systemctl list-unit-files
systemctl status clamd@scan.service
service maldet.service restart
Running Tomcat Automatically At Linux Startup
A potential drawback of installing Tomcat from a binary distribution instead of using a Linux-packaged version is that you’ll have to do some extra legwork to make Tomcat start automatically when Linux boots up. To make this process easy and pain-free, follow this simple guide.
Step 1 – Create A Tomcat-Specific User and User Group
It’s a bad idea to run Tomcat as the root user, especially if you’re going to be starting Tomcat automatically. It’s much more secure to create a new group and user specifically to run Tomcat. You can do so with the following commands (in this example, we have created a user group named tomcat, and a user named tomcat with the password tomcat; you can certainly be more creative if you wish):
$ groupadd tomcat
$ useradd -s /sbin/nologin -g tomcat -d /path/to/tomcat tomcat
or
$ useradd -r -s /sbin/nologin tomcat-r for system user
$ passwd tomcat
-r, –system
Create a system account.
System users will be created with no aging information in /etc/shadow, and their
numeric identifiers are chosen in the SYS_UID_MIN-SYS_UID_MAX range, defined in
/etc/login.defs, instead of UID_MIN-UID_MAX (and their GID counterparts for the
creation of groups).
Note that useradd will not create a home directory for such an user, regardless
of the default setting in /etc/login.defs (CREATE_HOME). You have to specify the
-m options if you want a home directory for a system account to be created.
-s, –shell SHELL
The name of the user’s login shell. The default is to leave this field blank,
which causes the system to select the default login shell specified by the SHELL
variable in /etc/default/useradd, or an empty string by default.
Esample:
useradd -m -d /home/thenewuser -s /bin/bash -c "the new user" -U thenewuser
-c “message” : extra information about the user.
-U thenewuser : Create a group with the same name as the user, and add the user to this group.
-N : the -N argument tells the system not to create a group having the user’s name
-m, –create-home are same: Create the user’s home directory if it does not exist.
-d, –home HOME_DIR : The new user will be created using HOME_DIR as the value for the user’s login directory.
if -d is not used the default homedirectory will be /home/thenewuser
-m -d /data/thenewuser : the -m argument creates the /data/thenewuser homedirectory, specified by the -d argument.
-M : the -M argument tells the system not to create a home directory
-s /bin/bash : the -s is used for specifing the user’s default shell, /bin/bash in this case.
-s or –shell are same.
-s /sbin/nologin : The /sbin/nologin for Fedora and /usr/sbin/nologin for Debian are two shells that return you a polite message like “this account is not available” and do not allow you to log into the system. This message can be customized.
-s /bin/false : Is an old shell used to deny a user’s login. The /bin/false exits immediatly when false exists. The user accounts with /bin/false or /bin/true as their default shells are locked.
-s /sbin/nologin belongs to unix-linux while /bin/false part of GNU Coreutils. These shells must be listed in the /etc/shells file, to work.
The users with /sbin/nologin (or /usr/sbin/nologin) can connect through ssh or ftp, but the users with /bin/false are completely locked out from the system.
with useradd -D : You can also view the default parameters set for new user to be created using
# useradd -D
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
#Step 2 – Adjust Ownership For New Users And Groups
Now that you have created a user to run Tomcat, you’ll need to give them access to the correct directories. Use the following commands, substituting your own usernames and groups as necessary:
# chown -R tomcat.tomcat /path/to/tomcat
# chmod 775 /path/to/tomcat/webapps
The first gives ownership of the Tomcat directories to the Tomcat user, and the second gives the user write access for the webapps directory.
Step 3 – Relay Traffic For Non-Root Tomcat User
When running Tomcat as a user other than the root user, you will not be able to bind to port 80, which is where Tomcat listens for HTTP requests. To get around this, you can use Netfilter, which is packaged with all major Linux distributions:
# iptables -t nat -I PREROUTING -p tcp –dport 80 -j REDIRECT –to-ports 8080
# iptables -t nat -I OUTPUT -p tcp –dport 80 -j REDIRECT –to-ports 8080
To preserve these rules through re-boot, save them with the “ip-tables-save” command, and then follow the procedure appropriate for your Linux distribution (for most distributions, this means editing the iptables init script; Debian users should load the configuration via a script called by if-up.d or pre-up.d).
Step 3 – Create A Custom init Script
To start Tomcat at Linux boot time, we’ll need to create an init script that calls the startup.sh and shutdown.sh scripts included with Tomcat.
The actual creation of this script is outside the scope of this article, but there are many useful resources available online. All you need to know in order to use the basic init script format to call Tomcat is how the startup.sh and shutdown.sh scripts work.
For more information about these scripts, visit our Tomcat Start page, which includes a simple, step-by-step guide to Tomcat’s three start-up shell scripts.
like :
chmod 774 /opt/apache-tomcat-8.0.12-1/ -Rf
export JAVA_OPTS=”-agentlib:hprof=cpu=samples,file=/var/log/cpuTest.log”
#/opt/apache-tomcat-8.0.12-2/bin/startup.sh
TOMCAT_OWNER=tomcat;
export TOMCAT_OWNER
CATALINA_HOME=/opt/apache-tomcat-8.0.12-2;
export CATALINA_HOME
/bin/su -s /bin/bash $TOMCAT_OWNER -c $CATALINA_HOME/bin/startup.sh
Restart Amavis Clamav Spamassassin
Create bootable USB stick from ISO in Mac OS X
Convert the ISO to UDRW format
Mac OS X provides all the tools needed to convert the ISO image to UDRW. The following command will convert the ISO image to the UDRW format.
hdiutil convert -format UDRW -o destination_file.img source_file.iso
You will notice that the destination_file.img from the command will create the file destination_file.img.dmg really. This is because the hdiutil program automatically adds the dmg file extension. This is not a problem as the file extension won’t affect the format of the image.
Prepare the USB stick
Check your USB stick and make a backup if there is any important data on it, as the next steps are going to delete everything on it.
To prepare the USb stick we are going to delete all the partitions on the stick and create an empty partition. To do this we need to know the device name of the USB stick. Open a terminal and execute the following command:
$ diskutil list
You will see a list of disks and partitions. The goal is to identify the USB stick in this output. Depending on your system configuration your output might look different from this one. This appears to show 3 physical discs but it does not. The /dev/disk1 is a virtual disk created because of the partition encryption (FileVault 2) I enabled in Mac OS X.
/dev/disk0 #: TYPE NAME SIZE IDENTIFIER 0: GUID_partition_scheme *500.1 GB disk0 1: EFI 209.7 MB disk0s1 2: Apple_CoreStorage 399.5 GB disk0s2 3: Apple_Boot Recovery HD 650.0 MB disk0s3 5: Apple_Boot Boot OS X 134.2 MB disk0s5 /dev/disk1 #: TYPE NAME SIZE IDENTIFIER 0: Apple_HFS MacOSX *399.2 GB disk1 /dev/disk2 #: TYPE NAME SIZE IDENTIFIER 0: GUID_partition_scheme *2.0 GB disk2 1: Microsoft Basic Data UNTITLED 1 2.0 GB disk2s1
As shown in the output above, the connected USB stick is a small 2.0 GB drive with a FAT partition on it. We are now going to remove this partition in the next step. For the following steps we will need the name of the disk which in this case is “/dev/disk2”.
With the following command the data on the disk (your USB stick) will be deleted!
$ diskutil partitionDisk /dev/disk2 1 "Free Space" "unused" "100%"
With this command the USB stick was re-partitioned to have 1 partition without formatting and 100% of the size of the stick. If you check it again with “diskutil list” you will see the changes already, also the USB stick will no longer be shown in the Finder.
Copy the image to the USB stick
Now we can copy the disk image we created to the USB stick. This is done via the dd(1)command. This command will copy the image to the disk (substitute the appropriate disk name for your USB stick here, as with the re-partitioning command):
$ sudo dd if=destination_file.img.dmg of=/dev/disk2 bs=1m
The dd command does not show any output before it has finished the copy process, so be patient and wait for it to complete.
$ diskutil eject /dev/disk2
To eject the USB stick, use the above command. After this is done, the bootable USB stick is ready to be used.
IspConfig migration from one server to other.
You need to backup /var/vmail, /var/www (or the place where you stored the websites), the ispconfig database, all mysql databases of the websites incl. the “mysql” database, the users and passwords in /etc/passwd and /etc/group. Make sure that you backup the directories with preserved permoissions.
We must backup:
c. /var/www (web content)
b. /var/vmail (mail content)
a. /etc/passwd and /etc/group (users)
d. MySQL databases (is it better to stop mysql and tar.gz the /var/lib/mysql?)
e. All /etc/
f. /var/log
MY migration script
#!/bin/bash
#database root password
export username=
export password=
NOW=$(date +”%d-%m-%Y”)
ssh root@IP_OLD rm -rf /root/BACKUP_SERVER/vmail.tar.gz
ssh root@IP_OLD tar -zcvf /root/BACKUP_SERVER/vmail.tar.gz /var/vmail
scp root@IP_OLD:/root/BACKUP_SERVER/vmail.tar.gz ./BACKUP_SERVER/
cd ./BACKUP_SERVER
tar -zxvf vmail.tar.gz
cd ..
rm -rf /var/vmail
mv ./BACKUP_SERVER/var/vmail /var/
ssh root@IP_OLD rm -rf /root/BACKUP_SERVER/www.tar.gz
ssh root@IP_OLD tar -zcvf /root/BACKUP_SERVER/www.tar.gz /var/www
scp root@IP_OLD:/root/BACKUP_SERVER/www.tar.gz ./BACKUP_SERVER/
cd ./BACKUP_SERVER
tar -zxvf www.tar.gz
cd ..
rm -rf /var/www
mv ./BACKUP_SERVER/var/www /var/
ssh root@IP_OLD rm -rf /root/BACKUP_SERVER/log.tar.gz
ssh root@IP_OLD tar -zcvf /root/BACKUP_SERVER/log.tar.gz /var/log
scp root@IP_OLD:/root/BACKUP_SERVER/log.tar.gz ./BACKUP_SERVER/
cd ./BACKUP_SERVER
tar -zxvf log.tar.gz
cd ..
rm -rf /var/log
mv ./BACKUP_SERVER/var/log /var/
ssh root@IP_OLD rm -rf /root/BACKUP_SERVER/opt.tar.gz
ssh root@IP_OLD tar -zcvf /root/BACKUP_SERVER/opt.tar.gz /var/opt
scp root@IP_OLD:/root/BACKUP_SERVER/opt.tar.gz ./BACKUP_SERVER/
cd ./BACKUP_SERVER
tar -zxvf opt.tar.gz
cd ..
rm -rf /var/opt
mv ./BACKUP_SERVER/var/opt /var/
NOW=”03-12-2017″
export NOW
array=(mydb1 mydb2)
for DATABASE in “${array[@]}”
do
export DATABASE
echo “BACKUP MYSQL OF $DATABASE for $NOW”
echo “COPY FILE”
scp root@IP_OLD:/root/BACKUP_SQL/$DATABASE$NOW.sql ./BACKUP_SQL/
echo “DROP DB $DATABASE”
mysql -u $username -p”$password” -e “DROP DATABASE IF EXISTS $DATABASE”
echo “CREATE DB $DATABASE”
mysql -u $username -p”$password” -e “CREATE DATABASE $DATABASE”
echo “RESTORE”
mysql -u $username -p”$password” $DATABASE < ./BACKUP_SQL/$DATABASE$NOW.sql
echo “FINE”
done
export password=”
export PGPASSWORD=”
array=( pgdb1 pgdb2 )
for DATABASE in “${array[@]}”
do
export DATABASE
echo “BACKUP POSTGRES OF $DATABASE for $NOW”
echo “COPY FILE”
scp root@IP_OLD:/root/BACKUP_SQL/$DATABASE$NOW.backup ./BACKUP_SQL/
dropdb –host 127.0.0.1 –port 5432 –username “postgres” –no-password $DATABASE
createdb –host 127.0.0.1 –port 5432 –username “postgres” –no-password $DATABASE
pg_restore –host 127.0.0.1 -U postgres -d $DATABASE –verbose ./BACKUP_SQL/$DATABASE$NOW.backup
done
