LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-04-2012, 12:49 AM   #46
southpointingchariot
Member
 
Registered: Sep 2012
Posts: 31

Original Poster
Rep: Reputation: Disabled

Quote:
Originally Posted by sag47 View Post
With all the logs I look at it appears the root of the problem is with apparmor terminating it with "mysql respawning too fast" errors. I think we should tackle the problem from that angle.

Try some of the solutions outlined in this article, except everywhere you see "/media/asimov/mysql" just do "/var/lib/mysql" in your case.
http://languor.us/mysql-respawning-t...nated-status-1

It's late in my timezone so I'm going to go to bed. But I'll be up again tomorrow and continue looking into this.

SAM
1.
Quote:
Considering the relative lack of danger of experimenting with my dev server, I chanced playing with the permissions with a:
chmod -R 770 /media/asimov/mysql
"chmod -R 770 /var/lib/mysql" returns "chmod: cannot access `/var/lib/mysql': No such file or directory"

2.
Quote:
Check that my.cnf exists in /etc/mysql/ and that there's only one of them around in the various config directories (as well as your own home directory, I guess).
"find -name 'my.cnf'" returns "./etc/mysql/my.cnf"

3.
Quote:
Check that the apparmor entry for mysql exists and points to the right directories and files.
Not sure how to do this.

4.
Quote:
Reconfigure mysql using dpkg-reconfigure mysql-server-5.5
A dialog opened, I set root password to "fixit" (go ahead and hack me internets)

This returned:
Code:
120904  0:35:44 [Note] Plugin 'FEDERATED' is disabled.
120904  0:35:44 InnoDB: The InnoDB memory heap is disabled
120904  0:35:44 InnoDB: Mutexes and rw_locks use GCC atomic builtins
120904  0:35:44 InnoDB: Compressed tables use zlib 1.2.3.4
120904  0:35:44 InnoDB: Initializing buffer pool, size = 128.0M
120904  0:35:44 InnoDB: Completed initialization of buffer pool
120904  0:35:44 InnoDB: highest supported file format is Barracuda.
120904  0:35:44  InnoDB: Waiting for the background threads to start
120904  0:35:45 InnoDB: 1.1.8 started; log sequence number 1595675
120904  0:35:45  InnoDB: Starting shutdown...
120904  0:35:45  InnoDB: Shutdown completed; log sequence number 1595675
mysql start/running, process 21949
5.
Quote:
Avoid using an empty root password was another potential fix with a high frequency of repeats.
Fairly sure I haven't done this.

6.
Quote:
Reinstall mysql was also an oft recommended option. If you do, remember to back things up beforehand!
I think we've been around this circle.

I'm not really sure how to check if any of that worked. "mysql" still returns "ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)".

In case its helpful, here are my (perhaps unchanged) log files:

/var/log/apt/history.log: http://paste.ubuntu.com/1185070/
/var/log/apt/term.log: http://paste.ubuntu.com/1185071/
/var/log/auth.log: http://paste.ubuntu.com/1185072/
/var/log/dbconfig-common/dbc.log: http://paste.ubuntu.com/1185073/
/var/log/dmesg: http://paste.ubuntu.com/1185074/
/var/log/dpkg.log: http://paste.ubuntu.com/1185075/
/var/log/dpkg.log.1: http://paste.ubuntu.com/1185077/
/var/log/kern.log: http://paste.ubuntu.com/1185078/
/var/log/kern.log.1: http://paste.ubuntu.com/1185079/
/var/log/syslog: http://paste.ubuntu.com/1185080/
/var/log/syslog.1: http://paste.ubuntu.com/1185081/
/var/log/upstart/mysql.log: http://paste.ubuntu.com/1185082/
/var/log/upstart/ureadahead.log: http://paste.ubuntu.com/1185083/
 
Old 09-04-2012, 01:40 AM   #47
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
If you set a password for ther mysql root user, you need the -p option.

Code:
mysql -u root -p
Else maybe you can now try my advice in post #17.
 
Old 09-04-2012, 01:44 AM   #48
southpointingchariot
Member
 
Registered: Sep 2012
Posts: 31

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Wim Sturkenboom View Post
If you set a password for ther mysql root user, you need the -p option.

Code:
mysql -u root -p
Else maybe you can now try my advice in post #17.
It seems to have worked! I'm in MySQL monitor. Now... what do I do from here?

EDIT: Actually, I guess its do whatever from here (a good thing!). Whats the standard procedure for checking to make sure I have a working, integrated LAMP setup?

Last edited by southpointingchariot; 09-04-2012 at 01:45 AM.
 
Old 09-04-2012, 02:33 AM   #49
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
The link (http://www.howtoforge.com/ubuntu_lamp_for_newbies) that I posted yesterday in your thread on ubuntuforums should give some pointers.
See
* testing apache
* testing php

And write a little PHP page that can connect to a database.

You have experience with WAMP, so the rest should be the same.
 
Old 09-04-2012, 07:42 AM   #50
southpointingchariot
Member
 
Registered: Sep 2012
Posts: 31

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Wim Sturkenboom View Post
The link (http://www.howtoforge.com/ubuntu_lamp_for_newbies) that I posted yesterday in your thread on ubuntuforums should give some pointers.
See
* testing apache
* testing php

And write a little PHP page that can connect to a database.

You have experience with WAMP, so the rest should be the same.
Gotya - however, this is made more complicated by the fact that I'm not really familiar with MySQL (an attempt to start using it is what started this whole mess). Thus I'm not really sure what parts of that tutorial I need to follow (should I install mysql-server?), nor how to test MySQL or phpmyadmin.
 
Old 09-04-2012, 08:29 AM   #51
sag47
Senior Member
 
Registered: Sep 2009
Location: Orange County, CA
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,831
Blog Entries: 36

Rep: Reputation: 451Reputation: 451Reputation: 451Reputation: 451Reputation: 451
Quote:
Originally Posted by southpointingchariot View Post
Gotya - however, this is made more complicated by the fact that I'm not really familiar with MySQL (an attempt to start using it is what started this whole mess). Thus I'm not really sure what parts of that tutorial I need to follow (should I install mysql-server?), nor how to test MySQL or phpmyadmin.
It is best to learn MySQL from the command line. Go ahead and start doing your thing in this post.

3 recommendations you should take to heart
  • Do not use "helper" software like phpmyadmin or webmin. When hackers are attacking a server this is the kind of stuff they're looking for (and it's easy to find). Even wordpress is a common attack vector. I tend to not run PHP apps at all and tend to go for Python or Perl using a development framework.
  • Enable a firewall (I recommend iptables) which blocks all incomming connections. Then only open TCP ports 80 and 443 for your web applications.
  • Be sure to set a root password on your database and use isolated users for different databases like I outlined in previous posts.

If you're not familiar with LAMP then the easiest undertaking to get familiar with it is installing wordpress using their tar.gz file. Download wordpress here.

Last edited by sag47; 09-04-2012 at 08:31 AM.
 
Old 09-04-2012, 08:46 AM   #52
southpointingchariot
Member
 
Registered: Sep 2012
Posts: 31

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by sag47 View Post
It is best to learn MySQL from the command line. Go ahead and start doing your thing in this post.

3 recommendations you should take to heart
  • Do not use "helper" software like phpmyadmin or webmin. When hackers are attacking a server this is the kind of stuff they're looking for (and it's easy to find). Even wordpress is a common attack vector. I tend to not run PHP apps at all and tend to go for Python or Perl using a development framework.
  • Enable a firewall (I recommend iptables) which blocks all incomming connections. Then only open TCP ports 80 and 443 for your web applications.
  • Be sure to set a root password on your database and use isolated users for different databases like I outlined in previous posts.

If you're not familiar with LAMP then the easiest undertaking to get familiar with it is installing wordpress using their tar.gz file. Download wordpress here.
I have some experience with wordpress - this is a personal development project, not a professional one for now, the goal is to learn how to build a simple CMS. I'm planning on using this tutorial: http://www.elated.com/articles/cms-i...noon-php-mysql. My only real LAMP experience is basic PHP include stuff, some wordpress, and maintaining a local server to test sites I'm working on.

Is PHP really that suspect? Do you know of a CMS intro tutorial that uses perl or python instead (I don't actually know either, though I need to learn them at some point of course - just for doing perl rename commands in bash )
 
Old 09-04-2012, 09:05 AM   #53
sag47
Senior Member
 
Registered: Sep 2009
Location: Orange County, CA
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,831
Blog Entries: 36

Rep: Reputation: 451Reputation: 451Reputation: 451Reputation: 451Reputation: 451
Right now the National Vulnerability Database Search Engine appears to be down. But when last time it was up when I did a search for php there were over 22000 vulnerabilities related to php or applications designed in php. The thing about php is that it is really easy to get yourself in trouble if you don't properly sanitise inputs. There's a ton of other design issues for the developer to consider from a security perspective but alas I don't want to turn this thread into php bashing. It has it's place in the world of web design if you do it right. In your case, designing a CMS for educational purposes is okay since you're attempting to learn the LAMP stack. You're bound to have security issues no matter what you create since you're new to the process. However, if you decide to release your source code like so many others just be sure to put a big fat disclaimer on there that you don't know about the security integrity of the software you designed.

One thing you should realize is that no software is impervious to bugs or vulnerabilities. For instance, people who leave their MySQL server wide open are susceptible to serious security attacks like this one. But you add several layers security where possible such as separating user logins, enabling system security layers like SELinux or AppArmor, and always a firewall.

As far as designing a CMS in Python goes I would recommend using a framework like Django. I simply googled "django cms tutorial".
http://docs.django-cms.org/en/2.2/ge.../tutorial.html

If you're new to Python then I recommend taking a free course on it. Go to the Django website they've got a quick install guide and a beginners tutorial (the tutorial assumes you know Python already to some extent). As always google is a great resource and usually you'll find your questions answered by somebody on the internet.

Last edited by sag47; 09-04-2012 at 09:09 AM.
 
Old 09-04-2012, 11:33 AM   #54
southpointingchariot
Member
 
Registered: Sep 2012
Posts: 31

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by sag47 View Post
Right now the National Vulnerability Database Search Engine appears to be down. But when last time it was up when I did a search for php there were over 22000 vulnerabilities related to php or applications designed in php. The thing about php is that it is really easy to get yourself in trouble if you don't properly sanitise inputs. There's a ton of other design issues for the developer to consider from a security perspective but alas I don't want to turn this thread into php bashing. It has it's place in the world of web design if you do it right. In your case, designing a CMS for educational purposes is okay since you're attempting to learn the LAMP stack. You're bound to have security issues no matter what you create since you're new to the process. However, if you decide to release your source code like so many others just be sure to put a big fat disclaimer on there that you don't know about the security integrity of the software you designed.

One thing you should realize is that no software is impervious to bugs or vulnerabilities. For instance, people who leave their MySQL server wide open are susceptible to serious security attacks like this one. But you add several layers security where possible such as separating user logins, enabling system security layers like SELinux or AppArmor, and always a firewall.

As far as designing a CMS in Python goes I would recommend using a framework like Django. I simply googled "django cms tutorial".
http://docs.django-cms.org/en/2.2/ge.../tutorial.html

If you're new to Python then I recommend taking a free course on it. Go to the Django website they've got a quick install guide and a beginners tutorial (the tutorial assumes you know Python already to some extent). As always google is a great resource and usually you'll find your questions answered by somebody on the internet.
Thanks again for all your help.

Your point concerning security is good - its not really a major concern right at this moment, but I want to do it right from the beginning - that's kinda the whole point.

From what I know, Django is an excellent application, but I wonder if it suits my goal (perhaps because my goal is unwise). I'm trying to focus on minimalism - if there's anything my foray into the meaningful digital world has taught me, its that its better not to have all the features, and do the work, then use a generic, likely bloated-for-my-purposes package (web design I would argue fits this very well - vim > dreamweaver). My thought is thus to actually build a very weak CMS on my own (well, from a tutorial), and then tear it down several times until I'm as comfortable with my base as I am with my basic HTML and CSS methodology, and then slowly learn features from there. I'm aware that most newbs take the opposite strategy - use the pre-made thing, then get smaller and smaller - but I was hoping to take the minimalist approach. Am I on the wrong track do you think? Is Django still the right thing to pursue?
 
Old 09-04-2012, 05:27 PM   #55
sag47
Senior Member
 
Registered: Sep 2009
Location: Orange County, CA
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,831
Blog Entries: 36

Rep: Reputation: 451Reputation: 451Reputation: 451Reputation: 451Reputation: 451
Quote:
Originally Posted by southpointingchariot View Post
Am I on the wrong track do you think? Is Django still the right thing to pursue?
It's a design decision at this point. Both tools get the job done, you just need to evaluate the pros and cons of each. That's about as good of an answer I can give you. Short of being you, it's difficult for me to understand your requirements without seeing a full performance spec of the job. I'd say go with what makes you comfortable if you're just learning the LAMP stack.

I've programmed in both PHP and Python and have been successful in both. So basically all I can recommend is aim your arrow and let it fly. Use either.

Btw the NVD Search engine is back up. Here are some searches: python, django, php, phpmyadmin, webmin.

Last edited by sag47; 09-04-2012 at 05:31 PM.
 
Old 09-04-2012, 07:31 PM   #56
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
Quote:
I'm trying to focus on minimalism
Glad to hear it, you'll go far
Definitely avoid frontends like Webmin & phpmyadmin and learn how to talk to eg the webserver https://httpd.apache.org/ & DB https://dev.mysql.com/doc/ direct.
 
Old 09-05-2012, 12:55 AM   #57
southpointingchariot
Member
 
Registered: Sep 2012
Posts: 31

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by chrism01 View Post
Glad to hear it, you'll go far
Definitely avoid frontends like Webmin & phpmyadmin and learn how to talk to eg the webserver https://httpd.apache.org/ & DB https://dev.mysql.com/doc/ direct.
Thanks for the input! I'm worried my ignorance is preventing me from diving in undirected - do you happen to know a good intro tutorial to building a minimalist CMS? Or, at least, do you know what I should search for?
 
Old 09-05-2012, 02:43 AM   #58
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
To start, clean up the initial installation of mysql. There are some users that should not be there in my opinion; same for the existence of a possible test database. See Securing the Initial MySQL Accounts
Note: do not remove the 'debian-sys-maint' user

To get familiar with mysql, you can start with Chapter 3. Tutorial

I googled for 'cms from scratch'; the following might be a start for what you want (to do): http://www.1stwebdesigner.com/tutori...our-own-cms-1/

A note on security
Make sure that files with login credentials can be read by apache but not by visitors of the site. My approach is to have
Code:
/home/wim/website1
   |
   +----- inc
   +----- www
/home/wim/website1/www will be the documentroot for an apache website and visitors of your website can access the files in there. They can not access files in /home/wim/website1/inc but apache can read them.
 
Old 09-05-2012, 10:10 AM   #59
southpointingchariot
Member
 
Registered: Sep 2012
Posts: 31

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Wim Sturkenboom View Post
To start, clean up the initial installation of mysql. There are some users that should not be there in my opinion; same for the existence of a possible test database. See Securing the Initial MySQL Accounts
Note: do not remove the 'debian-sys-maint' user

To get familiar with mysql, you can start with Chapter 3. Tutorial

I googled for 'cms from scratch'; the following might be a start for what you want (to do): http://www.1stwebdesigner.com/tutori...our-own-cms-1/

A note on security
Make sure that files with login credentials can be read by apache but not by visitors of the site. My approach is to have
Code:
/home/wim/website1
   |
   +----- inc
   +----- www
/home/wim/website1/www will be the documentroot for an apache website and visitors of your website can access the files in there. They can not access files in /home/wim/website1/inc but apache can read them.
Thanks for the find! I'm worried its progression is somewhat out my league, but I'll check out the tutorial, and maybe that'll help. If nothing else, I'm getting a better picture of what I need to look for. There's a uber-minimalist CMS tutorial out there, and one way or another, I'll figure out which one it is!

Last edited by southpointingchariot; 09-05-2012 at 10:11 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: How To Install LAMP Server in Ubuntu Server 12.04 LTS LXer Syndicated Linux News 0 05-20-2012 01:45 AM
Centos LAMP Server with unidentified script causing server to port scan ZS- Linux - Security 48 01-30-2011 08:27 AM


All times are GMT -5. The time now is 10:40 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration