Create self signing SSL Certificate
- Generate server key
openssl genrsa -des3 -out server.key 4096 - Create certificate signing request
openssl req -new -key server.key -out server.csr - Sign the certificate signing request with the server key
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt - Make the server key that does not need the password
openssl rsa -in server.key -out server.key.insecure - Do some house cleaning
mv server.key server.key.secure
mv server.key.insecure server.key - Use the following files in apache configuration
server.key
server.crt
Force SSL on apache
mod rewrite should be enabled on apache. Add the following to your apache config file.
#########################################
#### XXX: BEGIN EDIT FOR MOD_REWRITE ####
#### This is intended to force HTTPS ####
#### for all inbound HTTP requests ####
####
# This module (mod_rewrite) simply tells Apache2 that all connections to
# port 80 need to go to port 443 – SSL – No exceptions
####
LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine on
####
# The line below sets the rewrite condition for mod_rewrite.so.
# That is, if the server port does not equal 443, then this condition is true
####
ReWriteCond %{SERVER_PORT} !^443$
####
# The line below is the rule, it states that if above condition is true,
# and the request can be any url, then redirect everything to https:// plus
# the original url that was requested.
####
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
#### XXX: END EDIT FOR MOD_REWRITE ####
Linux Disable Hardware Beep Sound For Terminal
- If you are using xterm, open ~/.xsession file
$ cdAppend the following line:
$ vi .xession
xset b offSave and close the file.
- If you are using bash shell, open ~/.inputrc file
$ cdAppend following line:
$ vi .inputrc
set bell-style noneSave and close the file.
- If you want to turn off beep for VIM text editor, open vim config file ~/.vimrc
$ cdAppend following line
$ vi .vimrc
set vbSave and close the file.
Remove .svn folders
In order to clean up the SVN checkout, you can do
#deletes all .svn files/folders
find . -name ".svn" -exec rm -rf {} \;
OR
#deletes all .svn folders
find . -name ".svn" -type d -exec rm -rf {} \;
Delete all iptables rules
Enter the following to delete iptables completely
# iptables -F
# iptables -t nat -F
# iptables -t mangle -F
# iptables -X
java.net.SocketException: Too many open files
For System Wide settings
To see the settings for maximum open files for the OS level, use following command.
cat /proc/sys/fs/file-max
This should be a value from 36000 to 50000 or more. To increase the system wide maximum open files, as root edit the /etc/sysctl.conf and add the following to the end of the file.
Note: The following example will increase the maximum number of files to 49,500 on your currently running system and will persist after rebooting.
fs.file-max = 49500
Then issue the following command to activate this change to your live system.
sysctl -p
For user level setting
Also, you should update /etc/security/limits.conf for the user.
myuser hard nofile 2048
myuser soft nofile 2048
Type this to see what it’s set at:
ulimit -a
Header files for linux (Fedora)
Header files are provided with *-devel packages.
Installing Fedora Using a Network
Fedora can be installed using a local network (or even over the Internet if you have broadband access). You will need access to a Web, FTP, or NFS server hosting the installation packages. To boot to a network install, use a network boot floppy, a bootable CD-ROM created using the boot.iso boot image, or the first Fedora Core CD-ROM included with this book. Boot your PC with the boot floppy or, if you use CD-ROM, type
linux askmethod
at the boot prompt. Follow the prompts, and you’ll then be asked to choose the type of network installation.
Starting Tomcat automatically after Linux boots.
If Tomcat was not bundled as part of an operating system distribution, it won’t have the necessary file(s) to start automatically at system boot time. This describes the steps that should be taken to start Tomcat automatically after Linux boots.
1. Create a Tomcat user
Create a group, named tomcat. Create a new non-privileged user (e.g. tomcat)for Tomcat to run as. Ensure that tomcat belongs to the tomcat group. I prefer to keep this user account locked to prevent people trying to log in.
2. Change ownership of Tomcat files
Recursivly change the ownership of the tomcat installation files and directories to the new non-priviliged user
chown -R tomcat <root of tomcat installation>
For all users that need to write files to <tomcat_home>/webapps modify the group permissions to allow this write. eg:
chmod 775 <tomcat_home>/webapps
Any tomcat users should then be added to the tomcat group, allowing them to deploy their files to the webapps directory.
3. Create the Tomcat start-up script:
Create the file /etc/rc.d/init.d/tomcat
Insert the following contents, making sure that:
* JAVA_HOME references the root of the Java development kit directory
* start_tomcat is assigned to the fully qualified path to <tomcat_home>/bin/startup.sh
* stop_tomcat is assigned to the fully qualified path to <tomcat_home)/bin/shutdown.sh
File Contents
#!/bin/sh
#
# Startup script for Tomcat
JAVA_HOME=/usr/java/j2sdk1.4.1_02
export JAVA_HOME
start_tomcat=/usr/local/jakarta-tomcat-4.1.18/bin/startup.sh
stop_tomcat=/usr/local/jakarta-tomcat-4.1.18/bin/shutdown.sh
start() {
echo -n “Starting tomcat: ”
su -c ${start_tomcat} – tomcat
echo “done.”
}
stop() {
echo -n “Shutting down tomcat: ”
${stop_tomcat}
echo “done.”
}
# See how we were called
case “$1″ in
start)
start
;;
stop)
stop
;;
restart)
stop
sleep 10
start
;;
*)
echo “Usage: $0 {start|stop|restart}”
esac
exit 0
4. Test the Tomcat startup script
Test the script by issuing:
[root@localhost]# . /etc/rc.d/init.d/tomcat
Output should be similar to:
Starting tomcat: Using CATALINA_BASE: /opt/tomcat
Using CATALINA_HOME: /opt/tomcat
Using CATALINA_TMPDIR: /opt/tomcat/temp
Using JAVA_HOME: /opt/java
done.
To ensure that tomcat has started try and connect to port 8080 (or whichever you configured Tomcat to use).
5. Link the script into the /etc/rc directories.
Link the script into the /etc/rc directories so that Tomcat is started and stopped when the operating system moves between runlevels. Refer to the file
/etc/inittab for runlevels, but typically Tomcat will be linked in to start on runlevel 3 (Full multi user mode, no X) and runlevel 5 (full multi user with X11). See example below.
[root@l54 rc.d]# cd /etc/rc.d/rc3.d
[root@l54 rc.d]# ln -s ../init.d/tomcat S71tomcat
[root@l54 rc.d]# ln -s ../init.d/tomcat K01tomcat
[root@l54 rc.d]# cd ../rc5.d
[root@l54 rc.d]# ln -s ../init.d/tomcat S71tomcat
[root@l54 rc.d]# ln -s ../init.d/tomcat K01tomcat
NOTE: Which number you use will depend on your local configuration, but obviously Tomcat has to start after network services! Files with an uppercase S indicate daemons that will be started. The number indicates the order in which they are started: low numbers before high. The filenames starting with K indicate daemons that will be shutdown when leaving the runlevel. Typically we like to shut down Tomcat very early in this process.
Remove ^M from text files in Linux
Use
sed -e ’s/^M//g’ file
where ^M is the crtl-m character
normally inserted by typing Ctrl-V Ctrl-M
Alternatively, grab dos2unix from somewhere.
