The web-based administration tool for PostgreSQL is the "phppgadmin" software. The software is freely downloadable at the "http://phppgadmin.sourceforge.net" website.
To install the phppgadmin on Ubuntu 9.04, issue the command:
# apt-get install phppgadmin
Afterwards, the phppgadmin is now accessible using the browser at the localhost address of "http://localhost/phppgadmin".
Common Problem
1. You cannot access the database using the "postgres" user.
Solution:
login as postgres user and create another administrator user as follows:
# su postgres
$ psql
$ createuser myadmin
When prompted if the user will be "administrator", choose "yes" as follows:
postgres@asus:/home/clemrasul$ createuser
Enter name of role to add: myadmin
Shall the new role be a superuser? (y/n) y
Then, use the new administrator username and password to login into the phppgadmin web interface.
Monday, June 29, 2009
GUI Administration of PostgreSQL
The graphical user interface (GUI) administration tool for PostgreSQL is "pgadmin". To install "pgadmin" on Ubuntu 9.04, issue the command:
#apt-get install pgadmin3
This will install the "pgadmin" software under "Applications -> Programming -> PgAdmin III".
#apt-get install pgadmin3
This will install the "pgadmin" software under "Applications -> Programming -> PgAdmin III".
Accessing PostgreSQL on CLI
The command line interface (CLI) of PostgreSQL is called "psql". To access the PostgreSQL server, issue the following commands:
# su postgres
$ psql
The first command is to shift from the "root" user to the "postgres" user. PostgreSQL does not allow "root" login. Instead, it uses the "postgres" user as the default administrator of the system.
The second command is to invoke the "psql" CLI under the user "postgres".
The following is the screen example of the above-mentioned command.
root@asus:/etc/init.d# su postgres
postgres@asus:/etc/init.d$ psql
Welcome to psql 8.3.7, the PostgreSQL interactive terminal.
Type: \copyright for distribution terms
\h for help with SQL commands
\? for help with psql commands
\g or terminate with semicolon to execute query
\q to quit
postgres=#
Given the psql, you can now create databases and users.
# su postgres
$ psql
The first command is to shift from the "root" user to the "postgres" user. PostgreSQL does not allow "root" login. Instead, it uses the "postgres" user as the default administrator of the system.
The second command is to invoke the "psql" CLI under the user "postgres".
The following is the screen example of the above-mentioned command.
root@asus:/etc/init.d# su postgres
postgres@asus:/etc/init.d$ psql
Welcome to psql 8.3.7, the PostgreSQL interactive terminal.
Type: \copyright for distribution terms
\h for help with SQL commands
\? for help with psql commands
\g or terminate with semicolon to execute query
\q to quit
postgres=#
Given the psql, you can now create databases and users.
Installing PostgreSQL on Ubuntu
What is PostgreSQL?
PostgreSQL is a production-grade multi-platform SQL database system. The database system is ANSI SQL92/99 compliant. The software is freely downloadable at http://www.postgresql.org website and is licensed under the BSD open source license.
Installation
To install PosgreSQL on Ubuntu 9.04, issue the command:
# apt-get install postgresql
To start PostgreSQL, issue the command:
#/etc/init.d/postgresql-8.3 start
To restart PostgreSQL, issue the command:
#/etc/init.d/postgresql-8.3 restart
To stop PostgreSQL, issue the command:
#/etc/init.d/postgresql-8.3 stop
More Notes
a) Default port of PostgreSQL is "5342"
b) Default database administrator username is "postgres"
c) Default database template is "template1"
Limits
According to the PostgreSQL website, the following are PostgreSQL 8.3 limits:
License Text
(formerly known as Postgres, then as Postgres95)
Portions Copyright (c) 1996-2008, The PostgreSQL Global Development Group
Portions Copyright (c) 1994, The Regents of the University of California
Permission to use, copy, modify, and distribute this software and its documentation for any purpose, without fee, and without a written agreement is hereby granted, provided that the above copyright notice and this paragraph and the following two paragraphs appear in all copies.
IN NO EVENT SHALL THE UNIVERSITY OF CALIFORNIA BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF THE UNIVERSITY OF CALIFORNIA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
THE UNIVERSITY OF CALIFORNIA SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS ON AN "AS IS" BASIS, AND THE UNIVERSITY OF CALIFORNIA HAS NO OBLIGATIONS TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
PostgreSQL is a production-grade multi-platform SQL database system. The database system is ANSI SQL92/99 compliant. The software is freely downloadable at http://www.postgresql.org website and is licensed under the BSD open source license.
Installation
To install PosgreSQL on Ubuntu 9.04, issue the command:
# apt-get install postgresql
To start PostgreSQL, issue the command:
#/etc/init.d/postgresql-8.3 start
To restart PostgreSQL, issue the command:
#/etc/init.d/postgresql-8.3 restart
To stop PostgreSQL, issue the command:
#/etc/init.d/postgresql-8.3 stop
More Notes
a) Default port of PostgreSQL is "5342"
b) Default database administrator username is "postgres"
c) Default database template is "template1"
Limits
According to the PostgreSQL website, the following are PostgreSQL 8.3 limits:
| Limit | Value |
|---|---|
| Maximum Database Size | Unlimited |
| Maximum Table Size | 32 TB |
| Maximum Row Size | 1.6 TB |
| Maximum Field Size | 1 GB |
| Maximum Rows per Table | Unlimited |
| Maximum Columns per Table | 250 - 1600 depending on column types |
| Maximum Indexes per Table | Unlimited |
License Text
License
PostgreSQL is released under the BSD license.
PostgreSQL Database Management System(formerly known as Postgres, then as Postgres95)
Portions Copyright (c) 1996-2008, The PostgreSQL Global Development Group
Portions Copyright (c) 1994, The Regents of the University of California
Permission to use, copy, modify, and distribute this software and its documentation for any purpose, without fee, and without a written agreement is hereby granted, provided that the above copyright notice and this paragraph and the following two paragraphs appear in all copies.
IN NO EVENT SHALL THE UNIVERSITY OF CALIFORNIA BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF THE UNIVERSITY OF CALIFORNIA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
THE UNIVERSITY OF CALIFORNIA SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS ON AN "AS IS" BASIS, AND THE UNIVERSITY OF CALIFORNIA HAS NO OBLIGATIONS TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
Wednesday, June 24, 2009
Restricting Access of Local Users to SSHD
How to restrict access of local users to the OpenSSH services?
Step 1: Assuming you want to restrict the user "myfriend", edit the "/etc/ssh/sshd_config" file:
# vi /etc/ssh/sshd_config
Step 2: Insert the following line in the file:
DenyUsers myfriend
Step 3: Save and restart your SSH server:
# /etc/rc.d/init.d/sshd restart
Tested
I have tested the above procedure on CentOS 5.3 with OpenSSH as the SSH server software.
Furthermore
(a) For two or more users, the format of the "DenyUsers" directive is as follows:
DenyUsers user1 user2 user3 user4
(b) To restrict groups, the directive is "DenyGroups". The format is as follows:
DenyGroups group1 group2 group3 group4
Step 1: Assuming you want to restrict the user "myfriend", edit the "/etc/ssh/sshd_config" file:
# vi /etc/ssh/sshd_config
Step 2: Insert the following line in the file:
DenyUsers myfriend
Step 3: Save and restart your SSH server:
# /etc/rc.d/init.d/sshd restart
Tested
I have tested the above procedure on CentOS 5.3 with OpenSSH as the SSH server software.
Furthermore
(a) For two or more users, the format of the "DenyUsers" directive is as follows:
DenyUsers user1 user2 user3 user4
(b) To restrict groups, the directive is "DenyGroups". The format is as follows:
DenyGroups group1 group2 group3 group4
Monday, June 22, 2009
Installing DenyHosts
What is DenyHosts?
DenyHosts is a small python program created by Phil Schwartz which is intended to stop SSH attacks by adding an entry to the /etc/hosts.deny file on UNIX/LINUX systems based on the number of failed logins.
Software License
The program is licensed under the General Public License (GPL) version 2.
Download
The program can be downloaded from http://denyhosts.sourceforge.net/
Installing DenyHosts
Using an rpm package of DenyHost, issue the command as "root" user:
# rpm -Uvh DenyHosts-2.6-python2.4.noarch.rpm
DenyHost Files
/usr/bin/denyhosts.py
/usr/lib/python2.4/site-packages/DenyHosts/__init__.py
/usr/lib/python2.4/site-packages/DenyHosts/__init__.pyc
/usr/lib/python2.4/site-packages/DenyHosts/allowedhosts.py
/usr/lib/python2.4/site-packages/DenyHosts/allowedhosts.pyc
/usr/lib/python2.4/site-packages/DenyHosts/constants.py
/usr/lib/python2.4/site-packages/DenyHosts/constants.pyc
/usr/lib/python2.4/site-packages/DenyHosts/counter.py
/usr/lib/python2.4/site-packages/DenyHosts/counter.pyc
/usr/lib/python2.4/site-packages/DenyHosts/daemon.py
/usr/lib/python2.4/site-packages/DenyHosts/daemon.pyc
/usr/lib/python2.4/site-packages/DenyHosts/deny_hosts.py
/usr/lib/python2.4/site-packages/DenyHosts/deny_hosts.pyc
/usr/lib/python2.4/site-packages/DenyHosts/denyfileutil.py
/usr/lib/python2.4/site-packages/DenyHosts/denyfileutil.pyc
/usr/lib/python2.4/site-packages/DenyHosts/filetracker.py
/usr/lib/python2.4/site-packages/DenyHosts/filetracker.pyc
/usr/lib/python2.4/site-packages/DenyHosts/lockfile.py
/usr/lib/python2.4/site-packages/DenyHosts/lockfile.pyc
/usr/lib/python2.4/site-packages/DenyHosts/loginattempt.py
/usr/lib/python2.4/site-packages/DenyHosts/loginattempt.pyc
/usr/lib/python2.4/site-packages/DenyHosts/old-daemon.py
/usr/lib/python2.4/site-packages/DenyHosts/old-daemon.pyc
/usr/lib/python2.4/site-packages/DenyHosts/plugin.py
/usr/lib/python2.4/site-packages/DenyHosts/plugin.pyc
/usr/lib/python2.4/site-packages/DenyHosts/prefs.py
/usr/lib/python2.4/site-packages/DenyHosts/prefs.pyc
/usr/lib/python2.4/site-packages/DenyHosts/purgecounter.py
/usr/lib/python2.4/site-packages/DenyHosts/purgecounter.pyc
/usr/lib/python2.4/site-packages/DenyHosts/python_version.py
/usr/lib/python2.4/site-packages/DenyHosts/python_version.pyc
/usr/lib/python2.4/site-packages/DenyHosts/regex.py
/usr/lib/python2.4/site-packages/DenyHosts/regex.pyc
/usr/lib/python2.4/site-packages/DenyHosts/report.py
/usr/lib/python2.4/site-packages/DenyHosts/report.pyc
/usr/lib/python2.4/site-packages/DenyHosts/restricted.py
/usr/lib/python2.4/site-packages/DenyHosts/restricted.pyc
/usr/lib/python2.4/site-packages/DenyHosts/sync.py
/usr/lib/python2.4/site-packages/DenyHosts/sync.pyc
/usr/lib/python2.4/site-packages/DenyHosts/util.py
/usr/lib/python2.4/site-packages/DenyHosts/util.pyc
/usr/lib/python2.4/site-packages/DenyHosts/version.py
/usr/lib/python2.4/site-packages/DenyHosts/version.pyc
/usr/share/denyhosts/CHANGELOG.txt
/usr/share/denyhosts/LICENSE.txt
/usr/share/denyhosts/README.txt
/usr/share/denyhosts/daemon-control-dist
/usr/share/denyhosts/denyhosts.cfg-dist
/usr/share/denyhosts/plugins/README.contrib
/usr/share/denyhosts/plugins/shorewall_allow.sh
/usr/share/denyhosts/plugins/shorewall_deny.sh
/usr/share/denyhosts/plugins/test_deny.py
/usr/share/denyhosts/scripts/restricted_from_invalid.py
/usr/share/denyhosts/scripts/restricted_from_passwd.py
/usr/share/denyhosts/setup.py
Tested
The installation of the program is fairly easy. I have tested it under CentOS 5.3 with Python 2.4 installation.
Installation Instruction
Read the README.txt file. The README.txt files contains a clear installation instruction for the program. This file is reproduced below:
DenyHosts is a utility developed by Phil Schwartz which aims to
thwart sshd (ssh server) brute force attacks.
Please refer to http://www.denyhosts.net/faq.html
INSTALLATION:
=============
SOURCE DISTRIBUTION
===================
If you downloaded the source distribution file (DenyHosts-#.#.#-tar.gz)
then:
$ tar zxvf DenyHosts-#.#.#-tar.gz (Where #.#.# is the version)
$ cd DenyHosts-#.#.#
as root:
# python setup.py install
This will install the DenyHosts modules into python's site-packages
directory.
BINARY DISTRIBUTION (rpm, deb, etc)
===================
It is assumed that you are familiar with installing a binary package
on your particular operating system. If you are unsure how to do
this, you may wish to install from souce instead.
ALL DISTRIBUTIONS
=================
Once you have installed DenyHosts, by default the directory
/usr/share/denyhosts will be created and a sample configuration
file will be copied into it. A sample daemon-control script will
also be copied into the /usr/share/denyhosts directory.
DenyHosts requires that a configuration file be created before
it can function. The sample configuration file denyhosts.cfg-dist
contains most of the possible settings and should be copied and
then edited as such:
# cp denyhosts.cfg-dist denyhosts.cfg
#
(where
The sample configuration file contains informational comments that
should help you quickly configure DenyHosts. After you have
edited your configuration file, save it.
Next, if you intend to run DenyHosts in daemon mode (recommended)
copy the sample daemon-control.dist script as such:
# cp daemon-control-dist daemon-control
Edit the daemon-control file. You should only need to edit this section
near the top:
###############################################
#### Edit these to suit your configuration ####
###############################################
DENYHOSTS_BIN = "/usr/bin/denyhosts.py"
DENYHOSTS_LOCK = "/var/lock/subsys/denyhosts"
DENYHOSTS_CFG = "/usr/share/denyhosts/denyhosts.cfg"
These defaults should be reasonable for many systems. You
should customize these settings to match your particular
system.
Once you have edited the configuration and daemon control files
make sure that the daemon control script it executable (by root).
# chown root daemon-control
# chmod 700 daemon-control
STARTING DENYHOSTS MANUALLY
===========================
Assuming you have configured DenyHosts to run as a daemon, you
can use the daemon-control script to control it:
# daemon-control start
You should refer to the daemon log (typically /var/log/denyhosts)
to ensure that DenyHosts is running successfully. If you
notice any problems you may wish to consult the FAQ at
http://www.denyhosts.net/faq.html
If you wish to run DenyHosts from cron rather than as a
daemon, please refer to the FAQ.
STARTING DENYHOSTS AUTOMATICALLY
================================
METHOD 1 (preferred)
====================
Create a symbolic link from /etc/init.d such as:
# cd /etc/init.d
# ln -s /usr/share/denyhosts/daemon-control denyhosts
If you have chkconfig installed you can then use it to
ensure that DenyHosts runs at boot time:
# chkconfig --add denyhosts
If you do not have chkconfig (or similar) installed you can either manually
create the symlinks in /etc/rc2.d, /etc/rc3.d, /etc/rc5.d but that is beyond
the scope of this document.
METHOD 2
========
Add an entry into the /etc/rc.local file:
/usr/share/denyhosts/daemon-control start
Subscribe to:
Posts (Atom)