July 2014
M T W T F S S
« Mar    
 123456
78910111213
14151617181920
21222324252627
28293031  
151

Refs

Categories

Archives

profile for slm on Stack Exchange, a network of free, community-driven Q&A sites

Remote Installing CentOS 5 using VNC

Last month I went about “upgrading” my old fileserver, an aging Redhat 9 system to something a little bit more modern 8-), and redeploy it as a more powerful firewall box. The hardware is still very usable by today’s standards, a 1.7GHz Athlon processor, so I set about to do the installation. This system has never had a monitor permanently attached to it so I took this opportunity to try out an installation method that I had only toyed with a few times before. I’m talking about using VNC to do a remote install.

To get started I poped the CentOS 5.3 DVD in and gave this system a quick reboot. Now you know how I said this system didn’t have a monitor permanently attached. Well I lied. It does sorta kinda sorta have a monitor but it’s through a KVM switch which just so happens to be the same KVM as my primary desktop/workstation, so I didn’t want to have to keep switching back and forth, hence why I decided to do the install via VNC.

On to the install …

To start I flipped the KVM over so I could view this system’s console just to get things started. Once I got to the initial CentOS install screen I gave it a boot command like this:

1
linux vnc vncconnect=<workstation's hostname>

I then switched the KVM back to the desktop/workstation’s console and started up ssvnc in listening mode. Here’s the Options dialog from ssvnc which will configure ssvnc to start in listening mode, without any encryption.

NOTE: If you’ve never heard of ssvnc then check it out. It’s a extremely nice VNC client/server that runs on Linux, Windows, and OSX!

screenshot-ssl-ssh-vnc-options

Once the Options dialog is set I clicked the Listen button in ssnvc’s main gui

screenshot-ssl-ssh-vnc-viewer

Finally you’ll be presented with ssvnc’s transcript window

screenshot-untitled-window

After all this I was finally presented with the initial CentOS 5 installation window.

For further details these links to dklevine.com & this redhat magazine article proved useful.

Enabling MySQL’s Query Cache

Here are some notes for setting up MySQL so that it makes use of Query Caching. Doing this should help cut down on having to perform queries for wordpress and any other apps that hit the database.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#
# Check if MySQL has query cache enabled
#
 
mysql> show variables like 'have_query_cache';
+------------------+-------+
| Variable_name    | Value |
+------------------+-------+
| have_query_cache | YES   | 
+------------------+-------+
1 row in set (0.00 sec)
 
#
# Check what values the query* variables are set to
#
 
mysql> show variables like 'query%';
+------------------------------+---------+
| Variable_name                | Value   |
+------------------------------+---------+
| query_alloc_block_size       | 8192    | 
| query_cache_limit            | 1048576 | 
| query_cache_min_res_unit     | 4096    | 
| query_cache_size             | 0       | 
| query_cache_type             | ON      | 
| query_cache_wlock_invalidate | OFF     | 
| query_prealloc_size          | 8192    | 
+------------------------------+---------+
7 rows in set (0.00 sec)
 
#
# Set the query cache size
#
 
mysql> set global query_cache_size = 16777216;
Query OK, 0 rows affected (0.00 sec)
 
mysql> show variables like 'query%';
+------------------------------+----------+
| Variable_name                | Value    |
+------------------------------+----------+
| query_alloc_block_size       | 8192     | 
| query_cache_limit            | 1048576  | 
| query_cache_min_res_unit     | 4096     | 
| query_cache_size             | 16777216 | 
| query_cache_type             | ON       | 
| query_cache_wlock_invalidate | OFF      | 
| query_prealloc_size          | 8192     | 
+------------------------------+----------+
7 rows in set (0.00 sec)
 
#
# Query Cache Stats
#
 
mysql> show status like 'Qc%';
+-------------------------+----------+
| Variable_name           | Value    |
+-------------------------+----------+
| Qcache_free_blocks      | 2        | 
| Qcache_free_memory      | 16472504 | 
| Qcache_hits             | 1201     | 
| Qcache_inserts          | 254      | 
| Qcache_lowmem_prunes    | 0        | 
| Qcache_not_cached       | 37       | 
| Qcache_queries_in_cache | 134      | 
| Qcache_total_blocks     | 296      | 
+-------------------------+----------+
8 rows in set (0.00 sec)
Make these changes persist when MySQL restarts
1
2
3
4
5
6
[mysqld]
 
# Enable Query Caching
query_cache_size=16777216
query_cache_type=1
query_cache_limit=1048576

Thanks to howtogeek.com for explaining how to accomplish this.

[one-liner]: Removing a File’s Extension with Cut

Here’s a quick tip if you ever need to remove an extra extension when dealing with a file’s name.

1
echo file.ext1.ext2 | cut -d"." -f1-2

NOTE: For further details regarding my one-liner blog posts, check out my one-liner style guide primer.

More Info About OpenVZ and Memory

Found this extremely useful post over on maxgarrick.com about how OpenVZ resource limits work. I’m re-posting a very handy diagram that was part of the blog post so that I have a local copy for my own references here:

vz

I highly recommend that you check out the post if you want a great description of the resource limits with respect to memory work with OpenVZ.

[one-liner]: Cloning a MySQL Table

Today at work a co-worker asked if I could take an existing table, move it out of the way and make a new blank table in it’s place. He didn’t ask that it have its indexes preserved but it seemed to make sense that the indexes persisted with the new table as well.

Here’s how I accomplished this task (it’s actually 2 commands but what the heck, close enough):

1
2
CREATE TABLE new_table LIKE old_table;
RENAME TABLE old_table TO backup_table, new_table TO old_table;

Doing it this way seemed counter to my thinking but this guarantees that the transformation occurs atomically.

These pages: 1 & 2 proved helpful in figuring out how to do this.

NOTE: For further details regarding my one-liner blog posts, check out my one-liner style guide primer.

How to Setup a Mail Server on CentOS 5

This tutorial sets up and configures the following:

Primary packages

  • sendmail
  • spamassassin
  • milter-greylist
  • GeoIP
  • clamav
  • spamassassin-milter
  • clamav-milter
  • dovecot

Addons to spamassassin

  • SPF
  • DKIM

Optional Extras

  • spf-milter

NOTE: I’ll discuss how to setup the spf-milter, towards the end of this post but I now consider this an OPTIONAL package after talking with the maintainer of the city-fan.org repo, Paul Howarth. In talking with Paul, it turns out that spamassassin now has the ability to perform SPF checks based on a sender’s domain and IP address. This makes installing the spf-milter redundant and unecessary.

Getting Started

I found this very helpful YUM repository, city-fan.org that contains pretty much everything I needed to accomplish this, minus the ClamAV packages. For those I looked to another repository, rpmforge. To get started, I installed the repo rpm files below.

Setting up city-fan.org repo
1
2
3
4
5
6
7
8
# install yum repo package
rpm -Uvh http://www.city-fan.org/ftp/contrib/yum-repo/city-fan.org-release-1-9.rhel5.noarch.rpm
 
# import repo's GPG Key
rpm --import http://www.city-fan.org/ftp/contrib/yum-repo/CITY-FAN.ORG-GPG-KEY
 
# perform an initial update
yum update
Setting up rpmforge repo
1
2
3
4
5
6
7
8
# install yum repo package
rpm -Uvh http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
 
# import repo's GPG Key
rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
 
# perform an initial update
yum update
Setting up Spamassassin
1
2
yum install spamassassin \
 spamass-milter

Setup /etc/sysconfig/spamassassin

1
2
# Options to spamd
SPAMDOPTIONS="-d -c -m5 -H"

Setup /etc/sysconfig/spamass-milter

1
2
3
4
5
6
7
8
9
10
11
12
### Override for your different local config
#SOCKET=/var/run/spamass-milter/spamass-milter.sock
 
### Standard parameters for spamass-milter are:
### -P /var/run/spamass-milter.pid (PID file)
###
### Note that the -f parameter for running the milter in the background
### is not required because the milter runs in a wrapper script that
### backgrounds itself
###
### You may add another parameters here, see spamass-milter(1)
#EXTRA_FLAGS="-m -r 15"

Add the following to sendmail.mc and re-make sendmail.cf

1
2
3
4
5
6
dnl **
dnl ** enable spamassassin-milter to scan for spam using spamassassin **
dnl **
INPUT_MAIL_FILTER(`spamassassin', `S=unix:/var/run/spamass-milter/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl
define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl
define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}')dnl
Setting up SPF (NOTE: used by spamassassin, NOT the milter!)
1
2
3
4
5
# install perl-Mail-SPF
yum install perl-Mail-SPF
 
# restart spamassassin (in order to detect the spf plugin)
/etc/init.d/spamassassin restart

Spamassassin will automatically detect that SPF has been installed and will start using it as part of its scoring of each email. You can confirm that it’s working with this test.

1
2
3
4
5
6
7
8
9
10
11
spamassassin -D < /usr/share/doc/spamassassin-3.2.5/sample-spam.txt 2>&1 |grep -i spf
[18108] dbg: config: read file /usr/share/spamassassin/25_spf.cf
[18108] dbg: config: read file /usr/share/spamassassin/60_whitelist_spf.cf
[18108] dbg: plugin: loading Mail::SpamAssassin::Plugin::SPF from @INC
[18108] dbg: spf: checking to see if the message has a Received-SPF header that we can use
[18108] dbg: spf: using Mail::SPF for SPF checks
[18108] dbg: spf: no suitable relay for spf use found, skipping SPF-helo check
[18108] dbg: spf: already checked for Received-SPF headers, proceeding with DNS based checks
[18108] dbg: spf: no suitable relay for spf use found, skipping SPF check
[18108] dbg: spf: def_spf_whitelist_from: already checked spf and didn't get pass, skipping whitelist check
[18108] dbg: spf: whitelist_from_spf: already checked spf and didn't get pass, skipping whitelist check
Setting up DKIM

This module implements the various components of the DKIM and DomainKeys message-signing and verifying standards for Internet mail. It currently tries to implement these specifications:
* RFC4871, for DKIM
* RFC4870, for DomainKeys

1
yum install perl-Mail-DKIM

Spamassassin will automatically detect that DKIM has been installed and will start using it as part of its scoring of each email. I confirmed that it was working by sending myself an email from my gmail account and copying this email, make sure to include the full headers, into a text file. In my case I called this file test_email.txt.

1
2
3
4
5
6
spamassassin -D < ~/sam2.txt 2>&1 |grep -i dk
[18334] dbg: config: read file /usr/share/spamassassin/25_dkim.cf
[18334] dbg: config: read file /usr/share/spamassassin/60_whitelist_dk.cf
[18334] dbg: config: read file /usr/share/spamassassin/60_whitelist_dkim.cf
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
       	bh=8PW6kvDkcUGo7mGimEUrTlMVS5Y1dFw/IjjLn1WnNLw=;
Setting up GeoIP


…. Continue reading → How to Setup a Mail Server on CentOS 5 »»

Page 27 of 34« First...1020...2526272829...Last »