Tuesday, 24 December 2013

How to Configure Postfix to Use Gmail SMTP on Ubuntu

Configure Postfix to Use Gmail SMTP on Ubuntu

If you want to use a Gmail account as a free SMTP server on your Ubuntu-Linux server, you will find this article useful. This guide is tested with Ubuntu 12.04. If you face any issue, feel free to use comments-section below.

Relaying Postfix mails via smtp.gmail.com:

First, install all necessary packages:

sudo apt-get install postfix mailutils libsasl2-2 ca-certificates libsasl2-mo

If you do not have postfix installed before, postfix configuration wizard will ask you some questions. Just select your server as Internet Site and for FQDN use something like mail.example.com

Then open your postfix config file:

vim /etc/postfix/main.cf

and following lines to it:

relayhost = [smtp.gmail.com]:587 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_tls_CAfile = /etc/postfix/cacert.pem smtp_use_tls = yes

 You might have noticed that we haven’t specified our Gmail username and password in above lines. They will go into a different file. Open/Create

vim /etc/postfix/sasl_passwd

And add following line:

[smtp.gmail.com]:587 USERNAME@gmail.com:PASSWORD

 
If you want to use your Google App’s domain, please replace @gmail.com with your @domain.com

Fix permission and update postfix config to use sasl_passwd file:

#sudo chmod 400 /etc/postfix/sasl_passwd 

#sudo postmap /etc/postfix/sasl_passwd

Next, validate certificates to avoid running into error. Just run following command:

 cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem | sudo tee -a /etc/postfix/cacert.pem

inally, reload postfix config for changes to take effect:

sudo /etc/init.d/postfix reload

Testing if mails are sent via Gmail SMTP server:

If you have configured everything correctly, following command should generate a test mail from your server to your mailbox.
echo "Test mail from postfix" | mail -s "Test Postfix" you@example.com

 

 

 

Sunday, 22 December 2013

How To Create master and slave DNS Servers

Configuration DNS Master & Slave server on linux

The procedure below can be used with any UNIX/LINUX flavor. All the machines in this example are using Red Hat Enterprise Linux 5.

For simplicity purposes, we will assume the server will resolve names on the LAN: 192.168.0.1/24, and the LAN has 4 workstations connected:
station1.example.com: 192.168.0.1
station2.example.com: 192.168.0.2
station3.example.com: 192.168.0.3
station4.example.com: 192.168.0.4

We will configure “station1.example.com” as a master DNS server, and “station2.example.com” as a slave DNS Server.

We will start by configuring the master DNS Server:

1. The package needed for this configuration is “BIND”. Check if it’s available:

[root@station1 named]# rpm -qa|grep bind

ypbind-1.19-12.el5

bind-libs-9.3.6-4.P1.el5

bind-utils-9.3.6-4.P1.el5

bind-9.3.6-4.P1.el5

[root@station1 named]#

2. Edit “/etc/named.conf” as follows:

[root@station1 ~]# vi /etc/named.conf

options {

directory "/var/named";

};



zone "example.com" {

type master;

file "forward.zone";

};



zone "0.168.192.in-addr.arpa" {

type master;

file "reverse.zone";

};

[root@station1 ~]#

In the file above, we first specified that the Host Name to IP records will be stored in files under the directory “/var/named”, and then we created a zone for forward mapping (Host Name to IP mapping), and a zone for reverse mapping ( IP to Host Name mapping). Since we only have one LAN (one domain: example.com), so we need two zones only.

3. Create the forward zone file “forward.zone” under “/var/named” :

[root@station1 ~]# cd /var/named

[root@station1 named]# vi forward.zone

$TTL    86400

@               IN      SOA     station1.example.com.   root    (

                                                42      ; serial (d. adams)

                                                3H      ; refresh

                                                15M     ; retry

                                                1W      ; expiry

                                                1D )    ; minimum

                IN      NS      station1.example.com.

station1        IN      A       192.198.0.1

station2        IN      A       192.168.0.2

station3        IN      A       192.198.0.3

station4        IN      A       192.168.0.4



[root@station1 named]#

In the file above, we specified that the “SOA” (start of authority) is “station1.example.come”, and that error messages be sent to “root”.

Then we specified that the “NS” (Domain Name Server) is “station1.example.com.” Then we added the “A” (Address) of each machine on the network.

4. Create the forward zone file “reverse.zone” under “/var/named” :

[root@station1 ~]# cd /var/named

[root@station1 named]# vi reverse.zone

$TTL    86400

@               IN      SOA     station1.example.com    root    (

                                                42      ; serial (d. adams)

                                                3H      ; refresh

                                                15M     ; retry

                                                1W      ; expiry

                                                1D )    ; minimum

                IN      NS      station1.example.com.

1               IN      PTR     station1.example.com.

2               IN      PTR     station2.example.com.

3               IN      PTR     station3.example.com.

4               IN      PTR     station4.example.com.



[root@station1 named]#

In the reverse file, again we specified the same “SOA” and “NS”. After that, we specified the “PTR” (pointer), so that it will be appended to “0.168.192.in-addr.arpa”. For example, the record “192.168.0.4″ when queried to the DNS Server, it will be translated as “4.0.168.192.in-addr.arpa”, and then mapped to “station4.example.com.”

5. Make the sure that “forward.zone” and “reverse.zone” have the right owner/permission:

[root@station1 named]# ls -l

total 24

drwxrwx--- 2 named named 4096 Jul 29  2009 data

-rw-r--r-- 1 root  root 239 Oct 17 16:57 forward.zone

-rw-r--r-- 1 root  root  250 Oct 17 16:55 reverse.zone

drwxrwx--- 2 named named 4096 Jul 29  2009 slaves

[root@station1 named]#

Since the daemon “named” will be using these file, the permission should be changed accordingly:

[root@station1 named]# chgrp named *.zone

[root@station1 named]# ls -l

total 24

drwxrwx--- 2 named named 4096 Jul 29  2009 data

-rw-r--r-- 1 root  named  239 Oct 17 16:57 forward.zone

-rw-r--r-- 1 root  named  250 Oct 17 16:55 reverse.zone

drwxrwx--- 2 named named 4096 Jul 29  2009 slaves

[root@station1 named]#

6. Configure all the clients to use “station1″ as a DNS Server by editing “/etc/resolv.conf”:

[root@station1 ~]# vi /etc/resolv.conf

search example.com

nameserver 192.168.0.1

[root@station1 ~]#

Make sure to configure the same on all the machines: station2, station3, and station4.

7. Start the service:

[root@station1 ~]# service named start

Starting named:                                            [  OK  ]

[root@station1 ~]#

Make the sure the service starts automatically after each reboot:

[root@station1 ~]# chkconfig named on

[root@station1 ~]# chkconfig named --list

named           0:off   1:off   2:on    3:on    4:on    5:on    6:off

[root@station1 ~]#

8. Test the DNS functionality:

From Station3, for example, we can run the following tests:

[root@station3 ~]# nslookup station2

Server:         192.168.0.1

Address:        192.168.0.1#53



Name:   station2.example.com

Address: 192.168.0.2



[root@station3 ~]#

[root@station3 ~]# nslookup station1

Server:         192.168.0.1

Address:        192.168.0.1#53



Name:   station1.example.com

Address: 192.198.0.1



[root@station3 ~]# nslookup 192.168.0.4

Server:         192.168.0.1

Address:        192.168.0.1#53



4.0.168.192.in-addr.arpa        name = station4.example.com.



[root@station3 ~]#

Now we have successfully configured “station1″ as a master (primary) DNS Server. The next step is to configure “station2″ as a slave (secondary) DNS Server. It’s very easy to do so, as only one file needs to be edited on “station2″:

1. Configure “/etc/named.conf” on “station2″ :

[root@station2 ~]# vi /etc/named.conf

options {

directory "/var/named/slaves";

};



zone "example.com" {

type slave;

file "forward.zone";

masters { 192.168.0.1; };

};



zone "0.168.192.in-addr.arpa" {

type slave;

file "reverse.zone";

masters { 192.168.0.1; };

};



[root@station2 ~]#

In “/var/named.conf”, we simply specified that the files should go under “/var/named/slaves”, and the the master DNS server is “192.168.0.1″ (i.e. station1) .

2. The next step is start the DNS Service on “station2″:

[root@station2 ~]# service named start

Starting named:                                            [  OK  ]

[root@station2 ~]#

[root@station2 ~]# chkconfig named on

[root@station2 ~]# chkconfig named --list

named           0:off   1:off   2:on    3:on    4:on    5:on    6:off

[root@station2 ~]#

3. Check that all the configuration files have been automatically copied from the master DNS Server:

[root@station2 ~]# ls /var/named/slaves/

forward.zone  reverse.zone

[root@station2 ~]#

[root@station2 ~]# cat /var/named/slaves/forward.zone

$ORIGIN .

$TTL 86400      ; 1 day

example.com             IN SOA  station1.example.com. root.example.com. (

                                42         ; serial

                                10800      ; refresh (3 hours)

                                900        ; retry (15 minutes)

                                604800     ; expire (1 week)

                                86400      ; minimum (1 day)

                                )

                        NS      station1.example.com.

$ORIGIN example.com.

station1                A       192.198.0.1

station2                A       192.168.0.2

[root@station2 ~]# cat /var/named/slaves/reverse.zone

$ORIGIN .

$TTL 86400      ; 1 day

0.168.192.in-addr.arpa  IN SOA  station1.example.com.0.168.192.in-addr.arpa. root.0.168.192.in-addr.arpa. (

                                42         ; serial

                                10800      ; refresh (3 hours)

                                900        ; retry (15 minutes)

                                604800     ; expire (1 week)

                                86400      ; minimum (1 day)

                                )

                        NS      station1.example.com.

$ORIGIN 0.168.192.in-addr.arpa.

1                       PTR     station1.example.com.

2                       PTR     station2.example.com.

[root@station2 ~]#

4. Now, on all the clients (station1, station2, station3, and station4 ), Edit the file “/etc/resolv.conf” to specify that “station2″ is a slave DNS Server:

[root@station1 ~]# cat /etc/resolv.conf

search example.com

nameserver 192.168.0.1

nameserver 192.168.0.2

[root@station1 ~]#


HOW TO INSTALL OPSVIEW ON CENTOS 5.5



HOW TO INSTALL OPSVIEW 3.0 on CENTOS 5.5




1.  INSTALLATION:

1.  Register for an account and make a note of the username and password as these may be required later in the process.
2. Establish a terminal session to your Centos server, do not log in as root at this moment.
3. Download anRPMforge” package applicable to your distribution from the link here. Once downloaded, install via “rpm -ivh rpmfor….rpm”. Create repo file: “nano /etc/yum.repos.d/opsview.repo” and add the following:

[opsview]
name = Opsview
enabled = 1
protect = 0
gpgcheck = 0
Where REPOSITORY_KEY is the key emailed to you,  and <OS> is either 5 or 6 depending on your distribution. For reference, an example key is: 5bbd5667b498d81af9c2311d871858b26fe0024b
Use command to install opsview
yum install opsview
Or
Download the Below RPM from opsview repository & install 
http://www.opsview.com/technology/downloads/   (download rpm from this link after register on the site and download required rpm)
User below command to install rpm
rpm –ivh  lua-rrdtool-1.4.3-1.el5.rf.i386.rpm
 lua-rrdtool-1.4.3-1.el5.rf.i386.rpm
 mod_auth_tkt_opsview-2.0.5rc3-1.i386.rpm
 opsview-3.20130903.0.13498-1.ct5.i386.rpm
opsview-agent-4.4.1.345-1.ct5.i386.rpm
 opsview-base-4.4.1.345-1.ct5.i386.rpm
opsview-compatibility-check-3.20130903.0.13498-1.ct5.noarch.rpm
 opsview-core-3.20130903.0.13498-1.ct5.i386.rpm
 opsview-perl-4.4.0.792-1.ct5.i386.rpm
 opsview-slave-3.20130903.0.13498-1.ct5.i386.rpm
 opsview-web-3.20130903.0.13498-1.ct5.i386.rpm
 perl-5.8.8-40.el5_9.i386.rpm
 perl-rrdtool-1.4.4-1.el5.rf.i386.rpm
 rrdtool-1.2.29-1.el5.rf.ppc.rpm
 rrdtool-1.4.7-1.el5.rf.i386.rpm

4. Install thee mysql server
yum Install mysql*
5. Next, start MySQL and set the root password via
 “/etc/init.d/mysqld start” and “mysqladmin -u root -p password opsview”.
6. To start MySQL at boot, run the command “chkconfig --level 345 mysqld on
7. Now, we will drop into the user “nagios” and set the user environment correctly:
su – nagios

test -f /usr/local/nagios/bin/profile && . /usr/local/nagios/bin/profile

exit
8. Next we need to edit the opsview.conf file, “vi/usr/local/nagios/etc/opsview.conf”. In my opsview.conf for example, I changed all thechangeme” values to “opsview”, as that was what I set my MySQL root password to.
# This file overrides variables from opsview.defaults
# This file will not be overwritten on upgrades
#
$dbuser = “root”
$dbpasswd = "opsview";    
$runtime_dbpassword = “root”
$runtime_dbpasswd = "opsview";

1;
:wq (Save & exit)

9.    change mysql root password
       Mysql –u root
mysql > show databases;   (check database which are install)
mysql> user mysql;
mysql> UPDATE user SET Password=PASSWORD('opsview') WHERE User='root';
10. Generate the grants to my sql user.
mysql> GRANT ALL ON *.* TO 'root'@'localhost' ;
11. Install the required databases
/usr/local/nagios/bin/db_opsview db_install
/usr/local/nagios/bin/db_runtime db_install
12. Generate all the necessary configuration files:
/usr/local/nagios/bin/rc.opsview gen_config

OR
/etc/init.d/opsview gen_config

You can now start up the web application server:

/etc/init.d/opsview-web start

The Opsview server is now listening on port 3000, i.e. http://localhost:3000/
The performance of Opsview will be significantly improved by using Apache at the front end. All the following commands should be run as root.
1. Edit the apache configuration files and enable proxy_html
cd /etc/httpd/conf
vi httpd.conf
Ensure the line "LoadModule proxy_http_module modules/mod_proxy_http.so" is uncommented
2. Copy in the example Apache configuration file and edit to suite your needs
cd /etc/httpd/conf.d
cp /usr/local/nagios/installer/apache_proxy.conf opsview.conf
vi opsview.conf
You may need to comment out the DocumentRoot variable in /etc/httpd/conf/httpd.conf.
3. Amend the apache web server user group membership to include nagcmd group
usermod -G nagcmd apache
Check to ensure the apache user is correct for your web software.
If you use a centralized user management system, you may need to amend /etc/group manually. To test that the permissions are set correctly, run id apache and look for the nagcmd group.
4. Restart Apache
/etc/init.d/httpd restart
You can now access Opsview at http://localhost/
Once Opsview has been installed, a single administrative user will have been created. The credentials for this user are:
username: admin
password: initial
You should change this password to prevent unauthorized access to Opsview - this can be done from 'Administrator' link in the top right of the page.
4. Troubleshooting
If you try to connect to:http://your.server/you may be greeted with a 503 server temporarily unavailable error. Go to the command line and enter:
setsebool -P httpd_can_network_connect=1

What is RAID ?

  What is RAID?   RAID Levels - How the drives are organized   How to determine your RAID level  RAID 0 - Disk Striping   RAID 1 - Disk Mirr...

most viewed