Saturday, 9 January 2016

Mount AWS S3 bucket in linux

yum remove fuse fuse-s3fs
yum install automake fuse-devel gcc-c++ git libcurl-devel libxml2-devel make openssl-devel
cd s3fs-fuse
cd /opt/
git clone https://github.com/s3fs-fuse/s3fs-fuse.git
cd s3fs-fuse
./autogen.sh
./configure
make
make install
echo MYIDENTITY:MYCREDENTIAL > ~/.passwd-s3fs
chmod 600 ~/.passwd-s3fs
mkdir /tmp/cache
mkdir -p /s3localfolder
chmod 777 /tmp/cache /s3localfolder
s3fs -o use_cache=/tmp/cache s3bucket /s3localfolder

create script: 
vi /usr/bin/mounts3.sh
#!/bin/bash
sleep 60
s3fs -o use_cache=/tmp/cache s3bucket /s3localfolder
echo "Amazon S3 bucket connected!"
save and exit

Create systemd service for S3FS

create new file:
 /etc/systemd/system/mounts3.service

and put below data :

[Unit]
Description=Mounts Amazon S3 bucket
After=syslog.target
After=network.target

[Service]
User=root
WorkingDirectory=/usr/bin
ExecStart=/bin/bash mounts3.sh start
Type=forking
KillMode=process

# Time for the shell script to start up
TimeoutSec=120

[Install]
WantedBy=multi-user.target

save and exit

Check service :

systemctl start/stop mounts3
Enable service on system boot:

systemctl enable mounts3


Thats it.....

Thursday, 25 September 2014

(bash vulnerability) Bash software bug could be bigger threat than Heartbleed, experts warn

Secure your Linux , apple pc, servers
Try the vulnerability test (in Terminal): 

$ env x='() { :;}; echo vulnerable' bash -c 'echo hello'
if you are vulnerable, you get back:
vulnerable
hello
if get it "vulnerable" please immediate update bash shell at linux.

for Centos\RHEL linux :
yum update bash

For ubuntu :

apt-get update aptapt-get install --only-upgrade bash or
mkdir srccd srcwget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
#download all patchesfor i in $(seq -f "%03g" 0 25); do wget http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-$i; donetar zxvf bash-4.3.tar.gz cd bashcd bash-4.3#apply all patchesfor i in $(seq -f "%03g" 0 25);do patch -p0 < ../bash43-$i; done#build and install./configure && make && make install cd
cd .. cd
cd ..rm -r src
Verify patch
export VULNCHECK='() { :; }; echo You are still vulnerable'; bash
You are still vulnerable


You can see if you’re vulnerable by running the following command:
In a vulnerable environment, it’ll say:

And again check vulnerability if look like its fine.
or
$ env X="() { :;} ; echo busted" /bin/sh -c "echo hello"
hello
 or
otherwise you get:
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
hello

Tuesday, 23 September 2014

Install and configure atlassian jira and atlassian confluence for mysql on Linux\Centos\RHEL

Download jira and confluence package
cd /opt
wget http://www.atlassian.com/software/confluence/downloads/binary/atlassian-confluence-5.3-x64.bin

wget http://www.atlassian.com/software/jira/downloads/binary/atlassian-jira-6.1-x64.bin

wget http://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-5.1.26.tar.gz/from/http://cdn.mysql.com/

Make executable jira/confluence bin file
chmod +x *.bin

tar -xvzf mysql-connector-java-5.1.26.tar.gz

Installing mysql server

yum install mysql-server mysql
service mysqld start
chkconfig mysqld on   (auto start service on system reboot)

Setup jira database 
mysql -u root -p
CREATE DATABASE jiradb CHARACTER SET utf8 COLLATE utf8_bin;
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER,INDEX on jiradb.* TO 'jirauser'@'localhost' IDENTIFIED BY 'jiradb';
FLUSH PRIVILEGES;
QUIT

./atlassian-jira-6.1-x64.bin

Configure atlassian jira for mysql
cd mysql-connector-java-5.1.26
cp *.jar /opt/atlassian/jira/lib/
service jira stop
service jira start
chkconfig jira on    (auto start service on system reboot)

Open jira on web browser and complete setup
http://localhost:8080


Setup confluence for mysql

mysql -u root -p
CREATE DATABASE confluence CHARACTER SET utf8 COLLATE utf8_bin;
GRANT ALL PRIVILEGES ON confluence.* TO 'confluenceuser'@'localhost' IDENTIFIED BY 'confluence';
FLUSH PRIVILEGES;
QUIT

./atlassian-confluence-5.3-x64.bin
cd mysql-connector-java-5.1.26
cp *.jar /opt/atlassian/confluence/lib/
service confluence restart
chkconfig confluence on

Open confluence on web browser and complete setup
http://localhost:8090