Linux Single User Mode Reset Root Password

Posted on January 20, 2017 by marskarthik

To do this reboot the Server as soon as you get the boot screen press ‘e’ (stands for edit) from keyboard. After you press ‘e’ from keyboard you would see a lot of text which may be clipped as per the size of your screen. Search for the text “rhgb quiet” and replace it with “init=/bin/bash” without quotes.
Once done editing press ‘ctrl+x’ and it will start booting with specified parameter. And you will get bash prompt. Now check the status of root partition by running following command on the single user mode.

# mount | grep root

You may notice that root partition is reported to be ‘ro’ (Read Only). We need to have read-write permission on root partition to change the root password.

# mount -o remount,rw /

Also cross check, if the root partition is mounted with read-write permission mode.

# mount | grep root

Now you can change the root password by typing the passwd command. But that is not done. We need to relabel SELinux context.  If we skip relabeling the whole SELinux context we would be able to login using using password.

# passwd root
# touch /.autorelabel

Reboot and login again to root account and see if everything works ok or not?
# exec /sbin/init

Or

To enter into single user mode; Go to second last line (Starts with linux 16 or linuxefi) using up and down arrow then  modify the ro argument.
Modify it to “rw init=/sysroot/bin/sh”. Once done, press “Ctrl+x”

# chroot your system
# chroot /sysroot

reset the root password.
# passwd

Update SELinux information.
# touch /.autorelabel

Exit chroot
# exit

Reboot your system.
# reboot

Login with new password.

Posted in Fedora, Linux, Redhat | Leave a comment

Ubuntu Firewall Command Line Examples

Posted on January 20, 2017 by marskarthik

How do I see the current status of my firewall?
sudo ufw status verbose

How do I open tcp port # 22?
To allow incoming tcp packets on port 22, enter:
sudo ufw allow 22/tcp

Verify it:
sudo ufw status verbose

How do I open tcp port # 80 and 443?
The service specific syntax is as follows to open http and https service ports:

sudo ufw allow http
sudo ufw allow https

sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

How do I open tcp and udp port # 53?
To allow incoming tcp and udp packet on port 53, enter:
sudo ufw allow 53

Verify it:
sudo ufw status verbose

To allow IP address 192.168.1.10 access to port 22 for all protocols
sudo ufw allow from 192.168.1.10 to any port 22

To allows subnet 192.168.1.0/24 to Samba services, enter:
ufw allow from 192.168.1.0/24 to any app Samba

You can find service info as follows:
sudo ufw app list

To get information on Squid profile/app, run:
ufw app info Squid

Posted in Linux, Ubuntu | Leave a comment

Linux Find and Copy Command Examples

Posted on January 20, 2017 by marskarthik

find files less 46 bytes and delete
/usr/bin/find /share/team/ -maxdepth 5 -type f -size -46 -print | xargs rm -f

Recursively remove all empty directories
find . -type d -empty -delete

/usr/bin/find /share/teamleads/ -type d -empty -delete
/usr/bin/find /home/ -type d -empty -delete

find files more than 3 weeks old and delete
/usr/bin/find /share/teamleads/ -maxdepth 4 -type f -mtime +21 -print | xargs rm -f
recursively copy folders with timestamps
cp -vr –preserve=timestamps  2015-11-03 Archive/2015

 Get yesterday date
date –date=”yesterday” ‘+%Y-%m-%d’

yestdate=`date –date=”yesterday” ‘+%Y-%m-%d’`;
cp -vr –preserve=timestamps  $yestdate Archive/2015

yes | cp -vr –preserve=timestamps  $yestdate Archive/2015

cp -vr –preserve=timestamps  /home/marskarthik/$yestdate /home/Archive
cp -vr –preserve=timestamps  /home/2015-11-15 /home/Archive

Posted in Linux | Leave a comment

Zimbra distribution list how to add, remove, get list

Posted on September 13, 2016 by marskarthik

How to get list of distribution list in zimbra email server

zmprov gadl

How to get distribution list attributes

zmprov gdl dlname@knowledgelinux.com

How to add distribution list in zimbra email server

zmprov cdl newdlist@marskarthik.com

How to remove distribution list from zimbra email server

zmprov rdl mydllist@marskarthik.com

How to add a member into a distribution list

zmprov adlm mydllist@marskarthik.com myname@marskarthik.com

How to remove a member from distribution list

zmprov rdlm mydllist@marskarthik.com myname@marskarthik.com

How to get only members addresses of a distribution list

zmprov gdl mydllist@marskarthik.com

Posted in Zimbra | Leave a comment

Setting Up NTP (Network Time Protocol) Server in RHEL/CentOS 7

Posted on August 22, 2016 by marskarthik

Step 1: Install ntp server package

#yum install ntp -y

Step 2: Get official NTP servers located near to your location. I am using Asia servers for this setup

server 0.asia.pool.ntp.org
server 1.asia.pool.ntp.org
server 2.asia.pool.ntp.org
server 3.asia.pool.ntp.org

Step 3: Open /etc/ntp.conf file

Add the servers replacing existing lines

server 0.asia.pool.ntp.org iburst
server 1.asia.pool.ntp.org iburst
server 2.asia.pool.ntp.org iburst
server 3.asia.pool.ntp.org iburst

Step 4: Allow your network for NTP sync in /etc/ntp.conf

restrict 192.168.0.0 mask 255.255.0.0 nomodify notrap

Step 5: Add log file entry in /etc/ntp.conf for troubleshooting purposes

logfile /var/log/ntp.log

Step 6: Save the file

Step 7: Add firewall rules for NTP service

# firewall-cmd –permanent –add-service=ntp
# firewall-cmd –reload

Step 8: Enable and Start NTP Service

# systemctl start ntpd
# systemctl enable ntpd
# systemctl status ntpd

[root@mail ~]# systemctl status ntpd
â ntpd.service – Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2016-08-22 21:35:11 PHT; 1h 2min ago
Process: 11184 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 11185 (ntpd)
CGroup: /system.slice/ntpd.service
ââ11185 /usr/sbin/ntpd -u ntp:ntp -g

Aug 22 21:35:11 mail.marskarthik.com systemd[1]: Starting Network Time Service…
Aug 22 21:35:11 mail.marskarthik.com systemd[1]: Started Network Time Service.
Aug 22 21:35:11 mail.marskarthik.com ntpd[11185]: proto: precision = 0.062 usec
Aug 22 21:35:11 mail.marskarthik.com ntpd[11185]: 0.0.0.0 c01d 0d kern kernel time syn…ed
Hint: Some lines were ellipsized, use -l to show in full.

Step 9: Run the following commands to verify NTP peers synchronization status and your system time

# ntpq -p
# date -R

[root@mail ~]# ntpq -p
remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
-mail.funix.net  128.199.84.169   3 u   77  128  377  218.562   96.769   5.066
*103-18-128-60.i 140.112.2.189    2 u   95  128  377   50.891   43.689   4.470
+send.mx.cdnetwo 204.123.2.5      2 u   98  128  357  126.984   52.270  10.885
+x.ns.gin.ntt.ne 249.224.99.213   2 u   90  128  377   57.621   38.352   4.129
[root@mail ~]# date -R
Mon, 22 Aug 2016 22:41:38 +0800
[root@mail ~]#

Step 10: Use this server ip address as your NTP server for your internal network devices/computers.

Posted in CentOS, Linux, RHEL | Leave a comment

A2Billing Installation and configurations in CentOS 5/6/7

Posted on August 16, 2016 by Isravel Raja

A2Billing is free and open source software for Asterisk, providing telecoms customer management including admin, agent, customer and online signup pages, with flexible inline rating and billing of calls and services in real-time.

Pre-requisties:

php54w php54w-bcmath php54w-cli php54w-common php54w-devel php54w-embedded php54w-fpm php54w-gd php54w-intl php54w-ldap php54w-mbstring php54w-mcrypt php54w-mysql php54w-pecl-apc php54w-snmp php54w-soap php54w-xml php54w-xmlrpc

Before start the installation, change the apache user to asterisk user in httpd configurations

vi /etc/httpd/conf/httpd.conf
replace “user apache” and “Group apache”
with “User asterisk” and Group asterisk”

Step1:

First of all download the stable release of a2billing by executing the following command in my case it’s 2.2.0

# cd /usr/src

# wget https://github.com/Star2Billing/a2billing/archive/master.tar.gz –no-check-certificate
Unzip it.

# tar -xzf master.tar.gz

# mv a2billing-master a2billing

# cd a2billing

Copy the configurations file to /etc/

# cp /usr/src/a2billing/a2billing.conf /etc/a2billing.conf

Create and Import default a2billing database
#mysql -u root -p

> create database a2billing;

> use a2billing;

> GRANT ALL PRIVILEGES ON *.* TO ‘a2billing’@’localhost’ IDENTIFIED BY ‘a2billing’ WITH GRANT OPTION;

> GRANT ALL PRIVILEGES ON a2billing.* TO a2billing@localhost IDENTIFIED BY ‘a2billing’;

> FLUSH PRIVILEGES

> exit

# cd /usr/src/a2billing/DataBase/mysql-5.x

# ./install-db.sh

Copy the AGI file

# ln -s /usr/src/a2billing/AGI/a2billing.php /var/lib/asterisk/agi-bin/

Change the ownership permission for the asterisk files

# chown asterisk:asterisk /var/lib/asterisk/agi-bin/a2billing.php

# chmod +x /var/lib/asterisk/agi-bin/a2billing.php

# chown -R asterisk:asterisk /var/lib/asterisk/

Create an asterisk manager user for accessing the cli from a2billing

# vi /etc/asterisk/manager.conf
[myasterisk]
secret = mycode
deny=0.0.0.0/0.0.0.0
permit=127.0.0.1/255.255.255.0
read = system,call,log,verbose,command,agent,user
write = system,call,log,verbose,command,agent,user

Create web directories

# mkdir /var/www/html/a2billing
# ln -s /usr/src/a2billing/common /var/www/html/a2billing/common
# ln -s /usr/src/a2billing/admin /var/www/html/a2billing/admin
# ln -s /usr/src/a2billing/agent /var/www/html/a2billing/agent
# ln -s /usr/src/a2billing/customer /var/www/html/a2billing/customer

# chown -R asterisk:asterisk /var/www/html/a2billing/
# chown -R asterisk:asterisk /var/www/html/a2billing/common
# chown -R asterisk:asterisk /var/www/html/a2billing/admin
# chown -R asterisk:asterisk /var/www/html/a2billing/customer
# chown -R asterisk:asterisk /var/www/html/a2billing/agent

Add files into crontab
# Automatically added for A2Billing
0 * * * * php /usr/src/a2billing/Cronjobs/a2billing_alarm.php
0 12 * * * php /usr/src/a2billing/Cronjobs/a2billing_archive_data_cront.php
0 10 21 * * php /usr/src/a2billing/Cronjobs/a2billing_autorefill.php
#Batch process at 00:20 each day
20 0 * * * php /usr/src/a2billing/Cronjobs/a2billing_batch_process.php
#Bill DID usage at 00:00 each day
0 0 * * * php /usr/src/a2billing/Cronjobs/a2billing_bill_diduse.php
#Remind users of low balance every day at 06:00
0 6 * * * php /usr/src/a2billing/Cronjobs/a2billing_check_account.php
#Generate Invoices at 7am everyday
0 7 * * * php /usr/src/a2billing/Cronjobs/a2billing_invoice2_cront.php
0 7 * * * php /usr/src/a2billing/Cronjobs/a2billing_invoice_cront.php
#Check if balance below preset value, and email user if so.
1 * * * * php /usr/src/a2billing/Cronjobs/a2billing_notify_account.php
#Charge subscriptions at 06:05 on the 1st of each month
0 6 1 * * php /usr/src/a2billing/Cronjobs/a2billing_subscription_fee.php
#Update currencies at 01:00 each day
0 1 * * * php /usr/src/a2billing/Cronjobs/currencies_update_yahoo.php

Create log files
# touch /var/log/asterisk/a2billing-daemon-callback.log
# touch /var/log/a2billing/a2billing-daemon-callback.log
# touch /var/log/a2billing/cront_a2b_alarm.log
# touch /var/log/a2billing/cront_a2b_autorefill.log
# touch /var/log/a2billing/cront_a2b_batch_process.log
# touch /var/log/a2billing/cront_a2b_bill_diduse.log
# touch /var/log/a2billing/cront_a2b_subscription_fee.log
# touch /var/log/a2billing/cront_a2b_currency_update.log
# touch /var/log/a2billing/cront_a2b_invoice.log
# touch /var/log/a2billing/cront_a2b_check_account.log
# touch /var/log/a2billing/a2billing_paypal.log
# touch /var/log/a2billing/a2billing_epayment.log
# touch /var/log/a2billing/api_ecommerce_request.log
# touch /var/log/a2billing/api_callback_request.log
# touch /var/log/a2billing/a2billing_agi.log

Update the following fields of /etc/a2billing.conf

[database]
hostname = localhost
port = 3306
user = a2billing
password = a2billing
dbname = a2billing
; dbtype setting can either be mysql or postgres
dbtype = mysql

Restart the mysql service

# service mysqld stop
# service mysqld start

 

Give all permissions to a2billing folder

# chmod -R 777 /usr/src/a2billing/

Add the following lines in extensions.conf

[a2billing]
exten => _X.,1,NoOp(A2Billing Start)
exten => _X.,n,DeadAgi(a2billing.php,1,predictivedialer)
exten => _X.,n,Hangup

Now you open the browser and point to http://your-server-ip-address/a2billing/admin default username/password is root/changepassword.

Steps to setup the a2billing

1) Create Call Plan
2) Create Rate Card
3) Create Rates
4) Now again click on CallPlan and add the RateCard, you just created.
5) Add the Trunk and you can put the trunk name of the FreePBX or you give the IP address of the service provider directly.
6) Now Generate Customers, but before that, you should go to system settings Modify the following settings in Global list
Change value to “Yes” for use_dnid
Change value to “No” for use_realtime
Change value to “1_8” for asterisk_version

7) After creating the customer click on VoIP-settings you will see some red panels on the top of the browser so for generating the additional_a2billing_sip.conf and additional_a2billing_iax.conf click on these panels and reload asterisk, it will add the user in that file. Now you should include these files into sip.conf
#include additional_a2billing_sip.conf

Posted in Asterisk, Telephony | Leave a comment

Zimbra: Get mailbox size with status, created and last login date

Posted on August 16, 2016 by marskarthik

Shell script to get mailbox size with status, created and last login date in Zimbra Server

zmaccts | grep “@” | awk ‘{print $1}’ > /tmp/mboxes.list
date > /tmp/mboxsize.txt
#echo “\n” >> /tmp/mboxsize.txt
for mb in `cat /tmp/mboxes.list`;
do
status=`zmaccts | grep $mb | awk ‘{print $1,”,”$2,”,”$3,”,”$5}’`;
msize=`zmmailbox -z -m $mb gms`;
echo “$status,$msize” >> /tmp/mboxsize.txt
done
echo “Completed”

Posted in Zimbra | Leave a comment

Zimbra fix: A network service error has occurred on Zimbra web client

Posted on August 16, 2016 by marskarthik

By default Zimbra uses DoSFilter Throttling Mechanism to avoid large number of request over a short period of time. So if the Zimbra server see requests more than safe amount from an specific IP address / user that will be throttled and the user may face the “A network service error has occurred” error.

This feature is available in 8.5+ to prevent a malicious IP from trying brute force attacks.
For ZCS 8.7 or above

zmprov mcf zimbraHttpThrottleSafeIPs 10.1.1.2/32 zimbraHttpThrottleSafeIPs 192.168.9.0/24

or to append to an existing list of multi-valued zimbraHttpThrottleSafeIPs

zmprov mcf +zimbraHttpThrottleSafeIPs 10.1.1.2/32
zmprov mcf +zimbraHttpThrottleSafeIPs 192.168.9.0/24

For ZCS 8.6, 8.5 or previous

zmprov mcf zimbraHttpThrottleSafeIPs 10.1.1.2 zimbraHttpThrottleSafeIPs 192.168.9.5

or to append to an existing list of multi-valued zimbraHttpThrottleSafeIPs

zmprov mcf +zimbraHttpThrottleSafeIPs 10.1.1.2
zmprov mcf +zimbraHttpThrottleSafeIPs 10.1.1.50
zmprov mcf +zimbraHttpThrottleSafeIPs 192.168.9.5
zmprov mcf +zimbraHttpThrottleSafeIPs 192.168.9.6

Mailbox server restart is required when modifying these attributes.

zmmailboxdctl restart

Check these links below for more parameters on blocking

https://wiki.zimbra.com/wiki/DoSFilter
https://wiki.zimbra.com/wiki/Users_get_%27Network_service_error%27,_and_mailbox.log_shows_%27Access_to_IP_x.x.x.x_suspended,_for_repeated_failed_login%27

Posted in Zimbra | Leave a comment

Assign COS rights to user in Zimbra Server

Posted on August 15, 2016 by marskarthik

zmprov grr global usr yourmail@yourdomain.com getCos
zmprov grr global usr yourmail@yourdomain.com listCos
zmprov grr global usr yourmail@yourdomain.com assignCos

Posted in Zimbra | Leave a comment

Enable Global Admin in Zimbra Server except “View Mail” option

Posted on August 11, 2016 by marskarthik

zmprov ma admin@yourdomain.com zimbraAdminConsoleUIComponents accountListView  zimbraAdminConsoleUIComponents DLListView zimbraAdminConsoleUIComponents aliasListView zimbraAdminConsoleUIComponents resourceListView zimbraAdminConsoleUIComponents COSListView zimbraAdminConsoleUIComponents domainListView zimbraAdminConsoleUIComponents serverListView zimbraAdminConsoleUIComponents zimletListView zimbraAdminConsoleUIComponents adminZimletListView zimbraAdminConsoleUIComponents globalConfigView zimbraAdminConsoleUIComponents globalServerStatusView zimbraAdminConsoleUIComponents helpSearch zimbraAdminConsoleUIComponents saveSearch zimbraAdminConsoleUIComponents mailQueue zimbraAdminConsoleUIComponents backupsView zimbraAdminConsoleUIComponents certsView zimbraAdminConsoleUIComponents softwareUpdatesView zimbraAdminConsoleUIComponents bulkProvisionTasksView zimbraAdminConsoleUIComponents perServerStatisticsView zimbraAdminConsoleUIComponents globalPermissionView zimbraAdminConsoleUIComponents rightListView

Note: Below are list of Admin view’s available which can be assigned to delegated admin account.

Account List View           :    accountListView
Distribution List View      :    DLListView
Alias List View             :    aliasListView
Resource List View          :     resourceListView
Class of Service LIst View  :     COSListView
Domain List View            :    domainListView
Server List View            :    serverListView
Zimlet List View            :     zimletListView
Admin Zimlet List View      :    adminZimletListView
Global Settings View        :     globalConfigView
Global Server Status View   :    globalServerStatusView
Help Search View            :    helpSearch
Saved Searches View         :     saveSearch
Mail Queue View             :     mailQueue
Backups  View               :     backupsView
Certificates View           :     certsView
Software Updates            :     softwareUpdatesView
Account Migration           :    bulkProvisionTasksView
Per Server Statistics View  :     perServerStatisticsView
Global ACL View             :     globalPermissionView
Right List View             :    rightListView

Posted in Zimbra | Leave a comment