I will give an example of updating a self-signed certificate on Ubuntu Server with iRedMail installed.
Switch to the root user:
Continue reading “How to renew SSL certificate on iRedMail”Vyacheslav Gapon – personal blog, manuals, articles, notes, development
I will give an example of updating a self-signed certificate on Ubuntu Server with iRedMail installed.
Switch to the root user:
Continue reading “How to renew SSL certificate on iRedMail”After connecting the disk to the server, let’s see a list of all the disks and find the name of the desired one:
sudo fdisk -l
I’ll give an example of mounting NTFS partition of a disk in Ubuntu (since I had a disk partitioned into two partitions, drive C and D, then they were found in the system as /dev/sdb1 and /dev/sdb2, both mounted to the created directories):
sudo mkdir /newhdd1 sudo mount -t ntfs /dev/sdb1 /newhdd1 sudo mkdir /newhdd2 sudo mount -t ntfs /dev/sdb2 /newhdd2
Since before this disk was used in the Windows system, I had a mount error:
The disk contains an unclean file system (0, 0).
Metadata kept in Windows cache, refused to mount.
Failed to mount ‘/dev/sdb1’: The operation is not allowed
The NTFS partition is in an unsafe state. Please resume and shutdown
Windows fully (no hibernation or fast restarting), or mount the volume
read-only with the ‘ro’ mount option.
In this case, you can mount the partition in read-only mode:
sudo mount -t ntfs -o ro /dev/sdb1 /newhdd1
Either fix the partitions with the command:
sudo ntfsfix /dev/sdb1 sudo ntfsfix /dev/sdb2
And after that, mount with full access:
sudo mount -t ntfs /dev/sdb1 /newhdd1 sudo mount -t ntfs /dev/sdb2 /newhdd2
You can unmount it like this:
sudo umount -t ntfs /dev/sdb1 /newhdd1 sudo umount -t ntfs /dev/sdb2 /newhdd2
Let’s review the existing disks:
Continue reading “Managing disk partitions in Ubuntu using fdisk”Suppose we have already configured LVM, for example, as I described in this article – Setting up and using LVM
Switch to the root user:
sudo -i
If there is no hot-swap drive, turn off the server, connect a new disk, turn on the server and look at the name of the new disk (in my case it’s /dev/sdd):
fdisk -l
Let’s see the existing groups and how much space is left:
vgdisplay
Let’s see a list of physical volumes:
pvdisplay
Let’s start marking a new disk:
fdisk /dev/sdd n p 1 Enter Enter t 8e w
Now create a physical volume:
pvcreate /dev/sdd1
Let’s see a list of logical volumes:
lvdisplay
We extend it by adding a new partition (where ixnfo is a volume group):
vgextend ixnfo /dev/sdd1
See the list of physical volumes as follows:
pvscan
Let’s look at the path of the logical volume (in my case /dev/ixnfo/temp) and add a new section:
lvextend /dev/ixnfo/temp /dev/sdd1
Let’s see the size of the mounted logical volume:
df -h
So the size did not change, we’ll fix it with the command:
resize2fs /dev/ixnfo/temp
Done.
LVM (Logical Volume Management) allows you to compile multiple disks and areas from disks into one logical volume and then split again as you like.
PV (Physical Volume) — partition or whole disk
VG (Volume Group) — a single disk assembled from physical volumes
LV (Logical Volume)
Switch to the root user:
sudo -i
Install LVM if it is not already installed (Ubuntu/Debian):
apt-get install lvm2
Let’s look at the information about the disks:
fdisk -l
On the test I have /dev/sda with the system and not marked /dev/sdb.
Let’s make the physical partition all /dev/sdb without partitioning:
pvcreate /dev/sdb
To view the list of physical volumes, use the command:
pvdisplay
Create a volume group named ixnfo:
vgcreate ixnfo /dev/sdb
If necessary, delete as follows:
vgremove ixnfo
Example of viewing existing groups and how much space is left:
vgdisplay
For the test, create a logical volume “temp” of 100 megabytes:
lvcreate -L100 -n temp ixnfo
To view the list of logical volumes, use the command:
lvdisplay
Let’s format it:
mkfs.ext4 -L temp /dev/ixnfo/temp
Create a folder, mount the created volume:
mkdir /mnt/temp mount /dev/ixnfo/temp /mnt/temp
You can unmount it like this:
umount /mnt/temp/
See also:
Adding a disk to LVM
Managing disk partitions in Ubuntu using fdisk
On the test I will install Zurmo in Ubuntu Server 16.04 and PHP 7.
Continue reading “Installing Zurmo on Linux”I noticed once after installing EJabberd in Ubuntu Server 16.04 and adding the user from the root command:
ejabberdctl register USER localhost PASSWORD
The following error:
/usr/sbin/ejabberdctl: line 428: 14615 Segmentation fault $EXEC_CMD “$CMD”
The log file /var/log/syslog reported:
Sep 11 11:17:00 mail kernel: [4647543.535271] audit: type=1400 audit(1505117820.598:43): apparmor=”DENIED” operation=”file_mmap” profile=”/usr/sbin/ejabberdctl//su” name=”/bin/su” pid=14439 comm=”su” requested_mask=”m” denied_mask=”m” fsuid=0 ouid=0
To solve the error, I opened the apparmor configuration file:
nano /etc/apparmor.d/usr.sbin.ejabberdctl
Found the string:
/bin/su r,
And changed it by adding m:
/bin/su rm,
Restarted the apparmor:
sudo service apparmor restart
Done, the error no longer appears.
Suppose we installed ircd-hybrid as I described in this article – Installing the IRC server – ircd-hybrid
Now proceed to setup.
Let’s edit the text of the welcome message:
sudo nano /etc/ircd-hybrid/ircd.motd
Make a copy of the configuration file just in case:
sudo cp /etc/ircd-hybrid/ircd.conf /etc/ircd-hybrid/ircd_original.conf
Open the main configuration file in the text editor, configure the parameters and comment out the unnecessary ones:
sudo nano /etc/ircd-hybrid/ircd.conf
In the configuration file, the standard serverinfo parameters are first followed, if desired, we change them:
serverinfo { name = "hybrid8.debian.local"; description = "test"; network_name = "debian"; network_desc = "This is My Network"; hub = no; default_max_clients = 512; max_nick_length = 15; max_topic_length = 300; };
Further, contact the server administrator, if desired, change them:
admin { name = "SYSADMIN"; description = "Main Server Administrator"; email = "<admin@example.com>"; };
Network parameters (on which ports the ircd-hybrid will work, for example, you can change to 6667):
listen { port = 6665 .. 6669; };
The first auth block that allows you to connect everything from the local address 127.0.0.1:
auth { user = "*@127.0.0.1"; spoof = "i.love.debian.org"; class = "opers"; flags = need_password, spoof_notice, exceed_limit, kline_exempt, xline_exempt, resv_exempt, no_tilde, can_flood; };
Another auth block allows you to connect to all (comment or change to your own needs):
auth { user = "*@*"; class = "users"; flags = need_ident; };
For example, create a password for the user, copy the result of the command in an encrypted form:
mkpasswd PASSWORD
We add the possibility of authorization to any users only with a password and from the specified network:
auth { user = "*@192.168.3.0/24"; class = "users"; flags = need_password; encrypted = yes; password = "PASSWORD_FROM_mkpasswd"; };
In the auth block the password will be stored in encrypted form, in the IRC client it is specified as it is.
To specify the password in the auth block in the unencrypted form, you need to remove encrypted.
In the general section, disable the need_ident:
general { ... disable_auth = yes; ... };
Restart ircd-hybrid to apply the changes:
sudo /etc/init.d/ircd-hybrid restart sudo service ircd-hybrid restart
We can also add an operator:
auth { name = "admin"; user = "admin@192.168.3.254/32"; class = "opers"; flags = need_password, spoof_notice, exceed_limit, kline_exempt; encrypted = yes; password = "PASSWORD_FROM_mkpasswd"; };
You can block IP addresses as necessary in the following ways:
deny { ip = "192.168.4.4/32"; reason = "Spam"; };
After the changes in the configuration file, you need to restart the ircd-hybrid.
As a customer you can use for example free AdiIRC.
Here is an example of installing an IRC server – ircd-hybrid.
To install ircd-hybrid in Ubuntu, run the following command:
sudo apt-get install ircd-hybrid
After installation, ircd-hybrid will use TCP ports 6665-6669.
If desired, to connect to the IRC from the terminal, you can set for example the IRC client epic4:
sudo apt-get install epic4
And connect:
irc 127.0.0.1
You can connect to the channel with the command:
/join CHANNEL
Go out:
/quit
Check whether the ircd-hybrid is running, for example:
netstat -a | grep irc netstat -an | grep 6667
Restart ircd-hybrid as follows:
sudo /etc/init.d/ircd-hybrid restart
If iptables is used, before you need to write a rule:
sudo iptables -A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport 6667 -j ACCEPT
This completes the installation and you can proceed with the configuration.
See my article about setting up – Configuring the ircd-hybrid
I’ll also give an example of installing ircd-hybrid from the sources.
Download ircd-hybrid from the official site:
wget http://prdownloads.sourceforge.net/ircd-hybrid/ircd-hybrid-8.2.22.tgz tar -xvf ircd-hybrid-8.2.22.tgz cd ircd-hybrid-8.2.22
Install the necessary components:
sudo apt-get install build-essential unzip cmake
Configure and install ircd-hybrid:
./configure --prefix="/home/USER/ircd" make make install
You can also install Anope (to extend the functionality):
cd /tmp/ wget https://github.com/anope/anope/archive/2.0.zip unzip 2.0.zip cd anope-2.0 ./Config cd build make make install
Let’s install the right owner:
sudo chown -R USER: ~/services ~/ircd
On the test went into https://robot.your-server.de/, has opened Main functions – Servers, selected the server and in the tab Backup activated free 100GB, since for servers costing 39 € or more this place was allocated for free.
Activated WebDAV to test, samba was already activated, it is also possible to connect via FTP, FTPS, SFTP and SCP using a user name and password, via SFTP/SCP, you can also connect using the key.
The speed of data transfer to the backup server depends on the number of connected users and their traffic.
When connecting, use a domain name, for example USER.your-backup.de, because the IP address can change.
Also, you can not create the /etc and /lib directories in place for backups.
For an example in Ubuntu Server, I will mount a backup location using SAMBA/CIFS.
Install the necessary utilities and create a directory in which we will mount:
sudo apt-get install cifs-utils
sudo mkdir /backup
Temporarily mount the place with the command:
sudo mount.cifs -o user=USER,pass=PASSWORD //USER.your-backup.de/backup /backup
To automatically mount after rebooting the system, add the following line to the / etc / fstab file:
//USER.your-backup.de/backup /backup cifs iocharset=utf8,rw,credentials=/etc/backup-credentials.txt,uid=SYSTEM_USER,gid=SYSTEM_GROUP,file_mode=0660,dir_mode=0770 0 0
To open a file it is possible for example with the text editor nano (CTRL+X for an output, y/n for saving or canceling changes):
sudo nano /etc/fstab
And add the following lines to the file /etc/backup-credentials.txt:
username=USER
password=PASSWORD
We will only set permissions for the file owner for security reasons:
sudo chmod 600 /etc/backup-credentials.txt
If you use the Windows operating system, you need to create a system user with the same login and password as the backup location.
Now I will connect to the test via WebDAV.
Install the necessary utilities and create a directory in which we will mount:
sudo apt-get install davfs2
sudo mkdir /backup
In CentOS:
yum install davfs2
mkdir /backup
Temporarily to mount through WebDAV a place it is possible a command:
sudo mount -t davfs https://USER.your-backup.de /backup
To automatically mount after rebooting the system, add the following line to the /etc/fstab file:
https://USER.your-backup.de /backup davfs rw,uid=SYSTEM_USER,gid=SYSTEM_GROUP,file_mode=0660,dir_mode=0770 0 0
And in the file /etc/davfs2/secrets the following line:
https://USER.your-backup.de USER PASSWORD
That’s all, in my case, you can save backups to the /backup directory.