LinuxGuru: January 2012

Tuesday 31 January 2012

How to add users / change password for phpmyadmin console

config.inc.php file under phpmyadmin will have configuration details about phpmyadmin console

EX: /var/www/html/iris/phpmyadmin/config.inc.php

Default username and password is root

http://www.phpmyadmin.net/documentation/

Friday 27 January 2012

Setfacl for folders and subfolders

setfacl -Rm u:<username>:rwx <path to directory>

Friday 20 January 2012

How to find whether the linux server is a physical server or virtual machine

To find whether the linux server is a physical box or vmware virtual machine. Execute the below command

# dmidecode | less

#lspci | less

Tuesday 17 January 2012

java.lang.OutOfMemoryError: PermGen Space while starting jboss in linux

The "PermGen" error happens, when the Java virtual machine runs out of memory in the permanent generation. Recall that Java has a generational garbage collector, with four generations: eden, young, old and permanent.

More about the error can be read from http://rlogiacco.blogspot.com/2009/02/jboss-and-permgen-outofmemoryerror.html

Solution:


	The defaut PermGen space in Jave is 64MB, and you want to define a larger one. To do so you need to set the two params -XX:PermSize=128m and -XX:MaxPermSize=128m in the JAVA_OPTS - the size is here set to 128MB - but you can set it to your own, it have to be below the max of -Xmx

Step1: Go to JBOSS_HOME/bin/ directory
Step2: Open run.conf file as shown below
                #vim run.conf

Step3: Search for the string JAVA_OPTS
Step4: Add the two parameters as shown below

Before adding "permgen" parameters
------------------------------------------------------------------------------------
if [ "x$JAVA_OPTS" = "x" ]; then
   JAVA_OPTS="-Xms128m -Xmx512m -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000"
fi
------------------------------------------------------------------------------------

After adding "permgen" parameters
------------------------------------------------------------------------------------
if [ "x$JAVA_OPTS" = "x" ]; then
   JAVA_OPTS="-Xms128m -Xmx512m -XX:PermSize=2048m -XX:MaxPermSize=2048m -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000"
fi
---------------------------------------------------------------------------------------

Step5: Restart jboss

Monday 2 January 2012

How to disable HTTP Trace and Track method

Step1: Login to the server

Step2: Locate the apache configuration file
           # locate httpd.conf

Step3: Open the apache configuration file and add the following lines in each virtual host tag

            #vim httpd.conf

--------------------------------------------------------------------------------------
<VirtualHost *:80>
    ServerAdmin webmaster@dummy-host.example.com
    DocumentRoot /www/docs/dummy-host.example.com
    ServerName dummy-host.example.com
    ErrorLog logs/dummy-host.example.com-error_log
    CustomLog logs/dummy-host.example.com-access_log common
    RewriteEngine on
    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
    RewriteRule .* - [F]
</VirtualHost>
------------------------------------------------------------------------------------

Step4: Save the configuration file and restart apache process

          #/etc/init.d/httpd restart

######################################################

If there is no virtual host configured then add the following parameter in httpd.conf file
                 #vim httpd.conf

                   TraceEnable Off

restart httpd process

How to password protect jboss web-console (http://:8080/web-console)

Step1: Go to Jboss Deploy folder (ex: cd /usr/local/jboss/server/default/deploy)

Step2: execute the below command to find web-console.war directory

    #find . -iname web-console.war

Step3: Based on the output go to web-console.war/WEB-INF directory

Step4: Open jboss-web.xml file and uncomment the security-domain to enable security

    # vim jboss-web.xml
-----------------------------------------------------------------------------------------------

<jboss-web>


<security-domain>java:/jaas/web-console</security-domain>

<depends>jboss.admin:service=PluginManager</depends>
</jboss-web>

------------------------------------------------------------------------------------------------

Step5: Open web.xml file using vim editor and uncomment security-constraint

    # vim web.xml

-------------------------------------------------------------------------------------------------

<security-constraint>
<web-resource-collection>
<web-resource-name>HtmlAdaptor</web-resource-name>
<description>An example security config that only allows users with the
role JBossAdmin to access the HTML JMX console web application
</description>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>JBossAdmin</role-name>
</auth-constraint>
</security-constraint>

------------------------------------------------------------------------------------------------

Step6: Go to deploy folder and find web-console-users.properties file

    # find . -iname web-console-users.properties

Step7: Based on the output open web-console-users.properties file and put an entry for uname and password

    #vim web-console-users.properties
    admin=admin!23

Step8: Restart jboss and test accessing web-console page

How to password protect jboss jmx-console (http://:8080/jmx-console)

Step1: Go to Jboss Deploy folder (ex: cd /usr/local/jboss/server/default/deploy)

Step2: Then go to jmx-console.war/WEB-INF/ directory

Step3: Open jboss-web.xml file using vim editor and uncomment the security-domain to enable security

    # vim jboss-web.xml

------------------------------------------------------------------------------------------------
<jboss-web>

<security-domain>java:/jaas/jmx-console</security-domain>
</jboss-web>
------------------------------------------------------------------------------------------------

Step4: Open web.xml using vim editor and uncomment the security-constraint

    # vim web.xml

------------------------------------------------------------------------------------------------


<security-constraint>
<web-resource-collection>
<web-resource-name>HtmlAdaptor</web-resource-name>
<description>An example security config that only allows users with the
role JBossAdmin to access the HTML JMX console web application
</description>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>JBossAdmin</role-name>
</auth-constraint>
</security-constraint>
------------------------------------------------------------------------------------------------

Step5: To configure username and password for accessing jmx-console page, Go to the following location
    # cd /usr/local/jboss/server/default

Step6: locate jmx-console-users.properties file

Step7: Open the jmx-console-users.properties file and configure username and password

    # vim jmx-console-users.properties
    admin=admin!23

Step8: Restart jboss service and test jmx-console page

How to disable status page for jboss (http://:8080/status)

Due to a possible information disclosure issue, remove access to the JBoss status page by following these steps for your version of the application server.

Step1: Go to jboss deploy folder (ex: cd /usr/local/jboss/server/default/deploy)

Step2: execute locate command as below
# find . -iname ROOT.war

Step3: Based on the output switch to the ROOT.war directory

Step4: Go to WEB_INF directory which will be under ROOT.war directory (ex: .../deploy/jboss-web.deployer/ROOT.war/WEB-INF/)

Step5: find web.xml file and open using vim editor

Step 6: Comment out the servlet and servlet-mapping tags as follows:


3
Save and close the file.

hi

this is linux admin