How to set ACL in linux | Redhat Fedora Linux File | Partition Access control configuration

How to set ACL Permission in Redhat Linux

Step 1

Enable ACL support on the partition.
Edit /etc/fstab file and change the default parameter to rw,acl
If we want to enable acl for /home

LABEL=/                 /                       ext3    defaults        1 1
LABEL=/boot             /boot                   ext3    defaults        1 2 
LABEL=/home             /home                   ext3    rw,acl          1 2
LABEL=/tmp              /tmp                    ext3    defaults        1 2
LABEL=/usr              /usr                    ext3    defaults        1 2
LABEL=/var              /var                    ext3    defaults        1 2
/dev/hda8               swap                    swap    defaults        0 0
/dev/hdd1               /Data                   ext3    ro,noatime      1 2
LABEL=/XFS              /XFS                    xfs     rw,noatime      0 2

Reboot the system. If the partition is not in use, you can unmount and remount the partition

#sudo umount /home
#sudo mount /home

Step 2

Create user and group

#useradd user1
#groupadd group1
#usermod -a -G group1 user1

Step 3

Default ACL

Now you can enable ACL by using setfacl command

#mkdir /home/folder1
#chgrp group1 /home/folder1
#chmod g+w /home/folder1
#setfacl --set u::rwx,g::r-x,o::- /home/folder1

To set ACL 
#setfacl -d --set u::rwx,u:user1:rwx,g::rx,g:group1:rx,o::- /home/folder1

To view the acl
# getfacl /home/folder1/

# file: home/folder1/
# owner: root
# group: group1


MySql Installation Procedure On Linux Command Line Yum Step By Step

How To Install Mysql On Linux through Command Line

There are multiple ways to install mysql on Linux machine

Installing through Yum:

If your server is on internet and yum repository is enabled, then you can install directly by runing the below command on linux console.

#yum install -y mysql-server

mysql-server x86_64 5.1.47-2.fc12
Installing for dependencies:
perl-DBD-MySQL x86_64 4.016-1.fc12
perl-DBI x86_64 1.609-3.fc12
Updating for dependencies
mysql x86_64 5.1.47-2.fc12
mysql-libs x86_64 5.1.47-2.fc12

Installing from RPM:

Download the latest mysql-server rpm from
You may need to download and install the dependency packages (mysql-libs, mysql, perl-DBD-MySQL, perl-DBD )before installing mysql-server
Transfer the downloaded file to the server using winscp or some other file transfer method

#rpm -ivh mysql-libs* mysql* perl-DBD-MySQL* perl-DBD*
#rpm -ivh mysql-server*

Initial Configurations:

After installing the mysql using one of the above method, you can start mysql with the default my.cnf settings

#service mysqld start
To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system
/usr/bin/mysqladmin -u root password 'new-password'
Alternatively you can run:

Default my.cnf file

# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).

# Disabling symbolic-links is recommended to prevent assorted security risks;
# to do so, uncomment this line:
# symbolic-links=0

# To allow mysqld to connect to a MySQL Cluster management daemon, uncomment
# these lines and adjust the connectstring as needed.


# If you are running a MySQL Cluster storage daemon (ndbd) on this machine,
# adjust its connection to the management daemon here.
# Note: ndbd init script requires this to include nodeid!

# connection string for MySQL Cluster management tool

How to reSet mysql root password:

By default there will be no password set for mysql admin (root). Now you can set root password using the below command 
#/usr/bin/mysqladmin -u root password 'new-password'
#mysqladmin -u root password mysqlpasswd
Now you can login to mysql server using the below commands
#mysql -u root -p
Related Articles:
How to create database
How to reset root password

Free it help desk inventory software | inventory management | help desk

Best free IT Helpdesk and Inventory Management software

I was searching for a free IT helpdesk and Inventory Management software for more than few years. I have tried IRM, exoPhpdesk, spiceworks and free demo helpdesk software's.  But I was not happy with the features. Then I found GLPI from I was quiet impressed by the futures available in this software. It got almost all the functionalists offered by the commercial help-desk software's. I have been using GLPI successfully for more that four years. I can say  this is the best open-source IT helpdesk and Inventory Management software in the industry
You can download the software form official GLPI webiste
Installation Procedure

License -  GPL licence
Features list of GLPI


  • Multi-entities management (multi-park, multi-structure)
  • Multi-users management
  • Multiple Authentication System (local, LDAP, AD, Pop/Imap, CAS, x509...) and multiple servers
  • Multilingual management (22 languages available )
  • Permissions and profiles system
  • Cache and Pagination system
  • Complex search module
  • Bookmark search system
  • Configurability of display fields in lists
  • Export System in PDF, CSV and SLK (spreadsheet)
  • Saving/restoration module of the database to the SQL format
  • Exportation of the database to the XML format
  • Configurable dropdowns
  • Dictionary
  • System of notifications on events (consumable stock, expiry of contracts and licenses)
  • Updates check system
  • UTF8 interface
  • HTML 4.01 compatibility
  • Import data of the inventory from one or several OCS Inventory NG servers
  • Inventory of the computers fleet with management of its components, disk space and TCO management
  • Inventory of the monitors with management of the connections to the computers
  • Inventory of the network hardware fleet with management of the connections to the devices (IP, Mac addresses, VLANs...).
  • Inventory of printers fleet with management of connections to the computers and management of consumable associated and consumption and the thresholds of alarm.
  • Inventory of the external devices (scanners, graphical tables...) with management of the connections to the computers Inventory of the telephones fleet with management of connections to the computers
  • Inventory if the software fleet with license and expiration dates management
  • Assignment of the hardware by geographic area (room, floor...)
  • Typing models management to make the insertion of equal configurations easier
  • Commercial and financial Information management (purchase, guarantee and extension, damping)
  • Filing of the materials left the inventory
  • Management of the status of the hardwares
  • Management of the various states for the materials (in repair...) Management of generic peripherals and monitors being able to be associated several computers
  • Management of external bonds towards other applications
  • History of the modifications on the elements of the inventory
  • Management of the tracking requests for all the types of material of the inventory
  • Tracking requests opened using web interface or email
Final user
  • Final user frontend for intervention demand
  • Mail tracking of the intervention demand feature
  • Interventions history consultation
  • Possibility of adding comments at the request of intervention using web interface or email
  • Interventions demands priority management
  • Tracking of interventions demands
  • Mail tracking of interventions
  • Assignment of interventions demands
  • Opening/Closing/Re-opening of interventions
  • Assignment of a real time of interventions
  • History of done interventions
  • Displaying of the interventions to do by a technician
  • Displaying of the history of the interventions for a given hardware
  • Posting of the interventions to be realized by technician
  • Posting of the history of the interventions for a given material
  • Management of planning of intervention
  • Statistics reports by month, year, total.
  • Global
  • By technician or enterprise
  • By hardware, location or type
  • By user
  • By category
  • By priority
  • Management of enterprises (manufacturers, suppliers, conveyors, people receiving benefits...) and associated contacts
  • Management of the contracts (loan, hiring, leasing, insurance, maintenance and service)
  • Management of the documents related to the elements of inventories, contracts...
  • Management of the types of authorized documents
  • Management of the reservations for the material in affected inventory with the park of loan
  • User interface (calendar) for reservation
Knowledge Database
  • Management of a basic system of knowledge hierarchical
  • Management of a public FAQ
  • Reports generation about the devices
  • By device-type
  • By associated contract
  • By commercial informations
  • Network Reports

Squid IP based access control How to Configure

How to configure squid IP based access control

To configure Squid ip based access confrol
Define the ACL allowedip and allow them in the http_access

acl allowedip src
acl deniedip src
http_access deny deniedip
http_access allow allowedip

How to Accept or Reject Sendmail incoming Email from Specific Domains, ip address, email ID

How to Accept or Reject Sendmail incoming Email from Specific Domains / ip address /email IDS

To accept or reject mails from specific domains, email address just Edit the access DB and add the IP address you want to block

#vim  /etc/mail/access                OK   OK       OK            DISCARD            DISCARD         REJECT                DISCARD              DISCARD              DISCARD             DISCARD        DISCARD         DISCARD           DISCARD           DISCARD               DISCARD           DISCARD             DISCARD         DISCARD                DISCARD

Save the settings and restart Sendmail or MailScanner service

Linux iptables configuration for Symantec Backup Exec

Linux iptables configuration for Symantec Backup Exec

Below you can find how to enable the backup exec agent ports on Linux iptables configuration.

By default Symantec backup exec will be running on dynamic ports . So we have to manually configure the dynamic port range in the backup exec server.
To configure the dynamic port range manually, follow the below steps.

In the symantec backup exec go to 
Tools -- Options --  Network Security and check Enable remote agent TCP dynamic port range
and specify the ports range manualy . Port range 31821-32829

Linux iptables configuration for Symantec Backup Exec

Restart the backup exec server

Now  login to the linux machine and enable access for this port range (31821-32829) and the Backup Exec agent  VRTSralus which is running on the port 10000 (default port for VRTSralus). 
If webmin is running on the port 10000, edit /etc/webmin/miniserv.conf and change the default port to 10001

#iptables -A INPUT -p tcp --dport 10000 -j ACCEPT

#iptables -A INPUT -p tcp --dport 32821:32829 -j ACCEPT

 Now Save and restart iptables

 # iptables-save > /etc/sysconfig/iptablesor
#service iptables save

#service iptables restart

Also you can manually edit and /etc/sysconfig/iptables and add the below mentioned line

-A INPUT -p tcp -m tcp --dport  10000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport  32821:32829 -j ACCEPT 

For other document refer IPTABLES label

Not safe to rely on the system's timezone settings : Apache Error- Solved

Apache Error: not safe to rely on the system's timezone settings 

(php | wordpress | joomla | phpmyadmin | phpinfo | zabbix | drupal)

After Upgrading the PHP, following error message was coming in the httpd error_log log

PHP Error :

#tail -f /var/log/httpd/error_log

[Fri Jul 23 17:15:31 2010] [error] [client ] PHP Warning:  date() []: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Asia/Calcutta' for 'IST/5.0/no DST' instead in /IlohaMail/include/ on line 117, referer:


1. Locate the php.ini file - the default location is etc/php.ini

#vim /etc/php.ini
2. Search for 'timezone' in php.ini file
3. change
;date.timezone =
date.timezone = "America/New_York"
or whatever specific timezone you are in.

Free Meeting Room Booking Software

Free Meeting Room Booking Software

I have successfully installed and using Booked Scheduler for managing my conference halls and training rooms. This is a free software with the follwoing features.

Booked Scheduler:

phpScheduleIt is an Open Source web-based reservation and scheduling system, allowing users to register and then place reservations on any kind of resources, such as conference rooms, machines, computers, etc. The administrative side allows complete control over user permissions, resource data, reservation data, and is has many configurable settings.

General Info and Setup:

  1. OS and database independent. It will work on any system that supports PHP and any of the PEAR::DB supported databases.
  2. Supports multiple languages. Distributed with this package: English (US & GB), German, French, Spanish, Italian, Hungarian, Dutch, Finnish, Swedish and Turkish.
  3. Setup and update scripts are included to make installation painless.
  4. User database can be self-contained or authenticated through LDAP.
  5. The included help file guides users through all possible tasks.
  6. The included README describes all features and how to properly manage the system.

Administrative Features:

  1. Multiple schedules are supported with unique resources.
  2. Blackout times are easy to add and manage to restrict reservations.
  3. User permissions allow the administrator to decide on what resources users can place reservations. This feature can be turned on or off from the configuration file.
  4. Reservation minimum and maximum time limits can be set on a per-resource basis.
  5. Administrator has power to add and manage an unlimited number of resources. All which can be toggled active and inactive at any point.
  6. Administrator has control over all reservations and can browse, modify and delete any reservation in the system.
  7. Resources can be set to require administrator approval for all reservations using the resource.
  8. Mass email feature allows the administrator to send out a system-wide email to notify users of resource downtime or other important information.
  9. Administrators can search through the reservation database with a very flexible search tool. Search results can be viewed as HTML, plain-text, XML or CSV.
  10. Database data can be dumped to the screen in XML or CSV format.
  11. Administrators can view a bar graph showing reservation statistics.
  12. Complete logging feature logs all activity through the system.

User Features:

  1. Users can manage how and when they receive email notifications about their reservation activity.
  2. Recurring reservations and reservation summaries are completely supported.
  3. Support for multi-day reservations.
  4. Users can invite and manage reservation participants.
  5. Calendars can be viewed for the user, resource, or schedule in a day/week/month layout.
  6. A printer-formatted signup sheet can be printed for any resource.
  7. Schedule is GUI based with easy to identify reservations.

Configuration Options:

  1. Time format, database server, email program and much more can be set in the config file.
  2. The code is object-based and there is a strong attempt to maintain complete separation of business logic and presentation. This makes it easy to change the look and feel or functionality of the system. The provided phpDocumentor-generated documentation is complete and easy to follow for any PHP programmer.

GLPI ldap Authentication Setup

GLPI ldap Authentication Setup Procedure:

Login to GLPI through your favorite browser
Go to setup -> authentication
Click on LDAP , add
Enter the following details and click post

Name - my ldap server
Server - ip of ldap server (eg : dn - ou=people,dc=example,dc=com
surnamr - cn comments- description

 GLPI ldap Authentication Setup

Go to administration -> users
Click on LDAP link -> import new user -> import

This will import all the ldap users to glpi directory

can't open the mysql.plugin mysql_upgrade to create it Error: Solved

Mysqld error: can't open the mysql.plugin mysql_upgrade to create it - while starting


can't open the mysql.plugin mysql_upgrade to create it

After upgrading my fedora11 to fedora 12, mysqld server stopped working and I gets the following error at start up

100702 14:52:37 mysqld_safe mysqld from pid file /var/run/mysqld/ ended

100702 14:53:28 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
100702 14:53:28 [Note] Plugin 'ndbcluster' is disabled.
/usr/libexec/mysqld: Table 'mysql.plugin' doesn't exist
100702 14:53:28 [ERROR] Can't open the mysql.plugin table. Please run mysql_upgrade to create it.
100702 14:53:29  InnoDB: Started; log sequence number 0 44233
100702 14:53:29 [ERROR] /usr/libexec/mysqld: unknown option '--skip-bdb'
100702 14:53:29 [ERROR] Aborting

After removing the following obsolete config entries, mysqld started working

and run mysql_upgrade.


So I commented out:

Now i started MySQL

#service mysqld start
Starting MySQL:                                            [  OK  ]

Then I run mysql_upgrade

#mysql_upgrade  -uroot -p
#service mysqld restart
And now everything is working fine