Archive for January, 2014

17
Jan

PowerDNS pdns

   Posted by: admin    in Mẹo vặt của hiếu râu

wget http://downloads.powerdns.com/releases/pdns-3.3.1.tar.gz

tar -zxvf pdns-3.3.1.tar.gz

cd pdns-3.3.1

./configure –with-modules=”gmysql” –without-lua

make && make install

vi /usr/local/etc/pdns.conf

launch=gmysql

#gmysql-host=127.0.0.1

gmysql-socket=/var/run/mysql/mysql.sock

gmysql-user=xxx

gmysql-dbname=pdns

gmysql-password=xxx

——– SQL ———

CREATE TABLE `records` (

`id` int(11) NOT NULL AUTO_INCREMENT,

`domain_id` int(11) DEFAULT NULL,

`name` varchar(255) DEFAULT NULL,

`type` varchar(10) DEFAULT NULL,

`content` varchar(64000) DEFAULT NULL,

`ttl` int(11) DEFAULT NULL,

`prio` int(11) DEFAULT NULL,

`change_date` int(11) DEFAULT NULL,

PRIMARY KEY (`id`),

KEY `nametype_index` (`name`,`type`),

KEY `domain_id` (`domain_id`)

) ENGINE=InnoDB AUTO_INCREMENT=7 DEFAULT CHARSET=latin1

CREATE TABLE `domains` (

`id` int(11) NOT NULL AUTO_INCREMENT,

`name` varchar(255) NOT NULL,

`master` varchar(128) DEFAULT NULL,

`last_check` int(11) DEFAULT NULL,

`type` varchar(6) NOT NULL,

`notified_serial` int(11) DEFAULT NULL,

`account` varchar(40) DEFAULT NULL,

PRIMARY KEY (`id`),

UNIQUE KEY `name_index` (`name`)

) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1

+—-+————–+——–+————+——–+—————–+———+

| id | name         | master | last_check | type   | notified_serial | account |

+—-+————–+——–+————+——–+—————–+———+

|  1 | macatung.com | NULL   |       NULL | NATIVE |            NULL | NULL    |

+—-+————–+——–+————+——–+—————–+———+

+—-+———–+——————-+——+——————————-+——-+——+————-+

| id | domain_id | name              | type | content                       | ttl   | prio | change_date |

+—-+———–+——————-+——+——————————-+——-+——+————-+

|  1 |         1 | macatung.com      | SOA  | localhost info@macatung.com 1 | 86400 | NULL |        NULL |

|  2 |         1 | macatung.com      | NS   | ns1.macatung.com              | 86400 | NULL |        NULL |

|  3 |         1 | macatung.com      | NS   | ns2.macatung.com              | 86400 | NULL |        NULL |

|  4 |         1 | www.macatung.com  | A    | 127.0.0.1                     |   120 | NULL |        NULL |

|  5 |         1 | mail.macatung.com | A    | 127.0.0.2                     |   120 | NULL |        NULL |

|  6 |         1 | macatung.com      | MX   | mail.macatung.com             |   120 |    5 |        NULL |

+—-+———–+——————-+——+——————————-+——-+——+————-+

pdns_server –daemon=no
pdns_server –daemon=yes
zone2sql –named-conf=/etc/named.conf –gmysql
=========== CENTOS 6 ===============
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum install pdns pdns-backend-mysql
11
Jan

apache mod proxy

   Posted by: admin    in Mẹo vặt của hiếu râu

ProxyPass /g2auth http://127.0.0.1:808/g2auth

ProxyPreserveHost On

——————————————-

ProxyPass /cacti http://192.168.205.1/cacti

ProxyPassReverse /cacti http://192.168.205.1/cacti

ProxyPass /nagios http://192.168.205.1/nagios

ProxyPassReverse /nagios http://192.168.205.1/nagios

2
Jan

PAM on Slackware

   Posted by: admin    in Mẹo vặt của hiếu râu

mount -o loop slackware1337.iso /mnt

installpkg /a/ap/l/d/n/*.txz

cd /mnt/extra/source/pam

./pam.SlackBuild

installpkg /tmp/pam-1.1.3-x86_64-1.txz

——————-

cp -R /mnt/source/a/shadow /tmp/shadow

cd /tmp/shadow

edit shadow.SlackBuild

insert “read -p ‘Modify code now. Enter when complete…’” before ./configure

./shadow.SlackBuild

When asked for Modify code, open new ssh session, modify code on /tmp/shadow-4.1.4.3/libmisc/chkname.c

save / close ssh session

press Enter on other ssh session

removepkg shadow

installpkg /tmp/shadow-4.1.4.3-x86_64.txz

cd /etc/pam.d

root@slax:/etc/pam.d# cat login

#%PAM-1.0

auth            include         common-auth

account         include         common-account

password        include         common-password

session         include         common-session

root@slax:/etc/pam.d# cat common-auth

auth            sufficient      pam_unix.so

auth            required        pam_deny.so

root@slax:/etc/pam.d# cat common-account

account         sufficient      pam_unix.so

account         required        pam_permit.so

root@slax:/etc/pam.d# cat common-password

password        sufficient      pam_unix.so

password        required        pam_deny.so

root@slax:/etc/pam.d# cat common-session

session         sufficient      pam_mkhomedir.so skel=/etc/skel umask=0022

session         sufficient      pam_unix.so

session         required        pam_deny.so

root@slax:/etc/pam.d#login

edit /etc/login.defs , comment (#) out warnings

root@slax:/etc/pam.d# cat sshd

#%PAM-1.0

auth       required     pam_google_authenticator.so try_first_pass forward_pass secret=${HOME}/otp/.google_authenticator

auth            required      pam_unix.so use_first_pass

#auth            include         common-auth

account         include         common-account

password        include         common-password

session         include         common-session

root@slax:/etc/pam.d# cat su

#%PAM-1.0

auth            sufficient      pam_rootok.so

auth            include         common-auth

account         include         common-account

password        include         common-password

session         include         common-session

root@slax:/etc/pam.d# cat passwd

#%PAM-1.0

auth            include         common-auth

account         include         common-account

password        include         common-password

session         include         common-session

root@slax:/etc/pam.d# cat useradd

#%PAM-1.0

auth            sufficient      pam_rootok.so

account         required        pam_permit.so

password        include         common-password

———————-

open-ssh, edit slackBuid, replace –without-pam with –with-pam, edit sshd_config , UsePAM yes

# cat /etc/pam.d/sshd

#%PAM-1.0

auth       sufficient   pam_radius_auth.so

account    required     pam_unix.so

account    required     pam_permit.so

password   sufficient   pam_unix.so

password   required     pam_deny.so

session    sufficient   pam_unix.so

session    required     pam_deny.so

slackware 14.1 http://www.slackware.com/~vbatts/pam/