New posts are coming soon..

Hi Guys,

It's been a long time I didn't post any article or issue here. There were few transitions in my career and I was bit busy. Hence, I didn't get time to update or post. There are more technologies on which I'll discuss. Following are in pipeline :

Linux Kernel
A bit about Red Hat Company and Product
Linux troubleshooting step and basic concept
CISCO unified computing system( UCS )
CISCO Fabric Interconnect Switch, VLAN, port channeling etc
FCOE, FC protocol
Red Hat Cluster
Veritas Cluster
Veritas Volume Manager
DMP or Veritas Dynamic Multipathing
SAN/NAS
Vmware vSpehere Virtualization, ESX 5.0.0
vCenter and vCenter HeartBeat
vMotion, Update manager
Netapp Storage Filers, Volume, LUN,masking, mapping, exporting, system log analysis etc
SnapVault
Symantec Netbackup Tecnology
Scripting : Python and Perl

So, stay tune...Good Luck :)

Read More

Steps to develop patch and apply it to original source file

1. Create test.c

 Above file contains :

--------
[kamalma@test-1 C_Programming]$ cat test.c
#include
#include
int main()
 {
 printf("\n I'm kamal \n");
return 0;
}
--------

2. Compile it and check its output.

OP :

-------
[kamalma@test-1 C_Programming]$ ./test

 I'm kamal
[kamalma@test-1 C_Programming]$
-------

3. Modify test.c and add new lines or codes in it. Lets say it test_modifed.c. This file contains following codes :

------
[kamalma@test-1 C_Programming]$ cat test_modified.c
#include
#include
int main()
 {
 printf("\n I'm kamal \n");
 printf("\nI have added one more line. This comes from modifed code\n" );
return 0;
}
[kamalma@test-1 C_Programming]$
[kamalma@test-1 C_Programming]$ gcc -o test_modified test_modified.c
[kamalma@test-1 C_Programming]$ ./test_modified

 I'm kamal

I have added one more line. This comes from modifed code
[kamalma@test-1 C_Programming]$
------

3. Then execute following command to create a patch in the same directory.  :

 diff -u test.c test_modified.c > test.patch.1

Here test.path.1 will contain following :

-----
[kamalma@test-1 C_Programming]$ cat test.patch.1
--- test.c      2012-07-17 07:52:39.000000000 +0530
+++ test_modified.c     2012-07-17 07:54:41.000000000 +0530
@@ -3,5 +3,6 @@
 int main()
  {
  printf("\n I'm kamal \n");
+ printf("\nI have added one more line. This comes from modifed code\n" );
 return 0;
 }
[kamalma@test-1 C_Programming]$
-----

5. In order to apply patch to test.c file, you need to execute following command :

patch test.c < test.patch.1

Example :

---------
[kamalma@test-1 C_Programming]$ patch -u test.c < test.patch.1
patching file test.c
[kamalma@test-1 C_Programming]$ cat test.c
#include
#include
int main()
 {
 printf("\n I'm kamal \n");
 printf("\nI have added one more line. This comes from modifed code\n" );
return 0;
}
[kamalma@test-1 C_Programming]$
-----------

Reverting back :

----------
[kamalma@test-1 C_Programming]$ patch -R test.c < test.patch.1
patching file test.c
[kamalma@test-1 C_Programming]$ cat test.c
#include
#include
int main()
 {
 printf("\n I'm kamal \n");
return 0;
}
[kamalma@test-1 C_Programming]$
----------

You can do dry-run (test prior to be originally chaning codes in test.c)

patch -p0 --dry-run test.c < test.patch.1

6. Now recompiling the test.c program :

---------
[kamalma@test-1 C_Programming]$ gcc -o testnew test.c
[kamalma@test-1 C_Programming]$ ./testnew

 I'm kamal

I have added one more line. This comes from modifed code
[kamalma@test-1 C_Programming]$
---------

Read More

How to redirect tomcat log to syslog server?

I assume that you are going to use log4j tool to log the tomcat messages. In order to redirect these messages in syslog file, you should modify4j$CATALINA_BASE/lib/log4j.properties and make sure following entries are present :

 -------------------

log4j.rootLogger=INFO, CATALINA

# Define all the appenders
log4j.appender.CATALINA=org.apache.log4j.DailyRollingFileAppender
log4j.appender.CATALINA.File=${catalina.base}/logs/catalina.
log4j.appender.CATALINA.Append=true
log4j.appender.CATALINA.Encoding=UTF-8
# Roll-over the log once per day
log4j.appender.CATALINA.DatePattern='.'yyyy-MM-dd'.log'
log4j.appender.CATALINA.layout = org.apache.log4j.PatternLayout
log4j.appender.CATALINA.layout.ConversionPattern = %d [%t] %-5p %c- %m%n

log4j.appender.LOCALHOST=org.apache.log4j.DailyRollingFileAppender
log4j.appender.LOCALHOST.File=${catalina.base}/logs/localhost.
log4j.appender.LOCALHOST.Append=true
log4j.appender.LOCALHOST.Encoding=UTF-8
log4j.appender.LOCALHOST.DatePattern='.'yyyy-MM-dd'.log'
log4j.appender.LOCALHOST.layout = org.apache.log4j.PatternLayout
log4j.appender.LOCALHOST.layout.ConversionPattern = %d [%t] %-5p %c- %m%n

log4j.appender.MANAGER=org.apache.log4j.DailyRollingFileAppender
log4j.appender.MANAGER.File=${catalina.base}/logs/manager.
log4j.appender.MANAGER.Append=true
log4j.appender.MANAGER.Encoding=UTF-8
log4j.appender.MANAGER.DatePattern='.'yyyy-MM-dd'.log'
log4j.appender.MANAGER.layout = org.apache.log4j.PatternLayout
log4j.appender.MANAGER.layout.ConversionPattern = %d [%t] %-5p %c- %m%n

log4j.appender.HOST-MANAGER=org.apache.log4j.DailyRollingFileAppender
log4j.appender.HOST-MANAGER.File=${catalina.base}/logs/host-manager.
log4j.appender.HOST-MANAGER.Append=true
log4j.appender.HOST-MANAGER.Encoding=UTF-8
log4j.appender.HOST-MANAGER.DatePattern='.'yyyy-MM-dd'.log'
log4j.appender.HOST-MANAGER.layout = org.apache.log4j.PatternLayout
log4j.appender.HOST-MANAGER.layout.ConversionPattern = %d [%t] %-5p %c- %m%n

log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
log4j.appender.CONSOLE.Encoding=UTF-8
log4j.appender.CONSOLE.layout = org.apache.log4j.PatternLayout
log4j.appender.CONSOLE.layout.ConversionPattern = %d [%t] %-5p %c- %m%n

# Configure which loggers log to which appenders
log4j.logger.org.apache.catalina.core.ContainerBase.[Catalina].[localhost]=INFO, LOCALHOST
log4j.logger.org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager]=\
  INFO, MANAGER
log4j.logger.org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager]=\
  INFO, HOST-MANAGER

 -------------------

 Note : I have added SYSLOG logger and appender along with other properties in above file. For more information about log4j, you can log on to : http://tomcat.apache.org/tomcat-7.0-doc/logging.html#Using_Log4j


Once you added above file, you should restart tomcat application or instance. Then you'll able to see tomcat messages in system log (/var/log/messages). In order to redirect syslog client messages to syslog server, you should use following format in syslog.conf in syslog client machine :

 *.* @IP_OF_syslog server

Note : Please replace IP address with appropriate IP. Make sure syslog ports (514) are open in sysog server.

Read More

How to configure apache-tomcat on linux box?

Environment : RHEL 5.8
Package version : JDk 1.7.0_03
Apache tomcat : 6.0.35

Reference : http://www.puschitz.com/InstallingTomcat.html

JDK setup :

pwd
/jdk1.7.0_03

[root@vm13 jdk1.7.0_03]# export JAVA_HOME=/jdk1.7.0_03
[root@vm13 jdk1.7.0_03]# export PATH=$JAVA_HOME/bin:$PATH
[root@vm13 jdk1.7.0_03]# which java
/jdk1.7.0_03/bin/java
[root@vm13 jdk1.7.0_03]# java -version
java version "1.7.0_03"
Java(TM) SE Runtime Environment (build 1.7.0_03-b04)
Java HotSpot(TM) 64-Bit Server VM (build 22.1-b02, mixed mode)
[root@vm13 jdk1.7.0_03]#


Apache Tomcat setup :

[root@vm13 src]# rm -rf /var/spool/mail/root
[root@vm13 src]# groupadd tomcat
[root@vm13 src]# useradd -g tomcat -s /usr/sbin/nologin -m -d /home/tomcat tomcat
[root@vm13 src]# cd /var/lib
[root@vm13 lib]# tar zxvf /usr/local/src/apache-tomcat-6.0.35.tar.gz
[root@vm13 lib]# chown -R tomcat.tomcat /var/lib/apache-tomcat-6.0.35


/var/lib/apache-tomcat-6.0.35/bin/version.sh
Using CATALINA_BASE: /var/lib/apache-tomcat-6.0.35
Using CATALINA_HOME: /var/lib/apache-tomcat-6.0.35
Using CATALINA_TMPDIR: /var/lib/apache-tomcat-6.0.35/temp
Using JRE_HOME: /jdk1.7.0_03
Using CLASSPATH: /var/lib/apache-tomcat-6.0.35/bin/bootstrap.jar
Server version: Apache Tomcat/6.0.35
Server built: Nov 28 2011 11:20:06
Server number: 6.0.35.0
OS Name: Linux
OS Version: 2.6.18-308.el5
Architecture: amd64
JVM Version: 1.7.0_03-b04
JVM Vendor: Oracle Corporation


Starting/Stopping Tomcat:

export CATALINA_HOME=/var/lib/apache-tomcat-6.0.35
You have new mail in /var/spool/mail/root
[root@vm13 lib]# export CATALINA_BASE=/var/lib/apache-tomcat-6.0.35
[root@vm13 lib]# su -p -s /bin/sh tomcat $CATALINA_HOME/bin/startup.sh
Using CATALINA_BASE: /var/lib/apache-tomcat-6.0.35
Using CATALINA_HOME: /var/lib/apache-tomcat-6.0.35
Using CATALINA_TMPDIR: /var/lib/apache-tomcat-6.0.35/temp
Using JRE_HOME: /jdk1.7.0_03
Using CLASSPATH: /var/lib/apache-tomcat-6.0.35/bin/bootstrap.jar
[root@vm13 lib]#

$ps aux |grep java
tomcat 10711 9.4 10.1 463404 51696 pts/1 Sl 18:58 0:02 /jdk1.7.0_03/bin/java -Djava.util.logging.config.file=/var/lib/apache-tomcat-6.0.35/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.endorsed.dirs=/var/lib/apache-tomcat-6.0.35/endorsed -classpath /var/lib/apache-tomcat-6.0.35/bin/bootstrap.jar -Dcatalina.base=/var/lib/apache-tomcat-6.0.35 -Dcatalina.home=/var/lib/apache-tomcat-6.0.35 -Djava.io.tmpdir=/var/lib/apache-tomcat-6.0.35/temp org.apache.catalina.startup.Bootstrap start
root 10730 0.0 0.1 61232 724 pts/1 R+ 18:58 0:00 grep java
[root@vm13 lib]#


Stopping :

[root@vm13 lib]# su -p -s /bin/sh tomcat $CATALINA_HOME/bin/shutdown.sh
Using CATALINA_BASE: /var/lib/apache-tomcat-6.0.35
Using CATALINA_HOME: /var/lib/apache-tomcat-6.0.35
Using CATALINA_TMPDIR: /var/lib/apache-tomcat-6.0.35/temp
Using JRE_HOME: /jdk1.7.0_03
Using CLASSPATH: /var/lib/apache-tomcat-6.0.35/bin/bootstrap.jar
You have new mail in /var/spool/mail/root
[root@vm13 lib]# ps aux |grep java
root 10763 0.0 0.1 61232 724 pts/1 R+ 18:59 0:00 grep java
[root@vm13 lib]#


Switching to Tomcat User Account :

[root@vm13 lib]# su - -s /bin/sh tomcat
-sh-3.2$ id
uid=502(tomcat) gid=503(tomcat) groups=503(tomcat) context=root:system_r:unconfined_t:SystemLow-SystemHigh
-sh-3.2$

Control+D to exit from tomcat shell


Setting Up First Tomcat JVM Instance :

[root@vm13 opt]# mkdir -p /opt/tomcat-instance/sales.example.com
[root@vm13 opt]# cd /opt/tomcat-instance/sales.example.com
[root@vm13 sales.example.com]# cp -a /var/lib/apache-tomcat-6.0.35/conf .
[root@vm13 sales.example.com]# ll
total 8
drwxr-xr-x 3 tomcat tomcat 4096 Apr 17 18:58 conf
[root@vm13 sales.example.com]# less conf/
Catalina/ catalina.properties logging.properties tomcat-users.xml
catalina.policy context.xml server.xml web.xml
[root@vm13 sales.example.com]# less conf/server.xml
[root@vm13 sales.example.com]# mkdir common logs temp server shared webapps work
You have new mail in /var/spool/mail/root
[root@vm13 sales.example.com]# chown -R tomcat.tomcat /opt/tomcat-instance
[root@vm13 sales.example.com]#

Most of the remaining steps are executed as the tomcat user. So make sure you switch from root to tomcat:

# su - -s /bin/sh tomcat
$ id
uid=1001(tomcat) gid=1001(tomcat) groups=1001(tomcat)
$

[root@vm13 sales.example.com]# su - -s /bin/sh tomcat
-sh-3.2$ pwd
/home/tomcat
-sh-3.2$ whoami
tomcat
-sh-3.2$ cat > /opt/tomcat-instance/sales.env << EOF
> export JAVA_HOME=/jdk1.7.0_03
> export PATH=\$JAVA_HOME/bin:\$PATH
> export CATALINA_HOME=/var/lib/apache-tomcat-6.0.35
> export CATALINA_BASE=/opt/tomcat-instance/sales.example.com
> EOF
-sh-3.2$ cat /opt/tomcat-instance/sales.env
export JAVA_HOME=/jdk1.7.0_03
export PATH=$JAVA_HOME/bin:$PATH
export CATALINA_HOME=/var/lib/apache-tomcat-6.0.35
export CATALINA_BASE=/opt/tomcat-instance/sales.example.com
-sh-3.2$

Configuring Tomcat Network Ports :

Since this is the first Tomcat instance that's being created here, the default port numbers can be left unchanged in $CATALINA_BASE/conf/server.xml (/opt/tomcat-instance/sales.example.com/conf/server.xml):



connectionTimeout="20000"
redirectPort="8443" />



Starting First Tomcat Instance :

sh-3.2$ source /opt/tomcat-instance/sales.env
-sh-3.2$ $CATALINA_HOME/bin/startup.sh
Using CATALINA_BASE: /opt/tomcat-instance/sales.example.com
Using CATALINA_HOME: /var/lib/apache-tomcat-6.0.35
Using CATALINA_TMPDIR: /opt/tomcat-instance/sales.example.com/temp
Using JRE_HOME: /jdk1.7.0_03
Using CLASSPATH: /var/lib/apache-tomcat-6.0.35/bin/bootstrap.jar
-sh-3.2$

I have seen empty page : http://10.65.211.13:8080/

Relaying HTTP Port 80 Connections to Tomcat Port 8080 : that means if someone access http://10.65.211.13/ or http://10.65.211.13:80/, he'll get op of http://10.65.211.13:8080/

[root@vm13 sales.example.com]# iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080
[root@vm13 sales.example.com]# iptables -t nat -I OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports 8080
[root@vm13 sales.example.com]# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 8080

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 8080
[root@vm13 sales.example.com]


Remove iptables rules : iptables -t nat -F

Setting Up a Web Application for First Tomcat JVM Instance :

-sh-3.2$ vi $CATALINA_BASE/conf/server.xml :

unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">



And the docBase attribute is set to mysales which stands for the application name within the URL, i.e. "http://10.65.211.13/mysales" or "http://10.65.211.13:8080/mysales".


Home Page for Web Application :

cat > $CATALINA_BASE/webapps/sales/index.html < > > "http://www.w3.org/TR/html4/loose.dtd">
>
>
>
>

Apache Tomcat Sales Home Page

>
>
> EOF
-sh-3.2$
Restarting First Tomcat Instance :

-sh-3.2$ source /opt/tomcat-instance/sales.env
-sh-3.2$ $CATALINA_HOME/bin/shutdown.sh
Using CATALINA_BASE: /opt/tomcat-instance/sales.example.com
Using CATALINA_HOME: /var/lib/apache-tomcat-6.0.35
Using CATALINA_TMPDIR: /opt/tomcat-instance/sales.example.com/temp
Using JRE_HOME: /jdk1.7.0_03
Using CLASSPATH: /var/lib/apache-tomcat-6.0.35/bin/bootstrap.jar
-sh-3.2$ $CATALINA_HOME/bin/startup.sh
Using CATALINA_BASE: /opt/tomcat-instance/sales.example.com
Using CATALINA_HOME: /var/lib/apache-tomcat-6.0.35
Using CATALINA_TMPDIR: /opt/tomcat-instance/sales.example.com/temp
Using JRE_HOME: /jdk1.7.0_03
Using CLASSPATH: /var/lib/apache-tomcat-6.0.35/bin/bootstrap.jar
-sh-3.2$

now access http://10.65.211.13/mysales/ , you'll see "Apache Tomcat Sales Home Page".

Deploying Java Servlet for Web Application in First Tomcat JVM Instance :

1. Setting up Java Servlet Layout :

-sh-3.2$ mkdir -p $CATALINA_BASE/webapps/sales/WEB-INF/classes
JAR Files :
-sh-3.2$ mkdir $CATALINA_BASE/webapps/sales/WEB-INF/lib

Creating a Java Servlet :

vi $CATALINA_BASE/webapps/sales/WEB-INF/classes/Sales.java

-sh-3.2$ cat $CATALINA_BASE/webapps/sales/WEB-INF/classes/Sales.java
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;

public class Sales extends HttpServlet {

public void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException
{
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("");
out.println("");
out.println("");
out.println("");
out.println("");
out.println("

Executing Sales ...

");
out.println("");
out.println("");
}
}

-sh-3.2$
The following command should now compile the Java servlet without errors:
-sh-3.2$ cd $CATALINA_BASE/webapps/sales/WEB-INF/classes
-sh-3.2$ javac -classpath "$CATALINA_HOME/lib/*" Sales.java
-sh-3.2$ ls
Sales.class Sales.java
-sh-3.2$

Configuring the Java Servlet :

-sh-3.2$ cat $CATALINA_BASE/webapps/sales/WEB-INF/web.xml


xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">


servlet_sales
Sales



servlet_sales
/execute





-sh-3.2$

Modify index.html :

-sh-3.2$ cat $CATALINA_BASE/webapps/sales/index.html
"http://www.w3.org/TR/html4/loose.dtd">

Apache Tomcat Sales Home Page

Execute Sales


-sh-3.2$

Testing and Executing the Java Servlet :

-sh-3.2$ source /opt/tomcat-instance/sales.env
-sh-3.2$ $CATALINA_HOME/bin/shutdown.sh
Using CATALINA_BASE: /opt/tomcat-instance/sales.example.com
Using CATALINA_HOME: /var/lib/apache-tomcat-6.0.35
Using CATALINA_TMPDIR: /opt/tomcat-instance/sales.example.com/temp
Using JRE_HOME: /jdk1.7.0_03
Using CLASSPATH: /var/lib/apache-tomcat-6.0.35/bin/bootstrap.jar
-sh-3.2$ $CATALINA_HOME/bin/startup.sh
Using CATALINA_BASE: /opt/tomcat-instance/sales.example.com
Using CATALINA_HOME: /var/lib/apache-tomcat-6.0.35
Using CATALINA_TMPDIR: /opt/tomcat-instance/sales.example.com/temp
Using JRE_HOME: /jdk1.7.0_03
Using CLASSPATH: /var/lib/apache-tomcat-6.0.35/bin/bootstrap.jar
-sh-3.2$

OP : If you access : http://10.65.211.13/mysales/ , you'll see following :

Apache Tomcat Sales Home Page
Execute Sales

Now click on "Execute Sales", you'll see following :

Executing Sales ...

Disclaimer : I have referred above link and I have successfully setup it. In case you face any problem, please take a look at the link mentioned. I am not responsible for changing anything in above link. Use the commands at your own risk.

Read More

How to enable php in apache on RHEL ?

1. In order to enable php engine in apache, you should make sure php is installed in the system first. Then refer following steps :

locate libphp5.so

In most of cases, libphp5.so will be present inside /etc/httpd/modules

2. Add following in httpd.conf :

------------------
# Use for PHP 5.x:
LoadModule php5_module modules/libphp5.so
AddHandler php5-script .php

# Add index.php to your DirectoryIndex line:
DirectoryIndex index.html index.php

AddType text/html .php

# PHP Syntax Coloring
# (optional but useful for reading PHP source for debugging):

AddType application/x-httpd-php-source phps
------------------

OR

-----------------

LoadModule php5_module modules/libphp5.so


# Use of the "ZTS" build with worker is experimental, and no shared
# modules are supported.
LoadModule php5_module modules/libphp5-zts.so


#
# Cause the PHP interpreter to handle files with a .php extension.
#
AddHandler php5-script .php
AddType text/html .php

#
# Add index.php to the list of files that will be served as directory
# indexes.
#
DirectoryIndex index.php

#
# Uncomment the following line to allow PHP to pretty-print .phps
# files as PHP source code:
#
#AddType application/x-httpd-php-source .phps
-----------------

3. Restart apache.

Testing :

$ httpd -t

Create a php file inside web directory. Put the following content in that file like :

vi info.php

--------


--------

Then access the file through browser like http://localhost/info.php. If it shows all the enables php directives or modules then php works fine.

Read More

How to store sftp log messages in custom file on RHEL 6?

How to setup chrooted sftp account on RHEL 6?

$groupadd sftponly
$$useradd user123
$usermod -d /myhome -g sftponly -s /bin/false user123
$mkdir -p /chroots/user123 ; chmod -R 755 /chroots/user123
$mkdir /chroots/user123/myhome ; chown user123:sftponly /chroots/user123/myhome
$passwd user123

Also make sure below is successfully configured :


How to store sftp log messages in custom file on RHEL 6?

--------------------------------
1. Make sure "AUTHPRIV" facility is used in sshd_config file. Sample file looks like :


$ cat /etc/ssh/sshd_config :


-------------
Subsystem sftp internal-sftp -f AUTHPRIV -l VERBOSE

# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server

Match Group sftponly
ChrootDirectory /chroots/%u
AllowTcpForwarding no
ForceCommand internal-sftp -f AUTHPRIV -l VERBOSE
X11Forwarding no
-------------

2. Use proper additional socket file in /etc/sysconfig/rsyslog like :

vi /etc/sysconfig/rsyslog

SYSLOGD_OPTIONS="-m 0 -a /chroots/dev/log"

3. Following lines should be present in /etc/rsyslog.conf :

Add following lins :

-----------
$InputUnixListenSocketHostname internal-sftp
$AddUnixListenSocket /chroots/dev/log

# Log internal-sftp activity in a separate file

:programname, isequal, "internal-sftp" -/var/log/sftp.log
:programname, isequal, "internal-sftp" ~
:programname, isequal, "sshd" -/var/log/sftp.log
:programname, isequal, "sshd" ~

------------

4. Make sure you have done a hard link to socket file like :

$mkdir -p /chroots//dev
$ln /chroots/dev/log /chroots//dev/log

Note : Replace username in above command.

5. Restart rsyslog and sshd service :

$service rsyslog restart
$service sshd restart

Testing :

Open a terminal and execute following command on it like :

$tailf /var/log/sftp.log

Try to access SFTP account like :

$sftp username@IP
pw: << Enter password You'll see that all sftp logs messages are available in /var/log/sftp.log. Note : Note that all sshd and sftp related messages will be logged in above file. --------------------------- You may get following error : fatal: safely_chroot: stat("/chroots/"): Permission denied Solution : This is appearing due to SELinux issue. Please execute following commands : $chcon -t user_home_t /chroots/user123 $chcon -t user_home_t /chroots/user123/myhome $getsebool -a|grep sftp sftpd_anon_write --> off
sftpd_enable_homedirs --> off
sftpd_full_access --> off
sftpd_write_ssh_home --> off

Enable boolean like :

$setsebool -P sftpd_enable_homedirs 1

That's it.

Read More

How to setup multiple gateways for multiple Ethernets?

If you would like to use multiple gateways, you should use iproute package and define the gateway in two tables in conjunction with each interface.

Here is an example how to configure it :

Let's assume eth0 has gateway 10.1XX.69.1 and eth3's gateway is 10.1XX.66.1.

So, you should execute following steps :

echo 1 ISP1 >> /etc/iproute2/rt_tables
echo 2 ISP2 >> /etc/iproute2/rt_tables

The next step is to have some routing rules and routes:

For the ISP1 table:

ip route add default via 10.1XX.69.1 dev eth0 table ISP1
ip rule add from 10.1XX.69.0/24 table ISP1


For the ISP2 table:

ip route add default via 10.1XX.66.1 dev eth3 table ISP2
ip rule add from 10.1XX.66.0/24 table ISP2

------------------

In order to make above rules persistent, you should put them in rc.local file like :

cat /etc/rc.local

ip route add default via 10.1XX.69.1 dev eth0 table ISP1
ip rule add from 10.1XX.69.0/24 table ISP1
ip route add default via 10.1XX.66.1 dev eth3 table ISP2
ip rule add from 10.1XX.66.0/24 table ISP2

Note : You should replace the IP addresses in above commands.

Read More