2023年12月27日水曜日

2023年12月26日火曜日

Rocky Linux Web コンソール ( cockpit )

# dnf install cockpit
# systemctl  enable --now cockpit.socket
# firewall-cmd --list-all
# firewall-cmd --add-service=cockpit
# firewall-cmd --runtime-to-permanent

2023年12月14日木曜日

Rocky linux8 にpython3.9をインストール

# dnf module  install python39
# python3 -V
# alternatives --config python3
# python3 -V
# alternatives --config python
# python  -V

dnf module  -y  install python39
python3 -V
alternatives --config python3
alternatives --config python
#python3 -V
#python  -V

 ERROR) RuntimeError: The 'apxs' command appears not to be installed or is not executable.
→dnf install httpd-devel

ERROR)  RuntimeError: Failed to build APR.
→dnf install gcc make

ERROR) /bin/sh: mariadb_config: コマンドが見つかりません
→ dnf install MariaDB-devel

※ curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | bash

ERROR)  pg_config executable not found.
→ dnf install libpq-devel

ERROR)  Python.h: そのようなファイルやディレクトリはありません
→ dnf install python39-devel

ERROR)  /usr/lib/rpm/redhat/redhat-hardened-cc1: そのようなファイルやディレクトリはありません
→ dnf install redhat-rpm-config

ERROR) Unable to find zbar shared library
→ dnf install zbar

ERROR)  ImportError: Module "debug_toolbar.panels.profiling" does not define a "ProfilingPanel" attribute/class
→ ????

ERROR)Trying pkg-config --exists mysqlclient                v 2.2.1
ERROR)  Building wheel for mysqlclient (pyproject.toml) did not run successfully.
ERROR)  /usr/bin/ld: -lz が見つかりません
ERROR)  Failed building wheel for mysqlclient
ERROR) Could not build wheels for mysqlclient, which is required to install pyproject.toml-based projects
→ mysqlclient バージョンダウン    -> 2.1.1

ERROR)  libclntsh.so: cannot open shared object file: No such file or directory
→オラクルクライアントインストール
# find / -print |grep libclntsh
/usr/lib/oracle/11.2/client64/lib/libclntsh.so.11.1
/usr/lib/oracle/11.2/client64/lib/libclntsh.so

# vi /etc/ld.so.conf.d/oracle.conf <<__EOF__
/usr/lib/oracle/11.2/client64/lib/
__EOF__
# ldconfig
# find / -print |grep libclntsh
# ldconfig -p |grep libclntsh

ERROR)  libnsl.so.1: cannot open shared object file: No such file or directory
→ dnf install libnsl

ERROR) django.core.exceptions.ImproperlyConfigured: Error loading psycopg2 or psycopg module
→ dnf install python39-psycopg2

ERROR)  DPI-1047: Cannot locate a 64-bit Oracle Client library: "libclntsh.so: cannot open shared object file: No such file or directory".
→cd /aws/s3/oracle
    dnf localinstall oracle-instantclient19.18-basic-19.18.0.0.0-2.x86_64.rpm --allowerasing

ERROR) ImportError: Unable to find zbar shared library
→ dnf install zbar

ERROR)  NameError: name '_mysql' is not defined
→ dnf remove mysql* Mariadb* MariaDB*
     curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
     dnf install MariaDB-client MariaDB-devel

ERROR)  configure: error: in `/tmp/pip-install-0ldu01pz/mod-wsgi-httpd_02c8a3430d8d48a8b8a6853133b71af8/build/apr-1.7.0':
→ dnf install gcc make

ERROR) failed to map segment from shared object
ls -lZ /var/www/wsgi/utilities/.venv/lib64/python3.9/site-packages/mod_wsgi/server/mod_wsgi-py39.cpython-39-x86_64-linux-gnu.so
-rwxr-xr-x. 1 apache apache unconfined_u:object_r:httpd_sys_content_t:s0 1321400 12月 26 09:54 /var/www/wsgi/utilities/.venv/lib64/python3.9/site-packages/mod_wsgi/server/mod_wsgi-py39.cpython-39-x86_64-linux-gnu.so
chcon -R -h -t httpd_sys_script_exec_t  /var/www/wsgi/utilities/.venv/lib64/python3.9/site-packages/mod_wsgi/server/mod_wsgi-py39.cpython-39-x86_64-linux-gnu.so
※ 当分は、setenforce 0

ERROR) firewall 
→firewall-cmd --add-service=http --zone=public --permanent
    firewall-cmd --reload

ERROR) ImportError: /var/www/wsgi/utilities/django/cx_Oracle.cpython-39-x86_64-linux-gnu.so: failed to map segment from shared object
→setenforce 0

ERROR) curl: (7) Failed to connect to 192.168.100.254 port 3128: 接続を拒否されました
→vi /etc/profile.d/sh.local
export  HTTP_PROXY=http://192.168.254.253:3128
export HTTPS_PROXY=http://192.168.254.253:3128

ERROR) Errors during downloading metadata for repository 'mariadb-main':
  - Status code: 404 for https://dlm.mariadb.com/repo/mariadb-server/10.7....
→ curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash

ERROR) ifconfig netstat command not found
→dnf install net-tools

ERROR) /usr/bin/ld: lzがみつかりません
      /usr/bin/ld: -lssl が見つかりません
      /usr/bin/ld: -lcrypto が見つかりません
      collect2: エラー: ld はステータス 1 で終了しました

    ln -s libz.so.xx libz.so
    ln -s libssl.so.xx libssl.so
    ln -s libcrypto.so.xx libcrypto.so  






2023年12月11日月曜日

The GPG keys listed for the "google-chrome" repository are already installed but they are not correct for this package.

 warning: /var/cache/yum/x86_64/7/google-chrome/packages/google-chrome-stable-120.0.6099.71-1.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID a3b88b8b: NOKEY

https://dl.google.com/linux/linux_signing_key.pub から鍵を取得中です。

The GPG keys listed for the "google-chrome" repository are already installed but they are not correct for this package.

Check that the correct key URLs are configured for this repository.

 Failing package is: google-chrome-stable-120.0.6099.71-1.x86_64

 GPG Keys are configured as: https://dl.google.com/linux/linux_signing_key.pub


→yum install google-chrome-stable.x86_64 --nogpgcheck



2023年12月6日水曜日

oracle statspack

$ sqlplus / as sysdba
-- インストール
SQL> @?/rdbms/admin/spcreate.sql
perfstat_passwordに値を入力してください: password
default_tablespaceに値を入力してください: USERS
temporary_tablespaceに値を入力してください: TEMP
--確認
SQL> SELECT user_id, username FROM dba_users WHERE username = 'PERFSTAT'

$ sqlplus perfuser/password as sysdba
SQL> execute statspack.modify_statspack_parameter(i_snap_level=> 7)
SQL> select snap_id,to_char(snap_time,'yy-mm-dd hh24:mi:ss') snap_time, snap_level from stats$snapshot order by snap_id;

--現在のスナップショットを取得
SQL> execute statspack.snap
SQL> execute statspack.snap(i_snap_level=> 7)

--一時間毎に取得
SQL> @?/rdbms/admin/spauto
SQL> select JOB,NEXT_DATE,INTERVAL,WHAT from dba_jobs;    -- JOB 確認
SQL> execute dbms_job.interval([ジョブID], 'sysdate+(1/48)');   -- インターバル変更
SQL> execute dbms_job.remove([ジョブID]);                                    -- JOΒ削除

--レポート出力
SQL> @?/rdbms/admin/spreport

SQL> @?/rdbms/admin/sprepsql       --SQL単位レポート (Snapshot Level 6 以上)

    2023年11月27日月曜日

    postgre sql 変数定義

    with vars as (
      select '休日' as hol
    )
    select
      holiday,
      case
        when holiday_name = vars.hol then '振替休日'
      else holiday_name 
      end,
      day_of_week
    from vars, sales.mast_祝日マスタ;




    2023年11月13日月曜日

    CPU温度

    # smartctl -a /dev/nvme0n1p1
    # hddtemp /dev/nvme0n1p1
    # sensors
    $ watch sensors 

    2023年11月7日火曜日

    oracle 保守

     【データベース論理チェック】

    # su - oracle
    $ rman target /
    Recovery Manager: Release 19.0.0.0.0 - Production on 火 11月 7 10:40:48 2023
    Version 19.3.0.0.0
    Copyright (c) 1982, 2019, Oracle and/or its affiliates. All rights reserved.
    ターゲット・データベース: ORCL (DBID=1629878299)に接続されました
    RMAN> validate database check logical;

    【TFA】
    # /opt/app/11.2.0/grid/bin/tfactl print status
    TFA-00002 : Oracle Trace File Analyzer (TFA) is not running
    # /opt/app/11.2.0/grid/bin/tfactl start
    Starting TFA..
    start: Job is already running: oracle-tfa
    Waiting up to 100 seconds for TFA to be started..
    . . . . .
    Successfully started TFA Process..
    . . . . .
    TFA Started and listening for commands


    # /opt/app/11.2.0/grid/bin/tfactl print status
    .---------------------------------------------------------------------------------------------.
    | Host | Status of TFA | PID | Port | Version | Build ID | Inventory Status |
    +-------+---------------+-------+------+------------+----------------------+------------------+
    | dbsv2 | RUNNING | 21292 | 5000 | 12.1.2.0.0 | 12120020140619094932 | COMPLETE |
    | dbsv1 | RUNNING | 830 | 5000 | 12.1.2.0.0 | 12120020140619094932 | COMPLETE |
    '-------+---------------+-------+------+------------+----------------------+------------------'

    # /opt/app/11.2.0/grid/bin/tfactl diagcollect -from "Nov/02/2023 15:00:00" -to "Nov/02/2023 19:00:00"
    # /opt/app/11.2.0/grid/bin/tfactl print actions

    # mv /opt/app/grid/tfa/repository/collection_Mon_Nov_20_17_22_24_JST_2023_node_all/dbsv2.tfa_Mon_Nov_20_17_22_24_JST_2023.zip   .
    # mv /opt/app/grid/tfa/repository/collection_Mon_Nov_20_17_22_24_JST_2023_node_all/dbsv1.tfa_Mon_Nov_20_17_22_24_JST_2023.zip   .

    # /opt/app/11.2.0/grid/bin/tfactl print directories                       # 対象ログ表示

    # /opt/app/11.2.0/grid/bin/tfactl directory add /work/oracle/rdbms/diag/rdbms/arcsdbms/arcsdbms1/alert
    # /opt/app/11.2.0/grid/bin/tfactl directory add /work/oracle/rdbms/diag/rdbms/arcsdbms/arcsdbms1/trace
    # /opt/app/11.2.0/grid/bin/tfactl directory add  /work/oracle/rdbms/diag/rdbms/arcsdbms/arcsdbms1/incident

    # /opt/app/11.2.0/grid/bin/tfactl directory add /work/oracle/rdbms/diag/rdbms/arcsdbms/arcsdbms2/alert
    # /opt/app/11.2.0/grid/bin/tfactl directory add /work/oracle/rdbms/diag/rdbms/arcsdbms/arcsdbms2/trace
    # /opt/app/11.2.0/grid/bin/tfactl directory add  /work/oracle/rdbms/diag/rdbms/arcsdbms/arcsdbms2/incident

    /opt/app/11.2.0/grid/bin/tfactl directory add  /work/oracle/tnslsnr/diag/tnslsnr/dbsv1/listener/alert/
    /opt/app/11.2.0/grid/bin/tfactl directory add  /work/oracle/tnslsnr/diag/tnslsnr/dbsv1/listener/trace/

    # /opt/app/11.2.0/grid/bin/tfactl directory add  /opt/app/oracle/diag/tnslsnr/dbsv2/listener/alert/
    # /opt/app/11.2.0/grid/bin/tfactl directory add  /opt/app/oracle/diag/tnslsnr/dbsv2/listener/trace/

    2023年10月30日月曜日

    Rocky linux9.2 インストール powertools epel amdgpu postgres

    【Rocky linux 9.4 AMI 作成  新疑似環境用 】  -- 2024 5/16 rocky linux 9.4 更新
    最小構成でインストール後の設定。
    timedatectl set-timezone Asia/Tokyo
    localectl set-locale LANG=ja_JP.utf8

    # nmcli general hostname rocky94
    # nmcli c add type ethernet ifname enp1s0 con-name "private_db_1a
    # nmcli c mod private_db_1a ipv4.address 10.0.18.201/24
    # nmcli c mod private_db_1a ipv4.method manual
    # nmcli c mod private_db_1a connection.autoconnect yes
    # nmcli c mod private_db_1a ipv4.gateway 10.0.18.2
    # nmcli c up  private_db_1a

    # vi /etc/yum.conf <<__EOF__
    proxy=http://10.0.18.2:3128
    __EOF__

    # dnf clean all
    # dnf update
    # dnf install net-tools

    if [ "$HOST_NAME" = "AMI_ROCKY_20G" ];then
      VLAN=private_mng_1a
      VLAN_IP=10.0.19.100/24
      VLAN_GW=10.0.19.2
      nmcli c delete $VLAN
      nmcli c add type ethernet ifname $DEVICE con-name "$VLAN"
      nmcli c mod $VLAN ipv4.addresses $VLAN_IP
      nmcli c mod $VLAN ipv4.method manual
      nmcli c mod $VLAN connection.autoconnect yes
      nmcli c mod $VLAN ipv4.gateway $VLAN_GW
      nmcli c up $VLAN
    fi

    # dnf config-manager --set-enabled crb
    # dnf install epel-release

    ※ epel 有効/無効
    # dnf config-manager --enable epel
    # dnf config-manager --disable epel      * default 

    # dnf install httpd
    # dnf install https://repo.zabbix.com/zabbix/6.4/rhel/9/x86_64/zabbix-agent2-6.4.14-release1.el9.x86_64.rpm

    #  vi /etc/zabbix/zabbix_agent2.conf

    # vi /etc/zabbix/zabbix_agent2.d/plugins.d/z99-local.conf
    LogFileSize=1
    Server=10.0.19.119
    ServerActive=10.0.19.119:10051
    HostMetadata=Rockylinux
    HostMetadataItem=system.uname
    Include=/etc/zabbix/zabbix_agent2.d/*.conf
    ControlSocket=/run/zabbix/agent.sock
    AllowKey=system.run[*] /etc/sudoers.d


    ※ AllowKeyを設定した場合は、下記も設定
    # visudo
    # vi   /etc/sudoers.d/zabbix
    # Allows zabbix to run all commands without password.
    zabbix ALL=NOPASSWD: ALL

    # dnf install policycoreutils-python-utils

    # semanage boolean -l | grep zabbix
    httpd_can_connect_zabbix       (オフ   ,   オフ)  Allow httpd to can connect zabbix
    zabbix_can_network                     (オフ   ,   オフ)  Allow zabbix to can network
    zabbix_run_sudo                             (オフ   ,   オフ)  Allow zabbix to run sudo

    # setsebool -P httpd_can_connect_zabbix on
    # setsebool -P zabbix_can_network on
    # setsebool -P zabbix_run_sudo  on

    # firewall-cmd --add-port=10050/tcp --zone=public --permanent
    # firewall-cmd --reload

    # systemctl restart zabbix-agent2
    # systemctl enable zabbix-agent2

    【Rocky linux9 CUIベースAMI】
    # dnf install tar
    ./put deploy latest
    【ERROR】 Could not find a version that satisfies the requirement setuptools>=40.8.0 (from versions: none)

    →  vi /etc/profile.d/proxy.sh
    PROXY="http://10.0.12.2:3128"
    export http_proxy=$PROXY
    export HTTP_PROXY=$PROXY
    export https_proxy=$PROXY
    export HTTPS_PROXY=$PROXY

    【ERROR】 RuntimeError: The 'apxs' command appears not to be installed or....
    → dnf install httpd-devel

    【ERROR】RuntimeError: Failed to build APR.
    →dnf install gcc make

    【ERROR】Exception: Can not find valid pkg-config name.  ( mysqlclient==2.2.1)
    → mysqlclient==2.1.0にバージョンダウンで回避。

    【ERROR】OSError: mysql_config not found
    →mariadb クライアントインストール
    # dnf remove mysql*
    # dnf remove Mariadb*
    # curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
    # dnf  install MariaDB-client MariaDB-common MariaDB-devel MariaDB-shared

    ※ curl: (6) Could not resolve host: downloads.mariadb.com
    # vi /etc/profile.d/proxy.sh
    PROXY="http://10.0.12.2:3128"
    export http_proxy=$PROXY
    export HTTP_PROXY=$PROXY
    export https_proxy=$PROXY
    export HTTPS_PROXY=$PROXY

    ※ curl: (6) Could not resolve host: dlm.mariadb.com 
    → vi ~/.curlrc
    proxy=http://10.0.12.2:3128

    【ERROR】Error: pg_config executable not found.
    # dnf -y install https://download.postgresql.org/pub/repos/yum/reporpms/EL-$(rpm -E %{centos})-x86_64/pgdg-redhat-repo-latest.noarch.rpm
    # vi /etc/yum.repos.d/pgdg-redhat-all.repo
    postgres15以外をenable=0
    # dnf install postgresql15-devel
    # PATH=/usr/pgsql-15/bin:$PATH;export PATH     ※ env 内に追加

    【ERROR】 Python.h: そのようなファイルやディレクトリはありません
    → dnf install python3-devel    ※ rocky linux9 では、python39がpython3のデフォルト

    【ERROR】ImportError: Unable to find zbar shared library
    # dnf install epel-release
    # vi /etc/yum.repos.d/epel.repo
    enable=1     ※ 一時的に有効
    # dnf install zbar





    #------------------------------------------------------------------------------------
    timedatectl set-timezone Asia/Tokyo
    localectl set-locale LANG=ja_JP.utf8

    nmcli general hostname rocky92


    nmcli connection modify enp5s0 ipv4.method manual ipv4.addresses 192.168.1.198/24
    nmcli connection modify enp5s0 ipv4.dns 8.8.8.8
    nmcli connection modify enp5s0 ipv4.gateway 192.168.1.1
    #nmcli connection modify enp5s0 ipv4.never-default yes
    nmcli connection modify enp5s0 connection.autoconnect yes

    systemctl restart NetworkManager

    RepositoryrepoidRocky 8Rocky 9
    PowerToolspowertoolsYesNo
    CRBcrbNoYes

    ※ PowerTools → crb

    # dnf config-manager --set-enabled crb
    # dnf install epel-release

    ※ epel 有効/無効
    # dnf config-manager --enable epel
    # dnf config-manager --disable epel
     
     # vi  /etc/yum.repos.d/google-chrome.repo <<__EOF__
    [google-chrome]
    name=google-chrome
    baseurl=http://dl.google.com/linux/chrome/rpm/stable/x86_64
    enabled=1
    gpgcheck=1
    gpgkey=https://dl.google.com/linux/linux_signing_key.pub
    __EOF__
    # dnf update
    # dnf install google-chrome-stable 
     
     # dnf install gnome-tweaks
    「Gnome 拡張機能 アプリ」で設定


    Applications Menu
    Backgroud Logo
    Places Status Indicator
    system-monitor
    window List
    Places Status Indicator Workspaces Bar
    Desktop Icons

     
    # dnf install sshpass
    # dnf install xfreerdp

    # dnf -y install qemu-kvm libvirt virt-install
    # systemctl enable --now libvirtd
    # dnf  install virt-manager

    # dnf install  ntfs-3g ntfsprogs
    # dnf install gimp xsane
    # dnf install libreoffice
    # wget https://github.com/dbeaver/dbeaver/releases/download/23.2.3/dbeaver-ce-23.2.3-stable.x86_64.rpm
    # dnf install dbeaver-ce-23.2.3-stable.x86_64.rpm
    # dnf  install httpd  httpd-devel  mod_ssl

    ※日本語が入らない!!
    設定→Keyboard 
    ・日本語(Anthy)追加
    ・日本語(Anthy)→ Prefferences → 入力タイプ → キーボードレイアウト → jp

    # dnf install  https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm
    # dnf install postgresql15-server postgresql15-contrib
    # PGSETUP_INITDB_OPTIONS='--encoding=UTF-8 --no-locale'
    # postgresql-15-setup initdb
    # passwd postgres
    # vi /var/lib/pgsql/15/data/pg_hba.conf 
    #local   all             all                                   peer
    local     all             all                                    trust
    #host    all             all             127.0.0.1/32            ident
    host all all 192.168.0.0/16                     password272E2F/11
    # vi /var/lib/pgsql/15/data/postgresql.conf
    listen_addresses = '*'          
    port = 5432
    # firewall-cmd --add-port=5432/tcp --zone=public --permanent
    # firewall-cmd --reload
    # mkdir  -p /data/postgres/data
    # chown  -R postgres:postgres /data/postgres/data
    # semanage fcontext -a -t postgresql_db_t "/data/postgres(/.*)?"
    # grep -i postgresql /etc/selinux/targeted/contexts/files/file_contexts.local
    # restorecon -R -v /data/postgres
    # ls -lZR /data/postgres

    # systemctl start postgresql-15
    # systemctl enable postgresql-15

    【AMDGPUー20240109】
    # amdgpu-install  --uninstall
    # rpm -e amdgpu-install
    # rpm -qa|grep -E 'amdgpu|rocm'
    amdgpu-dkms-6.2.4.50700-1652687.el9.noarch
    # wget https://repo.radeon.com/amdgpu-install/latest/rhel/9.3/amdgpu-install-6.0.60000-1.el9.noarch.rpm
    # rpm -Uvh amdgpu-install-6.0.60000-1.el9.noarch.rpm
    # amdgpu-install --usecase=graphics --vulkan=amdvlk --opencl=rocr
    引数に一致する結果がありません: vulkan-amdgpu
    エラー: 一致するものが見つかりません: vulkan-amdgpu
    # amdgpu-install --usecase=graphics  --opencl=rocr
    # amdgpu-install --usecase=rocm

    # dnf reinstall amdgpu-dkms
    ERROR: 古いバージョンが削除できない。
    Error! The module/version combo: amdgpu-6.2.4-1652687.el9 is not located in the DKMS tree.
    エラー: %preun(amdgpu-dkms-1:6.2.4.50700-1652687.el9.noarch) スクリプトの実行に失敗しました。終了ステータス 3

    # dnf --setopt=tsflags=noscripts remove amdgpu-dkms
    # dnf install amdgpu-dkms





    【AMDGPU】
    # amdgpu-install  --uninstall
    # rpm -e amdgpu-install
    # rpm -qa|grep -E 'amdgpu|rocm'

    # wget https://repo.radeon.com/amdgpu-install/6.0.2/rhel/9.3/amdgpu-install-6.0.60002-1.el9.noarch.rpm 
    # rpm -Uvh  amdgpu-install-6.0.60002-1.el9.noarch.rpm

    # amdgpu-install --usecase=graphics --vulkan=amdvlk --opencl=rocr --opengl=mesa
    # amdgpu-install --usecase=rocm  ←不要?
    # rpm -qa|grep -E 'amdgpu|rocm'

     ※(ERROR) package rocm-developer-tools-6.0.2.60002-115.el9.x86_64 from rocm requires rocprofiler = 2.0.60002.60002-115.el9, but none of the providers can be installed
      - package rocprofiler-2.0.60002.60002-115.el9.x86_64 from rocm requires systemd-devel, but none of the providers can be installed


    ※ 4Kにするとちらついて使い物にならない!!
    # dnf reinstall amdgpu-dkms
    でなおった!!

    【参考】
    # rpm -e  amdgpu-install-5.7.50700-1.el9.noarch.rpm
    # wget https://repo.radeon.com/amdgpu-install/5.4.6/rhel/9.2/amdgpu-install-5.4.50406-1.el9.noarch.rpm
    # wget https://repo.radeon.com/amdgpu-install/5.6.1/rhel/9.2/amdgpu-install-5.6.50601-1.el9.noarch.rpm

    ※ 参考
    # amdgpu-install --usecase=graphics --vulkan=amdvlk --opencl=rocr   --opengl=mesa  --accept-eula
    # dnf install -y hip-devel rocm-llvm rocm-device-libs rocm-core
    # amdgpu-install -y --accept-eula

    ※ マルチディスプレイ認識しない。
    ※ モニター名認識しない。
    ※ HDMI audioを認識しない。

    【その他】
    # dnf install sshpass
    # dnf install xfreerdp
    # dnf install setroubleshoot

    ※ terminal で拡大/縮小のショートカットが効かない。
      → teminal->設定->ショートカット で再設定する。

    【BIOS Version 確認】
    # dmidecode

    ※ hub 10-0:1.0: config failed, hub doesn't have any ports! (err -19)

    【GNOME】
    # dnf remove gnome-shell.x86_64
    # dnf autoremove

    # dnf makecache
    # dnf install gnome-shell.x86_64

    2023年10月29日日曜日

    Rocky linux9 KVM インストール (仮想マネージャー)

    【20240130 更新】
    BIOS設定
    # dnf install qemu-kvm qemu-img libvirt virt-manager virt-install virt-viewer libvirt-client
    #  lsmod | grep kvm
    kvm_intel             479232  0
    kvm                  1327104  1 kvm_intel
    irqbypass              16384  1 kvm
    # systemctl start libvirtd
    # systemctl enable libvirtd


    virsh net-create <( cat <<__EOF__
    <network connections="2">
     <name>private_api_1a</name>
     <uuid>9071da35-895a-415c-a983-925f5f836cb6</uuid>
     <bridge name="virbr4" stp="on" delay="0"/>
     <mac address="52:54:00:e3:83:6a"/>
     <domain name="private_api_1a"/>
     <ip address="10.0.11.1" netmask="255.255.255.0">
     </ip>
    </network>
    __EOF__
    )
    virsh net-start           private_api_1a ×
    virsh net-autostart private_api_1a     ×
    virsh net-destroy private_api_1a

    nmcli d  delete  virbr0
    nmcli d delete   virbr4
    nmcli c delete   enp4s0

    # virsh net-list --all









    -------------------------------------------------------------------------------------------------------------------
    # dnf install qemu-kvm qemu-img libvirt virt-manager virt-install virt-viewer libvirt-client guestfs-tools  bridge-utils virt-top  libguestfs-tools
    # dnf install epel-release -y
    # dnf install bridge-utils
    $  lsmod | grep kvm
    kvm_amd               212992  0
    kvm                  1327104  1 kvm_amd
    irqbypass              16384  1 kvm
    ccp                   143360  1 kvm_amd
    # systemctl start libvirtd
    # systemctl enable libvirtd


    # dnf list qemu-kvm qemu-img libvirt virt-manager virt-install virt-viewer libvirt-client guestfs-tools  bridge-utils virt-top  libguestfs-tools
    メタデータの期限切れの最終確認: 0:24:57 前の 2023年12月27日 08時56分16秒 に実施しました。
    インストール済みパッケージ
    bridge-utils.x86_64                     1.7.1-3.el9                                @epel     
    guestfs-tools.x86_64                  1.50.1-3.el9                              @appstream
    libvirt.x86_64                                 9.5.0-7.el9_3                           @appstream
    libvirt-client.x86_64                    9.5.0-7.el9_3                           @appstream
    qemu-img.x86_64                        17:8.0.0-16.el9_3.1               @appstream
    qemu-kvm.x86_64                       17:8.0.0-16.el9_3.1               @appstream
    virt-install.noarch                         4.1.0-4.el9                                @appstream
    virt-manager.noarch                    4.1.0-4.el9                                @appstream
    virt-top.x86_64                               1.1.1-9.el9                                @appstream
    virt-viewer.x86_64                        11.0-1.el9                                  @appstream




    # virsh net-destroy private_api_1a

    2023年7月27日木曜日

    Rocky linux に Openshot インストール

    # dnf -y install flatpak
    # flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
    # flatpak -y install flathub org.openshot.OpenShot

    $ flatpak run org.openshot.OpenShot

    2023年7月3日月曜日

    Rocky Linux 8.8 設定

    #---------------------------------------
    # TIME ZONE
    #---------------------------------------
    # timedatectl set-timezone Asia/Tokyo
    # timedatectl
    # localectl set-locale LANG=ja_JP.utf8
    # localectl

    #------------------------------
    # dns 
    #-------------------------------
    # vi /etc/resolv.conf
    #nameserver 10.14.4.7
    nameserver 8.8.8.8

    # nmcli conn mod ens192 +ipv4.dns 8.8.8.8
    # systemctl restart NetworkManager
    # dig www.example.org


    #------------------------------
    # chrony
    #-------------------------------

    # dnf install chrony

    # systemctl status chronyd
    ● chronyd.service - NTP client/server
    Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
    Active: inactive (dead)
    Docs: man:chronyd(8)
    man:chrony.conf(5)
    # systemctl stop ntpd
    # systemctl disable ntpd
    # systemctl enable chronyd
    # systemctl start chronyd
    # chronyc sources
    MS Name/IP address Stratum Poll Reach LastRx Last sample
    ======================================================================
    ^+ x.ns.gin.ntt.net 2 6 17 2 -2262us[-1053us] +/- 87ms
    ^* time.cloudflare.com 3 6 17 2 +1543us[+2752us] +/- 72ms
    ^+ 122x215x240x51.ap122.ftt> 2 6 17 2 +4556us[+5765us] +/- 49ms
    ^+ gotoky.hojmark.net 2 6 17 2 -3532us[-2323us] +/- 40ms

    #-------------------------------------
    #   net-tools 
    #------------------------------------
    # dnf install net-tools

    #---------------------------------------
    # user作成
    #---------------------------------------
    useradd administrator
    passwd administrator<<__EOF__
    WEB-server-%4266%
    WEB-server-%4266%
    __EOF__
    useradd sysadm
    passwd sysadm<<__EOF__
    WEB-server-\$9166\$
    WEB-server-\$9166\$
    __EOF__
    useradd sysuser
    passwd  sysuser<<__EOF__
    WEB-server-<0308<
    WEB-server-<0308<
    __EOF__
    useradd appuser
    passwd  appuser<<__EOF__
    WEB-server-!4795!
    WEB-server-!4795!
    __EOF__

    # ------------------------------------
    # JAVA
    #-------------------------------------
    # dnf install java-17-openjdk
    # update-alternatives --config java
    # dirname $(readlink $(readlink $(which java)))
    # vi /etc/profile.d/java.sh
    export JAVA_HOME=$(dirname $(dirname $(readlink $(readlink $(which java)))))
    export PATH=$PATH:$JAVA_HOME/bin

    #----------------------------------------
    # tomcat
    #----------------------------------------
    # dnf install wget
    # cd /opt
    # wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.1.10/bin/apache-tomcat-10.1.10.tar.gz
    # tar xzvf apache-tomcat-10.1.10.tar.gz
    # ln -s apache-tomcat-10.1.10 tomcat
    # vi /usr/lib/systemd/system/tomcat.service<<__EOF__
    [Unit]
    Description=Apache Tomcat 10
    After=network.target
    [Service]
    Type=oneshot
    ExecStart=/opt/tomcat/bin/startup.sh
    ExecStop=/opt/tomcat/bin/shutdown.sh
    EnvironmentFile=/etc/sysconfig/tomcat
    RemainAfterExit=yes
    User=tomcat
    Group=tomcat
    [Install]
    WantedBy=multi-user.target
    __EOF__

    # vi /etc/sysconfig/tomcat <<_EOF__
    CATALINA_HOME=/opt/tomcat
    __EOF__

    # cd /opt
    # ln -s /opt/apache-tomcat-10.1.10 tomcat
    # useradd -M -d /opt/tomcat tomcat
    # chown -R tomcat:tomcat  /opt/tomcat /opt/tomcat/*

    # vi /etc/httpd/conf.d/tomcat.conf  <<__EOF__
    <Location /tomcat/ >
    ProxyPass ajp://localhost:8009/
    ProxyPassReverse ajp://localhost:8009/tomcat/
    </Location>
    <Location /docs/ >
    ProxyPass ajp://localhost:8009/docs/
    ProxyPassReverse ajp://localhost:8009/docs/
    </Location>
    <Location /examples/ >
    ProxyPass ajp://localhost:8009/examples/
    ProxyPassReverse ajp://localhost:8009/examples/
    </Location>
    <Location /host-manager/ >
    ProxyPass ajp://localhost:8009/host-manager/
    ProxyPassReverse ajp://localhost:8009/host-manager/
    </Location>
    <Location /manager/ >
    ProxyPass ajp://localhost:8009/manager/
    ProxyPassReverse ajp://localhost:8009/manager/
    </Location>
    __EOF__

    ■ postgres jdbcドライバ
    URL: https://jdbc.postgresql.org/download/
     # mv postgresql-42.6.0.jar /opt/tomca/lib/
    # chown tomcat:tomcat postgresql-42.6.0.jar
    # chmod 640 postgresql-42.6.0.jar

    # vi /opt/tomcat/conf/context.xml
    <Context>
        <Resource name="jdbc/PostgreSQL"
          auth="Container"
          type="javax.sql.DataSource"
          factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
          initialSize="2" maxActive="4" minIdle="1" maxIdle="2"
          username="service_admin" password="casio00"
          driverClassName="org.postgresql.Driver" url="jdbc:postgresql://localhost:5432/servicebase"
          validationQuery="SELECT 1" />
    </Context>

    ■ MariaDB jdbc ドライバ
    java 8+ connector
    3.1.4-GA
    Platform Independent

    # mv  mariadb-java-client-3.1.4.jar /opt/tomcat/lib/
    # chown tomcat:tomcat /opt/tomcat/lib/mariadb-java-client-3.1.4.jar

    # systemctl start tomcat
    # systemctl enable tomcat
    # systemctl restart httpd

    # ------------------------------------
    #  httpd
    #-------------------------------------
    # dnf install https://pkgs.dyn.su/el8/base/x86_64/raven-release-1.0-3.el8.noarch.rpm
    # dnf -y install --disablerepo=AppStream --enablerepo=raven httpd httpd-devel mod_ssl

    # vi /etc/httpd/conf/httpd.conf  << __EOF__
        # add by takahab
        ServerName shqap0392:80
        # del by takahab
        # Listen 80

        # mod by takahab
        #Options Indexes FollowSymLinks
        Options FollowSymLinks

        # add by takahab
       ServerTokens ProductOnly
       ServerSignature Off
      Timeout 300
      TraceEnable off
      Header append X-FRAME-OPTIONS "SAMEORIGIN"
    __EOF__

    # vi /etc/httpd/conf.d/ssl.conf
    ServerName bms.cxdnext.co.jp:443

    # httpd -t
    AH00526: Syntax error on line 101 of /etc/httpd/conf.d/ssl.conf:
    SSLCertificateFile: file '/etc/pki/tls/certs/localhost.crt' does not exist or is empty

    # firewall-cmd --add-service=http --zone=public --permanent
    # firewall-cmd --add-service=https --zone=public --permanent
    # firewall-cmd --reload

    # systemctl restart httpd
    Enter TLS private key passphrase for bms.cxdnext.co.jp:443 (RSA) : *******  

    #------------------------------------------------------
    #  仮証明書
    #------------------------------------------------------
    URL: https://www.digicert.com/help/
    # vi /etc/httpd/conf.d/ssl.conf
    SSLCertificateFile /var/local/certs/bms.cxdnext.co.jp.crt
    SSLCertificateKeyFile /var/local/certs/bms.cxdnext.co.jp.key
    #SSLCertificateChainFile /var/local/certs/bms.cxdnext.co.jp-chain.crt

    $ openssl genrsa -aes256 2048 > bms.cxdnext.co.jp.key
    $ openssl req -new -key bms.cxdnext.co.jp.key > bms.cxdnext.co.jp.csr
    $ openssl x509 -in bms.cxdnext.co.jp.csr -days 36500 -req -signkey bms.cxdnext.co.jp.key > bms.cxdnext.co.jp.crt

    # ls -l /var/local/certs
    -rw-r--r--. 1 root root 1224  7月  6 11:38 bms.cxdnext.co.jp.crt
    -rw-r--r--. 1 root root 1041  7月  6 11:37 bms.cxdnext.co.jp.csr
    -rw-r--r--. 1 root root 1766  7月  6 11:33 bms.cxdnext.co.jp.key

    #----------------------------------------------------------------------------------
    # 本番サーバ証明書発行 (stts.cxdnext.co.jp)
    #----------------------------------------------------------------------------------
    # nmcli general hostname www.exsample.co.jp
    # systemctl restart NetworkManager.service
    # vi /etc/httpd/conf.d/ssl.conf <<__EOF__
    ServerName www.example.co.jp:443
    __EOF__
    # openssl genrsa -aes256 2048 > www.example.co.jp.key
    # openssl req -new -key www.example.co.jp.key > www.example.co.jp.csr
    # openssl x509 -in www.example.co.jp.csr -days 3650 -req -signkey www.example.co.jp.key > www.example.co.jp.crt
    # openssl genrsa -aes256 2048 > www.example.co.jp.key
    Generating RSA private key, 2048 bit long modulus (2 primes)
    .......+++++
    .......................................+++++
    e is 65537 (0x010001)
    Enter pass phrase:example
    Verifying - Enter pass phrase:example
    sh-4.4# openssl req -new -key www.example.co.jp.key > www.example.co.jp.csr
    Enter pass phrase for www.example.co.jp.key:example
    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter '.', the field will be left blank.
    -----
    Country Name (2 letter code) [XX]:JP
    State or Province Name (full name) []:Tokyo
    Locality Name (eg, city) [Default City]:Shibuya-ku
    Organization Name (eg, company) [Default Company Ltd]:EXAMPLE CO., LTD.
    Organizational Unit Name (eg, section) []:
    Common Name (eg, your name or your server's hostname) []:www.example.co.jp
    Email Address []:
    Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []:
    An optional company name []:
    # ls -l /var/local/certs/
    -rw-r--r--. 1 root root 1553 7 月 19 13:58 www.example.co.jp-chain.crt ← 中間証明書
    -rw-r--r--. 1 root root 2333 7 月 19 13:57 www.example.co.jp.crt ← サーバ証明書
    -rw-r--r--. 1 root root 1009 7 月 19 11:43 www.example.co.jp.csr
    -rw-r--r--. 1 root root 1766 7 月 19 11:41 www.example.co.jp.key

    #-------------------------------------------
    # Postgres
    #-------------------------------------------
    # dnf install postgresql14-server 
    # passwd postgres
    postgres_password

    ※ semanage: コマンドが見つかりません
    # dnf provides /usr/sbin/semanage
    # dnf install policycoreutils-python-utils
    # semanage fcontext -a -t postgresql_db_t "/data/postgres(/.*)?"
    # PGSETUP_INITDB_OPTIONS='--encoding=UTF-8 --no-locale'
    # /usr/pgsql-14/bin/postgresql-14-setup initdb
    # vi /var/lib/pgsql/14/data/pg_hba.conf 
    #local   all             all                                   peer
    local     all             all                                    trust
    #host    all             all             127.0.0.1/32            ident
    host all all 192.168.0.0/16                     password

    # vi /var/lib/pgsql/14/data/postgresql.conf
    listen_addresses = '*'          
    port = 5432
    # firewall-cmd --add-port=5432/tcp --zone=public --permanent
    # firewall-cmd --reload
    # mkdir  -p /data/postgres/data
    # chown  -R postgres:postgres /data/postgres/data
    # semanage fcontext -a -t postgresql_db_t "/data/postgres(/.*)?"
    # grep -i postgresql /etc/selinux/targeted/contexts/files/file_contexts.local
    # restorecon -R -v /data/postgres
    # ls -lZR /data/postgres

    (確認)
    #  ls -l /var/lib/pgsql/14/data
     # vi /usr/lib/systemd/system/postgresql-14.service
    #  grep -v -E "^#|^$" /var/lib/pgsql/14/data/pg_hba.conf
    # grep listen_addresses /var/lib/pgsql/14/data/postgresql.conf
    # ls -lZ /var/lib/pgsql
     drwx------. 4 postgres postgres system_u:object_r:postgresql_db_t:s0 51  4月 20 14:26 14

     # systemctl start postgresql-14
    # systemctl enable  postgresql-14

    $ su - postgres

    $ psql -U postgres
    ALTER USER postgres PASSWORD 'password';

    $ psql 
    create user admin with password 'password' superuser;
    create database workbase owner admin;
    grant all privileges on database workbase to admin;

    create user service_admin with password 'password' superuser;
    create database servicebase owner service_admin;
    grant all privileges on database servicebase to service_admin;
    Rocky linux9
     mkdir /data/tablespace_admin
     chown postgres:postgres  /data/tablespace_admin
     chmod 700 /data/tablespace_admin
     mkdir /data/tablespace_office
     chown postgres:postgres  /data/tablespace_office
     chmod 700 /data/tablespace_office
     mkdir /data/tablespace_sales
     chown postgres:postgres  /data/tablespace_sales
     chmod 700 /data/tablespace_sales
     mkdir /data/tablespace_shop
     chown postgres:postgres  /data/tablespace_shop
     chmod 700 /data/tablespace_shop
     mkdir /data/tablespace_calendars
     chown postgres:postgres  /data/tablespace_calendars
     chmod 700 /data/tablespace_calendars

    #-----------------------------------------------
    # MariaDB client
    #-----------------------------------------------
    # curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
    # dnf remove mysql*
    # dnf remove Mariadb*
    # dnf install MariaDB-client MariaDB-devel

    ※ pip install mysqlclientでエラー
         Exception: Can not find valid pkg-config name.
        6/22 リリースのmysqlclient==2.2.0 でエラー発生、 
       → mysqlclient==2.1.0にバージョンダウンで回避。

    # dnf install postgresql14-devel
      - perl(IPC::Run) が提供されません postgresql14-devel-14.8-2PGDG.rhel8.x86_64 に必要です
    → dnf install perl-CPAN
          perl -MCPAN  -e shell
          cpan> install IPC::Run
    → 解決できない!!!

    ※ Error: pg_config executable not found.
     → PATH確認
    #  find / -print |grep pg_config
     # PATH=/usr/pgsql-14/bin:$PATH;export PATH

    ※  libpq-fe.h: そのようなファイルやディレクトリはありません
    postgresql14-develがインストールできない為、やむおえず、/usr/pgpsql-14/include/*
    をコピー。

    #------------------------------------
    #  Oracle client
    #-------------------------------------

    ■ 11gクライアントインストール

    URL: https://www.oracle.com/jp/database/technologies/instant-client/linux-x86-64-downloads.html


    https://www.oracle.com/jp/database/technologies/instant-client/linux-x86-64-downloads.html#license-lightbox

    # dnf localinstall oracle-instantclient11.2-basic-11.2.0.4.0-1.x86_64.rpm
    # vi /etc/ld.so.conf.d/oracle.conf
    /usr/lib/oracle/11.2/client64/lib

    # vi  /etc/profile.d/oracle.sh
    export LD_LIBRARY_PATH=/usr/lib/oracle/11.2/client64/lib/:$LD_LIBRARY_PATH

    # vi /etc/sysconfig/httpd
    LD_LIBRARY_PATH=/usr/lib/oracle/11.2/client64/lib/:$LD_LIBRARY_PATH

    ERROR: django.db.utils.NotSupportedError: Oracle 19 or later is required (found 11.2.0.4.0).

    ■ 19Cクライアントインストール
    # dnf localinstall oracle-instantclient19.18-basic-19.18.0.0.0-2.x86_64.rpm --allowerasing
    # vi /etc/ld.so.conf.d/oracle.conf
    /usr/lib/oracle/19.18/client64/lib

    # vi  /etc/profile.d/oracle.sh
    export LD_LIBRARY_PATH=/usr/lib/oracle/19.18/client64/lib/:$LD_LIBRARY_PATH

    # vi /etc/sysconfig/httpd
    LD_LIBRARY_PATH=/usr/lib/oracle/19.18/client64/lib/:$LD_LIBRARY_PATH

    → 同じエラー発生
        ERROR: django.db.utils.NotSupportedError: Oracle 19 or later is required (found 11.2.0.4.0).

    ※ やむおえず、チェックしているソースをNOPにしたら動作した。
     vi /var/www/wsgi/office/.venv/lib64/python3.9/site-packages/django/db/backends/base/base.py

            if (
                self.features.minimum_database_version is not None
                and self.get_database_version() < self.features.minimum_database_version
            ):
                db_version = ".".join(map(str, self.get_database_version()))
                min_db_version = ".".join(map(str, self.features.minimum_database_version))
                #raise NotSupportedError(
                #    f"{self.display_name} {min_db_version} or later is required "
                #    f"(found {db_version})."
                #)


    #---------------------------------------------------
    # PHP 8.0
    #---------------------------------------------------
    # dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
    # dnf install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
    # dnf module reset php
    # dnf module list php
    # dnf module enable php:remi-8.0
    # dnf install php
    # php --version 
    # dnf repolist all
    # dnf config-manager --disable epel epel-modular remi-modular remi-safe
    # dnf config-manager --enable epel epel-modular

    #------------------------------------------------
    # python3.9
    #------------------------------------------------
    # dnf install python39
    # update-alternatives --display python3
    python3 -ステータスは自動です。
    リンクは現在 /usr/bin/python3.6 を指しています。
    /usr/bin/python3.6 - 優先度 1000000
     スレーブ easy_install-3: /usr/bin/easy_install-3.6
     スレーブ pip-3: /usr/bin/pip-3.6
     スレーブ pip3: /usr/bin/pip3.6
     スレーブ pydoc-3: /usr/bin/pydoc3.6
     スレーブ pydoc3: /usr/bin/pydoc3.6
     スレーブ pyvenv-3: /usr/bin/pyvenv-3.6
     スレーブ python3-man: /usr/share/man/man1/python3.6.1.gz
    /usr/bin/python3.9 - 優先度 3900
     スレーブ easy_install-3: /usr/bin/easy_install-3.9
     スレーブ pip-3: /usr/bin/pip-3.9
     スレーブ pip3: /usr/bin/pip3.9
     スレーブ pydoc-3: /usr/bin/pydoc3.9
     スレーブ pydoc3: /usr/bin/pydoc3.9
     スレーブ pyvenv-3: (null)
     スレーブ python3-man: /usr/share/man/man1/python3.9.1.gz
    現在の「最適」バージョンは /usr/bin/python3.6 です。
    sh-4.4# update-alternatives --config python3

    2 プログラムがあり 'python3' を提供します。

      選択       コマンド
    -----------------------------------------------
    *+ 1           /usr/bin/python3.6
       2           /usr/bin/python3.9

    Enter を押して現在の選択 [+] を保持するか、選択番号を入力します:2

    #-------------------------------------------------
    #  Django 
    #-------------------------------------------------
    # dnf install gcc rpm-build python39-devel  make zbar
    #  pip3.9 install mod-wsgi
    # find  / -print|grep mod_wsgi-py39.cpython
    /usr/local/lib64/python3.9/site-packages/mod_wsgi/server/mod_wsgi-py39.cpython-39-x86_64-linux-gnu.so
    # vi /etc/httpd/conf.modules.d/20-wsgi.conf
    LoadModule wsgi_module /usr/local/lib64/python3.9/site-packages/mod_wsgi/server/mod_wsgi-py39.cpython-39-x86_64-linux-gnu.so

    # vi /etc/httpd/conf.d/wsgi.conf  << __EOF__
    #
    # Timeout: The number of seconds before receives and sends time out.
    #Timeout 1000
    WSGIApplicationGroup %{GLOBAL}
    WSGISocketPrefix /var/run/wsgi

    WSGIDaemonProcess office user=apache group=apache processes=1 threads=100 maximum-requests=10000 \
    home=/var/www/wsgi/office \
    python-home=/var/www/wsgi/office/.venv \
    python-path=/var/www/wsgi/office:/var/www/wsgi/office/.venv/lib/python3.9/site-packages \
    lang=ja_JP.utf8

    WSGIScriptAlias /office /var/www/wsgi/office/Config/wsgi.py process-group=office

    Alias /assets/ /aws/efs/assets/
    Alias /media/ /aws/efs/media/

    <Directory /aws/efs/assets>
    Require all granted
    </Directory>

    <Directory /aws/efs/media>
    Require all granted
    </Directory>

    WSGIPassAuthorization on

    <Location /office>
    WSGIProcessGroup office
    </Location>
    __EOF__

    #-------------------------------------------
    # ZABBIX
    #-------------------------------------------
    # rpm -Uvh https://repo.zabbix.com/zabbix/6.4/rhel/8/x86_64/zabbix-release-6.4-1.el8.noarch.rpm
    # dnf clean all
    # dnf module switch-to php:7.4
    # dnf install zabbix-server-pgsql zabbix-web-pgsql zabbix-apache-conf zabbix-sql-scripts zabbix-selinux-policy zabbix-agent
    # sudo -u postgres createuser --pwprompt zabbix
    # sudo -u postgres createdb -O zabbix zabbix
    # zcat /usr/share/zabbix-sql-scripts/postgresql/server.sql.gz | sudo -u zabbix psql zabbix
    DBPassword=password
    # su - postgres
    # psql 
    > alter role zabbix with password 'password';
    # systemctl restart zabbix-server zabbix-agent httpd php-fpm
    # systemctl enable zabbix-server zabbix-agent httpd php-fpm

    #-------------------------------------------------
    #  clam
    #-------------------------------------------------
    # dnf --enablerepo=epel install clamav clamav-scanner-systemd clamav-update
    # ln -s /etc/clamd.d/scan.conf /etc/clamd.conf
    # vi /etc/clamd.conf
    #Example
    LogFile /var/log/clamd.scan
    LogFileMaxSize 2M
    LogTime yes
    LogRotate yes
    LocalSocket /var/run/clamd.scan/clamd.sock
    FixStaleSocket yes
    ExcludePath ^/proc/
    ExcludePath ^/sys/
    ExcludePath ^/dev/pts/ptmx
    ExcludePath ^/etc/gshadow
    ExcludePath ^/etc/gshadow-
    ExcludePath ^/etc/shadow
    ExcludePath ^/etc/shadow-
    ExcludePath ^/etc/audit
    ExcludePath ^/etc/selinux
    ExcludePath ^/etc/security
    ExcludePath ^/run/systemd/inaccessible
    ExcludePath ^/run/user
    ExcludePath ^/var/log/audit
    ExcludePath ^/var/lib/selinux/targeted

    # vi /etc/freshclam.conf
    #Example
    DatabaseDirectory /var/lib/clamav
    UpdateLogFile /var/log/freshclam.log/
    LogFileMaxSize 2M
    LogTime yes
    LogRotate yes
    DatabaseOwner root

    # vi /usr/lib/systemd/system/clamd@.service <<__EOF__
    [Unit]
    Description = clamd scanner (%i) daemon
    Documentation=man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/
    After = syslog.target nss-lookup.target network.target

    [Service]
    Type = forking
    ExecStart = /usr/sbin/clamd -c /etc/clamd.d/%i.conf
    # Reload the database
    ExecReload=/bin/kill -USR2 $MAINPID
    Restart = on-failure
    TimeoutStartSec=420

    MemoryLimit=256M
    CPUQuota=20%
    Nice = 19

    [Install]
    WantedBy = multi-user.target
    __EOF__

    SElinux
    # setsebool -P antivirus_can_scan_system 1
    # setsebool -P antivirus_use_jit 1

    # freshclam

    # systemctl enable clamd@scan
    # systemctl start clamd@scan

    # vi /etc/cron.daily/clamscan.sh  <<__EOF__
    #!/bin/bash
    PATH=/usr/bin:/bin
    dnf - -y update clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd > /dev/null 2>&1
    freshclam > /dev/null
    CLAMSCANTMP=`mktemp`
    clamdscan /boot  /dev  /etc  /home  /media  /mnt  /opt  /proc  /root  /run  /srv  /sys  /tmp  /usr  /var --remove > $CLAMSCANTMP 2>&1
    [ ! -z "$(grep FOUND$ $CLAMSCANTMP)" ] && \
    grep FOUND$ $CLAMSCANTMP | mail -s "Virus Found in `hostname`" root
    [ -z "$(grep FOUND$ $CLAMSCANTMP)" ] && \
    echo "clamdscan normal end" | mail -s "Virus Not Found in `hostname`" root
    rm -f $CLAMSCANTMP
    __EOF__

    # chown root:root /etc/cron.daily/clamscan.sh
    # chmod 755 /etc/cron.daily/clamscan.sh

    →  systemctl start clamd@scanでタイムアウト発生。 保留

    #------------------------------------------
    # その他課題
    #------------------------------------------
     1) 7月 06 13:40:53 shqap0392 sshd[683709]: error: kex_exchange_identification: read: Connection reset by peer 多発
    2)clamd 起動でタイムアウト

    2023年5月9日火曜日

    Postgres への移行

    tinyint →  int
    longint → bigint
    decimal → numeric( p, s )
    engine → カット
    comment → カット
    char(32) → uuid
    decimal(13.0) →
    longtext → text
    datetime  →   timestamp



    【自動時刻更新】
    create table  xxxxx {
    date_update timestamp not null default current_timestamp,
    xxxx
     }
    create or replace function trigger_set_timestamp() returns trigger as $$
     begin
         new.updated_at = noW();
         return new; end;
     $$    language plpgsql;                      

    【insert or update】
    INSERT INTO {tabale} ( {colmuns} ) VALUES ({values}) 
    ON DUPLICATE KEY UPDATE {updates}
    INSERT INTO {table} VALUES ({values})
    ON CONFLICT ON CONSTRAINT {table}_primary
    DO UPDATE SET {updates};

    【大文字テーブル名】
     大文字の入ったテーブル名は、“”で囲む必要がある。(囲まない小文字としてみなすよう)

    【distinct 】
    ()が必要。

    【カレンダ出力】

            #DEBUG
            if DB_SYSTEM == 'postgres':
                WITH_RECURSIVE_DATE_TABALE = f"""
                  with recursive date_table (date_value) AS (
                  select
                     (select date_trunc( 'month', current_date + interval '-{str(before)} month' + '1 Day'))
                      union all select  date_value + interval '1 Day'
                      from date_table
                     where date_value < (select date_trunc('month', current_date) + '{str(before + 1)} month' +'-1 Day')
                  )"""
                TO_CHAR_DATE_VALUE = """to_char(date_value, 'YYYYmmdd')"""


            else:
              WITH_RECURSIVE_DATE_TABALE = f"""
                with recursive date_table(date_value) as (
                  select
                    (select date_format(adddate(curdate(), interval -{str(before)} month), '%Y-%m-01'))
                  union all
                  select
                    date_add(date_value, interval 1 day)
                  from  date_table
                  where
                    date_value < (select last_day(adddate(curdate(), interval -{str(before)} month)))
                )"""
              TO_CHAR_DATE_VALUE = """date_format(date_value, '%Y%m%d')"""

    【date_format】

     TO_CHAR_DATE_VALUE = """to_char(date_value, 'YYYYmmdd')"""
      TO_CHAR_DATE_VALUE = """date_format(date_value, '%Y%m%d')"""

    【ifnull】
    ifnull(gross_amt,0)  
    COALESCE(gross_amt,0) 


    【uuid】 
                               program    sql                      DBフィールド型
    mysql               UUID           UUID.hex        char(32)
    postgres          UUID           str( UUID)       uuid

    uuidをhexに変換してSQLに埋め込む。
    uuid1をstrに新刊してSQLに埋め込む。























    2023年4月24日月曜日

    Rocky Linux9 に postgres インストール

    $ cat /etc/redhat-release
    Rocky Linux release 9.1 (Blue Onyx)
    【ロケーション設定】
    timedatectl set-timezone Asia/Tokyo
    localectl set-locale LANG=ja_JP.utf8

    timedatectl
    localectl

    【ネットワーク設定】
    nmcli d
    nmcli c

    #nmcli c delete vlan100

    nmcli general hostname postgres

    nmcli c delete internet
    nmcli c add type ethernet ifname enp1s0 con-name "internet" ethernet.mtu 1500
    nmcli c mod internet ipv4.method auto
    nmcli c mod internet connection.autoconnect yes
    nmcli c up internet

    VLAN=vlan_monitor
    VLAN_IP=192.168.254.211/24
    nmcli c delete $VLAN
    nmcli c add type ethernet ifname enp7s0 con-name "$VLAN"
    nmcli c mod $VLAN ipv4.addresses $VLAN_IP
    nmcli c mod $VLAN ipv4.method manual
    nmcli c mod $VLAN connection.autoconnect yes
    nmcli c mod $VLAN ipv4.dns 8.8.8.8
    nmcli c mod $VLAN ipv4.gateway 192.168.254.254
    nmcli c up $VLAN

    VLAN=vlan_database
    VLAN_IP=192.168.200.111/24
    nmcli c delete $VLAN
    nmcli c add type ethernet ifname enp8s0 con-name "$VLAN"
    nmcli c mod $VLAN ipv4.addresses $VLAN_IP
    nmcli c mod $VLAN ipv4.method manual
    nmcli c mod $VLAN connection.autoconnect yes
    nmcli c mod $VLAN +ipv4.routes "192.168.210.0/24 192.168.200.2"
    nmcli c mod $VLAN +ipv4.routes "192.168.12.0/24  192.168.200.2"
    nmcli c mod $VLAN +ipv4.routes "192.168.22.0/24  192.168.200.2"
    nmcli c mod $VLAN +ipv4.routes "192.168.32.0/24  192.168.200.2"
    nmcli c up $VLAN

    # systemctl restart NetworkManager

    【postgres15】
    # dnf update --refresh
    # dnf install https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm
    # dnf  -y install postgresql15-server
    # /usr/pgsql-15/bin/postgresql-15-setup initdb
    # systemctl start postgresql-15
    # systemctl enable postgresql-15
    # systemctl status postgresql-15
    # passwd postgres
    # su - postgres
    $ psql -V
    psql (PostgreSQL) 15.5
    $ psql
    alter user postgres with password 'password';
    exit
    $  vi /var/lib/pgsql/15/data/pg_hba.conf 
    #local   all             all                                     peer
    #host    all             all             127.0.0.1/32            scram-sha-256
    local     all             all                                     trust
    host      all             all             10.0.0.0/16             password
    $ vi /var/lib/pgsql/15/data/postgresql.conf 
    listen_addresses = '*'          
    port = 5432 
    max_connections = 100 
    log_timezone = 'Asia/Tokyo'
    timezone = 'Asia/Tokyo'
    lc_messages = 'ja_JP.utf8'                    # locale for system error message
    lc_monetary = 'ja_JP.utf8'                    # locale for monetary formatting
    lc_numeric = 'ja_JP.utf8'                       # locale for number formatting
    lc_time = 'ja_JP.utf8'
    # systemctl restart postgresql-15
    # firewall-cmd --add-port=5432/tcp --zone=public --permanent
    # firewall-cmd --reload

    【データディレクトリの変更】
    $ psql
    show config_file ;
    show data_directory;
    # systemctl stop postgresql-15.service
    # mkdir -p /pg_data/data
    # chown postgres:postgres /pg_data
    # chown postgres:postgres /pg_data/data
    # chmod -R 700  /pg_data/data
    # rsync -av /var/lib/pgsql/15/data/  /pg_data/data

    # vi /var/lib/pgsql/15/data/postgresql.conf
    data_directory = '/pg_data/data'
    # vi /lib/systemd/system/postgresql-15.service
    #Environment=PGDATA=/var/lib/pgsql/15/data/
    Environment=PGDATA=/pg_data/data/
    # systemctl daemon-reload
    # systemctl start postgresql-15

    【Postgres14】
    # dnf update --refresh
    # dnf install http://apt.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm
    # dnf  -y install postgresql14-server postgresql14-docs 
    # dnf -y install postgresql14-libs postgresql14-plperl postgresql14-plpython3 postgresql14-pltcl postgresql14-tcl postgresql14-contrib postgresql14-llvmjit
    /usr/pgsql-14/bin/postgresql-14-setup initdb
    # vi /var/lib/pgsql/14/data/pg_hba.conf  << __EOF__
    #local   all             all                                        peer
    local     all             all                                          trust
    #host    all           all       127.0.0.1/32         scram-sha-256      
    host      all           all        192.168.0.0/16   password
    __EOF__

    # vi /var/lib/pgsql/14/data/postgresql.conf  <<__EOF__
    listen_addresses = '*'          
    port = 5432 
    max_connections = 100 
    log_timezone = 'Asia/Tokyo'
    timezone = 'Asia/Tokyo'
    lc_messages = 'ja_JP.utf8'                    # locale for system error message
    lc_monetary = 'ja_JP.utf8'                    # locale for monetary formatting
    lc_numeric = 'ja_JP.utf8'                       # locale for number formatting
    lc_time = 'ja_JP.utf8'
    __EOF__

    ※ 青字確認。AWS EC2では、en_USxxxxになっていた。

    # firewall-cmd --add-port=5432/tcp --zone=public --permanent
    # firewall-cmd --reload
    # systemctl enable postgresql-14
    # systemctl start postgresql-14 
    # psql --version
    psql (PostgreSQL) 14.7

    # ls -lZ /var/lib/pgsql
    合計 0
    drwx------. 4 postgres postgres system_u:object_r:postgresql_db_t:s0 51  4月 24 11:50 14

    # passwd postgres
    # su - postgres
    $ psql -U postgres
    alter user postgres with password  'newpassword';
    create user admin with password 'xxxxxxxx' superuser;
    select * from pg_user;
    select * from pg_shadow;
    \g
    ALTER USER admin WITH PASSWORD 'xxxxxxxx'

    create database ARCSDBMS owner admin;

    【psql パスワード自動入力】
    $ vi ~/.pgpass <<__EOF__
    192.168.254.211:5432:workbase:admin:PASSWORD
    __EOF__
    又は、
    $ export PGPASSWORD=password  (非推奨)

    【postgres 文字コード】
    (1) vi /var/lib/pgsql/14/data/postgresql.conf
           timezone = 'Asia/Tokyo'
           log_timezone = 'Asia/Tokyo'
           lc_messages = 'ja_JP.utf8'                      # locale for system error message
           lc_monetary = 'ja_JP.utf8'                      # locale for monetary formatting
           lc_numeric    = 'ja_JP.utf8'                      # locale for number formatting
           lc_time           = 'ja_JP.utf8'                      # locale for time formatting

    (2) pg_settingsを更新。
        select name,setting,context from pg_settings where name like 'lc%';
        update pg_settings set setting ='ja_JP.UTF-8' where name = 'lc_messages'; set_config

    (3) role を変更
     alter role office_role set lc_monetary = 'ja_JP.UTF-8';
     alter role office_role set lc_numeric = 'ja_JP.UTF-8';
     alter role office_role set lc_time = 'ja_JP.UTF-8';

    (4) データベース作成時に設定 
         create database japan with encoding  'utf8'  lc_collate='ja_JP.utf8' lc_ctype='ja_JP.utf8' template=template0;

    (5) テーブルのカラムにロケールを個別に指定。
    ALTER TABLE items ALTER COLUMN title TYPE VARCHAR COLLATE "ja_JP.utf8";

    (6) templateデータベースを更新。
    1) template1データベースをテンプレートから外す
       UPDATE pg_database SET datistemplate = FALSE WHERE datname = 'template1';
    2) template1データベースを削除
       DROP DATABASE template1;
    3) template1データベースを作成
        CREATE DATABASE template1 WITH TEMPLATE = template0 ENCODING = 文字コード 
        LC_COLLATE = 'ja_JP.utf-8' LC_CTYPE = 'ja_JP.utf8'
    4) template1データベースをテンプレートへ戻す
       UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template1';




    2023年4月7日金曜日

    amazon Linux 2023 設定

    【タイムゾーンと日本語】

    $ sudo timedatectl set-timezone Asia/Tokyo

    $ sudo timedatectl

    $ sudo localectl set-locale LANG=ja_JP.utf8

    $ sudo localectl


    【プロキシ設定】

    $ sudo vi /etc/dnf/dnf.conf

    proxy=http://192.168.13.101:3128

    $ sudo vi /etc/profile.d/proxy.sh

    export http_proxy=http://192.168.13.101:3128

    export https_proxy=http://192.168.13.101:3128


    【epelリポジトリの登録】
    $ sudo amazon-linux-extras install epel ----> 廃止

    【fedra36 リポジトリの登録】
    epelの代わりに登録
    # vi /etc/yum.repos.d/fedora.repo
    [fedora]
    name=Fedora 36 – $basearch
    baseurl=https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/36/Everything/$basearch/os/
    metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-36&arch=$basearch
    enabled=1
    metadata_expire=7d
    repo_gpgcheck=0
    type=rpm
    gpgcheck=1
    gpgkey=https://getfedora.org/static/fedora.gpg
    skip_if_unavailable=False

    【未インストールパッケージ】
    $ sudo dnf install rsyslog
    $ sudo dnf install cronie

    # systemctl start rsyslog
    # systemctl start crond

    【s3 Storage マウント】

    $ sudo mkdir /aws

    $ sudo vi /etc/fstab

    192.168.210.101:/test-cxdnext-filegateway /aws nfs rw,hard,nolock 0 0

    $ sudo mount -a


    【httpd】
    $ sudo dnf install httpd
    $  httpd -V
    Server version: Apache/2.4.56 (Amazon Linux)
    $ sudo systemctl start httpd
    $ sudo systemctl enable httpd

    【zabbix agent2 】  → 保留(openssl1.1が必要な為
    $ sudo dnf install https://repo.zabbix.com/zabbix/6.4/rhel/8/x86_64/zabbix-agent2-6.4.1-release1.el8.x86_64.rpm
    Last metadata expiration check: 0:28:37 ago on Fri Apr 7 16:31:07 2023.
    zabbix-agent2-6.4.1-release1.el8.x86_64.rpm 3.8 MB/s | 5.5 MB 00:01
    Error:
    Problem: conflicting requests
    - nothing provides libcrypto.so.1.1()(64bit) needed by zabbix-agent2-6.4.1-release1.el8.x86_64
    - nothing provides libcrypto.so.1.1(OPENSSL_1_1_0)(64bit) needed by zabbix-agent2-6.4.1-release1.el8.x86_64
    - nothing provides libssl.so.1.1()(64bit) needed by zabbix-agent2-6.4.1-release1.el8.x86_64
    - nothing provides libssl.so.1.1(OPENSSL_1_1_0)(64bit) needed by zabbix-agent2-6.4.1-release1.el8.x86_64
    - nothing provides libssl.so.1.1(OPENSSL_1_1_1)(64bit) needed by zabbix-agent2-6.4.1-release1.el8.x86_64
    (try to add '--skip-broken' to skip uninstallable packages)

    →openssl3がインストールされている。
    # dnf list installed |grep openssl
    openssl.x86_64                        1:3.0.8-1.amzn2023.0.1             @System
    openssl-libs.x86_64               1:3.0.8-1.amzn2023.0.1             @System
    openssl-pkcs11.x86_64        0.4.12-3.amzn2023.0.1              @System

    【PYTHON】
    $ python3
    Python 3.9.16 (main, Feb 23 2023, 00:00:00) 
    [GCC 11.3.1 20221121 (Red Hat 11.3.1-4)] on linux
    Type "help", "copyright", "credits" or "license" for more information.
    >>> 

    【JAVA】
    $ sudo dnf install java-17-amazon-corretto java-17-amazon-corretto-devel
    $ sudo update-alternatives --config java
    # cat > /etc/profile.d/java.sh <<__EOF__
    export JAVA_HOME=$(dirname $(dirname $(readlink $(readlink $(which java)))))
    export PATH=$PATH:$JAVA_HOME/bin
    __EOF__
    $ source /etc/profile
    $ java --version
    openjdk 17.0.6 2023-01-17 LTS
    OpenJDK Runtime Environment Corretto-17.0.6.10.1 (build 17.0.6+10-LTS)
    OpenJDK 64-Bit Server VM Corretto-17.0.6.10.1 (build 17.0.6+10-LTS, mixed mode, sharing)


    【TOMCAT】
    # cd /opt
    # wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.1.7/bin/apache-tomcat-10.1.7.tar.gz
    #  tar xvzf apache-tomcat-10.1.7.tar.gz
    # vi /usr/lib/systemd/system/tomcat10.service<<__EOF__
    [Unit]
    Description=Apache Tomcat 10
    After=network.target
    [Service]
    Type=oneshot
    ExecStart=/opt/tomcat/bin/startup.sh
    ExecStop=/opt/tomcat/bin/shutdown.sh
    RemainAfterExit=yes
    User=tomcat
    Group=tomcat
    [Install]
    WantedBy=multi-user.target
    __EOF__

    # cd /opt
    # ln -s /opt/apache-tomcat-10.1.7 tomcat
    # useradd -M -d /opt/tomcat tomcat
    # chown -R tomcat:tomcat  /opt/tomcat /opt/tomcat/*

    # firewall-cmd --add-port=8080/tcp --permanent
    # firewall-cmd --reload

    # mkdir ~/Selinux
    # cd ~/Selinux
    # vi catalinash.te <<__EOF__
    module catalinash 1.0;

    require {
            type init_t;
            type admin_home_t;
            class file { append execute execute_no_trans ioctl open read };
    }

    #============= init_t ==============
    allow init_t admin_home_t:file { append execute execute_no_trans ioctl open read };
    __EOF__

    # checkmodule -m -M -o catalinash.mod catalinash.te
    # semodule_package --outfile catalinash.pp --module catalinash.mod
    # semodule -i catalinash.pp

    # systemctl restart tomcat10
    # systemctl enable tomcat10
    URL localhost:8080で確認

    # /opt/tomcat/bin/version.sh
    Using CATALINA_BASE:   /opt/tomcat
    Using CATALINA_HOME:   /opt/tomcat
    Using CATALINA_TMPDIR: /opt/tomcat/temp
    Using JRE_HOME:        /usr
    Using CLASSPATH:       /opt/tomcat/bin/bootstrap.jar:/opt/tomcat/bin/tomcat-juli.jar
    Using CATALINA_OPTS:   
    Server version: Apache Tomcat/10.1.7
    Server built:   Feb 27 2023 20:25:27 UTC
    Server number:  10.1.7.0
    OS Name:        Linux
    OS Version:     6.1.21-1.45.amzn2023.x86_64
    Architecture:   amd64
    JVM Version:    17.0.6+10-LTS
    JVM Vendor:     Amazon.com Inc.

    ■apache連携( apache 2.4.56  /  tomcat 10.1.7 )
    # cd /etc/httpd/conf.modules.d
    # grep -e mod_proxy_ajp -e  mod_proxy.so *
    00-proxy.conf:LoadModule proxy_module modules/mod_proxy.so
    00-proxy.conf:LoadModule proxy_ajp_module modules/mod_proxy_ajp.so

    # vi /etc/httpd/conf.d/tomcat .conf  <<__EOF__
    <Location /test2023/guacamole >
    ProxyPass                  ajp://localhost:8009/guacamole
    ProxyPassReverse  ajp://localhost:8009/guacamole
    </Location>
    <Location  /test2023/tomcat >
    ProxyPass                   ajp://localhost:8009
    ProxyPassReverse  ajp://localhost:8009
    </Location>
    <Location  /test2023/docs >
    ProxyPass                  ajp://localhost:8009/docs
    ProxyPassReverse  ajp://localhost:8009/docs
    </Location>
    <Location  /test2023/examples >
    ProxyPass                   ajp://localhost:8009/examples
    ProxyPassReverse  ajp://localhost:8009/examples
    </Location>
    <Location /test2023 /host-manager >
    ProxyPass                  ajp://localhost:8009/host-manager
    ProxyPassReverse  ajp://localhost:8009/host-manager
    </Location>
    <Location  /test2023/manager >
    ProxyPass                   ajp://localhost:8009/manager
    ProxyPassReverse  ajp://localhost:8009/manager
    </Location>
    __EOF__


    $ sudo vi /opt/tomcat/conf/server.xml << __EOF__
    <!-- del by takahab
        <Connector port="8080" protocol="HTTP/1.1"
                   connectionTimeout="20000"
                   redirectPort="8443" />
        -->
      <!-- add by takahab from -->
       <Connector port="8009" protocol="AJP/1.3"
            address="127.0.0.1"
            proxyName="portal.cxdnext.co.jp"
            proxyPort="443"
            scheme="https"
            secure="true"
            redirectPort="8443"
            rejectIllegalHeader="true"
            secretRequired="false" />
        <!-- to add by takahab -->
    __EOF__


    【Django環境設定】
    (1) Django 仮想環境作成
    # mkdir /var/www/wsgi
    # cd /var/www/wsgi
    # vi get << __EOF__
    switch のディレクトリ変更
    # ./get deploy
          (./env create)

    #  vi  /etc/httpd/conf.d/wsgi.conf <<__EOF__
    #
    # Timeout: The number of seconds before receives and sends time out.
    #
    Timeout 600
    WSGIApplicationGroup %{GLOBAL}
    WSGISocketPrefix /var/run/wsgi

    WSGIDaemonProcess test2023 user=apache group=apache processes=1 threads=100 maximum-requests=10000 \
       home=/var/www/wsgi/test2023 \
       python-home=/var/www/wsgi/test2023/.venv \
       python-path=/var/www/wsgi/test2023:/var/www/wsgi/test2023/.venv/lib/python3.9/site-packages \
       lang=ja_JP.utf8

    WSGIScriptAlias /test2023 /var/www/wsgi/test2023/Config/wsgi.py process-group=test2023

    Alias /assets/ /aws/efs/assets/
    Alias /media/  /aws/efs/media/

    <Directory /aws/efs/assets>
       Require all granted
    </Directory>

    <Directory /aws/efs/media>
       Require all granted
    </Directory>

    WSGIPassAuthorization on

    <Location /test2023>
      WSGIProcessGroup test2023
    </Location>


    __EOF__

    # vi /etc/httpd/conf.modules.d/20-wsgi.conf << __EOF__
    LoadModule wsgi_module /var/www/wsgi/test2023/.venv/lib64/python3.9/site-packages/mod_wsgi/server/mod_wsgi-py39.cpython-39-x86_64-linux-gnu.so
    __EOF__


    #------------------------------------------参考-------------------------------------------------
    Collecting mod-wsgi
      Using cached mod_wsgi-4.9.4.tar.gz (497 kB)
      Preparing metadata (setup.py) ... error
      error: subprocess-exited-with-error
      
      × python setup.py egg_info did not run successfully.
      │ exit code: 1
      ╰─> [6 lines of output]
          Traceback (most recent call last):
            File "<string>", line 2, in <module>
            File "<pip-setuptools-caller>", line 34, in <module>
            File "/tmp/pip-install-t1qa20dz/mod-wsgi_1a6f23a5f3fb4d4eba390f4e7d024c38/setup.py", line 88, in <module>
              raise RuntimeError('The %r command appears not to be installed or '
          RuntimeError: The 'apxs' command appears not to be installed or is not executable. Please check the list of prerequisites in the documentation for this package and install any missing Apache httpd server packages.
          [end of output]
      
      note: This error originates from a subprocess, and is likely not a problem with pip.
    error: metadata-generation-failed

    × Encountered error while generating package metadata.
    ╰─> See above for output.
     →
    # dnf install  python3-devel  rpm-build-libs  httpd-devel

    Collecting mysqlclient
      Using cached mysqlclient-2.1.1.tar.gz (88 kB)
          /bin/sh: 行 1: mysql_config: コマンドが見つかりません
          /bin/sh: 行 1: mariadb_config: コマンドが見つかりません
          /bin/sh: 行 1: mysql_config: コマンドが見つかりません

    # dnf install mariadb-connector-c-devel

    【Django】
    pip3 install -r requirements.txt でエラー
    → requirements.txt 内のバージョン番号を全て削除して最新版をインストールする。


    ImportError: cannot import name 'ugettext_lazy' from 'django.utils.translation'
    →from django.utils.translation import ugettext_lazy as _
        ugettext_lazy  --> getttext_lazy

    ImportError: Unable to find zbar shared library
    dnf install zbar zbar-libs
    epelからインストールできない。 --> 保留

    DEPRECATION: starkbank-ecdsa is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559
    同様に、mod-wsgi-httpd/ mod-wsgi/jaconv/mysqlclient
    →requirement.txtの内容をインストールする前にwhellをインストールしておく。
    pip3 install wheel 


    ImportError: Module "debug_toolbar.panels.profiling" does not define a "ProfilingPanel" attribute/class





    【課題】
    (1) rsyslogが入っていない。
    (2) cronieがはいっていない。
    (3) guacamoleでsshログインできない。
                exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'   認証?
    (4)      zabbix clientがインストールできない。(openssl のバージョン)
    (5)    epelリポジトリが使えない。
    (7)    AWS ロードバランサは、pathでバランスされる為、URL ROOTがサーバのROOTと異る。


      



    zabbix7 amazon linux2023 インストール postgres15

    【postgres】 dnf -y install postgresql15-server postgresql15-server-devel postgresql-setup initdb passwd postgres vi `find / -name pg_hba.con...