Permanent hostname setup for RHEL7

Step 1

Set the host name on NMTUI tool like following

nmtui

set host name  

then save and exit

Step 2

add the following line in last line of /etc/sysctl.conf

vi  /etc/sysctl.conf

kernel.hostname = hostname.example.com

then save and exit the editor and run the following command

sysctl -p

Step 3

now add the following line that mentioned below in the following file last line  /etc/cloud/cloud.cfg

vi /etc/cloud/cloud.cfg

preserve_hostname: true

save and exit  

then reboot and try again.

How to provide full access for shm partition

For the full access permission for the /dev/shm, just modify the following file with following changes.

open the following file with vi editor

vi /usr/lib/dracut/modules.d/95fcoe/cleanup-fcoe.sh

Just modify the 7th line mkdir -m 0755 to 0777 

then save and restart your server and check

How to change default kernel in rhel 7

Step 1 

check the running kernel version

uname -a

Step 2 

List the kernel 

awk -F\' '$1=="menuentry " {print $2}' /etc/grub2.cfg

Step 3 

set the kernel that you want to put it default with following command

grub2-set-default 2

Step 4

Changes to /etc/default/grub require rebuilding the grub.cfg file as follows

grub2-mkconfig -o /boot/grub2/grub.cfg

reboot and check

kernel: svc: failed to register nfsaclv2 RPC service (errno 111)

When I restart the NFS service I got the following error like the image below




So I resolved the issue by the following steps.

Step 1

Checked the rpcbind status with the following command

service rpcbind status





I got the error like rpcbind dead but pid file exists

so I just restart the rpcbind service with the following command

service rpcbind start


Step 2

Checked the rpcinfo with following command

rpcinfo -p



then I just restart the nfs service with the following command 

service nfs restart




 That's all.
 

unknown filesystem type 'lvm2_member'

Sometimes we have face this issue when mounting another existing Linux HDD or linux LVM. 

When we trying to mount the partition  it should be activated otherwise it will show the unknown filesystem type. for this we need to do 2 simple commands only. Run the following commands and check.

modprobe dm-mod

modprob utility is used to add loadable modules to kernel. this command load the necessary modules

vgchange -ay

to activate the volume

now scan the LVM

lvscan

you can use this command before starting modprobe also to check which are active and inactive.

Now mount the filesystem

mount /dev/volgrp/lgvol /mnt

How to redirect tomcat from apache with workers properties

Step 1

In this we are going to see the redirection tomcat from apache. For this we need to do the following steps.

First create workers.properties file and add the below mentioned details.

touch workers.properties

vi workers.properties

add

worker.list=tst

worker.tst.type=ajp13
worker.tst.port=8009
worker.tst.host=tomcat ip or hostname

Step 2

Add the workers.propertis details in apache config file.

vi /usr/local/apache2.x/conf/httpd.conf

JkExtractSSL On
JkHTTPSIndicator HTTPS
JkSESSIONIndicator SSL_SESSION_ID
JkCIPHERIndicator SSL_CIPHER
JkCERTSIndicator SSL_CLIENT_CERT
JkWorkersFile  "/usr/local/apache2.x/conf/workers.properties"
JkLogFile               "/usr/local/apache2/logs/mod_jk.log"
JkShmFile               "/usr/local/apache2/logs/jkshmi.log"
JkLogLevel              error

Now save and close it

Step 3

Now we need to add the few more details in http-ssl.conf

vi /usr/local/apache2.x/conf/extra/http-ssl.conf

add the below details before </VirtualHost>

JKMount /example tst
JKMount /example/* tst
JKMount /* tst

example --> is that you have the context name of tomcat web like http://192.168.1.2:8080/example

That's all ...

SFTP connection for single user to single directory

How to restict a user to use another directory?

Step 1

Create a directory with following command

mkdir /sftp-test

mkdir /sftp-test/sftp

then create a user and group 

groupadd usersftp

useradd -g usersftp-d /sftp-test -s /sbin/nologin sftpuser

Step 2

Edit the sshd_config file to allow the user to access perticular directory.

vi /etc/ssh/sshd_config

add the following lines and # the following

 Subsystem      sftp    /usr/libexec/openssh/sftp-server
#Subsystem      sftp    /usr/libexec/openssh/sftp-server

add the following 

Subsystem sftp internal-sftp

Match Group exchange
        ChrootDirectory %h
        ForceCommand internal-sftp
        AllowTcpForwarding no
        X11Forwarding no 

Step 3

Now we need to set the permissionas follows

chown root:root /sftp-test

chown sftpuser:root  /sftp-test/sftp

now restart the sshd and check it will work 100%

service sshd restart



 

problem making ssl connection

For this issue you need to install below packages

yum -y install ca-certificates openssl nss

This issue cause only if your using centos 6 

Thanks

BackupPC success mail triggering

Step 1

Go to Edit Config->Backup Setting and add the following lines into the DumpPostUserCmd

/opt/BackupPC/email_sample.sh $xferOK $host $type $client $hostIP $share $XferMethod $sshPath $cmdType

Before that we have to create email_sample.sh in that particular locations.

step 2

add the following scipt in email_sample.sh file and create  a txt file in /tmpas emailmessage.txt

#!/bin/bash
# script to send simple email
# Email To ?
EMAIL="your mail address"
# Email text/message
EMAILMESSAGE="/tmp/emailmessage.txt"

# Grab the status variables
xferOK=$1
host=$2
type=$3
client=$4
#hostIP=$5
share=$6
XferMethod=$7
#TopDir=$8
#cmdType=$9

#Extract the info file
#LOG_FILE="/u01/BackupPC/pc/$host//backupInfo"
 
LOG_FILE=`ls -t /u01/BackupPC/pc/$host/*/backupInfo | /usr/bin/head -1`
 
# Check if backup succeeded or not.
if [[ $xferOK == 1 ]]; then
        STATUS="SUCCESS"
else
        STATUS="FAILED"
fi

# email subject
SUBJECT="[BackupPC] $STATUS for host: $client"

# Email text/message
echo "Filesystem backup for $host $STATUS" > $EMAILMESSAGE
echo "" >>$EMAILMESSAGE
echo "Type: $type" >>$EMAILMESSAGE
#echo "Client: $client" >>$EMAILMESSAGE
echo "Host: $host" >>$EMAILMESSAGE
#echo "Host IP: $hostIP" >>$EMAILMESSAGE
echo "Share: $share" >>$EMAILMESSAGE
echo "XferMethod: $XferMethod" >>$EMAILMESSAGE
#echo "BackupPath: $TopDir" >>$EMAILMESSAGE
#echo "cmdType: $cmdType" >>$EMAILMESSAGE
echo "BackupDetails: $LOG_FILE" >>$EMAILMESSAGE
cat $LOG_FILE >>$EMAILMESSAGE
# send an email using /bin/mail
/bin/mail -s "$SUBJECT" "$EMAIL" < $EMAILMESSAGE
 
I have # some details if you required that you can enable it. 

Then change the owner to backuppcuser and provide execute permission

chown backuppc:backuppc email_sample.sh

chmod +x email_sample.sh

Now you will receive success and failure message whenever the backup start. 

BackupPC installation and configuration in rhel 6 and rhel 7

Step 1

Install latest epelreository  

For RHEL 6

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

For RHEL 7

rpm -Uvh http://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm

Install the required dependencies that mentioned below.

yum -y install perl-Compress-Zlib perl-Archive-Zip perl-File-RsyncP perl-suidperl openssh-clients expect perl-XML-RSS httpd

Step 2

For RHEL 6

Create a user for backuppc

useradd backuppc
passwd backuppc

Now install backuppc with below command

yum install BackupPC -y

Now set the password for BackupPC web portal 

htpasswd -c /etc/BackupPC/apache.users backuppc

it will promt for password.

make some changes in /etc/httpd/conf.d/BackupPC.conf

It looks like below

AuthType Basic
AuthUserFile /etc/BackupPC/apache.users
AuthName "backuppc"

<IfModule mod_authz_core.c>
  # Apache 2.4
  <RequireAll>
    Require valid-user
    <RequireAny>
      Require local
    </RequireAny>
  </RequireAll>
</IfModule>
<IfModule !mod_authz_core.c>
  # Apache 2.2
  order deny,allow
  deny from all
  #allow from 127.0.0.1
  #allow from ::1
  allow from all
#  require valid-user
</IfModule>

Now make a copy the config file for backup

cp /etc/BackupPC/config.pl /etc/BackupPC/config.pl_bkp

now edit the config file

vi /etc/BackupPC/config.pl

Make a changes in the following lines

$Conf{ServerInitdPath} = '/etc/init.d/backuppc';
$Conf{ServerInitdStartCmd} = '$sshPath -p 222 -i /u01/BackupPC/ssh-BKPPC-key -q -x -l root $serverHost$serverInitdPath start';
$Conf{CgiAdminUsers} = 'backuppc'; 

also cross check the following

$Conf{ServerHost} = 'localhost';
$Conf{BackupPCUser} = 'backuppc';
$Conf{TopDir} = '/var/lib/BackupPC/';
$Conf{ConfDir} = '/etc/BackupPC/';
$Conf{LogDir} = '/var/log/BackupPC';
$Conf{InstallDir} = '/usr/share/BackupPC';
$Conf{CgiDir} = '/usr/share/BackupPC/sbin/';

For RHEL 7

yum install backuppc nfs-utils bzip2 -y

start the backuppc servives with below command

systemctl start backuppc.service

set the permission as below

cd /usr/share/BackupPC

chown backuppc:backuppc sbin/*

cd sbin/

chmod u+s BackupPC_Admin

usermod -s /bin/bash backuppc

Now edit the config file and made a changes like below

vi /etc/BackupPC/config.pl

$Conf{CgiAdminUsers} = ”;
to

$Conf{CgiAdminUsers} = ‘backuppc’;

and change another content like below

$Conf{PingPath} = ";

to

$Conf{PingPath} = ‘/bin/ping’; 

Now edit the apache configuration like below

vi /etc/httpd/conf.d/BackupPC.conf

<IfModule mod_authz_core.c>
  # Apache 2.4
  <RequireAll>
    Require valid-user
    <RequireAny>
      Require valid-user
    </RequireAny>
  </RequireAll>
</IfModule>
<IfModule !mod_authz_core.c>
  # Apache 2.2
  AllowOverride All
  order deny,allow
  deny from all
  #allow from 127.0.0.1
  #allow from ::1
  #require valid-user
  allow from all
</IfModule>

Create username and password for backuppc GUI with below command

htpasswd -c /etc/BackupPC/apache.users backuppc

Step 3



Grant passwordless sudo access for backuppc user

visudo

add the below line in last

Defaults !lecture
backuppc ALL=NOPASSWD:/bin/gtar,/bin/tar

and # the following line

Defaults requiretty

to 

#Defaults requiretty

Now start the httpd and backuppc

service httpd start

service backuppc start

now makes it enable

chkconfig httpd on

chkconfig backuppc on


Now access the backuppc in url

http://ipaddress/backuppc



Follow the link for ssh passwordless authentication with key file

http://raindocs.blogspot.com/2018/08/ssh-passwordless-authentication-with.html

and change the RsyncClientCmd and RsyncClientRestoreCmd like below

RsyncClientCmd:

$sshPath -p 222 -i /path/of/ssh-BKPPC-key -q -x -l root $host $rsyncPath $argList+

RsyncClientRestoreCmd:

$sshPath -p 222 -i /path/of/ssh-BKPPC-key -q -x -l root $host $rsyncPath $argList+ 

 Now add the client to the backuppc server and start taking backup.