Howto: Backup & Restore Database in PostgreSQL (pg_dump,pg_restore)

Posted on

H ow to backup and restore dabatase in PostgreSQL

1)Backup data with pg_dump

pg_dump -i -h localhost -p 5432 -U postgres -F c -b -v -f  "/home/anand/ltchiedb.backup" ltchiedb

To list all of the available options of pg_dump , please issue following command.

pg_dump -?
-p, –port=PORT database server port number
-i, –ignore-version proceed even when server version mismatches
-h, –host=HOSTNAME database server host or socket directory
-U, –username=NAME connect as specified database user
-W, –password force password prompt (should happen automatically)
-d, –dbname=NAME connect to database name
-v, –verbose verbose mode
-F, –format=c|t|p output file format (custom, tar, plain text)
-c, –clean clean (drop) schema prior to create
-b, –blobs include large objects in dump
-v, –verbose verbose mode
-f, –file=FILENAME output file name

2) Restore data with pg_restore

pg_restore -i -h localhost -p 5432 -U postgres -d ltchiedb -v "/home/anand/ltchiedb.backup"

To list all of the available options of pg_restore , please issue following command.

pg_restore -?
-p, –port=PORT database server port number
-i, –ignore-version proceed even when server version mismatches
-h, –host=HOSTNAME database server host or socket directory
-U, –username=NAME connect as specified database user
-W, –password force password prompt (should happen automatically)
-d, –dbname=NAME connect to database name
-v, –verbose verbose mode

Advertisements

Error: “ldap_bind: Can’t contact LDAP server (-1)” on nagios check

Posted on Updated on

Nagios check_ldaps plugin working with SSL or TLS
Error:

[root@nagios libexec]# ./check_ldaps  -H 10.0.0.51  -w 10 -c 15 -b dc=tolven,dc=com -p 636 -v
ldap_bind: Can't contact LDAP server (-1)
 additional info: TLS error -8172:Peer's certificate issuer has been marked as not trusted by the user.
 Could not bind to the LDAP server

 

To fix this issue, simple understand the client is not issuing certificate, The client environment is not fully configured. so I configure the bellow setting. It works charm in both ways, byt ignoring the SSL check or adding client certificate,

Create new configuration file if not exist, /etc/openldap/ldap.conf

Ignoring SSL certificate, Add the bellow settings

TLS_REQCERT never
TLS_CACERT /etc/openldap/certs/ldap-client-ca.crt

Output:

root@nagios libexec]# ./check_ldaps -H 10.0.0.51 -w 10 -c 15 -b dc=tolven,dc=com -p 636 -v
LDAP OK - 0.062 seconds response time|time=0.061526s;10.000000;15.000000;0.000000

ERROR: Got error on installing nagios-plugin on centos7 “In file included from localcharset.c:26:0:”

Posted on

Build failure on installing nagios plugin on centos7,

Error:

In file included from localcharset.c:26:0:
./stdio.h:456:1: error: ‘gets’ undeclared here (not in a function)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
^
make[4]: *** [localcharset.o] Error 1
make[4]: Leaving directory `/opt/installer/nagios-plugins-1.4.16/gl'
make[3]: *** [all-recursive] Error 1
make[3]: Leaving directory `/opt/installer/nagios-plugins-1.4.16/gl'
make[2]: *** [all] Error 2
make[2]: Leaving directory `/opt/installer/nagios-plugins-1.4.16/gl'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/opt/installer/nagios-plugins-1.4.16'
make: *** [all] Error 2

It seems that nagios has created a custom version of the standard stdio.h file so even if the bug has been fixed in the c libraries it may still exists in nagios.

maybe you can do a quick fix by running this command in the same folder as stdio.in.h:

sed -i -e '/gets is a security/d' ./gl/stdio.in.h

Thats just a long shot though, I haven’t tried it myself.
PS. Make a backup copy of stdio.in.h first so you can revert the source back to its original state if it doesn’t work.

HowTo: Change facebook theme

Posted on Updated on

Facebook is not officially support for changing its appearance, but some people craze about changing their FB theme and it wants to be look so different,

Here is my workout for the theme changer, Firefox release addons for adding custom CSS for a particular websites, we can do the same for FaceBook.

1, Install Styles addon for firefox
https://addons.mozilla.org/en-us/firefox/addon/stylish/

Once installed the addon reboot the firefox is reqired to edit the settings, then you will see the S button on the Tool bar.

stylish

 

2, Add custom CSS for Facebook,
https://userstyles.org/styles/browse/facebook

      Go to the above url and select once of the style, Here I used FaceBlack (Black Facebook by a3cAnton)
click on installstylish

3, Turn the Styles for all websites,

Now goto “Styles” button on toolbar and select “Turn all styles on”

Now facebook is ready to start with new CSS, Checkout other similar CSS for other Social network websites. https://userstyles.org/

Here is My FB looks like.

Screenshot from 2015-11-04 15:21:59

 

HowTo: Generate Certificate for OpenLDAP and using it for certificate authentication.

Posted on

LDAPS Server Certificate Requirements

LDAPS requires a properly formatted X.509 certificate. This certificate lets a OpenLDAP service listen for and automatically accept SSL connections. The server certificate is used for authenticating the OpenLDAP server to the client during the LDAPS setup and for enabling the SSL communication tunnel between the client and the server. As an option, we can also use LDAPS for client authentication.

Having spent quite some time to make a TLS work, I thought this may be usefull to some :

Creating Self CA certificate:

1, Create the  ldapclient-key.pem private key :

openssl genrsa -des3 -out ldapclient-key.pem 1024

2, Create the ldapserver-cacerts.pem certificate :

openssl req -new -key ldapclient-key.pem -x509 -days 1095 -out ldapserver-cacerts.pem

Creating a certificate for server:

1, Create the ldapserver-key.pem private key

openssl genrsa -out ldapserver-key.pem

2, Create a server.csr certificate request:

openssl req -new -key ldapserver-key.pem -out server.csr

3, Create the ldapserver-cert.pem certificate signed by your own CA :

openssl x509 -req -days 2000 -in server.csr -CA ldapserver-cacerts.pem -CAkey ldapclient-key.pem -CAcreateserial -out ldapserver-cert.pem

4, Create CA copy for the client:

cp -rpf ldapserver-cacerts.pem   ldapclient-cacerts.pem

Now configure the certificates in slapd.conf, the correct files must be copied on each server:

TLSCACertificateFile /etc/openldap/certs/ldapserver-cacerts.pem
TLSCertificateFile /etc/openldap/certs/ldapserver-cert.pem
TLSCertificateKeyFile /etc/openldap/certs/ldapserver-key.pem
TLSCipherSuite HIGH:MEDIUM:+SSLv2

# personnally, I only check servers from client.
# If you do, add this :
TLSVerifyClient never

Configure certificate for ldap clients

Key : ldapclient-key.pem
Crt : ldapclient-cert.pem

HowTo: Manage Sudo users commands and previleges

Posted on

If you want to prevent users from executing a specific command have a look at this.

ssh ALL=(user1) ALL, !/usr/bin/passwd 

Add users and use specific commands

#includedir /etc/sudoers.d

User_Alias JAVATEAM = fileupuser
Cmnd_Alias JUSERCMD =/etc/init.d/tomcat,/usr/bin/tail
JAVATEAM ALL = NOPASSWD : JUSERCMD
User_Alias ADMINTEAM = innouser
Cmnd_Alias SYSTEM =/sbin/service,/usr/sbin/ss,/bin/df,/usr/bin/du,/usr/bin/top,/bin/netstat,/usr/sbin/lsof,/bin/ps,/sbin/chkconfig
Cmnd_Alias FILEM =/bin/zcat,/usr/bin/tail,/bin/cat,/bin/grep
Cmnd_Alias COMPRESS =/usr/bin/unzip,/usr/bin/bzip2,/usr/bin/zip,/bin/tar
ADMINTEAM ALL = NOPASSWD : SYSTEM,FILEM,COMPRESS

this could be understand the logic easily.

Howto: Android_device_enable_rooting

Posted on Updated on

Download packages:

Kingo-compactable devices : http://www.kingoapp.com/android-root/devices.htm

Kingo-ROOT download : http://www.kingoapp.com/index.htm

Step one: Download and install Kingo Android Root into the PC.

ROOT-2

Step two: Enable USB debugging mode on your phone. If it’s running Android 4.0 or 4.1, tap Settings, Developer Options, then tick the box for “USB debugging.” (You may need to switch “Developer options” to On before you can do so.) On Android 4.2, tap Settings, About Phone, Developer Options, and then tick USB debugging.” Then tap OK to approve the setting change.
On Android 4.3 and later (and some versions of 4.2), tap Settings, About Phone, then scroll down to Build Number. Tap it seven times, at which point you should see the message, “You are now a developer!”

Step three: Run Android Root on your PC, then connect your phone via its USB cable. Make sure Device compactable USB driver installed,

ROOT-1

Step four: Click Root and wait for couple of minutes to complete, including the automated reboot at the end.