giovedì 10 novembre 2016

IBM support Ubuntu LTS

today more then one products of IBM support instalaltion on Ubuntu x.x LTS
today you can installo following products of Commerce family

IBM Digital Experience 8.5
DB2
IBM Http Server 8/9
WAS 8.5.x / 9.0

a very good opportunity to sales this product, enjoy


venerdì 23 settembre 2016

Two path to run http server as non-root user

When you install and configure your HTTP server on linux and you need to run it with a non-root user,
you can't bind your service on port 80 or 443, because non-root user can't use port lower then 1024.

in this case if you have ipTables active in your server you can redirect your http/s traffic to another ports, in my case i choose ports 1080 and 1443.

you can configure a specific NAT rule to redirect it like:

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 1080
iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 1043

if you need use localhost you must add following rules

iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 80 -j REDIRECT --to-ports 1080
iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 443 -j REDIRECT --to-ports 1443


to check your configuration

iptables -t nat --line-numbers -n -L

Chain PREROUTING (policy ACCEPT)                                                   
num  target     prot opt source     destination                                    
1    REDIRECT   tcp  --  0.0.0.0/0  0.0.0.0/0          tcp dpt:80 redir ports 1080 2 
 REDIRECT   tcp  --  0.0.0.0/0  0.0.0.0/0          tcp dpt:443 redir ports 1443


In other case if you have not iptables, you can add your user as "sudoers" in your linux machine.

1. 'Touch' the log files:
   touch /opt/IBM/HTTPServer/logs/access_log
   touch /opt/IBM/HTTPServer/logs/error_log
2. Make the following changes in httpd.conf (ensure user 'was run' and group 'was runners' has been created already)
         User wasrun
         Group wasrunners

3. Change ownership of IHS files:
   chown -R wasadmin:wasadmin /opt/IBM/HTTPServer

4. Edit sudoers file (visudo), add the following line:

%wasrunners ALL = (root) NOPASSWD: /opt/IBM/HTTPServer/bin/apachectl *

This means any user in the 'wasrunners' group (prefixed with %) can control (start/stop) the IHS instance as root 
without needing to enter password. If you only want to allow the user 'wasadmin' to perform this, then remove the '%'
 to denote a user.



venerdì 16 settembre 2016

dockerize it

Using doker environment you can deploy and shipped in a very short time your applcation.

Docker containers wrap a piece of software in a complete filesystem that contains everything needed to run: code, runtime, system tools, system libraries – anything that can be installed on a server. This guarantees that the software will always run the same, regardless of its environment.

You can:

  • ACCELERATE DEVELOPERS
  • Stop wasting hours setting up developer environments, spinning up new instances, and making copies of production code to run locally. With Docker, you simply take copies of your live environment and run them on any new endpoint running a Docker engine.
  • DISTRIBUTE & SHARE CONTENT 
    Store, distribute, and manage Docker images in Docker Hub with your team. Image updates, changes, and history are automatically shared across your organization.
  • QUICKLY SCALE
    Docker containers spin up and down in seconds, making it easy to scale application services to satisfy peak customer demand, and then reduce running containers when demand ebbs.

and now IBM how doing?

IBM announces zSystem for Docker

IBM and Docker offer integrated container solutions that can meet the diverse needs of enterprises.

Supporting the creation and deployment of multi-platform, multi-container workloads across hybrid infrastructures,
IBM and Docker accelerate application delivery and enable application lifecycle management for Dockerized containers.




IBM announces Docker on IBM PureApplication System
 The good news is that Docker is now supported on IBM PureApplication v2.1! You can now use Docker containers in the virtual system patterns that you create and you can reference Docker images that are stored on Docker Hub or in a private Docker registry that runs inside PureApplication. Taking advantage of the Docker containers on PureApplication is as easy as building patterns.






if you need more information follow me on slideshare

martedì 26 aprile 2016

you never stop learning :-)

Today I have discovered how to reset the password of a user in the file Registry.xml few simple steps and if you forgot the password for your user you can share ...


open "wsadmin"  in offline mode from the profile


./wsadmin -conntype NONE -lang jython


and launch the jython command


AdminTask.changeFileRegistryAccountPassword
('-userid Wpsadmin -password newpassword')

AdminConfig.save



reboot your jvm and you're done :-)

non si finisce mai di imparare :-)

Oggi ho scoperto come resettare la password di un utente nel file Registry.xml pochi semplici passi e se vi siete dimenticati la password del vostro utente potete ripartire...

aprire wsadmin in modalita non connesso dal profilo

./wsadmin -conntype NONE -lang jython

e lanciare il comando jython

AdminTask.changeFileRegistryAccountPassword
 ('-userId wpsadmin -password newpassword')
AdminConfig.save
 
riavviate la vostra jvm ed il gioco è fatto :-)
 
 

mercoledì 22 luglio 2015

Security Bulletin: Fix Available for Denial of Service Vulnerability in IBM WebSphere Portal (CVE-2015-1943)

BM WebSphere Portal is vulnerable to a denial of service. By sending a malicious request, a remote attacker could exploit this vulnerability to cause the consumption of all CPU or memory resources to cause a denial of service.

more info....