22-07-13 Initial installation [root@dbase03 ~]# yum install --nogpgcheck http://satellite6.it.ubc.ca/pub/katello-ca-consumer-latest.noarch.rpm Installed: katello-ca-consumer-satellite6.it.ubc.ca-1.0-7.noarch [root@dbase03 ~]# subscription-manager register --org=UBCITServices --activationkey=RHEL9 The system has been registered with ID: 779be8b2-89df-4968-bc17-c13f5d7f9052 The registered system name is: dbase03.phas.ubc.ca Installed Product Current Status: Product Name: Red Hat Enterprise Linux for x86_64 Status: Subscribed [root@dbase03 ~]# subscription-manager list +-------------------------------------------+ Installed Product Status +-------------------------------------------+ Product Name: Red Hat Enterprise Linux for x86_64 Product ID: 479 Version: 9.0 Arch: x86_64 Status: Subscribed Status Details: Starts: 04/29/2022 Ends: 04/29/2023 [root@dbase03 ~]# subscription-manager list --available +-------------------------------------------+ Available Subscriptions +-------------------------------------------+ Subscription Name: Red Hat JBoss Enterprise Application Platform, 64-Core Standard Provides: Red Hat Mobile Services dotNET on RHEL Beta (for RHEL Server) Red Hat CodeReady Linux Builder for x86_64 Red Hat Ansible Engine Red Hat Enterprise Linux Fast Datapath Red Hat JBoss Core Services JBoss Enterprise Application Platform Red Hat CodeReady Workspaces for OpenShift Red Hat Beta Red Hat OpenShift Enterprise JBoss EAP add-on Red Hat Openshift Application Runtimes for IBM Power LE Red Hat OpenShift Container Platform Red Hat Single Sign-On Red Hat JBoss Data Grid dotNET on RHEL (for RHEL Server) Red Hat CoreOS Red Hat Openshift Application Runtimes Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support Red Hat OpenShift Enterprise JBoss A-MQ add-on Red Hat OpenShift Application Runtimes Beta Red Hat OpenShift Enterprise Client Tools Red Hat CoreOS Beta Red Hat Openshift Serverless Oracle Java (for RHEL Server) Red Hat Software Collections (for RHEL Server) Red Hat JBoss Middleware JBoss Enterprise Web Platform Red Hat OpenShift Enterprise Application Node Red Hat OpenShift distributed tracing Red Hat Enterprise Linux Atomic Host OpenJDK Java (for Middleware) Red Hat JBoss AMQ Clients Red Hat Enterprise Linux Fast Datapath Beta for x86_64 Red Hat Enterprise MRG Messaging Red Hat Software Collections Beta (for RHEL Server) Red Hat Enterprise Linux Server Red Hat OpenShift Pipelines Red Hat Enterprise Linux for x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support JBoss Enterprise Web Server Red Hat AMQ Interconnect Red Hat Container Native Virtualization Red Hat OpenShift Enterprise JBoss FUSE add-on OpenShift Developer Tools and Services Red Hat OpenShift Enterprise JBoss EAP add-on Beta SKU: MW0186831RN Contract: 12180383 Pool ID: 0ee7bd827f6aef6d01807733b4af6a53 Provides Management: No Available: 1 Suggested: 1 Service Type: L1-L3 Roles: Service Level: Standard Usage: Add-ons: Subscription Type: Stackable Starts: 04/30/2022 Ends: 04/30/2023 Entitlement Type: Physical Subscription Name: Red Hat Enterprise Linux Academic Site Subscription with Smart Management + Satellite, Standard (Server, Desktop, Workstation, POWER, HPC, Per FTE) Provides: dotNET on RHEL (for RHEL Workstation) Oracle Java (for RHEL Workstation) Red Hat Ansible Engine Red Hat CodeReady Linux Builder for Power, little endian Red Hat Software Collections Beta (for RHEL Server for IBM Power LE) Red Hat Enterprise Linux for Power, big endian - Extended Update Support Red Hat Beta dotNET on RHEL (for RHEL Server) Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support Red Hat Software Collections Beta (for RHEL Server for IBM Power) Red Hat Enterprise Linux High Availability (for IBM Power LE) - Extended Update Support Oracle Java (for RHEL Server) Red Hat Software Collections (for RHEL Server) Red Hat Enterprise Linux for Power, little endian - Extended Update Support Red Hat Enterprise Linux for Power, little endian Red Hat Enterprise Linux for Power, big endian Oracle Java (for RHEL Compute Node) Red Hat Enterprise Linux for Scientific Computing Red Hat Enterprise Linux for Power 9 Red Hat Enterprise Linux for SAP Applications for Power BE Red Hat Developer Tools (for RHEL Server) Red Hat Software Collections Beta (for RHEL Workstation) Red Hat Enterprise Linux for SAP Applications for Power LE - Extended Update Support Red Hat Developer Tools Beta (for RHEL Server) Red Hat Enterprise Linux for x86_64 Red Hat Enterprise Linux for SAP Applications for Power BE - Extended Update Support Red Hat Software Collections (for RHEL Server for IBM Power) Red Hat S-JIS Support (for RHEL Server) - Extended Update Support dotNET on RHEL Beta (for RHEL Server) Red Hat CodeReady Linux Builder for x86_64 Red Hat Software Collections (for RHEL Workstation) Red Hat Enterprise Linux Resilient Storage for IBM Power LE - Extended Update Support Red Hat Enterprise Linux Scalable File System (for RHEL Server) - Extended Update Support Red Hat Container Images Beta Red Hat Software Collections (for RHEL Server for IBM Power LE) Red Hat Enterprise Linux Atomic Host Beta Red Hat Container Images Red Hat EUCJP Support (for RHEL Server) - Extended Update Support Red Hat Enterprise Linux Load Balancer (for RHEL Server) - Extended Update Support Red Hat Enterprise Linux Desktop Red Hat Enterprise Linux Workstation Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Update Support Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support Oracle Java (for RHEL Client) Red Hat Developer Toolset (for RHEL Workstation) Red Hat Enterprise Linux High Performance Networking (for RHEL Server) - Extended Update Support Red Hat Enterprise Linux Atomic Host Red Hat Software Collections Beta (for RHEL Server) Red Hat Enterprise Linux Server Red Hat Enterprise Linux for SAP Applications for x86_64 Red Hat Enterprise Linux for SAP Applications for Power LE Red Hat Enterprise Linux for x86_64 - Extended Update Support dotNET on RHEL Beta (for RHEL Workstation) dotNET on RHEL (for RHEL Compute Node) Red Hat Developer Toolset (for RHEL Server) dotNET on RHEL Beta (for RHEL Compute Node) Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support Red Hat Enterprise Linux for SAP Applications for x86_64 - Extended Update Support SKU: RH01157 Contract: 12196201 Pool ID: 0ee7bd827f6aef6d01807733b5666a5a Provides Management: Yes Available: 250000 Suggested: 1 Service Type: L1-L3 Roles: Service Level: Standard Usage: Production Add-ons: Subscription Type: Standard (Temporary) Starts: 04/29/2022 Ends: 04/29/2023 Entitlement Type: Virtual Subscription Name: Red Hat Ansible Automation Platform (Academic Edition), Standard (100 Managed Nodes) Provides: Red Hat Ansible Engine Red Hat Single Sign-On Red Hat Ansible Automation Platform JBoss Enterprise Application Platform SKU: MCT3319 Contract: 12934953 Pool ID: 0ee7bd827f6aef6d01801f1bb5164b4b Provides Management: No Available: 83 Suggested: 1 Service Type: L1-L3 Roles: Service Level: Standard Usage: Add-ons: Subscription Type: Stackable Starts: 03/31/2022 Ends: 03/31/2023 Entitlement Type: Physical Subscription Name: Red Hat Enterprise Linux Extended Life Cycle Support (Unlimited Guests) Provides: Red Hat Enterprise Linux Server - Extended Life Cycle Support SKU: RH00271RN Contract: 12538962 Pool ID: 0ee7bd827d0c2a7c017dc00edb6b7b3b Provides Management: No Available: Unlimited Suggested: 1 Service Type: L1-L3 Roles: Service Level: Layered Usage: Add-ons: Subscription Type: Stackable (Temporary) Starts: 12/10/2021 Ends: 12/10/2022 Entitlement Type: Virtual rap@spyder:~$ dbase03 Activate the web console with: systemctl enable --now cockpit.socket Register this system with Red Hat Insights: insights-client --register Create an account or view all your systems at https://red.ht/insights-dashboard Last login: Thu Jul 14 13:23:08 2022 from 142.103.235.1 [root@dbase03 ~]# yum repolist Updating Subscription Management repositories. repo id repo name epel Extra Packages for Enterprise Linux 9 - x86_64 rhel-9-for-x86_64-appstream-rpms Red Hat Enterprise Linux 9 for x86_64 - AppStream (RPMs) rhel-9-for-x86_64-baseos-rpms Red Hat Enterprise Linux 9 for x86_64 - BaseOS (RPMs) [root@dbase03 ~]# dnf --disablerepo="*" --enablerepo="epel" list available | grep inxi inxi.noarch 3.3.19-1.el9 epel [root@dbase03 ~]# yum module list Updating Subscription Management repositories. Red Hat Enterprise Linux 9 for x86_64 - BaseOS (RPMs) 62 kB/s | 4.1 kB 00:00 Red Hat Enterprise Linux 9 for x86_64 - AppStream (RPMs) 61 kB/s | 4.1 kB 00:00 [root@dbase03 ~]# yum repolist all Updating Subscription Management repositories. repo id repo name status epel Extra Packages for Enterprise Linux 9 - x86_64 enabled epel-debuginfo Extra Packages for Enterprise Linux 9 - x86_64 - Debug disabled epel-source Extra Packages for Enterprise Linux 9 - x86_64 - Source disabled epel-testing Extra Packages for Enterprise Linux 9 - Testing - x86_64 disabled epel-testing-debuginfo Extra Packages for Enterprise Linux 9 - Testing - x86_64 - Debug disabled epel-testing-source Extra Packages for Enterprise Linux 9 - Testing - x86_64 - Source disabled rhel-9-for-x86_64-appstream-rpms Red Hat Enterprise Linux 9 for x86_64 - AppStream (RPMs) enabled rhel-9-for-x86_64-baseos-rpms Red Hat Enterprise Linux 9 for x86_64 - BaseOS (RPMs) enabled rhel-9-for-x86_64-supplementary-rpms Red Hat Enterprise Linux 9 for x86_64 - Supplementary (RPMs) disabled [root@dbase03 ~]# [root@dbase03 sbin]# vim /etc/dnf/automatic.conf [root@dbase03 sbin]# systemctl enable dnf-automatic.timer Created symlink /etc/systemd/system/timers.target.wants/dnf-automatic.timer → /usr/lib/systemd/system/dnf-automatic.timer. [root@dbase03 sbin]# systemctl start dnf-automatic.timer [root@dbase03 sbin]# systemctl status dnf-automatic.timer ● dnf-automatic.timer - dnf-automatic timer Loaded: loaded (/usr/lib/systemd/system/dnf-automatic.timer; enabled; vendor preset: disabled) Active: active (waiting) since Thu 2022-07-14 14:53:38 PDT; 6s ago Until: Thu 2022-07-14 14:53:38 PDT; 6s ago Trigger: Fri 2022-07-15 06:32:09 PDT; 15h left Triggers: ● dnf-automatic.service Jul 14 14:53:38 dbase03.phas.ubc.ca systemd[1]: Started dnf-automatic timer. [root@dbase03 sbin]# systemctl list-timers NEXT LEFT LAST PASSED UNIT ACTIVATES Thu 2022-07-14 16:17:09 PDT 1h 22min left Wed 2022-07-13 16:17:09 PDT 22h ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean.service Thu 2022-07-14 16:17:52 PDT 1h 22min left Thu 2022-07-14 14:53:32 PDT 1min 26s ago dnf-makecache.timer dnf-makecache.service Fri 2022-07-15 00:00:00 PDT 9h left Thu 2022-07-14 00:00:09 PDT 14h ago logrotate.timer logrotate.service Fri 2022-07-15 00:00:00 PDT 9h left Thu 2022-07-14 00:00:09 PDT 14h ago mlocate-updatedb.timer mlocate-updatedb.service Fri 2022-07-15 06:32:09 PDT 15h left n/a n/a dnf-automatic.timer dnf-automatic.service 5 timers listed. Pass --all to see loaded but inactive timers, too. ================================================================================= 22-07-18 add 32GB disk for /var/lib/mysql and 64GB disk for /backups [root@dbase03 ~]# fdisk -l | grep sd Disk /dev/sda: 32 GiB, 34359738368 bytes, 67108864 sectors /dev/sda1 * 2048 2099199 2097152 1G 83 Linux /dev/sda2 2099200 67108863 65009664 31G 8e Linux LVM Disk /dev/sdb: 32 GiB, 34359738368 bytes, 67108864 sectors [root@dbase03 ~]# fdisk /dev/sdb Welcome to fdisk (util-linux 2.37.4). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Device does not contain a recognized partition table. Created a new DOS disklabel with disk identifier 0xfee0e630. Command (m for help): n Partition type p primary (0 primary, 0 extended, 4 free) e extended (container for logical partitions) Select (default p): p Partition number (1-4, default 1): First sector (2048-67108863, default 2048): Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-67108863, default 67108863): Created a new partition 1 of type 'Linux' and of size 32 GiB. Command (m for help): t Selected partition 1 Hex code or alias (type L to list all): 8e Changed type of partition 'Linux' to 'Linux LVM'. Command (m for help): w The partition table has been altered. Calling ioctl() to re-read partition table. Syncing disks. [root@dbase03 ~]# fdisk -l | grep sd Disk /dev/sda: 32 GiB, 34359738368 bytes, 67108864 sectors /dev/sda1 * 2048 2099199 2097152 1G 83 Linux /dev/sda2 2099200 67108863 65009664 31G 8e Linux LVM Disk /dev/sdb: 32 GiB, 34359738368 bytes, 67108864 sectors /dev/sdb1 2048 67108863 67106816 32G 8e Linux LVM [root@dbase03 ~]# pvcreate /dev/sdb1 Physical volume "/dev/sdb1" successfully created. [root@dbase03 ~]# pvs PV VG Fmt Attr PSize PFree /dev/sda2 rhel_dbase03 lvm2 a-- <31.00g 0 /dev/sdb1 lvm2 --- <32.00g <32.00g [root@dbase03 ~]# vgcreate VGmysql /dev/sdb1 Volume group "VGmysql" successfully created [root@dbase03 ~]# lvcreate --name LVmysql -l 100%FREE VGmysql Logical volume "LVmysql" created. [root@dbase03 ~]# lvs LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert LVmysql VGmysql -wi-a----- <32.00g root rhel_dbase03 -wi-ao---- <28.87g swap rhel_dbase03 -wi-ao---- <2.13g [root@dbase03 ~]# ls -l /dev/VGmysql/LVmysql lrwxrwxrwx. 1 root root 7 Jul 18 11:16 /dev/VGmysql/LVmysql -> ../dm-2 [root@dbase03 ~]# mkfs.xfs /dev/VGmysql/LVmysql meta-data=/dev/VGmysql/LVmysql isize=512 agcount=4, agsize=2096896 blks = sectsz=512 attr=2, projid32bit=1 = crc=1 finobt=1, sparse=1, rmapbt=0 = reflink=1 bigtime=1 inobtcount=1 data = bsize=4096 blocks=8387584, imaxpct=25 = sunit=0 swidth=0 blks naming =version 2 bsize=4096 ascii-ci=0, ftype=1 log =internal log bsize=4096 blocks=4095, version=2 = sectsz=512 sunit=0 blks, lazy-count=1 realtime =none extsz=4096 blocks=0, rtextents=0 [root@dbase03 ~]# ls -ld /var/lib/mysql drwxr-xr-x. 4 mysql mysql 4096 Jul 14 13:36 /var/lib/mysql [root@dbase03 ~]# systemctl status mariadb [root@dbase03 ~]# systemctl stop mariadb.service [root@dbase03 ~]# cd /var/lib [root@dbase03 lib]# mv mysql mysql.hold [root@dbase03 lib]# mkdir mysql [root@dbase03 lib]# chown mysql:mysql mysql [root@dbase03 lib]# vim /etc/fstab [root@dbase03 lib]# mount /var/lib/mysql [root@dbase03 lib]# df -h | grep dev /dev/mapper/rhel_dbase03-root 29G 4.5G 25G 16% / /dev/sda1 1014M 298M 717M 30% /boot /dev/mapper/VGmysql-LVmysql 32G 261M 32G 1% /var/lib/mysql [root@dbase03 lib]# pwd /var/lib [root@dbase03 lib]# cd mysql [root@dbase03 mysql]# rpm -qa | grep -i maria mariadb-connector-c-config-3.2.6-1.el9_0.noarch mariadb-common-10.5.13-2.el9.x86_64 mariadb-connector-c-3.2.6-1.el9_0.x86_64 perl-DBD-MariaDB-1.21-16.el9_0.x86_64 mariadb-errmsg-10.5.13-2.el9.x86_64 mariadb-backup-10.5.13-2.el9.x86_64 mariadb-gssapi-server-10.5.13-2.el9.x86_64 mariadb-10.5.13-2.el9.x86_64 mariadb-server-utils-10.5.13-2.el9.x86_64 mariadb-server-10.5.13-2.el9.x86_64 [root@dbase03 mysql]# yum reinstall mariadb-server mariadb-server-utils mariadb mariadb-common mariadb-backup Reinstalled: mariadb-3:10.5.13-2.el9.x86_64 mariadb-backup-3:10.5.13-2.el9.x86_64 mariadb-common-3:10.5.13-2.el9.x86_64 mariadb-server-3:10.5.13-2.el9.x86_64 mariadb-server-utils-3:10.5.13-2.el9.x86_64 [root@dbase03 mysql]# systemctl status mariadb ○ mariadb.service - MariaDB 10.5 database server Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled) Active: inactive (dead) since Mon 2022-07-18 11:18:57 PDT; 5min ago Docs: man:mariadbd(8) https://mariadb.com/kb/en/library/systemd/ Main PID: 49472 (code=exited, status=0/SUCCESS) Status: "MariaDB server is down" CPU: 0 [root@dbase03 mysql]# systemctl start mariadb [root@dbase03 mysql]# systemctl status mariadb ● mariadb.service - MariaDB 10.5 database server Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled) Active: active (running) since Mon 2022-07-18 11:25:14 PDT; 2s ago Docs: man:mariadbd(8) https://mariadb.com/kb/en/library/systemd/ Process: 541772 ExecStartPre=/usr/libexec/mariadb-check-socket (code=exited, status=0/SUCCESS) Process: 541794 ExecStartPre=/usr/libexec/mariadb-prepare-db-dir mariadb.service (code=exited, status> Process: 541886 ExecStartPost=/usr/libexec/mariadb-check-upgrade (code=exited, status=0/SUCCESS) Main PID: 541874 (mariadbd) Status: "Taking your SQL requests now..." Tasks: 11 (limit: 5760) Memory: 77.0M CPU: 424ms CGroup: /system.slice/mariadb.service └─541874 /usr/libexec/mariadbd --basedir=/usr Jul 18 11:25:14 dbase03.phas.ubc.ca mariadb-prepare-db-dir[541833]: See the MariaDB Knowledgebase at http> Jul 18 11:25:14 dbase03.phas.ubc.ca mariadb-prepare-db-dir[541833]: MySQL manual for more instructions. Jul 18 11:25:14 dbase03.phas.ubc.ca mariadb-prepare-db-dir[541833]: Please report any problems at https:/> Jul 18 11:25:14 dbase03.phas.ubc.ca mariadb-prepare-db-dir[541833]: The latest information about MariaDB > Jul 18 11:25:14 dbase03.phas.ubc.ca mariadb-prepare-db-dir[541833]: You can find additional information a> Jul 18 11:25:14 dbase03.phas.ubc.ca mariadb-prepare-db-dir[541833]: https://dev.mysql.com Jul 18 11:25:14 dbase03.phas.ubc.ca mariadb-prepare-db-dir[541833]: Consider joining MariaDB's strong and> Jul 18 11:25:14 dbase03.phas.ubc.ca mariadb-prepare-db-dir[541833]: https://mariadb.org/get-involved/ Jul 18 11:25:14 dbase03.phas.ubc.ca mariadbd[541874]: 2022-07-18 11:25:14 0 [Note] /usr/libexec/mariadbd > Jul 18 11:25:14 dbase03.phas.ubc.ca systemd[1]: Started MariaDB 10.5 database server. [root@dbase03 mysql]# /usr/bin/mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and haven't set the root password yet, you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password or using the unix_socket ensures that nobody can log into the MariaDB root user without the proper authorisation. You already have your root account protected, so you can safely answer 'n'. Switch to unix_socket authentication [Y/n] n ... skipping. You already have your root account protected, so you can safely answer 'n'. Change the root password? [Y/n] y New password: Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] y ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] y ... Success! By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] y - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] y ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB! [root@dbase03 mysql]# mysql -u root Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 13 Server version: 10.5.13-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> quit Bye -------------------------------------------------------------- https://mariadb.com/kb/en/security-of-mariadb-root-account/ Security of Mariadb root account Ran the mysql_secure_installation script to secure database, setting a root password, and 'Yes' to remainder of questions. At this stage, I assumed that the Mariadb root account was secured with the password, however... Using $ sudo mysql and without entering any password whatsoever, I get access to perform actions normally associated with the root account. How can that be?? and what was the purpose in adding a password, if root access can be so readily gained. Answer Answered by Brian Evans in this comment. This is a Debian decision to: Not require a password with sudo Utilize the unix_socket plugin by default The latter is set in the Debian install scripts. You can override this by removing the plugin for 'root'@'localhost' as long as you understand that Debian scripts may be looking for their default. -------------------------------------------------------------- [root@dbase03 mysql]# systemctl restart mariadb [root@dbase03 mysql]# mysql -u root Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 14 Server version: 10.5.13-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> quit Bye [root@dbase03 mysql]# systemctl list-unit-files | grep mari mariadb.service enabled disabled mariadb@.service disabled disabled [root@dbase03 mysql]# systemctl list-unit-files | grep -i sql var-lib-mysql.mount generated - mysql.service alias - mysqld.service alias - [root@dbase03 mysql]# systemctl status mysql ● mariadb.service - MariaDB 10.5 database server Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled) Active: active (running) since Mon 2022-07-18 11:27:46 PDT; 2min 34s ago Docs: man:mariadbd(8) https://mariadb.com/kb/en/library/systemd/ Process: 542076 ExecStartPre=/usr/libexec/mariadb-check-socket (code=exited, status=0/SUCCESS) Process: 542098 ExecStartPre=/usr/libexec/mariadb-prepare-db-dir mariadb.service (code=exited, status> Process: 542145 ExecStartPost=/usr/libexec/mariadb-check-upgrade (code=exited, status=0/SUCCESS) Main PID: 542133 (mariadbd) Status: "Taking your SQL requests now..." Tasks: 9 (limit: 5760) Memory: 65.8M CPU: 221ms CGroup: /system.slice/mariadb.service └─542133 /usr/libexec/mariadbd --basedir=/usr Jul 18 11:27:45 dbase03.phas.ubc.ca systemd[1]: Starting MariaDB 10.5 database server... Jul 18 11:27:46 dbase03.phas.ubc.ca mariadb-prepare-db-dir[542098]: Database MariaDB is probably initiali> Jul 18 11:27:46 dbase03.phas.ubc.ca mariadb-prepare-db-dir[542098]: If this is not the case, make sure th> Jul 18 11:27:46 dbase03.phas.ubc.ca mariadbd[542133]: 2022-07-18 11:27:46 0 [Note] /usr/libexec/mariadbd > Jul 18 11:27:46 dbase03.phas.ubc.ca systemd[1]: Started MariaDB 10.5 database server. lines 1-21/21 (END) ----------------------------------------------------------- [root@dbase03 ~]# fdisk -l | grep sd Disk /dev/sda: 32 GiB, 34359738368 bytes, 67108864 sectors /dev/sda1 * 2048 2099199 2097152 1G 83 Linux /dev/sda2 2099200 67108863 65009664 31G 8e Linux LVM Disk /dev/sdb: 32 GiB, 34359738368 bytes, 67108864 sectors /dev/sdb1 2048 67108863 67106816 32G 8e Linux LVM Disk /dev/sdc: 64 GiB, 68719476736 bytes, 134217728 sectors [root@dbase03 ~]# fdisk /dev/sdc Welcome to fdisk (util-linux 2.37.4). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Device does not contain a recognized partition table. Created a new DOS disklabel with disk identifier 0xe3c38c69. Command (m for help): n Partition type p primary (0 primary, 0 extended, 4 free) e extended (container for logical partitions) Select (default p): Using default response p. Partition number (1-4, default 1): First sector (2048-134217727, default 2048): Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-134217727, default 134217727): Created a new partition 1 of type 'Linux' and of size 64 GiB. Command (m for help): t Selected partition 1 Hex code or alias (type L to list all): 8e Changed type of partition 'Linux' to 'Linux LVM'. Command (m for help): w The partition table has been altered. Calling ioctl() to re-read partition table. Syncing disks. [root@dbase03 ~]# fdisk -l | grep sd Disk /dev/sda: 32 GiB, 34359738368 bytes, 67108864 sectors /dev/sda1 * 2048 2099199 2097152 1G 83 Linux /dev/sda2 2099200 67108863 65009664 31G 8e Linux LVM Disk /dev/sdb: 32 GiB, 34359738368 bytes, 67108864 sectors /dev/sdb1 2048 67108863 67106816 32G 8e Linux LVM Disk /dev/sdc: 64 GiB, 68719476736 bytes, 134217728 sectors /dev/sdc1 2048 134217727 134215680 64G 8e Linux LVM [root@dbase03 ~]# pvcreate /dev/sdc1 Physical volume "/dev/sdc1" successfully created. [root@dbase03 ~]# vgcreate VGbackup /dev/sdc1 Volume group "VGbackup" successfully created [root@dbase03 ~]# lvcreate --name LVbackup -l 100%FREE VGbackup Logical volume "LVbackup" created. [root@dbase03 ~]# lvs LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert LVbackup VGbackup -wi-a----- <64.00g LVmysql VGmysql -wi-ao---- <32.00g root rhel_dbase03 -wi-ao---- <28.87g swap rhel_dbase03 -wi-ao---- <2.13g [root@dbase03 ~]# vim /etc/fstab [root@dbase03 ~]# grep LV /etc/fstab /dev/mapper/VGmysql-LVmysql /var/lib/mysql xfs defaults 1 2 /dev/mapper/VGbackup-LVbackup /backups xfs defaults 1 2 [root@dbase03 ~]# mkdir /backups [root@dbase03 ~]# mount /backups mount: /backups: wrong fs type, bad option, bad superblock on /dev/mapper/VGbackup-LVbackup, missing codepage or helper program, or other error. [root@dbase03 ~]# mkfs.xfs /dev/VGbackup/LVbackup meta-data=/dev/VGbackup/LVbackup isize=512 agcount=4, agsize=4194048 blks = sectsz=512 attr=2, projid32bit=1 = crc=1 finobt=1, sparse=1, rmapbt=0 = reflink=1 bigtime=1 inobtcount=1 data = bsize=4096 blocks=16776192, imaxpct=25 = sunit=0 swidth=0 blks naming =version 2 bsize=4096 ascii-ci=0, ftype=1 log =internal log bsize=4096 blocks=8191, version=2 = sectsz=512 sunit=0 blks, lazy-count=1 realtime =none extsz=4096 blocks=0, rtextents=0 [root@dbase03 ~]# mount /backups [root@dbase03 ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/rhel_dbase03-root 29G 4.5G 25G 16% / /dev/sda1 1014M 298M 717M 30% /boot /dev/mapper/VGmysql-LVmysql 32G 384M 32G 2% /var/lib/mysql /dev/mapper/VGbackup-LVbackup 64G 489M 64G 1% /backups ------------------------------------- [root@dbase03 httpd]# dnf install certbot Installed: certbot-1.27.0-1.el9.noarch python-josepy-doc-1.13.0-1.el9.noarch python3-acme-1.27.0-1.el9.noarch python3-certbot-1.27.0-1.el9.noarch python3-cffi-1.14.5-5.el9.x86_64 python3-configargparse-1.5.3-1.el9.noarch python3-configobj-5.0.6-25.el9.noarch python3-cryptography-36.0.1-1.el9_0.x86_64 python3-distro-1.5.0-7.el9.noarch python3-josepy-1.13.0-1.el9.noarch python3-parsedatetime-2.6-5.el9.noarch python3-ply-3.11-14.el9.noarch python3-pyOpenSSL-21.0.0-1.el9.noarch python3-pycparser-2.20-6.el9.noarch python3-pyrfc3339-1.1-11.el9.noarch python3-pytz-2021.1-4.el9.noarch python3-requests-toolbelt-0.9.1-16.el9.noarch python3-zope-component-4.3.0-19.el9.noarch python3-zope-event-4.5.0-1.el9~bootstrap.1.noarch python3-zope-interface-5.4.0-5.el9.1.x86_64 [root@dbase03 httpd]# dnf remove certbot Removed: certbot-1.27.0-1.el9.noarch python-josepy-doc-1.13.0-1.el9.noarch python3-acme-1.27.0-1.el9.noarch python3-certbot-1.27.0-1.el9.noarch python3-cffi-1.14.5-5.el9.x86_64 python3-configargparse-1.5.3-1.el9.noarch python3-configobj-5.0.6-25.el9.noarch python3-cryptography-36.0.1-1.el9_0.x86_64 python3-distro-1.5.0-7.el9.noarch python3-josepy-1.13.0-1.el9.noarch python3-parsedatetime-2.6-5.el9.noarch python3-ply-3.11-14.el9.noarch python3-pyOpenSSL-21.0.0-1.el9.noarch python3-pycparser-2.20-6.el9.noarch python3-pyrfc3339-1.1-11.el9.noarch python3-pytz-2021.1-4.el9.noarch python3-requests-toolbelt-0.9.1-16.el9.noarch python3-zope-component-4.3.0-19.el9.noarch python3-zope-event-4.5.0-1.el9~bootstrap.1.noarch python3-zope-interface-5.4.0-5.el9.1.x86_64 -------------------------------------- https://snapcraft.io/install/certbot/rhel [root@dbase03 ~]# dnf install snapd Installed: snap-confine-2.56.2-1.el9.x86_64 snapd-2.56.2-1.el9.x86_64 snapd-selinux-2.56.2-1.el9.noarch [root@dbase03 ~]# systemctl enable --now snapd.socket Created symlink /etc/systemd/system/sockets.target.wants/snapd.socket → /usr/lib/systemd/system/snapd.socket. [root@dbase03 ~]# ln -s /var/lib/snapd/snap /snap [root@dbase03 ~]# snap install certbot --classic error: too early for operation, device not yet seeded or device model not acknowledged [root@dbase03 ~]# snap install certbot --classic 2022-07-18T15:48:19-07:00 INFO Waiting for automatic snapd restart... certbot 1.29.0 from Certbot Project (certbot-eff✓) installed [root@dbase03 ~]# snap install core core 16-2.56.2 from Canonical✓ installed [root@dbase03 ~]# df -h Filesystem Size Used Avail Use% Mounted on devtmpfs 452M 0 452M 0% /dev tmpfs 481M 0 481M 0% /dev/shm tmpfs 193M 5.9M 187M 4% /run /dev/mapper/rhel_dbase03-root 29G 4.8G 25G 17% / /dev/sda1 1014M 298M 717M 30% /boot /dev/mapper/VGbackup-LVbackup 64G 489M 64G 1% /backups /dev/mapper/VGmysql-LVmysql 32G 5.0G 28G 16% /var/lib/mysql tmpfs 97M 56K 96M 1% /run/user/42 tmpfs 97M 40K 97M 1% /run/user/0 /dev/loop0 47M 47M 0 100% /var/lib/snapd/snap/snapd/16292 /dev/loop1 62M 62M 0 100% /var/lib/snapd/snap/core20/1518 /dev/loop2 44M 44M 0 100% /var/lib/snapd/snap/certbot/2192 /dev/loop3 114M 114M 0 100% /var/lib/snapd/snap/core/13425 ================================================================================= 22-07-19 [root@dbase03 ~]# snap remove certbot certbot removed [root@dbase03 ~]# snap remove core error: cannot remove "core": snap "core" is not removable: snap is used by the model [root@dbase03 ~]# systemctl stop snapd.socket [root@dbase03 ~]# systemctl disable snapd.socket Removed /etc/systemd/system/sockets.target.wants/snapd.socket. [root@dbase03 ~]# dnf remove snapd Removed: snap-confine-2.56.2-1.el9.x86_64 snapd-2.56.2-1.el9.x86_64 snapd-selinux-2.56.2-1.el9.noarch [root@dbase03 ~]# yum repolist all Updating Subscription Management repositories. repo id repo name status epel Extra Packages for Enterprise Linux 9 - x86_64 enabled epel-debuginfo Extra Packages for Enterprise Linux 9 - x86_64 - Debug disabled epel-source Extra Packages for Enterprise Linux 9 - x86_64 - Source disabled epel-testing Extra Packages for Enterprise Linux 9 - Testing - x86_64 disabled epel-testing-debuginfo Extra Packages for Enterprise Linux 9 - Testing - x86_64 - Debug disabled epel-testing-source Extra Packages for Enterprise Linux 9 - Testing - x86_64 - Source disabled rhel-9-for-x86_64-appstream-rpms Red Hat Enterprise Linux 9 for x86_64 - AppStream (RPMs) enabled rhel-9-for-x86_64-baseos-rpms Red Hat Enterprise Linux 9 for x86_64 - BaseOS (RPMs) enabled rhel-9-for-x86_64-supplementary-rpms Red Hat Enterprise Linux 9 for x86_64 - Supplementary (RPMs) disabled [root@dbase03 ~]# subscription-manager repos --list +----------------------------------------------------------+ Available Repositories in /etc/yum.repos.d/redhat.repo +----------------------------------------------------------+ Repo ID: rhel-9-for-x86_64-appstream-rpms Repo Name: Red Hat Enterprise Linux 9 for x86_64 - AppStream (RPMs) Repo URL: https://satellite6.it.ubc.ca/pulp/content/UBCITServices/Library/RHEL-9/content/dist/rhel9/$releasever/x86_64/appstrea m/os Enabled: 1 Repo ID: rhel-9-for-x86_64-supplementary-rpms Repo Name: Red Hat Enterprise Linux 9 for x86_64 - Supplementary (RPMs) Repo URL: https://satellite6.it.ubc.ca/pulp/content/UBCITServices/Library/RHEL-9/content/dist/rhel9/$releasever/x86_64/suppleme ntary/os Enabled: 0 Repo ID: rhel-9-for-x86_64-baseos-rpms Repo Name: Red Hat Enterprise Linux 9 for x86_64 - BaseOS (RPMs) Repo URL: https://satellite6.it.ubc.ca/pulp/content/UBCITServices/Library/RHEL-9/content/dist/rhel9/$releasever/x86_64/baseos/o s Enabled: 1 [root@dbase03 ~]# subscription-manager repos --enable=rhel-9-for-x86_64-supplementary-rpms Repository 'rhel-9-for-x86_64-supplementary-rpms' is enabled for this system. [root@dbase03 ~]# dnf install phpMyAdmin Installed: libzip-1.7.3-7.el9.x86_64 nginx-filesystem-1:1.20.1-10.el9.noarch php-common-8.0.13-1.el9.x86_64 php-fpm-8.0.13-1.el9.x86_64 php-gd-8.0.13-1.el9.x86_64 php-intl-8.0.13-1.el9.x86_64 php-mbstring-8.0.13-1.el9.x86_64 php-mysqlnd-8.0.13-1.el9.x86_64 php-pdo-8.0.13-1.el9.x86_64 php-pecl-zip-1.19.2-6.el9.x86_64 php-process-8.0.13-1.el9.x86_64 php-xml-8.0.13-1.el9.x86_64 phpMyAdmin-5.2.0-1.el9.noarch ---------------------------------------------------------- [root@dbase03 ~]# dnf install certbot Installed: certbot-1.27.0-1.el9.noarch python-josepy-doc-1.13.0-1.el9.noarch python3-acme-1.27.0-1.el9.noarch python3-certbot-1.27.0-1.el9.noarch python3-cffi-1.14.5-5.el9.x86_64 python3-configargparse-1.5.3-1.el9.noarch python3-configobj-5.0.6-25.el9.noarch python3-cryptography-36.0.1-1.el9_0.x86_64 python3-distro-1.5.0-7.el9.noarch python3-josepy-1.13.0-1.el9.noarch python3-parsedatetime-2.6-5.el9.noarch python3-ply-3.11-14.el9.noarch python3-pyOpenSSL-21.0.0-1.el9.noarch python3-pycparser-2.20-6.el9.noarch python3-pyrfc3339-1.1-11.el9.noarch python3-pytz-2021.1-4.el9.noarch python3-requests-toolbelt-0.9.1-16.el9.noarch python3-zope-component-4.3.0-19.el9.noarch python3-zope-event-4.5.0-1.el9~bootstrap.1.noarch python3-zope-interface-5.4.0-5.el9.1.x86_64 [root@dbase03 ~]# which apachectl /usr/sbin/apachectl -------------------------------------------------------- [root@dbase03 conf.d]# certbot --dry-run certonly Saving debug log to /var/log/letsencrypt/letsencrypt.log How would you like to authenticate with the ACME CA? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: Spin up a temporary webserver (standalone) 2: Place files in webroot directory (webroot) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2 Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): dbase03-admin@mail.phas.ubc.ca - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server. Do you agree? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Account registered. Please enter the domain name(s) you would like on your certificate (comma and/or space separated) (Enter 'c' to cancel): dbase03.phas.ubc.ca Simulating a certificate request for dbase03.phas.ubc.ca Input the webroot for dbase03.phas.ubc.ca: (Enter 'c' to cancel): /var/www/html The dry run was successful. [root@dbase03 conf.d]# certbot certonly -w /var/www/html -d dbase03.phas.ubc.ca Saving debug log to /var/log/letsencrypt/letsencrypt.log How would you like to authenticate with the ACME CA? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: Spin up a temporary webserver (standalone) 2: Place files in webroot directory (webroot) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2 Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): dbase03-admin@mail.phas.ubc.ca - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server. Do you agree? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Account registered. Requesting a certificate for dbase03.phas.ubc.ca Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/dbase03.phas.ubc.ca/fullchain.pem Key is saved at: /etc/letsencrypt/live/dbase03.phas.ubc.ca/privkey.pem This certificate expires on 2022-10-17. These files will be updated when the certificate renews. Certbot has set up a scheduled task to automatically renew this certificate in the background. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [root@dbase03 letsencrypt]# systemctl list-timers NEXT LEFT LAST PASSED UNIT ACTIVATES Tue 2022-07-19 15:00:02 PDT 1h 19min left Tue 2022-07-19 13:14:22 PDT 26min ago dnf-makecache.timer dnf-makecache.service Tue 2022-07-19 16:20:33 PDT 2h 39min left Mon 2022-07-18 16:20:33 PDT 21h ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean.se Wed 2022-07-20 00:00:00 PDT 10h left Tue 2022-07-19 00:00:09 PDT 13h ago logrotate.timer logrotate.service Wed 2022-07-20 00:00:00 PDT 10h left Tue 2022-07-19 00:00:09 PDT 13h ago mlocate-updatedb.timer mlocate-updatedb.service Wed 2022-07-20 06:17:53 PDT 16h left Tue 2022-07-19 06:08:24 PDT 7h ago dnf-automatic.timer dnf-automatic.service 5 timers listed. Pass --all to see loaded but inactive timers, too. [root@dbase03 letsencrypt]# systemctl list-timers --all NEXT LEFT LAST PASSED UNIT ACTIVATES > Tue 2022-07-19 15:00:02 PDT 1h 10min left Tue 2022-07-19 13:14:22 PDT 35min ago dnf-makecache.timer dnf-makecache.service Tue 2022-07-19 16:20:33 PDT 2h 31min left Mon 2022-07-18 16:20:33 PDT 21h ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean.se> Wed 2022-07-20 00:00:00 PDT 10h left Tue 2022-07-19 00:00:09 PDT 13h ago logrotate.timer logrotate.service Wed 2022-07-20 00:00:00 PDT 10h left Tue 2022-07-19 00:00:09 PDT 13h ago mlocate-updatedb.timer mlocate-updatedb.service Wed 2022-07-20 06:17:53 PDT 16h left Tue 2022-07-19 06:08:24 PDT 7h ago dnf-automatic.timer dnf-automatic.service n/a n/a n/a n/a certbot-renew.timer certbot-renew.service 6 timers listed. [root@dbase03 letsencrypt]# locate certbot-renew /etc/systemd/system/timers.target.wants/certbot-renew.timer /usr/lib/systemd/system/certbot-renew.service /usr/lib/systemd/system/certbot-renew.timer ============================================================================ 22-07-20 [root@dbase03 src]# yum -y install ./falcon-sensor-6.41.0-13804.el9.x86_64.rpm Installed products updated. Upgraded: falcon-sensor-6.41.0-13804.el9.x86_64 -------------------------------------------------- [root@dbase03 mysql]# firewall-cmd --get-default-zone public [root@dbase03 mysql]# firewall-cmd --get-active-zones public interfaces: ens192 [root@dbase03 mysql]# firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: ens192 sources: services: cockpit dhcpv6-client http https ssh ports: protocols: forward: yes masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: rule family="ipv4" source address="142.103.236.6" port port="873" protocol="tcp" accept rule family="ipv4" source address="142.103.235.80" port port="3306" protocol="tcp" accept rule family="ipv4" source address="142.103.51.4" port port="873" protocol="tcp" accept rule family="ipv4" source address="142.103.235.1" port port="3306" protocol="tcp" accept rule family="ipv4" source address="142.103.236.30" port port="873" protocol="tcp" accept [root@dbase03 mysql]# cd /etc/firewalld/ [root@dbase03 firewalld]# ll total 12 -rw-------. 1 root root 2484 Jul 14 13:33 firewalld.conf -rw-r--r--. 1 root root 2484 Nov 23 2021 firewalld.conf.old drwxr-x---. 2 root root 6 Nov 23 2021 helpers drwxr-x---. 2 root root 6 Nov 23 2021 icmptypes drwxr-x---. 2 root root 6 Nov 23 2021 ipsets -rw-r--r--. 1 root root 271 Nov 23 2021 lockdown-whitelist.xml drwxr-x---. 2 root root 6 Nov 23 2021 policies drwxr-x---. 2 root root 6 Nov 23 2021 services drwxr-x---. 2 root root 46 Jul 13 11:44 zones [root@dbase03 firewalld]# diff firewalld.conf firewalld.conf.old 50c50 < LogDenied=all --- > LogDenied=off [root@dbase03 firewalld]# ll zones/ total 8 -rw-r--r--. 1 root root 1025 Jul 14 13:40 public.xml -rw-r--r--. 1 root root 900 Jul 14 13:40 public.xml.old [root@dbase03 firewalld]# vim zones/public.xml [root@dbase03 firewalld]# firewall-cmd --list-rich-rules rule family="ipv4" source address="142.103.236.6" port port="873" protocol="tcp" accept rule family="ipv4" source address="142.103.235.80" port port="3306" protocol="tcp" accept rule family="ipv4" source address="142.103.51.4" port port="873" protocol="tcp" accept rule family="ipv4" source address="142.103.235.1" port port="3306" protocol="tcp" accept rule family="ipv4" source address="142.103.236.30" port port="873" protocol="tcp" accept [root@dbase03 firewalld]# firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.51.0/24 port port=3306 protocol=tcp accept' success o [root@dbase03 firewalld]# firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.236.0/24 port port=3306 protocol=tcp accept' success [root@dbase03 firewalld]# firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.51.0/24 port port=138 protocol=udp reject' success [root@dbase03 firewalld]# firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.239.113 port port=3306 protocol=tcp accept' success [root@dbase03 firewalld]# firewall-cmd --list-rich-rules | sort rule family="ipv4" source address="142.103.235.1" port port="3306" protocol="tcp" accept rule family="ipv4" source address="142.103.235.80" port port="3306" protocol="tcp" accept rule family="ipv4" source address="142.103.236.0/24" port port="3306" protocol="tcp" accept rule family="ipv4" source address="142.103.236.30" port port="873" protocol="tcp" accept rule family="ipv4" source address="142.103.236.6" port port="873" protocol="tcp" accept rule family="ipv4" source address="142.103.239.113" port port="3306" protocol="tcp" accept rule family="ipv4" source address="142.103.51.0/24" port port="138" protocol="udp" reject rule family="ipv4" source address="142.103.51.0/24" port port="3306" protocol="tcp" accept rule family="ipv4" source address="142.103.51.4" port port="873" protocol="tcp" accept ==================================================================== 22-07-21 migrate users from dabse01 to dbase03 https://wisdmlabs.com/blog/migrate-mysql-users-one-server-another/ ON dbase01 ---------- # cd /etc/automysqlbackup/ # mysql -B -N -uroot -p -e "SELECT CONCAT('\'', user,'\'@\'', host, '\'') FROM user WHERE user != 'debian-sys-maint' AND user != 'root' AND user != ''" mysql > mysql_all_users.txt # vim mysql_all_users.txt # while read line; do mysql -B -N -uroot -p -e "SHOW GRANTS FOR $line"; done < mysql_all_users.txt > mysql_all_users_sql.sql # vim mysql_all_users_sql.sql # sed -i 's/$/;/' mysql_all_users_sql.sql # vim mysql_all_users_sql.sql Importing the Users Transfer this file onto the new server. ON dbase03 ---------- Navigate to the directory where you have stored the file and execute the cmd below: #mysql -u root -p < mysql_all_users_sql.sql ==================================================================== 22-07024 [root@dbase03 automysqlbackup]# mysql -u root Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 163 Server version: 10.5.13-MariaDB MariaDB Server MariaDB [(none)]> select ( pl.connections / gv.max_connections ) * 100 as percentage_used_connections -> from -> ( select count(*) as connections from information_schema.processlist ) as pl, -> ( select VARIABLE_VALUE as max_connections from information_schema.global_variables where variable_name = 'MAX_CONNECTIONS' ) as gv; +-----------------------------+ | percentage_used_connections | +-----------------------------+ | 0.6622516556291391 | +-----------------------------+ 1 row in set (0.109 sec) MariaDB [(none)]> select count(*) as connections from information_schema.processlist; +-------------+ | connections | +-------------+ | 1 | +-------------+ 1 row in set (0.005 sec) MariaDB [(none)]> select VARIABLE_VALUE as max_connections from information_schema.global_variables where variable_name = 'MAX_CONNECTIONS'; +-----------------+ | max_connections | +-----------------+ | 151 | +-----------------+ 1 row in set (0.002 sec) MariaDB [(none)]> SHOW PROCESSLIST; +-----+------+-----------+------+---------+------+----------+------------------+----------+ | Id | User | Host | db | Command | Time | State | Info | Progress | +-----+------+-----------+------+---------+------+----------+------------------+----------+ | 163 | root | localhost | NULL | Query | 0 | starting | SHOW PROCESSLIST | 0.000 | +-----+------+-----------+------+---------+------+----------+------------------+----------+ 1 row in set (0.005 sec) ================================================================================================================ 22-08-31 [root@dbase03 ~]# dnf search neofetch Updating Subscription Management repositories. Last metadata expiration check: 0:06:22 ago on Wed 31 Aug 2022 02:38:34 PM PDT. =========================================================== Name Exactly Matched: neofetch =========================================================== neofetch.noarch : CLI system information tool written in Bash [root@dbase03 ~]# yum install neofetch Installed: ImageMagick-6.9.12.61-1.el9.x86_64 ImageMagick-libs-6.9.12.61-1.el9.x86_64 LibRaw-0.20.2-5.el9.x86_64 adwaita-gtk2-theme-3.28-14.el9.x86_64 caca-utils-0.99-0.60.beta20.el9.x86_64 catimg-2.7.0-4.el9.x86_64 graphviz-2.44.0-25.el9.x86_64 gtk2-2.24.33-7.el9.x86_64 ibus-gtk2-1.5.25-2.el9.x86_64 imath-3.1.2-1.el9.x86_64 imlib2-1.7.4-1.el9.x86_64 jasper-libs-2.0.28-3.el9.x86_64 libXaw-1.0.13-19.el9.x86_64 libcaca-0.99-0.60.beta20.el9.x86_64 libcanberra-gtk2-0.30-26.el9.x86_64 liblqr-1-0.4.2-19.el9.x86_64 libraqm-0.8.0-1.el9.x86_64 libwmf-lite-0.2.12-9.el9.x86_64 mkfontscale-1.2.1-3.el9.x86_64 neofetch-7.1.0-7.el9.noarch openexr-libs-3.1.1-2.el9.x86_64 xorg-x11-fonts-ISO8859-1-100dpi-7.5-33.el9.noarch [root@dbase03 ~]# dnf repolist epel -v Loaded plugins: builddep, changelog, config-manager, copr, debug, debuginfo-install, download, generate_completion_cache, groups-manager, kpatch, needs-restarting, playground, product-id, repoclosure, repodiff, repograph, repomanage, reposync, subscription-manager, uploadprofile Updating Subscription Management repositories. DNF version: 4.10.0 cachedir: /var/cache/dnf Red Hat Enterprise Linux 9 for x86_64 - BaseOS (RPMs) 64 kB/s | 4.1 kB 00:00 Red Hat Enterprise Linux 9 for x86_64 - Supplementary (RPMs) 30 kB/s | 1.9 kB 00:00 Red Hat Enterprise Linux 9 for x86_64 - AppStream (RPMs) 65 kB/s | 4.1 kB 00:00 Repo-id : epel Repo-name : Extra Packages for Enterprise Linux 9 - x86_64 Repo-status : enabled Repo-revision : 1661850723 Repo-updated : Tue 30 Aug 2022 02:19:53 AM PDT Repo-pkgs : 7,654 Repo-available-pkgs: 7,654 Repo-size : 7.2 G Repo-metalink : https://mirrors.fedoraproject.org/metalink?repo=epel-9&arch=x86_64&infra=$infra&content=$contentdir Updated : Wed 31 Aug 2022 12:52:43 PM PDT Repo-baseurl : rsync://muug.ca/fedora-epel/9/Everything/x86_64/ (156 more) Repo-expire : 172,800 second(s) (last: Wed 31 Aug 2022 12:52:43 PM PDT) Repo-filename : /etc/yum.repos.d/epel.repo Total packages: 7,654 ================================================================================================================ 22-10-31 # cd /etc/firewalld/zones/ # vim public.xml # ll public.xml* -rw-r--r--. 1 root root 1770 Oct 21 09:24 public.xml -rw-r--r--. 1 root root 1646 Oct 20 07:59 public.xml.old # cp public.xml public.xml.221021 # firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.51.66 port port=3306 protocol=tcp accept' success # history | grep perman 1022 #1666193588# firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.236.0/24 port port=3306 protocol=tcp accept' --permanent 1027 #1666193823# firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.51.54 port port=3306 protocol=tcp accept' --permanent 1029 #1666193823# firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.51.54 port port=3306 protocol=tcp accept' --permanent 1039 #1666195994# firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="142.103.51.5" port protocol="tcp" port="3306" accept' 1047 #1666195531# firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.51.54 port port=3306 protocol=tcp accept' --permanent 1058 #1666218966# firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.51.51 port port=3306 protocol=tcp accept' --permanent 1062 #1666277945# firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.51.6 port port=3306 protocol=tcp accept' --permanent 1063 #1666277945# firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.51.6 port port=3306 protocol=tcp accept' --permanent 1065 #1666369462# firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.51.51 port port=3306 protocol=tcp accept' --permanent 1066 #1666369483# firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.51.53 port port=3306 protocol=tcp accept' --permanent 1083 #1667235319# history | grep perman # firewall-cmd --add-rich-rule='rule family=ipv4 source address=142.103.51.66 port port=3306 protocol=tcp accept' --permanent success # diff public.xml public.xml.221021 65,69d64 < < < < < ================================================================================================================ 230227 # cat /etc/logwatch/conf/ignore.conf ###### REGULAR EXPRESSIONS IN THIS FILE WILL BE TRIMMED FROM REPORT OUTPUT ##### # # next line added 230227 by rdp .*CMDEND \(run-parts /etc/cron.hourly\) ================================================================================================================ [root@dbase03-EduCld-RH9 ] 09:48:33 # shutdown -r 23:30 "Maintenance reboot at 11:30pm 23-05-02" Reboot scheduled for Tue 2023-05-02 23:30:00 PDT, use 'shutdown -c' to cancel. # shutdown -r 23:30 "Maintenance reboot at 11:30pm 23-05-15" ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 23-06-28" Reboot scheduled for Wed 2023-06-28 23:30:00 PDT, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 23-08-16" Reboot scheduled for Wed 2023-08-16 23:30:00 PDT, use 'shutdown -c' to cancel. ================================================================================================================ 23-11-08 # systemctl status dnf-automatic-download.timer ○ dnf-automatic-download.timer - dnf-automatic-download timer Loaded: loaded (/usr/lib/systemd/system/dnf-automatic-download.timer; disabled; preset: disabled) Active: inactive (dead) Trigger: n/a Triggers: ● dnf-automatic-download.service # systemctl status dnf-automatic-install.timer ○ dnf-automatic-install.timer - dnf-automatic-install timer Loaded: loaded (/usr/lib/systemd/system/dnf-automatic-install.timer; disabled; preset: disabled) Active: inactive (dead) Trigger: n/a Triggers: ● dnf-automatic-install.service # systemctl status dnf-automatic-notifyonly.timer ○ dnf-automatic-notifyonly.timer - dnf-automatic-notifyonly timer Loaded: loaded (/usr/lib/systemd/system/dnf-automatic-notifyonly.timer; disabled; preset: disabled) Active: inactive (dead) Trigger: n/a Triggers: ● dnf-automatic-notifyonly.service # systemctl status dnf-automatic.timer ● dnf-automatic.timer - dnf-automatic timer Loaded: loaded (/usr/lib/systemd/system/dnf-automatic.timer; enabled; preset: disabled) Active: active (waiting) since Wed 2023-08-16 23:31:34 PDT; 2 months 22 days ago Until: Wed 2023-08-16 23:31:34 PDT; 2 months 22 days ago Trigger: Thu 2023-11-09 06:09:29 PST; 18h left Triggers: ● dnf-automatic.service Notice: journal has been rotated since unit was started, output may be incomplete. ================================================================================================================ 23-11-15 eliminate problem with nessus report 51192 - SSL Certificate Cannot Be Trusted # certbot certonly --apache --preferred-chain "ISRG Root X1" Saving debug log to /var/log/letsencrypt/letsencrypt.log The requested apache plugin does not appear to be installed Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. # dnf install certbot python3-certbot-apache Installed: augeas-libs-1.13.0-5.el9.x86_64 python3-augeas-0.5.0-25.el9.noarch python3-certbot-apache-2.6.0-1.el9.noarch # certbot certonly --apache --preferred-chain "ISRG Root X1" Saving debug log to /var/log/letsencrypt/letsencrypt.log Which names would you like to activate HTTPS for? We recommend selecting either all domains, or all domains in a VirtualHost/server block. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: dbase03.phas.ubc.ca - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - An RSA certificate named dbase03.phas.ubc.ca already exists. Do you want to update its key type to ECDSA? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (U)pdate key type/(K)eep existing key type: U Renewing an existing certificate for dbase03.phas.ubc.ca Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/dbase03.phas.ubc.ca/fullchain.pem Key is saved at: /etc/letsencrypt/live/dbase03.phas.ubc.ca/privkey.pem This certificate expires on 2024-02-13. These files will be updated when the certificate renews. Certbot has set up a scheduled task to automatically renew this certificate in the background. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-01-10" Reboot scheduled for Wed 2024-01-10 23:30:00 PST, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-01-31" Reboot scheduled for Wed 2024-01-31 23:30:00 PST, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-03-13" Reboot scheduled for Wed 2024-03-13 23:30:00 PDT, use 'shutdown -c' to cancel. ================================================================================================================ 24-05-07 # dnf update Updating Subscription Management repositories. Red Hat Enterprise Linux 9 for x86_64 - BaseOS (RPMs) 65 kB/s | 4.1 kB 00:00 Red Hat Enterprise Linux 9 for x86_64 - Supplementary (RPMs) 67 kB/s | 3.7 kB 00:00 Red Hat Enterprise Linux 9 for x86_64 - AppStream (RPMs) 33 kB/s | 4.5 kB 00:00 Red Hat Satellite Client 6 for RHEL 9 x86_64 (RPMs) 64 kB/s | 3.8 kB 00:00 Error: Problem: package ImageMagick-libs-6.9.12.93-1.el9.x86_64 from @System requires libraw_r.so.20()(64bit), but none of the providers can be installed - cannot install both LibRaw-0.21.1-1.el9.x86_64 from rhel-9-for-x86_64-appstream-rpms and LibRaw-0.20.2-6.el9.x86_64 from @System - cannot install both LibRaw-0.21.1-1.el9.x86_64 from rhel-9-for-x86_64-appstream-rpms and LibRaw-0.20.2-5.el9.x86_64 from rhel-9-for-x86_64-appstream-rpms - cannot install both LibRaw-0.21.1-1.el9.x86_64 from rhel-9-for-x86_64-appstream-rpms and LibRaw-0.20.2-6.el9.x86_64 from rhel-9-for-x86_64-appstream-rpms - cannot install the best update candidate for package LibRaw-0.20.2-6.el9.x86_64 - cannot install the best update candidate for package ImageMagick-libs-6.9.12.93-1.el9.x86_64 (try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages) # rpm -qa | grep -i ImageMagick ImageMagick-libs-6.9.12.93-1.el9.x86_64 ImageMagick-6.9.12.93-1.el9.x86_64 # dnf remove ImageMagick ImageMagick-libs Updating Subscription Management repositories. Dependencies resolved. ================================================================================================================================================================================= Package Architecture Version Repository Size ================================================================================================================================================================================= Removing: ImageMagick x86_64 6.9.12.93-1.el9 @epel 236 k ImageMagick-libs x86_64 6.9.12.93-1.el9 @epel 8.2 M Removing unused dependencies: LibRaw x86_64 0.20.2-6.el9 @rhel-9-for-x86_64-appstream-rpms 2.2 M graphviz x86_64 2.44.0-25.el9 @rhel-9-for-x86_64-appstream-rpms 12 M imath x86_64 3.1.2-1.el9 @rhel-9-for-x86_64-appstream-rpms 363 k jasper-libs x86_64 2.0.28-3.el9 @rhel-9-for-x86_64-appstream-rpms 326 k libXaw x86_64 1.0.13-19.el9 @rhel-9-for-x86_64-appstream-rpms 498 k liblqr-1 x86_64 0.4.2-19.el9 @epel 97 k libraqm x86_64 0.8.0-1.el9 @epel 29 k libwmf-lite x86_64 0.2.12-10.el9 @rhel-9-for-x86_64-appstream-rpms 163 k mkfontscale x86_64 1.2.1-3.el9 @rhel-9-for-x86_64-appstream-rpms 54 k openexr-libs x86_64 3.1.1-2.el9 @rhel-9-for-x86_64-appstream-rpms 4.7 M xorg-x11-fonts-ISO8859-1-100dpi noarch 7.5-33.el9 @rhel-9-for-x86_64-appstream-rpms 1.0 M Transaction Summary ================================================================================================================================================================================= Remove 13 Packages Removed: ImageMagick-6.9.12.93-1.el9.x86_64 ImageMagick-libs-6.9.12.93-1.el9.x86_64 LibRaw-0.20.2-6.el9.x86_64 graphviz-2.44.0-25.el9.x86_64 imath-3.1.2-1.el9.x86_64 jasper-libs-2.0.28-3.el9.x86_64 libXaw-1.0.13-19.el9.x86_64 liblqr-1-0.4.2-19.el9.x86_64 libraqm-0.8.0-1.el9.x86_64 libwmf-lite-0.2.12-10.el9.x86_64 mkfontscale-1.2.1-3.el9.x86_64 openexr-libs-3.1.1-2.el9.x86_64 xorg-x11-fonts-ISO8859-1-100dpi-7.5-33.el9.noarch Complete! ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-05-14" Reboot scheduled for Tue 2024-05-14 23:30:00 PDT, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-05-27" Reboot scheduled for Mon 2024-05-27 23:30:00 PDT, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-06-06" Reboot scheduled for Thu 2024-06-06 23:30:00 PDT, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-06-24" Reboot scheduled for Mon 2024-06-24 23:30:00 PDT, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-07-10" Reboot scheduled for Wed 2024-07-10 23:30:00 PDT, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-07-17" Reboot scheduled for Wed 2024-07-17 23:30:00 PDT, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-08-20" Reboot scheduled for Tue 2024-08-20 23:30:00 PDT, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-08-30" Reboot scheduled for Fri 2024-08-30 23:30:00 PDT, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-09-16" Reboot scheduled for Mon 2024-09-16 23:30:00 PDT, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-10-16" Reboot scheduled for Wed 2024-10-16 23:30:00 PDT, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-11-06" Reboot scheduled for Wed 2024-11-06 23:30:00 PST, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-11-19" Reboot scheduled for Tue 2024-11-19 23:30:00 PST, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 24-12-02" Reboot scheduled for Mon 2024-12-02 23:30:00 PST, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 25-01-03" Reboot scheduled for Fri 2025-01-03 23:30:00 PST, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 25-01-09" Reboot scheduled for Thu 2025-01-09 23:30:00 PST, use 'shutdown -c' to cancel. ================================================================================================================ # shutdown -r 23:30 "Maintenance reboot at 11:30pm 25-02-03" Reboot scheduled for Mon 2025-02-03 23:30:00 PST, use 'shutdown -c' to cancel. ================================================================================================================ shutdown -r 23:30 "Maintenance reboot at 11:30pm 2025-02-06" USEC=1738913400000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/1 WALL_MESSAGE=Maintenance reboot at 11:30pm 2025-02-06 date -d @USEC ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-02-24" USEC=1740468600000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-02-24 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-03-17" USEC=1742279400000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-03-17 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-03-20" USEC=1742538600000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-03-20 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-04-08" USEC=1744180200000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-04-08 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-04-23" USEC=1745476200000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-04-23 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-05-05" USEC=1746513000000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-05-05 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-05-20" USEC=1747809000000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-05-20 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-07-04" USEC=1751697000000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-07-04 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-07-15" USEC=1752647400000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/1 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-07-15 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-07-28" USEC=1753770600000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-07-28 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-07-29" USEC=1753857000000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-07-29 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-08-12" USEC=1755066600000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-08-12 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-08-21" USEC=1755844200000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-08-21 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-08-27" USEC=1756362600000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-08-27 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-09-08" USEC=1757399400000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-09-08 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-09-15" USEC=1758004200000000 WARN_WALL=1 MODE=reboot UID=0 TTY=pts/0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-09-15 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-10-14" USEC=1760509800000000 WARN_WALL=1 MODE=reboot UID=0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-10-14 date -d @USEC ===================================================================================================== ===================================================================================================== # shutdown -r 23:30 "Maintenance reboot at 23:30pm 2025-10-24" USEC=1761373800000000 WARN_WALL=1 MODE=reboot UID=0 WALL_MESSAGE=Maintenance reboot at 23:30pm 2025-10-24 date -d @USEC =====================================================================================================