Install Samba (Windows Share) on CENTOS 7


It is important for web developers to access the web files on a development server. However, if dev team requires to access it via windows share over CENTOS machine, then we need to install Samba.



Here's my quick list of installing Samba on CENTOS.

1.) Check for existing samba package if any using the following commands
#rpm -qa | grep samba
#yum list installed | grep samba

2.) If samba is installed, remove it using the below command
#yum remove samba*

3.) For SMB new User. Create a user and add to a group
#useradd -s /sbin/nologin [username]
#groupadd [smbgroupname]
Note: To know more about managing user and group just click here

4.) Now, install samba using the following command
#yum install samba* -y

5.) Assign the user username to  [smbgroupname], and set samba password to that user
#usermod -a -G [smbgroupname] [username]
#smbpasswd -a [username]

6.) Create a new share called “/samba/secure_share” and set the permissions to that share
#mkdir /samba/secure_share
#chmod -R 0755 /samba/secure_share
#chown -R [username]:[smbgroupname] /samba/secure_share

7.) Edit samba config file;
#vi /etc/samba/smb.conf

8.) Add the below lines at the bottom of samba config file.
[secure_share]
path = /samba/secure_share
writable = yes
browsable = yes
guest ok = no
valid users = @[smbgroupname]

9.) Test the samba configuration for any errors.
#testparm

10.) To start Samba service on system boot
#systemctl start smb
#systemctl start nmb
#systemctl enable smb
#systemctl enable nmb

11.) Firewall configuration. Allow Samba server default ports through firewall.
#firewall-cmd --permanent --zone=public --add-port=137/tcp
#firewall-cmd --permanent --zone=public --add-port=138/tcp
#firewall-cmd --permanent --zone=public --add-port=139/tcp
#firewall-cmd --permanent --zone=public --add-port=445/tcp
#firewall-cmd --permanent --zone=public --add-port=901/tcp

#firewall-cmd --permanent --add-port=137/tcp
#firewall-cmd --permanent --add-port=138/tcp
#firewall-cmd --permanent --add-port=139/tcp
#firewall-cmd --permanent --add-port=445/tcp
#firewall-cmd --permanent --add-port=901/tcp

#firewall-cmd --list-ports

12.) Restart firewall to apply the changes.
#firewall-cmd --reload

13.) SELinux Configuration ( Skip this part if you already disabled SELinux)

Turn the samba_enable_home_dirs Boolean on if you want to share home directories via Samba.
setsebool -P samba_enable_home_dirs on

Label  the /samba/secure_share/ with samba_share_t so that SELinux allows Samba to read and write to it.

#chcon -t samba_share_t /samba/secure_share/
#systemctl restart smb
#systemctl restart nmb

14.) To disable SELinux, edit file /etc/sysconfig/selinux,
#vi /etc/sysconfig/selinux

15.) Set SELinux value to disabled.
#SELINUX=disabled

16.) Finally, browse the shared folder you have configured.

References:
https://www.unixmen.com/install-configure-samba-server-centos-7/
Posted by No comments:
Labels: , ,

Moodle: Network setup using dynamic or multiple IP in wwwroot

If you have multiple NIC to be used for local and public access. Sometimes you are facing this kind of problem in Moodle. All you have to do is change a PHP variable in config.php inside moodle web directory.
$CFG->wwwroot

value with :
$CFG->wwwroot = 'http://'.$_SERVER["HTTP_HOST"];
Posted by No comments:
Labels: ,

CENTOS Linux Filesystem Layout


Path Description
/ Root Directory. Also contains all the key directories for the system.
/root Root Home Area. Where all root's personal configuration and files are located.
/etc Contains all important file configuration and settings for server applications. 
/proc A virtual representation of the status of the machine. It is a virtual filesystem used by the kernel to communicate with userland tools.Usually details of running system in the CPU can be seen using (/proc/cpuinfo), while the memory usage in (/proc/meminfo) etc.
/var Short for variable. Which web contents (/var/www/html) and system log files (/var/log/) resides. Usually takes disk space quickly. That's why it is highly suggested to put this in a separate disk and also using Logical Volume Management(LVM) disk partition so that it will allows dynamic creation and resizing.
/boot Contains the boot loader which are files that are needed to boot CENTOS. Includes configuration and kernel.Usually takes small partition size on the beginning of the disk.
/bin and /sbin /bin Contains most of the user programs, while /sbin contains administration tools and privileged binaries.
/dev Location for all devices files on the Linux system.
/home Contains files and folders of users. 
/lib System libraries
/lost+found Can be found in the root of ext2 or ext3 filesystem. Files and folders that are damaged, detached or missing from the system are restored here during disk checking (fsck) so that it can be recovered. 
/media Located on newer Linux systems which holds the mount point for removable storage such as USB drive.
/mnt Located on older Linux systems
/usr Contains the majority of user software. /usr/bin for regular user while /usr/sbin for root.
/opt Usually used by large third party applications.
/srv Contains files that are used by services. Most of the services use other location such as /var instead.
/sys Contains information about the system.
/tmp Contains temporary files and folder. It can be emptied once the system has been rebooted. It can be a perfect location if you have a temporary file to utilize. Take note that it is not safe to leave important files here.

To learn more just go to: https://en.wikipedia.org/wiki/Linux_Standard_Base
Posted by No comments:
Labels: ,

VLSM - Variable Length Subnet Mask

VLSM 
Variable length subnet mask is a technique that allows a network administrator to divide an IP address space into subnets of different sizes.


Subnetting
Allows you to create multiple logical networks that exist within a single class network.


Reasons why we subnet

  • It helps the preservation of address space in order not to waste address
  • It used for security
  • It helps to control network traffic due to collision of packets transmitted by other nodes on the same segment
Legend

Δ = Bit value
Sm = Subnet Mask
UIP = Usable IP
NA = Notable Address
   
       32
       - n   

where n = bits


VLSM Table 






Posted by No comments:
Labels:

Sample rsync command


rsync -r -a -v -e"ssh -l username" /root/Documents username@[ipaddress]:/home/username

rsync -rav --progress /root/Documents username@[ipaddress]:/home/username

rsync -avz /root/Documents username@[ipaddress]:/home/username

Posted by No comments:
Labels:

CENTOS Linux User Group Management

Note: I frequently update this post whenever there are changes in my setup.

Show users
# cat /etc/passwd

Show groups
# cat /etc/group

Add user from group 
# usermod -a -G [groupname] [username]
or
# gpasswd -a [username] [groupname]

Delete user from group
# gpasswd -d [username] [groupname]

Change Directory owner
# chgrp [groupname] [foldername]


How to change Owner/Group permissions

# chown [username]:[groupname]

should change the ownership and group to what you want.

# chown -R [username]:[groupname] [directory/file]

should change the ownership of the directory, and the entire subtree under it.


Here is a list of what the shorthand represents:

Identities
u — the user who owns the file (that is, the owner)

g — the group to which the user belongs

o — others (not the owner or the owner's group)

a — everyone or all (u, g, and o)

Permissions
r — read access

w — write access

x — execute access

Actions
+ — adds the permission

- — removes the permission

= — makes it the only permission

Note that to create (or delete) a file in a directory, the user or group must have write permission to the directory. And to list a directory, the user or group must have 'x' permission to the directory.

# chmod ug+rwx [directory/file]

# chmod -R ug+rw [directory/file]

might do what you want.

But read the man pages previously recommended to make sure. And be especially careful with -R. Also, never use a '.*' wildcard for this sort of thing. It will do something very bad that you were not expecting.

References:
https://www.centos.org/docs/4/html/rhel-sbs-en-4/s1-navigating-ownership.html
man chown
man chgrp
man chmod
https://tecadmin.net/tutorial/linux/linux-modify-user/
Posted by No comments:
Labels: ,

A quick list of CENTOS 7 basic web server installation (LAMP) for web developers

Hi, today I would like to share you a quick list of installing CENTOS 7 Linux for web development purposes which composed with Apache + PHP5.6 + MariaDB by the time of this writing.

I expected that you have already inserted the CD/DVD installer to your machine, formatted and partitioned. If not yet then please click this link first before you proceed to this tutorial.

Note: I frequently update this post whenever there are changes in my setup.

1.) yum update
2.) reboot
3.) rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*
4.) yum -y install epel-release
5.) yum update
6.) yum -y install mariadb-server mariadb
7.) systemctl start mariadb.service
8.) systemctl enable mariadb.service
9.) mysql_secure_installation

10.)Enter current password for root (enter for none): <--ENTER

Set root password? [Y/n]
New password: <--yourmariadbpassword
Re-enter new password: <--yourmariadbpassword
Password updated successfully!
Reloading privilege tables..
 ... Success!

Remove anonymous users? [Y/n] <--ENTER
 ... Success!

Disallow root login remotely? [Y/n] <--ENTER
 ... Success!

Remove test database and access to it? [Y/n] <--ENTER
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reload privilege tables now? [Y/n] <--ENTER
 ... Success!



11.) yum -y install httpd
12.) systemctl start httpd.service
13.) systemctl enable httpd.service

14.) Add port to pass through the firewall
#firewall-cmd --permanent --zone=public --add-service=http
#firewall-cmd --permanent --zone=public --add-port=5000/tcp
#firewall-cmd --permanent --zone=public --add-service=https

15.) Reload the firewall service for the changes to take effect
#firewall-cmd --reload
16.) Then check if the ports are already open/listening
#firewall-cmd --list-ports

17.) yum install wget

18.) http://www.techoism.com/how-to-upgrade-php-version-5-4-to-5-6-on-centosrhel/
 php -v
 rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm
 rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

19.) yum install -y php56w php56w-opcache php56w-xml php56w-mcrypt php56w-gd php56w-devel php56w-mysql php56w-intl php56w-mbstring php56w-soap php56w-xmlrpc
20.) systemctl restart httpd.service
21.) php -v
22.) nano /var/www/html/info.php
 <?php
phpinfo();
?>
https://webtatic.com/packages/php56/

23.) Now reload http://192.168.0.100/info.php in your browser and scroll down to the modules section again. You should now find lots of new modules like curl etc there.:
24.) yum install phpMyAdmin
25.) nano /etc/httpd/conf.d/phpMyAdmin.conf
Now we configure phpMyAdmin. We change the Apache configuration so that phpMyAdmin allows connections not just from localhost (by commenting out the <Directory "/usr/share/phpmyadmin"> stanza):
[...]
Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

#<Directory /usr/share/phpMyAdmin/>
#   <IfModule mod_authz_core.c>
#     # Apache 2.4
#     <RequireAny>
#       Require ip 127.0.0.1
#       Require ip ::1
#     </RequireAny>
#   </IfModule>
#   <IfModule !mod_authz_core.c>
#     # Apache 2.2
#     Order Deny,Allow
#     Deny from All
#     Allow from 127.0.0.1
#     Allow from ::1
#   </IfModule>
#</Directory>


<Directory /usr/share/phpMyAdmin/>
        Options none
        AllowOverride Limit
        Require all granted
</Directory>

[...]

26.) nano /etc/phpMyAdmin/config.inc.php
[...]
$cfg['Servers'][$i]['auth_type']     = 'http';    // Authentication method (config, http or cookie based)?
[...]

27.) systemctl restart  httpd.service
Afterwards, you can access phpMyAdmin under http://192.168.0.100/phpmyadmin/:


28.) Enabling Mod_Rewrite for WebApp
https://devops.profitbricks.com/tutorials/install-and-configure-mod_rewrite-for-apache-on-centos-7/
nano /etc/httpd/conf/httpd.conf
<Directory "/var/www/html">
Change "AllowOverride Off" to "AllowOverride All"

MySQL Login
mysql -u root -p
//Using password NO error
CREATE USER 'username'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON *.* TO 'username'@'localhost' WITH GRANT OPTION;
CREATE USER 'username'@'%' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON *.* TO 'username'@'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;

PHP MEMORY
https://premium.wpmudev.org/blog/increase-memory-limit/?rad=b&utm_expid=3606929-86.PHoDXYJeQYmWFQIujGOFZg.1&utm_referrer=https%3A%2F%2Fwww.google.com%2F
nano /etc/php.ini
display_errors = On/Off
upload_max_filesize = 1000M
post_max_size = 2000M
memory_limit = 3000M
file_uploads = On
max_execution_time = 180

29.) firewall-cmd --permanent --zone=public --add-service=mysql
30.) firewall-cmd --reload
31.) yum install zip
yum install unzip

unzip pics.zip  -d /tmp
http://www.cyberciti.biz/tips/how-can-i-zipping-and-unzipping-files-under-linux.html


References:
Apache: http://httpd.apache.org/
PHP: http://www.php.net/
MySQL: http://www.mysql.com/
CentOS: http://www.centos.org/
phpMyAdmin: http://www.phpmyadmin.net/
https://www.howtoforge.com/apache_php_mysql_on_centos_7_lamp
Posted by No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)