Using a mysql cluster configuration allows you to add nodes simply and increase the power available to you simply, its quite a involved solution with multiple nodes required as well as controller stations, added with the fact that you need the cluster nodes to be on a low latency link means it might not fit the requirement.

Using the master slave option is great if you dont need a massive amount of writes, if you want to replicate between sites, or if you just want a quick solution to provide you with a resilient platform (albeit not instant)

So to setting up the solution.

You need at least 2 nodes running ideally the same version of mysql and the master node needs port 3306 access to the slave / slaves.

Once you have set that up, you need to configure the master to push updates out to the slave, you also need to ensure that from a starting point, both the slave and the master have the same db’s etc..

So below are the steps you need to take to do this:

Edit the my.cnf on your master under the mysqld section with the follow (assuming you have a standard install and things are in the default location, adjust paths if required) :

server-id=1

relay-log=/usr/local/mysql/var/mysql-relay-bin

relay-log-index=/usr/local/mysql/var/mysql-relay-bin.index

log-error=/usr/local/mysql/var/mysql.err

master-info-file=/usr/local/mysql/var/mysql-master.info

relay-log-info-file=/usr/local/mysql/var/mysql-relay-log.info

datadir=/usr/local/mysql/var

log-bin=/usr/local/myql/var/mysql-bin

Now put the following in your slaves my.cnf

server-id=2

relay-log=/usr/local/mysql/var/mysql-relay-bin

relay-log-index=/usr/local/mysql/var/mysql-relay-bin.index

log-error=/usr/local/mysql/var/mysql.err

master-info-file=/usr/local/mysql/var/mysql-master.info

relay-log-info-file=/usr/local/mysql/var/mysql-relay-log.info

datadir=/usr/local/mysql/var

Now the configs are done, you need to sort out the users and permissions.

On the master you need to create a user that has permissions on the slave, do this as follows:

mysql> grant replication slave on *.* to useronslave@’slaves.ip.add.ress’ identified by ‘useronslavepassword’;

Obviously substituting useronslave for your actual username on the slave, slaves.ip.add.ress for your slaves ip, i.e 192.168.0.3 and your useronslavepassword for your slave users password.

Now export the database from your master to your slave, to initially create the sync, as below:

mysqldump -u root -p –all-databases –single-transaction –master-data=1 > masterdump.sql

Next copy this .sql file over to the slave and import it so the slave is now in sync, as below run this on the slave:

mysql -u root -p < masterdump.sql

Once the above dump import has finished you will need to tell the slave which master to connect to, do the following, again substituting users and passwords as appropriate (again done on the slave).

mysql> CHANGE MASTER TO MASTER_HOST=’ip.address.of.master’, MASTER_USER=’useronslave’, MASTER_PASSWORD=’useronslavepassword’;

once that is done start up the slave

mysql> start slave;

if you want to see the status of the slave, type

mysql> show slave status\G

That should be everything done, you should now have your master and slave in sync and updating themselves as required.

To change this, do the following..

Edit your pure-ftpd config file – usually in /etc/pure-ftpd.conf

change the line

LimitRecursion 2000 8

to

LimitRecursion xxxx 8

Where xxxx is the number of files you want to limit it to…

Restart the pure-ftpd service and you should be done!

error: ‘Can’t connect to local MySQL server through socket ‘/tmp/mysql.sock’ (2)’

This might occur even if the mysql binary is running and the services seems to be listening on port 3306.

One common reason for this is that your my.cnf file doesnt have the correct location for your sock file.

Check it out, have a look in /etc/my.cnf and ensure that the sections under [mysqld] and [client] point to the correct location for your mysql.sock file – likely /var/lib/mysql/mysql.sock

You may find that the [client] section is missing, in which case just create it as below:

[client]

socket=/var/lib/mysql/mysql.sock

that hopefully will allow your  client to now connect.

One way is to use compression with apache. This means slightly more cpu overhead on the webserver, but should result in better performance of your webpages..

Here is a step by step guide to doing this on linux with apache > 2.0

In your httpd conf file under your location add in the following, this will compress everything except images:

<Location />
# Insert filter
SetOutputFilter DEFLATE

# Don't compress images
SetEnvIfNoCase Request_URI \
\.(?:gif|jpe?g|png)$ no-gzip dont-vary

# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent env=!dont-vary
</Location>

Then enable compression by adding the following to your conf file:

SetOutputFilter DEFLATE

Restart or reload apache and you should now be compressing content..

For more info, see http://httpd.apache.org/docs/2.0/mod/mod_deflate.html

Removing them with the traditional rm -filename doesn’t work as rm takes the dash to be an option -filename is not a valid option, so it will error.

So how can you remove these files then?

Well its simple, just specifiy the full path, or the full relative path.

For example, say you have  a file called -file and its located in /root/

rm -file will fail, but you can either do rm ./-file or rm /root/-file

Easy peasey

If you found this article useful, please click on 1 or 2 of the adverts, it helps me to keep the site up and running.

Thanks!

There are a few things you need. All in your /etc/samba/smb.conf

If you are on a standalone setup, rather than a domain setup, they look for the section titled — Standalone Server Options –

There will be a line  (if you have a default install) which says

security = user

change this to

security = share

Then just make sure you share definition has the below in

[public]
        comment = Public Stuff
        path = /path/to/your/share
        public = yes
        writable = yes
        printable = no
        browseable = yes
        guest ok = yes

And you should be laughing…

Note you will also need the corresponding permissions on the directory share to allow all to read at the very least…

You need a few things:

1: sendmail compiled with TLS support – see my previous article to check this.

2:a certificate suitable for your mail domain

3:access to your mail servers sendmail.mc file and the ability to recompile this to sendmail.cf – you may need the sendmail-cf package.

Provided you have all these things, here are the steps that need to be taken.

Put your cert onto your mail server in /etc/pki/tls/certs

This will be a .crt file most likely. Sendmail needs a pem file, so to convert your cert do the following:

cd /etc/pki/tls/certs

make sendmail.pem

If you do the above you will be creating a self signed cert. If you have a certificate bought from a CA such as thawte etc. Place the Private key followed by the certificate in the sendmail.pem file.

simple – you should now have a sendmail.pem which should contain a private key and a certificate.

Now you need to configure sendmail to use this file.

cd to /etc/mail and edit sendmail.mc (its wise to backup both the sendmail.mc and the sendmail.cf file just incase things dont work out)

find the lines that start with

dnl define(`confCACERT_PATH’, `/etc/pki/tls/certs’)dnl

dnl define(`confCACERT’, `/etc/pki/tls/certs/ca-bundle.crt’)dnl

dnl define(`confSERVER_CERT’, `/etc/pki/tls/certs/sendmail.pem’)dnl

dnl define(`confSERVER_KEY’, `/etc/pki/tls/certs/sendmail.pem’)dnl

remove the dnl from all the above lines so they start with define and save this file.

now type

make

to make the sendmail.mc into the new sendmail.cf

If you get an error about needing package sendmail-cf you will have to install that rpm, and most likely the m4 package as well as its a dependancy.

Once you have successfully done a make, its wise to do a diff on your current sendmail.cf and your backup, just to ensure that it all looks good and there are no important options that were changed, i.e Daemon IP bindings etc..

Provided you are happy with your sendmail.cf restart sendmail, and you should be now using TLS!

Wasn’t that hard was it?

sendmail -d0 </dev/null | grep -i tls

if you see STARTTLS in the line that is returned, you are good to go!

I checked my box over and noticed that the MailScanner process was listed as defunct, and tailing messages showed the following:

MailScanner: waiting for children to die: Process did not exit cleanly, returned 2 with signal 0

After going through my logs and settings to make sure I hadn’t got a new setting mixed up, I started googling..

Didnt really turn up much, except a few people talking about perl packages…

Given I didnt want to spend much / any time on this, I thought i’d try updating all my perl packages – I’m running Fedora 9.

So did a quick yum update perl*

Which updated about 136 packages but only 25Mb.

Restarted MailScanner and its all fixed

No idea which particular packages was causing the problem, although i’m sure it wouldnt be too hard to find out, but as Mail is flowing and i’m more upto date, i’m happy.

To do this you need to put some entries in /etc/sysctl.conf as below – NOTE you will need to change the interfaces to suit your config.

net.ipv4.conf.lo.hidden = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.conf.eth0.arp_ignore = 1
net.ipv4.conf.eth0.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2

Once these entries have been loaded in, either reboot or type

#sysctl -p /etc/sysctl.conf

Sorted, no more ARP conflicts.