nix Posts

Fixing MySql’s Error, “Cant create test file /folder/data/servername.lower-test” on RedHat OS

Had a very weird error starting my MySql after im moving MySql’s data folder from /var/lib/mysql to /folder/data on my RHEL 7 Server,

2017-03-23 11:50:52 2119 [Warning] Can't create test file /folder/data/servername.lower-test
2017-03-23 11:50:52 2119 [Warning] Can't create test file /folder/data/servername.lower-test
2017-03-23 11:50:52 2119 [ERROR] /usr/sbin/mysqld: Can't create/write to file 
    '/folder/data/servername.lower-test' (Errcode: 13 - Permission denied)

very very weird because im already change the ownership of my /folder data to mysql user, and still not working. I even chmod it to 777 for testing purpose, yet still no positive result. After a while i found out that my SELinux is blocking it, here is the command to unblock it.

[root@servername ~]# setenforce 0
[root@servername ~]# getenforce
Permissive

but the commands above only configure your SELinux until reboot. If you want to make it permanent, you could use this command,

[root@servername ~]# vi /etc/selinux/config 
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted  

Hope it helps others, cheers

Google+

Fixing Jasper Report Error, “Font ‘Arial’ is not available to the JVM.”

Yesterday, i had a weird error when deploying to my Red Hat machine. Somehow my pdf generated report is throwing exceptions, it said “Font ‘Arial’ is not available to the JVM.”. A little bit weird since on my development machine, everything is running well.

After i run this command,

fc-list | grep "Arial"

I found out that “Arial” font isnt installed on my RedHat server, a little bit tricky due to im unable to run “yum” command because the server is behind a network firewall. So my workaround is download a .rpm, and installed it manually. After several minutes googling, i found a very recommended .rpm installer.


http://www.mjmwired.net/resources/mjm-fedora-f11.html#ttf

I installed it using

 sudo rpm -ivh msttcore-fonts-2.0-3.noarch.rpm

And check my installed fonts

fc-list | grep "Arial"

Now i can see “Arial” fonts on my list of installed fonts on RedHat, restart my tomcat and my pdf reporting is running well again.

Here is the complete stacktrace of the error,

21:57:12,135 INFO  [stdout] (AsyncLogger-1) <2014-09-29 21:57:12,131>,[http-/0.0.0.0:80-94]>>[ERROR]Font 'Arial' is not available to the JVM. See the Javadoc for more details. net.sf.jasperreports.engine.util.JRFontNotFoundException: Font 'Arial' is not available to the JVM. See the Javadoc for more details.
21:57:12,135 INFO  [stdout] (AsyncLogger-1) 	at net.sf.jasperreports.engine.fonts.FontUtil.checkAwtFont(FontUtil.java:357)
21:57:12,135 INFO  [stdout] (AsyncLogger-1) 	at net.sf.jasperreports.engine.fill.SimpleTextLineWrapper.loadFont(SimpleTextLineWrapper.java:369)
21:57:12,135 INFO  [stdout] (AsyncLogger-1) 	at net.sf.jasperreports.engine.fill.SimpleTextLineWrapper.getGeneralFontInfo(SimpleTextLineWrapper.java:339)
21:57:12,135 INFO  [stdout] (AsyncLogger-1) 	at net.sf.jasperreports.engine.fill.SimpleTextLineWrapper.createFontInfo(SimpleTextLineWrapper.java:279)
21:57:12,135 INFO  [stdout] (AsyncLogger-1) 	at net.sf.jasperreports.engine.fill.SimpleTextLineWrapper.start(SimpleTextLineWrapper.java:241)
21:57:12,135 INFO  [stdout] (AsyncLogger-1) 	at net.sf.jasperreports.engine.fill.TextMeasurer.measure(TextMeasurer.java:537)
21:57:12,136 INFO  [stdout] (AsyncLogger-1) 	at net.sf.jasperreports.engine.fill.JRFillTextElement.chopTextElement(JRFillTextElement.java:623)
21:57:12,136 INFO  [stdout] (AsyncLogger-1) 	at net.sf.jasperreports.engine.fill.JRFillTextField.prepare(JRFillTextField.java:699)
Google+

How to Sniff Network Packages on HPUX Filtered By A Specific IP

Well on most of Linux distros, it’s very easy sniffing network packages using tcpdump, but on this case i need to sniff packages on HPUX, which doesnt have tcpdump installed.

So basically i have 2 options, install tcpdump on my hpux (which is very tricky because of limitation the sysadmin gave me), or simply by using HPUX’s build function for network sniffing, which is “nettl”.

On this example, im trying to sniff packages to and from a specific ip, first is creating a file which contain the target ip.

filter ip_saddr 192.168.0.11
filter ip_daddr 192.168.0.11

and i save it as /tmp/myfilter.

Next step is running nettl,

#this command is to start nettl
nettl -tn 0x30800000 -e ns_ls_ip -size 1024 -tracemax 99999 -f /tmp/raw.tr

#this command is to check nettl status
nettl -status TRACE

#this command is to filter sniffed network packages using filter
netfmt -N -n -l -c /tmp/myfilter -f /tmp/raw.tr.TRC000 > /tmp/trace.output

#this command is to stop nettl
nettl -tf -e all 
Google+

How to Setup HTTPS Connection for NginX

I just bought a new SSL Certificate from an SSL providers, and now im trying to install it on my nginx webserver. Now im trying to share the steps needed to install my ssl certificate, in case someone need it.

But first, i need to generate a .key and .csr file using openssl’s command, i will need those files to become a “secret key” or my private key.

sudo openssl req -new -newkey rsa:2048 -nodes -keyout domain.key -out domain.csr

Next is i send my .csr file to SSL providers to generate .crt files. In my case, the SSL Provider, gives me 2 .crt files. First is the “Intermediate Certificate” (my_intermediate_ca.crt) and another one is “SSL Certificate” files (domain.crt).

First, i need to join those 2 crt files,

cat domain.crt my_intermediate_ca.crt >> bundle.crt

It will look like this,

-----BEGIN CERTIFICATE-----
..... my domain.crt .......
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
..... my intermediate.crt .......
-----END CERTIFICATE-----

Next is registering my SSL on nginx, i just edit the ssl.conf here

sudo vi /etc/nginx/conf.d/ssl.conf

and add this lines

server {
    listen       443 default ssl;
    server_name  mydomain;

    server_tokens off;

    ssl_certificate      /crtlocation/bundle.crt;
    ssl_certificate_key  /crtlocation/domain.key;

    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout  5m;

    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers   on;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
	}
}

Restart nginx and check your ssl using openssl command,

openssl s_client -debug -connect localhost:443

A good SSL configuration will give this result,

Verify return code: 0 (ok)

While bad ones will create result like this,

Hope it would help others, have fun :D

ps.
i had one weird condition on my previous ssl installation, somehow my website shows valid ssl on desktop browsers, but shows broken ssl when accessed from mobile devices and android browsers. I found out it’s due to i provide the wrong .crt file on nginx’s ssl.conf, i provide domain.crt instead of bundle.crt. :-(

Google+

Usefull *nix Commands

This is my personal note for my most used *nix commands,
who know perhaps someday someone would find it usefull.

i use this to start apache tomcat, im using nohup command to keep my application running after i logged out.

nohup ./startup.sh 

i use this to kill an application using it’s process id

kill -9 <pid>

but how to find an application’s process id? Im using ps command for it. In this example im searching for “java” process id.

ps -ef | grep java

this is the command i use for checking whether a particular port is open or not. Im using port 8080 for example

netstat -aon | grep 8080

command for reading a rotating log file,

tail -f edw/modules/system.out

check my command history

history | grep java

im using these syntax to see my AIX peformance

topas –P

or

nmon
Google+