Category Archives: server management

apache – grant access to single file

Steps Ensure target file has read access from apache user ls -l /path/to/my/file/myfile.doc If not, grant right via: chmod a+rwx /path/to/my/file/myfile.doc In one of your /etc/apache/sites-enable/*.conf files, add the following: <Directory /path/to/my/file> <Files myfile.doc> Require all granted </Files> </Directory> Restart apache sudo apache2ctl restart Voilà! sources http://stackoverflow.com/questions/13799932/how-to-allow-access-to-only-a-single-file

Configure apache to run a django framework based project [solved]

To serve django via apache, using mod_wsgi (recommended option by django documentation), proceed as follow: install apache mod_wsgi: sudo apt-get install libapache2-mod-wsgi-py3 ensure mod_wsgi is indeed into /etc/apache2/mods-enabled: ls -l  /etc/apache2/mods-enabled/ | grep “wsgi” create a python virtualenv for your project (see Run python virtualenv with Ubuntu) go to /etc/apache2/sites-available and create file myproject.conf: sudo vi /etc/apache2/sites-available/myproject.conf Paste following content: <VirtualHost *:80> ServerName mydomain.com ServerAdmin webmaster@localhost DocumentRoot /path/to/myproject ErrorLog ${APACHE_LOG_DIR}/myproject.error.log CustomLog ${APACHE_LOG_DIR}/myproject.access.log combined Alias /static/ /path/to/myproject/static/ <Directory /path/to/myproject/static> Require all granted </Directory> <Directory /path/to/myproject/myproject> <Files wsgi.py> Require all granted </Files> </Directory> WSGIScriptAlias / /path/to/myproject/myproject/wsgi.py WSGIDaemonProcess myproject python-path=/path/to/myproject:/path/to/myproject/virtualenv/lib/python3.4/site-packages WSGIProcessGroup myproject </VirtualHost> […]

run virtualbox on kimsufi server

Just bought a low-end kimsufi server (atom D425) and tried to run virtualbox on it. Host os is Ubuntu Desktop 14.02 Proceed as follow revert to Ubuntu stock kernel instead of tweaked ovh one: [UPDATE: ignore this section, rather simply use advanced mode when installing distribution and select to use native distribution kernel] sudo apt-get install linux-image-server mkdir ~/ovh.d/ sudo mv /etc/grub.d/06_OVHkernel ~/ovh.d sudo update-grub sudo apt-get install linux-headers-generic restart machine sudo shutdown -r -f now install virtualbox //sudo apt-get install virtualbox // update: do not do this since version in ubuntu repository is quite old, download from www.virtualbox.org instead […]

view ssh RSA key fingerprint of server

Upon first ssh connection, ssh public key fingerprint is displayed. To confirm the connection is indeed with the expected server, either you already know the public key fingerprint or simply display it again to confirm it is the expected one: connect to server usually rsa public key is stored under /etc/ssh/ssh_host_rsa_key.pub to generate fingerprint, run: ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub That’s it, output of the form “xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx”. Sources http://www.linuxquestions.org/questions/linux-security-4/how-do-i-find-out-the-rsa-fingerprint-of-the-server-i-want-to-connect-to-590322/

[SOLVED] Stopping at filesystem boundary (GIT_DISCOVERY_ACROSS_FILESYSTEM not set)

I am new to git and therefore facing some newbie errors. When trying to add a shortname for my repository via command git remote add <myshortname> ssh://user@server:port/path_to_my_bare_git_repo , I was greeted with following error message: fatal: Not a git repository (or any parent up to mount point /home) Stopping at filesystem boundary (GIT_DISCOVERY_ACROSS_FILESYSTEM not set). In my case, reason for this error message is pretty simple. When running above mentioned call, it must be done from a git repository locally. Therefore first create locally your folder, then from this folder run “git init“. From there you can run the git […]

configure ftp server with encryption

Here is how to configure ftp server and force all connections to use encryption. FTP software to be used here is vfstpd. Steps install vsftpd sudo apt-get install vsftpd generate an ssl certifcated sudo openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd/vsftpd.pem configure vsftpd to use ssl certificate. Here we have serveral choices, use ftp over ssh (SFTP), use explicit FTP over SSL (FTPES) or use implicit FTP over SSL (FTPS). Preferred configuration is in our case FTPES because is uses normal FTP port. We will make sure to ask for both login and password to […]

insserv: warning: script ‘K20mydns’ missing LSB tags and overrides

When upgrading my server I ran into the following error: error: Unable to migrate to dependency based boot sequencing. error: Problems detected: insserv: warning: script ‘K20mydns’ missing LSB tags and overrides, insserv: warning: script ‘S13fixudev’ missing LSB tags and overrides, insserv: warning: script ‘bastille-firewall’ missing LSB tags and overrides, insserv: warning: script ‘fixudev’ missing LSB tags and overrides, insserv: warning: script ‘mydns’ missing LSB tags and overrides, , package amavisd-new removed but not purged, package clamav-daemon removed but not purged, package clamav-freshclam removed but not purged See http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot for more information about dependency based boot sequencing. To reattempt the migration […]

How to find out which sybase version you’re on

Simply run the following query: select @@version sources http://www.sybaseteam.com/showthread.php?tid=531

postfix: recipients rejected

When looking at postfix logs (/var/log/mail.log), I noticed the following entry when seding emails to my domain: postfix/smtpd[24502]: NOQUEUE: reject: RCPT from mail-xxx.com[xx.xx.xx.xx]: 550 5.1.1 <test@xxx.net>: Recipient address rejected: User unknown in local recipient table; from=<xxxxx> to=<test@xxx> proto=ESMTP helo=<xxxxx> It looks like adding the following to /etc/postfix/main.cf local_recipient_maps = and reloading postfix (run ‘postfix reload’) solved the issue! sources http://www.postfix.org/LOCAL_RECIPIENT_README.html http://ubuntuforums.org/showthread.php?t=477590

postfix: redirect emails to script

In this example, we will configure postfix to redirect any email sent to *@script.mydomain.com to a php script Update /etc/postfix/main.cf (don’t forget to create a backup copy) to create a new transport instruction:/etc/postfix/main.cf: transport_maps = hash:/etc/postfix/<mytransport> Note: replace <mytransport> with any name you want. Create corresponding transport file:/etc/postfix/<mytransport>: script.mydomain.com myPipeName: Note: don’t forget to change ‘script.mydomain.com’ to match your own config, and replace ‘myPipeName’ with any string you want (ensure it is not defined elsewhere) Update master.cf (don’t forget to create a backup copy before) to pipe email through your script: myPipeName unix – n n – – pipe flags=O […]