How to enable php in apache on RHEL ?

1. In order to enable php engine in apache, you should make sure php is installed in the system first. Then refer following steps :

locate libphp5.so

In most of cases, libphp5.so will be present inside /etc/httpd/modules

2. Add following in httpd.conf :

------------------
# Use for PHP 5.x:
LoadModule php5_module modules/libphp5.so
AddHandler php5-script .php

# Add index.php to your DirectoryIndex line:
DirectoryIndex index.html index.php

AddType text/html .php

# PHP Syntax Coloring
# (optional but useful for reading PHP source for debugging):

AddType application/x-httpd-php-source phps
------------------

OR

-----------------

LoadModule php5_module modules/libphp5.so


# Use of the "ZTS" build with worker is experimental, and no shared
# modules are supported.
LoadModule php5_module modules/libphp5-zts.so


#
# Cause the PHP interpreter to handle files with a .php extension.
#
AddHandler php5-script .php
AddType text/html .php

#
# Add index.php to the list of files that will be served as directory
# indexes.
#
DirectoryIndex index.php

#
# Uncomment the following line to allow PHP to pretty-print .phps
# files as PHP source code:
#
#AddType application/x-httpd-php-source .phps
-----------------

3. Restart apache.

Testing :

$ httpd -t

Create a php file inside web directory. Put the following content in that file like :

vi info.php

--------


--------

Then access the file through browser like http://localhost/info.php. If it shows all the enables php directives or modules then php works fine.

Read More

How to store sftp log messages in custom file on RHEL 6?

How to setup chrooted sftp account on RHEL 6?

$groupadd sftponly
$$useradd user123
$usermod -d /myhome -g sftponly -s /bin/false user123
$mkdir -p /chroots/user123 ; chmod -R 755 /chroots/user123
$mkdir /chroots/user123/myhome ; chown user123:sftponly /chroots/user123/myhome
$passwd user123

Also make sure below is successfully configured :


How to store sftp log messages in custom file on RHEL 6?

--------------------------------
1. Make sure "AUTHPRIV" facility is used in sshd_config file. Sample file looks like :


$ cat /etc/ssh/sshd_config :


-------------
Subsystem sftp internal-sftp -f AUTHPRIV -l VERBOSE

# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server

Match Group sftponly
ChrootDirectory /chroots/%u
AllowTcpForwarding no
ForceCommand internal-sftp -f AUTHPRIV -l VERBOSE
X11Forwarding no
-------------

2. Use proper additional socket file in /etc/sysconfig/rsyslog like :

vi /etc/sysconfig/rsyslog

SYSLOGD_OPTIONS="-m 0 -a /chroots/dev/log"

3. Following lines should be present in /etc/rsyslog.conf :

Add following lins :

-----------
$InputUnixListenSocketHostname internal-sftp
$AddUnixListenSocket /chroots/dev/log

# Log internal-sftp activity in a separate file

:programname, isequal, "internal-sftp" -/var/log/sftp.log
:programname, isequal, "internal-sftp" ~
:programname, isequal, "sshd" -/var/log/sftp.log
:programname, isequal, "sshd" ~

------------

4. Make sure you have done a hard link to socket file like :

$mkdir -p /chroots//dev
$ln /chroots/dev/log /chroots//dev/log

Note : Replace username in above command.

5. Restart rsyslog and sshd service :

$service rsyslog restart
$service sshd restart

Testing :

Open a terminal and execute following command on it like :

$tailf /var/log/sftp.log

Try to access SFTP account like :

$sftp username@IP
pw: << Enter password You'll see that all sftp logs messages are available in /var/log/sftp.log. Note : Note that all sshd and sftp related messages will be logged in above file. --------------------------- You may get following error : fatal: safely_chroot: stat("/chroots/"): Permission denied Solution : This is appearing due to SELinux issue. Please execute following commands : $chcon -t user_home_t /chroots/user123 $chcon -t user_home_t /chroots/user123/myhome $getsebool -a|grep sftp sftpd_anon_write --> off
sftpd_enable_homedirs --> off
sftpd_full_access --> off
sftpd_write_ssh_home --> off

Enable boolean like :

$setsebool -P sftpd_enable_homedirs 1

That's it.

Read More

How to setup multiple gateways for multiple Ethernets?

If you would like to use multiple gateways, you should use iproute package and define the gateway in two tables in conjunction with each interface.

Here is an example how to configure it :

Let's assume eth0 has gateway 10.1XX.69.1 and eth3's gateway is 10.1XX.66.1.

So, you should execute following steps :

echo 1 ISP1 >> /etc/iproute2/rt_tables
echo 2 ISP2 >> /etc/iproute2/rt_tables

The next step is to have some routing rules and routes:

For the ISP1 table:

ip route add default via 10.1XX.69.1 dev eth0 table ISP1
ip rule add from 10.1XX.69.0/24 table ISP1


For the ISP2 table:

ip route add default via 10.1XX.66.1 dev eth3 table ISP2
ip rule add from 10.1XX.66.0/24 table ISP2

------------------

In order to make above rules persistent, you should put them in rc.local file like :

cat /etc/rc.local

ip route add default via 10.1XX.69.1 dev eth0 table ISP1
ip rule add from 10.1XX.69.0/24 table ISP1
ip route add default via 10.1XX.66.1 dev eth3 table ISP2
ip rule add from 10.1XX.66.0/24 table ISP2

Note : You should replace the IP addresses in above commands.

Read More