Jun 11, 2011

Implement Virtual Users for FTP authentication


Implement Virtual Users for VSFTPD Server authentication


Release:
Redhat Enterprise Linux 5.x
Berkeley DB 4.7.25

Problem:
Create an virtual user database and authenticate ftp server (vsftpd service) using that virtual users.

Solution:

1) First configure the VSFTPD server and make the vsftpd service running

2) Install the required RPMs

# yum install db4-utils

3) Download the Berkeley DB from the below URL


4) Install the Berkeley DB program on the sevrer

# cd /tmp
# tar -xvf db-4.7.25.tar.tar
# cd db-4.7.25/build_unix/
# ../dist/configure
# make
# make install


Create the Virtual User database:

5) Create text file with the virtual user's username and password information like below one.

# vi login.txt
testuser
12345
user1
12345

6) Create the database file using the “db_load” command.

# db_load -T -t hash -f login.txt /etc/vsftpd/login.db

7) Optionally change the permission of the db file.

# chmod 600 /etc/vsftpd/login.db

8) Edit the PAM configuration file to use the created db file.

# vi /etc/pam.d/vsftpd
session include system-auth
auth required pam_userdb.so db=/etc/vsftpd/login
account required pam_userdb.so db=/etc/vsftpd/login
session required pam_loginuid.so

9) Create a location for the virtual users

# useradd -d /var/ftp/virtualuser virtual

10) Edit the configuration file to use the virtual users

# vi /etc/vsftpd/vsftpd.conf

guest_enable=YES
guest_username=virtual

Note: If you add the above two lines means all the virtual users are redirect to the “/var/ftp/virtualuser” directory. Otherwise if you want to use chroot for every user means, that also possible. Add the below entries for every user login to their respective directory.

# vi /etc/vsftpd/vsftpd.conf

virtual_use_local_privs=YES
write_enable=YES
user_sub_token=$USER
local_root=/home/vftp/$USER
chroot_local_user=YES
hide_ids=YES
guest_enable=YES

11) Restart the ftp service on the server.

# service vsftpd restart

12) Now from the client try to login using that virtual username and password

$ ftp ftpserver
Connected to ftpserver.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (sbssdb5:query1): testuser
331 Please specify the password.
Password: 12345
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
Ftp>





Jun 2, 2011

Deploy Documentum Using Apache Tomcat

 
Deploy Documentum Using Apache Tomcat in RHEL


Release:
Redhat Enterprise Linux 5.x
Apache Tomcat 6.0.14

Problem:
Need to deploy Documentum using apache tomcat in RHEL

Solution:

1)      Download the Apache tomcat from the below link


2)      Copy tomcat to the server and extract the zip folder

      # cd /documentum
      # tar -zxvf apache-tomcat-6.0.14.tar.gz
      # ln -s apache-tomcat-6.0.14 tomcat

Note: Here tomcat dump copied to the “/documentum” directory. Also here one soft link created for the future purpose.

3)      Mention the java and jre home path in tomcat also mention the “PermSize” details also.

      # vi /documentum/tomcat/bin/catalina.sh

      JAVA_HOME=/usr/java/jdk1.6.0_24
      JRE_HOME=/usr/java/jdk1.6.0_24/jre
      JAVA_OPTS="$JAVA_OPTS -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Xms1024m -Xmx3072m -XX:PermSize=256m -XX:MaxPermSize=512m"

Note: Here “Xms” means that initial heap size and “Xmx” means that maximum heap size.

4)      To access the tomcat Manager url add the below entries in the “tomcat-users.xml” file

      # vi /documentum/tomcat/conf/tomcat-users.xml

  





Note: For accessing tomcat manager ( http://IPADDRESS:8080/manager ) use the above authentication “username=tomcat” and “password=tomcat

5)      Also enable pooling option to access the documentum URL from the web.xml file

      # vi /documentum/tomcat/conf/web.xml












6)      Deploy the webtop and DA war files. Copy both the war files to the webapps directory
     
            # cp Webtop.war DA.war /documentum/tomcat/webapps

7)      Star the Apache Tomcat server using the below command.

      # /documentum/tomcat/bin/startup.sh

Note : To stop the tomcat use “/documentum/tomcat/bin/shutdown.sh

8)      Edit the dfc.properties file to mention the repository

# /documentum/tomcat/webapps/webtop/WEB-INF/classes/dfc.properties

dfc.session.max_count=1000
dfc.docbroker.host[0]=server.example.com
dfc.globalregistry.repository=Global
dfc.globalregistry.username=dm_bof_registry
dfc.globalregistry.password=MmKZP8KOlvrE6ndUolyl6Q\=\=

Note: Here “server.example.com” is the server hostname and the “Global”  is the repository name.