Recover Webmin's root pasword

There are cases where you don't have root password and can't login to webmin. Like the one i came across AWS RedHat 7 instance recently, AWS doesn't provide you root password for security reason. And you need admin login for webmin.

Also, in Ubuntu by default, root password is disabled, and you won't be able to log in to the Webmin webpage, as the Webmin root login will be disabled too. To fix this, you need to manually change the Webmin root password.

You can do this in one of two ways:

Procedure 1

After you perform # apt-get install webmin or yum install webmin ,you have to do the following:

Find your webmin binary install directory and webmin configuration directory.

If you don't know where it is, you can find it by running:

$ locate changepass.pl or $ sudo find / -name changepass.pl
$ #and
$ locate miniserv.conf

Then follow these instructions to change the password. Change your working path to the webmin binary install directory and then run changepass.pl:

$ cd <webmin-install-dir>
$ sudo ./changepass.pl <webmin-config-dir> root <newpassword>

Note this ONLY changes the webmin root login password and does not change the your 'real' root password.

Procedure 2

Get your encrypted password from /etc/shadow.

For example, the following command will output the password to the screen:
$sudo grep your_username /etc/shadow |cut -f2 -d:

Next we edit this file:

$sudo vi /etc/webmin/miniserv.users

Note: you will need superuser rights to save it

Replace the asterisk in the first line with the password you aquired from /etc/shadow, so that the line looks something like this: 

root:$1$e/9mjoasd$asdasljjwynSD42

Save the file and exit the editor after that.

Restart webmin with this command:

$sudo /etc/init.d/webmin restart
After that, you can go to https://localhost:10000/ in your web browser and login using root as the username and the password of your non-root user.

Ref: https://help.ubuntu.com/community/WebminWithoutARootAccount

Apache Tomcat 8 Installation and Configuration in CentOS 6.8

I had to work recently on a project where i got to install Java 1.8 and Apache Tomcat 8 in CentOS 6.8 x64 bit. Below are step by step instructions for full configuration of Apache Tomcat and adding it as init.d service. Hope you enjoy this tutorial.

1.Install Java 1.8

#cd /opt/

#wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u111-b14/jdk-8u111-linux-x64.tar.gz"

#tar xzf jdk-8u111-linux-x64.tar.gz

# cd /opt/jdk1.8.0_111/

# alternatives --install /usr/bin/java java /opt/jdk1.8.0_111/bin/java 2

# alternatives --config java
This will display programs which provide 'java'. Below is example:

  Selection    Command
-----------------------------------------------
*  1           /opt/jdk1.7.0_71/bin/java
 + 2           /opt/jdk1.8.0_45/bin/java
    3           /opt/jdk1.8.0_91/bin/java
    4           /opt/jdk1.8.0_111/bin/java

Enter to keep the current selection[+], or type selection number: 4

# alternatives --install /usr/bin/jar jar /opt/jdk1.8.0_111/bin/jar 2

# alternatives --install /usr/bin/javac javac /opt/jdk1.8.0_111/bin/javac 2

# alternatives --set jar /opt/jdk1.8.0_111/bin/jar

# alternatives --set javac /opt/jdk1.8.0_111/bin/javac

Verify java version
[root@centos]# java -version

java version "1.8.0_111"
Java(TM) SE Runtime Environment (build 1.8.0_111-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.111-b14, mixed mode)


Configuring Environment Variables

Most of Java based application’s uses environment variables to work. Set the Java environment variables using following commands

•Setup JAVA_HOME Variable
# export JAVA_HOME=/opt/jdk1.8.0_111

•Setup JRE_HOME Variable
# export JRE_HOME=/opt/jdk1.8.0_111/jre

•Setup PATH Variable
# export PATH=$PATH:/opt/jdk1.8.0_111/bin:/opt/jdk1.8.0_111/jre/bin

#vi /etc/environment
JAVA_HOME=/opt/jdk1.8.0_111|
JRE_HOME=/opt/jdk1.8.0_111/jre
PATH=$PATH:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin:/opt/jdk1.8.0_111/bin:/opt/jdk1.8.0_111/jre/bin

2. Tomcat 8 Intallation:

#cd /tmp
#wget http://mirror.ventraip.net.au/apache/tomcat/tomcat-8/v8.0.39/bin/apache-tomcat-8.0.39.tar.gz
#tar zxvf apache-tomcat-8.0.39.tar.gz
#ls –l
#mv apache-tomcat-8.0.39 /opt/
#cd /opt/apache-tomcat-8.0.39/bin
#./startup.sh  (to start tomcat 8)
#./shutdown.sh  (to stop tomcat 8)

#netstat -antp | grep 8080
tcp        0      0 :::8080                     :::*                        LISTEN      4180/java

Go to browser and type:
http://localhost:8080

You need to setup user login to access “Server status”, “Manager App” and “Host Manager”.

#vi /opt/apache-tomcat-8.0.39/conf/tomcat-users.xml
<user username="tomcat" password="P@ssw0rd" roles="manager-gui,manager-status,manager-script,admin-gui"/>

#cd /opt/apache-tomcat-8.0.39/bin
#./shutdown.sh
#./startup.sh

Now you can login with the user above to access.
(Note: you cannot specify “admin” user as it’ll be locked out due to security settings)

Adding tomcat as init.d service (In this case, there is no dedicated ‘tomcat’ user but it’s built under ‘root’)

Here, user ‘tomcatuser’ is allowed to start/stop/restart (in addition to root)

#vi /etc/init.d/tomcat

#!/bin/bash
# description: Tomcat Start Stop Restart
# processname: tomcat
# chkconfig: 234 20 80

TOMCAT_HOME=/opt/apache-tomcat-8.0.39
TOMCAT_USER=tomcatuser
case $1 in
start)
/usr/bin/sudo $TOMCAT_HOME/bin/startup.sh
;;
stop)
/usr/bin/sudo $TOMCAT_HOME/bin/shutdown.sh
;;
restart)
/usr/bin/sudo $TOMCAT_HOME/bin/shutdown.sh
/usr/bin/sudo $TOMCAT_HOME/bin/startup.sh
;;
esac
exit 0

#chmod 755 tomcat
# chkconfig --add tomcat
# chkconfig --level 345 tomcat on
# chkconfig --list tomcat

To start tomcat during boot: add below
#vi /etc/rc.local
/etc/init.d/tomcat start

#service tomcat start/stop/restart

#vi /etc/sudoers
tomcatuser ALL = /sbin/service httpd24-httpd restart, /etc/init.d/httpd24-httpd restart, /bin/cat /var/log/httpd24/access_log, /bin/cat /var/log/httpd24/error_log, /etc/init.d/tomcat start, /etc/init.d/tomcat stop, /etc/init.d/tomcat restart, /bin/sh /opt/apache-tomcat-8.0.39/bin/shutdown.sh, /bin/sh /opt/apache-tomcat-8.0.39/bin/startup.sh

#Start as user ‘tomcatuser’
$sudo /etc/init.d/tomcat start/stop/restart

#Lastly reboot the server and check it’s loading at startup
#netstat –antp | grep 8080

#Also check PATH is loading correctly after restart
#echo $PATH

Ref: http://tecadmin.net/install-java-8-on-centos-rhel-and-fedora/#

Ref: http://tutorialforlinux.com/2014/03/07/how-to-install-apache-tomcat-8-on-centos-6-x-32-64bit-linux-easy-guide/

Ref: https://www.digitalocean.com/community/tutorials/how-to-install-apache-tomcat-8-on-centos-7

Ref: http://tomcat.apache.org/download-80.cgi

Hastebin - Easy way to share your codes, snippets.

A web-based service for storing and sharing text and code snippets can come in handy in many situations. And if you prefer to use an open source solution for that, Hastebin got you covered. Hastebin's web interface is simplicity itself, and it gives you commands to create a new text snippet, save the current snippet, and open existing snippets for editing. By default, Hastebin treats snippets as Markdown-formatted text, but you can use the Just Text command to edit the snippet as plain text. When you save the snippet you can share it by giving other users its URL, and you can post the URL via Twitter.

The Hastebin server software is based on Node.js, and you can easily deploy a self-hosted Hastebin instance on your own server. While you can use the web interface to add and manage snippets, the dedicated Hastebin command-line utility makes it possible to push snippets to the server from the terminal. The utility is written in Ruby, and if you don't feel like fiddling with RubyGem, you can opt for a simple Bash shell one-liner:

haste() { a=$(cat); curl -X POST -s -d "$a" http://hastebin.com/documents | awk -F '"' '{print "http://hastebin.com/"$4}'; }

To use it, run the following command which pushes the contents of the foo.txt file to the Hastebin server:

cat foo.txt | haste

Source: http://www.linux-magazine.com/Online/Blogs/Productivity-Sauce/Hastebin-An-Open-Source-Alternative-to-Pastebin

DNS SRV Records - Explained

SRV (SeRVice) records allow flexibility and stability to services making use of them. Like a "general use" MX record, the SRV records relate to a particular service of the domain, like FTP or SIP, rather than a specific machine the way A or C-name records do.

Several programs are starting to make use of SRV records for VOIP.

An OnSIP customer would create an SRV record to take the place of the domain.onsip.com address given by default. With an SRV record a user with the SIP address of:

mike@acme.onsip.com

could become just:

mike@acme.com

assuming that the user can create an SRV record for acme.com.

SIP Hosting SRV Record Format

For OnSIP, when setting up a SRV record, the general settings are:

Service: SIP
Protocol: UDP
Name: acme.com (your domain name goes here)
Priority:
Weight:
Port: 5060
Target: sip.onsip.com
TTL: 1 hour

SIP SRV records in BIND

In BIND, an SRV record would look like this:

_sip._udp.acme.com. 3600 IN SRV 0 0 5060  sip.onsip.com.

Looking up SIP SRV records

To test that the SRV record has been entered correctly you need to run the dig command from a terminal window on a Unix/Linux system (including OS X).
For Windows see the nslookup command.

The following screen shot shows the command: dig _sip._udp.bytetel.com SRV(replace bytetel.com with your domain name but keep everything else there).

If everything has been set up correctly you will get a confirmation answer:

This shows that the SIP SRV record for bytetel.com points to port 5060 at sip.onsip.com.

XMPP SRV Records

You need to add two (2) SRV records to make XMPP work. Note that the protocol is TCP and that the ports are specific to the service.

XMPP SRV records in BIND

In BIND, the records look like:

_xmpp-client._tcp.acme.com. 3600 IN SRV 0 0 5222 xmpp-client.onsip.com.
_xmpp-server._tcp.acme.com. 3600 IN SRV 0 0 5269 xmpp-server.onsip.com.

You can look an example up using dig on junctionnetworks.com

$ dig _xmpp-client._tcp.junctionnetworks.com SRV

$ dig _xmpp-server._tcp.junctionnetworks.com SRV

So...

Service: XMPP-CLIENT
Protocol: TCP
Name: acme.com
Priority: 0
Weight: 0
Port: 5222
Target: xmpp-client.onsip.com
TTL: 1hour

-- and --

Service: XMPP-SERVER
Protocol: TCP
Name: acme.com
Priority: 0
Weight: 0
Port: 5269
Target: xmpp-server.onsip.com
TTL: 1hour

Ref: https://support.onsip.com/hc/en-us/articles/204567144-What-is-an-SRV-record-