Block countries based on Geo data with UFW firewall

The first step is to browse to this page here: https://www.ip2location.com/free/visitor-blocker, and scroll down until you see a pull-down menu where you can search for countries. From this list you will select the countries you want to block, and then change the output format to CIDR and download the archive file.

Unzip the .gz file you downloaded. You will then see a text file for each country you’ve chosen. We are going to use a simple command to add the contents of the text files to our firewall rule list.

Tags:

Create a bootable USB flash media drive for Ubuntu server

Format the flash drive:


sudo dd if=/dev/zero of=/dev/sdd bs=1M && sync

Write the iso file to it:


sudo dd if=CentOS-7.0-1406-x86_64-Minimal.iso of=/dev/diskN bs=1M

How to set MySQL "wait_timeout" option on Ubuntu

I was trying upload a large database on Ubuntu that kept failing because of connection timeout problem, so I had to take the following steps:

1. To make it easier to find the right .cnf file, create a symbolic link:


ln -s /etc/mysql/mysql.conf.d/mysqld.cnf /etc/my.cnf

2. Paste with nano /etc/my.cnf


[mysqld]
wait_timeout = 31536000
interactive_timeout = 31536000

3. systemctl restart mysql

4. Verify with:

Upgrade Mysql (or MariaDB) to 10.x on CentOS 7

You will find all kinds of different instructions on how to update Mysql or MariaDB running on your CentOS 7 system to version 10.x, but the easiest and most straightforward way proven to us turned out to be the following one.

Note that the version in your case may vary, so replace 10.5 accordingly.

1. First, dump all the databases on your system just in case if something goes awry:

mysqldump -u root -p --all-databases > all-databases.sql

2. Paste the following code into the /etc/yum.repos.d/mariadb.repo file:

fatal: no SASL authentication mechanisms && warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms

If you see your Postfix reporting:

Jun 4 10:45:35 host postfix/smtpd[13609]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
Jun 4 10:45:35 host postfix/smtpd[13609]: fatal: no SASL authentication mechanisms

Troubleshooting the `Failed to start Berkeley Internet Name Domain (DNS)` error message

If the Named service goes down we check its status with systemctl status named or journalctl -xe, however sometimes both commands do not contain any indication of specific zone causing the error:

Replacing a degraded drive in a software RAID 1 array

After physically replacing the degraded drive with the new one and rebooting the system, run the folowing command to create exactly the same partitioning on /dev/sdb (new drive) as on /dev/sda (healthy existing drive):

sfdisk -d /dev/sda | sfdisk /dev/sdb

You can run

fdisk -l

to check if both hard drives have the same partitioning now.

Next we add /dev/sdb1 to /dev/md126 and /dev/sdb2 to /dev/md127:

mdadm --manage /dev/md126 --add /dev/sdb1
mdadm --manage /dev/md127 --add /dev/sdb2

Tags:

How to investigate sessions

To list all current sessions:

loginctl list-sessions

To investigate details of particular session run:

loginctl show-session [session_id]

The sessions files are located in /run/systemd/sessions on Fedora-based systems and in /run/systemd/sessions on Debian-based systems.

If sessions fill up the /run directory for 100% then per recommendation on
https://www.centos.org/forums/viewtopic.php?f=48&t=65472:

Recursively copying between two directories including hidden files

Sometimes we need to override large structure of directories and subdirectories with newer files.

There are two ways of copying all the files in one directory including subdirectories and hidden files to another directory:

cd /orig/dir
tar cvf - . | (cd /dest/dir; tar xvf -)

which tars up the current directory to stdout then pipes it to a subshell that first cd's to the destination directory before untarring stdin.

The second way of doing this is using cp:

yes | cp -rT /orig/dir /dest/dir 2> /dev/null

Pages

Subscribe to Front page feed