.a.p. .i.n.i.t.r.d.=.\.E.F.I.\.d.e.b.i.a.n.\.i.n.i.t.r.d...i.m.g.
Boot0007* Debian HD(1,800,ee000,4f3b579c-10cb-44ca-b845-475b2409eaf7)File(\EFI\debian\grubx64.efi

– Look close to the information reported, the BootOrder have the new entry listed first, in the next boot the system will take it:

BootCurrent: 0004
BootOrder: 0005,0004,0000,0001,0002,0003

– Now, reboot and check the BootCurrent again:

BootCurrent: 0005
BootOrder: 0005,0004,0000,0001,0002,0003

– Basically it’s done. But for update the kernel and the ram disk automatically when an upgraded is installed, or removed, create the following files and make them executable:

# cat > /etc/kernel/postinst.d/zz-update-efistub << EOF
#!/bin/sh
echo "Updating EFI boot files..."
cp /vmlinuz /initrd.img /boot/efi/EFI/debian/
EOF

# chmod +x /etc/kernel/postinst.d/zz-update-efistub# cp /etc/kernel/postinst.d/zz-update-efistub /etc/kernel/postrm.d/zz-update-efistub

As a note, is it possible to substitute this script with systemd units. Look into the Arch linux wiki for more info.

– Thats all.

 

 

— But if you have some problems:

– If you need to revert the chage, for example, to keep boot0004 first again, execute:

# efibootmgr -o 0004,0005,0000,0001,0002,0003

– If you lost the Debian entry created at installation time, recrete it with this:

# efibootmgr -c -g -L "Debian" -l '\EFI\debian\grubx64.efi'

– If you have problems with EFI variables, be sure that you have installed “efivar” and “efivars” kernel module loaded (modproble efivars).

 

More info:
https://wiki.debian.org/EFIStub
https://www.happyassassin.net/2014/01/25/uefi-boot-how-does-that-actually-work-then/
https://wiki.archlinux.org/index.php/EFISTUB
http://wiki.bitbinary.com/index.php/Debian_Wheezy_EFI_Stub





Notes for LUKS partition

10 06 2016

Install requisites:
apt-get install cryptsetup

Create encrypt partition:
cryptsetup -y -v luksFormat /dev/sdX

Create filesystem inside encryp partition:
cryptsetup luksOpen /dev/sdX backupdisk
mkfs.ext4 /dev/mapper/backupdisk

Mount LUKS partition:
cryptsetup luksOpen /dev/sdX backupdisk
mount /dev/mapper/backupdisk /mnt/backupdisk/

Umount LUKS partition:
umount /mnt/backupdisk/
cryptsetup luksClose backupdisk

Change password:
cryptsetup luksDump /dev/sdX
cryptsetup luksAddKey /dev/sdX

Remove password:
cryptsetup luksRemoveKey /dev/sdX

Check mapping status:
cryptsetup -v status backupdisk

Dump headers, for backup:
cryptsetup luksDump /dev/sdX





Install from source GQRX in Debian Jessie

6 06 2016

First of all, the requirements from repositories:

apt-get install liblog4cpp5-dev libboost-thread-dev libboost-program-options-dev gnuradio-dev

The previous line usually solve the following problems:

In file included from /usr/include/gnuradio/block.h:29:0,
from /usr/include/gnuradio/sync_block.h:27,
from /usr/include/gnuradio/blocks/file_sink.h:28,
from ../../gqrx/applications/gqrx/receiver.h:28,
from ../applications/gqrx/mainwindow.h:48,
from ../applications/gqrx/main.cpp:32:
/usr/include/gnuradio/logger.h:122:31: fatal error: log4cpp/Category.hh: No such file or directory
#include

In file included from /usr/include/gnuradio/blocks/file_sink.h:27:0,
from ../../gqrx/applications/gqrx/receiver.h:28,
from ../applications/gqrx/mainwindow.h:48,
from ../applications/gqrx/main.cpp:32:
/usr/include/gnuradio/blocks/file_sink_base.h:27:28: fatal error: boost/thread.hpp: No such file or directory
#include

Now, clone the official repository:

git clone https://github.com/csete/gqrx.git

Compile and install:
cd gqrx
mkdir build
cd build
qmake ..
make
make install