LinuxBabu ………..

I need file system quota support for FreeBSD server.

Quick and Dirty How to compile ‘QUOTA’ support for your FreeBSD server.

Please see: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/quotas.html for more detailed instructions.

To complete the following you will need to have to ssh access to your host server along with full root access.

Login to the remote host via SSH and become root with ‘su -’ then backup your current kernel and ‘/etc’ directory.

cp -Rp /boot/kernel /boot/kernel.good
cp -Rp /etc /etc.good

Now verify you have the correct source code for your server installed in ‘/usr/src’
cd /usr/src
ee UPDATING

Make sure the first displayed date matches your current ‘uname -a’ output.

Once you have confirmed you have the correct source code installed you can then create your custom kernel configuration file.

cd /usr/src/sys/i386/conf
cp GENERIC MYKERNELCONF
ee MYKERNELCONF

Add the line below to your kernel configuration file and then save the file.

## Example Entry for your Kernel Conf ##

options QUOTA # Provide Quota Support

##

Next you will need to build and install your custom kernel.( This step could take a few mins )

cd /usr/src/
make buildkernel KERNCONF=MYKERNELCONF
make installkernel KERNCONF=MYKERNELCONF

Now before you reboot you need to edit 2 files to enable QOUTA support for you file system.

The first is the ‘/etc/rc.conf’ which will we will edit to enable QUOTA support and to also check them on boot.

grep /etc/defaults/quota >> /etc/rc.conf
ee /etc/rc.conf

You will see the following entries at the bottom of the ‘/etc/rc.conf’ file.

enable_quotas=”NO” # turn on quotas on startup (or NO).
check_quotas=”YES” # Check quotas on startup (or NO).

Change both of the entries to “YES” and then save the file.

enable_quotas=”YES” # turn on quotas on startup (or NO).
check_quotas=”YES” # Check quotas on startup (or NO).

Now you need to modify your ‘/etc/fstab’ file to select which slices should have QUOTAS turned on.

Typical ‘/etc/fstab’ file with NO quota support enabled.

# Device Mountpoint FStype Options Dump Pass#
/dev/ad0s1b none swap sw 0 0
/dev/ad0s1a / ufs rw 1 1
/dev/ad0s1f /home ufs rw 2 2
/dev/ad0s1e /usr ufs rw 2 2
/dev/ad0s1d /var ufs rw 2 2

Typical ‘/etc/fstab’ with quota support enabled.

# Device Mountpoint FStype Options Dump Pass#
/dev/ad0s1b none swap sw 0 0
/dev/ad0s1a / ufs rw 1 1
/dev/ad0s1f /home ufs rw,userquota,groupquota 2 2
/dev/ad0s1e /usr ufs rw,userquota,groupquota 2 2
/dev/ad0s1d /var ufs rw 2 2

Now save the ‘/etc/fstab’ file and reboot the host to load the new kernel and remount your drives with full quota support enabled for your server.

reboot

If for some reason your server does not come back up after 2-10 mins from the reboot please contact your support team and let them know you just compiled a custom kernel and may need to have the server booted with the old backup kernel you made earlier. If the server reboots with no problems you should be all set and ready to go with full quota support for your control panel of choice.

How to bind a range of IP’s in Linux
This method is used by Redhat Linux based servers (Centos/RedhatEnterprise/FedoraCore).

Create a file called /etc/sysconfig/network-scripts/ifcfg-eth0-range0
And in the file place these 3 lines but change the IP’s to match YOUR assigned range.

## Start

IPADDR_START=67.18.xxx.xxx
IPADDR_END=67.18.xxx.xxx
CLONENUM_START=0

# Example | IPADDR_START=67.18.333.440
# Example | IPADDR_END=67.18.333.444
# Example | CLONENUM_START=0

## END

The CLONENUM_START should be the number at which the alias interfaces should start. If you add your 5 IP’s to this server and then want to bind a second set of IP’s you create a second file named ‘ifcfg-eth0-range1′ and change the CLONENUM_START to match the last interface alias. IE ‘eth0:5′ = CLONENUM_START=5

After you have created the above file execute the command ‘service network restart’ and your IP’s will be all setup.

*CPANEL NOTE*
Please do not use this method of binding additional IPs if you are using Cpanel. Bind the IPs through the Cpanel interface.

Problem:

I would like to bind all 5 of my usable IP’s to the ‘eth0′ device

---

Solution:

Just define a new interface in /etc/network interfaces:

## Start
auto eth0
auto eth0:0
auto eth0:1
auto eth0:2
auto eth0:3

iface eth0 inet static
address 192.168.1.2
netmask 255.255.255.248
gateway 192.168.1.1

iface eth0:0 inet static
address 192.168.1.3
netmask 255.255.255.248
gateway 192.168.1.1

iface eth0:1 inet static
address 192.168.1.4
netmask 255.255.255.248

iface eth0:2 inet static
address 192.168.1.5
netmask 255.255.255.248

iface eth0:3 inet static
address 192.168.1.6
netmask 255.255.255.248
## End

Then you can reboot or use the commands below to bring the interfaces up without a reboot.

ifup eth0:0
ifup eth0:1
ifup eth0:2
ifup eth0:3
ifup eth0:4

On the next reboot they should automatically bind to the NIC.

First login to your FreeBSD host as a ‘non-root’ user. You should have an account in the ‘wheel’ group that you can do this with. Once you have logged in run the following commands to switch users to ‘root’

su -
Password:
server#

The prompt should have a # in it now meaning you are the ‘root’ user.

Now run these commands.

ee /etc/rc.conf

Using 192.168.1.3 – 192.168.1.6 as an example

ifconfig_fxp0=”inet 192.168.1.2 netmask 255.255.255.248″
ifconfig_fxp0_alias0=”inet 192.168.1.3 netmask 255.255.255.255″
ifconfig_fxp0_alias1=”inet 192.168.1.4 netmask 255.255.255.255″
ifconfig_fxp0_alias2=”inet 192.168.1.5 netmask 255.255.255.255″
ifconfig_fxp0_alias3=”inet 192.168.1.6 netmask 255.255.255.255″

Note that changes to the ‘_aliasNN’ and also the ‘netmask’ changes to ’255.255.255.255′ from ’255.255.255.248′. The IP’s will not work unless you use a ’255.255.255.255′ netmask for the alias IP’s.

Once you have added the enteries to your file you need to press ‘ESC’ and then select the ‘Save File’ option. You can then reboot the server and the IP’s will be bound and ready to use.

You can also use ‘ifconfig’ on the command line to add them without a reboot.

Please see the following man pages for more information.

man ifconfig
man rc.conf
man netstat

How MySQL Uses Memory
This page lists some of the ways that the mysqld server uses memory, and associated mysqld variable names
Memory Use MySQL 5.0
Memory Use MySQL 4.1

MySQL Optimization which covers:
- Optimization Overview
- Optimizing SELECT and Other Statements
- Locking Issues
- Optimizing Database Structure
- Optimizing the MySQL Server
- Disk Issues
Optimization MySQL 5.0
Optimization MySQL 4.1

MySQL Server Variables – SQL layer or Storage Engine specific.
List some of the more common variables as well as a brief description
Go to article 1
Go to article 2

Optimizing the mysqld variables by Ian Gilfillan
Great article on MySQL optimization, including some guidelines on what you should set mysqld server variable too.
(key_buffer_size, Query cache variables, table_cache, sort_buffer, etc..)
Go to article

Repairing Database Corruption in MySQL by Ian Gilfillan
Table corruption should be rare when using MySQL, however it helps to know how to fix the problem when it does occur.
Go to article

Optimizing MySQL: Queries and Indexes by Ian Gilfillan
The database is just too slow. Queries are queuing up, backlogs growing, users being refused connection. Management is ready to spend millions on “upgrading” to some other system, when the problem is really that MySQL is simply not being used properly. Badly defined or non-existent indexes are one of the primary reasons for poor performance, and fixing these can often lead to phenomenal improvements.
Go to article

Other MySQL Articles by Ian Gilfillan

Due to differing needs and requirements this is difficult to answer except on a case by case basis. The MySQL website has a section regarding general security of a MySQL database available here: http://dev.mysql.com/doc/refman/5.0/en/security.html

Additionally some good practices are:

1. Verify your root MySQL account password is set
2. the test account and database that were created during the initial installation
   • Login to mysql as root, from the command prompt “shell> mysql –u root –p mysql” and enter the password when prompted
   • mysql> drop database test;
   • mysql> use mysql;
   • mysql> delete from user where user=’test’;
   • mysql> delete from user where user=”;
   • mysql> flush privileges;
3. Make sure that each account has a password set
4. Do not grant global privileges unnecessarily
5. Avoid using wildcards in the hostname value associated with accounts
6. Periodically review users and databases that are setup in MySQL
7. Do not use passwords on the command line. From the command line you can login to MySQL using “shell> mysql –u root –password=somepassword mysql” the problem with this is anyone on the server could view your password with a simple process list command “shell> ps”. The correct usage would be: “shell> mysql –u root –p mysql”, from this MySQL will prompt your for your password and it will not show up in the process list as plain text.

Note: There are many excellent articles available on the web for MySQL security. Go to your search engine of choice and search “securing mysql” and you should have reading for weeks.

1. Copying from the mysql directory

By default, MySQL databases on servers that use Linux are stored in the following directory:

/var/lib/mysql/

If you shut down the mysqld service first, you can copy your databases to an example /backup directory using the following command:

cp –Rp /var/lib/mysql/*.* /backup

The –R switch for the cp command means recursive, which you want to use because each database is in a separate directory. The –p switch is for permissions, which will maintain the permissions of what is copied.

You generally want to shutdown the mysqld service before using the above method because if a database is copied while it is actively being used, the resulting backup will be corrupt and therefore worthless. If you are certain none of the databases are not being used at the time, you can use the above command.

2. The mysqldump command

The mysqldump command lets you back up both individual databases and all databases on a server without having to shutdown the mysqld service. Because of this ability to make backups while still keeping databases online, this method is preferred.

Individual databases

An example command that would let you back up a database named example to the directory /backup while logged in as root is as follows:

mysqldump example > /backup/example_backup.sql

Unless it is a small database, it is recommended that you then compress the resulting database backup in order to reduce the amount of time necessary to transfer the backup. The following command would compress the backup of the example database:

tar czvf /backup/example_backup.tar.gz /backup./example_backup.sql

All databases

If you have numerous databases and backing all of them up individually would be too time consuming, the following command will backup all MySQL databases on your server to the /backup directory:

mysqldump -A > /backup/databases.sql(or –all-databases)

The –A switch (“-all-databases” performs the same function) will dump any and all databases on the server.

Cpanel required ports list

Port	Service	Protocol	Direction	Notes
20	ftp	tcp	inbound/outbound
21	ftp	tcp,udp	inbound/outbound
22	ssh	tcp	inbound
25	smtp	tcp	inbound/outbound
26	smtp	tcp	inbound/outbound
37	rdate	tcp	outbound
43	whos	tcp	outbound
53	DNS	tcp/udp	inbound/outbound	Inbound only needed if you run your own DNS server
80	http	tcp	inbound/outbound
110	pop3	tcp	inbound
113	ident	tcp	outbound
143	imap4	tcp	inbound
443	https	tcp	inbound
465	smtp	tcp/ssl, tcp/udp	inbound/outbound
873	rsync	tpc/udp	outbound
993	imap4	ssl tcp	inbound
995	pop3	ssl tcp	inbound
2082	cpanel	tcp	inbound
2083	cpanel	ssl tcp	inbound
2086	whm	tcp	inbound
2087	whm ssl	tcp	inbound
2089	cp license	tcp	outbound
2095	webmail	tcp	inbound
2096	webmail	ssl tcp	inbound
3306	mysql	tcp	inbound	Only if you need to connect remotely
6666	chat	tcp	inbound

Retrieving email headers is a very important step in reporting or troubleshooting any email issue. Here are the steps to get email headers from some of the more popular mail programs:

Eudora Pro

Double-click on the message to open it in a separate window.
Click on the button labeled “BLAH BLAH BLAH” at the top of the window. This will show the message headers.
You can then highlight and copy the headers into a new message.

Gmail

While viewing a message, click on “More Options”.
Click on “Show Original”.
This will display the headers for that message in a new window.
You can then highlight and copy the headers into a new message.

GoDaddy Webmail

Click on the message in your Inbox to open it
From the “Apply this Action” drop-down, select “View Full Header”
Click “Apply”
You can then highlight and copy the headers into a new message.

Hotmail

Once logged into hotmail, click on “Options”
Click “Mail“.
Click on “Mail Display Settings”.
Change the “Message Headers” section to “Advanced”.
Click “OK”.
Now when you read an e-mail, it should show you the full message headers.

Lotus Notes

Lotus Notes 4.6
Open the properties box on the message (in the default installation of the Notes Client, it will be the first smart icon on the left, but you can also right-click on the document and choose properties from that menu).
Choose the second tab on the properties box, which is a list of fields and their contents.
Scroll down to the field ”Additional Headers“.
You should then be able to copy/paste the headers into a new message.

If Notes will not permit you to select the contents of the field, you’ll have to manually copy them to a new message – please be very careful in doing so.
Lotus Notes 5.x
Single click on the subject line without opening the document to full screen.
Select “File” (upper left) then select “Export”
Name the file
Select “Export”
Click on “Selected Documents”
Select “OK”
You can then attache the file to a new message.

OS X

After opening the “Mail” app, click the on the “Mail” drop-down menu and select “Preferences”.
Click on the “Viewing” icon.
Click on the arrow on the Show header detail and select All.
You will now see the full headers of each message you view.

Thunderbird

Double-click the e-mail you want to view the headers for.
Click on the “View” drop-down menu and select “Headers” and then select “All”.
This will show the headers for any message you view.

Microsoft Outlook

Microsoft Outlook 98, 2000, 2002, 2003

Double-click on the message to open it in a separate window.
Click on “View” and then “Options” on the drop-down menu at the top of the window.
Look for the section titled “Internet Headers” near the bottom of the Options window.
You can now copy/paste content from that section into a new message.

Microsoft Outlook Express 5 & 6

Right-click on the message and select Properties.
Select the Details tab.
You should see a section titled “Internet Headers” for this message.
You can now copy/paste content from that section into a new message.

Yahoo

Once you are logged in, click on “Mail Options”.
Click on “General Preferences”.
Under the “Messages” section, select “Show all headers” on incoming messages for the Headers option.
Click Save.
You should now see the full headers of every message you view.

Installing is easy.Login to the server with the root user.

First, we need to download the VMWare installer.You can get to the download via http://vmware.com/download/server/.Once here, click on the download link, accept the EULA, and download the LinuxTarball (VMware-server-1.0.3-44356.tar.gz in my case):

·Main Download Link: http://vmware.com/download/server/

·# wget –O vmware-server.tar.gz http://download3.vmware.com/software/vmserver/VMware-server-1.0.3-44356.tar.gz

After downloading the software, you will need to get a license key (which is free in the free version of VMWare Server).To register, just fill out the form at the following:

·http://register.vmware.com/content/registration.html

Next, extract the tarball:

·# tar -xzvf vmware-server.tar.gz

Before we actually get rolling on the install, let’s take care of some dependencies first:

·# yum update
# yum install libXtst.i386
# yum install libXrender.i386
# yum install xinetd

Once completed, now go into the directory:

·# cd vmware-server-distrib/

Next, run the vmware install script:

·# ./vmware-install.pl

Next, the install is going to ask you some basic questions and wanting to know what directories it wants you to create and install certain parts of VMWare into.From here, you would just take the defaults.When it asks you to accept the license agreement, please do so, so that you can proceed on with the install.

You will probably run across this question:

“None of the pre-built vmmon modules for VMware Server is suitable for your running kernel.Do you want this program to try to build the vmmon module for your system (you need to have a C compiler installed on your system)?”

You will need to answer “yes” to this question (which is the default).

VMWare Networking Setup

The next question is “Do you want networking for your virtual machines? (yes/no/help)”.Answer yes, as we want to create a network setup for your public network device, so that you can access the internet on your virtual machines.

The next question you will be asked is “Your computer has multiple ethernet network interfaces available: eth0, eth1. Which one do you want to bridge to vmnet0?”.This is a very important question.Remember, the way all Softlayer servers are setup and run are that the public network runs on eth1 and the private network runs off of eth0.In VMWare, the default bridge device for vmnet0is eth0, which is definaltely not what we are going to want to do, especially if we are wanting to have internet access from the virtual machines.So, instead of pressing enter, type in: eth1.

Bridging the Private Network (Softlayer Style)

The next question can either be answered as yes or no.The question is “Do you wish to configure another bridged network?”. If you plan on running services or other applications off of your private network, then you should probably actually proceed with “yes” to this question.So that everything is covered, go ahead and say “yes” (unless you know you won’t be using the private network), so that we can create a network bridge to your private network.Once, you type in “yes” and press enter, it will automatically use eth0 as the interface, as that is the only one left available (since you only have two network cards in the server).

Other Networking Settings

You will be presented with a few other questions regarding the network setup of VMWare Server.Please proceed with the following recommendations:

“Do you want to be able to use NAT networking in your virtual machines?”

·Proceed with “yes”

“Do you want this program to probe for an unused private subnet?”

·Proceed with “yes”

·Once this completes, make sure you do not configure another NAT network.

“Do you want to be able to use host-only networking in your virtual machines?”

·Proceed with “yes”

“Do you want this program to probe for an unused private subnet?”

·Proceed with “yes”

·Once this completes, make sure you do not configure another host-only network.

Specifying Listening Port

The next question it is going to ask is what port you are wanting VMWare server to listen on, and the default port is 904.Some people change this, but personally I keep it set to the default.

Where To Store The Virtual Machines

The next question that the installer asks is “In which directory do you want to keep your virtual machine files?”.The default place is /var/lib/vmware/Virtual Machines, however, I recommend that you place the virtual machines in a place where you have plenty of disk space, such as a redundant RAID array or a large secondary hard drive.Always make sure that you have enough room for a virtual machine.In this case, you could use a mount point /data/vm, that is mounted to a large disk.

Provide Serial Number for VMWare

The final part of the installation requires you to insert a VMWare license key/serial number.You should already have one, if you followed the instructions in this article.If you have not generated a license key,yet, please do by going to the URL mentioned at the beginning of this article.If you have the serial number for this VMWare server, please insert it into the prompt and then press enter.

You should see something similar to the following:

·“The configuration of VMware Server 1.0.3 build-44356 for Linux for this running kernel completed successfully.”

VMWare is now set up on your server.Now, all that is left to do is download the VMWare Server Console, which is the GUI client for your VMWare server that allows you to set up, configure, and install virtual machines.

The VMWare Server Console is the client application for VMWare Server.It allows you to literally manage the VMWare server as a whole.You can create,configure, and install virtual machines, just with a click of some buttons. In order to get this installed, you actually have to download the VMware Server Windows client package, which is located on the same that you downloaded VMWare for Linux at the beginning of this article.This package is the .zip file.Once it has downloaded to the system, just extract the package wherever you find it convenient to and install the VMware-console-1.0.3-x file.When this has completed installing, you are done installing the VMWare Server Console and you are ready to configure your VMWare server.

Note: This article does not cover how to configure VMWare server or even set up virtual machines.Setting up virtual machines are somewhat self-explainatory, however, if you want some assistance in doing so, please open a support ticket and we can walk you through a few things, however, we do not currently support VMWare or any Virtualization products.

Open the VMWare Server Console from the computer you installed it on.When it loads you will be prompted with a “Switch Host” (login) screen.Use the following credentials (and use the screenshot for reference).VMWare Server uses the Linux system username/passwords to authenticate users, so you will need to use the usernames (root in particular) to login to VMWare.

Hostname: IP address plus port (e.g. 67.228.160.201:904)
User Name: root
Password: password (use the real root password of the system)

Configuring The Firewall Rules (IPTables)

If you have any issues actually connecting to the VMWare server, and it is not an authentication issue (if you get a username/password error then you have a bad user or password), then your firewall might be blocking you from connecting to the VMWare Server.To resolve this, try adding the following IPTable rule into your /etc/sysconfig/iptables file (and make sure that the naming convention follows your server configuation, as my rule might be slightly wrong if your chain is named differently):

·# -A FWALL-INPUT -p tcp -m tcp -s 0/0 –dport 904 -j ACCEPT

That just about wraps things up on how to install VMWare and at least get things started.Even though we currently do not yet support VMWare, any one of the Support Technicians will be more than happy to try to assist you and answer any questions you may have.