Archiwum kategorii: Linux/Unix

Information regarding Linux systems

PHPMYADMIN install

Download phpmyadmin from this download page.

wget https://files.phpmyadmin.net/phpMyAdmin/${ver_number}/phpMyAdmin-${ver_number}-all-languages.tar.gz

Extract filers form archive:

tar xvf phpMyAdmin-${VERSION}-all-languages.tar.gz

Move extracted folder to /usr/share/phpmyadmin folder.

sudo mv phpMyAdmin-*/ /usr/share/phpmyadmin

Create directory for phpMyAdmin temp files.

sudo mkdir -p /var/lib/phpmyadmin/tmp
sudo chown -R www-data:www-data /var/lib/phpmyadmin

Create directory for phpMyAdmin configuration files such as htpass file.

sudo mkdir /etc/phpmyadmin/

Create phpMyAdmin configuration file.

sudo cp /usr/share/phpmyadmin/config.sample.inc.php  /usr/share/phpmyadmin/config.inc.php

Edit the file /usr/share/phpmyadmin/config.inc.php and set secret passphrase:

$cfg['blowfish_secret'] = 'T0FZTxt,g1wIhAQAzKWFUbVD0g6GL6AB'; 

You can generate secret passphrase using this webiste

Configure Temp directory:

$cfg['TempDir'] = '/var/lib/phpmyadmin/tmp';

Create phpMyAdmin Apache configuration file:

sudo vim /etc/apache2/conf-enabled/phpmyadmin.conf

And paste below contents to the file:

# phpMyAdmin default Apache configuration

Alias /phpmyadmin /usr/share/phpmyadmin

<Directory /usr/share/phpmyadmin>
    Options SymLinksIfOwnerMatch
    DirectoryIndex index.php

#<IfModule mod_authz_core.c>
#     <RequireAny>
#        #allows access from localhost
#        Require ip 127.0.0.1

        #allows access from particular ip address
        #Require ip 192.168.1.10
 
        #allows access from local network
#        Require ip 192.168.1.0/255.255.255.0

#	Require ip
#     </RequireAny>
#</IfModule>

 <IfModule !mod_authz_core.c>
    #rules order 
    Order Deny,Allow
 
    #block access from anywhere
   # Deny from All

    #allows access from localhost
    Allow from 192.168.1.80 
    #Allow from All
 
    #allows access from particular ip address
    #Allow from 192.168.1.2

    #below line allow access from network
    Allow from 192.168.1.0/255.255.255.0
</IfModule>


    <IfModule mod_php5.c>
        <IfModule mod_mime.c>
            AddType application/x-httpd-php .php
        </IfModule>
        <FilesMatch ".+\.php$">
            SetHandler application/x-httpd-php
        </FilesMatch>

        php_value include_path .
        php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
        php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
        php_admin_value mbstring.func_overload 0
    </IfModule>
    <IfModule mod_php.c>
        <IfModule mod_mime.c>
            AddType application/x-httpd-php .php
        </IfModule>
        <FilesMatch ".+\.php$">
            SetHandler application/x-httpd-php
        </FilesMatch>

        php_value include_path .
        php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
        php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
        php_admin_value mbstring.func_overload 0
    </IfModule>

</Directory>

# Authorize for setup
<Directory /usr/share/phpmyadmin/setup>
    <IfModule mod_authz_core.c>
        <IfModule mod_authn_file.c>
            AuthType Basic
            AuthName "phpMyAdmin Setup"
            AuthUserFile /etc/phpmyadmin/htpasswd.setup
        </IfModule>
        Require valid-user
    </IfModule>
</Directory>

# Disallow web access to directories that don't need it
<Directory /usr/share/phpmyadmin/templates>
    Require all denied
</Directory>
<Directory /usr/share/phpmyadmin/libraries>
    Require all denied
</Directory>
<Directory /usr/share/phpmyadmin/setup/lib>
    Require all denied
</Directory>

wymuszenie HTTPS

Po skonfigurowaniu certyfikatu SSL, aby wymusić stronę do otwierania przez połączenie szyfrowane należy:

W sekcji VirtualHost w konfiguracji strony w apachu dodać:

<Directory /var/www/html/example.com/public_html>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

w katalogu strony dodać plik .htaccess a w nim:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]

Enable or Disable Service on startup in Linux

This is about: Enable or Disable service on startup in Linux

systemctl start SERVICE – starts a service, but doesn’t remain after reboot

systemctl stop SERVICE – stops a service, but doesn’t remain after reboot

systemctl restart SERVICE – restarts a service, but doesn’t remain after reboot

systemctl reload SERVICE – is supported by service, will reload configuration of the service without interfering with services depending on it.

systemctl status SERVICE – shows actual status of a service -is it currently running or not

systemctl enable SERVICE – changing service status to enabled. Service will be turned on at nest reboot.

systemctl disable SERVICE – turns off the service – it will not load at next reboot.

systemctl is-enabled SERVICE – checks if the service is enabled to load at startup

systemctl is-active SERVICE – checks if the service is running at the very moment

systemctl show SERVICE – information about the service.

systemctl mask SERVICE – (as root) the service is being disabled completely (service directed to/dev/null). Service wont be able to turned on by any command.

sudo systemctl unmask SERVICE – Reverts above action .

service –status-all – List running services using service command

To print the status of apache (httpd) service:
service httpd status

chkconfig --list – lists all known services

netstat -tulpn – lists services and their open ports

Maria DB / MYSQL

https://www.cyberciti.biz/faq/how-to-show-list-users-in-a-mysql-mariadb-database/

Login to mysqlas root using your root pass:
# mysql -u root -p

To list all the users:
mysql> SELECT User FROM mysql.user;

Show host permissions - where the users are allowed to logon from:
mysql> SELECT host, user FROM mysql.user;

Show users permissions:
mysql> SELECT User, Db, Host from mysql.db;

Show permissions of specific user:
mysql> show grants for 'root'@'%';
mysql> show grants for 'root'@'192.168.1.80';
mysql> show grants for 'root'@'localhost';

Change user host permissions:
UPDATE mysql.user SET Host='%' WHERE Host='localhost' AND User='username';
FLUSH PRIVILEGES;

Change user password:
UPDATE mysql.user SET Password=PASSWORD('newpass') WHERE User='root';


To create new user:
CREATE USER 'superuser'@'localhost' IDENTIFIED BY 'new_pass';

And give access to do everything
GRANT ALL PRIVILEGES ON *.* TO 'superuser'@'localhost' WITH GRANT OPTION;

vsftp

VSFTPD

apt-get install vsftpd

 /etc/vsftpd.conf – configuration file -> always copy the file before editing:

cp /etc/vsftpd.conf /etc/vsftpd.conf.old

If SSH is configured, enabled and you are able to connect , you can use cert file as way of authorization. To do so, need to change form NO to YES in line:

ssl_enable = YES

Kompresja katalogu – zIP

Aby skompresować cały katalog:

tar -zcvf archive-name.tar.gz directory-name

-z : Compress archive using gzip program in Linux or Unix

-c : Create archive on Linux

-v : Verbose i.e display progress while creating archive

-f : Archive File name

Aby rozpakować:

tar -zxvf prog-1-jan-2005.tar.gz

-x: Extract files from given archive

static IP Raspberry Pi

Edit  /etc/dhcpcd.conf as follows:-

Here is an example which configures a static address, routes and dns.
interface eth0
static ip_address=10.1.1.30/24
static routers=10.1.1.1
static domain_name_servers=10.1.1.1

interface wlan0
static ip_address=10.1.1.31/24
static routers=10.1.1.1
static domain_name_servers=10.1.1.1