Archive for December, 2014

2014 in review

Posted: December 30, 2014 in other

The stats helper monkeys prepared a 2014 annual report for this blog.

Here’s an excerpt:

A San Francisco cable car holds 60 people. This blog was viewed about 1,200 times in 2014. If it were a cable car, it would take about 20 trips to carry that many people.

Click here to see the complete report.

When you install PostgreSQL, by default connection to the database using TCP/IP is not allowed.

When you try to connect from a client to a remote PostgreSQL database using psql command, you might get “psql: could not connect to server: Connection refused” error message

For example:
# psql -U postgres -h
psql: could not connect to server: Connection refused
        Is the server running on host "" and accepting
        TCP/IP connections on port 5432?

To enable TCP/IP connection for PostgreSQL database, you need to follow the two steps mentioned below:

1. Modify pg_hba.conf to add Client Authentication Record:

On the PostgreSQL database server, by default, you’ll notice the following records towards the end of the /var/lib/pgsql/data/pg_hba.conf or /var/lib/pgsql/9.3/data/pg_hba.conf

As indicated below, it accepts connections only from the localhost.

# IPv4 local connections:
host    all         all          trust

Add the following line to the pg_hba.conf server.If you want to allow connection from multiple client machines on a specific network, specify the network address here in the CIDR-address format.

# vi /var/lib/pgsql/9.3/data/pg_hba.conf
host all all trust

2. Change the Listen Address in postgresql.conf

On the PostgreSQL database server, by default, the listen address will be localhost in the postgresql.conf file as shown below.

grep listen /var/lib/pgsql/9.3/data/postgresql.conf
#listen_addresses = ‘localhost’ # what IP address(es) to listen on;

Modify this line and give *. If you have multiple interfaces on the server, you can also specify a specific interface to be listened.

grep listen /var/lib/pgsql/9.3/data/postgresql.conf
listen_addresses = ‘*’ # what IP address(es) to listen on;

3. Test the Remote Connection

$ psql -U postgres -h
psql (9.3.5)
Type "help" for help.

Also, if you don’t want to specify the hostname in the command line parameter every time, you can setup the remote PostgreSQL database ip-address in PGHOST environment variable name as shown below.

$ export PGHOST=
$ psql -U postgres
psql (9.3.5)
Type "help" for help.


Posted: December 5, 2014 in Databases

PostgreSQL is a open source object-relational, highly scalable, SQL compliant database management system. PostgreSQL is developed at the University of California at Berkeley Computer Science Department.

Step 1: Add PostgreSQL Yum Repository
CentOS/RHEL 6, 64-Bit:
# rpm -Uvh
Step 2: Install PostgreSQL Server
# yum install postgresql93-server postgresql93
Step 3: Initialize PGDATA
After installing PostgreSQL server, It’s required to initialize it before using first time. To initialize database use below command
# /etc/init.d/postgresql-9.3 initdb
Initializing database: [ OK ]
PostgreSQL data directory Path: /var/lib/pgsql/9.3/data/
Step 4: Start PostgreSQL Server
[root@fenige_db1 ~]# service postgresql-9.3 start
Starting postgresql-9.3 service: [ OK ]
# chkconfig postgresql-9.3 on
Step 5: Verify PostgreSQL Installation
# su – postgres
Use psql command to access PostgreSQL prompt with admin privileges.
[root@localhost ~]# su – postgres
-bash-4.1$ psql
psql (9.3.5)
Type “help” for help.
-bash-4.1$ createuser redmoon
-bash-4.1$ createdb mydb
-bash-4.1$ psql
psql (9.3.5)
Type “help” for help.
postgres=# alter user redmoon with encrypted password ‘centos’;
postgres=# grant all privileges on database mydb to redmoon;
[redmoon@fenige_db1 ~]$ psql -d mydb -U redmoon -W
Password for user redmoon:
psql (9.3.5)
Type “help” for help.
I have created moon user and created mydb databases. And provide previleges to moon
Also created the username master and blaster. And able to access the databases.
For example:
[root@localhost]# su – master
[master@localhost ]$ psql -d postgres
psql (9.3.5)
Type “help” for help.

I have set the necessary roles to the users master and blaster.

postgres=# ALTER USER master WITH SUPERUSER;

postgres=# ALTER USER blaster WITH SUPERUSER;



postgres=# \du
List of roles
Role name | Attributes | Member of
master | Superuser, Create role, Create DB | {}
blaster | Superuser, Create role, Create DB | {}
postgres | Superuser, Create role, Create DB, Replication | {}
moon | Create role, Create DB | {}

Subversion (SVN) is an open source version control system. It helps you keep track of a collection of files and folders.

Step 1: Install Apache/PHP Packages

We need to install apache web server to access svn server using http urls.

# yum install httpd php php-devel php-cli php-pear

Start Apache web server and setup to auto start on system boot

# service httpd restart
# chkconfig httpd on

Step 2: Install Subversion Using Yum

Use following command to install subversion and mod_dav_svn packages.

# yum install mod_dav_svn subversion

Step 3: Configure Subversion with Apache

Subversion creates an apache configuration file, we just need to make necessary changes to it.

# vim /etc/httpd/conf.d/subversion.conf
LoadModule dav_svn_module modules/
LoadModule authz_svn_module modules/

<Location /svn>
DAV svn
SVNParentPath /var/www/svn
AuthType Basic
AuthName “Subversion User Authentication ”
AuthUserFile /etc/svn-users
Require valid-user
Step 4: Create First SVN Repository

Use following command to create your fist svn repository.

# cd /var/www/svn
# svnadmin create myrepo
# chown -R apache.apache myrepo
Step 5: Add SVN Users

# htpasswd -cm /etc/svn-users user1

Step 6: Access Your Repository in Browser

Use http urls to access your repository in browser. It will prompt for authentication. Use login credentials created in Step 5.


[root@localhost]# elinks http://your_ip_address/svn/myrepo or use in your fav browser.


Jenkins on CentOS

Posted: December 5, 2014 in Open source

In a nutshell Jenkins CI is the leading open-source continuous integration server. Built with Java, it provides 1009 plugins to support building and testing virtually any project.

First we need to set up the repository as follows:
$ sudo wget -O /etc/yum.repos.d/jenkins.repo \
$ sudo rpm –import
Next we need to check java is installed or not.
Next, we can install the package as shown here:
$ sudo yum install jenkins
This will install the latest version of Jenkins into the /usr/lib/jenkins directory. The default Jenkins home directory will be in /var/lib/jenkins.

Now we can start Jenkins using the service command:
$ sudo service jenkins start
By deafult jenkins listen 8080 port. But here we want to change to some other port.
Initially the jenkins will not start, when Installing Jenkins on CentOS:

[root@fenige_www_dev ~]# service jenkins status
jenkins dead but pid file exists
Change it from JENKINS_AJP_PORT=”8009″ OR whatever value to JENKINS_AJP_PORT=”-1″
It will work for sure.
Login as:
Created logins:
Username: test
Password: secret
Standard Security Setup:
The most common set up — let Jenkins maintain its own user database
Initial steps
1. Go to the Configure Global Security screen and choose “enable security”.
2. Select “Jenkins’s own user database” as the security realm.
3. Place a check mark next to “Allow users to sign up”
4. Select “Matrix-based security” as the authorization
5. Give anonymous user the read access
6. In the text box below the table, type in your user name (you’d be creating this later) and click “add”
7. Give yourself a full access by checking the entire row for your user name
8. Scroll all the way to the bottom, click “save”
At this point, you’ll be taken back to the top page, and Jenkins is successfully secured.
Restart Jenkins (service jenkins restart)
Now you need to create an user account for yourself.

a. Click “login” link at the top right portion of the page
b. Choose “create an account”
c. Use the user name you’ve used in the above step, and fill in the rest.

Tomcat in centos

Posted: December 5, 2014 in Open source

Step 1: Verify JAVA
JAVA is the first requirement of Tomcat installation. Use following command to check if you have java installed already on your system.
[server@localhost ~]$ java -version
java version “1.8.0_25”
Java(TM) SE Runtime Environment (build 1.8.0_25-b17)
Java HotSpot(TM) 64-Bit Server VM (build 25.25-b02, mixed mode)
Tomcat 8.0 is designed to run on Java SE 7 and later.

Step 2: Download and Extract Tomcat Archive
# cd /opt
# wget
# tar apache-tomcat-8.0.15.tar.gz

Step 3: Setup Environment Variable
Before starting Tomcat, Configure environment variables using following commands.
# echo “export CATALINA_HOME=\”/opt/apache-tomcat-8.0.15\”” >> ~/.bashrc
# source ~/.bashrc

Step 4: Start Tomcat Service
# cd apache-tomcat-8.0.15
# ./bin/
[redmoon@fenige_www_dev apache-tomcat-8.0.15]$ sudo ./bin/
Using CATALINA_BASE: /opt/apache-tomcat-8.0.15
Using CATALINA_HOME: /opt/apache-tomcat-8.0.15
Using CATALINA_TMPDIR: /opt/apache-tomcat-8.0.15/temp
Using JRE_HOME: /usr
Using CLASSPATH: /opt/apache-tomcat-8.0.15/bin/bootstrap.jar:/opt/apache-tomcat-8.0.15/bin/tomcat-juli.jar
Tomcat started.

Step 5: Access Tomcat in Browser

Step 6: Setup User Accounts
Finally we need to create user accounts to secure and access admin/manager pages. Edit conf/tomcat-users.xml file in your editor and paste inside <tomcat-users> </tomcat-users> tags.

[root@localhost]# cat tomcat-users.xml
<?xml version=’1.0′ encoding=’utf-8′?>
<role rolename=”tomcat”/>

<role rolename=”manager-gui”/>

<role rolename=”admin-gui”/>

<user username=”test1″ password=”secret” roles=”manager-gui,admin-gui”/>
<user username= “test2″ password=”secret” roles=”manager-gui,admin-gui”/>
<user username=”test3″ password=”secret” roles=”admin-gui,manager-gui”/>

And its ready to use these users, you can restart the tomcat and access http://your_ip_address:8080/, click the manger app or host manger etc.

How to start tomcat at the system startup:
Create tomcat8 file in /etc/init.d/ like this:
#vi /etc/init.d/tomcat8
and paste following code:

export CATALINA_HOME=/your/path/here ( for eg: the path where my tomcat  is installed /opt/apache-tomcat-8.0.15 )
start() {
stop() {
case $1 in
start|stop) $1;;
restart) stop; start;;
*) echo “Run as $0 “; exit 1;;
And later modify /etc/init.d/tomcat8 file permissions:
#chmod 755 /etc/init.d/tomcat8
And we can start or stop the tomcat… 🙂

Java in centos

Posted: December 5, 2014 in Open source

Step 1: Download JAVA Archive
For 64Bit

# cd /opt/
# wget –no-cookies –no-check-certificate –header “Cookie:; oraclelicense=accept-securebackup-cookie” “;
# tar xzf jdk-8u25-linux-x64.tar.gz
Step 2: Install JAVA using Alternatives
# cd /opt/jdk1.8.0_25/
# alternatives –install /usr/bin/java java /opt/jdk1.8.0_25/bin/java 2
# alternatives –config java
There is 1 program that provides ‘java’.
Selection Command
*+ 1 /opt/jdk1.8.0_25/bin/java
Enter to keep the current selection[+], or type selection number: 1
At this point JAVA 8 has been successfully installed on your system. We also recommend to setup javac and jar commands path using alternatives
# alternatives –install /usr/bin/jar jar /opt/jdk1.8.0_25/bin/jar 2
# alternatives –install /usr/bin/javac javac /opt/jdk1.8.0_25/bin/javac 2
# alternatives –set jar /opt/jdk1.8.0_25/bin/jar
# alternatives –set javac /opt/jdk1.8.0_25/bin/javac
Step 3: Check Version of JAVA
Check the installed version of java using following command.
[server@localhost ~]$ java -version
java version “1.8.0_25”
Java(TM) SE Runtime Environment (build 1.8.0_25-b17)
Java HotSpot(TM) 64-Bit Server VM (build 25.25-b02, mixed mode)

Step 4: Setup Environment Variables
Most of java based application’s uses environment variables to work. Set the java environment variables using following commands
Setup JAVA_HOME Variable
# export JAVA_HOME=/opt/jdk1.8.0_25
Setup JRE_HOME Variable
# export JRE_HOME=/opt/jdk1.8.0_25/jre
Setup PATH Variable
# export PATH=$PATH:/opt/jdk1.8.0_25/bin:/opt/jdk1.8.0_25/jre/bin


Alfresco Software

Posted: December 5, 2014 in Open source

Alfresco is a free/libre enterprise content management system for Microsoft Windows and Unix-like operating systems. Alfresco comes in three flavors: Alfresco Community Edition is free software, LGPL licensed open source and open standards.

First download the alfresco from the following url:
And download the alfresco-community-4.2.c-installer-linux-x64.bin
Check the permission
#chmod a+x alfresco-community-4.2.c-installer-linux-x64.bin

Language Selection
Please select the installation language
[1] English – English
[2] French – Français
[3] Spanish – Español
[4] Italian – Italiano
[5] German – Deutsch
[6] Japanese – 日本語
[7] Dutch – Nederlands
[8] Russian – Русский
[9] Simplified Chinese – 简体中文
Please choose an option [1] : 1
Welcome to the Alfresco Community Setup Wizard.
Installation Type
[1] Easy – Installs servers with the default configuration
[2] Advanced – Configures server ports and service properties.: Also choose optional components to install.
Please choose an option [1] : 1
Installation folder
Please choose a folder to install Alfresco Community
Select a folder [/opt/alfresco-4.2.c]:
Admin Password
Please give a password to use for the Alfresco administrator account:
Admin Password: : admin
Repeat Password: : admin
Install as a service
You can optionally register Alfresco Community as a service. This way it will
automatically be started every time the machine is started.

Install Alfresco Community as a service? [Y/n]: n

Setup is now ready to begin installing Alfresco Community on your computer.
Do you want to continue? [Y/n]: y
Please wait while Setup installs Alfresco Community on your computer.
0% ______________ 50% ______________ 100%
Setup has finished installing Alfresco Community on your computer.
View Readme File [Y/n]: y
Launch Alfresco Community Share [Y/n]: y
waiting for server to start….README
Alfresco Community 4.2
For Enterprise subscribers, refer to for release
notes and detailed information on this release.
For Community members, refer to the Alfresco wiki for more information on this
Press [Enter] to continue : done
server started
/opt/alfresco-4.2.c/postgresql/scripts/ : postgresql started at port 5432
Using CATALINA_BASE: /opt/alfresco-4.2.c/tomcat
Using CATALINA_HOME: /opt/alfresco-4.2.c/tomcat
Using CATALINA_TMPDIR: /opt/alfresco-4.2.c/tomcat/temp
Using JRE_HOME: /opt/alfresco-4.2.c/java
Using CLASSPATH: /opt/alfresco-4.2.c/tomcat/bin/bootstrap.jar:/opt/alfresco-4.2.c/tomcat/bin/tomcat-juli.jar
Using CATALINA_PID: /opt/alfresco-4.2.c/tomcat/temp/
/opt/alfresco-4.2.c/tomcat/scripts/ : tomcat started

Now in the browser:
Username: admin
Password: secret

Translate to polish language:

This is very interesting part, please note that alfresco latest model ie 5.0. version will not allow to translate foreign language which is not present in language selection.

Get the language pack from the following url:

Download two jars using links above;
Copy these files to tomcat/shared/lib folder under your Alfresco installation directory;
Restart Alfresco
Change the web-browser language. If you are using google chrome, change the language translation to polish.

Bingo! 🙂

OpenVAS (Open Vulnerability Assessment System, the name of the fork originally known as GNessUs) is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution. All OpenVAS products are Free Software.


step 1: Configure OBS Repository
(as user root, only once)
echo “deb ./” >> /etc/apt/sources.list
apt-key add ./Release.key
sudo apt-get update
Step 2: Quick-Install OpenVAS
(as user root, only once)
apt-get -y install greenbone-security-assistant openvas-cli openvas-manager openvas-scanner openvas-administrator sqlite3 xsltproc rsync
To install support packages for report generation (downloads around 30 MB of additional packages):
apt-get -y install texlive-latex-base texlive-latex-extra texlive-latex-recommended htmldoc
To install support for autogenerated LSC credential packages:
apt-get -y install alien rpm nsis fakeroot
Step 3: Quick-Start OpenVAS
(copy and paste whole block as user root, during first time you will be asked to set a password for user “admin”)
test -e /var/lib/openvas/CA/cacert.pem || openvas-mkcert -q
test -e /var/lib/openvas/users/om || openvas-mkcert-client -n om -i
/etc/init.d/openvas-manager stop
/etc/init.d/openvas-scanner stop
openvasmd –rebuild
test -e /var/lib/openvas/users/admin || openvasad -c add_user -n admin -r Admin
killall openvassd
sleep 15
/etc/init.d/openvas-scanner start
/etc/init.d/openvas-manager start
/etc/init.d/openvas-administrator restart
/etc/init.d/greenbone-security-assistant restart
Step 4: Log into OpenVAS as “admin”
Open https://localhost:9392/.
Username: admin
Password: secret

OTRS, short for Open-source Ticket Request System, is an open-source (site) and free issue tracking system software package which a company, organization, or institution can use to assign tickets to incoming queries, thereby greatly facilitating the handling of support requests and other customer traffic. It is Perl based (not PHP), has no limitations and can be greatly extended, such as:
– SIRIOS, an incident and advisory system for CERT’s (Computer Emergency Response Teams),
– ITSM, an ITIL compliant IT Service Management Solution.


New Installation for UBUNTU:

We need to install it in a subdomain

1. mkdir -p /var/www/html/
2. Download otrs
3. tar xf otrs-3.3.10.tar.gz
4. mv otrs-3.0 otrs
5. useradd -r -d /var/www/html/ -c ‘OTRS user’ otrs
6. usermod -G nogroup otrs
7. cd otrs/Kernel/
8. cp
9. cd Config
10. cp
11. cd /var/www/html/
12. ./ –otrs-user=otrs –web-user=www-data –otrs-group=nogroup –web-group=www-data /var/www/html/
13. Reload the apache and mysql
14. Installation of Perl modules

OTRS needs some additional Perl modules. If you install OTRS from source, you will have to install these modules manually. This can be done either with the package manager of your Linux distribution (yast, apt-get) or, as described in this section, through the Perl shell and CPAN. If you’re using ActiveState Perl, for instance on Windows, you could use PPM, the built-in Perl Package Manager. We recommend using your package manager if possible.
you can check to see which Perl modules have failed by running the following:
cd /otrs/bin
sudo ./
The following command should fix the failed Perl modules.
sudo aptitude install liblwp-useragent-determined-perl libapache2-reload-perl libnet-smtp-ssl-perl libnet-smtp-tls-butmaintained-perl
You can/should verify that, at the very least, all required modules are listed as “ok”
There are a number of optional moduels that should prove to be useful (i.e. PDF functionality, LDAP connectivity, etc.) The following command will install Perl modules that will enable many useful features in OTRS.
sudo aptitude install libgd-gd2-perl libgd-graph-perl libgd-text-perl libjson-xs-perl libnet-dns-perl libyaml-libyaml-perl libpdf-api2-simple-perl libtext-csv-xs-perl libxml-parser-perl libmail-imapclient-perl libnet-ldap-perl
*Please note that this does not install ALL optional modules.

Crypt::Eksblowfish::Bcrypt…….Not installed! (optional – For strong password hashing.)
o Crypt::SSLeay………………..Not installed! (optional – Required for Generic Interface SOAP SSL connections.)
o Date::Format…………………ok (v2.24)
o DBI…………………………ok (v1.630)
o DBD::mysql…………………..ok (v4.025)
o DBD::ODBC……………………Not installed! (optional – Required to connect to a MS-SQL database.)
o DBD::Oracle………………….Not installed! (optional – Required to connect to a Oracle database.)
o DBD::Pg……………………..Not installed! (optional – Required to connect to a PostgreSQL database.)
o Encode::HanExtra……………..Not installed! (optional – Required to handle mails with several Chinese character sets.)
o GD………………………….ok (v2.46)
o GD::Text…………………..ok (v0.86)
o GD::Graph………………….ok (v1.44)
o IO::Socket::SSL………………ok (v1.965)
o JSON::XS…………………….ok (v2.34)
o List::Util::XS……………….ok (v1.27)
o LWP::UserAgent……………….ok (v6.05)
o Mail::IMAPClient……………..ok (v3.35)
o IO::Socket::SSL…………….ok (v1.965)
o ModPerl::Util………………..ok (v2.000008)
o Net::DNS…………………….ok (v0.68)
o Net::LDAP……………………ok (v0.58)
o PDF::API2……………………ok (v2.020)
o Compress::Zlib……………..ok (v2.060)
o Text::CSV_XS…………………ok (v1.02)
o Time::HiRes………………….ok (v1.9725)
o Time::Piece………………….ok (v1.20_01)
o XML::Parser………………….ok (v2.41)
o YAML::XS…………………….ok (v0.41


15. Execute also the two commands perl -cw bin/cgi-bin/ and perl -cw bin/ after changing into the directory /opt/otrs. If the output of both commands is “syntax OK”, your Perl is properly set up
root@web1:/var/www/html/ cd ..
root@web1:/var/www/html/ perl -cw bin/cgi-bin/
bin/cgi-bin/ syntax OK
root@web1:/var/www/html/zglos.yawal.comotrs/otrs# perl -cw bin/
bin/ syntax OK

16.root@web1:~# cp -va /opt/otrs/scripts/apache2-httpd.include.conf /etc/apache2/sites-available/otrs.conf
‘/opt/otrs/scripts/apache2-httpd.include.conf’ -> ‘/etc/apache2/sites-available/otrs.conf’

17.root@web1:/var/www/html/ ./ –otrs-user=otrs –web-user=www-data –otrs-group=www-data –web-group=www-data /var/www/html/
bin/ – set OTRS file permissions
Copyright (C) 2001-2014 OTRS AG,
Setting permissions on /var/www/html/
Setting permissions on /var/www/html/
Setting permissions on /var/www/html/*
Setting permissions on /var/www/html/
Setting permissions on /var/www/html/
18. Configuring the database:
If you use MySQL as the database back-end, you can use the OTRS web installer:
When the web installer starts, please follow the next steps to setup your system:
1. Check out the information about the OTRS offices and click on next to continue
2. Read the GNU Affero General Public License and accept it, by clicking the corresponding button at the bottom of the page.
3. Provide the username and password of the administrator, the DNS name of the computer which hosts OTRS and the type of database system to be used.
4. You will be notified if the check was successful. Press OK to continue
5. Create a new database user, choose a name for the database and click on ‘Next’
6. If the database and its user were successfully created, you will get a setup notification. Click ‘Next’ to go to the next screen.
7. Provide all the required system settings and click on ‘Next’
8. If you want, you can provide the needed data to configure your inbound and outbound mail, or skip this step by pressing the right button at the bottom of the screen
9. Restart the OTRS service now to use the new configuration settings
10. Congratulations! Now the installation of OTRS is finished and you should be able to work with the system
11. To log into the web interface of OTRS, use the address from your web browser. Log in as OTRS administrator, using the username ‘root@something’ and the password ‘secret’. After that you can configure the system for your needs.

Bingo! OTRS is Ready 🙂