Thursday, August 6, 2009

How to Upgrade Ubuntu 8.10 to 9.04 Jaunty



This tutorial will explain how to Upgrade Ubuntu 8.10 (Intrepid Ibix) to Ubuntu 9.04 (Jaunty Jackalope) released on the 23rd April 2009.

Important Notes Before Upgrade

1.Take a complete Back up all your data. There is no guarantee that all will go well.

2.You can only directly upgrade to Ubuntu 9.04 from Ubuntu 8.10

3.Before upgrading it is recommended that you read the release notes for Ubuntu 9.04, which document caveats and workarounds for known issues in this version.

4.Be sure that you have all updates applied to Ubuntu 8.10 before you upgrade Procedure to follow

Run this command on your CLI:

1. ssh

2. Run `apt-get update`

3. Run `apt-get upgrade`

4. Run `apt-get install update-manager-core`

5. Edit /etc/update-manager/release-upgrades and change prompt method to normal

6. Run `do-release-upgrade`

Once you run through the do-release-upgrade utility it will reboot the server. Once it comes back up your release should be 8.10. You can verify this by running `lsb_release -a` as root and you should see the following:

No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 8.10
Release: 9.04
Codename: Jaunty Jackalope
Hope You have "Jaunty" running on your Box.

RHCE Tips:How do I configure sendmail to route mail to specific hosts?

Sendmail is a popular mail server which comes by default with Red Hat Linux. For Ubuntu OS, you will have to install it through:
$sudo apt-get install sendmail

Wait and let machine do rest of the stuffs.

Configure sendmail to route mail to specific hosts:

This can be accomplished by adding appropriate entries to the /etc/mail/mailertable file.
This file allows you to specify a domain, and where you want all email for that domain sent to.

In the example below, all email destined for mydomain.com will be automatically forwarded to a mail server that resolves to backend.mail.server. Additionally, all email received from the 192.0.0.0 network will be forwarded to a mail server that resolves to outbound.mail.server.
Example:

/etc/mail/mailertable

mydomain.com smtp:backend.mail.server192. smtp:outgoing.mail.server

After your modifications to /etc/mail/mailertable are complete you will need to run the following command:

#makemap hash /etc/mail/mailertable.db < /etc/mail/mailertable Restart sendmail: #service sendmail restart

Thats it. Now sendmail is ready to route your mail to specific hosts preventing other machines to receive the same.

Happy Mailing.

RHCE Tips: How to filter content through Squid Server?

For security and to save bandwidth I would like to configure Squid proxy server such way that I do not want my users to download all of the following files:
MP3
MPEG
MPG
AVG
AVI
EXE

How do I configure squid content filtering?

A. You can use squid ACL (access control list) to block all these files easily.

How do I block music files using squid content filtering ACL?

First open squid.conf file /etc/squid/squid.conf:

# vi /etc/squid/squid.conf

Now add following lines to your squid ACL section:

acl blockfiles urlpath_regex "/etc/squid/blocks.files.acl"

You want display custom error message when a file is blocked:

# Deny all blocked extension

deny_info ERR_BLOCKED_FILES blockfiles http_access deny blockfiles

Save and close the file.

Create custom error message HTML file called ERR_BLOCKED_FILES in /etc/squid/error/ directory or /usr/share/squid/errors/English directory.

# vi ERR_BLOCKED_FILES Append following content:

start with html tag:
File is blocked due to new policy
Phone: 555-12435 (ext 44)
Email: helpdesk@yourcorp.com

Caution: Do not include HTML close tags as it will be closed by squid.

Now create /etc/squid/blocks.files.acl file:

# vi /etc/squid/blocks.files.acl

Append following text:
\.[Ee][Xx][Ee]$
\.[Aa][Vv][Ii]$
\.[Mm][Pp][Gg]$
\.[Mm][Pp][Ee][Gg]$
\.[Mm][Pp]3$

Save and close the file.

Restart Squid:
# /etc/init.d/squid restart

Run Internet Explorer on Ubuntu Linux

You have to enable universe packages first. It is also recommended that you use the official winehq ubuntu package:


1) Open a terminal

2) Open /etc/apt/sources.list

$sudo gedit /etc/apt/sources.list

3) Uncomment (or add) following lines:

deb http://us.archive.ubuntu.com/ubuntu edgy universe

4) Add this line:

deb http://wine.budgetdedicated.com/apt edgy main

5) Close gedit. Update and install wine and cabextract:

$wget -q http://wine.budgetdedicated.com/apt/387EE263.gpg -O- sudo apt-key add -

$sudo apt-get update

$sudo apt-get install wine cabextract

6) Download IEs 4 Linux and install

$wget http://www.tatanka.com.br/ies4linux/downloads/ies4linux-latest.tar.gz

$tar zxvf ies4linux-latest.tar.gz

$cd ies4linux-*./ies4linux

Note for Dapper users:

if you use ubuntu dapper, replace edgy with dapper on lines above. Note for Feisty users (7.04): if you use ubuntu Feisty, replace edgy with feisty in the lines above. Also replace gedit with kedit

if running Kubuntu instead of Ubuntu.

For "Fiesty" K/Ubuntu Users (and 64-bit "Fiesty): http://www.winehq.org/site/download-deb

How to setup Nginx WebServer on Linux?

I wasn’t happy with Apache Memory footprint and low stability. I was looking out for some good lightweight webserver and then some colleague suggested me to use Nginx. After struggling for couple of days, finally I was successful in setting up LEMP on Linux.

This Howto is all about setting up Nginx with PHP, MySQL and FastCGI.So Lets Start:

Installing Nginx from Source?

If you use Debian-based distributive as usual you can use command:

$ sudo apt-get install nginx

For Other Linux Flavours,

$ cd ~/user$mkdir server
$cd server
$wget http://sysoev.ru/nginx/nginx-0.7.59.tar.gz

Unpack archives:

$ tar xvf nginx-0.7.59$ cd nginx-0.7.59

You must have C compiler to compile a program. If you don’t have please do the next:

$sudo aptitude install build-essential
$sudo aptitude install linux-headers-`uname -r

Configure

$./configure

In the end, 100% you’ll have the next messages:

./configure: error: the HTTP rewrite module requires the PCRE library.You can either disable the module by using --without-http_rewrite_moduleoption, or install the PCRE library into the system, or build the PCRE librarystatically from the source with nginx by using --with-pcre= option. It’s normal, you can’t have all the libraries on your computer. We can install it.

$sudo aptitude install libpcre3 libpcre3-dev libpcrecpp0 libssl-dev zlib1g-dev

Start to compile it once again

$sudo make clean
$sudo ./configure --with-http_ssl_module
$sudo make
$sudo make install

Now, everything will be ok and server will be installed in your system. If you want you can change some default options doing command “./configure” for example:

--prefix=
- to set the directory where the server files will be located. This directory will be used for all ways you’ll set by command “./configure” and in configuration file nginx.conf too. Default it’s /usr/local/nginx.

--sbin-path=
- to set the name of the Nginx executive file. This name is used just for stage of installing. Default it’s /usr/local/nginx/sbin/nginx.

--conf-path=
- to set the name for the nginx.conf configuration file. In any time you can run Nginx with another configuration file which will be located in another directory with option “-c “. Default it’s /usr/local/nginx/conf/nginx.conf

--pid-path=
- to set the name for PID file. But after installing of the server in any time you can change the name in the nginx.conf configuration file. Default it’s /usr/local/nginx/logs/nginx.pid

--error-log-path=- to set the name for the error log file. After installing you can change the name in the nginx.conf configuration file. Default it’s /usr/local/nginx/logs/error.log

--http-log-path=
- to set the name for the access.log file. Access.log:it’s the file for registration of requests from the server. Default it’s /usr/local/nginx/logs/access.log.

How do I manage the server?

If you did’t change the default directories when you were installing the server, you can run the server by command:

$sudo /usr/local/nginx/sbin/nginx

Check the server.
ps -ef grep nginx

root 14999 1 0 16:44 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
nobody 15000 14999 0 16:44 ? 00:00:00 nginx: worker process
booch 15084 29644 0 16:45 pts/0 00:00:00 grep nginx

Great! Now you can open your browser and put http://localhost/
If server works you’ll see “Welcome”

Shutting down the server is possible by sending QUIT signal to the master process.

$kill -QUIT
Upgrading the server in the work process is possible by sending USR2 signal to the master process.

$kill -USR2
If you have already changed some options in the nginx.conf and you want to apply it you have to send HUP signal to the master process.

$kill -HUP
Log rotation. All log files have to be renamed, after this USR1 signal has to be sent to the master process. The master process will open all opened files once again and set them as unprivileged user. All worker processes work under this user. After successful opening master process will close all opened files and will send messages to worker processes to reopen files too. They also will open new files and in the same time will close all old files. In result all old files will be ready for further processing, for example, to compress them.

$kill -USR1

Important Signals:

QUIT - normal shut down
TERM, INT - fast shut down
HUP - reconfiguration, update the changed time zone, launch of new worker processes with the new configuration, normal shut down of worker processes.
USR1 - to reopen log files
USR2 - to upgrade executive file
How to run web site on the server?

Let’s start to do our server. We have to create new user (www), new group (www) and new structure for the site. Let’s begin from the group.

$sudo groupadd www

New user

$sudo useradd www -g www

Add www user to www group.

$sudo usermod -a -G www

Create password for www user.

$sudo passwd www

Let’s create a structure for the web site. I think it will be like this.

$sudo mkdir /home/www/
$sudo mkdir -p /home/www/linuxspace.org/{log, private, public, backups, archives, stats}

log - directory for log files
private - private data
public - directory for the site
backups - directory for backup data
stats - directory for stats
archives - for archives

Please, be attentive with the rights. For all directories it’s (rw+r+r), and for public it’s (rwx+r+r).And now you have to correct configuration file nginx.conf

$sudo nano /usr/local/nginx/conf/nginx.conf

#useruser www;
#numbers of work process
worker_processes ;
#address of PID file
pid /home/www/linuxspace.org/nginx.pid; events
{
worker_connections ;
}
http
{
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
sendfile on;
tcp_nopush on;
#keepalive_timeout ;
keepalive_timeout ;
#compression
gzip on;
gzip_min_length ;
gzip_buffers k;
gzip_types text/plain;
gzip_comp_level ;
gzip_proxied any;
#configure the virtual hostserver
{
#port listen *:;
#name of server server_name localhost;
#coding charset utf-;
#it's general directory, when will be site
root /home/www/linuxspace.org/public;
#LOGS #------------------------------------------------------------------
access_log /home/www/linuxspace.org/log/localhost.access.log;
error_log /home/www/linuxspace.org/log/error.log;
access_log /home/www/linuxspace.org/log/access.log;
#------------------------------------------------------------------
#files which server will read in the general directory location /
{
root /home/www/linuxspace.org/public;
index index.html index.htm index.php;
}
error_page /.html;
# redirect server error pages to the static page /x.html
# error_page /x.html; location = /x.html { root html; }
# proxy the PHP scripts to Apache listening on ...:
#
#location ~ \.php$
{
# proxy_pass http://...;
#
}
# pass the PHP scripts to FastCGI server listening on ...:
#
#location ~ \.php$
{
# root html;
# fastcgi_pass ...:;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#
}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen ;
# listen somename:;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
#
}
#
}
# HTTPS server
#
#server
{
# listen ;
# server_name localhost;
# ssl on;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_timeout m;
# ssl_protocols SSLv SSLv TLSv;
# ssl_ciphers ALL:!ADH:!EXPORT:RC+RSA:+HIGH:+MEDIUM:+LOW:+SSLv:+EXP;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
#
}
#
}
}

It’s enough to run the html site on the server. But, please, don’t delete another options, you’ll need it in the future.
Remember, if you want to use another nginx.conf file, you can run server using option “-c”

sudo /usr/local/nginx/sbin/nginx -c /home/user/nginx.conf

Let’s run the server

sudo /usr/local/nginx/sbin/nginx

If everything is ok, you’ll see the server is in the process.

ps -ef grep nginx
root 7146 1 0 02:19 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
www 7147 7146 0 02:19 ? 00:00:00 nginx: worker process
www 7148 7146 0 02:19 ? 00:00:00 nginx: worker process

Great. It works. The master process has root rights and worker processes have rights from the www user. So, now you can put html page index.html into the /home/www/linuxspace.org/public directory. Then, please, open browser and print http://localhost You’ll see your site.