Sync Server Folders Using rsync in Red Hat Enterprise 5

WARNING!!!

The instructions I'm giving below will open the receiving server to access from literally any source available on it's network to write any files to the particular folders you allow access to. THESE INSTRUCTIONS SHOULD ONLY BE USED ON SERVERS THAT ARE COMMUNICATING ON A SECURE LOCAL AREA NETWORK BEHIND A STRONG FIREWALL, NOT DIRECTLY OVER THE INTERNET! AGAIN, THESE INSTRUCTIONS SHOULD NOT BE USED ON A SERVER THAT IS CONNECTED DIRECTLY TO THE INTERNET! If you want to use these instruction to sync web servers, by all means do, it's what I use them for, just make sure your firewall only allows external (Internet) communication over ports 80 and 443 (if you need https) and specifically not TCP 873, since that is the port used by rsync. If you're running production-grade servers you should be using a strong NAT firewall anyway. If you aren't, I am available at a very decent rate to help secure your setup ;)

If you're like me and you work for a rather large website, at some point you're probably going to have to come up with a nifty way of syncronizing two or more servers in some sort of pool, whether it be for load balancing or some other high availability technique, or simply to keep an active archive on a backup server. The great part about using rsync is that even if you have a huge amount of data in the folder you want to syncronize, rsync is smart and knows only to sync that information which is new, so it can run often and quickly, and literally be able to keep a server syncronized to within about a minute using a cron script. This is not a perfect solution for all situations, but it works well in the situation I use it in, which is archiving flat content from a live, online server to an offline backup machine.

Required Packages:

  • rsync

If you need help installing a package, please read how to install packages using YUM.

Required Hardware:

  • at least two servers

Log in to each of the servers as root and install rsync.  We have to set up one machine to run rsync in daemon mode (as a service) so it can listen for requests from the other machine. Once rsync is installed on both servers, decide which you want the server daemon running on, switch into the /etc/ directory and create a file called rsyncd.conf:

cd /etc/
vi rsyncd.conf

Inside the file enter the following information. The settings below are for a standard installation of Red Hat ES 5 (CentOS 5, etc) running Apache 2 for syncing the default web root directory (/var/www/html/). You can change the path to suit your own needs.

[sync_web]
uid = apache
gid = apache
comment = Sync path for web servers
path = /var/www/
read only = false

Then add an entry at the end of the /etc/bashrc file to initialize rsync in daemon mode when the machine boots:

cd /etc/
vi bashrc

And add this line at the end of the file:

rsync --daemon

To initialize the syncronization, from the non-daemon machine run the command:

rsync -a /var/www/html *rsync_server*::sync_web

where *rsync_server* is the IP or hostname of the machine you just set rsync up on as a daemon. I suggest creating a shell script called by /etc/crontab every few minutes to run that command, that way the servers will stay syncronized by themselves to within minutes.

Share/Save/Bookmark

Set The Runlevel of a Service (Daemon) from the Command Line in Red Hat ES 5

To set the runlevel of a daemon (service) on the command line in Red Hat ES 5 (or CentOS 5, etc) you can use a simple command called chkconfig

To set a daemon to start on runlevels 2-5, which would be a "normal" start, you would use a command like this:

chkconfig --level 2345 *daemonname* on

And replace *daemonname* with the name of the daemon you want to have start, like httpd (Apache) or sendmail or any other daemon.

Share/Save/Bookmark

Sendmail as a Gateway to a LAN Mail Server

These are the steps involved in setting up a default installation of Sendmail (8.13.8) in Red Hat Enterprise Linux 5.1 (CentOS 5.1, etc) as a mail gateway from an external (public) address to an internet LAN (Local Area Network) mail server.

Required Packages:

  • sendmail
  • sendmail-cf

If you need help installing a package, please read how to install packages using YUM.

First off we're going to check that the /etc/hosts file is correct as Sendmail needs to determine the host name by this:

cat /etc/hosts
127.0.0.1 ux-mail.example.com ux-mail
localhost.localdomain localhost

By default Sendmail is listening on the loopback interface, which means it only allows mail to be sent from the server it is running on. Sendmail needs to be configured to listen on the NIC (Network Interface Card) as Sendmail needs to act as a server.

We have to edit /etc/mail/sendmail.mc to make Sendmail listen on the NIC. To make Sendmail skip a certain command, we have to add dnl (delete to new line) to the beginning of the line, since it will then be skipped by the M4 processor. In this case, we want to tell it to skip the command that binds it to the local loopback adapter by changing a line:

Change the line:

DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1,Name=MTA')

To:

dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1,Name=MTA')

Do the same to the following line to take precautions against spam by not accepting mail from a domain that doesn't exist:

Change the line:

FEATURE(`accept_unresolveble_domains')

To:

dnl FEATURE(`accept_unresolveble_domains')

Also, to forward all *@example.com mail to int-mail.example.com server, add the mailertable feature to the Sendmail configuration file (/etc/mail/sendmail.mc). Add this line towards the bottom, before any MAILER() calls:

FEATURE(`mailertable')

Rebuild the sendmail.cf file and restart Sendmail for the changes to take effect:
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

Edit the /etc/mail/access file and add the following lines to allow relaying messages from an example server (192.168.100.30) and an example domain (example.com), just make sure to change the IP address to your server's address, and the domain to your domain name:

localhost.localdomain RELAY
localhost RELAY
127.0.0.1 RELAY
192.168.100.30 RELAY
example.com RELAY

Then we need to convert the /etc/mail/access file to a Sendmail readable database using makemap:

cd /etc/mail
makemap hash access < access

Next we have to add a line to our mailertable file so sendmail knows where to relay the mail for domain. Edit /etc/mail/mailertable and add:

example.com smtp:[192.168.100.30] # My int-mail.domain.com server

Now we convert the /etc/mail/mailertable file to Sendmail readable database using makemap:

cd /etc/mail
makemap hash mailertable < mailertable

We have to make sure there is no example.com entry in our local host names file by running Sendmail in test mode and showing a list of domains it considers local:

sendmail -bt -C./sendmail.cf

Should return somthing like the following:

ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter

At the > prompt, enter the command:

> $=w

Which should return something like:

ux-mail.example.com
ux-mail
localhost.localdomain
localhost
[127.0.0.1]

Type /quit at the prompt to exit:

> /quit

Restart Sendmail to activate all the changes we've made:

service sendmail restart

And we're done!

Share/Save/Bookmark

Compiling an Oracle Instant Client (OCI8) PHP Module

These are the steps involved in creating a PHP module for Oracle Instant Client (OCI8) 1.2.5 (or higher) in Red Hat Enterprise Linux 5.1 or CentOS 5.1. in an x86-64 environment.

Required Packages:

  • gcc
  • glibc
  • httpd
  • libaio
  • make
  • php
  • php-devel
  • php-pear

If you need help installing a package, please read how to install packages using YUM.

32 bit users note: The instructions are exactly the same for a 32 bit OS, just change /client64/ to /client/ in all the commands below.

First things first, go to Oracle:

http://www.oracle.com/technology/software/tech/oci/instantclient/index.html

and download and install the RPM packages for Instant Client Package - Basic and Instant Client Package - SDK. An Oracle Technology Network username/password is required to download the files.

Note: As of writing this, the latest version of the Instant Client package available was 11.1.0.1. If you downloaded a newer (or older) version make sure the use those version numbers in the steps below.

 After downloading the packages, install them using the RPM command:

rpm -Uvh oracle-instantclient-basic-11.1.0.1-1.x86_64.rpm
rpm -Uvh oracle-instantclient-devel-11.1.0.1-1.x86_64.rpm

Once those packages are installed, switch into a temporary directory and enter the following commands to set the required environmental variables:

export LD_LIBRARY_PATH=/usr/lib/oracle/11.1.0.1/client64/
export ORACLE_HOME=/usr/lib/oracle/11.1.0.1/client64/

Also, add those lines to the end of /etc/bashrc so the variables stay effective after reboot.

Note: The following command is only necessary for users installing a version of OCI8 prior to 1.2.5. If you just downloaded the latest version, you can skip this step.

The SDK headers need to be copied into the client library so the compiler can find them:

cp /usr/include/oracle/11.1.0.1/client64/* /usr/lib/oracle/11.1.0.1/client64/lib/

Now comes a challenge that took me a little while to figure out. We want to install the OCI8 package from PEAR, however the package is too large (more than 8 mb) to be handled in memory by the standard PECL installer, so we need to perform an extra step. We're going to use PECL to download the OCI8 package:

pecl -v download oci8

in this case the downloaded file is called  oci8-1.2.5.tgz. Now we use PEAR to install it:

pear -v install oci8-1.2.5.tgz

It should scroll through a bunch of stuff making sure you have the proper software and packages installed on the machine. If everything is in order, it will prompt for the location of the Oracle client libraries. We're going to spcify that it use the Instant Client, and we're going to tell it the location of the libraries with the following line:

instantclient,/usr/lib/oracle/11.1.0.1/client64/lib

When the compilation is complete, you should receive the message "Build process completed successfully". To add the module to PHP, switch into the /etc/php.d/ directory and create a file called oci8.ini, and in it put:

extension=oci8.so

64 bit users installing a version of OCI8 prior to 1.2.5 note:

The module that we just created has to be moved into the 64 bit modules folder

cp /usr/lib/php/modules/oci8.so /usr/lib64/php/modules/

Now all we have to do is restart Apache:

service httpd restart

and take a look at phpinfo() and we should now see a section for OCI8. 

If you're getting an error like:

PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/oci8.so' - /usr/lib/oracle/11.1.0.1/client64/lib/libnnz11.so: cannot restore segment pret after reloc: Permission denied in Unknown on line 0

after compiling and installing an Oracle OCI8 module for PHP you might need to change your SELINUX settings to allow the execution of the oci8.so module or simply disable SELINUX altogether

Share/Save/Bookmark

Installing Packages Using YUM

These are the step invloved in installing an RPM based package automatically in Red Hat Enterprise Linux 5.1 (CentOS 5.1, etc) using the program YUM.

Required Packages:

  • yum

Most of the entries in this blog have a list of packages at the beginning that are required. Unless otherwise noted, the packages in the lists are all available via YUM (Yellowdog Updater Modified). Please see the documentation that came with your RHEL 5.1 or CentOS 5.1 distribution for installing YUM. Most likely, it's alreay installed on your system.

To install a program using YUM, all you really need to know is the name of the package, and a simple command. For instance, if you wanted to install the package 'httpd' (Apache) you would type:

yum install httpd

If you already have a version of Apache installed, and you want to upgrade it, you would type the command:

yum update httpd

If you want to remove (delete) a package, simply type:

yum remove httpd

For more information, please check out this link:

http://www.centos.org/docs/5/html/yum/

Share/Save/Bookmark