137
edits
Changes
From SME Server
Jump to navigationJump to search→Log: missing files log parsing
| grep -nsri server-manager.jpg /etc/e-smith/ || search the file server-manager.jpg in the path directory /etc/e-smith
| grep -nsri server-manager.jpg /etc/e-smith/ || search the file server-manager.jpg in the path directory /etc/e-smith
|-
|-
| grep -P '^www|apache' /etc/group || search after patterns which start by www and/or apache in /etc/group
| grep -P '^www |apache' /etc/group || search after patterns which start by www and/or apache in /etc/group
|-
|-
| tail -f /var/log/<LOGFILE> || realtime viewing of your log file
| tail -f /var/log/<LOGFILE> || realtime viewing of your log file
| yum remove <packagename> || removes packagename
| yum remove <packagename> || removes packagename
|-
|-
| yum history package-info <packagename> || Shows the installation/removal history of a package and it's Transaction ID [http://yum.baseurl.org/wiki/YumHistory see more commands]
| yum history package-info <packagename> || Shows the installation/removal history of a package and it's Transaction ID [http://yum.baseurl.org/wiki/YumHistory see more commands]
|-
|-
| yum history undo <Transaction ID> || Removes all packages from a specific Transaction ID [http://yum.baseurl.org/wiki/YumHistory see more commands]
| yum history undo <Transaction ID> || Removes all packages from a specific Transaction ID [http://yum.baseurl.org/wiki/YumHistory see more commands]
|-
|-
| yum list updates || list updates to any installed package
| yum list updates || list updates to any installed package
===namingContexts===
===namingContexts===
we can conduct a simple search of the naming context to see our directory information you can display 'dn' LDAP parameters, either by the [[SME_Server:Documentation:Administration_Manual:Chapter13#Directory|server-manager]] or by the command line :
we can conduct a simple search of the naming context to see our directory information you can display 'dn' LDAP parameters, either by the [[SME_Server:Documentation:Administration_Manual:Chapter13#Directory|server-manager]] or by the command line :
ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts''
or you can do
or you can do
ldapsearch -x -h localhost -s base |grep 'dn'
ldapsearch -x -h localhost -s base |grep 'dn'
===Bind with a specific user on LDAP===
===Bind with a specific user on LDAP===
Try to connect to ldap with credentials of a specific user and see the LDAP catalogue. Find the ''''dc'''' by the chapter [[Useful_Commands#namingContexts|above]]
Try to connect to ldap with credentials of a specific user and see the LDAP catalogue. Find the '<nowiki/>'''dc'''' by the chapter [[Useful_Commands#namingContexts|above]]
===Check a specific user in LDAP catalogue===
===Check a specific user in LDAP catalogue===
display informations on the user requested. Find the ''''dc'''' by the chapter [[Useful_Commands#namingContexts|above]]
display informations on the user requested. Find the '<nowiki/>'''dc'''' by the chapter [[Useful_Commands#namingContexts|above]]
'''for sme9'''
'''for sme9'''
{{Note box| you have now a tool in your hand to parse logfile : [[Audit_Tools#logcheck]]. You should be aware that tool is here to help to find errors in the development side of the SME Server and thus you could have a lot of false positive}}
{{Note box| you have now a tool in your hand to parse logfile : [[Audit_Tools#logcheck]]. You should be aware that tool is here to help to find errors in the development side of the SME Server and thus you could have a lot of false positive}}
=== '''Parse log for hack / phishing for missing files''' ===
<syntaxhighlight lang="bash">
EXTIP=`curl -s ifconfig.me/ip`
grep "File does not exist" /var/log/httpd/error_log | sed -e 's#\: /#\n#' | grep "home" | sort -u | sed -e "s#$EXTIP#\<IP\>#g" > dict_err.txt
# grep "File does not exist" /var/log/httpd/admin_error_log | sed -e 's#\: /#\n#' | grep "home" | sort -u | sed -e "s#$EXTIP#\<IP\>#g" > dict_admin_err.txt
</syntaxhighlight>
* verbose output
* verbose output
mysql
mysql
create database '''databasename''';
create database '''databasename''';
grant all privileges on '''databasename'''.* to '''username''' identified by ''''password'''';
grant all privileges on '''databasename'''.* to '''username''' identified by '<nowiki/>'''password'''';
flush privileges;
flush privileges;
exit
exit
mysql -e "create database '''databasename''';"
mysql -e "create database '''databasename''';"
mysql -e "grant all privileges on '''databasename'''.* to '''username''' identified by ''''password'''';"
mysql -e "grant all privileges on '''databasename'''.* to '''username''' identified by '<nowiki/>'''password'''';"
mysql -e "flush privileges;"
mysql -e "flush privileges;"
===Configure <b><u>PHP Basedir</u></B> Restriction per ibay===
===Configure <b><u>PHP Basedir</u></b> Restriction per ibay===
db accounts setprop IBAYNAME PHPBaseDir DIR1:DIR2:DIRn
db accounts setprop IBAYNAME PHPBaseDir DIR1:DIR2:DIRn
To enable audit logging for an ibay named "fileshare":
To enable audit logging for an ibay named "fileshare":
<nowiki>db accounts setprop fileshare Audit enabled
<nowiki>db accounts setprop fileshare Audit enabled
signal-event ibay-modify fileshare</nowiki>
signal-event ibay-modify fileshare</nowiki>
To enable audit logging for every ibay on your server:
To enable audit logging for every ibay on your server:
<nowiki>for ibay in $(db accounts show |grep \=ibay |cut -d= -f1); do db accounts setprop $ibay Audit enabled; done
<nowiki>for ibay in $(db accounts show |grep \=ibay |cut -d= -f1); do db accounts setprop $ibay Audit enabled; done
signal-event ibay-modify</nowiki>
signal-event ibay-modify</nowiki>
The details of what gets logged are controlled by /etc/e-smith/templates/etc/smb.conf/ibays/10smbaudit
The details of what gets logged are controlled by /etc/e-smith/templates/etc/smb.conf/ibays/10smbaudit
https://localhost:9443/server-manager
https://localhost:9443/server-manager
