Categories

• Linux
  • Tips
• Work

Archives

• June 2008
• May 2008

Sponsored Sites

• Arch Linux Mirror
• Open Room

Meta

• Log in
• Valid XHTML
• XFN
• WordPress

Archive for June, 2008

Linux Security Tip 1 - Watch root

It is easy to think whenever you get a linux box set and live on the net, to think that the box is ready to confront any threats out there.

I won’t go into a whole post as to why i think Linux should undergo a “severe” security audit as much as it is done on a windows box, but experience has shown me that it is easy to get into a linux box as much as it is easy to get into a windows box.

Now… this is going to be a small serie on Security Tip - feel free to add any tips you may have in the comments.

Today’s tip isn’t really a security hardening tip but much more a way to keep up with root access on your server. As much as it is good to harden your server, it is far more better to be alerted of any major actions.

Many linux servers have been compromised through getting root access… so, say you got some production servers (or your precious home laptop) unto which you don’t log often and wish to be kept alerted whenever someone logs as root.

To do that, simply log through ssh or terminal and type

vi /root/.bash_profile (note if you use sudo userA, you may do vi /home/userA/.bash_profile)

once opened, go into edit mode and type

echo ‘ALERT - Root Shell Access on:’ `who` | mail -s “Alert: Root Access from `who | awk ‘{print $6}’`” your@email.com

save and exist

So whenever someone logs as root (or sudo user), you will get an email with the who output which is “login” - “terminal” - “date” - IP Address

(keep in mind that this isn’t whenever any user logs, but in our case only when ROOT logs in)

sincerely,

Linux, Tips Comments 0 Jun 12th, 2008

service automated restart

Ok… it’s got pretty late here, and tomorrow is another day of work… but before I hit the sack… for those interested in keeping up services running on their server, here is a little bash cron script which could be modified or alterated to keep up any services/daemons running.

Please note this is a tip, so you migth need to modify things around to fit your needs… just giving out the idea here

for mysql service for instance

/usr/bin/pgrep mysqld

if [ $? -eq 0 ]
then
/etc/init.d/mysqld restart
fi

So… from there, you could easily develop it and make it more sophisticated… like email you for instance etc…

peace,

Linux, Tips Comments 0 Jun 8th, 2008

sqlite, hack the code…

So… for about few hours now, I was puzzled on how to get sqlite working on one of our customer centos server. Problem was that all sqlite function were bugging and the sqlite databases couldn’t be queried. A quick php -v on cli, gave me the first indication that sqlite.so file wasn’t properly loading. Actually the repo sqlite install had place the lib files in the wrong directories… after quickly checking the extension dir, i decided to copy over the .so sqlite extension file and reload apache… first try… first failure.. even pointing to the right extension file, the lib couldn’t still be loaded..

that’s where the puzzle started…

After thinking it through and reading on php.net/bugs section, I came to realize that this was simply a bug starting off php 5.1…

So after a while, I decide to retrieve back to an old sqlite version and compile it myself

so

wget -q http://pecl.php.net/get/SQLite-1.0.3.tgz

tar zxvf SQLite-1.0.3.tgz; cd SQLite-1.0.3

phpize

(if you get a phpize error, just do a yum insta php-devel) then retry phpize again

./configure

make

(that’s where I was about to pull my hair, when while compiling the source code, make abruptly stopped with an error 1 and offset error)

this is where we need to hack the C code of sqlite to make it compile with our Centos 5

vi sqlite.c

then comment out this line

static unsigned char arg3_force_ref[] = {3, BYREF_NONE, BYREF_NONE, BYREF_FORCE };

so this becomes

/* static unsigned char arg3_force_ref[] = {3, BYREF_NONE, BYREF_NONE, BYREF_FORCE }; */

replace then

function_entry sqlite_functions[] = {
PHP_FE(sqlite_open, arg3_force_ref)
PHP_FE(sqlite_popen, arg3_force_ref)
to:
function_entry sqlite_functions[] = {
PHP_FE(sqlite_open, third_arg_force_ref)
PHP_FE(sqlite_popen, third_arg_force_ref)

“save - exit”

then make clean

./configure; make; make install

Once that is through with no error

cp modules/sqlite.so To_The.Php.ini.ExtensionDir

then service httpd restart

and voila

easy he.. still got me confused for a second there

Linux, Work Comments 0 Jun 2nd, 2008