It’s simply easy to find the user that reach a specific file with two regular commands.
1. Use fuser command to find the PID of that as bellow :
fuser “file path/file name”
2. Use ps with grep to find who match with that PID :
PS –aux | grep “PID Number”
I was googling for IPtable and found the IPtable Tutorial 1.2.2, it was web edition and some other tried to make pdf one but it was terrible, I was searching more and finally found a great pdf edition, so I thought to share it with others.
1. Install Bind in a folder as you like :
# ./configure --prefix=/usr/local/dns/Bind-9.6.1-P1/
# make && make install
2. It’s not a good idea to run Bind as root so create another username and group for this purpose :
# useradd –c NameServer –s /bin/false named
* named is the username I chose
3. Create a couple of folders for our Chroot Jail as I show below :
/chroot +—named
+—dev
+—etc
| +—namedb
| +—slave
+—var
+—run
4. Change all files and folders permission to 700 and select “named” as owner and group unless Chroot ( you may need Chroot folder for other purpose ) :
# chmod 700 named
# chown named:named named
5. Go to the Bind installation folder --> sbin and follow below commands :
# rndc-confgen –a ( that makes a default rndc.key )
# rndc-confgen
6. Open rndc.key and replace the key with secret that I showed below in green and copy all of them to named.conf in /chroot/named/etc/namedb folder.
key "rndc-key" {
algorithm hmac-md5;
secret "m2gKdMpZbyG49C9v+uXM6Q==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
7. We need at least 2 necessary files and a symbolic link :
8. Create 2 device in /chroot/named/dev folder :
# mknod /chroot/named/dev/null c 1 3
# mknod /chroot/named/dev/random c 1 8
# chmod 666 /chroot/named/dev/{null,random}
9. Now it’s ok to run named like something like this :
# /usr/local/dns/Bind-9.6.1-P1/named –4 –c /etc/namedb/named.conf –t \ /chroot/named –u named
* You can put the above command and also rndc ( if you like ) to a file in /etc/init.d folder and run it as a service.
* You have to specify the PID file path in named.conf or options that included if you don’t want the Bind create an extra folder in chroot/named folder.
e.g.
options {
directory "/etc/namedb";
version "[If you have a legitimate reason for requesting this info, please contact ]";
listen-on-v6 { none; };
pid-file "/var/run/named/named.pid";
};
1. If you use CCISS device like “HP DL360” be sure follow by these command exactly:
# mkdir /mnt/root
# mount /dev/cciss/c0d0p1 /mnt/root (c0d0p1 is my / Partition)
# mount -o bind /dev /mnt/root/dev
# mount -t proc none /mnt/root/proc
# chroot /mnt/root
* codop1 = czerodzeropone
2. In lilo.conf file edit boot option as below:
boot = /dev/cciss/c0d0p1
3. Use these commands as next step:
# lilo -M /dev/cciss/c0d0 mbr
# lilo
# reboot
1. Follow by these commands:
# cd /usr/src
# wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.31.tar.bz2
# tar –jxf linux-2.6.31.tar.bz2
# ln -s linux-2.6.31 linux
# cd /usr/src/linux
# cp /proc/config.gz
# gunzip config.gz
# mv config .config
2. For customize the kernel configuration:
# make menuconfig
* It’s recommended to reload the old config file in “Load an Alternate Configuration File”
3. For compile and add it to boot folder:
# make all && make modules_install
# cp arch/i386/boot/bzImage /boot/vmlinuz-2.6.31-l7
# cp System.map /boot/System.map-2.6.31-l7
# cp .config /boot/config-2.6.31-l7
4. Edit lilo.conf with “vi /etc/lilo.conf” and add these lines at the top of older one:
default = Sl-2.6.31
image = /boot/vmlinuz-2.6.31-l7
root = /dev/sda2
label = Sl-2.6.31
read-only
5. For update the LILO:
# lilo
# Reboot
Before I begin to show how install and configure PostFix, I want to thank one of my best friend Nasser who encourage me to R&D on Linux and update my blog.
1. You can install PostFix easily with apt-get install postfix command.
2. For testing your mail server you need Mailx utility so install it same way as install PostFix.
3. After installing those packages you need to add and edit some parameters in your mail server configuration file, you can do this in two ways :
a. you can open the main.cf file in PostFix folder and edit or add your configuration lines like :
myhostname = mail.youdomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = mail.yourdomain.com, localhost.yourdomain.com, localhost
relayhost =
mynetworks = 127.0.0.0/8, 192.168.1.0/24
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
default_transport = error
relay_transport = error
home_mailbox = Maildir/
inet_protocols = allb. you can use postconf -e command for add or edit your configuration file as bellow :
postconf -e "mynetworks = 127.0.0.0/8, 192.168.1.0/24"
postconf -e "inet_interfaces = all"
4. Now you have to restart the PostFix with /etc/init.d/postfix restart.
5. Test your mail server with netcat command :
netcat mail.yourdomain.com 25
ehlo yourdomain.com
mail from: root@yourdomain.com
rcpt to: username@yourdomain.com
data
Subject: My first mailHi,
Are you there?
regards,
Admin. (and Enter In a new Line)
quit
6. Check your Maildir in your home directory, if there is a mail here from root, you did your job great.
* Remember to make Maildir directory if you want a tidy home directory.
7. For using POP3 service you have to install an extra package that call courier-pop.
8. After installation, you can test it with netcat command like :
netcat mail.yourdomain.com 110
user username
+OK Password required.
pass password
+OK logged in.
quit
1. Use htpasswd command to create a password for the user that you want to access to the proxy :
# htpasswd /etc/squid/passwd username
2. Make sure squid can read passwd file :
# chmod o+r /etc/squid/passwd
3. Open and edit /etc/squid/squid.conf as below :
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
4. Also add two other lines in ACL section :
acl acl name proxy_auth REQUIRED
http_access allow ncsa_users acl name
5. Reload your squid.
