Manual Servidor SIAT Versi+ N Final - Victor

MANUAL de
INSTALACION Y
CONFIGURACIN
SERVIDOR Siat Server,
SiatBd
y Servidor de Desarrollo
(172.16.2.213, 172.16.1.2 y
172.16.2.18)
Versin 2.3
I - Descripcin Distribuciones Server
Ubuntu (http://www.ubuntulinux.org)
es
una
distribucin GNU/Linux fcil de utilizar y orientada tanto
al usuario de escritorio como al servidor. Se encuentra
mantenida por una comunidad de desarrolladores que reciben el
soporte de la empresa Canonical, la cual vende
servicios relacionados con la distribucin.
El proyecto openSUSE es un programa comunitario a nivel
internacional patrocinado por Novell. Al mismo tiempo que
promueve el uso de Linux, openSUSE.org proporciona acceso
fcil y gratuito a la distribucin de Linux ms utilizable del
mundo, openSUSE. El proyecto openSUSE ofrece a
desarrolladores y usuarios todo lo que necesitan para empezar a trabajar con Linux.
Red Hat Enterprise Linux tambin conocido por sus
siglas RHEL es una distribucin comercial de Linux
desarrollada por Red Hat. Es la versin comercial de Fedora, y
anteriormente lo era de RedHat Linux, de forma similar a
como Novell SUSE Enterprise (SUSE Linux Enterprise
Desktop y SLE Server) lo es respecto de OpenSUSE o
Mandriva Corporate respecto de Mandriva Linux One.
Mientras que las nuevas versiones de Fedora salen cada
aproximadamente 6 meses, las de RHEL suelen hacerlo cada 18 o 24 meses (aunque
desde RHEL 5 ya han pasado 32 meses y aun no se sabe la fecha de RHEL 6). Tienen
soporte oficial de Red Hat, programas de certificacin, etc.
Mandriva o Mandriva
Linux es
una distribucin Linux publicada por la compaa
francesa Mandriva destinada tanto para principiantes
como para usuarios experimentados, que ofrece
un sistema operativo orientado a computadoras
personales y tambin para servidores con un enfoque a
los usuarios que se estn introduciendo al mundo
de Linux y al software libre. Surgi en julio de 1998
resultado de la fusin de la distribucin francesa Mandrake Linux y la brasilea
Conectiva Linux.
II - Instalacin Ubuntu Server

A la realizacin de este documento se cont con un CD instalador de la
distribucin Ubuntu-Server 9.10. Es necesario contar con conocimientos previos de
instalaciones bajo Linux. A continuacin mostrar el proceso de instalacin de manera
genrica, detallando solamente aspectos crticos del Server, necesarios para la MPA y el
SIAT.
1 El idioma de las opciones de instalacin, teclado, e idioma del sistema sern
Espaol.
2 Red, se recomienda que la configuracin sea manual, tanto si se cuenta con un
servicio de DHCP o no, ya que de esta configuracin dependera el resto de servicios que
dependan del servicio networking de Ubuntu.
3 Hostname, UbuntuSiat
4 Particiones, se cont con un disco duro de 80gb (pruebas) siendo las particiones las
siguientes:
Punto
montaje
Swap
/var
Tipo particin
Cantidad
Uso
2 GB
50 GB
Sistema
Archivos
Intercambio
Ext4
Primaria
Primaria
/home
/
Primaria
Extendida
10 GB
17 GB
Ext4
Ext4
Usuarios
Sistema Operativo
Intercambio
Variables, fuentes y data
ServerSiat: Disco de 146 GB en RAID1:

Punto
montaje
Swap
/var
Tipo particin
Cantidad
Uso
16 GB
110 GB
Sistema
Archivos
Intercambio
Ext4
Primaria
Primaria
/home
/
Primaria
Extendida
10 GB
10.8 GB
Ext4
Ext4
Usuarios
Sistema Operativo
Uso
Usuarios
Sistema Operativo
Intercambio
SiatDb: Disco de 250 GB en RAID1:

Punto
montaje
Swap
/var
Tipo particin
Cantidad
Primaria
Primaria
20 GB
200 GB
Sistema
Archivos
Intercambio
Ext4
/home
/
Primaria
Extendida
10 GB
20 GB
Ext4
Ext4
Intercambio
Swap : muchos manuales de instalacin bajo Linux (no importa la distro), ya sea
para server o para desktop se recomienda una swap que sea el doble de la
capacidad de la maquina que se este instalando; esta recomendacin quedo
desfasada, ya que la misma fue hecha a raiz de se contaba con PCs con
restricciones de memoria y capacidad.
/var : se recomienda la mayor parte del disco para este punto de montaje, al ser
este donde se almacena los fuentes del Sistema, data de la base de datos, y
archivos de la mayora de servicios.
/home : este punto de montaje depende de la cantidad de usuarios del S.O; no se

habla de usuarios de postgres, por que actualmente el SIAT gestiona los mismos
mediante tablas de base de datos.
/ : punto de montaje donde se encuentra el sistema operativo en si, cabe resaltar

que no se le dio una particin especial para /boot; ya que no se espera cambiar
de distribucin una vez estando en produccin nuestro servidor.
Tipo Particin Ext4 : ultima version del ext3.
5 Servicios seleccionados: Apache, Samba, DHCP y DNS; los dems servicios

bsicos se instalan por defecto, por razones que se explicaran mas adelante en este
documento no se seleccion Postgres.
III - Configuracin Debian/Ubuntu

Server
root, las distribuciones de Ubuntu no tienen activado por defecto el usuario root, para su
activacin :
sudo passwd root
Password pruebas : ***************
Password SiatServer : ****************
Password SiatBd: ***************
Para cambiar la clave root, una vez que esta exista se procede asi, como root:
sudo passwd
172.16.2.18: nataliaoreiro20101984
172.16.2.18:edwin2:********
172.16.2.18:vhualpa:********
172.16.2.213:transferencia********
172.16.2.213:soporte:********
172.16.1.2: soporte
Los editores utilizados son nano y vi; pero este ltimo deber ser instalado para
deban (aptitude install vim)
Agregar usuarios
useradd edwin2
passwd edwin2
Red, se configura, como root (pruebas):
vi /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
#the first network interface
auto eth0
iface eth0 inet static
address 172.16.2.212
netmask 255.255.254.0
network 172.16.2.0
gateway 172.16.2.1
Server :
auto lo
#the first network interface
auto eth0
address 172.16.2.213
netmask 255.255.254.0
network 172.16.2.0
gateway 172.16.2.1
SiatBd
auto lo
auto eth0
# The primary network interface
#allow-hotplug eth0
#iface eth0 inet dhcp
address 172.16.1.2
netmask 255.255.252.0
network 172.16.1.0
gateway 172.16.2.1
Seguidamente reiniciar el servicio de red :
/etc/init.d/networking restart
Nta : Para actualizar el comando aptitude (gestor de instalaciones), es necesario acceso
a Internet, para descargas de paquetes, pero se debe tener en cuenta que si el acceso es
mediante un Proxy se debe registrarlo con el siguiente comando
export http_proxy = 172.16.2.1:3128
Adems los links de actualizaciones en este caso de Debian seran los siguientes
nano/etc/apt/sources.list
#
# deb cdrom:[Debian GNU/Linux 6.0.2.1 _Squeeze_ - Official amd64 CD Binary-1 20$
#deb cdrom:[Debian GNU/Linux 6.0.2.1 _Squeeze_ - Official amd64 CD Binary-1
201$
deb http://ftp.debian.org/debian/ squeeze main contrib non-free
deb-src http://ftp.debian.org/debian/ squeeze main contrib non-free
deb ftp://ftp.us.debian.org/debian/ squeeze/update main
deb-src ftp://ftp.us.debian.org/debian/ squeeze/update main
deb http://security.debian.org/ squeeze/updates main
deb-src http://security.debian.org/ squeeze/updates main
# squeeze-updates, previously known as 'volatile'
# A network mirror was not selected during install. The following entries
# are provided as examples, but you should amend them as appropriate
# for your mirror of choice.
Aptitude , una vez instalada la red, se procede a actualizar aptitude .

aptitude update
Este comando actualiza el gestor de instalaciones aptitude, con las nuevas versiones de
muchas aplicaciones para ubuntu.
Restringir el acceso SSH

$nano /etc/ssh/sshd_config
Se agrega al final :
AllowUsers edwin2 vhualpa
Y se reinicia el servicio
/etc/init.d/ssh restart
Restringir Navegabilidad Apache2

Primero se tiene que activar la directive AllowOverride:
cd /etc/apache2/sites-available
vi default
NameVirtualHost *
<VirtualHost *>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
All
AllowOverride
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/

<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
Despues en /var/www se crea un archive .htaccess
vi .htaccess
Options All Indexes
NOTA: En httpd.conf verificar que tenga en su cotenido. ServerName localhost
IV - Postgres
La versin estable del postgres, cuando se realiz este documento, esta en la
versin postgresql-8.4, pero existen algunos cambios en las tablas de configuracin
respecto a postgresql-8.3, a saber
Base de datos
Tabla
Valor
Postgresql-8.3
postgres
pg_class
Reltriggers
Postgresql-8-4
Postgres
pg_class
Relhastriggers
Bit
Bolean
El valor reltriggers (8.3) es para la activacin de triggers, la cual se activa mediante una
funcin que discrimina todos los objetos de la base de datos en la que se trabaja; esto a
nivel de backup no causa ningn problema en versiones iguales. La ltima versin
postgres tiene este valor activado, adems de que el nombre de la variable cambi, pero
esto no aplica cuando se restaura un backup de versin anterior. A fines de evitar
conflictos entre versiones y para un ambiente de produccin se eligi postgresql-8.3.
Instalacin
1 - En la lnea de comandos:
aptitude install postgresql-8.4
2 Se activa el usuario postgres:
sudo passwd postgres
172.16.2.18 - Password : Postgres1234567
172.16.2.213-Password : t@is230210
Password - pruebas : postgres
Se establece la contrasea para usuario postgres, recordemos que este usuario es tanto
para base de datos como sistema operativo.
3 Se edita cada uno de los archivos de configuracin; a saber pg_hba.conf,
postgresql.conf, pg_ident.conf.
En pg_hba.conf:
# Database administrative login by UNIX sockets
local all
postgres
ident sameuser
# TYPE DATABASE
USER
CIDR-ADDRESS
# "local" is for Unix domain socket connections only

local all
all
ident sameuser
# IPv4 local connections:
host all
all
127.0.0.1/32
md5
#para especficos sus direcciones para todos y/o por ip
host all
all
0.0.0.0 0.0.0.0 md5
host all
all
0.0.0.0/32
md5
# IPv6 local connections:
#host all
all
::1/128
md5
METHOD
En pg_ident.conf (opcional en case rooteo directo desde linux):

# MAPNAME IDENT-USERNAME
postgres
postgres
postgres
siat
siat
postgres
PG-USERNAME
En postgres.conf
# - Connection Settings listen_addresses = '*'
port = 5432
max connections = 150 (variable a la capacidad del servidor)
#.
# - Memory
shared_buffers = 1024MB (25% de RAM, max recommendable 30%)
work men = 2MB (variable a la capacidad del servidor)
maintenance_work_men = 256MB (0.5 % de RAM)
#.
Finalmente se reinicia el servicio:
/etc/init.d/postgresql-8.3 restart
Para el usuario postgres, como usuario postgres en SERVER,
Psql
alter user postgres with password siatserver2011;
createuser s E P siat
alter user siat with password siatserver2011;
Calculando espacio en disco de Base de

datos
Para tareas de control y seguimiento, es necesario saber cuanto espacio en disco ocupa
una base de datos en particular, para eso como usuario postgres se hace lo siguiente:
su postgres
Psql
postgres=# select pg_size_pretty( pg_database_size('bd_tributaria'));
Instalando FTS
Las funcionalidades de FTS, en caso de no estar instaladas se procede asi:
aptitude search postgresql-contrib
como usuario postgres :
psql d bd_tributaria45_2_desarrollo h localhost f
usr/share/postgresql/8.3/contrib/fuzzystrmatch.sql
Esto es por cada base de datos
Restaurando Backup
Por lo general para restaurar backup generados en Windows, en el sistema operativo
como usuario postgres.
pg_restore d bd_tributaria /var/backups/bdtributaria_29-09-2011.backup
Y para backups generados en Linux
pg_restore Ft d bd_tributaria /var/backups/bdtributaria_29-09-2011.backup
Generando Backup
pg_dump Ft bd_tributaria > /var/backups/bd_tributaria.backup
Con parmetros de fecha:
pg_dump Ft bd_tributaria > /var/backups/bd_tributaria_(date +%F).backup
para generar backup con los mismos parmetros de PGAdminIII en entorno Windows:
pg_dump F c v f /var/backups/bd_migracion.backup n \public\ bd_migracion
generar backup en raw linux:
pg_dump Ft bd_migracion > /var/www/Backups/bd_migracion3.backup
Desarrollo de Aplicaciones C++ con

Postgres
Primero se instala las libreras libpq
aptitude install libpq5
aptitude install libpq-dev
Creamos un archivo c++ en /root o en algn directorio de desarrollo prueba.cc:
#include <iostream>
#include "libpq-fe.h"
#include <map>
using namespace std;
static void exit_nicely(PGconn *conn){
PQfinish(conn);
exit(1);
}
int main(){
///////////////////////////////////////////////////////////////////////////////
//campos para map
///////////////////////////////////////////////////////////////////////////////
map< int , int > map_origen_destino;
const char *conninfo;
PGconn *conn;
PGresult *res;
int nFields;
int i,j;
int numero_registros=0;
conninfo= "dbname=bd_tributaria45_2_desarrollo";
conn= PQconnectdb(conninfo);
if(PQstatus(conn)!=CONNECTION_OK){
cout<<PQerrorMessage(conn);
exit_nicely(conn);
}else{
cout<<"conexion exitosa";
}
//PGresult *res;
//res=PQexec(conn,"select count(*) from tp_cta_cte");
res=PQexec(conn,"select orides_iid from ts_detalle_cta_cte");
if(PQresultStatus(res)!=PGRES_TUPLES_OK){
cout<<"consulta fallo!!"<<endl;
PQclear(res);
exit_nicely(conn);
}
numero_registros=PQntuples(res);
//
//cout<<"son n filas: "<<PQntuples(res)<<endl;

if(j=PQntuples(res)){
int temporal=0;
for(int i=0;i<numero_registros;i++){
temporal=atoi(PQgetvalue(res,i,0));
map_origen_destino[temporal]++;
//cout<<PQgetvalue(res,i,0)<<"-----------------"<<endl;
//
//
}
PQclear(res);
}
PQclear(res);
PQfinish(conn);
cout<<"Mapa generado correctamente!!!"<<endl;
map< int, int >::iterator origen=map_origen_destino.begin();
for(;origen!=map_origen_destino.end();origen++){
cout<<(*origen).first<<":"<<(*origen).second<<"@";
}
return 1;
Este programa cuenta las ocurrencias de un origen destino en detalle cuenta corriente, y
lo almacena en un mapa.
Para compilarlo, se procedi a instalar el gcc y g++
g++ -I/usr/include/postgresql/ -L/usr/lib/postgresql/8.3/lib/ -lpq o prueba.o prueba.cc
Se ejecuta el archivo .o
./prueba.o
V - PHP
La versin PHP 5.2.10 , editamos el archivo de configuracin de PHP
vi /etc/php5/apache2/php.ini
Las secciones siguientes copiarlas al archivo
;;;;;;;;;;;;;;;;;;;
; Resource Limits ;
;;;;;;;;;;;;;;;;;;;
max_execution_time = 90 ; Maximum execution time of each script, in
seconds
max_input_time = 60 ; Maximum amount of time each script may spend parsing
request data
;max_input_nesting_level = 64 ; Maximum input variable nesting level
memory_limit = 160M
; Maximum amount of memory a script may consume
(16MB)
..
; PHP's built-in default is text/html

default_mimetype = "text/html"
default_charset = "utf-8"
;default_charset = "iso-8859-1"
..
;;;;;;;;;;;;;;;;;;;;;;;;;
; Paths and Directories ;
;;;;;;;;;;;;;;;;;;;;;;;;;
; UNIX: "/path1:/path2"
;include_path = ".:/usr/share/php"
include_path
=".:/var/www/Siat/libs:/var/www/Siat/class:/var/www/Siat/configuracion:/var/w
ww/STD/class:/var/www/STD/configuracion"
;
Se guardan los cambios, a continuacin se procede a instalar la librera de conexin

PHP-Postgres
aptitude install php5-pgsql
Tambin la librera grafica para php:
aptitude install php5-gd
despus de todos estos cambios se reinicia el servidor web :
/etc/init.d/apache2 restart
VI - SAMBA
Se instalo por defecto Samba 3. En la configuracin de Samba, la seccin de profiles, se
agrega :
Pruebas :
[Siat]
comment = Carpetas SIAT2010
path = /var/www/
guest ok =yes
read only = no
browseable = yes
create mask = 0777
directory mask = 0777
Server :
[SiatServer]
comment = Carpetas SIAT2010
path = /var/www/
guest ok =yes
read only = no
browseable = yes
create mask = 0777
directory mask = 0777
Finalmente reiniciar el servicio :
/etc/init.d/samba restart
Para acceder con samba se necesita tener usuarios. En este caso primero crear usuarios
como root y luego adicionarlos al samba. Ejemplo.
useradd siat
smbpasswd -a siat
otros parmetros (-x eliminar, -d deshabilitar, -e habilitar, -n
usuario sin password y m cuenta de equipo)
Para restringir accesos se utiliza

Tipos de permiso
r (^2)
w (^1)
x (^0)
1
2
2
4
4
4
r=Read (Lectura)
w=Write (Escritura)
Total
0
1
2
3
5
6
Resultado de los
permisos
Sin permisos
Ejecucin
Escritura
Escritura y ejecucin
Lectura
Lectura y ejecucin
Lectura y ejecucin
Lectura, escritura y
ejecuin
x=Execution (Ejecucin)
Clases de usuario
1.- propietario del fichero.
2.- grupo al que pertenece el fichero.
3.- el resto de usuarios.
Ejemplos:
Chmod 777 /var/www/siat
Acceso total a last res clases de acceso
Chmod 117 /var/www.siat

Lectura para propietario y grupo. Total para el resto
En caso se quiera dar acceso por grupos, primero a la carpeta siat se le debe otorgar un
grupo, para el caso del Servidor de Desarrollo se le ha otorgado grupo informatica y
para el de produccin sin grupo. Para ello los usuarios deben estar definidos por grupos
VII - CRONTAB
Para hacer tareas programadas bajo entorno Linux, la poltica establecida es
todos los das a las 11:00 pm se realizara un backup del cdigo fuente del SIAT. Bajo
esa premisa se realiz los siguientes pasos:
crear un script bajo root, con permisos root llamado tarea.sh
#script en bash para generar un archivo comprimido de
#toda la carpeta SIAT, la cual se generara en
# /var/www/
#el nombre tiene la forma
# siat date donde ddate es la fecha actual ejem: siat2010-01-31
#la salida se redirecciona al archivo null
tar -caf /var/www/siat$(date +%F).tar.gz /var/www/Siat >>/dev/null 2>1;
se agrega una nueva tarea a crontab, en la lnea de comandos :
crontab e
el editor elegido puede ser nano o vim, en caso de ser nano los atajos ctrl + O guardar y
ctrl + X salir
# m h dom mon dow command
00 23 * * * /var/www/tarea.sh
Esto indica que a las 11:00 pm de todos los dias se ejecutara tarea.sh. Es importante que
el sistema tenga la hora correcta, tanto del sistema como del hardware, ver date,
hwclock y ntpdate.
Muchas veces, la hora del sistema no es la misma que la hora del hardware, para probar
esto se tiene que obtener las 2 horas. Por ejemplo:
hwclock
vie 29 oct 2010 08:38:06 PET -0.985305 seconds
date
vie oct 29 03:14:19 PET 2010
En este caso los 2 tiempos son diferentes, el proceso crontab en algunos casos es
dirigido por la hora del hardware (hwclock) , entonces se recomienda que las 2 horas
esten alineadas.
hwclock --set --date="2010-10-29 08:33:00"
date -s "29 OCT 2010 08:33:00"
Para generar un backup de la base de datos, como usuario postgres, crear un archivo
llamado tareaPostgres.sh
vi tareaPostgres.sh
Ingresar el siguiente codigo
#script en bash para generar un archivo comprimido de
#bd_tributaria18 en var/www/Backups
pg_dump -Ft bd_tributaria45_2>/var/www/Backups/bd_tributaria45_2_$(date +
%F).backup
Este script genera un backup de la base de datos en produccion bd_tributaria45_2 en
la carpeta Backups , adjuntandole la fecha que fue creado tal backup.
Seguidamente crear la tarea correspondiente
crontab e
# m h dom mon dow command
30 23 * * * /var/www/tareaPostgres.sh
NOTA: los scripts debern tener acceso de ejecucin y obviar usuario root en el crontab
y del mismo modo debe iniciar su lista de comandos como sigue:
#!/bin/sh
VIII Subversin
Instalacin, en modo sper usuario
aptitude install subversion subversion-tools
Creamos la carpeta para repositorios:
mkdir /var/lib/svn
mkdir /var/lib/svn/siat
La carpeta svn sera la raiz de los repositorios, en este caso tiene un repositorio siat.
Seguidamente usamos el comando svnadmin para crear un repositorio:
svnadmin create /var/lib/svn/test
Creamos el arbol de directorio propios para subversion:
svn mkdir file:///var/lib/svn/siat
svn mkdir file:///var/lib/svn/siat/trunk -m Trunk
svn mkdir file:///var/lib/svn/siat/tags -m Tags
svn mkdir file:///var/lib/svn/siat/branches -m Branches
Configuracin del repositorio svn para uso compartido mediante un servidor Apache
aptitude install libapache2-svn
Ajustar la propiedad del repositorio y su contenido
chown -R www-data /var/lib/svn/test
Configuracin de acceso de los usuarios
sudo htpasswd -c /etc/apache2/dav_svn.passwd us1
sudo htpasswd /etc/apache2/dav_svn.passwd us2
Configuracin del mdulo de acceso DAV, editamos dav_svn.conf
vi /etc/apache2/mods-available/dav_svn.conf
Muestro las lineas relevantes para la configuracion:

<Location /svn >
DAV svn
SVNParentPath /var/lib/svn
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
</Location>
Nos situamos en :
cd /etc /apache2/sites-available
vi default
Agregamos la siguiente linea:
<Location /svn>
DAV svn
</Location>
Reiniciamos el servicio web
/etc/init.d/apache2 restart
IX Acceso remoto
Servidor
apt-get install tightvncserver
tightvncserver :1 -name sesion1 -depth 16 -geometry 640x480
Cliente
apt-get install xtightvncviewer
xtightvncviewer
Xvnc, que es el servidor en si.

vncviewer, el programa cliente.
vncpasswd, para cambiar la contrasea de cada sesin.
vncconnect, para conectarnos a un servidor VNC.
vncserver, para iniciar sesiones VNC.
X Berkeley DB
aptitude install libdb4.6++
aptitude install libdb4.6++-dev
G++ -I/usr/include/ -ldb_cxx o pruebaDB.out pruebaDB.cc
Activacion de Db en php
En /etc/php5/apache2/
Vi php.ini
Se aade
.
-enable-dba=shared
-enable-dba with db4
XI Configuracin UPSs
02-12-2010 : se procedi a documentar la actividad realizada el da 01-12-2010, por
parte de terceros.
Apcupsd a daemon for controlling APC

UPSes
Apcupsd es un software que puede ser usado para administrar y controlar la mayora de
APCs UPSs en Unix y Windows.
sudo passwd
Apt-get install apcupsd
/etc/init.d/apcupsd status
/etc/init.d/apcupsd start
nano /etc/default/apcupsd
El contenido es:
#Defaults for apcupsd initscript
#ApcUpsd-Devel internal configuration
APCACCESS=/sbin/apcaccess
ISCONFIGURED=yes
Updatedb es un comando incluido en findutils que se encarga de actualizar una base de
datos con todos los achivos del sistema, utilizada por locate para hallar archivos
rpidamente en sistemas de grandes cantidades de ficheros o incluso distintos
dispositivos y sistemas de ficheros.
updatedb
locate apcups
locate apcups
Nano /etc/apcupsd/apcupsd.conf
El contenido es:
## apcupsd.conf v1.1 ##
#
# for apcupsd release 3.14.6 (16 May 2009) - debian
#
# "apcupsd" POSIX config file
#
# ========= General configuration parameters ============
#
# UPSNAME xxx
# Use this to give your UPS a name in log files and such. This
# is particulary useful if you have multiple UPSes. This does not
# set the EEPROM. It should be 8 characters or less.
#UPSNAME
# UPSCABLE <cable>
# Defines the type of cable connecting the UPS to your computer.
#
# Possible generic choices for <cable> are:
# simple, smart, ether, usb
#
# Or a specific cable model number may be used:
# 940-0119A, 940-0127A, 940-0128A, 940-0020B,
# 940-0020C, 940-0023A, 940-0024B, 940-0024C,
# 940-1524C, 940-0024G, 940-0095A, 940-0095B,
# 940-0095C, M-04-02-2000
#
UPSCABLE ether
# To get apcupsd to work, in addition to defining the cable
# above, you must also define a UPSTYPE, which corresponds to

# the type of UPS you have (see the Description for more details).
# You must also specify a DEVICE, sometimes referred to as a port.
# For USB UPSes, please leave the DEVICE directive blank. For
# other UPS types, you must specify an appropriate port or address.
#
# UPSTYPE DEVICE
Description
# apcsmart /dev/tty**
Newer serial character device,
#
appropriate for SmartUPS models using
#
a serial cable (not USB).
#
# usb
<BLANK>
Most new UPSes are USB. A blank DEVICE
#
setting enables autodetection, which is
#
the best choice for most installations.
#
# net
hostname:port Network link to a master apcupsd
#
through apcupsd's Network Information
#
Server. This is used if you don't have
#
a UPS directly connected to your computer.
#
# snmp
hostname:port:vendor:community
#
SNMP Network link to an SNMP-enabled
#
UPS device. Vendor is the MIB used by
#
the UPS device: can be "APC", "APC_NOTRAP"
#
or "RFC" where APC is the powernet MIB,
#
"APC_NOTRAP" is powernet with SNMP trap
#
catching disabled, and RFC is the IETF's
#
rfc1628 UPS-MIB. You usually want "APC".
#
Port is usually 161. Community is usually
#
"private".
#
# dumb
/dev/tty**
Old serial character device for use
#
with simple-signaling UPSes.
#
# pcnet ipaddr:username:passphrase
#
PowerChute Network Shutdown protocol
#
which can be used as an alternative to SNMP
#
with AP9617 family of smart slot cards.
#
ipaddr is the IP address of the UPS mgmt
#
card. username and passphrase are the
#
credentials for which the card has been
#
configured.
#
UPSTYPE snmp
DEVICE 172.16.0.21:161:APC:private
# POLLTIME <int>
# Interval (in seconds) at which apcupsd polls the UPS for status. This
# setting applies both to directly-attached UPSes (UPSTYPE apcsmart, usb,
# dumb) and networked UPSes (UPSTYPE net, snmp). Lowering this setting
# will improve apcupsd's responsiveness to certain events at the cost of
# higher CPU utilization. The default of 60 is appropriate for most
# situations.
#POLLTIME 60
# LOCKFILE <path to lockfile>
# Path for device lock file. Not used on Win32.
LOCKFILE /var/lock
# SCRIPTDIR <path to script directory>
# Directory in which apccontrol and event scripts are located.

SCRIPTDIR /etc/apcupsd
# PWRFAILDIR <path to powerfail directory>
# Directory in which to write the powerfail flag file. This file
# is created when apcupsd initiates a system shutdown and is
# checked in the OS halt scripts to determine if a killpower
# (turning off UPS output power) is required.
PWRFAILDIR /etc/apcupsd
# NOLOGINDIR <path to nologin directory>
# Directory in which to write the nologin file. The existence
# of this flag file tells the OS to disallow new logins.
NOLOGINDIR /etc
#
# ======== Configuration parameters used during power failures ==========
#
# The ONBATTERYDELAY is the time in seconds from when a power failure
# is detected until we react to it with an onbattery event.
#
# This means that, apccontrol will be called with the powerout argument
# immediately when a power failure is detected. However, the
# onbattery argument is passed to apccontrol only after the
# ONBATTERYDELAY time. If you don't want to be annoyed by short
# powerfailures, make sure that apccontrol powerout does nothing
# i.e. comment out the wall.
ONBATTERYDELAY 6
#
# Note: BATTERYLEVEL, MINUTES, and TIMEOUT work in conjunction, so
# the first that occurs will cause the initation of a shutdown.
#
# If during a power failure, the remaining battery percentage
# (as reported by the UPS) is below or equal to BATTERYLEVEL,
# apcupsd will initiate a system shutdown.
BATTERYLEVEL 20
# If during a power failure, the remaining runtime in minutes
# (as calculated internally by the UPS) is below or equal to MINUTES,
# apcupsd, will initiate a system shutdown.
MINUTES 10
# If during a power failure, the UPS has run on batteries for TIMEOUT
# many seconds or longer, apcupsd will initiate a system shutdown.
# A value of 0 disables this timer.
#
# Note, if you have a Smart UPS, you will most likely want to disable
# this timer by setting it to zero. That way, you UPS will continue
# on batteries until either the % charge remaing drops to or below BATTERYLEVEL,
# or the remaining battery runtime drops to or below MINUTES. Of course,
# if you are testing, setting this to 60 causes a quick system shutdown
# if you pull the power plug.
# If you have an older dumb UPS, you will want to set this to less than
# the time you know you can run on batteries.
TIMEOUT 1200
# Time in seconds between annoying users to signoff prior to

# system shutdown. 0 disables.
ANNOY 300
# Initial delay after power failure before warning users to get
# off the system.
ANNOYDELAY 60
# The condition which determines when users are prevented from
# logging in during a power failure.
# NOLOGON <string> [ disable | timeout | percent | minutes | always ]
NOLOGON disable
# If KILLDELAY is non-zero, apcupsd will continue running after a
# shutdown has been requested, and after the specified time in
# seconds attempt to kill the power. This is for use on systems
# where apcupsd cannot regain control after a shutdown.
# KILLDELAY <seconds> 0 disables
KILLDELAY 0
#
# ==== Configuration statements for Network Information Server ====
#
# NETSERVER [ on | off ] on enables, off disables the network
# information server. If netstatus is on, a network information
# server process will be started for serving the STATUS and
# EVENT data over the network (used by CGI programs).
NETSERVER on
# NISIP <dotted notation ip address>
# IP address on which NIS server will listen for incoming connections.
# This is useful if your server is multi-homed (has more than one
# network interface and IP address). Default value is 0.0.0.0 which
# means any incoming request will be serviced. Alternatively, you can
# configure this setting to any specific IP address of your server and
# NIS will listen for connections only on that interface. Use the
# loopback address (127.0.0.1) to accept connections only from the
# local machine.
NISIP 127.0.0.1
# NISPORT <port> default is 3551 as registered with the IANA
# port to use for sending STATUS and EVENTS data over the network.
# It is not used unless NETSERVER is on. If you change this port,
# you will need to change the corresponding value in the cgi directory
# and rebuild the cgi programs.
NISPORT 3551
# If you want the last few EVENTS to be available over the network
# by the network information server, you must define an EVENTSFILE.
EVENTSFILE /var/log/apcupsd.events
# EVENTSFILEMAX <kilobytes>
# By default, the size of the EVENTSFILE will be not be allowed to exceed
# 10 kilobytes. When the file grows beyond this limit, older EVENTS will
# be removed from the beginning of the file (first in first out). The
# parameter EVENTSFILEMAX can be set to a different kilobyte value, or set
# to zero to allow the EVENTSFILE to grow without limit.
EVENTSFILEMAX 10
#
# ========== Configuration statements used if sharing =============
#
a UPS with more than one machine
#
# Remaining items are for ShareUPS (APC expansion card) ONLY
#
# UPSCLASS [ standalone | shareslave | sharemaster ]
# Normally standalone unless you share an UPS using an APC ShareUPS
# card.
UPSCLASS standalone
# UPSMODE [ disable | share ]
# Normally disable unless you share an UPS using an APC ShareUPS card.
UPSMODE disable
#
# ===== Configuration statements to control apcupsd system logging ========
#
# Time interval in seconds between writing the STATUS file; 0 disables
STATTIME 0
# Location of STATUS file (written to only if STATTIME is non-zero)
STATFILE /var/log/apcupsd.status
# LOGSTATS [ on | off ] on enables, off disables
# Note! This generates a lot of output, so if
#
you turn this on, be sure that the
#
file defined in syslog.conf for LOG_NOTICE is a named pipe.
# You probably do not want this on.
LOGSTATS off
# Time interval in seconds between writing the DATA records to
# the log file. 0 disables.
DATATIME 0
# FACILITY defines the logging facility (class) for logging to syslog.
#
If not specified, it defaults to "daemon". This is useful
#
if you want to separate the data logged by apcupsd from other
#
programs.
#FACILITY DAEMON
#
# ========== Configuration statements used in updating the UPS EPROM =========
#
#
# These statements are used only by apctest when choosing "Set EEPROM with conf
# file values" from the EEPROM menu. THESE STATEMENTS HAVE NO EFFECT ON APCUPSD.
#
# UPS name, max 8 characters
#UPSNAME UPS_IDEN
# Battery date - 8 characters
#BATTDATE mm/dd/yy
# Sensitivity to line voltage quality (H cause faster transfer to batteries)

# SENSITIVITY H M L
(default = H)
#SENSITIVITY H
# UPS delay after power return (seconds)
# WAKEUP 000 060 180 300 (default = 0)
#WAKEUP 60
# UPS Grace period after request to power off (seconds)
# SLEEP 020 180 300 600 (default = 20)
#SLEEP 180
# Low line voltage causing transfer to batteries
# The permitted values depend on your model as defined by last letter
# of FIRMWARE or APCMODEL. Some representative values are:
# D 106 103 100 097
# M 177 172 168 182
# A 092 090 088 086
# I 208 204 200 196
#LOTRANSFER 208
(default = 0 => not valid)
# High line voltage causing transfer to batteries

# D 127 130 133 136
# M 229 234 239 224
# A 108 110 112 114
# I 253 257 261 265 (default = 0 => not valid)
#HITRANSFER 253
# Battery charge needed to restore power
# RETURNCHARGE 00 15 50 90 (default = 15)
#RETURNCHARGE 15
# Alarm delay
# 0 = zero delay after pwr fail, T = power fail + 30 sec, L = low battery, N = never
# BEEPSTATE 0 T L N
(default = 0)
#BEEPSTATE T
# Low battery warning delay in minutes
# LOWBATT 02 05 07 10
(default = 02)
#LOWBATT 2
# UPS Output voltage when running on batteries
# D 115
# M 208
# A 100
# I 230 240 220 225 (default = 0 => not valid)
#OUTPUTVOLTS 230
# Self test interval in hours 336=2 weeks, 168=1 week, ON=at power on
# SELFTEST 336 168 ON OFF (default = 336)
#SELFTEST 336
cp /etc/apcupsd/apcupsd.conf /etc/apcupsd/apcupsd.conf.old
Ping 172.16.0.20
Ping 172.16.0.21
Nano /etc/apcupsd/apccontrol
El contenido es:
#!/bin/sh
#
# Copyright (C) 1999-2002 Riccardo Facchetti <riccardo@master.oasi.gpa.it>
#
# for apcupsd release 3.14.6 (16 May 2009) - debian
#
# platforms/apccontrol. Generated from apccontrol.in by configure.
#
# Note, this is a generic file that can be used by most
# systems. If a particular system needs to have something
# special, start with this file, and put a copy in the
# platform subdirectory.
#
#
# These variables are needed for set up the autoconf other variables.
#
prefix=/usr
exec_prefix=${prefix}
APCPID=/var/run/apcupsd.pid
APCUPSD=/sbin/apcupsd
SHUTDOWN=/sbin/shutdown
SCRIPTSHELL=/bin/sh
SCRIPTDIR=/etc/apcupsd
WALL=wall
#
# Concatenate all output from this script to the events file
# Note, the following kills the script in a power fail situation
# where the disks are mounted read-only.
# exec >>/var/log/apcupsd.events 2>&1
#
# This piece is to substitute the default behaviour with your own script,
# perl, or C program.
# You can customize every single command creating an executable file (may be a
# script or a compiled program) and calling it the same as the $1 parameter
# passed by apcupsd to this script.
#
# After executing your script, apccontrol continues with the default action.
# If you do not want apccontrol to continue, exit your script with exit
# code 99. E.g. "exit 99".
#
# WARNING: the apccontrol file will be overwritten every time you update your
# apcupsd, doing `make install'. Your own customized scripts will _not_ be
# overwritten. If you wish to make changes to this file (discouraged), you
# should change apccontrol.sh.in and then rerun the configure process.
#
if [ -f ${SCRIPTDIR}/${1} -a -x ${SCRIPTDIR}/${1} ]
then
${SCRIPTDIR}/${1} ${2} ${3} ${4}
# exit code 99 means he does not want us to do default action
if [ $? = 99 ] ; then
exit 0
fi
fi
case "$1" in
killpower)
echo "Apccontrol doing: ${APCUPSD} --killpower on UPS ${2}"
sleep 10
${APCUPSD} --killpower
echo "Apccontrol has done: ${APCUPSD} --killpower on UPS ${2}" | ${WALL}
;;
commfailure)
echo "Warning communications lost with UPS ${2}" | ${WALL}
;;
commok)
echo "Communications restored with UPS ${2}" | ${WALL}
;;
#
# powerout, onbattery, offbattery, mainsback events occur
# in that order.
#
powerout)
;;
onbattery)
echo "Power failure on UPS ${2}. Running on batteries." | ${WALL}
;;
offbattery)
echo "Power has returned on UPS ${2}..." | ${WALL}
;;
mainsback)
if [ -f /etc/apcupsd/powerfail ] ; then
printf "Continuing with shutdown." | ${WALL}
fi
;;
failing)
echo "Battery power exhaused on UPS ${2}. Doing shutdown." | ${WALL}
;;
timeout)
echo "Battery time limit exceeded on UPS ${2}. Doing shutdown." | ${WALL}
;;
loadlimit)
echo "Remaining battery charge below limit on UPS ${2}. Doing shutdown." | ${WALL}
;;
runlimit)
echo "Remaining battery runtime below limit on UPS ${2}. Doing shutdown." | ${WALL}
;;
doreboot)
echo "UPS ${2} initiating Reboot Sequence" | ${WALL}
${SHUTDOWN} -r now "apcupsd UPS ${2} initiated reboot"
;;
doshutdown)
echo "UPS ${2} initiated Shutdown Sequence" | ${WALL}
${SHUTDOWN} -h now "apcupsd UPS ${2} initiated shutdown"
;;
annoyme)
echo "Power problems with UPS ${2}. Please logoff." | ${WALL}
;;
emergency)
echo "Emergency Shutdown. Possible battery failure on UPS ${2}." | ${WALL}
;;
changeme)
echo "Emergency! Batteries have failed on UPS ${2}. Change them NOW" | ${WALL}
;;
remotedown)
echo "Remote Shutdown. Beginning Shutdown Sequence." | ${WALL}
;;
startselftest)
;;
endselftest)
;;
battdetach)
;;
battattach)
;;
*) echo "Usage: ${0##*/} command"
echo "
warning: this script is intended to be launched by"
echo "
apcupsd and should never be launched by users."
exit 1
;;
esac
XI - Referencias
[1] http://www2.mandriva.com/
[2] http://www.latam.redhat.com/rhel/
[3] http://es.opensuse.org/
[4] http://www.ubuntu.com/
[5] http://subversion.tigris.org/
Anexos
Limpiar Cache
0: No libera nada.
1: Libera la pagecache.
2: Libera inodos y dentries.
3: Libera pagecache, inodos y dentries.
Ejemplo
# echo 1 > /proc/sys/vm/drop_caches
Despues de migracion
Variables de rendimiento
Para variacin de parmetros de memoria en el postgres.conf considerar lo siguiente
(preferentemente considerar los que bota el error del servicio postgresql:
cat /proc/sys/kernel/shmmax
sysctl w kernel.shmmax= 268435456
sysctl p /etc/sysctl.conf
Para mantener los datos permanentemente y no volver a configurar cada vez que se
apague el servidor
Nano /etc/sysctl.conf
#...
#Adecuacin manual de acuerdo a la configuracin de postgres
kernel.shmmax= 268435456
En 213:
2097152000 -> 2365587456 -> 4731174912->9437184000
CONF para Migracion

# This file consists of lines of the form:
#
# name = value
#
# (The "=" is optional.) Whitespace may be used. Comments are introduced with
# "#" anywhere on a line. The complete list of parameter names and allowed
# values can be found in the PostgreSQL documentation.
#
# The commented-out settings shown in this file represent the default values.
# Re-commenting a setting is NOT sufficient to revert it to the default value;
# you need to reload the server.
#
# This file is read on server startup and when the server receives a SIGHUP
# signal. If you edit the file on a running system, you have to SIGHUP the
# server for the changes to take effect, or use "pg_ctl reload". Some
# parameters, which are marked below, require a server shutdown and restart to
# take effect.
#
# Any parameter can also be given as a command-line option to the server, e.g.,
# "postgres -c log_connections=on". Some paramters can be changed at run time
# with the "SET" SQL command.
#
# Memory units: kB = kilobytes MB = megabytes GB = gigabytes
# Time units: ms = milliseconds s = seconds min = minutes h = hours d = days
#-----------------------------------------------------------------------------# FILE LOCATIONS
#-----------------------------------------------------------------------------# The default values of these variables are driven from the -D command-line
# option or PGDATA environment variable, represented here as ConfigDir.
data_directory = '/var/lib/postgresql/8.3/main'
# use data in another directory
# (change requires restart)
hba_file = '/etc/postgresql/8.3/main/pg_hba.conf'
# host-based authentication file
ident_file = '/etc/postgresql/8.3/main/pg_ident.conf' # ident configuration file
# If external_pid_file is not explicitly set, no extra PID file is written.
external_pid_file = '/var/run/postgresql/8.3-main.pid'
# write an extra PID file
#-----------------------------------------------------------------------------# CONNECTIONS AND AUTHENTICATION
#-----------------------------------------------------------------------------# - Connection Settings listen_addresses = '*'
# what IP address(es) to listen on;

# comma-separated list of addresses;
# defaults to 'localhost', '*' = all
port = 5432
max_connections = 200
# Note: Increasing max_connections costs ~400 bytes of shared memory per
# connection slot, plus lock space (see max_locks_per_transaction). You might
# also need to raise shared_buffers to support more connections.
#superuser_reserved_connections = 3 # (change requires restart)
unix_socket_directory = '/var/run/postgresql'
#unix_socket_group = ''
#unix_socket_permissions = 0777
# begin with 0 to use octal notation
#bonjour_name = ''
# defaults to the computer name

# - Security and Authentication #authentication_timeout = 1min

# 1s-600s
ssl = true
#ssl_ciphers = 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH'
#password_encryption = on
#db_user_namespace = off
# allowed SSL ciphers
# Kerberos and GSSAPI

#krb_server_keyfile = ''
#krb_srvname = 'postgres'
# (change requires restart, Kerberos only)
#krb_server_hostname = ''
# empty string matches any keytab entry
# (change requires restart, Kerberos only)
#krb_caseins_users = off
#krb_realm = ''
# - TCP Keepalives # see "man 7 tcp" for details
#tcp_keepalives_idle = 0
# TCP_KEEPIDLE, in seconds;
# 0 selects the system default
#tcp_keepalives_interval = 0
# TCP_KEEPINTVL, in seconds;
#tcp_keepalives_count = 0
# TCP_KEEPCNT;
#-----------------------------------------------------------------------------# RESOURCE USAGE (except WAL)
#-----------------------------------------------------------------------------# - Memory shared_buffers =64MB
# min 128kB or max_connections*16kB

#temp_buffers = 8MB
# min 800kB
#max_prepared_transactions = 5
# can be 0 or more
# Note: Increasing max_prepared_transactions costs ~600 bytes of shared memory
# per transaction slot, plus lock space (see max_locks_per_transaction).
work_mem = 1MB
# min 64kB
#maintenance_work_mem = 16MB
# min 1MB
#max_stack_depth = 2MB
# min 100kB
# - Free Space Map max_fsm_pages = 153600
# min max_fsm_relations*16, 6 bytes each
#max_fsm_relations = 1000
# min 100, ~70 bytes each
# - Kernel Resource Usage #max_files_per_process = 1000
# min 25
#shared_preload_libraries = ''
# - Cost-Based Vacuum Delay #vacuum_cost_delay = 0
#vacuum_cost_page_hit = 1
#vacuum_cost_page_miss = 10
#vacuum_cost_page_dirty = 20
#vacuum_cost_limit = 200
# 0-1000 milliseconds
# 0-10000 credits
# 0-10000 credits
# 0-10000 credits
# 1-10000 credits
# - Background Writer #bgwriter_delay = 200ms

#bgwriter_lru_maxpages = 100
#bgwriter_lru_multiplier = 2.0
# 10-10000ms between rounds

# 0-1000 max buffers written/round
# 0-10.0 multipler on buffers scanned/round
#-----------------------------------------------------------------------------# WRITE AHEAD LOG

#-----------------------------------------------------------------------------# - Settings #fsync = on
# turns forced synchronization on or off
#synchronous_commit = on
# immediate fsync at commit
#wal_sync_method = fsync
# the default is the first option
# supported by the operating system:
# open_datasync
# fdatasync
# fsync
# fsync_writethrough
# open_sync
#full_page_writes = on
# recover from partial page writes
wal_buffers = 200kB
# min 32kB
#wal_writer_delay = 200ms
# 1-10000 milliseconds
#commit_delay = 0
#commit_siblings = 5
# - Checkpoints -
# range 0-100000, in microseconds

# range 1-1000
#checkpoint_segments = 3
# in logfile segments, min 1, 16MB each
#checkpoint_timeout = 5min
# range 30s-1h
#checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0
#checkpoint_warning = 30s
# 0 is off
# - Archiving #archive_mode = off
# allows archiving to be done
#archive_command = ''
# command to use to archive a logfile segment
#archive_timeout = 0
# force a logfile segment switch after this
# time; 0 is off
#-----------------------------------------------------------------------------# QUERY TUNING
#-----------------------------------------------------------------------------# - Planner Method Configuration #enable_bitmapscan = on
#enable_hashagg = on
#enable_hashjoin = on
#enable_indexscan = on
#enable_mergejoin = on
#enable_nestloop = on
#enable_seqscan = on
#enable_sort = on
#enable_tidscan = on
# - Planner Cost Constants #seq_page_cost = 1.0
#random_page_cost = 4.0
#cpu_tuple_cost = 0.01
#cpu_index_tuple_cost = 0.005
#cpu_operator_cost = 0.0025
effective_cache_size =3200
Query Optimizer #geqo = on
#geqo_threshold = 12
#geqo_effort = 5
#geqo_pool_size = 0
#geqo_generations = 0
#geqo_selection_bias = 2.0
# measured on an arbitrary scale

# same scale as above
# - Genetic
# range 1-10
# selects default based on effort
# selects default based on effort
# range 1.5-2.0
# - Other Planner Options #default_statistics_target = 10

#constraint_exclusion = off
#from_collapse_limit = 8
# range 1-1000
#join_collapse_limit = 8
# 1 disables collapsing of explicit

# JOIN clauses
#-----------------------------------------------------------------------------# ERROR REPORTING AND LOGGING

#-----------------------------------------------------------------------------# - Where to Log #log_destination = 'stderr'
# Valid values are combinations of
# stderr, csvlog, syslog and eventlog,
# depending on platform. csvlog
# requires logging_collector to be on.
# This is used when logging to stderr:
#logging_collector = off
# Enable capturing of stderr and csvlog
# into log files. Required to be on for
# csvlogs.
# These are only used if logging_collector is on:
#log_directory = 'pg_log'
# directory where log files are written,
# can be absolute or relative to PGDATA
#log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log'
# log file name pattern,
# can include strftime() escapes
#log_truncate_on_rotation = off
# If on, an existing log file of the
# same name as the new log file will be
# truncated rather than appended to.
# But such truncation only occurs on
# time-driven rotation, not on restarts
# or size-driven rotation. Default is
# off, meaning append to existing files
# in all cases.
#log_rotation_age = 1d
# Automatic rotation of logfiles will
# happen after that time. 0 to disable.
#log_rotation_size = 10MB
# Automatic rotation of logfiles will
# happen after that much log output.
# 0 to disable.
# These are relevant when logging to syslog:
#syslog_facility = 'LOCAL0'
#syslog_ident = 'postgres'
# - When to Log #client_min_messages = notice
# values in order of decreasing detail:
# debug5
# debug4
# debug3
# debug2
# debug1
# log
# notice
# warning
# error
#log_min_messages = notice
# debug5
# debug4
# debug3
# debug2
# debug1
# info
# notice
# warning
# error
# log
# fatal
# panic
#log_error_verbosity = default
#log_min_error_statement = error
# debug5
# terse, default, or verbose messages

#
#
#
#
#
#
#
#
#
#
#
debug4
debug3
debug2
debug1
info
notice
warning
error
log
fatal
panic (effectively off)
#log_min_duration_statement = -1
# -1 is disabled, 0 logs all statements
# and their durations, > 0 logs only
# statements running at least this time.
#silent_mode = off
# DO NOT USE without syslog or

# logging_collector
# - What to Log #debug_print_parse = off

#debug_print_rewritten = off
#debug_print_plan = off
#debug_pretty_print = off
#log_checkpoints = off
#log_connections = off
#log_disconnections = off
#log_duration = off
#log_hostname = off
log_line_prefix = '%t '
# special values:
# %u = user name
# %d = database name
# %r = remote host and port
# %h = remote host
# %p = process ID
# %t = timestamp without milliseconds
# %m = timestamp with milliseconds
# %i = command tag
# %c = session ID
# %l = session line number
# %s = session start timestamp
# %v = virtual transaction ID
# %x = transaction ID (0 if none)
# %q = stop here in non-session
#
processes
# %% = '%'
# e.g. '<%u%%%d> '
#log_lock_waits = off
# log lock waits >= deadlock_timeout
#log_statement = 'none'
# none, ddl, mod, all
#log_temp_files = -1
# log temporary files equal or larger
# than specified size;
# -1 disables, 0 logs all temp files
#log_timezone = unknown
# actually, defaults to TZ environment
# setting
#-----------------------------------------------------------------------------# RUNTIME STATISTICS
#-----------------------------------------------------------------------------# - Query/Index Statistics Collector #track_activities = on
#track_counts = on
#update_process_title = on
# - Statistics Monitoring #log_parser_stats = off
#log_planner_stats = off
#log_executor_stats = off
#log_statement_stats = off
#-----------------------------------------------------------------------------# AUTOVACUUM PARAMETERS

#-----------------------------------------------------------------------------#autovacuum = on
# Enable autovacuum subprocess? 'on'

# requires track_counts to also be on.
#log_autovacuum_min_duration = -1
# -1 disables, 0 logs all actions and
# their durations, > 0 logs only
# actions running at least that time.
#autovacuum_max_workers = 3
# max number of autovacuum subprocesses
#autovacuum_naptime = 1min
# time between autovacuum runs
#autovacuum_vacuum_threshold = 50
# min number of row updates before
# vacuum
#autovacuum_analyze_threshold = 50
# min number of row updates before
# analyze
#autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum
#autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze
#autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum
#autovacuum_vacuum_cost_delay = 20
# default vacuum cost delay for
# autovacuum, -1 means use
# vacuum_cost_delay
#autovacuum_vacuum_cost_limit = -1
# default vacuum cost limit for
# autovacuum, -1 means use
# vacuum_cost_limit
#-----------------------------------------------------------------------------# CLIENT CONNECTION DEFAULTS
#-----------------------------------------------------------------------------# - Statement Behavior #search_path = '"$user",public'
# schema names
#default_tablespace = ''
# a tablespace name, '' uses the default
#temp_tablespaces = ''
# a list of tablespace names, '' uses
# only default tablespace
#check_function_bodies = on
#default_transaction_isolation = 'read committed'
#default_transaction_read_only = off
#session_replication_role = 'origin'
#statement_timeout = 0
# 0 is disabled
#vacuum_freeze_min_age = 100000000
#xmlbinary = 'base64'
#xmloption = 'content'
# - Locale and Formatting datestyle = 'iso, dmy'
#timezone = unknown
# actually, defaults to TZ environment

# setting
#timezone_abbreviations = 'Default' # Select the set of available time zone
# abbreviations. Currently, there are
# Default
# Australia
# India
# You can create your own file in
# share/timezonesets/.
#extra_float_digits = 0
# min -15, max 2
#client_encoding = sql_ascii
# actually, defaults to database
# encoding
# These settings are initialized by initdb, but they can be changed.
lc_messages = 'es_PE.UTF-8'
# locale for system error message
# strings
lc_monetary = 'es_PE.UTF-8'
# locale for monetary formatting
lc_numeric = 'es_PE.UTF-8'
# locale for number formatting
lc_time = 'es_PE.UTF-8'
# locale for time formatting
# default configuration for text search
default_text_search_config = 'pg_catalog.spanish'
# - Other Defaults #explain_pretty_print = on

#dynamic_library_path = '$libdir'
#local_preload_libraries = ''
#-----------------------------------------------------------------------------# LOCK MANAGEMENT

#-----------------------------------------------------------------------------#deadlock_timeout = 1s
#max_locks_per_transaction = 64
# min 10
# Note: Each lock table slot uses ~270 bytes of shared memory, and there are
# max_locks_per_transaction * (max_connections + max_prepared_transactions)
# lock table slots.
#-----------------------------------------------------------------------------# VERSION/PLATFORM COMPATIBILITY
#-----------------------------------------------------------------------------# - Previous PostgreSQL Versions #add_missing_from = off
#array_nulls = on
#backslash_quote = safe_encoding
# on, off, or safe_encoding
#default_with_oids = off
#escape_string_warning = on
#regex_flavor = advanced
# advanced, extended, or basic
#sql_inheritance = on
#standard_conforming_strings = off
#synchronize_seqscans = on
# - Other Platforms and Clients #transform_null_equals = off
#-----------------------------------------------------------------------------# CUSTOMIZED OPTIONS
#-----------------------------------------------------------------------------#custom_variable_classes = ''
# list of custom variable class names
Chat Siat
La version que se instalo es phpfreechat-1.3.zip, deber contarse con esos fuentes.
Despus de copiar los archivos en /Siat, hay que dar los permisos al usuario www-data
Como sigue
chown -R www-data /var/www/Siat/chat
Open-SSL (Encriptacin https)
a2enmod ssl
Se hace una copia del archivo default en /etc/apache2/sites-enabled/ que se llama ssl o
default-ssl
En /etc/apache2
Openssl req new x509 extensions v3_ca keyout cakey.pem out cacert.pem
v3
Mv cacert.pem cacert.crt
Mv cakey.pem cakey.crl
cd /etc/apache2
vi ports.conf
En /etc/apache2/sites-enabled/
Vi 000-default
NameVirtualHost *
NameVirtualHost *:443
<VirtualHost *>
<Directory />
AllowOverride None
</Directory>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
AllowOverride None
Order allow,deny
Allow from all
</Directory>
# Possible values include: debug, info, notice, warn, error, crit,

# alert, emerg.
LogLevel warn
ServerSignature On
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
<Location /svn>
DAV svn
</Location>
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/apache2/cacert.crt
SSLCertificateKeyFile /etc/apache2/cakey.crl
<Directory />
AllowOverride None
</Directory>
Options Indexes FollowSymLinks Multiviews
AllowOverride All
</Directory>
AllowOverride None
Allow from all
</Directory>
LogLevel warn
ServerSignature On
AllowOverride None
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>

Manual Servidor SIAT Versi+ N Final - Victor

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Manual Servidor SIAT Versi+ N Final - Victor

Încărcat de

Drepturi de autor:

Formate disponibile

MANUAL de

II - Instalacin Ubuntu Server

ServerSiat: Disco de 146 GB en RAID1:

SiatDb: Disco de 250 GB en RAID1:

/home : este punto de montaje depende de la cantidad de usuarios del S.O; no se

/ : punto de montaje donde se encuentra el sistema operativo en si, cabe resaltar

5 Servicios seleccionados: Apache, Samba, DHCP y DNS; los dems servicios

III - Configuracin Debian/Ubuntu

Aptitude , una vez instalada la red, se procede a actualizar aptitude .

Restringir el acceso SSH

Restringir Navegabilidad Apache2

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/

# "local" is for Unix domain socket connections only

En pg_ident.conf (opcional en case rooteo directo desde linux):

Calculando espacio en disco de Base de

pg_dump Ft bd_migracion > /var/www/Backups/bd_migracion3.backup

Desarrollo de Aplicaciones C++ con

//cout<<"son n filas: "<<PQntuples(res)<<endl;

; PHP's built-in default is text/html

Se guardan los cambios, a continuacin se procede a instalar la librera de conexin

Para restringir accesos se utiliza

Acceso total a last res clases de acceso

Chmod 117 /var/www.siat

Muestro las lineas relevantes para la configuracion:

Xvnc, que es el servidor en si.

Apcupsd a daemon for controlling APC

# above, you must also define a UPSTYPE, which corresponds to

# Directory in which apccontrol and event scripts are located.

# Time in seconds between annoying users to signoff prior to

# Sensitivity to line voltage quality (H cause faster transfer to batteries)

(default = 0 => not valid)

# High line voltage causing transfer to batteries

CONF para Migracion

# what IP address(es) to listen on;

# defaults to the computer name

# - Security and Authentication #authentication_timeout = 1min

# allowed SSL ciphers

# Kerberos and GSSAPI

# min 128kB or max_connections*16kB

# - Background Writer #bgwriter_delay = 200ms

# 10-10000ms between rounds

#-----------------------------------------------------------------------------# WRITE AHEAD LOG

# range 0-100000, in microseconds

# measured on an arbitrary scale

# - Other Planner Options #default_statistics_target = 10

# 1 disables collapsing of explicit

#-----------------------------------------------------------------------------# ERROR REPORTING AND LOGGING

# terse, default, or verbose messages

# DO NOT USE without syslog or

# - What to Log #debug_print_parse = off

#-----------------------------------------------------------------------------# AUTOVACUUM PARAMETERS

# Enable autovacuum subprocess? 'on'

# actually, defaults to TZ environment

# - Other Defaults #explain_pretty_print = on

#-----------------------------------------------------------------------------# LOCK MANAGEMENT

# list of custom variable class names

Open-SSL (Encriptacin https)

# Possible values include: debug, info, notice, warn, error, crit,

S-ar putea să vă placă și