How To Install MySQL on CentOS 7

Introduction

By default Centos 7 prefers MariaDB. It is better to stay with the MariaDB but if for any reason you need to install the Mysql which now is owned by Oracle, then you can follow the instructions below.

Installation

curl -sSLO https://dev.mysql.com/get/mysql80-community-release-el7-7.noarch.rpm
sudo rpm -ivh mysql80-community-release-el7-7.noarch.rpm
sudo systemctl start mysqld
sudo systemctl enable mysqld
sudo systemctl status mysqld

Secure it

MySQL includes a security script that allows you to change some default configuration options in order to improve MySQL’s security.

$ sudo grep ‘temporary password’ /var/log/mysqld.log
2022-10-05T01:52:51.993687Z 6 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: ?rZtqr=kM7IE

sudo mysql_secure_installation

This will take you through a series of prompts asking if you want to make certain changes to your MySQL installation’s security options. The first prompt will ask whether you’d like to set up the Validate Password Plugin, which you can use to test the strength of your MySQL password.

Securing the MySQL server deployment.

Connecting to MySQL using a blank password.

VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?

Press y|Y for Yes, any other key for No: Y

There are three levels of password validation policy:

LOW    Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary                  file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2

Regardless of whether you choose to set up the Validate Password Plugin, the next prompt will be to set a password for the MySQL root user. Enter and then confirm a secure password of your choice: Output

Please set the password for root here.


New password: 

Re-enter new password: 

If you used the Validate Password Plugin, you’ll receive feedback on the strength of your new password. Then the script will ask if you want to continue with the password you just entered or if you want to enter a new one. Assuming you’re satisfied with the strength of the password you just entered, enter Y to continue the script: Output

Estimated strength of the password: 100 
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y

Create first user and databases

mysql -u root -p

Create a full admin user

mysql> create user saeed@`%` identified by "yoursTR0n6pass";
mysql>grant all privileges on . to saeed;

Create a database and a user with full access to that database

mysql> create database mycatdb;
mysql> create user mycat@`%` identified by "yourcatssTR0n6pass";
mysql> grant all privileges on mycatdb.* to mycat;
mysql> flush privileges;

Restore a db from dump

mysql -u root -p

mysql> use mycatdb;
Database changed
mysql> source /home/saeed/mycat-db-dump-20200409-084604.sql

Automation with Cron job on Centos 8

Adapted from digital ocean reference.

Introduction

Cron is a time-based job scheduling daemon found in Unix-like operating systems, including Linux distributions. Cron runs in the background and tasks scheduled with cron, referred to as “cron jobs,” are executed automatically, making cron useful for automating maintenance-related tasks.

Continue reading →

How to install and configure fail2ban on CentOS 7

Fail2ban is available through the EPEL project. So it needs to be installed first.

Install

sudo yum install epel-release
sudo yum install fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban
sudo systemctl status fail2ban

Configure

Configuration files is located in the /etc/fail2ban directory. Leave the jail.conf as default and create your own config file called /etc/fail2ban/jail.d/jail.local. The values defined in jail.local will take precedent over jail.conf.

sudo touch /etc/fail2ban/jail.d/jail.local
sudo vim /etc/fail2ban/jail.d/jail.local

add the content to it as needed. below is a sample content

[DEFAULT]
# Ban hosts for one hour:
bantime = 3600

# Override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport

[sshd]
enabled = true

[nginx-http-auth]
enabled = true
sudo systemctl restart fail2ban
sudo systemctl status fail2ban

Monitor

sudo fail2ban-client status
sudo fail2ban-client status jail_name
sudo tail -F /var/log/fail2ban.log

How to extend partition size in Centos7

I have a local OS repository that is used by my local machines to get the Centos updates from.

I realised it has stopped working and it turned out that the disk is full.

The machine is hosted on a VMWare ESXi 6.7 server. Below are the steps needed to go through to get the partition size extended.

Continue reading →

How to install and configure Asciidoctor PDF

What is AsciiDoc

From asciidoc.org

AsciiDoc is a text document format for writing notes, documentation, articles, books, ebooks, slideshows, web pages, man pages and blogs. AsciiDoc files can be translated to many formats including HTML, PDF, EPUB, man page.

AsciiDoc is highly configurable: both the AsciiDoc source file syntax and the backend output markups (which can be almost any type of SGML/XML markup) can be customized and extended by the user.

asciidoc.org
Continue reading →