Allow only SCP/SFTP transfers with 'scponly'

scponly restricts users to SCP and SFTP logins by acting itself as a shell and this disables SSH logins. This allows using Filezilla or 'scp' tool to transfer files but restrict SSH logins via SSH clients. Debian has this package as 'scponly'. TO install it:

# apt-get install scponly

Since, we will not be chrooting users, suid binary is not required. So, select no to: Install the chrooted binary /usr/sbin/scponlyc SUID root? <-- No For existing users, do:

# usermod -s /usr/bin/scponly username

To create a new user with scponly:

# useradd -m -s /usr/bin/scponly username
# passwd username

Optimized LEMP Installer for Debian/Ubuntu with Virtual Hosts Automator.

LAMP stacks are used widely but they are notorious for being less resource friendly and in the same time, incredibly attracting to script kiddies and part time crackers.

There's a tradition to play with most popular toys rather than one which was designed to be small and less expensive. As a kid, what would you like to steal in a kindergarten: a Spider-Man toy or a small spider miniature?
Leaving aside these arguments, let's move on to the real-valued part. I wrote this script which I think, has the following featured jobs:(Some literary art)

• Configures Nginx for performance and static file caching as well as gzipping the output.
• Installs and PHP-FPM as well as PHP-APC for Opcode Caching
• Optimizes MySQL for caching queries, while being light on resources.
• Facilitates interactive virtual hosts creation with dedicated PHP-FPM pool for each user so that each PHP process runs as the owner. This eliminates the need to install FTP server for updating Wordpress or installing plugins. Since, PHP runs as the user owning the script, "wp-config" can be set to very strict permissions like 700.

There's even more...

• Virtual hosts generation script also has the ability to create MySQL user and database as well as allowing user to import SQL file onto the newly created database for easy migration.
• PHPMyAdmin installer is also built-in which allows PHPMyAdmin to be installed on specified domain or sub-domain. 
• This script uses unix sockets instead of TCP which promises some more improvement and lowers TCP overhead within the system. 
• I have implemented some security practices like "cgi.fixpath_info=0". 

Download the script here and run it as root:

wget https://raw.github.com/aatishnn/lempstack/master/lemp-debian.sh
chmod +x lemp-debian.sh
./lemp-debian.sh

This script works for me but I cannot guarantee that it will work for you too. I am not a Bash expert. Please add some regexp to your brain to ignore my scripting laziness. This is designed to work with Debian and Ubuntu. You may freely use it to suit your needs under the condition that you will thank me. I would be glad if you can share something about this script, test it, debug it or just scold, rebuke or criticize.

Using WiFi just from Linux Terminal

Are you tired of Network Managers that try to reduce pain regarding Wireless connections and end up with unstable or never-connecting Wireless problems? Then, command line comes to the rescue and `wpa_supplicant` as our weapon. Throughout the tutorial, I will be using these random access point details with WPA-PSK:

SSID: linuxdo
Passphrase: myphrase

And, `wlan0` is the wireless interface. Find the one corresponding in your system using `iwconfig`.
Install `wpa_supplicant` for your distro if not installed.
For CentOS/RedHat and other Yum based systems:

# yum install wpa_supplicant

For Debian based systems including Ubuntu:

# apt-get update && apt-get install wpa_supplicant

Now, we need to create the configuration file for `wpa_supplicant`. There is an easy way out using:

# wpa_passphrase linuxdo myphrase >/root/linuxdo.conf

It's the time to connect now. Run `wpa_supplicant` as:

# wpa_supplicant -iwlan0 -c/root/linuxdo.conf

After you get `CTRL-EVENT-CONNECTED`, you should run `dhclient` as:

# dhclient wlan0

This way, you will get a dynamic IP from the router.
Test your internet connection by opening a web browser and loading `linuxdo.blogspot.com`. You will get it.
Since, we are now familiar with `wpa_supplicant` now, disable Wireless in NetworkManager interface to avoid conflicts.

Installing Octopress on CentOS 6/RedHat/Scientific Linux

Official Octopress website have user-specific installation procedure prone to many errors due to 'rvm' and 'rbenv'. This is the mostly foolproof method to set-up Octopress correctly on Redhat based distros.

Run these as root:

# yum groupinstall 'Development Tools'
# yum install readline-devel zlib zlib-devel openssl openssl-devel libyaml git python-setuptools
# easy_install Pygments

Pygments is not necessary as it uses pygments.rb. (Thanks to @octopress)

Now, run these as normal user:

$ wget http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.2-p320.zip
$ unzip ruby-1.9.2-p320.zip 
$ cd ruby-1.9.2-p320
$ ./configure --prefix=/usr --with-openssl-include=/usr/include/openssl --with-openssl-lib=/usr/lib64/openssl/engines --disable-option-checking --disable-pthread
$ make

If you are using 32-bit, then replace '--with-openssl-lib=/usr/lib64/openssl/engines' to '--with-openssl-lib=/usr/lib/openssl/engines'.

Again, run these as root:

# make install

Again, run these as normal user:

$ git clone git://github.com/imathis/octopress.git octopress
$ cd octopress

Now, as root:

# gem install bundler
# bundle install
# rake install

Lastly, as normal user:

$ rake install

Now, follow Configuring Octopress. That's it. You have installed Octopress on your system. Leak: I will soon be moving this blog to Octopress and will be hosting it on GAE.

Better fonts in Chrome For Linux

Make a file .fonts.conf in your home directory and add this to it:

<match target="font">
  <edit name="autohint" mode="assign">
      <bool>true</bool>
    </edit>
    <edit name="hinting" mode="assign">
      <bool>true</bool>
    </edit>
    <edit mode="assign" name="hintstyle">
      <const>hintslight</const>
   </edit>
</match>

Now, restart Chrome to see the changes.

Install Java Browser plugin for Firefox 64-Bit in CentOS/Redhat

Download the latest 64-bit RPM package from main Java homepage. Install it as:

rpm -ivh <package-name>.rpm

And, add the plugin to Firefox with:

# cd /usr/lib64/mozilla/plugins
# ln -s $(find / -mount -name libnpjp2.so)

If 'ln -s $(find / -mount -name libnpjp2.so)' fails, then, first find the file 'libnpjp2.so' and supply the path as:

# ln -s <path-to-libnpjp2.so>

Restart your browser and you will have the working Java plugin for Firefox.

Install Log.io on CentOS

Searching for a simple online log viewer, I found log.io. Documentation has a recipe to install log.io on Ubuntu 11.10 but it doesn't match uniformly for CentOS. Seems like many things are hard-coded. So, I began to hack into it to make it working and I succeeded.

Installation Procedure:

# yum install gcc make openssl-devel git
# mkdir ~/downloads 
# cd downloads 
# wget "http://nodejs.org/dist/v0.6.11/node-v0.6.11.tar.gz" 
# tar -xzvf node-v0.6.11.tar.gz
# cd node-v0.6.11/ 
# ./configure

If it complains about missing libraries or anything else and doesn't succeeds, install the required libraries using Yum.

# make
# make install
# ln -s /usr/local/bin/node /usr/local/bin/nodejs
# wget http://npmjs.org/install.sh
# chmod +x install.sh
# ./install.sh
# PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
# rm -f /usr/bin/npm
# ln -s /usr/local/bin/npm /usr/bin/npm
# useradd -d /home/logio logio
# usermod -G adm logio
# npm config set unsafe-perm true
# npm install -g --prefix=/usr/local git://github.com/NarrativeScience/Log.io.git
# chmod -R 777 /var/log/log.io/

It's done. Now, start the server using:

# log.io server start

The server is now started. Allow access to port 8993 as:

# iptables -A INPUT -p tcp --dport 8993 -j ACCEPT

Hurray!. Head over to http://:8993 and see the power of nodejs.
Similarly, install Log.io on another machine and start the harvester with:

# log.io harvester start

Tested on CentOS 6.

Install latest Skype on CentOS

Download static archive of Skype from main skype website.The latest version while writing this tutorial was skype_staticQT-2.2.0.99.To download, you can do:

# cd /tmp
# wget http://www.skype.com/go/getskype-linux-beta-static
# cd /opt
# tar jxf /tmp/skype_static-2.2.0.99.tar.bz2
# rm /tmp/skype_static-2.2.0.99.tar.bz2
# ln -s skype_staticQT-2.2.0.99 skype

To make it easy to launch Skype and remove shared library related errors, do this:

# ln -s /opt/skype /usr/share/skype
# ln -s /opt/skype/skype /usr/bin/skype
# ln -s /usr/lib/libtiff.so.3 /usr/lib/libtiff.so.4

Even if you are running 64 bit CentOS version, you should install some 32 bit libraries as:

# yum install glibc.i686 alsa-lib.i686 libXv.i686 libXScrnSaver.i686 libSM.i686 libXi.i686 libXrender.i686 libXrandr.i686 freetype.i686 fontconfig.i686 zlib.i686 glib2.i686 libstdc++.i686 libtiff.i686 qt.i686 qt-x11.i686 pulseaudio-libs.i686 pulseaudio-libs-glib2.i686 alsa-plugins-pulseaudio.i686 

And, if you have CentOS media available:

# yum --disablerepo=\* --enablerepo=c6-media install glibc.i686 alsa-lib.i686 libXv.i686 libXScrnSaver.i686 libSM.i686 libXi.i686 libXrender.i686 libXrandr.i686 freetype.i686 fontconfig.i686 zlib.i686 glib2.i686 libstdc++.i686 libtiff.i686 qt.i686 qt-x11.i686 pulseaudio-libs.i686 pulseaudio-libs-glib2.i686 alsa-plugins-pulseaudio.i686 

Now, you should have a working Skype. Run it as:

# skype

Tested on CentOS 6.2

Delta RPMs on Yum

Delta, in sense of file, refers to the difference between two versions of the file. So, if you have a file and its delta, you can create a new file with all the changes included.

Delta RPMs are exactly the same. Consider a package 'yum-1.2.30-x86-64.rpm' and another updated package 'yum-1.2.31-x86-64'. A delta RPM of this package will be able to recreate the new updated Yum package from the older package available in the system. Since Delta RPMs are just the difference in two packages, they are small in size(in most cases). So, delta RPMs are useful if you have a congested, slow or limited bandwidth.

Enabling the use of Delta RPM in Yum:
We need 'yum-presto' plugin to enable delta RPMs. Install it as:

# yum install yum-presto

Now, try updating your system as:

# yum update

You will see that the download size will reduce dramatically and updates will be faster. That's how Delta RPM works.

Tested on CentOS 6.2.

Zypper implements delta RPMs by default. So, openSUSE users need not to be worry and there is nothing to enable for openSUSE systems.

SSH : Allow only certain users to log in

There are numerous user accounts that exist in a Linux system. You will not want to allow every user to log in via SSH.
Let's talk about the scenario: I have many users in my Linux box but real person-related users are root, alice and bob. So, to allow only them to connect via SSH, edit '/etc/ssh/sshd.conf' and add the following line at the end of the file:

AllowUsers root alice bob

Allow Root Login by SSH Keys only

IF you want to allow root login via SSH keys only while disabling password-based login, edit /etc/ssh/sshd.conf to reflect following change:
Original:

PermitRootLogin yes

Change:

PermitRootLogin without-password

Install Flash Plugin for Firefox installed from tar.bz2 archive

If you have installed Firefox from the official download (firefox--.tar.bz2) at /opt or similar location and if you are using 64bit version of Linux, then the 64 bit version of Flash Player will not work with Firefox. The solution is to use 32bit version of flash plugin. Here is how you do in Yum based systems:

# rpm -ivh http://linuxdownload.adobe.com/linux/i386/adobe-release-i386-1.0-1.noarch.rpm 
# yum remove flash-plugin
# yum --disablerepo=adobe-linux-x86_64 --enablerepo=adobe-linux-i386  install flash-plugin

If you have a running Firefox window, restart it and you will get your flash plugin back. Tested on CentOS 6.2.

Gtk-WARNING in Firefox: Unable to locate theme engine

If you are getting warnings like these:

(firefox:4486): Gtk-WARNING **: Unable to locate theme engine in module_path: "clearlooks"

Install package 'gtk2-engines.i686'.

Enable Caching in Yum

It is a good idea to enable caching in Yum as it keeps downloaded packages locally and is useful if you have slow connections. The default behavior is to delete downloaded packages. To enable caching, turn 'keepcache=0' into 'keepcache=1' in /etc/yum/yum.conf as:

[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=1
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
...
...

So, all the downloaded data will reside in 'cachedir' location.

Install latest VLC on CentOS 6

RPMForge provides latest VLC version for CentOS system. Install corresponding RPMForge repository as:

64-bit:

rpm -ivh http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

32-bit:

rpm -ivh http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.i686.rpm

Now, install VLC as:

yum install vlc

Hurrah! You have a working best media player.

Install RPM with Yum

You can install RPM packages with 'rpm' command but it doesn't resolve dependencies. So, to automatically install dependencies with the package, yum can be used as:

yum install package_name.rpm

If you are getting errors like "Package is not signed", do this:

yum --nogpgcheck install package_name.rpm

Fix: "Cannot retrieve repository metadata" for Yum

# yum provides system-config-network
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
 * base: centos.vr-zone.com
 * extras: centos.vr-zone.com
 * updates: centosz4.centos.org
Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify its path and try again

This problem can be fixed by uncommenting 'baseurl' in repository configuration file. For example: File:CentOS-Base.repo Original:

[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
..
..
..

Change to:

[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
..
..
..

If this doesn't solve the problem, then it is something to do with network connection.

Enabling kernel modules at boot time

To maintain persistent kernel module, create a file called 'modulename.modules' in /etc/sysconfig/modules/ and insert corresponding command. For example, to load 'rt3070sta' module, I need to find the location of device 'ra0'. Find it using:

# find / -name 'ra0'
/sys/devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.3/net/ra0

Now, I will add this to rt3070sta.modules:

#!/bin/sh

if [ ! -c /sys/devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.3/net/ra0 ] ; then
        exec /sbin/modprobe rt3070sta >/dev/null 2>&1
fi

bash: cd: Input/output error

I was trying to mount a partition on folder 'localdisk'. It mounted successfully but on 'cd'ing to the folder, it said:

bash: cd: localdisk: Input/output error

I found that 'localdisk' was a file and not a directory. I wonder why 'mount' was accepting file as mount point.

Mounting NTFS partitions in CentOS 6

Install fuse-ntfs-3g from RPMForge as:

wget http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/fuse-ntfs-3g-2010.10.2-1.el6.rf.x86_64.rpm
rpm -ivh fuse-ntfs-3g-2010.10.2-1.el6.rf.x86_64.rpm

Now, NTFS partitions can be mounted using 'mount'. For example:

mount -t ntfs-3g /dev/disk/by-label/blahblahblah /windows/e

Using Redhat/CentOS DVD media as Yum repository

Installing from downloaded media is important for slow as well as limited connections. Anyway, I found a way to use CentOS media as a local yum repository. Here is how it is done:
Insert CentOS media onto your drive. Then, find the mount point where the media was mounted. It should be under /media. If not, mount the media onto a permanent location. Edit /etc/yum.repos.d/CentOS-Media.repo as:

vi /etc/yum.repos.d/CentOS-Media.repo

Modify the line containing baseurl to suit your environment i.e. the mount point. Also, note the repository name. For CentOS 6.2, it is 'c6-media'. Make sure 'enabled' is set to 1. Save the file using [escape]:x Now, run any yum command like:

yum --enablerepo=c6-media --disablerepo=\* install gcc

Yum priorities can also be used to give more priority to local installation media.

Determing Linux/Unix kernel version

Determining kernel version is important for different Linux/Unix related tasks.It can help in diagnosing, upgrading as well as installing device drivers.
Easiest command is to run is 'uname' as:

uname -r

/proc/version also provides details about kernel version. Cat it using:

cat /proc/version

A journey to FreeBSD

I thought to write about FreeBSD even though this blog covers mostly about Linux.
I started using FreeBSD a year ago. When I first tried it, I was way too confused and was feeling like getting a tea(FreeBSD) when you are addicted to coffee(Linux).

Then, I got to read FreeBSD handbook. I read everything right from beginning to end. Then, I printed the whole FreeBSD handbook and started playing with FreeBSD on a real system. After this, everything changed. I started to love FreeBSD much than any other operating system.

I recommend everyone reading this to try FreeBSD even if you uncomfortable with Linux. If you are really uncomfortable with CLI, try using PC-BSD (PC-BSD is to FreeBSD as Ubuntu is to Debian).

FreeBSD cannot be called Unix due to legal reasons but I don't think anyone will sue you when you are thinking that it is really a Unix system.

Try installing FreeBSD on VirtualBox or similar platforms to make sure you don't mess with your valuable data.

You should also stop thinking that FreeBSD runs Linux applications directly. They are different. There is a Linux Binary Compatibility for FreeBSD to run Linux applications which is not a sort of platform virtualization. So, performance is pretty realistic and matching with that of Linux.

Another thing I like about FreeBSD is 'lagg'. This allows you to combine two or more network connections for failover protection or load balancing. Linux too has 'bonding' but I find 'lagg' easier to use.

The last thing worth mentioning is pfSense which, in my view, is the most easiest and effective firewall distribution. The web interface pretty rocks. And, the best part of pfSense is that it is based on FreeBSD.

Some Useful Links:
http://www.freebsd.org/doc/handbook/
http://www.pcbsd.org/
http://pfsense.org/

Private Key Conversions

Convert OpenSSH private key to Putty ppk format:
Step 1:Download and run Puttygen.
Step 2:Select "Import Key" From "Conversions" menu.
Step 3:Type your passphrase if you have set them.
Step 4:Click "Save private key".

Convert Putty ppk format to OpenSSH format: 
Step 1:Select "Load private key"
Step 2:Select "Export OpenSSH key"

Convert Putty ppk format to ssh.com format:
Step 1:Select "Load private key"
Step 2:Select "Export ssh.com key"

Solving "/bin/bash^M: bad interpreter: No such file or directory"

If you are getting errors like "/bin/bash^M: bad interpreter: No such file or directory", then I am a mind-reader and can say that you have edited this script on a Windows system. Error looks like:

# ./mysql_backup.sh
-bash: ./mysql_backup.sh: /bin/bash^M: bad interpreter: No such file or directory

You can solve this error by using "dos2unix" as:

# dos2unix mysql_backup.sh

Determine Directory Size In Linux with 'du'

'du' is an acronym for Disk Usage. So, if you want to find the size of a directory in Linux/Unix:

du <directory_name>

A more human-readable format can be generated using -h switch which outputs size with M,G and similar postfix.

du -h <directory_name>

Check the progress of 'dd'

Even though I call 'dd' a disk destroyer, I have to use this regularly. Once, I had to copy a whole disk to another disk and was waiting for it to finish. Then, I found 'SIGUSR' signal that could be sent to a process to output some relevant information ('dd' in our case).

While 'dd' is running, open a new terminal. First let's get the PID:

# ps -A|grep dd

Then, do this:

# kill -USR1 <pid>

Now, see the terminal where 'dd' is running. You would get some details about the transfer progress. If you are really impatient, you can run this command every 20 seconds with 'watch':

watch -n 20 kill -USR1 <pid>

Convert openSUSE DVD ISO into USB image

To convert openSUSE 12.1 DVD ISO (64 Bit) to an ISO that can be dded"to a USB drive, do this:

# zypper in syslinux
# isohybrid openSUSE-12.1-DVD-x86_64.iso

Now, use SUSE Studio ImageWriter to write this ISO or dd to your usb drive.

Battery Status From Linux Command Line

When you are running a CLI or a minimal desktop environment on a laptop/netbook/notebook, it is necessary to check battery status for some reasons. 'acpi' is a system tool to provide easy human-readable battery status and information. For installing 'acpi' on Ubuntu or Debian systems, type this:

apt-get install acpi

You must be root to do that. Use 'sudo' for Ubuntu/Mint systems. Now, type 'acpi' to see battery status. I got this with a fully charged battery:

# acpi
Battery 0: Full, 100%, rate information unavailable

List all Cron Jobs From All Users

To list all cron entries from all users:

# for user in $(cut -f1 -d: /etc/passwd); do crontab -u $user -l; done

This is meant to be run as root.

Disable Directory Listing In Apache Webserver/HTTPD

Disabling Directory Listing is one of the important security measure you can take. Consider a config as:

Options Indexes FollowSymLinks MultiViews

Remove "Indexes" from that line so that it looks like:

Options FollowSymLinks MultiViews

Blogging with Wordpress in Cloud with OpenShift

From Official OpenShift homepage,

OpenShift is Red Hat's Cloud Computing Platform as a Service (PaaS) offering. OpenShift is an application platform in the cloud where application developers and teams can build, test, deploy, and run their applications. OpenShift takes care of all the infrastructure, middleware, and management and allows the developer to focus on what they do best: designing and coding applications.

Running Wordpress on OpenShift is easy. Here are the steps:

Register for an account at: https://openshift.redhat.com/app/account/new
Install Client Tools:

• For Debian-based systems including Ubuntu, issue the following commands:

  # apt-get install ruby rubygems rhc
  

  If 'rhc' is unavailable, do this:

  # gem install json_pure
  # gem install rhc
  

• For RPM based systems:

  # wget -O openshift.repo https://openshift.redhat.com/app/repo/openshift.repo
  # mv openshift.repo /etc/yum.repos.d/
  # yum install rhc
  # rm -f openshift.repo
  

Create Domain name (Namespace):

# rhc domain create -n  -l <emailaddress>

This domain is a third level domain. Any new application will inherit this domain name. Use the email address you used to sign up with OpenShift.

Create a new application:

# rhc app create -a wordpress -t php-5.3

Add MySQL Cartridge and PhpMyAdmin to application:

# rhc app cartridge add -a wordpress -c mysql-5.1
# rhc-ctl-app -e add-phpmyadmin-3.4 -a wordpress

You can now access PhpMyAdmin from http://wordpress-<domain>.rhcloud.com/phpmyadmin Note the username, password and host details.

Add Official Wordpress Bundle to Repository:

# cd wordpress/php 
# wget -O latest.tar.gz http://wordpress.org/latest.tar.gz
# tar -xf latest.tar.gz
# rm -f latest.tar.gz
# cd wordpress
# mv * ../
# cd ..
# git add .
# git commit -m "Initial Push"

Now, if you head over to http://wordpress-<domain>.rhcloud.com, you should see Wordpress complaining about 'wp-config.php'. Now, all you have to do is to modify 'wp-config' and add MySQL details from preceding cartridge command. Then,

# git commit -a -m "Edited wp-config.php"

Use your own domain name: To use your own domain name (assuming www.example.com),

# rhc-ctl-app -c add-alias --alias www.example.com -a wordpress

To get this domain working, add a CNAME record for www.example.com to wordpress-<domain>.rhcloud.com . DNS propagation may take some time. Key to win is patience.

Permanent file uploads: By default, all changes are lost when you push a git repository.

The OPENSHIFT_DATA_DIR and OPENSHIFT_TMP_DIR are designed as file system locations for data written/read by the application.

So, to preserve uploads, here is a workaround by adding following lines to wordpress/.openshift/action_hooks/build:

if [ ! -d $OPENSHIFT_DATA_DIR/uploads ]; then
    mkdir $OPENSHIFT_DATA_DIR/uploads
fi
 
ln -sf $OPENSHIFT_DATA_DIR/uploads $OPENSHIFT_REPO_DIR/php/wp-content/

This creates a symbolic link to Wordpress 'wp-content' directory. It's done. You are now blogging on Cloud. Pick up some words and let it flow around in your blog.

Viewing Binded Ports On Linux

Do this:

lsof -i :<port>

For example, to view HTTPS bindings,

lsof -i :443

Redirect Non-SSL requests to SSL on Nginx without Redirect Loop

Add these lines to your Nginx server{} block:

if ($scheme = "http") { rewrite ^ https://$server_name$request_uri? permanent; }

There is another way to do the same thing as:

if ($ssl_protocol = "") { rewrite ^ https://$server_name$request_uri? permanent; }

Decrease NSD Memory Consumption

Add the following lines on file /etc/nsd3/nsd.conf:

ip4-only: yes
tcp-count: 10
server-count: 1

Reviewing a Xen PV VPS

This is the first time experience with XEN PV VPS. Looking at it, I found it much more better than openVZ ones. Here are some tests I have performed:
Network Tests

# wget  http://dl.dropbox.com/u/44794654/bench.sh -O - -o /dev/null|bash
System uptime :   15 min,       
Download speed from CacheFly: 11.0MB/s 
Download speed from Linode, Atlanta GA: 11.24MB/s 
Download speed from Linode, Dallas, TX: 16.0MB/s 
Download speed from Linode, Tokyo, JP: 6.11MB/s 
Download speed from Linode, London, UK: 9.16MB/s 
Download speed from Leaseweb, Haarlem, NL: 8.37MB/s 

Disk IO Tests

# dd if=/dev/zero of=test bs=16k count=64k conv=fdatasync;rm -f test
65536+0 records in
65536+0 records out
1073741824 bytes (1.1 GB) copied, 17.7806 s, 60.4 MB/s

Disk IO Latency Test

# wget http://ioping.googlecode.com/files/ioping-0.6.tar.gz
# tar xvf ioping-0.6.tar.gz
# cd ioping-0.6/
# make
# ./ioping .
4096 bytes from . (ext3 /dev/root): request=1 time=21.6 ms
4096 bytes from . (ext3 /dev/root): request=2 time=15.0 ms
4096 bytes from . (ext3 /dev/root): request=3 time=17.5 ms
4096 bytes from . (ext3 /dev/root): request=4 time=32.7 ms
4096 bytes from . (ext3 /dev/root): request=5 time=3.4 ms
4096 bytes from . (ext3 /dev/root): request=6 time=12.9 ms
4096 bytes from . (ext3 /dev/root): request=7 time=47.6 ms
4096 bytes from . (ext3 /dev/root): request=8 time=67.3 ms
4096 bytes from . (ext3 /dev/root): request=9 time=21.5 ms
4096 bytes from . (ext3 /dev/root): request=10 time=1.0 ms
4096 bytes from . (ext3 /dev/root): request=11 time=11.4 ms
4096 bytes from . (ext3 /dev/root): request=12 time=25.1 ms
4096 bytes from . (ext3 /dev/root): request=13 time=32.7 ms
4096 bytes from . (ext3 /dev/root): request=14 time=9.3 ms
4096 bytes from . (ext3 /dev/root): request=15 time=14.0 ms
4096 bytes from . (ext3 /dev/root): request=16 time=20.7 ms
4096 bytes from . (ext3 /dev/root): request=17 time=0.7 ms

--- . (ext3 /dev/root) ioping statistics ---
17 requests completed in 17096.6 ms, 48 iops, 0.2 mb/s
min/avg/max/mdev = 0.7/20.8/67.3/16.5 ms

Links:
VPSNode Homepage

Check CentOS version

To check the version of CentOS,

cat /etc/*release*

Hope this helps.

Installing Ninja-IDE on openSUSE

Ninja-ide Is Not Just Another IDE for Python. If you get errors like below on installing the Fedora Package on openSUSE :

# rpm -ivh ninja-ide-2.0_beta3-2.noarch.rpm
error: Failed dependencies:
PyQt4 is needed by ninja-ide-2.0_beta3-2.noarch

Then, do this:

# rpm -ivh --nodeps ninja-ide-2.0_beta3-2.noarch.rpm

It is PythonQt4 for openSUSE.