IT Professionals

To export the private key from the Windows IIS server to your non-windows-based machine, you must extract the private key from a Windows .pfx backup certificate. Use the OpenSSL utility to extract the private key from the .pfx backup file:

1. First backup the certificate you have working on your IIS server to a .pfx file.
2. Second, use the following OpenSSL command to create a new text file from which you can separate the Private Key:openssl pkcs12 -in mypfxfile.pfx -out outputfile.txt -nodes

   mypfxfile.pfx is the certificate backup from your IIS server.

3. The above command would have created a text file named outputfile.txt. Open this file with a text editor and you will see the private key listed first:-----BEGIN RSA PRIVATE KEY-----
(Block of Random Text)
-----END RSA PRIVATE KEY-----
4. Copy and paste all of the private key, including the BEGIN and END tags to a new text file and save it as domain_name.key

1. VMware Workstation go up to the VM menu item and then select Install VMware Tools

2. Double click on the item which ends in .rpm

3. Click Install. You will be asked for your root password, type it in and press Authenticate.

4. After installation is finished Click Close.

5. Go to Applications at the top left of your guest, then System tools and then click on Terminal.

6. yum -y install gcc kernel-devel patch make

This will backup all of your mysql databases nightly at midnight

Open a command prompt and type crontab -e

type 0 0 * * * /usr/bin/mysqldump -u username -p userpassword --all-databases > /usr/share/bugzilla/mysql/backups/dbbackup.sql

make any changes that you need and then type wq! to save and quit out of the script.

First I downloaded and installed Fedora 12.

Bugzilla and its dependencies are in the Fedora yum repository. To install Bugzilla and all its Perl dependencies, as root type the following.
1. yum install bugzilla

Install the database engine and web server, in my case MySQL and httpd:

1. yum install httpd mysql-server

chkconfig - -level 2345 httpd on;
chkconfig - -level 2345 mysqld on;

The last thing to change so that you can use charts is to visit SELinux management under system, administration and disable system default enforcing mode, this may require a reboot of the server. There is also probably a command to run that will do this too.

Start mysqld and httpd and browse to http://localhost/bugzilla

Tomcat running as root could be a huge security hole. Linux only allows root to listen to port 80 and 443…which is why many users of tomcat under Linux run tomcat as root. However, with jscv, the process will start off as root but later on will change ownership to the user tomcat or whatever username you wish.

After doing a few google searches I quickly found bits and pieces to do with configuring Tomcat 6 as a non-root user. So I thought I would try and put together a list of what I did to get this up and running.

1. Download and Install the Linux distro of your choice. I installed Tomcat6 on Fedora 8 Core. After you have Lunix installed its good practice to make sure you have all OS updates applied.

2. Create the user to run tomcat under with useradd tomcat. Issuing this command will create a directory under
/home/tomcat.

3. Download and install Java. Visit http://java.sun.com/products/archive/j2se/6u2/index.html. Select JDK 6,

4. After the download is complete, issue this command to make the file executable chmod 755 jdk-6u2(Version number).

5. Then run the install by issuing ./jdk(version number)

6. Updatedb;locate javac |grep bin

7. Now you need to run the alternatives command to instruct Fedora to recognize Sun’s JVM.

alternatives –install /usr/bin/java java /usr/java/jdk1.6.0_02/bin/java 100
alternatives –install /usr/bin/jar jar /usr/java/jdk1.6.0_02/bin/jar 100
alternatives –install /usr/bin/javac javac /usr/java/jdk1.6.0_02/bin/javac 100
/usr/sbin/alternatives –config java

Select option 1

Type java -version

you should see something like this:
java version “1.6.0_02″
Java(TM) SE Runtime Environment (build 1.6.0_02-ea-b02)
Java HotSpot(TM) Client VM (build 1.6.0_02-ea-b02, mixed mode, sharing)

export JAVA_HOME=/usr/java/jdk1.6.0_02/bin

8. yum Install gcc

9. Download tomcat 6 here http://tomcat.apache.org/download-60.cgi to /home/tomcat. Then Extract the tar file using tar xvzf tomcat6filename.gz to /home/tomcat

10. chown tomcat.tomcat /home/tomcat -R

11. Compile the jscv code by following the instructions here http://tomcat.apache.org/tomcat-6.0-doc/setup.html. You may have to issue
export JAVA_HOME=/usr/java/jdk1.6.0_02/bin before you run the ./configure and the make.

12. Create your start and stop script. Navigate to /etc/init.d create a new file by issuing touch tomcat, make the file executable by issuing chmod 755 tomcat.

13. Next issue vim tomcat and copy and paste the config below. You might have to change some of the setting to fit your server.

# Tomcat auto-start
#
# description: Auto-starts tomcat
# processname: tomcat
# pidfile: /var/run/tomcat.pid

#export JAVA_HOME=/usr/java/jdk1.6.0_02

#case $1 in
#start)
# sh /usr/local/tomcat/bin/startup.sh
# ;;
#stop)
# sh /usr/local/tomcat/bin/shutdown.sh
# ;;
#restart)
# sh /usr/local/tomcat/bin/shutdown.sh
# sh /usr/local/tomcat/bin/startup.sh
# ;;
#esac
#exit 0
#!/bin/sh
#
# Startup script for Tomcat, the Apache Servlet Engine
#
# chkconfig: 345 80 20
# description: Tomcat is the Apache Servlet Engine
# processname: tomcat
# pidfile: /var/run/tomcat.pid

TOMCAT_PROG=tomcat
JAVA_HOME=’/usr/java/jdk1.6.0_02′
CATALINA_HOME=’/usr/local/tomcat/’
DAEMON_HOME=$CATALINA_HOME/bin/jsvc
TMP_DIR=/var/tmp
CATALINA_OPTS=
CLASSPATH=\
$JAVA_HOME/lib/tools.jar:\
$CATALINA_HOME/bin/commons-daemon.jar:\
$CATALINA_HOME/bin/bootstrap.jar

# if TOMCAT_USER is not set, use tomcat like Apache HTTP server
if [ -z "$TOMCAT_USER" ]; then
TOMCAT_USER=”tomcat”
fi

RETVAL=0

# start and stop functions
start() {
echo -n “Starting tomcat: ”
chown -R $TOMCAT_USER:$TOMCAT_USER /usr/local/tomcat/*
$DAEMON_HOME \
-user $TOMCAT_USER \
-home $JAVA_HOME \
-Dcatalina.home=$CATALINA_HOME \
-Djava.io.tmpdir=$TMP_DIR \
-Djava.awt.headless=true \
-outfile $CATALINA_HOME/logs/catalina.out \
-errfile ‘&1′ \
$CATALINA_OPTS \
-cp $CLASSPATH \
org.apache.catalina.startup.Bootstrap
# To get a verbose JVM
#-verbose \
# To get a debug of jsvc.
#-debug \

RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/tomcat
return $RETVAL
}

stop() {
echo -n “Stopping tomcat: ”
PID=`cat /var/run/jsvc.pid`
kill $PID
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/tomcat /var/run/tomcat.pid
}

# See how we were called.
case “$1″ in
start)
start
;;
stop)
stop
;;
restart)
stop

sleep 5
start
;;
*)
echo “Usage: $0 {start|stop|restart}”
exit 1
esac

exit $RETVAL

14. Next to make tomcat start at boot issue #chkconfig –add tomcat and #chkconfig tomcat on 15. You can stop or start tomcat with service tomcat stop or start If you have any qustions just send me an email and ill do my best to get back to you.

15. You can stop or start tomcat with service tomcat stop or start

If you have any qustions just send me an email and ill do my best to get back to you.

chown -R ../

Command Description

• apropos whatis Show commands pertinent to string. See also threadsafe
• man -t man | ps2pdf - > man.pdf make a pdf of a manual page
which command Show full path name of command
time command See how long a command takes
• time cat Start stopwatch. Ctrl-d to stop. See also sw
• nice info Run a low priority command (The "info" reader in this case)
• renice 19 -p $$ Make shell (script) low priority. Use for non interactive tasks
dir navigation
• cd - Go to previous directory
• cd Go to $HOME directory
(cd dir && command) Go to dir, execute command and return to current dir
• pushd . Put current dir on stack so you can popd back to it
file searching
• alias l='ls -l --color=auto' quick dir listing
• ls -lrt List files by date. See also newest and find_mm_yyyy
• ls /usr/bin | pr -T9 -W$COLUMNS Print in 9 columns to width of terminal
find -name '*.[ch]' | xargs grep -E 'expr' Search 'expr' in this dir and below. See also findrepo
find -type f -print0 | xargs -r0 grep -F 'example' Search all regular files for 'example' in this dir and below
find -maxdepth 1 -type f | xargs grep -F 'example' Search all regular files for 'example' in this dir
find -maxdepth 1 -type d | while read dir; do echo $dir; echo cmd2; done Process each item with multiple commands (in while loop)
• find -type f ! -perm -444 Find files not readable by all (useful for web site)
• find -type d ! -perm -111 Find dirs not accessible by all (useful for web site)
• locate -r 'file[^/]*\.txt' Search cached index for names. This re is like glob *file*.txt
• look reference Quickly search (sorted) dictionary for prefix
• grep --color reference /usr/share/dict/words Highlight occurances of regular expression in dictionary
archives and compression
gpg -c file Encrypt file
gpg file.gpg Decrypt file
tar -c dir/ | bzip2 > dir.tar.bz2 Make compressed archive of dir/
bzip2 -dc dir.tar.bz2 | tar -x Extract archive (use gzip instead of bzip2 for tar.gz files)
tar -c dir/ | gzip | gpg -c | ssh user@remote 'dd of=dir.tar.gz.gpg' Make encrypted archive of dir/ on remote machine
find dir/ -name '*.txt' | tar -c --files-from=- | bzip2 > dir_txt.tar.bz2 Make archive of subset of dir/ and below
find dir/ -name '*.txt' | xargs cp -a --target-directory=dir_txt/ --parents Make copy of subset of dir/ and below
( tar -c /dir/to/copy ) | ( cd /where/to/ && tar -x -p ) Copy (with permissions) copy/ dir to /where/to/ dir
( cd /dir/to/copy && tar -c . ) | ( cd /where/to/ && tar -x -p ) Copy (with permissions) contents of copy/ dir to /where/to/
( tar -c /dir/to/copy ) | ssh -C user@remote 'cd /where/to/ && tar -x -p' Copy (with permissions) copy/ dir to remote:/where/to/ dir
dd bs=1M if=/dev/sda | gzip | ssh user@remote 'dd of=sda.gz' Backup harddisk to remote machine
rsync (Network efficient file copier: Use the --dry-run option for testing)
rsync -P rsync://rsync.server.com/path/to/file file Only get diffs. Do multiple times for troublesome downloads
rsync --bwlimit=1000 fromfile tofile Locally copy with rate limit. It's like nice for I/O
rsync -az -e ssh --delete ~/public_html/ remote.com:'~/public_html' Mirror web site (using compression and encryption)
rsync -auz -e ssh remote:/dir/ . && rsync -auz -e ssh . remote:/dir/ Synchronize current directory with remote one
ssh (Secure SHell)
ssh $USER@$HOST command Run command on $HOST as $USER (default command=shell)
• ssh -f -Y $USER@$HOSTNAME xeyes Run GUI command on $HOSTNAME as $USER
scp -p -r $USER@$HOST: file dir/ Copy with permissions to $USER's home directory on $HOST
ssh -g -L 8080:localhost:80 root@$HOST Forward connections to $HOSTNAME:8080 out to $HOST:80
ssh -R 1434:imap:143 root@$HOST Forward connections from $HOST:1434 in to imap:143
wget (multi purpose download tool)
• (cd dir/ && wget -nd -pHEKk http://www.pixelbeat.org/cmdline.html) Store local browsable version of a page to the current dir
wget -c http://www.example.com/large.file Continue downloading a partially downloaded file
wget -r -nd -np -l1 -A '*.jpg' http://www.example.com/dir/ Download a set of files to the current directory
wget ftp://remote/file[1-9].iso/ FTP supports globbing directly
• wget -q -O- http://www.pixelbeat.org/timeline.html | grep 'a href' | head Process output directly
echo 'wget url' | at 01:00 Download url at 1AM to current dir
wget --limit-rate=20k url Do a low priority download (limit to 20KB/s in this case)
wget -nv --spider --force-html -i bookmarks.html Check links in a file
wget --mirror http://www.example.com/ Efficiently update a local copy of a site (handy from cron)
networking (Note ifconfig, route, mii-tool, nslookup commands are obsolete)
ethtool eth0 Show status of ethernet interface eth0
ethtool --change eth0 autoneg off speed 100 duplex full Manually set ethernet interface speed
iwconfig eth1 Show status of wireless interface eth1
iwconfig eth1 rate 1Mb/s fixed Manually set wireless interface speed
• iwlist scan List wireless networks in range
• ip link show List network interfaces
ip link set dev eth0 name wan Rename interface eth0 to wan
ip link set dev eth0 up Bring interface eth0 up (or down)
• ip addr show List addresses for interfaces
ip addr add 1.2.3.4/24 brd + dev eth0 Add (or del) ip and mask (255.255.255.0)
• ip route show List routing table
ip route add default via 1.2.3.254 Set default gateway to 1.2.3.254
• tc qdisc add dev lo root handle 1:0 netem delay 20msec Add 20ms latency to loopback device (for testing)
• tc qdisc del dev lo root Remove latency added above
• host pixelbeat.org Lookup DNS ip address for name or vice versa
• hostname -i Lookup local ip address (equivalent to host `hostname`)
• whois pixelbeat.org Lookup whois info for hostname or ip address
• netstat -tupl List internet services on a system
• netstat -tup List active connections to/from system
windows networking (Note samba is the package that provides all this windows specific networking support)
• smbtree Find windows machines. See also findsmb
nmblookup -A 1.2.3.4 Find the windows (netbios) name associated with ip address
smbclient -L windows_box List shares on windows machine or samba server
mount -t smbfs -o fmask=666,guest //windows_box/share /mnt/share Mount a windows share
echo 'message' | smbclient -M windows_box Send popup to windows machine (off by default in XP sp2)
text manipulation (Note sed uses stdin and stdout. Newer versions support inplace editing with the -i option)
sed 's/string1/string2/g' Replace string1 with string2
sed 's/\(.*\)1/\12/g' Modify anystring1 to anystring2
sed '/ *#/d; /^ *$/d' Remove comments and blank lines
sed ':a; /\\$/N; s/\\\n//; ta' Concatenate lines with trailing \
sed 's/[ \t]*$//' Remove trailing spaces from lines
sed 's/\([`"$\]\)/\\\1/g' Escape shell metacharacters active within double quotes
• seq 10 | sed "s/^/ /; s/ *\(.\{7,\}\)/\1/" Right align numbers
sed -n '1000{p;q}' Print 1000th line
sed -n '10,20p;20q' Print lines 10 to 20
sed -n 's/.*