Archive for June, 2004

Protecting configuration files

Wednesday, June 30th, 2004

When you update packages in your Gentoo Linux system you should be careful to avoid the configuration files to be overriden by new ones during the emerge process. To protect the configuration files in your system portage provides a feature called config file protection.

Take a look at /etc/make.globals and find out the CONFIG_PROTECT variable. This variable contains a list of protected directories and it will look something like:

CONFIG_PROTECT=”/etc /usr/share/config”

Simply add your protected directories separated by white spaces. Now new files will not override existing files installed in a protected directory, instead they will be renamed as ._cfg0000_blah. In addition etc-update is available to assist you while merging these files.

Note that portage will not delete files in protected directories when a package is unmerged.

References:

  • emerge -h config
  • man etc-update

Posted in Linux Gentoo | No Comments »

Gracefully restarting Apache

Monday, June 14th, 2004

When you restart your Apache by issuing…

apachectl restart

or

/etc/init.d/apache restart

the httpd daemon is stopped and started again closing currently open connections.

There is a way to restart Apache’s http daemon keeping current connections opened. Simply type:

apachectl graceful

This is useful if you changed the httpd.conf configuration file and want Apache to re-read it keeping connections.

Posted in Apache | 1 Comment »

OpenSSH: port forwarding during active sessions

Tuesday, June 8th, 2004

Imagine you are logged into a remote system and want to forward a local port to the remote system without logging out and logging in again. This little trick will tell you how to do this.

According to OpenSSH man pages:

Escape Characters
When a pseudo terminal has been requested, ssh supports a number of
functions through the use of an escape character.
....

The supported escapes (assuming the default `~') are:
.....

~C Open command line (only useful for adding port forwardings using
the -L and -R options)

.....

So, to add a local forward after logging into the remote system procede as follows:

ssh user@remote_host

Once logged in…

CR~C

Hit carriage return then ~ and the C and you’ll get a prompt where you could type something like this:

ssh> -L 8022:127.0.0.1:22
Forwarding port

Posted in Security | No Comments »

Lost Solaris password?

Monday, June 7th, 2004

If you forget your root password follow this procedure to erase the current password and specify a new one.

Let’s start by inserting the Solaris installation CD-ROM and then shutting down the system. Press…

Stop-A

This will bring you the OK prompt. Now type:

boot cdrom -s

and after a few minutes you will automatically be logged in as root in single user mode. It is possible that you get messages from your system claiming that some partitions were not cleanly unmounted. If this is the case check the partition as follows (assuming that your root partition is mounted on /dev/dsk/c0t0d0s0):

fsck -y /dev/dsk/c0t0d0s0

Now mount your root partition…

mount /dev/dsk/c0t0d0s0 /a

and edit /a/etc/shadow. Find root’s entry in this file and remove the second field (encrypted root password) so it looks like…

root::98765::::::

After making your change, save the file and reboot the system.

reboot

You are now able to log into the system without a password for root. So now use the passwd command to set root’s password.

Posted in Solaris | 1 Comment »