Execute the following command to view all processes and do a search of a service name (The service your searching for)
ps auxwwwe | grep SERVICENAMEHERE
This will give you back some info about the service. We are really only interested in the ProcessID (PID). This will be an integer.
Example return
root 24466 0.0 0.0 1476 280 ? S 2009 0:00 supervise sshd
PID will be: 24466
So now navigate to /proc and view the contents. You will see a directory for your PID. View the contents of this directory to see the info for the service.
The file path is located @ exe in this example: exe -> /usr/sbin/servicename
Wednesday, January 25, 2012
Monday, January 23, 2012
proftpd - Adding FTPS Support
This guide assumes you have proftpd installed with OpenSSL libs. If not, follow this guide
Firstly, I will quickly say....
FTPS or SFTP
People intend to mix FTPS and SFTP together, but both are actually completely differend.
FTPS is a normal FTP server but using SSL encrytion.
SFTP is a ftp kind of session over SSH (so everything is encrypted just like in SSH).
Notes
Users Guide: http://proftpd.org/localsite/Userguide/linked/userguide.html
Steps
*** Ensure mod_tls module is available within your proftpd installation.
*** Ensure you are a root user
1. Open proftpd.conf and add an include to a config file we are going to create (tls.conf). Add the following line below...
2. Now use vi to create the config file in the specified location...
3. Enter the following information into the file (How to use vi)
4. Generate certificate using OpenSSL
5. Save and close the file.
6. Now restart proftpd for the changes to take effect.
7. Test FTPS connectivity with the server. See below...
Note: if there are any issues with the connection process, check the log file within the tls.conf file we created: /var/log/proftpd/tls.log
Testing FTPS with lftp
1. Execute following command
2. Enter password for user.
3. Perform a simple command. I.e. ls -l
Firstly, I will quickly say....
FTPS or SFTP
People intend to mix FTPS and SFTP together, but both are actually completely differend.
FTPS is a normal FTP server but using SSL encrytion.
SFTP is a ftp kind of session over SSH (so everything is encrypted just like in SSH).
Notes
Users Guide: http://proftpd.org/localsite/Userguide/linked/userguide.html
Steps
*** Ensure mod_tls module is available within your proftpd installation.
*** Ensure you are a root user
1. Open proftpd.conf and add an include to a config file we are going to create (tls.conf). Add the following line below...
Include /etc/proftpd/tls.conf
2. Now use vi to create the config file in the specified location...
vi /etc/proftpd/tls.conf
3. Enter the following information into the file (How to use vi)
# Proftpd sample configuration for FTPS connections.## Note that FTPS impose some limitations in NAT traversing.# See http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html# for more information.#<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol SSLv23
TLSRSACertificateFile /etc/proftpd/ssl/proftpd.cert.pem
TLSRSACertificateKeyFile /etc/proftpd/ssl/proftpd.key.pem
## Avoid CA cert and allow client renegotiation (to overcome 1.3.2c bug 3324)#TLSOptions NoCertRequest AllowClientRenegotiation## Authenticate clients that want to use FTP over TLS?#TLSVerifyClient off
## Are clients required to use FTP over TLS when talking to this server?#TLSRequired on
## Allow SSL/TLS renegotiations when the client requests them, but# do not force the renegotations. Some clients do not support# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these# clients will close the data connection, or there will be a timeout# on an idle data connection.#TLSRenegotiate required off
</IfModule>
4. Generate certificate using OpenSSL
openssl req -new -x509 -days 365 -nodes -out /etc/proftpd/ssl/proftpd.cert.pem -keyout /etc/proftpd/ssl/proftpd.key.pem
5. Save and close the file.
6. Now restart proftpd for the changes to take effect.
/etc/init.d/proftpd restart
7. Test FTPS connectivity with the server. See below...
Note: if there are any issues with the connection process, check the log file within the tls.conf file we created: /var/log/proftpd/tls.log
Testing FTPS with lftp
1. Execute following command
lftp -u USERNAMEHERE -e 'set ftp:ssl-force true,ftp:ssl-protect-data true' SERVERNAMEHERE2. Enter password for user.
3. Perform a simple command. I.e. ls -l
Tuesday, January 17, 2012
Solaris 9 [SunOS 5.9] - Installing Python [This example uses 2.7.2]
This is a simple guide on how to install python on a Solaris 9 system. There are a few gotcha's which I am sharing and writing for future use.
1. Download Python. I took the compressed source tarball (.tgz). You are essentially compiling the source on your system.
2. Optional: Transferring it to the server. I had to transfer it to the server to install, so if you need to do that, see my previous post
3. Unzip the package using the following command. It will unzip, then untar.
gunzip -c PYTHONFILENAME.tgz |tar xvf -
4. You now need to configure the source. This will produce a Makefile based on your system. Navigate to the Python source directory, and execute the following command...
./configure --prefix=/usr/local
5. Ensure you are a root user before this step ("su root" - to change). Execute the following command to install Python.
make -i install
6. If everything went well (it probably didn't - see below!). Add Python to your system PATH variable. This way, you don't need to refer to /usr/local everytime you execute a script. See my previous blog post on how to do this.
7. Simply execute the following command to check Python has set itself up correctly... Do this outside of the source directory, so you can test the PATH variable aswell.
python --version
8. Get an ice cold beerski in!
Troubleshooting
During the install procedure, you receive the following...
./Parser/asdl_c.py -c ./Python ./Parser/Python.asdl
/usr/bin/env: No such file or directory
make: *** [Python/Python-ast.c] Error 127
Simply touch the libraries it requires (see below), and re-try... (Run make clean before re-try)
touch Include/Python-ast.h Python/Python-ast.c
During the install procedure, you receive the following...
make: ar: Command not found
You need to add ar to your PATH variable. This is located in /usr/ccs/bin. See my previous blog post on how to do this.
Note: If you are receiving an error while re-trying or you wish to remove temporary install files, simply execute the following command... "make clean"
1. Download Python. I took the compressed source tarball (.tgz). You are essentially compiling the source on your system.
2. Optional: Transferring it to the server. I had to transfer it to the server to install, so if you need to do that, see my previous post
3. Unzip the package using the following command. It will unzip, then untar.
gunzip -c PYTHONFILENAME.tgz |tar xvf -
4. You now need to configure the source. This will produce a Makefile based on your system. Navigate to the Python source directory, and execute the following command...
./configure --prefix=/usr/local
5. Ensure you are a root user before this step ("su root" - to change). Execute the following command to install Python.
make -i install
6. If everything went well (it probably didn't - see below!). Add Python to your system PATH variable. This way, you don't need to refer to /usr/local everytime you execute a script. See my previous blog post on how to do this.
7. Simply execute the following command to check Python has set itself up correctly... Do this outside of the source directory, so you can test the PATH variable aswell.
python --version
8. Get an ice cold beerski in!
Troubleshooting
During the install procedure, you receive the following...
./Parser/asdl_c.py -c ./Python ./Parser/Python.asdl
/usr/bin/env: No such file or directory
make: *** [Python/Python-ast.c] Error 127
Simply touch the libraries it requires (see below), and re-try... (Run make clean before re-try)
touch Include/Python-ast.h Python/Python-ast.c
During the install procedure, you receive the following...
make: ar: Command not found
You need to add ar to your PATH variable. This is located in /usr/ccs/bin. See my previous blog post on how to do this.
Note: If you are receiving an error while re-trying or you wish to remove temporary install files, simply execute the following command... "make clean"
Bash/sh/csh/tcsh - Updating PATH environment variable in session and on logon
When updating your PATH varible, it's usually because an installation requires programs and utilities within a directory, and the knowledge of the full path is not known. Either that, or you would like to refer to a command program within specifying the full path. You will usually receive the following error message if a program cannot be found...
xxx: Command not found
So lets check our current PATH using the following command...
echo $PATH
We can now view the current directories included in our PATH variable.
Example: /usr/sysmgr/bin:/bin:/usr/sbin:/usr/bin:/usr/ucb:/usr/sysmg/bin:/etc:/usr/local/bin:.
For example, we may wish to install a program, and it requires the ar tool (A tool to aid archiving). It is unaware of the full system path, so we need to add the directory it resides in to our environment variable.
We can either do this temporarily or permanently... It also depends on which shell you are using.
Note: To find out which shell you are using, execute the following command.
echo $SHELL
Temporarily
tcsh/csh Shell (Seperate by spaces and use set command)
set path=(/usr/sysmgr/bin /bin /usr/sbin /usr/bin /usr/ucb /usr/sysmg/bin /etc /usr/local/bin .)
bath/sh Shell (Seperate by colon and use export command)
export PATH=$PATH:/path/to/dir1:/path/to/dir2
Permanently
Bash Shell (Edit /.bash_profile or /.bash_profile files)
http://www.cyberciti.biz/faq/change-bash-profile/
tcsh/csh Shell (Edit /.login or /.cshrc files)
http://osr507doc.sco.com/en/OSUserG/_The_C-shell_login_and_cshrc.html
In both cases, you are simply adding the command into a login/shell startup script to that the variable is always set with the extra paths. To edit these files, I recommend using vi (text editor).
vi Help
vi in Solaris help
vi in Unix help
xxx: Command not found
So lets check our current PATH using the following command...
echo $PATH
We can now view the current directories included in our PATH variable.
Example: /usr/sysmgr/bin:/bin:/usr/sbin:/usr/bin:/usr/ucb:/usr/sysmg/bin:/etc:/usr/local/bin:.
For example, we may wish to install a program, and it requires the ar tool (A tool to aid archiving). It is unaware of the full system path, so we need to add the directory it resides in to our environment variable.
We can either do this temporarily or permanently... It also depends on which shell you are using.
Note: To find out which shell you are using, execute the following command.
echo $SHELL
Temporarily
tcsh/csh Shell (Seperate by spaces and use set command)
set path=(/usr/sysmgr/bin /bin /usr/sbin /usr/bin /usr/ucb /usr/sysmg/bin /etc /usr/local/bin .)
bath/sh Shell (Seperate by colon and use export command)
export PATH=$PATH:/path/to/dir1:/path/to/dir2
Permanently
Bash Shell (Edit /.bash_profile or /.bash_profile files)
http://www.cyberciti.biz/faq/change-bash-profile/
tcsh/csh Shell (Edit /.login or /.cshrc files)
http://osr507doc.sco.com/en/OSUserG/_The_C-shell_login_and_cshrc.html
In both cases, you are simply adding the command into a login/shell startup script to that the variable is always set with the extra paths. To edit these files, I recommend using vi (text editor).
vi Help
vi in Solaris help
vi in Unix help
Transfer Files From One UNIX Server To Another using ssh scp
In Unix, you can use the scp command to copy files and directories securely between remote hosts without starting an FTP session or logging into the remote systems explicitly. The scp command uses SSH to transfer data, so it requires a password or passphrase for authentication. Unlike rcp or FTP, scp encrypts both the file and any passwords exchanged so that anyone snooping on the network can't view them.
Warning: Be careful when copying between hosts files that have the same names; you may accidently overwrite them.
From Server to Local
scp -r user@server1:/directory/files /localDirectory
From Local to Server
scp -r /localDirectory user@server1:/directory/files
Warning: Be careful when copying between hosts files that have the same names; you may accidently overwrite them.
From Server to Local
scp -r user@server1:/directory/files /localDirectory
From Local to Server
scp -r /localDirectory user@server1:/directory/files
Wednesday, January 4, 2012
Python SUDS (SOAP API) full example with WSSE and complex types
I began this task in Perl originally, then decided to switch to Python and have an easier ride. I will upload the Perl example when I sort out a few minor issues with the SOAP::Lite library.
Anyway, in this example, you can specify a WSDL and WSSE (Web Service Security Extensions) username and password (sent in clear text btw), and it will send a SOAP request out and get a sample response back.
I have purposely consumed a service that has some complex types available (basically not just strings and ints). You can see how it is to work with the library and consume your own methods with this example.
Here are some useful things to note
- There have been problems with SUDS generating empty tags for optional properties for complex types. If this is the case, you will receive this error in your SOAP Body's response... "Server was unable to read request. ---> There is an error in the XML document. ---> Instance validation error: '' is not a valid value for PROPERTY_HERE."... To get around this, simply specify those properties (example below)
- client.factory.create() is used to let Python know about the complex types.
- "print client" (Using the example below) will tell you everything you need to know about your service (namespaces, types, methods, properties etc).
- The logger is your friend! Don't be a hero! Start out small and go big! The technique is to analyze the SOAP response and query the errors. If you can get a hold of what the correct SOAP envelope should look like, then compare this against the SOAP request you are sending out. This is the easiest way to solve any problems.
- Coming from a .NET background, I added a service reference and made a simple call with C#. You can then write more code to analyze the SOAP Request, or simply install Fiddler2 (If you haven't got it already, only 600kb and very useful!) to get the correct SOAP envelope to compare against.
The code
Anyway, in this example, you can specify a WSDL and WSSE (Web Service Security Extensions) username and password (sent in clear text btw), and it will send a SOAP request out and get a sample response back.
I have purposely consumed a service that has some complex types available (basically not just strings and ints). You can see how it is to work with the library and consume your own methods with this example.
Here are some useful things to note
- There have been problems with SUDS generating empty tags for optional properties for complex types. If this is the case, you will receive this error in your SOAP Body's response... "Server was unable to read request. ---> There is an error in the XML document. ---> Instance validation error: '' is not a valid value for PROPERTY_HERE."... To get around this, simply specify those properties (example below)
- client.factory.create() is used to let Python know about the complex types.
- "print client" (Using the example below) will tell you everything you need to know about your service (namespaces, types, methods, properties etc).
- The logger is your friend! Don't be a hero! Start out small and go big! The technique is to analyze the SOAP response and query the errors. If you can get a hold of what the correct SOAP envelope should look like, then compare this against the SOAP request you are sending out. This is the easiest way to solve any problems.
- Coming from a .NET background, I added a service reference and made a simple call with C#. You can then write more code to analyze the SOAP Request, or simply install Fiddler2 (If you haven't got it already, only 600kb and very useful!) to get the correct SOAP envelope to compare against.
The code
#!/usr/bin/python
#
# Sean Greasley. TutorialGenius.com 2012.
#
# Creates a portfolio object using the exacttarget SOAP API. An image must exist at the specified URN
# before alerting the system that the image is ready to be processed,
#
# USAGE:
# -portfolio <Display Name> <URN> <File Name> <Optional: CustomerKey>
# -portfoliowsdl <WSDL Address> <WSSE Username> <WSSE Password> <Display Name> <URN> <File Name> <Optional: CustomerKey>
#
#
# Imports
from suds.client import Client
from suds.wsse import *
# Logging Options
import logging
logging.basicConfig(level=logging.INFO)
logging.getLogger('suds.client').setLevel(logging.DEBUG)
logging.getLogger('suds.wsdl').setLevel(logging.DEBUG)
logging.getLogger('suds.wsse').setLevel(logging.DEBUG)
# Define usage options
def printUsage():
print ""
print "[USAGE]"
print "------------------------------------------------------------------------"
print " " + sys.argv[0] + " -portfolio <Display Name> <URN> <File Name> <Optional: CustomerKey>"
print " " + sys.argv[0] + " -portfoliowsdl <WSDL Address> <WSSE Username> <WSSE Password> <Display Name> <URN> <File Name> <Optional: CustomerKey>"
print ""
return
# Validate argument input
if (len(sys.argv) <= 1):
print "Invalid usage options..."
printUsage()
sys.exit(1)
elif (sys.argv[1] == "-portfolio" and (len(sys.argv) == 5 or len(sys.argv) == 6)):
print "Setting up a portfolio"
elif (sys.argv[1] == "-portfoliowsdl" and (len(sys.argv) == 8 or len(sys.argv) == 9)):
print "Setting up a portfolio with WSDL options"
else:
print "Invalid usage options..."
printUsage()
sys.exit(1)
# Setup variables
WSDL_URL = "https://webservice.s4.exacttarget.com/etframework.wsdl"
WSSE_USERNAME = "Username here!"
WSSE_PASSWORD = "Password here!"
PORTFOLIO_DISPLAYNAME = "Test Sean Display Name1"
PORTFOLIO_URN = "http://www.ct4me.net/images/dmbtest.gif"
PORTFOLIO_FILENAME = "dmbtest.gif"
PORTFOLIO_CUSTOMERKEY = ""
if (sys.argv[1] == "-portfoliowsdl"):
WSDL_URL = sys.argv[2]
WSSE_USERNAME = sys.argv[3]
WSSE_PASSWORD = sys.argv[4]
PORTFOLIO_DISPLAYNAME = sys.argv[5]
PORTFOLIO_URN = sys.argv[6]
PORTFOLIO_FILENAME = sys.argv[7]
try:
PORTFOLIO_CUSTOMERKEY = sys.argv[8]
except:
print "No Customer key specified. Using default..."
elif (sys.argv[1] == "-portfolio"):
PORTFOLIO_DISPLAYNAME = sys.argv[2]
PORTFOLIO_URN = sys.argv[3]
PORTFOLIO_FILENAME = sys.argv[4]
try:
PORTFOLIO_CUSTOMERKEY = sys.argv[5]
except:
print "No Customer key specified. Using default..."
# URL Detail
client = Client(WSDL_URL)
# WSSE Security
security = Security()
token = UsernameToken(WSSE_USERNAME, WSSE_PASSWORD)
security.tokens.append(token)
client.set_options(wsse=security)
# Build up portfolio
# 'Portfolio' is a complex type... so we use the create method to expose the properties to us. We can then populate the properties as normal.
portfolio = client.factory.create('Portfolio')
portfolio.DisplayName = PORTFOLIO_DISPLAYNAME
portfolio.CustomerKey = PORTFOLIO_CUSTOMERKEY
portfolio.Source = client.factory.create('ResourceSpecification')
portfolio.Source.URN = PORTFOLIO_URN
portfolio.FileName = PORTFOLIO_FILENAME
# For some reason the SUDS library tends to generate empty SOAP tags for optional properties. Here I have manually specified the defaults here. Just be aware of that!
createOptions = client.factory.create('CreateOptions')
createOptions.RequestType = "Synchronous"
createOptions.QueuePriority= "High"
# Attach Portfolio to array - Need to set at pos 0, as it returns 1 by default.
apiObject = [client.factory.create('APIObject')] # Remember [ ], its an array!
apiObject[0] = portfolio
# Create portfolio
# This method also had 'out' parameters exposed
print client.service.Create(createOptions, apiObject)
# Uncomment this next line to find out useful information about your service.
# print client
Friday, December 23, 2011
WSDL and SOAP: Test and Invoke WSDL online!
Really good website for service discovery
http://www.service-repository.com
They also have a WSDL tester and invoker... displays the SOAP messages and response. It also builds the HTML forms dynamically. Great stuff!
http://www.service-repository.com/client/start
http://www.service-repository.com
They also have a WSDL tester and invoker... displays the SOAP messages and response. It also builds the HTML forms dynamically. Great stuff!
http://www.service-repository.com/client/start
Subscribe to:
Posts (Atom)
