systems:euk1

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
systems:euk1 [2011/02/28 20:22] – add sudo to the pear command saltybeaglesystems:euk1 [2017/09/22 13:28] (current) – external edit 127.0.0.1
Line 13: Line 13:
 ^ Disk Space:        | 150 GB                                        | ^ Disk Space:        | 150 GB                                        |
 ^ Software:|| ^ Software:||
-^ OS:                | CentOS 5.                                   |+^ OS:                | CentOS 5.                                   |
 ^ People with access to this machine:|| ^ People with access to this machine:||
-| bjori, bbieber, cellog, cweiske, davidc, derick, helgi, mj, philip, till, shupp ||+| bjori, bbieber, cellog, clockwerx, cweiske, davidc, derick, helgi, mj, philip, till, shupp, scottmac ||
 ===== Notes ===== ===== Notes =====
  
   * The SELinux firewall on this box only permits outgoing SMTP for the users ''root'' and ''postfix''.   * The SELinux firewall on this box only permits outgoing SMTP for the users ''root'' and ''postfix''.
-  * [[systems:Munin]] requires a custom iptables rule on this box: ''iptables -I INPUT -p tcp --dport 4949 --src 66.249.27.150 -j ACCEPT''. Adding it to ''/etc/sysconfig/iptables'' failed due to (presumably) something weird going on with SELinux. Make sure to add the rule manually after rebooting the box as long as this is not fixed properly.+  * [[systems:Munin]] requires a custom iptables rule on this box: ''<nowiki>iptables -I INPUT -p tcp --dport 4949 --src 173.236.52.218 -j ACCEPT</nowiki>''. Adding it to ''/etc/sysconfig/iptables'' failed due to (presumably) something weird going on with SELinux. Make sure to add the rule manually after rebooting the box as long as this is not fixed properly.
   * 2009-04-05: The box crashed for reasons unknown. It was subsequently rebooted by eUKhost.   * 2009-04-05: The box crashed for reasons unknown. It was subsequently rebooted by eUKhost.
   * 2009-04-16: Box hang after reboot. Had file system journal problems again. eUKhost had to run fsck manually.   * 2009-04-16: Box hang after reboot. Had file system journal problems again. eUKhost had to run fsck manually.
-  * 2009-08-05: Box hang again and was rebooted. Mail system (postfix) was down after. After starting it, mails did not get out. Had to run ''/sbin/iptables -t filter -I OUTPUT 9 -p tcp -m tcp --dport 25 -m owner --uid-owner postfix -j ACCEPT'' to get it working again.+  * 2009-08-05: Box hang again and was rebooted. Mail system (postfix) was down after. After starting it, mails did not get out. Had to run ''<nowiki>/sbin/iptables -t filter -I OUTPUT 9 -p tcp -m tcp --dport 25 -m owner --uid-owner postfix -j ACCEPT</nowiki>'' to get it working again.
   * 2010-03-01: We had the same mail problems again; this time the problem was fixed:   * 2010-03-01: We had the same mail problems again; this time the problem was fixed:
     * ''ls -aZ /etc/sysconfig -> system_u:object_r:etc_runtime_t iptables.save''     * ''ls -aZ /etc/sysconfig -> system_u:object_r:etc_runtime_t iptables.save''
-    * ''chcon user_u:object_r:etc_t iptables.save'' +    * ''chcon user_u:object_r:etc_t /etc/sysconfig/iptables.save'' 
-    * ''/sbin/iptables -t filter -I OUTPUT 9 -p tcp -m tcp --dport 25 -m owner --uid-owner postfix -j ACCEPT'' +    * ''<nowiki>/sbin/iptables -t filter -I OUTPUT 9 -p tcp -m tcp --dport 25 -m owner --uid-owner postfix -j ACCEPT</nowiki>'' 
-    * ''iptables-save'' +    * ''/etc/init.d/iptables save'' 
-    * ''chcon system_u:object_r:etc_runtime_t iptables.save''+    * ''chcon system_u:object_r:etc_runtime_t /etc/sysconfig/iptables.save''
   * 2010-06-25: Installed cronolog (''yum install cronolog'')   * 2010-06-25: Installed cronolog (''yum install cronolog'')
     * access.log's rotate daily     * access.log's rotate daily
Line 36: Line 36:
       * ''%Y-%m-%d_pear.php.net-access.log''       * ''%Y-%m-%d_pear.php.net-access.log''
       * ''%Y-%m-%d_ssl_pear.php.net-access.log''       * ''%Y-%m-%d_ssl_pear.php.net-access.log''
-   * 2010-06-26: +  * 2010-06-26: 
-      * added cronjob to ''bzip2'' yesterday's logs +    * added cronjob to ''bzip2'' yesterday's logs 
-      * setup daily rotation for ''error_log'' (''%Y-%m-%d_error.log''+    * setup daily rotation for ''error_log'' (''%Y-%m-%d_error.log''
-      * moved all old logfiles to ''till@sp2.php.net:/backup/logs-pear''+    * moved all old logfiles to ''till@sp2.php.net:/backup/logs-pear'' 
 +  * 2011-03-10 
 +    * disabled selinux (was in permissive mode only and had no effect) 
 +    * allowed git in iptables rules 
 +    * changed /etc/init.d/iptables to use /etc/sysconfig/iptables.rules instead of "iptables" only since we - for unknown reasons - cannot modify, move or delete /etc/sysconfig/iptables. 
 +  * 2011-04-27 
 +    * Disabled short tag open in php.ini 
 +  * 2011-06-08 
 +    * Add new SSL cert from FB 
 +    * Run distro upgrade of CentOS from 5.3 to 5.6  
  
 ===== Cronjobs ===== ===== Cronjobs =====
Line 45: Line 55:
  
 ===== PHP ===== ===== PHP =====
-  * Currently php 5.3.2+  * Currently php 5.3.7
   * Installed manually in /usr/local/src/   * Installed manually in /usr/local/src/
   * info: ~cweiske/phpinfo   * info: ~cweiske/phpinfo
Line 59: Line 69:
   * Scripts that are not in the pearweb package but only on the server are located in /var/lib/pear/scripts/.   * Scripts that are not in the pearweb package but only on the server are located in /var/lib/pear/scripts/.
   * Data like package releases (tgz), generated manuals and peardoc cvs checkout are in /var/lib/pear/ which links to /home/pear/ since there is enough space.   * Data like package releases (tgz), generated manuals and peardoc cvs checkout are in /var/lib/pear/ which links to /home/pear/ since there is enough space.
 +
 +==== Upgrading ====
 +Make your changes to the [[http://github.com/pear/pearweb|pearweb]] source, then follow [[https://github.com/pear/pearweb/blob/master/README|the README]] steps.
 +
 +===== PHAR =====
 +
 +  * If no force-download is applied, phars appear corrupt on Windows
 +  * solution: http://support.microsoft.com/kb/260519
 +  * /etc/httpd/conf.d/phar.conf:
 +<code>
 +<FilesMatch go-pear.phar>
 +  ForceType application/octet-stream
 +  Header set Content-Disposition "attachment; filename=go-pear.phar"
 +</FilesMatch>
 +<FilesMatch pyrus.phar>
 +  ForceType application/octet-stream
 +  Header set Content-Disposition "attachment; filename=pyrus.phar"
 +</FilesMatch>
 +</code>
systems/euk1.1298924523.txt.gz · Last modified: 2017/09/22 13:28 (external edit)

Page Tools