Pank's Blog: Linux Archives

Build PHP with OCI8

By Pank on September 2, 2010 7:48 PM 0 Vote 0 Votes

Environment: CentOS 5.5 x64

1. Download Oracle Instant Client basic and devel rpm and install
(You need to register an oracle account first)
rpm -ivh oracle-instantclient11.2-basic-11.2.0.1.0-1.x86_64.rpm
rpm -ivh oracle-instantclient11.2-devel-11.2.0.1.0-1.x86_64.rpm

2. Downlaod Extension for Oracle Database from PECL and install
wget http://pecl.php.net/get/oci8-1.4.3.tgz
pecl install oci8-1.4.3.tgz

3. Move oci8.so to extension_dir (see your php.ini)
cp /usr/local/lib/php/extensions/no-debug-non-zts-20060613/oci8.so /usr/lib64/php/modules

4. add extension=oci8.so to php.ini
echo extension=oci8.so >> /usr/local/etc/php.ini

Verifying the oci8 extension is work
# php -i | grep OCI
OCI8 Support => enabled

Easy Connect Example:
$conn = oci_connect('user', 'password', '//172.29.2.2/service_name');
// Use lsnrctl services in Oracle to list existing service name
$stid = oci_parse($conn, "select id from table");
oci_execute($stid, OCI_DEFAULT);
while ($arr = oci_fetch_array($stid, OCI_ASSOC)) {
echo "$arr[id].\n";
}

ref. Installing PHP and the Oracle Instant Client for Linux and Windows
PHP Oracle FAQThis is a featured page
PHP: oci_connect - Manual

Firewall Distro

By Pank on August 24, 2010 10:01 PM 1 Vote 0 Votes

以下四套是比較著名的 Firewall Distro
m0n0wall
pfSense
IPCop
SmoothWall Express
前兩套是 Base on FreeBSD, 後兩套是 Base on Linux

pfSense 似乎是 m0n0wall 的分支, 安裝畫面幾乎一樣, 但比 m0n0wall 多了一些進階的功能
m0n0wall 比較適合家用, pfSense 則適合企業使用
m0n0wall Web UI 預設帳密是 admin/mono, 1.32 版的 Kernel 是 FreeBSD 6.4
pfSense Web UI 預設帳密是 admin/pfsense 1.23 版的 Kernel 是 FreeBSD 7.2, 裝完佔用硬碟空間約 110MB (不含Swap)
pfSense 有個特異功能可以在 Firewall rule 下 OS Type 條件

SmoothWall 似乎也是 IPCop 的分支, 安裝畫面也很雷同,
IPCop 在 VM 測試時裝完重開機就遇到 Kernel panic, 所以就沒繼續試
SmoothWall 在安裝過中會讓你設定 Web UI 的 admin 密碼及系統的 root 密碼, 裝完佔用硬碟空間約 200MB (不含Swap)

特點比較:
pfSense 有 Load Balancer, Traffic Shaper, PPPoE Server, PPTP dial-in
SmoothWall 有完整的 Proxy 功能, IM/Email Log, IDS

個人推薦: pfSense

Using Plop Linux to Create PXE Environment

By Pank on August 20, 2010 1:51 AM 0 Vote 0 Votes

Plop Linux is a small distribution that can boot from CD, DVD, USB flash drive (UFD),
USB harddisk or from network with PXE. It's designed to rescue data from a damaged system,
backup and restore operating systems, automate tasks and more.

使用 Plop Linux 來架 PXE 環境超方便的,
Boot from network (PXE, DHCP, TFTP, NFS, Samba/Windows network share) - Linux Server
只要把檔案解開, 依照作者的 Sample Config 設定好 DHCP Server, TFTP Server, NFS 幾乎不用改什麼就可以運作了.
開機後該有的指令都有, 用來救援, 備份/還原系統很方便.

Solve yum problem - Metadata file does not match checksum

By Pank on July 14, 2010 12:41 AM 0 Vote 0 Votes

yum clean all
yum makecache
yum update

Disable ssh client hostkey checking

By Pank on July 8, 2010 1:52 PM 0 Vote 0 Votes

使用 ssh 連線時, 若目的主機沒有在 ~/.ssh/known_hosts 內,
會出現此訊息問你要不要連線,
Are you sure you want to continue connecting (yes/no)?
yes 則會把 host key 加到 ~/.ssh/known_hosts

若不想出現此詢問訊息, 希望自動把 host key 加到 ~/.ssh/known_hosts
在 /etc/ssh/ssh_config 加入
StrictHostKeyChecking no
預設值是 ask

IPSec LAN to LAN VPN

By Pank on June 8, 2010 7:16 PM 0 Vote 0 Votes

Environment: CentOS 5.5 to CentOS 5.5
Example:
Site A
WAN: 100.100.100.100/24
LAN: 192.168.0.1/24

Site B
WAN: 200.200.200.200/24
LAN: 192.168.1.1/24

Install Openswan (formerly FreeSWAN)
yum -y install openswan

Edit Site A /etc/ipsec.conf
conn tunnel
   left=100.100.100.100 # left for local
   leftsubnet=192.168.0.0/24
   right=200.200.200.200 # right for remote
   rightsubnet=192.168.1.0/24
   pfs=yes # pfs for Perfect Forward Secrecy
   type=tunnel
   authby=secret
   auto=start

Edit Site A /etc/ipsec.secrets # left right order is not important, PSK must be the same as Site B
100.100.100.100 200.200.200.200: PSK "yourpsk"

Edit Site B /etc/ipsec.conf
conn tunnel
   left=200.200.200.200
   leftsubnet=192.168.1.0/24
   right=100.100.100.100
   rightsubnet=192.168.0.0/24
   pfs=yes
   type=tunnel
   authby=secret
   auto=start

Edit Site A /etc/ipsec.secrets
100.100.100.100 200.200.200.200: PSK "yourpsk"

Site A and Site B
service ipsec start

Show status
# /etc/init.d/ipsec status
/usr/libexec/ipsec/addconn Non-fips mode set in /proc/sys/crypto/fips_enabled
IPsec running - pluto pid: 30061
pluto pid 30061
1 tunnels up
some eroutes exist

it work!

Check from Site A
ping -I 192.168.0.1 192.168.1.1
Check from Site B
ping -I 192.168.1.1 192.168.0.1

If you ping failed, check your iptables rules, no MASQUERADE between Site A and Site B

Solve download RAR file but shows content

By Pank on June 1, 2010 6:00 PM 0 Vote 0 Votes

若下載 RAR 檔案卻在網頁上直接出現檔案內容 (Rar!一推亂碼)
原因是 Web Server 送出的 Content-Type: 是 text/plain;
若是用 Apache, 在 httpd.conf 找出 TypesConfig 是指向的 mime.types 路徑,
編輯 mime.types, 加入 application/x-rar-compressed rar
或者去抓最新 Apache 裡面的 mime.types 覆蓋
然後重啟 Apache
curl -I http://yourhost/file.rar
有出現 Content-Type: application/x-rar-compressed 表示正常

Kill defunct processes in Linux

By Pank on May 21, 2010 12:21 PM 0 Vote 0 Votes

ps axjf | grep '' | grep -v grep | awk '{print $1}' | xargs kill -9

Use ps axjf to find defunct processes Parent PID and then kill -9

CentOS 5.5 Released

By Pank on May 16, 2010 3:51 AM 0 Vote 0 Votes

CentOS 5.5 Release Notes
Download
這次 x86_64 的 DVD 首度超過 1 片 DVD,
第二片 x86_64 DVD 都是 OpenOffice 的 Language Pack, 用不到就不需要, 內容如下:
openoffice.org-langpack-af_ZA-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-ar-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-as_IN-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-bg_BG-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-bn-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-ca_ES-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-cs_CZ-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-cy_GB-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-da_DK-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-de-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-fi_FI-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-ga_IE-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-gl_ES-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-gu_IN-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-he_IL-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-hr_HR-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-hu_HU-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-it-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-ja_JP-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-kn_IN-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-ko_KR-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-lt_LT-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-ml_IN-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-mr_IN-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-ms_MY-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-nl-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-nso_ZA-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-or_IN-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-pa_IN-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-pt_BR-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-pt_PT-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-ru-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-sk_SK-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-sl_SI-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-sr_CS-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-ss_ZA-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-st_ZA-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-sv-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-ur-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-ve_ZA-3.1.1-19.5.el5.x86_64.rpm
openoffice.org-langpack-xh_ZA-3.1.1-19.5.el5.x86_64.rpm

snmptrapd

By Pank on April 28, 2010 1:11 PM 0 Vote 0 Votes

環境 CentOS

編輯 /etc/snmp/snmptrapd.conf
disableAuthorization yes
traphandle default mail -s trap pank@somewhere.com
# 若要認 Community, 就設定 authCommunity
# traphandle 指 trap 發生時, 要交由那支程式處理, default 指所有 trap 都收,
# 也可以指定 OID, 例如: traphandle IF-MIB::linkDown program
# 本例是寄 Mail 出來, 可以自行寫程式進行處理

編輯 /etc/sysconfig/snmptrapd.options, 若沒有這個檔, 則編輯 /etc/init.d/snmptrapd
OPTIONS="-Ls3 -p /var/run/snmptrapd.pid"
# -Ls3 指記錄到 syslog local3

編輯 /etc/syslog.conf, 指定 local3 log file
local3.* /var/log/snmptrapd.log

service snmptrapd start
service syslog restart

Recently in Linux Category