Tag: Linux

Posted on

How to recover MySQL’s “root” password quickly

Have you ever been in a rush or just had a complete brain freeze with your MySQL passwords?

Well…..I have.  🙂

——————————-

Step # 1 : Stop mysql service

SHELL> /etc/init.d/mysql stop

——————————-

Step # 2: Start to MySQL server w/o password:

SHELL> mysqld_safe --skip-grant-tables &

——————————-

Step # 3: Connect to mysql server using mysql client and setup the new root password:

SHELL> mysql -u root
mysql> use mysql;mysql> update user set password=PASSWORD("$PASSWORD") where User='root';mysql> flush privileges;mysql> quit

——————————-

Step #4: Stop and Restart MySQL Server: (try your new $PASSWORD)

SHELL> /etc/init.d/mysql stopSHELL> /etc/init.d/mysql startSHELL> mysql -u root -p

——————————-

Note: There are other ways to reset the password, but I like this one.

Posted on

Fedora 11 – VMware Workstation 6.5.2

Over the past few years several people on the VMware communities forums have released patches to fix the vmware modules for the next “fresh” release of the Linux Kernel / Distro. I’ve used them in the past with much success, but I generally like waiting for the official VMware support. However, I’m pretty excited about Fedora 11 (just to many new goodies not to play) and I noticed there’s a new updated patch for 2.6.29 and even 2.6.30 Kernels!

VMware Workstation 6.5.2 module patches/discussion: 2.6.29

VMware Workstation 6.5.2 module patches/discussion: 2.6.30

Sun has official Fedora 11 support (and now 2.6.31) with VirtualBox: VirtualBox 3.0.0 (if that’s your cup of tea)

Note: Obviously Fedora is the test bed for the QEMU/KVM merger so you can go that route as well, but I love VMware. ;0)
Here is a great article to get you moving on the QEMU/KVM way of life: Clik Me

HTH

Posted on

Fedora 11 – Intel / ATI – KMS bugs with video drivers

f11release

Starting in Fedora 10 (but disabled by default) Red Hat Fedora started providing the KMS Framework.

Fedora – KMS page: Click Me

X.Org – KMS page :  Click Me

Now if you’ve upgraded/installed the new Fedora 11 (or even Ubuntu 9.x etc.) KMS is enabled by default and you may have noticed there are new/still some regressions in the kernel and certain Intel and ATI cards may have issues.

If you’re having some crazy issues, fear not, you may have an answer here.

Intel Video Issues: Click Me

Ati/AMD Video Issues: Click Me

Note: This isn’t Fedora specific, you may have noticed you cant even enable desktop effects in Ubuntu 9.0.4 under certain cards (without de-blacklisting)

This is just the natural progression of trying to make things better and part of the growing pains that going with non-enterprise distros of Linux can give it’s users……but end the end, it will be worth it.

HTH.

Posted on

Redirecting root’s Email on Red Hat

red-hat-logo-bigIf you are a conscientious system administrator, you like to keep tabs on your server by checking root’s email at least once a day, correct?  If you manage more than one server, or get tired of having to log in to check your mail, you can redirect where email for the root user gets sent.

I ran into problems on Red Hat Enterprise 5.2 doing this, so I thought I’d post the resolution here.

Continue reading “Redirecting root’s Email on Red Hat”

Posted on

Practical Security: Resources from the US Government

If you live in the USA, did you know that your tax dollars are being used for some really good purposes?

You better believe it.  For example, the NSA provides some great guides and tools for securing your operating system, whether your are on a Mac, or running Windows, Linux, or Solaris.

Some of the guides can get a little complex (especially the Linux and Solaris ones), but even if you do some of what they suggest, you are increasing the security of your OS and are likely to learn a few things at the same time.

There are more resources from other parts of the government as well. Continue reading “Practical Security: Resources from the US Government”

Posted on

SWAT in 60 seconds

Q. What is SWAT?
A. It’s the “Samba Web Administration Tool”

Q. What can I use it for?
A. (shrug )Maybe to quickly setup a SAMBA server etc. 😉 from following my previous howto.
A2. It does have some good info even if you don’t use it for your SMB configuration.

We all know it’s best to use the command line interface (CLI) when learning something,
and most GUI tools don’t give you all the options anyway. However, it’s nice to have a GUI tool when you’re in a rush or you just want to try something new without digging for hours.

This article assumes you have already installed SAMBA.  See my previous article if you haven’t.

According to the SWAT docs, it will overwrite you current SMB.conf,
so you may want to backup your current one first.

# Backup the current smb.conf
sudo cp --preserve=context /etc/samba/smb.conf /etc/samba/smb.conf.pre-swat

# Install the SWAT tool
sudo yum install -y samba-swat

# Set the service to launch and start it up
sudo vi /etc/xinetd.d/swat (change the disable from yes to no)
sudo /sbin/service xinetd restart

# Browse to
http://localhost:901/

* Addtional Info:
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/SWAT.html

Posted on

SAMBA – Home Directory Shares Made Easy

Q. What is SAMBA?
A. “Samba is a Free Open Source Software suite that provides seamless file and print services to SMB/CIFS clients.”

Q. Where is SAMBA’s home?
A. http://www.samba.org

Q. Why did you bother writing this?
A. Several reasons, mostly to help myself and others.

Note: You may want to copy/paste this into a txt file for easier reading.

---------------------------------------------
This “entry level” guide will show you how to configure SAMBA in order to let users
browse their home folders under Linux via Windows.

Please note: I write these guides under RHEL/CentOS. However, they should work under any distribution. You still may need to tweak things a little. ;0)

I’m also assuming you have sudo rights. You shouldn’t work from root!

---------------------------------------------
If you’ve installed the default settings for SELinux, it will be in “Enforcing” mode.

# To check your SELinux status. (1 = Enforcing, 0 = Permissive)

[[code]]czozMDpcInNoZWxsJmd0OyAvdXNyL3NiaW4vZ2V0ZW5mb3JjZVwiO3tbJiomXX0=[[/code]]

# If you wish to change the state from Enforcing to Permissive temporarily

[[code]]czozNzpcInNoZWxsJmd0OyBzdWRvIC91c3Ivc2Jpbi9zZXRlbmZvcmNlIDBcIjt7WyYqJl19[[/code]]

If you wish to change it permanently between reboots, alter the /etc/selinux/config file to say Permissive
If you wish to keep using SELinux, I’ll provide the extra step to work with this guide,
other wise just ignore the SELinux “setsebool” command.

NOTE: Review the /etc/samba/smb.conf for addtional SELinux settings.
---------------------------------------------
# Install the SAMBA server.

[[code]]czozMjpcInNoZWxsJmd0OyBzdWRvIHl1bSBpbnN0YWxsIHNhbWJhXCI7e1smKiZdfQ==[[/code]]

# Add a user for testing the SMB/CIFS Shared Home directory.

[[code]]czo3MDpcInNoZWxsJmd0OyBzdWRvIC9zYmluL3VzZXJhZGQgc2FtYmF0ZXN0CnNoZWxsJmd0OyBzdWRvIHBhc3N3ZCBzYW1iYXRlc3R7WyYqJl19XCI7e1smKiZdfQ==[[/code]]

# Configure the user “sambatest” smb password.

[[code]]czozNzpcInNoZWxsJmd0OyBzdWRvIHNtYnBhc3N3ZCAtYSBzYW1iYXRlc3RcIjt7WyYqJl19[[/code]]

# Backup the /etc/samba/smb.conf file prior to any changes.
# Edit the smb.conf file and set your “workgroup” / “netbios name” if needed.

[[code]]czoxMTI6XCIKc2hlbGwmZ3Q7IGNkIC9ldGMvc2FtYmEKc2hlbGwmZ3Q7IHN1ZG8gY3AgLS1wcmVzZXJ2ZT1jb250ZXh0IHNtYi5jb257WyYqJl19ZiBzbWIuY29uZi5vcmcKc2hlbGwmZ3Q7IHN1ZG8gdmltIHNtYi5jb25mClwiO3tbJiomXX0=[[/code]]

workgroup = workgroup (this is Windows default group)
netbios name = CENTOS (don’t forget to uncomment this line)

# Set the SMB daemon to start on boot up. (for levels 2345)

 [[code]]czozNzpcInNoZWxsJmd0OyBzdWRvIC9zYmluL2Noa2NvbmZpZyBzbWQgb25cIjt7WyYqJl19[[/code]]

# Start the SAMBA daemon.

 [[code]]czozODpcInNoZWxsJmd0OyBzdWRvIC9zYmluL3NlcnZpY2Ugc21iIHN0YXJ0XCI7e1smKiZdfQ==[[/code]]

# OPTIONAL (if using SELinux)

[[code]]czo2MzpcInNoZWxsJmd0OyBzdWRvIC91c3Ivc2Jpbi9zZXRzZWJvb2wgLVAgc2FtYmFfZW5hYmxlX2hvbWVfZGlycyBvblwiO3tbJiomXX0=[[/code]]

---------------------------------------------
# You’ll want to edit your iptables/firewall rules to allow connections.
# I would recommend locking this down to local network hosts etc.
# I’ll assume your trusted hosts are on a 192.168.1.0/24 network.

[[code]]czoxMTY6XCIKc2hlbGwmZ3Q7IGNkIC9ldGMvc3lzY29uZmlnCnNoZWxsJmd0OyBzdWRvIGNwIC0tcHJlc2VydmU9Y29udGV4dCBpcHR7WyYqJl19YWJsZXMgaXB0YWJsZXMub3JnCnNoZWxsJmd0OyBzdWRvIHZpbSBpcHRhYmxlcwpcIjt7WyYqJl19[[/code]]
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp -s 192.168.1.0/24 --dport 137 -j ACCEPT-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp -s 192.168.1.0/24 --dport 138 -j ACCEPT-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 192.168.1.0/24 --dport 139 -j ACCEPT-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 192.168.1.0/24 --dport 445 -j ACCEPT

---------------------------------------------
# From Windows, browse your “workgroup” network and you should now see “CENTOS”
# Simply log in with the account/smbpasswd you’ve created.

---------------------------------------------
Additional Info:

* Official Samba 3.2.x HOWTO and Referencehttp://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/

* SELinux Guidehttp://docs.fedoraproject.org/selinux-user-guide/f10/en-US/
Copying / Moving files and retaining SELinux Contexts – See section “5.10. Maintaining SELinux Labels ”

* Dan Walsh’s SAMBA / SELinux infohttp://danwalsh.livejournal.com/14195.html

* IPTables
https://help.ubuntu.com/community/IptablesHowTo
http://fedorasolved.org/Members/kanarip/iptables-howto

clicky