Srsbsns

this is Serious Business

Archive for category sysadmin

Commonly Used File Permissions

Mar 21

Posted by Boinst in sysadmin | No Comments

We need to use file permissions on servers, see? it’s good, hmmkay?

This page on wikipedia treats the subject in marvelous detail, but here’s a quick reference to the levels of permissions:

Quick Reference

Octal Symbolic English
0 no permission
1 –x execute
2 -w- write
3 -wx write and execute
4 r– read
5 r-x read and execute
6 rw- read and write
7 rwx read write and execute

Commands

To query file permissions, ls -l gives you the symbolic notation.

To set file permissions, use the chmod command. ” chmod -R 755 * ” for example, sets all children of the current location to world readable and executable.

Commonly Used Permissions

OK, now, the main point of this post is to document some of the commonly used combinations. Note that in all examples below, we’re setting the last two digits the same. This is because we’re only really designing for two users: us and them. We want us to have high permissions, and only give the minimum of permissions to them.

Octal Symbolic English
000 ———- no permissions
777 -rwxrwxrwx all permissions – careful!
755 -rwxr-xr-x read and execute – necessary for scripts on a webserver
644 -rw-r–r– read only – fine for non-executable static content – images and html files.
666 -rw-rw-rw- read and write, but no execute – good for if a web page needs to modify its own configuration files, but they don’t need to be executed

Commands

World Writable 777

chmod -R 777 *

Everyone can write. Some scripts may require these settings while installing themselves.

See Also

https://help.ubuntu.com/community/FilePermissions

Tags: , , , ,

Rackspace Backup

Feb 25

Posted by Boinst in sysadmin | No Comments

I’ve recently moved this blog to a virtual server hosted on Rackspace. Many things impress me about Rackspace, but the one thing I’m really excited about right now is the backup system. On our old managed shared hosting, HostGator, the few times we messed something up and needed to restore a full backup, we had to pay US$15 for the privilege. Now on Rackspace, I can do the same thing with a just a few clicks! Now whenever I update WordPress (for example), I make a manual backup through the rackspace management panel before proceeding, just in case I break something!

It’s this easy:

3 clicks to the backup settings

3 clicks to the backup settings

Now it’s just a matter of specifying a name for the backup, and clicking Save Backup.

Make a manual Backup

Make a manual Backup

While the backup is running, you’ll see an icon of a camera with a little grey clock overlay. When the backup is complete, the clock turns green. On my 10GB VM, this took less than a minute.

Backup in Progress

Backup in Progress

Once the backup is ready, restoring it is just as easy. Just select the backup you want to restore and click Restore Selected.

Backup Ready

Restoring a Backup

Absolutely no sweat! Thankyou Rackspace! The official Rackspace Blog also discusses a WordPress plugin for backing up WordPress files and database to storage on EC2. That’s something I’ll have to try out next! After all, this is Serious Business.

Tags: ,

Join a uBuntu client to a Windows Active Directory Domain

Feb 25

Posted by Boinst in sysadmin | No Comments

Why would you want to add a uBuntu client to a Windows Active Directory Domain? I got to this point because I was unable to resolve by uBuntu servers by name.

ping beans
Ping request could not find host beans. Please check the name and try again.

Well, I never completely solved this problem, but I did work around it by adding my uBuntu servers to my domain. Then, although I still cannot resolve beans, I can now ping beans.mydomain.internal. And, it was really easy to do with a neat piece of OSS called Likewise Open.

sudo apt-get update
sudo apt-get install likewise-open
sudo domainjoin-cli join mydomain.internal Administrator
sudo update-rc.d likewise-open defaults
sudo /etc/init.d/likewise-open start

Where mydomain.internal is the domain you want to add the computer too, and Administrator is the user who has the rights to add a computer to the domain.

I rebooted at this point, but I’m told it’s not necessary to do so.

H:\>ping beans.mydomain.internal

Pinging beans.mydomain.internal [192.168.0.30]
Reply from 192.168.0.30: bytes=32 time<1ms TTL=64
Reply from 192.168.0.30: bytes=32 time<1ms TTL=64
Reply from 192.168.0.30: bytes=32 time<1ms TTL=64
Reply from 192.168.0.30: bytes=32 time<1ms TTL=64

It works!

Tags: , , , ,