BlackBlog: Mart 2014

23 Mart 2014 Pazar

Disable user login to SSH on RHEL v6.3

1. Disable user login to SSH

Edit the configuration file ; /etc/ssh/sshd_config

To deny users called username1 username2 from logging in via SSH we add the following line to sshd_config file:

DenyUsers username1 username2

Restart the ssh daemon ; service sshd restart

To allow only users from logging in via SSH , we add the following line to sshd_config file:
This disables ssh logins for all other users

AllowUsers username1 username2

Restart the ssh daemon: service sshd restart

2. Disable SSH Root Login

vi /etc/ssh/sshd_config
find line #PermitRootLogin no
remove the # from the beginning of the parameter

Restart the ssh daemon: service sshd restart

3. Disable user login to SSH

vi /etc/passwd
in order for a user to disable ssh login :
Add the line for that user in passwd file; sshd:/sbin/nologin

22 Mart 2014 Cumartesi

Moving WAS dmgr profile from one server to another

1. Backup your old WAS configurations , profiles and install_directory before any changes

2. Transfer the backup files from old server to new server , into the directory /opt/

3. In new server , for profiles , work in /opt/IBM/WebSphere/AppServer/bin

For Dmgr01 profile ;

Run;

./manageprofiles.sh -restoreProfile -backupFile /opt/2.15Dmgr01profiles.zip

INSTCONFSUCCESS: Success: The profile was successfully restored.

Now the restoration of Dmgr01 profile completed successfully.

4. Don't start the WAS processes, only start the wsadmin with jython scripting

Go to directory /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin in new server and run;

./wsadmin.sh -conntype NONE -lang jython

WASX7357I: By request, this scripting client is not connected to any server process. Certain configuration and application operations will be available in local mode.
WASX7031I: For help, enter: "print Help.help()"
wsadmin>

Now , wsadmin is started

5. Run the script ; AdminTask.changeHostName ('[-interactive]')

<<<<<<
*Node Name (nodeName): Node Name of the Profile
*Host Name (hostName): New host name
System Name (systemName): (optional)
Regenerate Certificates (regenDefaultCert):(optional)
>>>>>

wsadmin>AdminTask.changeHostName ('[-interactive]')
Change Host Name

Change the host name of a node

*Node Name (nodeName): CellManager01
*Host Name (hostName): was2
System Name (systemName): was1
Regenerate Certificates (regenDefaultCert):

Change Host Name

F (Finish)
C (Cancel)

Select [F, C]: [F] F
WASX7278I: Generated command line: AdminTask.changeHostName('[-nodeName CellManager01 -hostName was2 -systemName was1 ]')
''
wsadmin>

6. Save the changes with AdminConfig.save()

wsadmin>AdminConfig.save()
''
wsadmin>

7. Start the Deployment manager and then open the admin console to see the changes you made.

18 Mart 2014 Salı

Create local and http yum repositories (rhel6.3)

Purpose: Creating http based yum repo so that other servers on the local network can communicate with that and extract RPMs from it

1. Copy the content of the rhel 6.3 dvd into hard drive of the server . (I copy all its content on to directory /opt/yumrepository/rhel63 )

# find /opt/yumrepository/rhel63 -name *.rpm | wc -l

2. change the working directory to /opt/yumrepository/rhel63/Packages and install the following rpms

rpm -ivh deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm
rpm -ivh python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm
rpm -ivh createrepo-0.9.8-5.el6.noarch.rpm

3. To create the metadata we run createrepo . in the repo directory (/opt/yumrepository )

[root@yum1 yumrepository]# createrepo .
1341/3653 - rh63/Packages/libconfig-1.3.2-1.1.el6.i686.rpm
iso-8859-1 encoding on Ville Skyttä <ville.skytta@iki.fi> - 2.8.2-2

3653/3653 - rh63/Packages/gnome-media-libs-2.29.91-6.el6.i686.rpm
Saving Primary metadata
Saving file lists metadata
Saving other metadata
[root@yum1 yumrepository]# ls
repodata rh63
[root@yum1 yumrepository]#

4. Configure yum to communicate with the metadata

[root@yum1 repodata]# cd /etc/yum.repos.d/

Create the repo ; rh63.repo

[root@yum1 yum.repos.d]# vi rh63.repo

and add the following content then save it

[rh63]
gpgcheck=1
name=rh63.repo
baseurl=file:///opt/yumrepository

5. The repository is GPG Signed (gpgcheck=1) , therefore install GPG key came with RHEL DVD

[root@yum1 rh63]# rpm --import /opt/yumrepository/rh63/RPM-GPG-KEY-redhat-release /opt/yumrepository/rh63/RPM-GPG-KEY-redhat-beta

6. Check it is working or not

[root@yum1 yum.repos.d]# yum list gcc.x86_64
Loaded plugins: product-id, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Available Packages
gcc.x86_64 4.4.6-4.el6 rh63
[root@yum1 yum.repos.d]#

6. To create HTTP based YUM repository ; the repository server will serve via apache httpd , so install it

[root@yum1 rh63]# yum install httpd
[root@yum1 rh63]# chkconfig httpd on
[root@yum1 rh63]# service httpd start
Starting httpd: httpd: apr_sockaddr_info_get() failed for yum1
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
[ OK ]
[root@yum1 rh63]#

7. Configure Apache to serve data

[root@yum1 rh63]# cd /etc/httpd/conf.d/
[root@yum1 conf.d]# vi yumrepository.conf

Add the Alias

Alias /yumrepository/ "/opt/yumrepository/"

8.

[root@yum1 ~]# service httpd reload
Reloading httpd:
[root@yum1 ~]#

9.

[root@yum1 ~]# yum install lynx.x86_64

10. Check with lynx

[root@yum1 ~]# lynx http://localhost/yumrepository/repodata/repomd.xml

11. Disable file based repo using parameter enabled=0 in order to activate web based repo

[root@yum1 ~]# vi /etc/yum.repos.d/rh63.repo
[root@yum1 ~]# cat /etc/yum.repos.d/rh63.repo
[rh63]
enabled=0
gpgcheck=1
name=rh63.repo
baseurl=file:///opt/yumrepository
[root@yum1 ~]#

12. Create new HTTP repo

[root@yum1 ~]# vi /etc/yum.repos.d/rh63web.repo
add

[rh63web]
gpgcheck=1
name=rh63web.repo
baseurl=http://localhost/yumrepository/

[root@yum1 ~]# cat /etc/yum.repos.d/rh63web.repo
[rh63web]
gpgcheck=1
name=rh63web.repo
baseurl=http://localhost/yumrepository/

13.

[root@yum1 ~]# yum clean all
Loaded plugins: product-id, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Cleaning repos: rh63web
Cleaning up Everything
[root@yum1 ~]#

14.

[root@yum1 ~]# yum repolist all
Loaded plugins: product-id, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
rh63web | 1.3 kB 00:00
rh63web/primary | 1.7 MB 00:00
rh63web 3653/3653
repo id repo name status
rh63 rh63.repo disabled
rh63web rh63web.repo enabled: 3,653
rhel-source Red Hat Enterprise Linux 6Server - x86_64 - Source disabled
rhel-source-beta Red Hat Enterprise Linux 6Server Beta - x86_64 - Source disabled
repolist: 3,653
[root@yum1 ~]#

15. Go to another machine on the local network and check

[root@was2 yum.repos.d]# cd /etc/yum.repos.d/

Create the repo ;

[root@was2 yum.repos.d]# vi rh63web.repo

change localhost with 192.168.2.17 which is the ip of the http based yum repository server

Add this content ;

[rh63web]
gpgcheck=1
name=rh63web.repo
baseurl=http://192.168.2.17/yumrepository/
enabled=1

16.

[root@was2 yum.repos.d]# yum list gcc*
Loaded plugins: product-id, refresh-packagekit, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
rh63web | 1.3 kB 00:00
rh63web/primary | 1.7 MB 00:00
rh63web 3653/3653
Available Packages
gcc.x86_64 4.4.6-4.el6 rh63web
gcc-c++.x86_64 4.4.6-4.el6 rh63web
gcc-gfortran.x86_64 4.4.6-4.el6 rh63web
gcc-gnat.x86_64 4.4.6-4.el6 rh63web
gcc-java.x86_64 4.4.6-4.el6 rh63web
gcc-objc.x86_64 4.4.6-4.el6 rh63web
gcc-objc++.x86_64 4.4.6-4.el6 rh63web
[root@was2 yum.repos.d]#

17 Mart 2014 Pazartesi

Configure and Enable Java SDK 7 on WAS 8.5

You can switch the java level by using the managesdk command. The executable for the managesdk command is located in the bin directory of your application server.
For example: /opt/IBM/WebSphere/AppServer/bin

Use this command to view the available Java products:
./managesdk.sh -listAvailable

Use this command to view the available Java products with detail information:
./managesdk.sh -listAvailable -verbose

Use this command to set the command default to the version 7.0 SDK:
./managesdk.sh -setCommandDefault -sdkname 1.7_64

Use this command to set the new profile default to version 7.0 SDK:
./managesdk.sh -setNewProfileDefault -sdkname 1.7_64

If profiles already exist, use this command to enable the profiles to use the version 7.0 SDK:
./managesdk.sh -enableProfileAll -sdkname 1.7_64 -enableServers

Note:
To change federated profiles in a Network Deployment installation, the deployment manager must be running. The managesdk command updates the master configuration repository.
After the command runs, a synchronization operation must occur before the new SDK can be used for federated profiles.

9 Mart 2014 Pazar

Local yum repository oluşturmak rhel6.4

1. Tüm rhel6.4 dvd içeriğini /opt/yumrepository dizinine kopyalarız.
2. /opt/yumrepository/Packages dizinine giderek sırayla aşağıdaki paketleri yükleriz

rpm -ivh deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm
rpm -ivh python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm
rpm -ivh createrepo-0.9.9-17.el6.noarch.rpm

3. /etc/yum.repos.d/ dizinine giderek localyum.repo dosyası oluşturulur , içine aşağıdaki içerik yazılır.

[localyum]
name=yumrepo
baseurl=file:///opt/yumrepository
gpgcheck=0
enabled=1

4. createrepo -v /opt/yumrepository
yum clean all
yum update

5. yum list gcc*