Fix different date between PHP and CentOS server

Odd thing happen today when I see big difference between date from PHP output and date from shell.

PHP output :

22-12-2015 06:15:43

Shell output :

# date
Sel Des 22 13:19:54 WIB 2015

7 hour difference.

A few checklist for this case :

  1. Copy right timezone to localtime

# cp /usr/share/zoneinfo/Asia/Jakarta /etc/localtime

2.  Add right timezone to php.ini

#nano /usr/local/lib/php.ini

date.timezone = “Asia/Jakarta”

3. Check sysconfig clock

# nano /etc/sysconfig/clock

change Zone to “Asia/Jakarta”

4. Check for hardware clock aka hwclock

# hwclock
Sel 22 Des 2015 06:34:40 WIB -0.707297 seconds

Done.

Fix Starting httpd: (98)Address already in use

Quick note for myself. Today I have to increase php upload maximum size in Centos server.

I got this error :

# /sbin/service httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd: (98)Address already in use: make_sock: could not bind to address [::]:80
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs
                                                           [FAILED]

 

Everything is fine and nothing change for configuration, the only strange is so many child process of apache.

# fuser 80/tcp
80/tcp:                398  1404  1546  2715  2762  2810  3750  4017  5110  5561  6714  7456  8079  8178  8179  8180  8665  8937  8938  8939  8947  8948  8949  8950  8951  8952  8953  8954  8955  8956  8959  8960  8977  8978  8979  9186 11382 13507 13547 13548 13574 13584 13587 13588 13589 14092 14570 15236 15742 20804 22014 23891 24560 24846 27136 27268 27269 27272 27996 29080 29268 29394 29395 29396 29803 30398 31883 32078 32555

Killall command is very suitable in this case :

# killall httpd

Try again :

# service httpd start
Starting httpd:                                            [  OK  ]

It works now 🙂

How to configure ssh access to virtualbox guest under NAT mode

Just quick note for my own 🙂

I need to ssh to my CentOS 6.6 box that run under Virtualbox with these steps :

1. NAT

Virtualbox will create private network using these address (10.0.2.xxx). Just set eth0 configuration to DHCP and everything will be set.

vbox_centos1

2.  Port forwarding setup to port 2222

Click Setting -> Network -> Port Forwarding

vbox_centos2

 

3. Test ssh connection

ssh root@127.0.1.1 -p 2222
The authenticity of host ‘[127.0.1.1]:2222 ([127.0.1.1]:2222)’ can’t be established.
RSA key fingerprint is ee:81:d0:da:7e:b4:fe:bc:cd:d7:93:e0:fc:c3:63:80.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘[127.0.1.1]:2222’ (RSA) to the list of known hosts.

root@127.0.1.1’s password:
Last login: Tue Jun 2 10:57:58 2015
[root@localhost ~]#

[root@localhost ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:1F:5E:0D
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe1f:5e0d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6410 errors:0 dropped:0 overruns:0 frame:0
TX packets:4175 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:9148159 (8.7 MiB) TX bytes:234084 (228.5 KiB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:600 (600.0 b) TX bytes:600 (600.0 b)

Of course the connection work on ‘temporary’ ip address. To make it permanent, editing /etc/sysconfig/ifcfg-eth0 needed to set ip address static.

Quick dns server for CentOS 7 minimal

Damn, this CentOS 7 minimal installation has taken my whole day. The last thing I want to try is dns server. Since I’ve working standard dns that use maradns under CentOS 5.10 then I’m going to try the steps here. Using CentOS 7.

# yum install gcc wget

# gcc -v

Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-redhat-linux/4.8.2/lto-wrapper
Target: x86_64-redhat-linux
Configured with: ../configure –prefix=/usr –mandir=/usr/share/man –infodir=/usr/share/info –with-bugurl=http://bugzilla.redhat.com/bugzilla –enable-bootstrap –enable-shared –enable-threads=posix –enable-checking=release –with-system-zlib –enable-__cxa_atexit –disable-libunwind-exceptions –enable-gnu-unique-object –enable-linker-build-id –with-linker-hash-style=gnu –enable-languages=c,c++,objc,obj-c++,java,fortran,ada,go,lto –enable-plugin –enable-initfini-array –disable-libgcj –with-isl=/builddir/build/BUILD/gcc-4.8.2-20140120/obj-x86_64-redhat-linux/isl-install –with-cloog=/builddir/build/BUILD/gcc-4.8.2-20140120/obj-x86_64-redhat-linux/cloog-install –enable-gnu-indirect-function –with-tune=generic –with-arch_32=x86-64 –build=x86_64-redhat-linux
Thread model: posix
gcc version 4.8.2 20140120 (Red Hat 4.8.2-16) (GCC)

Download latest MaraDNS Source Code

# wget -c http://maradns.samiam.org/download/2.0/2.0.09/maradns-2.0.09.tar.bz2

# tar xvjf maradns-2.0.09.tar.bz2
tar (child): bzip2: Cannot exec: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now

Ups CentOS 7 minimal install not install bzip2

# yum install bzip2

Re extract

# tar xvjf maradns-2.0.09.tar.bz2

# cd maradns-2.0.09

# make

# make install

VERSION=2.0.09 ./build/install.sh
Installing MaraDNS, placing programs in /usr/local//bin/ and /usr/local//sbin/,
man pages in /usr/local//share/man/man1, /usr/local//share/man/man5,
and /usr/local//share/man/man8, and documents in /usr/local//doc/maradns-2.0.09
Adding MaraDNS startup scripts
Starting up MaraDNS at runlevel 3
starting up MaraDNS at runlevel 5

Start MaraDNS

# service maradns start
Starting all maradns processes
Starting maradns process which uses Mararc file /etc/mararc

Check it

# ps ax | grep mara
19635 pts/0    S      0:00 /usr/local/bin/duende /usr/local/sbin/maradns -f /etc/mararc
19636 pts/0    S      0:00 /usr/local/sbin/maradns -f /etc/mararc
19637 pts/0    S      0:00 /usr/local/bin/duende /usr/local/sbin/maradns -f /etc/mararc

# nano /etc/mararc

looking for ipv4_bind_address line and change it into :

ipv4_bind_addresses = “192.168.1.88, 127.0.0.1”

My lan ip address is 192.168.1.88

# chkconfig maradns on

Edit test dns zone file

# nano /etc/maradns/db.example.net

test.example.net.      +14400    soa    ns1.example.net. dns@example.net. 2012010117 14400 3600 604800 14400 ~
example.net.      +14400    ns     ns1.example.net. ~
example.net.      +14400    ns     ns2.example.net. ~
ns1.example.net.  +14400    a       192.168.1.88 ~
ns2.example.net.  +14400    a       192.168.1.88 ~
example.net.      +14400    a       127.0.0.1 ~
www.example.net.  +14400    a       127.0.0.1 ~
example.net.      +14400    mx     10 mail.example.net. ~
test.example.net. +14400    a       192.168.1.88 ~

save the file.

Restart maradns service

# service maradns restart

Sending all MaraDNS processes the TERM signal
waiting 1 second
Sending all MaraDNS processes the KILL signal
MaraDNS should have been stopped
Starting all maradns processes
Starting maradns process which uses Mararc file /etc/mararc

Testing using dig

# yum install bind-utils

# dig @192.168.1.88 test.example.net

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> @192.168.1.88 test.example.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10783
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;test.example.net.        IN    A

;; ANSWER SECTION:
test.example.net.    14400    IN    A    192.168.1.88

;; AUTHORITY SECTION:
example.net.        14400    IN    NS    ns1.example.net.
example.net.        14400    IN    NS    ns2.example.net.

;; ADDITIONAL SECTION:
ns1.example.net.    14400    IN    A    192.168.1.88
ns2.example.net.    14400    IN    A    192.168.1.88

;; Query time: 0 msec
;; SERVER: 192.168.1.88#53(192.168.1.88)
;; WHEN: Kam Des 11 15:04:23 WIB 2014
;; MSG SIZE  rcvd: 118

Testing from other user in local area network

$ dig @192.168.1.88 test.example.net

; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> @192.168.1.88 test.example.net
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

Seem firewall block udp connection and port 53.

# firewall-cmd --permanent --add-port=53/udp

# systemctl restart firewalld.service

# service maradns restart

Re test resolver from LAN

$ dig @192.168.1.88 test.example.net

; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> @192.168.1.88 test.example.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4614
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;test.example.net.        IN    A

;; ANSWER SECTION:
test.example.net.    14400    IN    A    192.168.1.88

;; AUTHORITY SECTION:
example.net.        14400    IN    NS    ns1.example.net.
example.net.        14400    IN    NS    ns2.example.net.

;; ADDITIONAL SECTION:
ns1.example.net.    14400    IN    A    192.168.1.88
ns2.example.net.    14400    IN    A    192.168.1.88

;; Query time: 1 msec
;; SERVER: 192.168.1.88#53(192.168.1.88)
;; WHEN: Fri Dec 12 10:10:29 WIB 2014
;; MSG SIZE  rcvd: 118

Good, dns server work now for my CentOS 7 minimal installation 🙂

How to install Apache, MariaDB and PHP on CentOS 7 minimal

After install and configure network under CentOS 7 minimal I continue with LAMP section. Since the machine has 4GB memory I prefer to use old fashion LAMP. Only switch MySQL with MariaDB 🙂

The steps for LAMP installation for my own reference and my vps need :

Install required Package

Install nano

# yum install nano

Install Apache, PHP and MariaDB

# yum install httpd mariadb-server mariadb php php-mysql php-mysqli php-gd php-pear php-mbstring

Configure Apache

Start httpd

# systemctl start httpd.service

Set httpd to auto start after reboot or boot process

# systemctl enable httpd.service
ln -s ‘/usr/lib/systemd/system/httpd.service’ ‘/etc/systemd/system/multi-user.target.wants/httpd.service’

By default firewall will block access. To exclude http from firewall block :

# firewall-cmd --permanent --add-service http

# systemctl restart firewalld.service

Try visit ip address from browser

httpd_centos7

Configure MariaDB

Start mariadb

# systemctl start mariadb

Set mariadb to autostart

# systemctl enable mariadb.service
ln -s ‘/usr/lib/systemd/system/mariadb.service’ ‘/etc/systemd/system/multi-user.target.wants/mariadb.service’

Set password for mariadb, delete unnecessary database and users.

# mysql_secure_installation
/usr/bin/mysql_secure_installation: line 379: find_mysql_client: command not found

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we’ll need the current
password for the root user.  If you’ve just installed MariaDB, and
you haven’t set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on…

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
… Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
… Success!

Normally, root should only be allowed to connect from ‘localhost’.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
… Success!

By default, MariaDB comes with a database named ‘test’ that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
– Dropping test database…
… Success!
– Removing privileges on test database…
… Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
… Success!

Cleaning up…

All done!  If you’ve completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

I also need to enable firewall to exclude future database remote backup. Port 3306 is required to open.

# firewall-cmd --permanent --add-port=3306/tcp
success
# systemctl restart firewalld.service

Done.

Next step is measure time needed from start server to get login display and make my report.