Tag: centos 5

Mysqldump Error 29

If you try to backup a MySQL database with a lot of tables using mysqldump, you may get an error similar to the following:

mysqldump: Got error: 29: File './test/test.MYD' not found (Errcode: 24) when using LOCK TABLES

To fix the problem you can add the –skip-lock-tables option to your mysqldump command line like so:

mysqldump --skip-lock-tables -u root -p db_foo > db_foo_backup_13FEB09.sql

Or you can permanently fix the problem by increasing the number of open files allowed by your MySQL service by specifying a sufficiently large value for the open_files_limit setting in your MySQL server configuration file. The open_files_limit needs to be placed under the [mysqld] section of the MySQL server configuration file. On CentOS 5 the default location of the MySQL service configuration file is /etc/my.cnf. Try specifying a value of 8192 like so:

[mysqld]
open_files_limit = 8192

After you make the change to the MySQL server configuration file you’ll need to restart the MySQL service to put the changes into effect. On CentOS 5 you can restart the MySQL service with the following command:

service mysqld restart

MySQL logo

How to Block an IP Address Using Firestarter

Firestarter is a GNOME program which offers a GUI interface to the IP Tables firewall.

If you have Firestarter configured to allow all IPs addresses to all ports or a particular port on your server, you can’t block a specific IP from accessing those ports using the GUI interface. However, Firestarter does allow you to manually specify IP Tables rules to either load up BEFORE or AFTER the Firestarter firewall rules by editing configuration files. On CentOS 5, the file to put the rules you want to load before Firestarter’s rules is /etc/firestarter/user-pre. For rules you want to load after Firestarter loads its firewall rules, edit the file /etc/firestarter/user-post. When you add your rules, instead of using the command “iptables” you need to use the variable name “$IPT” instead. To block an IP address from accessing any of your ports, you will need to add the IP Tables rule to the user-post file.

For example, say you want to block the IP address 123.11.112.1 from accessing your server on any port. The normal IPTables rules for this is:

iptables -I INPUT -s 123.11.112.1 -j DROP

To make this rule work with Firestarter, add the following line to the /etc/firestarter/user-post file:

$IPT -I INPUT -s 123.11.112.1 -j DROP

After you edit the user-pre or user-post files, you have to restart the Firestarter service to put them into effect. On CentOS 5 you can run the following terminal command to restart the Firestarter service:

service firestarter restart

Firewall Hole

Disable Anonymous Access to OpenLDAP

After you setup an OpenLDAP server, one of the first things you’ll want to do is disable anonymous access to it. This will prevent unauthenticated users from connecting to your OpenLDAP server and extracting information about your users and network resources from it.  To disable anonymous access to your OpenLDAP server, you need to edit the slapd.conf file which on CentOS 5 is located at /etc/openldap/slapd.conf. Open the slapd.conf file for editing and do the following:

Look for a line similar to this:

allow bind_v2 bind_anon_cred bind_anon_dn

Remove from that any of the items relating to anonymous access which will have “anon” in their names. So after editing the above line it will look like this:

allow bind_v2

Now add the following two lines to the slapd.conf file to explicitly deny anonymous binds and anonymous access to the directory information:

disallow bind_anon
require authc

Now save the slapd.conf file and restart the LDAP service to put the changes into effect. On CentOS 5 you can restart the OpenLDAP service by running the following command in the terminal:

service ldap restart
OpenLDAP logo

How to Install VMWare Tools in CentOS 5

Install software needed by VMware Tools

1. Install packages to build the kernel modules

yum install gcc kernel-devel

2. Check the running kernel matches the kernel headers

uname -r             # running kernel
rpm -q kernel-devel  # installed kernel headers

3. If the two versions do not match, run

yum -y upgrade kernel kernel-devel
reboot

4. Find out where the kernel headers are (you may need this later)

ls -d /usr/src/kernels/$(uname -r)*/include

Prepare and install VMware Tools

1. From VMware Workstation: go to VM> Install VMware Tools

2. From the VM: mount the virtual cd drive

mount /dev/cdrom /mnt/

3. Extract VMware Tools to /tmp/

tar -C /tmp -zxvf /mnt/VMwareTools-5.5.3-34685.tar.gz

4. Unmount the virtual cd drive

umount /mnt

5. Now run the installer

cd /tmp/vmware-tools-distrib
./vmware-install.pl

6. When asked Do you want to run vmware-config-tools.pl?, answer “Yes”.

VMWare Infrastructure