Handle write permissions in ubuntu for uploads or code generators

Usually we need to change directory/file permission to able to write files. This may be for uploads directory or code generation tool. But most of the time some developers do bad thing, that the give permission 777 to the directory/file and get work the done.

sudo chmod -R 777 /path/some-directory

Here the script which throws the write permission error, now executes smoothly as it has got the 777 permission. But here we compromised serious security risk. Permission 777 means that is read/write/execute to everybody in the system, thus creating loop hole for security.

Instead of assigning permission 777, we can assign 775 and add the user who runs the script(which thrown the permission error) in the user group of the directory/file.

Following command adds given user (userName) to particular group (groupName)

sudo usermod -a -G groupName userName

Above will add user which runs the script to the group of users of directory/file which need write permission. Here I am assuming that your directory/file already has write permission i.e. user group has writable permission. You can also check members of user group from file “/etc/group”.

For web applications where Apache is the web server, you can add “www-data” to group of users. For PHP yii framework you need to set writable permission to some directories while development so that code generators can work.

This was just to give alternative way(good) to the developer who quickly give 777 permission to avoid/fix permission error. There are many more things you need to care when you think from security aspect. Avoid globally write is surely one of them.

Happy coding 🙂

 

 

Some ref.

https://help.ubuntu.com/community/FilePermissions
http://askubuntu.com/questions/79565/add-user-to-existing-group
http://www.cyberciti.biz/faq/linux-list-all-members-of-a-group/

Advertisements

Install Jitsi Meet on ubuntu 14.04

To install jitsi meet we are going do setup for following components

  1. Jitsi Video-Bridge (Software video-bridge)
  2. Jitsi Jicofo (Component mandatory for jitsi conference)
  3. Prosody ( XMPP Server )
  4. Nginx (Web Server)
  5. Jitsi Meet (Web application – to which the end user will interact. )

 

Java dependency

Check if jdk installed on your ubuntu, it must be > 1.7

java -version
javac -version

Both above must be greater than 1.7

  1. To install jdk
sudo add-apt-repository ppa:webupd8team/java -y
sudo apt-get update
sudo apt-get install oracle-java8-installer
sudo apt-get install oracle-java8-set-default

Check again with same commands

java -version
javac -version

If versions are > 1.7 we are ready to go ahead.

If you have java installed already, but it points to some older version, you can select proper version using following

sudo update-alternatives --config java
sudo update-alternatives --config javac

 

References

Difference between JVM, JRE, JDK
Install JDK
Java alternatives in ubuntu
Check which JRE you are using

Install Prosody – XMPP server

apt-get install prosody

Configure it
1. Open file “/etc/prosody/conf.avail/jitsi.example.com.cfg.lua”
2. Add following lines to config file

VirtualHost "jitsi.example.com"
    authentication = "anonymous"
    ssl = {
        key = "/var/lib/prosody/jitsi.example.com.key";
        certificate = "/var/lib/prosody/jitsi.example.com.crt";
    }
    modules_enabled = {
        "bosh";
        "pubsub";
    }

VirtualHost "auth.jitsi.example.com"
    authentication = "internal_plain"

admins = { "focus@auth.jitsi.example.com" }

Component "conference.jitsi.example.com" "muc"
Component "jitsi-videobridge.jitsi.example.com"
    component_secret = "YOURSECRET1"
Component "focus.jitsi.example.com"
    component_secret = "YOURSECRET2"

3. Set above file in use

sudo ln -s /etc/prosody/conf.avail/jitsi.example.com.cfg.lua /etc/prosody/conf.d/jitsi.example.com.cfg.lua

4. Generate certificates

sudo prosodyctl cert generate jitsi.example.com

5. Create conference user

sudo prosodyctl register focus auth.jitsi.example.com YOURSECRET3

6. Restart prosody

sudo prosodyctl restart

References
Prosody XMPP server
Prosody configurations

 

Install Jitsi Video Bridge

Go to following URL

https://download.jitsi.org/jitsi-videobridge/linux/

Check which version is good for your ubuntu 32/64 bit, using following

uname -a

If it says “x86_64” at the end, it is 64 bit.

wget https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-{arch-buildnum}.zip
unzip jitsi-videobridge-linux-{arch-buildnum}.zip

(If you dont have unzip installed, you can “sudo apt-get install unzip”)

Make .sip-communicator directory in user home directory

  1. cd ~
  2. mkdir .sip-communicator
  3. nano sip-communicator.properties
  4. add lines
    org.jitsi.impl.neomedia.transform.srtp.SRTPCryptoContext.checkReplay=false
    org.jitsi.videobridge.NAT_HARVESTER_LOCAL_ADDRESS=<Local.IP.Address> 
    org.jitsi.videobridge.NAT_HARVESTER_PUBLIC_ADDRESS=<Public.IP.Address>

    to file and save it (Ctrl + o, Enter, Ctrl + x)

Run jitsi video bridge

  1. cd /path/to/extracted-folter-of-jistsi-video-bridge
  2. ./jvb.sh --host=localhost --domain=jitsi.example.com --port=5347 --secret=YOURSECRET1

To auto start jitsi video bridge

/bin/bash /root/jitsi-videobridge-linux-{arch-buildnum}/jvb.sh --host=localhost --domain=jitsi.example.com --port=5347 --secret=YOURSECRET1 </dev/null >> /var/log/jvb.log 2>&1

 

References

Check if your ubuntu is 32bit/64bit
Install and run jitsi video bridge

Install Jicofo

Install ant

sudo apt-get install ant

Clone jicofo repository

git clone https://github.com/jitsi/jicofo.git
cd jicofo/lib

Download maven task pom and jar file from following location

http://search.maven.org/#search|ga|1|a%3A%22maven-ant-tasks%22

POM file

wget https://repo1.maven.org/maven2/org/apache/maven/maven-ant-tasks/2.1.3/maven-ant-tasks-2.1.3.pom

Jar file

wget http://search.maven.org/remotecontent?filepath=org/apache/maven/maven-ant-tasks/2.1.3/maven-ant-tasks-2.1.3.jar

Rename jar file

mv remotecontent\?filepath\=org%2Fapache%2Fmaven%2Fmaven-ant-tasks%2F2.1.3%2Fmaven-ant-tasks-2.1.3.jar maven-ant-tasks-2.1.3.jar

Remove ~/.m2/

sudo rm -R ~/.m2/

Change directory to jicofo

cd /path/to/jicofo-cloned-repo/
mvn -U clean package -DskipTests

( If maven not installed,  sudo apt-get install maven)

ant -lib lib dist.{os-name}

For 64 bit ubuntu use lin64 as {os-name}
(Here {os-name} is one of the ‘lin’, ‘lin64’, ‘macosx’, ‘win’, ‘win64’)

cd dist/{os-name}

(for ubuntu cd dist/linux)

unzip jicofo-linux-x64-build.SVN.zip
cd jicofo-linux-x64-build.SVN/

Run Jicofo

./jicofo.sh --domain=jitsi.example.com --secret=YOURSECRET2 --user_domain=auth.jitsi.example.com --user_name=focus --user_password=YOURSECRET3

 

 

References

ant dist class path

Build fail issue for maven dep

 

Nodejs dependency

Install nodejs using nvm

curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.31.0/install.sh | bash

exit the terminal and repoen it

Check the latest stable nodejs version

nvm install 4.4.1

(4.4.1 is the latest stable at this time, you may select another)

Use version

nvm use 4.4.1

sudo apt-get install build-essential

References

Install nodejs using nvm

nvm

Nodejs

 

Install Jitsi Meet

 

Clone jitsi-meet repository

git clone https://github.com/jitsi/jitsi-meet.git

cd /jitsi-meet

npm install

make


Configuration
Edit the configuration file /config.js

var config = {
 hosts: {
 domain: 'jitsi.example.com',
 muc: 'conference.jitsi.example.com',
 bridge: 'jitsi-videobridge.jitsi.example.com'
 },
 useNicks: false,
 bosh: '//jitsi.example.com/http-bind', // FIXME: use xep-0156 for that
 desktopSharing: 'false' // Desktop sharing method. Can be set to 'ext', 'webrtc' or false to disable.
 //chromeExtensionId: 'diibjkoicjeejcmhdnailmkgecihlobk', // Id of desktop streamer Chrome extension
 //minChromeExtVersion: '0.1' // Required version of Chrome extension
};

Deploy jitsi-meet using nginx

sudo apt-get install nginx

cd /etc/nginx/sites-available

add new file jitsi.example.com

add following code

server_names_hash_bucket_size 64;

server {
    listen 80;
    server_name jitsi.example.com;
    # set the root
    root /path/to/jitsi-meet;
    index index.html;
    location ~ ^/([a-zA-Z0-9=\?]+)$ {
        rewrite ^/(.*)$ / break;
    }
    location / {
        ssi on;
    }
    # BOSH
    location /http-bind {
        proxy_pass      http://localhost:5280/http-bind;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $http_host;
    }
}


cd /etc/nginx/sites-enabled
ln -s ../sites-available/jitsi.example.com jitsi.example.com
Restart sudo service nginx restart

Browse to the jitsi.example.com and you should be ready to use jitsi-meet !!!

References
jitsi meet nginx deploy



Create Postgres DB from command line in Ubuntu 14.04

On ubuntu shell,

sudo su postgres
createdb mydb -O dbownername

If it says “dbownername” role does not exist, you can create it with

createuser dbownername

 

If above commands does not work, you may be missing following

sudo apt-get update
sudo apt-get install postgresql postgresql-contrib

 

for more information  createdb manual  createuser manual

 

Create Application Launcher on Desktop in ubuntu

  1. Create “your-application.desktop” file on desktop.
  2. Write follwing lines in that file
[Desktop Entry]
Version=1.0
Name=BackMeUp
Comment=Back up your data with one click
Exec=/home/alex/Documents/backup.sh
Icon=/home/alex/Pictures/backup.png
Terminal=false
Type=Application
Categories=Utility;Application;

3. Give executable permission to this file

4. Start using it

For More info UnityLaunchersAndDesktopFiles

Get System Information in Ubuntu

Quick bite
—————-

uname -a

Munch
———–
uname is command which can be used to get system information on Linux/Unix OS.
Other options can be used to get specific information about current system.
Like
-s, –kernel-name
print the kernel name, 
-r, –kernel-release print the kernel release
-v, –kernel-version print the kernel version
-m, –machine print the machine hardware name
-p, –processor print the processor type
-i, –hardware-platform print the hardware platform
-o, –operating-system print the operating system

For More options http://manpages.ubuntu.com/manpages/raring/man1/uname.1.html