|
|
Sending SMS Notifications From Nagios
In my last article I have discuses how to install Gnokii for sending/receiving SMS from your computer. Today I’ll explain how we are using Gnokii + Nagios for sending SMS notifications to our cell phones. Its a great way to get notify of the problems while on road.
I assume that you have working Nagios and its monitoring the devices in your infrastructure and sending notifications via Email and you are looking how to get these problem notifications on your phones.
Gnokii is also working and you can send SMS from CLI.
Lets cut it short and back to actual business.
In my setup we have Nagios and Gnokii install on same host running Centos 5.4, but it can easily be followed for any other Linux distro or even with setup where Gnokii is install on separate host.
1. Make sure you can send SMS from CLI with “gnokii –sendsms +92xxxxx” using root or the user under which Nagios process is running normally its ‘nagios’ user, sending under nagios user requires to add nagios to groups which have permission to access the device files.
a) So add nagios to ‘uucp’ group (you can do this with usermod command)
Gnokii also acquire a lock under /var/lock
b) So add nagios user to ‘lock’ group also.
su to nagios user and send sms from CLI using gnokii –sendsms, when it works move forward for defining commands.
2. Define command for send notification via SMS in commands.cfg
# ‘notify-service-by-sms’ command definition
define command{
command_name notify-service-by-sms
command_line /usr/bin/printf “%.120s” “*** Nagios Alert*** $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$” | /usr/local/bin/gnokii –sendsms $CONTACTPAGER$
}
# ‘notify-host-by-sms’ command definition
define command{
command_name notify-host-by-sms
command_line /usr/bin/printf “%.120s” “*** Nagios Alert*** $NOTIFICATIONTYPE$ : Host $HOSTALIAS$ is $HOSTSTATE$” | /usr/local/bin/gnokii –sendsms $CONTACTPAGER$
}
3. Modify contacts.cfg and add or modify a contact by calling new commands
define contact{
contact_name askarali
use generic-contact
alias Askar Ali Khan
email emailaddress
pager +92xxxxxx
service_notification_commands notify-service-by-email,notify-service-by-sms
host_notification_commands notify-host-by-email,notify-host-by-sms
}
The key in the contact detail is the service/host notifications commands
service_notification_commands notify-service-by-email,notify-service-by-sms
host_notification_commands notify-host-by-email,notify-host-by-sms
I have configured a contact so that he can receive notifications via Email ‘notify-service-by-email’ as well as via SMS ‘notify-service-by-sms’
That’s all, finally reload nagios, before reload better to run syntax check
‘nagios -v PathTo nagios.cfg’
and then reload
/etc/init.d/nagios reload
Now Nagios will send SMS notifications on your phone whenever there is problem with any host/service which being monitor with Nagios.
I hope this could help.
TOP 10 largest file
# find /var -type f -ls | sort -k 7 -r -n | head -10
FIND FILES MORE THAN 5Gb
# find /var/log/ -type f -size +5120M -exec ls -lh {} \;
Find all temp files older than a month and delete:
# find /usr/home/admin/Maildir/new -mtime +30-type f | xargs /bin/rm -f
# find /usr/local/apache -mtime +30-type f | xargs /bin/rm -f
# find /usr/home/admin/Maildir/new -mtime +30-type f | xargs /bin/rm -f
# find /usr/local/apache* -type f -mtime +30 -exec rm ‘{}’ ‘+’
# find /home/ksucre/Maildir/new/ -mtime +50-type f | xargs /bin/rm -f
# find /usr -size +5000M
To find files older than, for example, 10 days.
# find /home/user1/Maildir/new -mtime +10
Find files older than, say, 30 minutes:
# find /tmp -mmin +30
Remove files older than x days like this
# find /path/* -mtime +x -exec rm {} \;
Postfix – whitelisting and spf filtering
The whitelist will allow me to manually allow any mail servers to bypass the spf filtering and RBL(Real-time Blacklists) lists.
What does SPF filtering do? Suppose a spammer forges a Hotmail.com address and tries to spam you. They connect from somewhere other than Hotmail. When his message is sent, you see MAIL FROM: , but you don’t have to take his word for it. You can ask Hotmail if the IP address comes from their network.
(In this example) Hotmail publishes an SPF record. That record tells you how to find out if the sending machine is allowed to send mail from Hotmail. If Hotmail says they recognize the sending machine, it passes, and you can assume the sender is who they say they are. If the message fails SPF tests, it’s a forgery. That’s how you can tell it’s probably a spammer.
Now time to start setting everything, for the spf filtering we need to install a few packages so start with
yum –enable epel install python-dns python-pydns
we also need “pyspf”. check for any updates from here
Then install it, you need to be the root user (change the version numbers if theirs an update)
#wget http://sourceforge.net/projects/pymilter/files/pyspf/pyspf-2.0.5/pyspf-2.0.5.tar.gz/download
#tar xvfz pyspf-2.0.5.tar.gz
#cd pyspf-2.0.5/
#python setup.py build
#python setup.py install
Finally we need “pypolicyd-spf”. check for any updates from here
Then install it, you need to be the root user (change the version numbers if theirs an update)
#wget http://launchpad.net/pypolicyd-spf/0.8/0.8.0/+download/pypolicyd-spf-0.8.0.tar.gz
#tar xvfz pypolicyd-spf-0.8.0.tar.gz
#cd pypolicyd-spf-0.8.0/
#python setup.py build
#python setup.py install
Now everything is install I need to tell postfix to use it. Since i use Webmin i just navigate to “servers”, “Posfix Mail server” then click “Edit Config Files” or manually edit “/etc/postfix/main.cf”
Now find “smtpd_recipient_restrictions = “, and add “check_client_access hash:/etc/postfix/rbl_override_whitelist, check_policy_service unix:private/policyd-spf,” after “reject_unauth_destination,”
It is important that you add it AFTER reject_unauth_destination or else your system can become an open relay!
It should look like this.
smtpd_recipient_restrictions = permit_mynetworks, permit_inet_interfaces, permit_sasl_authenticated, reject_unauth_pipelining, reject_invalid_hostname, reject_non_fqdn_hostname, reject_unknown_recipient_domain, reject_unauth_destination, check_client_access hash:/etc/postfix/rbl_override_whitelist, check_policy_service unix:private/policyd-spf, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, permit
Now I need to edit “/etc/postfix/master.cf”. Since i use Webmin i just navigate to “servers”, “Posfix Mail server” then click “Edit Config Files” and select “master.cf” from the drop box at the top.
Now i add at the end
policyd-spf unix – n n – 0 spawn
user=nobody argv=/usr/bin/policyd-spf
The leading spaces before user=nobody are important so Postfix knows this line belongs to the previous one.
The last thing i need to do is create the whitelist file, so login as root
#cd /etc/postfix
#vi /etc/postfix/rbl_override_whitelist
Then add all ip addresses or hostname that you want whitelisted (one per line only)
here what it should look like
1.2.3.4 OK
mail.example.net OK
After you create/modify the file you need to run
#postmap /etc/postfix/rbl_override_whitelist
Finally restart postfix
#/etc/init.d/postfix restart
Now send a test message from an external email account to test, if the email doesn’t arrive check the logs for any errors (something you should do regularly anyway).
Hopefully everything is working fine and you should start seeing a drop in forged emails, don’t forget to create a spf record for your domain so other servers can check your emails. There is a easy to use wizard to help create the record for you.
This is what my record looks like
v=spf1 a ip4:195.242.236.240 ip4:85.234.148.232/30 ip4:85.234.148.236 ip6:2001:470:1f09:d2b::/64 ip6:2001:470:1f09:81e::/64 -all
It basically lists all the ip address that are allowed to send email for my domain and says reject everything else.
If you wanna check if a particulate site has an spf record or you want to check if its working correctly, you can check from http://www.kitterman.com/spf/validate.html
Postfix – Blocking spam before it enters the server
Posted in DNSBL E-mail E-mail spam Extended SMTP Mail transfer agents Postfix Spam filtering
When i first setup the server part 1 and part 2 i used the basic setting for postfix but soon found that i could reduce the amount of spam and load on the server by rejecting it before accepting it, i will do this by forcing mail servers that wanna deliver mail to me to be configured correctly and by using a few RBL (Real-time Blacklists).
Since i use Webmin i just navigate to “servers”, “Posfix Mail server” then click “Edit Config Files” or manually edit “/etc/postfix/main.cf”
Below is my new config file – obviously change the IP’s to your IP’s and the domains to yours.
########################################################
inet_protocols = all
inet_interfaces = 127.0.0.1, 192.168.0.200, [2001:470:1f09:d2b::220], [::1]
smtp_bind_address = 192.168.0.200
smtp_bind_address6 = [2001:470:1f09:d2b::220]
myorigin = $mydomain
mynetworks = 127.0.0.0/8, 192.168.0.200, [2001:470:1f09:d2b::/64], [::1/128]
myhostname = mail.example.com
mydomain = example.com
mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost
virtual_alias_domains = example.co.uk, example2.com, example3.com, example2.co.uk
virtual_alias_maps = hash:/etc/postfix/virtual
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_hostname, reject_invalid_hostname, permit
smtpd_sender_restrictions =permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit
smtpd_recipient_restrictions = permit_mynetworks, permit_inet_interfaces, permit_sasl_authenticated, reject_unauth_pipelining, reject_invalid_hostname, reject_non_fqdn_hostname, reject_unknown_recipient_domain, reject_unauth_destination, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, permit
policyd-spf_time_limit = 3600
smtpd_client_restrictions = permit_tls_all_clientcerts, reject_unauth_pipelining
2bounce_notice_recipient = webmaster@example.com
error_notice_recipient = webmaster@example.com
bounce_notice_recipient = webmaster@example.com
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_tls_key_file = /etc/postfix/ssl/key.pem
smtpd_tls_cert_file = /etc/postfix/ssl/mail.example.com.pem
smtpd_tls_CAfile = /etc/postfix/ssl/sub.class1.server.ca.pem
smtpd_error_sleep_time = 5s
smtp_use_tls = yes
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_use_tls = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
disable_vrfy_command = yes
unknown_client_reject_code = 550
unknown_hostname_reject_code = 550
unknown_address_reject_code = 550
some people might say this is quite restrictive as it will block any mail server that is mis-configured or using a dynamic ip, or been blocked for sending spam but i have found it blocks 95% of the spam i was receiving beforehand without using a spam filter (thus reducing the load on the server) and i haven’t seen any downsides as all legit mail is getting through fine.
I’ll try and explain what the main changes are. There are 3 main sections I changed “smtpd_helo_restrictions”, “smtpd_sender_restrictions” and “smtpd_recipient_restrictions”
smtpd_sender_restrictions =permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit
This allows my networks and users that have authenticated themselves to connect but blocks any servers that haven’t configured a valid hostname for there mail server (should always use a proper domain name i.e. myhostname = mail.example.com) and also stops people trying to relay mail through my server.
smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_hostname, reject_invalid_hostname, permit
When mail servers communicate with each other they say hello and identify themselves, this setting allows my networks to connect but blocks any servers that haven’t configured a valid hostname for there mail server (should always use a proper domain name i.e. myhostname = mail.example.com)
smtpd_recipient_restrictions = permit_mynetworks, permit_inet_interfaces, permit_sasl_authenticated, reject_unauth_pipelining, reject_non_fqdn_hostname, reject_unknown_recipient_domain, reject_unauth_destination, reject_invalid_hostname, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, permit
This setting does the same as the above commands except it rejects mail servers that have been listed on RBL (Real-time Blacklists) you can google for more RBL lists but these do just fine for me.
I use dnsbl.sorbs.net, zen.spamhaus.org and bl.spamcop.net
If you want a more detailed explanation of what each option does have a read of Postfix Configuration Parameters it lists every option going.
I have also setup SPF checking and a white-list just in-case a valid email server gets on the RBL list. SPF can be studied in previous article.
1. list content of file myfile
# [localhost@localhost ~] $ cat myfile
apple
orange
mango
banana
GUAVA
ra dish
pineapple
2. delete the first line of the file
# [localhost@localhost ~] $ sed ‘1d’ myfile
orange
mango
banana
GUAVA
ra dish
pineapple
3. delete the third line of the file
# [localhost@localhost ~] $ sed ‘3d’ myfile
apple
orange
banana
GUAVA
ra dish
pineapple
4. delete the last line of the file
# [localhost@localhost ~] $ sed ‘$d’ myfile
apple
orange
mango
banana
GUAVA
ra dish
5. delete the 2nd and 4th line of the file
# [localhost@localhost ~] $ sed ‘2,4d’ myfile
apple
banana
GUAVA
ra dish
pineapple
6. delete except the 2nd and 4th line of the file
# [localhost@localhost ~] $ sed ‘2,4!d’ myfile
orange
mango
7. delete the 1st and last line of the file
# [localhost@localhost ~] $ sed ‘1d;$d’ myfile
orange
mango
banana
GUAVA
ra dish
8. delete all lines beginning with character ‘a’
# [localhost@localhost ~] $ sed ‘/^a/d’ myfile
orange
mango
banana
GUAVA
ra dish
pineapple
9. delete all lines ending with character ‘e’
# [localhost@localhost ~] $ sed ‘/e$/d’ myfile
mango
banana
GUAVA
ra dish
10. delete all lines ending with either ‘e’ or ‘E’
# [localhost@localhost ~] $ sed ‘/# [eE] $/d’ myfile
mango
banana
GUAVA
ra dish
11. delete all the blank lines
# [localhost@localhost ~] $ sed ‘/^$/d’ myfile
apple
orange
mango
banana
GUAVA
ra dish
pineapple
12. delete all lines which are entirely in UPPER CASE or CAPITAL LETTER
# [localhost@localhost ~] $ sed ‘/^# [A-Z]*$/d’ myfile
apple
orange
mango
banana
ra dish
pineapple
13. delete all lines containing the pattern ‘an’
# [localhost@localhost ~] $ sed ‘/an/d’ myfile
apple
GUAVA
ra dish
pineapple
14. delete all lines not containing the pattern ‘an’
# [localhost@localhost ~] $ sed ‘/an/!d’ myfile
orange
mango
banana
15. delete all lines containing the pattern ‘an’ or ‘le’
# [localhost@localhost ~] $ sed ‘/an\|le/d’ myfile
GUAVA
ra dish
16. delete lines starting from 1st until meeting the PATTERN ‘banana’
# [localhost@localhost ~] $ sed ‘1,/banana/d’ myfile
GUAVA
ra dish
pineapple
17. delete lines meeting the PATTERN ‘banana’ till the LAST line
# [localhost@localhost ~] $ sed ‘/banana/,$d’ myfile
apple
orange
mango
18. delete the last line only if it contains the PATTERN ‘apple’
# [localhost@localhost ~] $ sed ‘${/apple/d;}’ myfile
apple
orange
mango
banana
GUAVA
ra dish
See the list of interfaces on which tcpdump can listen
# /usr/sbin/tcpdump -D
Listen on any available interface
# /usr/sbin/tcpdump -i any
Verbose Mode
# /usr/sbin/tcpdump -v
# /usr/sbin/tcpdump -vv
# /usr/sbin/tcpdump -vvv
# /usr/sbin/tcpdump -q
Limit the capture to an number of packets N
# /usr/sbin/tcpdump -c N
Display IP addresses and port numbers when capturing packets
# /usr/sbin/tcpdump -n
Capture any packets where the destination host is 192.168.0.1, display IP addresses and port numbers
# /usr/sbin/tcpdump -n dst host 192.168.0.1
Capture any packets where the source host is 192.168.0.1, display IP addresses and port numbers
# /usr/sbin/tcpdump -n src host 192.168.0.1
Capture any packets where the source or destination host is 192.168.0.1, display IP addresses and port numbers
# /usr/sbin/tcpdump -n host 192.168.0.1
Capture any packets where the destination network is 192.168.10.0/24, display IP addresses and port numbers
# /usr/sbin/tcpdump -n dst net 192.168.10.0/24
Capture any packets where the source network is 192.168.10.0/24, display IP addresses and port numbers
# /usr/sbin/tcpdump -n src net 192.168.10.0/24
Capture any packets where the source or destination network is 192.168.10.0/24,display IP addresses and port numbers
# /usr/sbin/tcpdump -n net 192.168.10.0/24
Capture any packets where the destination port is 23, display IP addresses and port numbers
# /usr/sbin/tcpdump -n dst port 23
Capture any packets where the destination port is is between 1 and 1023 inclusive, display IP addresses and port numbers
# /usr/sbin/tcpdump -n dst portrange 1-1023
Capture only TCP packets where the destination port is is between 1 and 1023 inclusive,display IP addresses and port numbers
# /usr/sbin/tcpdump -n tcp dst portrange 1-1023
Capture only UDP packets where the destination port is is between 1 and 1023 inclusive, display IP addresses and port numbers
# /usr/sbin/tcpdump -n udp dst portrange 1-1023
Capture any packets with destination IP 192.168.0.1 and destination port 23,display IP addresses and port numbers
# /usr/sbin/tcpdump -n “dst host 192.168.0.1 and dst port 23”
Capture any packets with destination IP 192.168.0.1 and destination port 80 or 443,display IP addresses and port numbers
# /usr/sbin/tcpdump -n “dst host 192.168.0.1 and (dst port 80 or dst port 443)”
Capture any ICMP packets
# /usr/sbin/tcpdump -v icmp
Capture any ARP packets
# /usr/sbin/tcpdump -v arp
Capture either ICMP or ARP packets
# /usr/sbin/tcpdump -v “icmp or arp”
Capture any packets that are broadcast or multicast
# /usr/sbin/tcpdump -n “broadcast or multicast”
Capture 500 bytes of data for each packet rather than the default of 68 bytes
# /usr/sbin/tcpdump -s 500
Capture all bytes of data within the packet
# /usr/sbin/tcpdump -s 0
Monitor all packets on eth1 interface
# /usr/sbin/tcpdump -i eth1
Monitor all traffic on port 80 ( HTTP )
# /usr/sbin/tcpdump -i eth0 ‘port 80’
Monitor all traffic on port 25 ( SMTP )
# /usr/sbin/tcpdump -vv -x -X -s 1500 -i eth0 ‘port 25’
Capture only N number of packets using tcpdump -c
# /usr/sbin/tcpdump -c 2 -i eth0
Display Captured Packets in ASCII using tcpdump -A
# /usr/sbin/tcpdump -A -i eth0
Display Captured Packets in HEX and ASCII using tcpdump -XX
# /usr/sbin/tcpdump -XX -i eth0
Capture the packets and write into a file using tcpdump -w
# /usr/sbin/tcpdump -w data.pcap -i eth0
.pcap is extension
Reading the packets from a saved file using tcpdump -r
# /usr/sbin/tcpdump -tttt -r data.pcap
Capture packets with IP address using tcpdump -n
# /usr/sbin/tcpdump -n -i eth0
Capture packets with proper readable timestamp using tcpdump -tttt
# /usr/sbin/tcpdump -n -tttt -i eth0
Read packets longer than N bytes
# /usr/sbin/tcpdump -w data.pcap greater 1024
Read packets lesser than N bytes
# /usr/sbin/tcpdump -w data1024.pcap less 1024
Receive only the packets of a specific protocol type
# /usr/sbin/tcpdump -i eth0 arp
Receive packets flows on a particular port using tcpdump port
# /usr/sbin/tcpdump -i eth0 port 22
Capture packets for particular destination IP and Port
# /usr/sbin/tcpdump -w data.pcap -i eth0 dst 10.181.140.216 and port 22
Capture TCP communication packets between two hosts
# /usr/sbin/tcpdump -w data.pcap -i eth0 dst 16.181.170.246 and port 22
Tcpdump Filter Packets – Capture all the packets other than arp and rarp
# /usr/sbin/tcpdump -i eth0 not arp and not rarp
To Check Postfix Queue
#mailq
To Check Sasl Auth
#tail -f /var/log/messages|grep sasl
To Check Posfix Logs
#tail -f /var/log/maillog|grep postfix
List of domains that are being deferred
#qshape-maia -s deferred
Checking Specific Mail From Queue
—————————————
To view the full mails
#postcat -q D5EB71AEA45
If you an error postcat: fatal: open queue file D5EB71AEA45: No such file or directory, Then it means mail has been delivered or removed using postsuper
If you want to remove specific mail from queue
#postsuper -d D5EB71AEA45
Sorting Queued Mails By From Address:
# mailq | awk ‘/^[0-9,A-F]/ {print $7}’ | sort | uniq -c | sort -n
Removing Mails Based On Sender Address
# mailq| grep ‘^[A-Z0-9]’|grep peggysj@msn.com|cut -f1 -d’ ‘ |tr -d \*|postsuper -d –
or, if you have put the queue on hold, use
# mailq | awk ‘/^[0-9,A-F].*capitalone@mailade.com/ {print $1}’ | cut -d ‘!’ -f 1 | postsuper -d –
to remove all mails being sent using the From address “capitalone@mailade.com”.
if you want to remove all mails sent by the domain msn.com from the queue
#mailq| grep ‘^[A-Z0-9]’|grep @msn.com|cut -f1 -d’ ‘ |tr -d \*|postsuper -d –
SIMPLE INCREMENTAL BACKUP USING rsync COMMAND
Backups can be classified to two types.They are
1)Full backup
The entire data will be backup will be taken every time
2)Incremental backup
Incremental backup take the full backup at the first time ,from the second time it will compare the files in first backup and the files in the directory which backup to be taken and only copy the modified files .
rsync
The rsync utility allows you to copyfrom local sysstem to a remote system or copy between two local directories .If the files exist in the destination directory ,rsync only copy the differences in the file,this property of rsync make it ideal for incremental backup
here is the syntax for rsync
rsync [options] [source folder] [Destination]
Example
rsync -azv /etc/sysconfig /backup/
In the above example the entire sysconfig directory will be copied to /backup folder when firsttime we run this command ,from second time onwards rsync checks the files in folder /backup with /etc/sysconfig and only copy the differnce in sysconfig file to /backup folder…
linux log files, location and description
Linux stores logs of almost everything from user accounting to system halts. These logs are always useful to debug problems or track the loophole of any configurations. Logs are the records of system activity to assure the faults, traffic activities, configuration logs, user activity logs. Main Linux log files are situated at /var/logs by default. While it is also possible to define the log file in a custom path in the configuration files and this is usually not recommended. Major log files in Linux are described below.
/var/log/messages ——–>contains standard I/O logs, DNS logs, DHCP, NFS, NIS
/var/log/boot.log ——–>contains boot time logs about system shutdown, reboot
/var/log/dmesg ——–>hardware specific logs
/var/log/xferlog ——–>logs of FTP actities includes uploads, downloads, user processes
/var/log/samba ——–>logs of samba services(windows)
/var/log/httpd/* ——–>logs of all web activities, apache web server
/var/log/secure ——–>logs of SSH, telnet and authentication services
/var/log/cups/* ——–>logs of print activities
/var/log/cron ——–>logs of system activities from cron jobs
/var/log/xorg/* ——–>GUI related logs
/var/log/auth.log ——–>Authentication related logs
/var/log/kern.log ——–>Kernel logs
/var/log/maillog ——–>mail server logs
/var/log/mysqld.log ——–>logs from mysql activities
var/log/yum.log ——–>logs of yum activities includes packages downloads
Besides these, log files are created automatically after each package configurations.
MySQL, MariaDB has been known to be a drop-in replacement that brings enhancements and performance optimizations over MySQL. This tutorial will show you how to install MariaDB onto CentOS 7 in two different ways.
Step 1: Download/install MariaDB
Install from repository
MariaDB is shipped in the CentOS repo as of CentOS 7. Anything lower will need require you to add the additional repository to your server. Run the following command on your server:
yum update -y
yum install mariadb-server
You may also need to finish the installation by running:
/usr/bin/mysql_secure_installation
This will install MariaDB and walk you through the process of setting up your root password.
Manual install from MariaDB mirror (latest version)
This should be straightforward. You will need to create a file in /etc/yum.repos.d/and add the following:
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.0/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
Once the file is created, run the following commands:
yum update -y
yum install MariaDB-server MariaDB-client
You can then finish the installation by running:
/usr/bin/mysql_secure_installation
If everything was successful, proceed to the next step.
Step 2: Verify that MariaDB is operational
Depending on if you are using the default Vultr image of CentOS 7 or if you are using a Custom ISO, you may need to manually start MariaDB and enable it to start on boot of the server. To do so, run:
systemctl start mariadb.service
systemctl enable mariadb.service
You can check to see if everything is running by executing the following command:
systemctl is-active mariadb.service
After installation, run mysql -u root -p. Enter your password when prompted. You will see output similar to the following:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is XXXX
Server version: 5.5.X
Copyright (c) 2000, 2014, Oracle, Monty Program Ab and others.
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.
MariaDB [(none)]>
Congratulations, you have successfully installed MariaDB on CentOS 7
Read more at: https://www.vultr.com/docs/install-mariadb-on-centos-7
|
|
Recent Comments