Kmaiti

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Tuesday, 29 November 2011

How to configure rndc key with chrooted bind on linux?

Posted on 22:26 by Unknown
Environment : RHEL 6.1 .

Here are the steps that I followed :

1. vi /etc/rndc.conf and following line

----
options {
default-server 127.0.0.1;
default-key "rndckey";
};

server 127.0.0.1 {
key "rndckey";
};

key "rndckey" {
algorithm "hmac-md5";
secret "secret key will be placed here";
};
---

2. cd /var/named/chroot/etc/

3. $dnssec-keygen -r /dev/urandom -a HMAC-MD5 -b 256 -n HOST rndc
4. cat *.private
5. copy the key from private file and put it in /etc/rndc.conf at "secret" line.
6. Do link :

$ln -s /var/named/chroot/etc/rndc.conf /etc/rndc.conf

7. vi /etc/named.conf put following :

----
controls {
inet 127.0.0.1 allow { 127.0.0.1; } keys { rndckey; };
};

key "rndckey" {
algorithm "hmac-md5";
secret "replace_keyhere";
};

----

8. Restart named and check status :

$rndc status

Output will look like :

$rndc status
version: 9.7.3-P3-RedHat-9.7.3-2.el6_1.P3.2
CPUs found: 1
worker threads: 1
number of zones: 20
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
Read More
Posted in | No comments

Tuesday, 15 November 2011

How to rotate sudo log?

Posted on 00:35 by Unknown
Scenario : Sudo log files will keep the activities of sudo users and their login status in /var/log/sudolog.

Tested platform : RHEL 5

Solution :

1. Create a sudo log file and put it in /etc/sudoers. Then rotate it for 90 days. As an example :

$touch /var/log/sudolog

2. vi /etc/sudoers and add following lines :

-----
Defaults !syslog
Defaults logfile = /var/log/sudolog
-----

Then save it.

3. Rotating this log file :

vi /etc/logrotate.d/sudolog and put following :

------
/var/log/sudolog {
rotate 90
size 5M
postrotate
/usr/bin/killall -HUP syslogd
endscript
}
------

4. Now restart syslogd :

$service syslogd restart

This will keep maximum 5MB file of 90 different copies. Old copy will be removed first.
Read More
Posted in | No comments
Newer Posts Older Posts Home
Subscribe to: Posts (Atom)

Popular Posts

  • unable connect to socket: No route to host (113)
    Guys, This error message usually comes when you try to access remote linux desktop using vncviewer. Please check the firewall in the linux s...
  • NDMP communication failure error
    Guys, Issue : Netbackup server sends alert NDMP communication failure once everyday. But there is no issue to run scheduled backup jobs. Env...
  • How to verify UDP packet communication between two linux system?
    Guys, Today, I had to check UDP packet communication between linux and a windows system. Main purpose of the windows system was to capturing...
  • what does it mean by "cman expected_votes="1" two_node="1" in cluster.conf ?
    For two node clusters ordinarily, the loss of quorum after one out of two nodes fails will prevent the remaining node from continuing (if bo...
  • Details about NFS timeout on Red Hat Enterprise Linux 5
    There are two mount options for timeouts of an NFS request. # timeo: a timeout value. the unit is 1/10 seconds. # retran...
  • configure: error: could not find library containing RSA_new
    Guys, It seems you have enabled the SSL option during configuring the package. Please either resolve that dependency or disable the SSL opti...
  • How to configure NFSv4 with kerberos on linux?
    Guys, Please refer the following steps to do the same : Used Environment : kerberos(i.e NFSv4) server : RHEL 5.5, 64 bit arch NFS client : R...
  • "cluster is not quorate. refusing connection"
    Guys, Environment : Red Hat Enterprise Linux 5.6, RHCS Error : subject line Issue : I am not sure while I got this error in the system log s...
  • How to redirect output of script to a file(Need to save log in a file and file should be menioned in the script itself?
    Expectation : @subject Steps : 1. Create a bash script. 2. add line : exec > >(tee /var/log/my_logfile.txt) That's it. All output ...
  • Steps to develop patch and apply it to original source file
    1. Create test.c  Above file contains : -------- [kamalma@test-1 C_Programming]$ cat test.c #include #include int main()  {  printf("\n...

Categories

  • ACL
  • ESX
  • Linux
  • Storage
  • UCS

Blog Archive

  • ►  2013 (5)
    • ►  May (1)
    • ►  April (3)
    • ►  February (1)
  • ►  2012 (10)
    • ►  July (1)
    • ►  June (1)
    • ►  April (1)
    • ►  March (3)
    • ►  February (3)
    • ►  January (1)
  • ▼  2011 (86)
    • ►  December (3)
    • ▼  November (2)
      • How to configure rndc key with chrooted bind on li...
      • How to rotate sudo log?
    • ►  September (19)
    • ►  August (9)
    • ►  July (5)
    • ►  June (9)
    • ►  May (12)
    • ►  April (3)
    • ►  March (4)
    • ►  February (5)
    • ►  January (15)
  • ►  2010 (152)
    • ►  December (9)
    • ►  November (34)
    • ►  October (20)
    • ►  September (14)
    • ►  August (24)
    • ►  July (19)
    • ►  June (3)
    • ►  May (25)
    • ►  April (3)
    • ►  January (1)
Powered by Blogger.