sshd root ログイン許可

# vi /etc/ssh/sshd_config
PermitRootLogin yes

PasswordAuthentication yes

Rocky Linux Web コンソール （ cockpit )

# dnf install cockpit

# systemctl  enable --now cockpit.socket

# firewall-cmd --list-all

# firewall-cmd --add-service=cockpit

# firewall-cmd --runtime-to-permanent

Rocky linux8 にpython3.9をインストール

# dnf module  install python39

# python3 -V

# alternatives --config python3

# python3 -V

# alternatives --config python

# python  -V

dnf module  -y  install python39

python3 -V

alternatives --config python3

alternatives --config python

#python3 -V

#python  -V

 ERROR) RuntimeError: The 'apxs' command appears not to be installed or is not executable.

→dnf install httpd-devel

ERROR)  RuntimeError: Failed to build APR.

→dnf install gcc make

ERROR) /bin/sh: mariadb_config: コマンドが見つかりません

→ dnf install MariaDB-devel

※ curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | bash

ERROR)  pg_config executable not found.

→ dnf install libpq-devel

ERROR)  Python.h: そのようなファイルやディレクトリはありません

→ dnf install python39-devel

ERROR)  /usr/lib/rpm/redhat/redhat-hardened-cc1: そのようなファイルやディレクトリはありません

→ dnf install redhat-rpm-config

ERROR) Unable to find zbar shared library

→ dnf install zbar

ERROR)  ImportError: Module "debug_toolbar.panels.profiling" does not define a "ProfilingPanel" attribute/class

→ ？？？？

ERROR）Trying pkg-config --exists mysqlclient                v 2.2.1

ERROR)  Building wheel for mysqlclient (pyproject.toml) did not run successfully.

ERROR)  /usr/bin/ld: -lz が見つかりません

ERROR)  Failed building wheel for mysqlclient

ERROR) Could not build wheels for mysqlclient, which is required to install pyproject.toml-based projects

→ mysqlclient バージョンダウン    -> 2.1.1

ERROR)  libclntsh.so: cannot open shared object file: No such file or directory

→オラクルクライアントインストール

# find / -print |grep libclntsh

/usr/lib/oracle/11.2/client64/lib/libclntsh.so.11.1

/usr/lib/oracle/11.2/client64/lib/libclntsh.so

# vi /etc/ld.so.conf.d/oracle.conf <<__EOF__
/usr/lib/oracle/11.2/client64/lib/

__EOF__

# ldconfig

# find / -print |grep libclntsh

# ldconfig -p |grep libclntsh

ERROR)  libnsl.so.1: cannot open shared object file: No such file or directory

→ dnf install libnsl

ERROR) django.core.exceptions.ImproperlyConfigured: Error loading psycopg2 or psycopg module

→ dnf install python39-psycopg2

ERROR)  DPI-1047: Cannot locate a 64-bit Oracle Client library: "libclntsh.so: cannot open shared object file: No such file or directory".

→cd /aws/s3/oracle

    dnf localinstall oracle-instantclient19.18-basic-19.18.0.0.0-2.x86_64.rpm --allowerasing

ERROR） ImportError: Unable to find zbar shared library

→ dnf install zbar

ERROR)  NameError: name '_mysql' is not defined

→ dnf remove mysql* Mariadb* MariaDB*

     curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash

     dnf install MariaDB-client MariaDB-devel

ERROR)  configure: error: in `/tmp/pip-install-0ldu01pz/mod-wsgi-httpd_02c8a3430d8d48a8b8a6853133b71af8/build/apr-1.7.0':

→ dnf install gcc make

ERROR) failed to map segment from shared object

ls -lZ /var/www/wsgi/utilities/.venv/lib64/python3.9/site-packages/mod_wsgi/server/mod_wsgi-py39.cpython-39-x86_64-linux-gnu.so

-rwxr-xr-x. 1 apache apache unconfined_u:object_r:httpd_sys_content_t:s0 1321400 12月 26 09:54 /var/www/wsgi/utilities/.venv/lib64/python3.9/site-packages/mod_wsgi/server/mod_wsgi-py39.cpython-39-x86_64-linux-gnu.so

→chcon -R -h -t httpd_sys_script_exec_t  /var/www/wsgi/utilities/.venv/lib64/python3.9/site-packages/mod_wsgi/server/mod_wsgi-py39.cpython-39-x86_64-linux-gnu.so

※ 当分は、setenforce 0

ERROR) firewall 

→firewall-cmd --add-service=http --zone=public --permanent

    firewall-cmd --reload

ERROR) ImportError: /var/www/wsgi/utilities/django/cx_Oracle.cpython-39-x86_64-linux-gnu.so: failed to map segment from shared object

ERROR) curl: (7) Failed to connect to 192.168.100.254 port 3128: 接続を拒否されました

→vi /etc/profile.d/sh.local

export  HTTP_PROXY=http://192.168.254.253:3128

export HTTPS_PROXY=http://192.168.254.253:3128

ERROR) Errors during downloading metadata for repository 'mariadb-main':

  - Status code: 404 for https://dlm.mariadb.com/repo/mariadb-server/10.7....

→ curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash

ERROR) ifconfig netstat command not found

→dnf install net-tools

The GPG keys listed for the "google-chrome" repository are already installed but they are not correct for this package.

 warning: /var/cache/yum/x86_64/7/google-chrome/packages/google-chrome-stable-120.0.6099.71-1.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID a3b88b8b: NOKEY

https://dl.google.com/linux/linux_signing_key.pub から鍵を取得中です。

The GPG keys listed for the "google-chrome" repository are already installed but they are not correct for this package.

Check that the correct key URLs are configured for this repository.

 Failing package is: google-chrome-stable-120.0.6099.71-1.x86_64

 GPG Keys are configured as: https://dl.google.com/linux/linux_signing_key.pub

→yum install google-chrome-stable.x86_64 --nogpgcheck

oracle statspack

$ sqlplus / as sysdba
-- インストール
SQL> @?/rdbms/admin/spcreate.sql

perfstat_passwordに値を入力してください: password

default_tablespaceに値を入力してください: USERS

temporary_tablespaceに値を入力してください: TEMP

--確認

SQL> SELECT user_id, username FROM dba_users WHERE username = 'PERFSTAT'

$ sqlplus perfuser/password as sysdba

SQL> execute statspack.modify_statspack_parameter(i_snap_level=> 7)

SQL> select snap_id,to_char(snap_time,'yy-mm-dd hh24:mi:ss') snap_time, snap_level from stats$snapshot order by snap_id;

--現在のスナップショットを取得

SQL> execute statspack.snap

SQL> execute statspack.snap(i_snap_level=> 7)

--一時間毎に取得

SQL> @?/rdbms/admin/spauto

SQL> select JOB,NEXT_DATE,INTERVAL,WHAT from dba_jobs;    -- JOB 確認

SQL> execute dbms_job.interval([ジョブID], 'sysdate+(1/48)');   -- インターバル変更

SQL> execute dbms_job.remove([ジョブID]);                                    -- JOΒ削除

--レポート出力

SQL＞ @?/rdbms/admin/spreport

SQL＞ @?/rdbms/admin/sprepsql       --SQL単位レポート （Snapshot Level 6 以上）

https://qiita.com/mkyz08/items/729545aab4751f3002d0

ディスクのUUIDを確認 （disk uuid 確認）

$ ls -l /dev/disk/by-uuid 

postgre sql 変数定義

with vars as (
  select '休日' as hol
)
select
  holiday,
  case
    when holiday_name = vars.hol then '振替休日'
  else holiday_name 
  end,
  day_of_week
from vars, sales.mast_祝日マスタ;

WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!

$ ssh-keygen -R rocky92

CPU温度

# smartctl -a /dev/nvme0n1p1
# hddtemp /dev/nvme0n1p1

# sensors

$ watch sensors 

oracle 保守

 【データベース論理チェック】

# su - oracle
$ rman target /
Recovery Manager: Release 19.0.0.0.0 - Production on 火 11月 7 10:40:48 2023
Version 19.3.0.0.0
Copyright (c) 1982, 2019, Oracle and/or its affiliates. All rights reserved.
ターゲット・データベース: ORCL (DBID=1629878299)に接続されました
RMAN> validate database check logical;

【TFA】

# /opt/app/11.2.0/grid/bin/tfactl print status
TFA-00002 : Oracle Trace File Analyzer (TFA) is not running
# /opt/app/11.2.0/grid/bin/tfactl start
Starting TFA..
start: Job is already running: oracle-tfa
Waiting up to 100 seconds for TFA to be started..
. . . . .
Successfully started TFA Process..
. . . . .
TFA Started and listening for commands


# /opt/app/11.2.0/grid/bin/tfactl print status
.---------------------------------------------------------------------------------------------.
| Host | Status of TFA | PID | Port | Version | Build ID | Inventory Status |
+-------+---------------+-------+------+------------+----------------------+------------------+
| dbsv2 | RUNNING | 21292 | 5000 | 12.1.2.0.0 | 12120020140619094932 | COMPLETE |
| dbsv1 | RUNNING | 830 | 5000 | 12.1.2.0.0 | 12120020140619094932 | COMPLETE |
'-------+---------------+-------+------+------------+----------------------+------------------'

# /opt/app/11.2.0/grid/bin/tfactl diagcollect -from "Nov/02/2023 15:00:00" -to "Nov/02/2023 19:00:00"

# /opt/app/11.2.0/grid/bin/tfactl print actions

# mv /opt/app/grid/tfa/repository/collection_Mon_Nov_20_17_22_24_JST_2023_node_all/dbsv2.tfa_Mon_Nov_20_17_22_24_JST_2023.zip   .

# mv /opt/app/grid/tfa/repository/collection_Mon_Nov_20_17_22_24_JST_2023_node_all/dbsv1.tfa_Mon_Nov_20_17_22_24_JST_2023.zip   .

# /opt/app/11.2.0/grid/bin/tfactl print directories                       # 対象ログ表示

# /opt/app/11.2.0/grid/bin/tfactl directory add /work/oracle/rdbms/diag/rdbms/arcsdbms/arcsdbms1/alert

# /opt/app/11.2.0/grid/bin/tfactl directory add /work/oracle/rdbms/diag/rdbms/arcsdbms/arcsdbms1/trace

# /opt/app/11.2.0/grid/bin/tfactl directory add  /work/oracle/rdbms/diag/rdbms/arcsdbms/arcsdbms1/incident

# /opt/app/11.2.0/grid/bin/tfactl directory add /work/oracle/rdbms/diag/rdbms/arcsdbms/arcsdbms2/alert

# /opt/app/11.2.0/grid/bin/tfactl directory add /work/oracle/rdbms/diag/rdbms/arcsdbms/arcsdbms2/trace

# /opt/app/11.2.0/grid/bin/tfactl directory add  /work/oracle/rdbms/diag/rdbms/arcsdbms/arcsdbms2/incident

# /opt/app/11.2.0/grid/bin/tfactl directory add  /work/oracle/tnslsnr/diag/tnslsnr/dbsv1/listener/alert/

# /opt/app/11.2.0/grid/bin/tfactl directory add  /work/oracle/tnslsnr/diag/tnslsnr/dbsv1/listener/trace/

# /opt/app/11.2.0/grid/bin/tfactl directory add  /opt/app/oracle/diag/tnslsnr/dbsv2/listener/alert/

# /opt/app/11.2.0/grid/bin/tfactl directory add  /opt/app/oracle/diag/tnslsnr/dbsv2/listener/trace/

Rocky linux9.2 インストール powertools epel amdgpu postgres

【Rocky linux 9.3 AMI 作成  新疑似環境用 】

最小構成でインストール後の設定。

timedatectl set-timezone Asia/Tokyo

localectl set-locale LANG=ja_JP.utf8

# nmcli general hostname rocky93

# vi /etc/yum.conf <<__EOF__

proxy=http://10.0.19.2:3128

__EOF__

# dnf install net-tools

if [ "$HOST_NAME" = "AMI_ROCKY_20G" ];then

  VLAN=private_mng_1a

  VLAN_IP=10.0.19.100/24

  VLAN_GW=10.0.19.2

  nmcli c delete $VLAN

  nmcli c add type ethernet ifname $DEVICE con-name "$VLAN"

  nmcli c mod $VLAN ipv4.addresses $VLAN_IP

  nmcli c mod $VLAN ipv4.method manual

  nmcli c mod $VLAN connection.autoconnect yes

  nmcli c mod $VLAN ipv4.gateway $VLAN_GW

  nmcli c up $VLAN

fi

# dnf config-manager --set-enabled crb

# dnf install epel-release

※ epel　有効／無効

# dnf config-manager --enable epel

# dnf config-manager --disable epel      ＊ default 

# dnf install httpd

# dnf install https://repo.zabbix.com/zabbix/6.4/rhel/9/x86_64/zabbix-agent2-6.4.9-release1.el9.x86_64.rpm

# vi /etc/zabbix/zabbix_agent2.d/plugins.d/z99-local.conf

#  vi /etc/zabbix/zabbix_agent2.conf

LogFileSize=1

Server=10.0.19.101

ServerActive=10.0.19.101:10051

HostMetadata=Rockylinux

HostMetadataItem=system.uname

Include=/etc/zabbix/zabbix_agent2.d/*.conf

ControlSocket=/run/zabbix/agent.sock

AllowKey=system.run[*]

※ AllowKeyを設定した場合は、下記も設定

# visudo

# Allows zabbix to run all commands without password.

zabbix ALL=NOPASSWD: ALL

# dnf install policycoreutils-python-utils

# semanage boolean -l | grep zabbix

httpd_can_connect_zabbix       (オフ   ,   オフ)  Allow httpd to can connect zabbix

zabbix_can_network                     (オフ   ,   オフ)  Allow zabbix to can network

zabbix_run_sudo                             (オフ   ,   オフ)  Allow zabbix to run sudo

# setsebool -P httpd_can_connect_zabbix on

# setsebool -P zabbix_can_network on

# setsebool -P zabbix_run_sudo  on

# firewall-cmd --add-port=10050/tcp --zone=public --permanent

# firewall-cmd --reload

# systemctl restart zabbix-agent2

# systemctl enable zabbix-agent2

【Rocky linux9 CUIベースAMI】

# dnf install tar

./put deploy latest

【ERROR】 Could not find a version that satisfies the requirement setuptools>=40.8.0 (from versions: none)

→  vi /etc/profile.d/proxy.sh

PROXY="http://10.0.12.2:3128"

export http_proxy=$PROXY

export HTTP_PROXY=$PROXY

export https_proxy=$PROXY

export HTTPS_PROXY=$PROXY

【ERROR】 RuntimeError: The 'apxs' command appears not to be installed or....

→ dnf install httpd-devel

【ERROR】RuntimeError: Failed to build APR.

→dnf install gcc make

【ERROR】Exception: Can not find valid pkg-config name.  ( mysqlclient==2.2.1)

→ mysqlclient==2.1.0にバージョンダウンで回避。

【ERROR】OSError: mysql_config not found

→mariadb クライアントインストール

# dnf remove mysql*

# dnf remove Mariadb*

# curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash

# dnf  install MariaDB-client MariaDB-common MariaDB-devel MariaDB-shared

※ curl: (6) Could not resolve host: downloads.mariadb.com

# vi /etc/profile.d/proxy.sh

PROXY="http://10.0.12.2:3128"

export http_proxy=$PROXY

export HTTP_PROXY=$PROXY

export https_proxy=$PROXY

export HTTPS_PROXY=$PROXY

※ curl: (6) Could not resolve host: dlm.mariadb.com 

→ vi ~/.curlrc

proxy=http://10.0.12.2:3128

【ERROR】Error: pg_config executable not found.

→

# dnf -y install https://download.postgresql.org/pub/repos/yum/reporpms/EL-$(rpm -E %{centos})-x86_64/pgdg-redhat-repo-latest.noarch.rpm

# vi /etc/yum.repos.d/pgdg-redhat-all.repo

postgres15以外をenable=0

# dnf install postgresql15-devel

# PATH=/usr/pgsql-15/bin:$PATH;export PATH     ※ env 内に追加

【ERROR】 Python.h: そのようなファイルやディレクトリはありません

→ dnf install python3-devel    ※ rocky linux9 では、python39がpython3のデフォルト

【ERROR】ImportError: Unable to find zbar shared library

# dnf install epel-release

# vi /etc/yum.repos.d/epel.repo

enable=1     ※ 一時的に有効

# dnf install zbar

#------------------------------------------------------------------------------------

timedatectl set-timezone Asia/Tokyo

localectl set-locale LANG=ja_JP.utf8

nmcli general hostname rocky92

nmcli connection modify enp5s0 ipv4.method manual ipv4.addresses 192.168.1.198/24

nmcli connection modify enp5s0 ipv4.dns 8.8.8.8

nmcli connection modify enp5s0 ipv4.gateway 192.168.1.1

#nmcli connection modify enp5s0 ipv4.never-default yes

nmcli connection modify enp5s0 connection.autoconnect yes

systemctl restart NetworkManager

Repository	repoid	Rocky 8	Rocky 9
PowerTools	powertools	Yes	No
CRB	crb	No	Yes

※　PowerTools　→　crb

# dnf config-manager --set-enabled crb

# dnf install epel-release

※ epel　有効／無効

# dnf config-manager --enable epel

# dnf config-manager --disable epel

 

 # vi  /etc/yum.repos.d/google-chrome.repo <<__EOF__

[google-chrome]
name=google-chrome
baseurl=http://dl.google.com/linux/chrome/rpm/stable/x86_64
enabled=1
gpgcheck=1
gpgkey=https://dl.google.com/linux/linux_signing_key.pub

__EOF__

# dnf update

# dnf install google-chrome-stable 

 

 # dnf install gnome-tweaks

「Gnome　拡張機能　アプリ」で設定

https://gitlab.gnome.org/GNOME/gnome-shell/-/blob/HEAD/subprojects/extensions-app/README.md

 https://extensions.gnome.org/

Applications Menu
Backgroud Logo

Places Status Indicator

system-monitor

window List

Places Status Indicator Workspaces Bar

Desktop Icons

Vitals

 

# dnf install sshpass

# dnf install xfreerdp

# dnf -y install qemu-kvm libvirt virt-install

# systemctl enable --now libvirtd

# dnf  install virt-manager

# dnf install  ntfs-3g ntfsprogs

# dnf install gimp xsane

# dnf install libreoffice

# wget https://github.com/dbeaver/dbeaver/releases/download/23.2.3/dbeaver-ce-23.2.3-stable.x86_64.rpm

# dnf install dbeaver-ce-23.2.3-stable.x86_64.rpm

# dnf  install httpd  httpd-devel  mod_ssl

※日本語が入らない！！

設定→Keyboard 

・日本語（Anthy)追加

・日本語（Anthy）→　Prefferences →　入力タイプ　→　キーボードレイアウト　→ jp

# dnf install  https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm
# dnf install postgresql15-server postgresql15-contrib

# PGSETUP_INITDB_OPTIONS='--encoding=UTF-8 --no-locale'
# postgresql-15-setup initdb

# passwd postgres

# vi /var/lib/pgsql/15/data/pg_hba.conf 

#local   all             all                                   peer

local     all             all                                    trust

#host    all             all             127.0.0.1/32            ident

host all all 192.168.0.0/16                     password272E2F/11

# vi /var/lib/pgsql/15/data/postgresql.conf

listen_addresses = '*'          

port = 5432

# firewall-cmd --add-port=5432/tcp --zone=public --permanent

# firewall-cmd --reload

# mkdir  -p /data/postgres/data

# chown  -R postgres:postgres /data/postgres/data

# semanage fcontext -a -t postgresql_db_t "/data/postgres(/.*)?"

# grep -i postgresql /etc/selinux/targeted/contexts/files/file_contexts.local

# restorecon -R -v /data/postgres

# ls -lZR /data/postgres

# systemctl start postgresql-15

# systemctl enable postgresql-15

【AMDGPUー20240109】

# amdgpu-install  --uninstall

# rpm -e amdgpu-install
# rpm -qa|grep -E 'amdgpu|rocm'

amdgpu-dkms-6.2.4.50700-1652687.el9.noarch

# wget https://repo.radeon.com/amdgpu-install/latest/rhel/9.3/amdgpu-install-6.0.60000-1.el9.noarch.rpm

# rpm -Uvh amdgpu-install-6.0.60000-1.el9.noarch.rpm

# amdgpu-install --usecase=graphics --vulkan=amdvlk --opencl=rocr

引数に一致する結果がありません: vulkan-amdgpu

エラー: 一致するものが見つかりません: vulkan-amdgpu

# amdgpu-install --usecase=graphics  --opencl=rocr

# amdgpu-install --usecase=rocm

# dnf reinstall amdgpu-dkms

Error! The module/version combo: amdgpu-6.2.4-1652687.el9 is not located in the DKMS tree.

エラー: %preun(amdgpu-dkms-1:6.2.4.50700-1652687.el9.noarch) スクリプトの実行に失敗しました。終了ステータス 3

→

# dnf --setopt=tsflags=noscripts remove amdgpu-dkms

# dnf install amdgpu-dkms

【AMDGPU】

# amdgpu-install  --uninstall

# rpm -e amdgpu-install
# rpm -qa|grep -E 'amdgpu|rocm'

# wget https://repo.radeon.com/amdgpu-install/6.0.2/rhel/9.3/amdgpu-install-6.0.60002-1.el9.noarch.rpm 

# rpm -Uvh  amdgpu-install-6.0.60002-1.el9.noarch.rpm

# amdgpu-install --usecase=graphics --vulkan=amdvlk --opencl=rocr --opengl=mesa

# amdgpu-install --usecase=rocm  ←不要？
# rpm -qa|grep -E 'amdgpu|rocm'

 ※（ERROR）　package rocm-developer-tools-6.0.2.60002-115.el9.x86_64 from rocm requires rocprofiler = 2.0.60002.60002-115.el9, but none of the providers can be installed

  - package rocprofiler-2.0.60002.60002-115.el9.x86_64 from rocm requires systemd-devel, but none of the providers can be installed

※　４Kにするとちらついて使い物にならない！！

# dnf reinstall amdgpu-dkms

でなおった！！

【参考】

# rpm -e  amdgpu-install-5.7.50700-1.el9.noarch.rpm

# wget https://repo.radeon.com/amdgpu-install/5.4.6/rhel/9.2/amdgpu-install-5.4.50406-1.el9.noarch.rpm

# wget https://repo.radeon.com/amdgpu-install/5.6.1/rhel/9.2/amdgpu-install-5.6.50601-1.el9.noarch.rpm

※ 参考

# amdgpu-install --usecase=graphics --vulkan=amdvlk --opencl=rocr   --opengl=mesa  --accept-eula

# dnf install -y hip-devel rocm-llvm rocm-device-libs rocm-core

# amdgpu-install -y --accept-eula

※ マルチディスプレイ認識しない。

※ モニター名認識しない。

※ HDMI audioを認識しない。

【その他】

# dnf install sshpass

# dnf install xfreerdp

# dnf install setroubleshoot

※ terminal で拡大/縮小のショートカットが効かない。

　　→　teminal->設定->ショートカット　で再設定する。

【BIOS　Version 確認】

# dmidecode

※　hub 10-0:1.0: config failed, hub doesn't have any ports! (err -19)

【GNOME】

# dnf remove gnome-shell.x86_64

# dnf autoremove

# dnf makecache

# dnf install gnome-shell.x86_64

Rocky linux9 KVM インストール （仮想マネージャー）

【20240130 更新】

BIOS設定

# dnf install qemu-kvm qemu-img libvirt virt-manager virt-install virt-viewer libvirt-client

#  lsmod | grep kvm

kvm_intel             479232  0

kvm                  1327104  1 kvm_intel

irqbypass              16384  1 kvm

# systemctl start libvirtd

# systemctl enable libvirtd

virsh net-create <( cat <<__EOF__

<network connections="2">

 <name>private_api_1a</name>

 <uuid>9071da35-895a-415c-a983-925f5f836cb6</uuid>

 <bridge name="virbr4" stp="on" delay="0"/>

 <mac address="52:54:00:e3:83:6a"/>

 <domain name="private_api_1a"/>

 <ip address="10.0.11.1" netmask="255.255.255.0">

 </ip>

</network>

__EOF__

)
virsh net-start           private_api_1a　×
virsh net-autostart private_api_1a     ×

virsh net-destroy private_api_1a

nmcli d  delete  virbr0

nmcli d delete   virbr4

nmcli c delete   enp4s0

# virsh net-list --all

-------------------------------------------------------------------------------------------------------------------

# dnf install qemu-kvm qemu-img libvirt virt-manager virt-install virt-viewer libvirt-client guestfs-tools  bridge-utils virt-top  libguestfs-tools

# dnf install epel-release -y

# dnf install bridge-utils

$  lsmod | grep kvm

kvm_amd               212992  0

kvm                  1327104  1 kvm_amd

irqbypass              16384  1 kvm

ccp                   143360  1 kvm_amd

# systemctl start libvirtd

# systemctl enable libvirtd

# dnf list qemu-kvm qemu-img libvirt virt-manager virt-install virt-viewer libvirt-client guestfs-tools  bridge-utils virt-top  libguestfs-tools

メタデータの期限切れの最終確認: 0:24:57 前の 2023年12月27日 08時56分16秒 に実施しました。

インストール済みパッケージ

bridge-utils.x86_64                     1.7.1-3.el9                                @epel     

guestfs-tools.x86_64                  1.50.1-3.el9                              @appstream

libvirt.x86_64                                 9.5.0-7.el9_3                           @appstream

libvirt-client.x86_64                    9.5.0-7.el9_3                           @appstream

qemu-img.x86_64                        17:8.0.0-16.el9_3.1               @appstream

qemu-kvm.x86_64                       17:8.0.0-16.el9_3.1               @appstream

virt-install.noarch                         4.1.0-4.el9                                @appstream

virt-manager.noarch                    4.1.0-4.el9                                @appstream

virt-top.x86_64                               1.1.1-9.el9                                @appstream

virt-viewer.x86_64                        11.0-1.el9                                  @appstream

# virsh net-destroy private_api_1a

Rocky linux に Openshot インストール

# dnf -y install flatpak
# flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
# flatpak -y install flathub org.openshot.OpenShot

$ flatpak run org.openshot.OpenShot

Rocky Linux 8.8 設定

#---------------------------------------

# TIME ZONE

#---------------------------------------

# timedatectl set-timezone Asia/Tokyo

# timedatectl
# localectl set-locale LANG=ja_JP.utf8
# localectl

#------------------------------

# dns 
#-------------------------------

# vi /etc/resolv.conf

#nameserver 10.14.4.7
nameserver 8.8.8.8

# nmcli conn mod ens192 +ipv4.dns 8.8.8.8

# systemctl restart NetworkManager

# dig www.example.org

#------------------------------
# chrony
#-------------------------------

# dnf install chrony

# systemctl status chronyd
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:chronyd(8)
man:chrony.conf(5)
# systemctl stop ntpd
# systemctl disable ntpd
# systemctl enable chronyd
# systemctl start chronyd
# chronyc sources
MS Name/IP address Stratum Poll Reach LastRx Last sample
======================================================================
^+ x.ns.gin.ntt.net 2 6 17 2 -2262us[-1053us] +/- 87ms
^* time.cloudflare.com 3 6 17 2 +1543us[+2752us] +/- 72ms
^+ 122x215x240x51.ap122.ftt> 2 6 17 2 +4556us[+5765us] +/- 49ms
^+ gotoky.hojmark.net 2 6 17 2 -3532us[-2323us] +/- 40ms

#-------------------------------------
#   net-tools 

#------------------------------------
# dnf install net-tools

#---------------------------------------
# user作成
#---------------------------------------

useradd administrator

passwd administrator<<__EOF__

WEB-server-%4266%

WEB-server-%4266%

__EOF__

useradd sysadm

passwd sysadm<<__EOF__

WEB-server-\$9166\$

WEB-server-\$9166\$

__EOF__

useradd sysuser

passwd  sysuser<<__EOF__

WEB-server-<0308<

WEB-server-<0308<

__EOF__

useradd appuser

passwd  appuser<<__EOF__

WEB-server-!4795!

WEB-server-!4795!

__EOF__

# ------------------------------------

# JAVA

#-------------------------------------

# dnf install java-17-openjdk

# update-alternatives --config java

# dirname $(readlink $(readlink $(which java)))

# vi /etc/profile.d/java.sh

export JAVA_HOME=$(dirname $(dirname $(readlink $(readlink $(which java)))))

export PATH=$PATH:$JAVA_HOME/bin

#----------------------------------------

# tomcat

#----------------------------------------
# dnf install wget

# cd /opt

# wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.1.10/bin/apache-tomcat-10.1.10.tar.gz

# tar xzvf apache-tomcat-10.1.10.tar.gz

# ln -s apache-tomcat-10.1.10 tomcat

# vi /usr/lib/systemd/system/tomcat.service<<__EOF__

[Unit]

Description=Apache Tomcat 10

After=network.target

[Service]

Type=oneshot

ExecStart=/opt/tomcat/bin/startup.sh

ExecStop=/opt/tomcat/bin/shutdown.sh

EnvironmentFile=/etc/sysconfig/tomcat

RemainAfterExit=yes

User=tomcat

Group=tomcat

[Install]

WantedBy=multi-user.target

__EOF__

# vi /etc/sysconfig/tomcat <<_EOF__
CATALINA_HOME=/opt/tomcat

__EOF__

# cd /opt

# ln -s /opt/apache-tomcat-10.1.10 tomcat

# useradd -M -d /opt/tomcat tomcat

# chown -R tomcat:tomcat  /opt/tomcat /opt/tomcat/*

# vi /etc/httpd/conf.d/tomcat.conf  <<__EOF__

<Location /tomcat/ >

ProxyPass ajp://localhost:8009/

ProxyPassReverse ajp://localhost:8009/tomcat/

</Location>

<Location /docs/ >

ProxyPass ajp://localhost:8009/docs/

ProxyPassReverse ajp://localhost:8009/docs/

</Location>

<Location /examples/ >

ProxyPass ajp://localhost:8009/examples/

ProxyPassReverse ajp://localhost:8009/examples/

</Location>

<Location /host-manager/ >

ProxyPass ajp://localhost:8009/host-manager/

ProxyPassReverse ajp://localhost:8009/host-manager/

</Location>

<Location /manager/ >

ProxyPass ajp://localhost:8009/manager/

ProxyPassReverse ajp://localhost:8009/manager/

</Location>

__EOF__

■ postgres jdbcドライバ

URL： https://jdbc.postgresql.org/download/

 # mv postgresql-42.6.0.jar /opt/tomca/lib/

# chown tomcat:tomcat postgresql-42.6.0.jar

# chmod 640 postgresql-42.6.0.jar

# vi /opt/tomcat/conf/context.xml

<Context>

    <Resource name="jdbc/PostgreSQL"

      auth="Container"

      type="javax.sql.DataSource"

      factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"

      initialSize="2" maxActive="4" minIdle="1" maxIdle="2"

      username="service_admin" password="casio00"

      driverClassName="org.postgresql.Driver" url="jdbc:postgresql://localhost:5432/servicebase"

      validationQuery="SELECT 1" />

</Context>

■ MariaDB jdbc ドライバ

https://mariadb.com/downloads/connectors/connectors-data-access/java8-connector/

java 8+ connector

3.1.4-GA

Platform Independent

# mv  mariadb-java-client-3.1.4.jar /opt/tomcat/lib/

# chown tomcat:tomcat /opt/tomcat/lib/mariadb-java-client-3.1.4.jar

# systemctl start tomcat

# systemctl enable tomcat

# systemctl restart httpd

# ------------------------------------

#  httpd

#-------------------------------------

# dnf install https://pkgs.dyn.su/el8/base/x86_64/raven-release-1.0-3.el8.noarch.rpm

# dnf -y install --disablerepo=AppStream --enablerepo=raven httpd httpd-devel mod_ssl

# vi /etc/httpd/conf/httpd.conf  << __EOF__

    # add by takahab

    ServerName shqap0392:80

    # del by takahab

    # Listen 80

    # mod by takahab

    #Options Indexes FollowSymLinks

    Options FollowSymLinks

    # add by takahab

   ServerTokens ProductOnly

   ServerSignature Off

  Timeout 300

  TraceEnable off

  Header append X-FRAME-OPTIONS "SAMEORIGIN"

__EOF__

# vi /etc/httpd/conf.d/ssl.conf

ServerName bms.cxdnext.co.jp:443

# httpd -t

AH00526: Syntax error on line 101 of /etc/httpd/conf.d/ssl.conf:

SSLCertificateFile: file '/etc/pki/tls/certs/localhost.crt' does not exist or is empty

# firewall-cmd --add-service=http --zone=public --permanent

# firewall-cmd --add-service=https --zone=public --permanent

# firewall-cmd --reload

# systemctl restart httpd

Enter TLS private key passphrase for bms.cxdnext.co.jp:443 (RSA) : *******  

#------------------------------------------------------

#  仮証明書

#------------------------------------------------------

URL: https://www.digicert.com/help/

# vi /etc/httpd/conf.d/ssl.conf

SSLCertificateFile /var/local/certs/bms.cxdnext.co.jp.crt

SSLCertificateKeyFile /var/local/certs/bms.cxdnext.co.jp.key

#SSLCertificateChainFile /var/local/certs/bms.cxdnext.co.jp-chain.crt

$ openssl genrsa -aes256 2048 > bms.cxdnext.co.jp.key

$ openssl req -new -key bms.cxdnext.co.jp.key > bms.cxdnext.co.jp.csr

$ openssl x509 -in bms.cxdnext.co.jp.csr -days 36500 -req -signkey bms.cxdnext.co.jp.key > bms.cxdnext.co.jp.crt

# ls -l /var/local/certs

-rw-r--r--. 1 root root 1224  7月  6 11:38 bms.cxdnext.co.jp.crt

-rw-r--r--. 1 root root 1041  7月  6 11:37 bms.cxdnext.co.jp.csr

-rw-r--r--. 1 root root 1766  7月  6 11:33 bms.cxdnext.co.jp.key

#----------------------------------------------------------------------------------

# 本番サーバ証明書発行 （stts.cxdnext.co.jp)

#----------------------------------------------------------------------------------

# nmcli general hostname www.exsample.co.jp

# systemctl restart NetworkManager.service

# vi /etc/httpd/conf.d/ssl.conf <<__EOF__

ServerName www.example.co.jp:443

__EOF__

# openssl genrsa -aes256 2048 > www.example.co.jp.key

# openssl req -new -key www.example.co.jp.key > www.example.co.jp.csr

# openssl x509 -in www.example.co.jp.csr -days 3650 -req -signkey www.example.co.jp.key > www.example.co.jp.crt

# openssl genrsa -aes256 2048 > www.example.co.jp.key

Generating RSA private key, 2048 bit long modulus (2 primes)

.......+++++

.......................................+++++

e is 65537 (0x010001)

Enter pass phrase:example

Verifying - Enter pass phrase:example

sh-4.4# openssl req -new -key www.example.co.jp.key > www.example.co.jp.csr

Enter pass phrase for www.example.co.jp.key:example

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [XX]:JP

State or Province Name (full name) []:Tokyo

Locality Name (eg, city) [Default City]:Shibuya-ku

Organization Name (eg, company) [Default Company Ltd]:EXAMPLE CO., LTD.

Organizational Unit Name (eg, section) []:

Common Name (eg, your name or your server's hostname) []:www.example.co.jp

Email Address []:

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []:

An optional company name []:

# ls -l /var/local/certs/

-rw-r--r--. 1 root root 1553 7 月 19 13:58 www.example.co.jp-chain.crt ← 中間証明書

-rw-r--r--. 1 root root 2333 7 月 19 13:57 www.example.co.jp.crt ← サーバ証明書

-rw-r--r--. 1 root root 1009 7 月 19 11:43 www.example.co.jp.csr

-rw-r--r--. 1 root root 1766 7 月 19 11:41 www.example.co.jp.key

#-------------------------------------------

# Postgres

#-------------------------------------------

# dnf install postgresql14-server 

# passwd postgres

postgres_password

※ semanage: コマンドが見つかりません

# dnf provides /usr/sbin/semanage

# dnf install policycoreutils-python-utils

# semanage fcontext -a -t postgresql_db_t "/data/postgres(/.*)?"

# PGSETUP_INITDB_OPTIONS='--encoding=UTF-8 --no-locale'

# /usr/pgsql-14/bin/postgresql-14-setup initdb

# vi /var/lib/pgsql/14/data/pg_hba.conf 

#local   all             all                                   peer

local     all             all                                    trust

#host    all             all             127.0.0.1/32            ident

host all all 192.168.0.0/16                     password

# vi /var/lib/pgsql/14/data/postgresql.conf

listen_addresses = '*'          

port = 5432

# firewall-cmd --add-port=5432/tcp --zone=public --permanent

# firewall-cmd --reload

# mkdir  -p /data/postgres/data

# chown  -R postgres:postgres /data/postgres/data

# semanage fcontext -a -t postgresql_db_t "/data/postgres(/.*)?"

# grep -i postgresql /etc/selinux/targeted/contexts/files/file_contexts.local

# restorecon -R -v /data/postgres

# ls -lZR /data/postgres

（確認）

#  ls -l /var/lib/pgsql/14/data

 # vi /usr/lib/systemd/system/postgresql-14.service

#  grep -v -E "^#|^$" /var/lib/pgsql/14/data/pg_hba.conf

# grep listen_addresses /var/lib/pgsql/14/data/postgresql.conf

# ls -lZ /var/lib/pgsql

 drwx------. 4 postgres postgres system_u:object_r:postgresql_db_t:s0 51  4月 20 14:26 14

 # systemctl start postgresql-14

# systemctl enable  postgresql-14

$ su - postgres

$ psql -U postgres

ALTER USER postgres PASSWORD 'password';

$ psql 

create user admin with password 'password' superuser;

create database workbase owner admin;

grant all privileges on database workbase to admin;

create user service_admin with password 'password' superuser;

create database servicebase owner service_admin;

grant all privileges on database servicebase to service_admin;

Rocky linux9

 mkdir /data/tablespace_admin

 chown postgres:postgres  /data/tablespace_admin

 chmod 700 /data/tablespace_admin

 mkdir /data/tablespace_office

 chown postgres:postgres  /data/tablespace_office

 chmod 700 /data/tablespace_office

 mkdir /data/tablespace_sales

 chown postgres:postgres  /data/tablespace_sales

 chmod 700 /data/tablespace_sales

 mkdir /data/tablespace_shop

 chown postgres:postgres  /data/tablespace_shop

 chmod 700 /data/tablespace_shop

 mkdir /data/tablespace_calendars

 chown postgres:postgres  /data/tablespace_calendars

 chmod 700 /data/tablespace_calendars

#-----------------------------------------------

# MariaDB client

#-----------------------------------------------

# curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
# dnf remove mysql*

# dnf remove Mariadb*

# dnf install MariaDB-client MariaDB-devel

※ pip install mysqlclientでエラー

     Exception: Can not find valid pkg-config name.

    6/22 リリースのmysqlclient==2.2.0 でエラー発生､ 

   → mysqlclient==2.1.0にバージョンダウンで回避。

# dnf install postgresql14-devel

  - perl(IPC::Run) が提供されません postgresql14-devel-14.8-2PGDG.rhel8.x86_64 に必要です

→ dnf install perl-CPAN

      perl -MCPAN  -e shell

      cpan> install IPC::Run

→ 解決できない！！！

※ Error: pg_config executable not found.

 → PATH確認

#  find / -print |grep pg_config

 # PATH=/usr/pgsql-14/bin:$PATH;export PATH

※  libpq-fe.h: そのようなファイルやディレクトリはありません

postgresql14-develがインストールできない為、やむおえず、/usr/pgpsql-14/include/*

をコピー。

#------------------------------------

#  Oracle client

#-------------------------------------

■ 11gクライアントインストール

URL: https://www.oracle.com/jp/database/technologies/instant-client/linux-x86-64-downloads.html

https://www.oracle.com/jp/database/technologies/instant-client/linux-x86-64-downloads.html#license-lightbox

# dnf localinstall oracle-instantclient11.2-basic-11.2.0.4.0-1.x86_64.rpm

# vi /etc/ld.so.conf.d/oracle.conf

/usr/lib/oracle/11.2/client64/lib

# vi  /etc/profile.d/oracle.sh

export LD_LIBRARY_PATH=/usr/lib/oracle/11.2/client64/lib/:$LD_LIBRARY_PATH

# vi /etc/sysconfig/httpd

LD_LIBRARY_PATH=/usr/lib/oracle/11.2/client64/lib/:$LD_LIBRARY_PATH

ERROR: django.db.utils.NotSupportedError: Oracle 19 or later is required (found 11.2.0.4.0).

■ 19Cクライアントインストール

# dnf localinstall oracle-instantclient19.18-basic-19.18.0.0.0-2.x86_64.rpm --allowerasing

# vi /etc/ld.so.conf.d/oracle.conf

/usr/lib/oracle/19.18/client64/lib

# vi  /etc/profile.d/oracle.sh

export LD_LIBRARY_PATH=/usr/lib/oracle/19.18/client64/lib/:$LD_LIBRARY_PATH

# vi /etc/sysconfig/httpd

LD_LIBRARY_PATH=/usr/lib/oracle/19.18/client64/lib/:$LD_LIBRARY_PATH

→ 同じエラー発生

    ERROR: django.db.utils.NotSupportedError: Oracle 19 or later is required (found 11.2.0.4.0).

※ やむおえず、チェックしているソースをNOPにしたら動作した。

 vi /var/www/wsgi/office/.venv/lib64/python3.9/site-packages/django/db/backends/base/base.py

        if (

            self.features.minimum_database_version is not None

            and self.get_database_version() < self.features.minimum_database_version

        ):

            db_version = ".".join(map(str, self.get_database_version()))

            min_db_version = ".".join(map(str, self.features.minimum_database_version))

            #raise NotSupportedError(

            #    f"{self.display_name} {min_db_version} or later is required "

            #    f"(found {db_version})."

            #)

#---------------------------------------------------

# PHP 8.0

#---------------------------------------------------

# dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

# dnf install https://rpms.remirepo.net/enterprise/remi-release-8.rpm

# dnf module reset php
# dnf module list php
# dnf module enable php:remi-8.0
# dnf install php
# php --version 

# dnf repolist all

# dnf config-manager --disable epel epel-modular remi-modular remi-safe

# dnf config-manager --enable epel epel-modular

#------------------------------------------------

# python3.9

#------------------------------------------------

# dnf install python39

# update-alternatives --display python3

python3 -ステータスは自動です。

リンクは現在 /usr/bin/python3.6 を指しています。

/usr/bin/python3.6 - 優先度 1000000

 スレーブ easy_install-3: /usr/bin/easy_install-3.6

 スレーブ pip-3: /usr/bin/pip-3.6

 スレーブ pip3: /usr/bin/pip3.6

 スレーブ pydoc-3: /usr/bin/pydoc3.6

 スレーブ pydoc3: /usr/bin/pydoc3.6

 スレーブ pyvenv-3: /usr/bin/pyvenv-3.6

 スレーブ python3-man: /usr/share/man/man1/python3.6.1.gz

/usr/bin/python3.9 - 優先度 3900

 スレーブ easy_install-3: /usr/bin/easy_install-3.9

 スレーブ pip-3: /usr/bin/pip-3.9

 スレーブ pip3: /usr/bin/pip3.9

 スレーブ pydoc-3: /usr/bin/pydoc3.9

 スレーブ pydoc3: /usr/bin/pydoc3.9

 スレーブ pyvenv-3: (null)

 スレーブ python3-man: /usr/share/man/man1/python3.9.1.gz

現在の「最適」バージョンは /usr/bin/python3.6 です。

sh-4.4# update-alternatives --config python3

2 プログラムがあり 'python3' を提供します。

  選択       コマンド

-----------------------------------------------

*+ 1           /usr/bin/python3.6

   2           /usr/bin/python3.9

Enter を押して現在の選択 [+] を保持するか、選択番号を入力します:2

#-------------------------------------------------

#  Django 

#-------------------------------------------------

# dnf install gcc rpm-build python39-devel  make zbar

#  pip3.9 install mod-wsgi

# find  / -print|grep mod_wsgi-py39.cpython

/usr/local/lib64/python3.9/site-packages/mod_wsgi/server/mod_wsgi-py39.cpython-39-x86_64-linux-gnu.so

# vi /etc/httpd/conf.modules.d/20-wsgi.conf

LoadModule wsgi_module /usr/local/lib64/python3.9/site-packages/mod_wsgi/server/mod_wsgi-py39.cpython-39-x86_64-linux-gnu.so

# vi /etc/httpd/conf.d/wsgi.conf  << __EOF__
#
# Timeout: The number of seconds before receives and sends time out.
#Timeout 1000
WSGIApplicationGroup %{GLOBAL}

WSGISocketPrefix /var/run/wsgi

WSGIDaemonProcess office user=apache group=apache processes=1 threads=100 maximum-requests=10000 \
home=/var/www/wsgi/office \
python-home=/var/www/wsgi/office/.venv \
python-path=/var/www/wsgi/office:/var/www/wsgi/office/.venv/lib/python3.9/site-packages \
lang=ja_JP.utf8

WSGIScriptAlias /office /var/www/wsgi/office/Config/wsgi.py process-group=office

Alias /assets/ /aws/efs/assets/
Alias /media/ /aws/efs/media/

<Directory /aws/efs/assets>
Require all granted
</Directory>

<Directory /aws/efs/media>
Require all granted
</Directory>

WSGIPassAuthorization on

<Location /office>
WSGIProcessGroup office
</Location>

__EOF__

#-------------------------------------------

# ZABBIX

#-------------------------------------------

# rpm -Uvh https://repo.zabbix.com/zabbix/6.4/rhel/8/x86_64/zabbix-release-6.4-1.el8.noarch.rpm

# dnf clean all

# dnf module switch-to php:7.4

# dnf install zabbix-server-pgsql zabbix-web-pgsql zabbix-apache-conf zabbix-sql-scripts zabbix-selinux-policy zabbix-agent

# sudo -u postgres createuser --pwprompt zabbix

# sudo -u postgres createdb -O zabbix zabbix

# zcat /usr/share/zabbix-sql-scripts/postgresql/server.sql.gz | sudo -u zabbix psql zabbix

DBPassword=password

# su - postgres

# psql 

> alter role zabbix with password 'password';

# systemctl restart zabbix-server zabbix-agent httpd php-fpm

# systemctl enable zabbix-server zabbix-agent httpd php-fpm

#-------------------------------------------------

#  clam

#-------------------------------------------------

# dnf --enablerepo=epel install clamav clamav-scanner-systemd clamav-update

# ln -s /etc/clamd.d/scan.conf /etc/clamd.conf

# vi /etc/clamd.conf

#Example

LogFile /var/log/clamd.scan

LogFileMaxSize 2M

LogTime yes

LogRotate yes

LocalSocket /var/run/clamd.scan/clamd.sock

FixStaleSocket yes

ExcludePath ^/proc/

ExcludePath ^/sys/

ExcludePath ^/dev/pts/ptmx

ExcludePath ^/etc/gshadow

ExcludePath ^/etc/gshadow-

ExcludePath ^/etc/shadow

ExcludePath ^/etc/shadow-

ExcludePath ^/etc/audit

ExcludePath ^/etc/selinux

ExcludePath ^/etc/security

ExcludePath ^/run/systemd/inaccessible

ExcludePath ^/run/user

ExcludePath ^/var/log/audit

ExcludePath ^/var/lib/selinux/targeted

# vi /etc/freshclam.conf

#Example

DatabaseDirectory /var/lib/clamav

UpdateLogFile /var/log/freshclam.log/

LogFileMaxSize 2M

LogTime yes

LogRotate yes

DatabaseOwner root

# vi /usr/lib/systemd/system/clamd@.service <<__EOF__

[Unit]

Description = clamd scanner (%i) daemon

Documentation=man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/

After = syslog.target nss-lookup.target network.target

[Service]

Type = forking

ExecStart = /usr/sbin/clamd -c /etc/clamd.d/%i.conf

# Reload the database

ExecReload=/bin/kill -USR2 $MAINPID

Restart = on-failure

TimeoutStartSec=420

MemoryLimit=256M

CPUQuota=20%

Nice = 19

[Install]

WantedBy = multi-user.target

__EOF__

SElinux

# setsebool -P antivirus_can_scan_system 1

# setsebool -P antivirus_use_jit 1

# freshclam

# systemctl enable clamd@scan

# systemctl start clamd@scan

# vi /etc/cron.daily/clamscan.sh  <<__EOF__

#!/bin/bash

PATH=/usr/bin:/bin

dnf - -y update clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd > /dev/null 2>&1

freshclam > /dev/null

CLAMSCANTMP=`mktemp`

clamdscan /boot  /dev  /etc  /home  /media  /mnt  /opt  /proc  /root  /run  /srv  /sys  /tmp  /usr  /var --remove > $CLAMSCANTMP 2>&1

[ ! -z "$(grep FOUND$ $CLAMSCANTMP)" ] && \

grep FOUND$ $CLAMSCANTMP | mail -s "Virus Found in `hostname`" root

[ -z "$(grep FOUND$ $CLAMSCANTMP)" ] && \

echo "clamdscan normal end" | mail -s "Virus Not Found in `hostname`" root

rm -f $CLAMSCANTMP

__EOF__

# chown root:root /etc/cron.daily/clamscan.sh

# chmod 755 /etc/cron.daily/clamscan.sh

→  systemctl start clamd@scanでタイムアウト発生。 保留

#------------------------------------------

# その他課題

#------------------------------------------

 1） 7月 06 13:40:53 shqap0392 sshd[683709]: error: kex_exchange_identification: read: Connection reset by peer 多発

2）clamd 起動でタイムアウト

Postgres への移行

tinyint →  int
longint → bigint
decimal → numeric( p, s )
engine → カット
comment → カット
char(32) → uuid

decimal(13.0) →
longtext → text
datetime  →   timestamp

【自動時刻更新】

create table  xxxxx {

date_update timestamp not null default current_timestamp,

xxxx

 }

create or replace function trigger_set_timestamp() returns trigger as $$

 begin

     new.updated_at = noW();

     return new; end;

 $$    language plpgsql;                      

【insert or update】

INSERT INTO {tabale} ( {colmuns} ) VALUES ({values}) 

ON DUPLICATE KEY UPDATE {updates}

↓

INSERT INTO {table} VALUES ({values})

ON CONFLICT ON CONSTRAINT {table}_primary

DO UPDATE SET {updates};

【大文字テーブル名】

 大文字の入ったテーブル名は、“”で囲む必要がある。（囲まない小文字としてみなすよう）

【distinct 】

()が必要。

【カレンダ出力】

        #DEBUG

        if DB_SYSTEM == 'postgres':

            WITH_RECURSIVE_DATE_TABALE = f"""

              with recursive date_table (date_value) AS (

              select

                 (select date_trunc( 'month', current_date + interval '-{str(before)} month' + '1 Day'))

                  union all select  date_value + interval '1 Day'

                  from date_table

                 where date_value < (select date_trunc('month', current_date) + '{str(before + 1)} month' +'-1 Day')

              )"""

            TO_CHAR_DATE_VALUE = """to_char(date_value, 'YYYYmmdd')"""

        else:

          WITH_RECURSIVE_DATE_TABALE = f"""

            with recursive date_table(date_value) as (

              select

                (select date_format(adddate(curdate(), interval -{str(before)} month), '%Y-%m-01'))

              union all

              select

                date_add(date_value, interval 1 day)

              from  date_table

              where

                date_value < (select last_day(adddate(curdate(), interval -{str(before)} month)))

            )"""

          TO_CHAR_DATE_VALUE = """date_format(date_value, '%Y%m%d')"""

【date_format】

 TO_CHAR_DATE_VALUE = """to_char(date_value, 'YYYYmmdd')"""

↓

  TO_CHAR_DATE_VALUE = """date_format(date_value, '%Y%m%d')"""

【ifnull】

ifnull(gross_amt,0)  

↓

COALESCE(gross_amt,0) 

【uuid】 

                           program    sql                      DBフィールド型

mysql               UUID           UUID.hex        char(32)

postgres          UUID           str( UUID)       uuid

uuidをhexに変換してSQLに埋め込む。

↓

uuid1をstrに新刊してSQLに埋め込む。

Rocky Linux9 に postgres インストール

$ cat /etc/redhat-release
Rocky Linux release 9.1 (Blue Onyx)

【ロケーション設定】

timedatectl set-timezone Asia/Tokyo

localectl set-locale LANG=ja_JP.utf8

timedatectl

localectl

【ネットワーク設定】

nmcli d

nmcli c

#nmcli c delete vlan100

nmcli general hostname postgres

nmcli c delete internet

nmcli c add type ethernet ifname enp1s0 con-name "internet" ethernet.mtu 1500

nmcli c mod internet ipv4.method auto

nmcli c mod internet connection.autoconnect yes

nmcli c up internet

VLAN=vlan_monitor

VLAN_IP=192.168.254.211/24

nmcli c delete $VLAN

nmcli c add type ethernet ifname enp7s0 con-name "$VLAN"

nmcli c mod $VLAN ipv4.addresses $VLAN_IP

nmcli c mod $VLAN ipv4.method manual

nmcli c mod $VLAN connection.autoconnect yes

nmcli c mod $VLAN ipv4.dns 8.8.8.8

nmcli c mod $VLAN ipv4.gateway 192.168.254.254

nmcli c up $VLAN

VLAN=vlan_database

VLAN_IP=192.168.200.111/24

nmcli c delete $VLAN

nmcli c add type ethernet ifname enp8s0 con-name "$VLAN"

nmcli c mod $VLAN ipv4.addresses $VLAN_IP

nmcli c mod $VLAN ipv4.method manual

nmcli c mod $VLAN connection.autoconnect yes

nmcli c mod $VLAN +ipv4.routes "192.168.210.0/24 192.168.200.2"

nmcli c mod $VLAN +ipv4.routes "192.168.12.0/24  192.168.200.2"

nmcli c mod $VLAN +ipv4.routes "192.168.22.0/24  192.168.200.2"

nmcli c mod $VLAN +ipv4.routes "192.168.32.0/24  192.168.200.2"

nmcli c up $VLAN

# systemctl restart NetworkManager

【postgres15】

# dnf update --refresh

# dnf install https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm

# dnf  -y install postgresql15-server

# /usr/pgsql-15/bin/postgresql-15-setup initdb

# systemctl start postgresql-15

# systemctl enable postgresql-15

# systemctl status postgresql-15

# passwd postgres

# su - postgres

$ psql -V

psql (PostgreSQL) 15.5

$ psql

alter user postgres with password 'password';

exit

$  vi /var/lib/pgsql/15/data/pg_hba.conf 

#local   all             all                                     peer

#host    all             all             127.0.0.1/32            scram-sha-256

local     all             all                                     trust

host      all             all             10.0.0.0/16             password

$ vi /var/lib/pgsql/15/data/postgresql.conf 

listen_addresses = '*'          

port = 5432 

max_connections = 100 

log_timezone = 'Asia/Tokyo'

timezone = 'Asia/Tokyo'

lc_messages = 'ja_JP.utf8'                    # locale for system error message

lc_monetary = 'ja_JP.utf8'                    # locale for monetary formatting

lc_numeric = 'ja_JP.utf8'                       # locale for number formatting

lc_time = 'ja_JP.utf8'

# systemctl restart postgresql-15

# firewall-cmd --add-port=5432/tcp --zone=public --permanent

# firewall-cmd --reload

【データディレクトリの変更】

$ psql

show config_file ;

show data_directory;

# systemctl stop postgresql-15.service

# mkdir -p /pg_data/data

# chown postgres:postgres /pg_data

# chown postgres:postgres /pg_data/data

# chmod -R 700  /pg_data/data

# rsync -av /var/lib/pgsql/15/data/  /pg_data/data

# vi /var/lib/pgsql/15/data/postgresql.conf

data_directory = '/pg_data/data'

# vi /lib/systemd/system/postgresql-15.service

#Environment=PGDATA=/var/lib/pgsql/15/data/

Environment=PGDATA=/pg_data/data/

# systemctl daemon-reload

# systemctl start postgresql-15

【Postgres14】

# dnf update --refresh

# dnf install http://apt.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm

# dnf  -y install postgresql14-server postgresql14-docs 

# dnf -y install postgresql14-libs postgresql14-plperl postgresql14-plpython3 postgresql14-pltcl postgresql14-tcl postgresql14-contrib postgresql14-llvmjit

/usr/pgsql-14/bin/postgresql-14-setup initdb

# vi /var/lib/pgsql/14/data/pg_hba.conf  << __EOF__

#local   all             all                                        peer

local     all             all                                          trust

#host    all           all       127.0.0.1/32         scram-sha-256      

host      all           all        192.168.0.0/16   password

__EOF__

# vi /var/lib/pgsql/14/data/postgresql.conf  <<__EOF__

listen_addresses = '*'          

port = 5432 

max_connections = 100 

log_timezone = 'Asia/Tokyo'

timezone = 'Asia/Tokyo'

lc_messages = 'ja_JP.utf8'                    # locale for system error message

lc_monetary = 'ja_JP.utf8'                    # locale for monetary formatting

lc_numeric = 'ja_JP.utf8'                       # locale for number formatting

lc_time = 'ja_JP.utf8'

__EOF__

※ 青字確認。AWS EC2では、en_USxxxxになっていた。

# firewall-cmd --add-port=5432/tcp --zone=public --permanent

# firewall-cmd --reload

# systemctl enable postgresql-14

# systemctl start postgresql-14 

# psql --version

psql (PostgreSQL) 14.7

# ls -lZ /var/lib/pgsql

合計 0

drwx------. 4 postgres postgres system_u:object_r:postgresql_db_t:s0 51  4月 24 11:50 14

# passwd postgres

# su - postgres

$ psql -U postgres

alter user postgres with password  'newpassword';

create user admin with password 'xxxxxxxx' superuser;

select * from pg_user;

select * from pg_shadow;

\g

ALTER USER admin WITH PASSWORD 'xxxxxxxx'

create database ARCSDBMS owner admin;

【psql パスワード自動入力】

$ vi ~/.pgpass <<__EOF__

192.168.254.211:5432:workbase:admin:PASSWORD

__EOF__

又は、

$ export PGPASSWORD=password  （非推奨）

【postgres 文字コード】

(1） vi /var/lib/pgsql/14/data/postgresql.conf

       timezone = 'Asia/Tokyo'

       log_timezone = 'Asia/Tokyo'

       lc_messages = 'ja_JP.utf8'                      # locale for system error message

       lc_monetary = 'ja_JP.utf8'                      # locale for monetary formatting

       lc_numeric    = 'ja_JP.utf8'                      # locale for number formatting

       lc_time           = 'ja_JP.utf8'                      # locale for time formatting

(2) pg_settingsを更新。

    select name,setting,context from pg_settings where name like 'lc%';

    update pg_settings set setting ='ja_JP.UTF-8' where name = 'lc_messages'; set_config

(3) role を変更

　alter role office_role set lc_monetary = 'ja_JP.UTF-8';

　alter role office_role set lc_numeric = 'ja_JP.UTF-8';

　alter role office_role set lc_time = 'ja_JP.UTF-8';

(4) データベース作成時に設定 

     create database japan with encoding  'utf8'  lc_collate='ja_JP.utf8' lc_ctype='ja_JP.utf8' template=template0;

(5) テーブルのカラムにロケールを個別に指定。

ALTER TABLE items ALTER COLUMN title TYPE VARCHAR COLLATE "ja_JP.utf8";

(6) templateデータベースを更新。

1) template1データベースをテンプレートから外す

   UPDATE pg_database SET datistemplate = FALSE WHERE datname = 'template1';

2) template1データベースを削除

   DROP DATABASE template1;

3) template1データベースを作成

    CREATE DATABASE template1 WITH TEMPLATE = template0 ENCODING = 文字コード 

    LC_COLLATE = 'ja_JP.utf-8' LC_CTYPE = 'ja_JP.utf8'

4) template1データベースをテンプレートへ戻す

   UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template1';

amazon Linux 2023 設定

【タイムゾーンと日本語】

$ sudo timedatectl set-timezone Asia/Tokyo

$ sudo timedatectl

$ sudo localectl set-locale LANG=ja_JP.utf8

$ sudo localectl

【プロキシ設定】

$ sudo vi /etc/dnf/dnf.conf

proxy=http://192.168.13.101:3128

$ sudo vi /etc/profile.d/proxy.sh

export http_proxy=http://192.168.13.101:3128

export https_proxy=http://192.168.13.101:3128

【epelリポジトリの登録】
$ sudo amazon-linux-extras install epel ----> 廃止

【fedra36 リポジトリの登録】

epelの代わりに登録

# vi /etc/yum.repos.d/fedora.repo

[fedora]

name=Fedora 36 – $basearch

baseurl=https://archives.fedoraproject.org/pub/archive/fedora/linux/releases/36/Everything/$basearch/os/

metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-36&arch=$basearch

enabled=1

metadata_expire=7d

repo_gpgcheck=0

type=rpm

gpgcheck=1

gpgkey=https://getfedora.org/static/fedora.gpg

skip_if_unavailable=False

【未インストールパッケージ】

$ sudo dnf install rsyslog

$ sudo dnf install cronie

# systemctl start rsyslog

# systemctl start crond

【s3 Storage マウント】

$ sudo mkdir /aws

$ sudo vi /etc/fstab

192.168.210.101:/test-cxdnext-filegateway /aws nfs rw,hard,nolock 0 0

$ sudo mount -a

【httpd】

$ sudo dnf install httpd

$  httpd -V

Server version: Apache/2.4.56 (Amazon Linux)

$ sudo systemctl start httpd

$ sudo systemctl enable httpd

【zabbix agent2 】  → 保留（openssl1.1が必要な為
$ sudo dnf install https://repo.zabbix.com/zabbix/6.4/rhel/8/x86_64/zabbix-agent2-6.4.1-release1.el8.x86_64.rpm
Last metadata expiration check: 0:28:37 ago on Fri Apr 7 16:31:07 2023.
zabbix-agent2-6.4.1-release1.el8.x86_64.rpm 3.8 MB/s | 5.5 MB 00:01
Error:
Problem: conflicting requests
- nothing provides libcrypto.so.1.1()(64bit) needed by zabbix-agent2-6.4.1-release1.el8.x86_64
- nothing provides libcrypto.so.1.1(OPENSSL_1_1_0)(64bit) needed by zabbix-agent2-6.4.1-release1.el8.x86_64
- nothing provides libssl.so.1.1()(64bit) needed by zabbix-agent2-6.4.1-release1.el8.x86_64
- nothing provides libssl.so.1.1(OPENSSL_1_1_0)(64bit) needed by zabbix-agent2-6.4.1-release1.el8.x86_64
- nothing provides libssl.so.1.1(OPENSSL_1_1_1)(64bit) needed by zabbix-agent2-6.4.1-release1.el8.x86_64

(try to add '--skip-broken' to skip uninstallable packages)

→openssl3がインストールされている。

# dnf list installed |grep openssl

openssl.x86_64                        1:3.0.8-1.amzn2023.0.1             @System

openssl-libs.x86_64               1:3.0.8-1.amzn2023.0.1             @System

openssl-pkcs11.x86_64        0.4.12-3.amzn2023.0.1              @System

【PYTHON】

$ python3

Python 3.9.16 (main, Feb 23 2023, 00:00:00) 

[GCC 11.3.1 20221121 (Red Hat 11.3.1-4)] on linux

Type "help", "copyright", "credits" or "license" for more information.

>>> 

【JAVA】

$ sudo dnf install java-17-amazon-corretto java-17-amazon-corretto-devel

$ sudo update-alternatives --config java

# cat > /etc/profile.d/java.sh <<__EOF__

export JAVA_HOME=$(dirname $(dirname $(readlink $(readlink $(which java)))))

export PATH=$PATH:$JAVA_HOME/bin

__EOF__

$ source /etc/profile

$ java --version

openjdk 17.0.6 2023-01-17 LTS

OpenJDK Runtime Environment Corretto-17.0.6.10.1 (build 17.0.6+10-LTS)

OpenJDK 64-Bit Server VM Corretto-17.0.6.10.1 (build 17.0.6+10-LTS, mixed mode, sharing)

【TOMCAT】

# cd /opt

# wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.1.7/bin/apache-tomcat-10.1.7.tar.gz

#  tar xvzf apache-tomcat-10.1.7.tar.gz

# vi /usr/lib/systemd/system/tomcat10.service<<__EOF__

[Unit]

Description=Apache Tomcat 10

After=network.target

[Service]

Type=oneshot

ExecStart=/opt/tomcat/bin/startup.sh

ExecStop=/opt/tomcat/bin/shutdown.sh

RemainAfterExit=yes

User=tomcat

Group=tomcat

[Install]

WantedBy=multi-user.target

__EOF__

# cd /opt

# ln -s /opt/apache-tomcat-10.1.7 tomcat

# useradd -M -d /opt/tomcat tomcat

# chown -R tomcat:tomcat  /opt/tomcat /opt/tomcat/*

# firewall-cmd --add-port=8080/tcp --permanent

# firewall-cmd --reload

# mkdir ~/Selinux

# cd ~/Selinux

# vi catalinash.te <<__EOF__

module catalinash 1.0;

require {

        type init_t;

        type admin_home_t;

        class file { append execute execute_no_trans ioctl open read };

}

#============= init_t ==============

allow init_t admin_home_t:file { append execute execute_no_trans ioctl open read };

__EOF__

# checkmodule -m -M -o catalinash.mod catalinash.te

# semodule_package --outfile catalinash.pp --module catalinash.mod

# semodule -i catalinash.pp

# systemctl restart tomcat10

# systemctl enable tomcat10

URL localhost:8080で確認

# /opt/tomcat/bin/version.sh

Using CATALINA_BASE:   /opt/tomcat

Using CATALINA_HOME:   /opt/tomcat

Using CATALINA_TMPDIR: /opt/tomcat/temp

Using JRE_HOME:        /usr

Using CLASSPATH:       /opt/tomcat/bin/bootstrap.jar:/opt/tomcat/bin/tomcat-juli.jar

Using CATALINA_OPTS:   

Server version: Apache Tomcat/10.1.7

Server built:   Feb 27 2023 20:25:27 UTC

Server number:  10.1.7.0

OS Name:        Linux

OS Version:     6.1.21-1.45.amzn2023.x86_64

Architecture:   amd64

JVM Version:    17.0.6+10-LTS

JVM Vendor:     Amazon.com Inc.

■apache連携（ apache 2.4.56  /  tomcat 10.1.7 )

# cd /etc/httpd/conf.modules.d

# grep -e mod_proxy_ajp -e  mod_proxy.so *

00-proxy.conf:LoadModule proxy_module modules/mod_proxy.so

00-proxy.conf:LoadModule proxy_ajp_module modules/mod_proxy_ajp.so

# vi /etc/httpd/conf.d/tomcat .conf  <<__EOF__

<Location /test2023/guacamole >

ProxyPass                  ajp://localhost:8009/guacamole

ProxyPassReverse  ajp://localhost:8009/guacamole

</Location>

<Location  /test2023/tomcat >

ProxyPass                   ajp://localhost:8009

ProxyPassReverse  ajp://localhost:8009

</Location>

<Location  /test2023/docs >

ProxyPass                  ajp://localhost:8009/docs

ProxyPassReverse  ajp://localhost:8009/docs

</Location>

<Location  /test2023/examples >

ProxyPass                   ajp://localhost:8009/examples

ProxyPassReverse  ajp://localhost:8009/examples

</Location>

<Location /test2023 /host-manager >

ProxyPass                  ajp://localhost:8009/host-manager

ProxyPassReverse  ajp://localhost:8009/host-manager

</Location>

<Location  /test2023/manager >

ProxyPass                   ajp://localhost:8009/manager

ProxyPassReverse  ajp://localhost:8009/manager

</Location>

__EOF__

$ sudo vi /opt/tomcat/conf/server.xml << __EOF__

<!-- del by takahab

    <Connector port="8080" protocol="HTTP/1.1"

               connectionTimeout="20000"

               redirectPort="8443" />

    -->

  <!-- add by takahab from -->

   <Connector port="8009" protocol="AJP/1.3"

        address="127.0.0.1"

        proxyName="portal.cxdnext.co.jp"

        proxyPort="443"

        scheme="https"

        secure="true"

        redirectPort="8443"

        rejectIllegalHeader="true"

        secretRequired="false" />

    <!-- to add by takahab -->

__EOF__

【Django環境設定】

(1) Django 仮想環境作成

# mkdir /var/www/wsgi

# cd /var/www/wsgi

# vi get << __EOF__

switch のディレクトリ変更

# ./get deploy

      (./env create)

#  vi  /etc/httpd/conf.d/wsgi.conf <<__EOF__

#

# Timeout: The number of seconds before receives and sends time out.

#

Timeout 600

WSGIApplicationGroup %{GLOBAL}

WSGISocketPrefix /var/run/wsgi

WSGIDaemonProcess test2023 user=apache group=apache processes=1 threads=100 maximum-requests=10000 \

   home=/var/www/wsgi/test2023 \

   python-home=/var/www/wsgi/test2023/.venv \

   python-path=/var/www/wsgi/test2023:/var/www/wsgi/test2023/.venv/lib/python3.9/site-packages \

   lang=ja_JP.utf8

WSGIScriptAlias /test2023 /var/www/wsgi/test2023/Config/wsgi.py process-group=test2023

Alias /assets/ /aws/efs/assets/

Alias /media/  /aws/efs/media/

<Directory /aws/efs/assets>

   Require all granted

</Directory>

<Directory /aws/efs/media>

   Require all granted

</Directory>

WSGIPassAuthorization on

<Location /test2023>

  WSGIProcessGroup test2023

</Location>

__EOF__

# vi /etc/httpd/conf.modules.d/20-wsgi.conf << __EOF__

LoadModule wsgi_module /var/www/wsgi/test2023/.venv/lib64/python3.9/site-packages/mod_wsgi/server/mod_wsgi-py39.cpython-39-x86_64-linux-gnu.so

__EOF__

#------------------------------------------参考-------------------------------------------------

Collecting mod-wsgi

  Using cached mod_wsgi-4.9.4.tar.gz (497 kB)

  Preparing metadata (setup.py) ... error

  error: subprocess-exited-with-error

  

  × python setup.py egg_info did not run successfully.

  │ exit code: 1

  ╰─> [6 lines of output]

      Traceback (most recent call last):

        File "<string>", line 2, in <module>

        File "<pip-setuptools-caller>", line 34, in <module>

        File "/tmp/pip-install-t1qa20dz/mod-wsgi_1a6f23a5f3fb4d4eba390f4e7d024c38/setup.py", line 88, in <module>

          raise RuntimeError('The %r command appears not to be installed or '

      RuntimeError: The 'apxs' command appears not to be installed or is not executable. Please check the list of prerequisites in the documentation for this package and install any missing Apache httpd server packages.

      [end of output]

  

  note: This error originates from a subprocess, and is likely not a problem with pip.

error: metadata-generation-failed

× Encountered error while generating package metadata.

╰─> See above for output.

 →

# dnf install  python3-devel  rpm-build-libs  httpd-devel

Collecting mysqlclient

  Using cached mysqlclient-2.1.1.tar.gz (88 kB)

      /bin/sh: 行 1: mysql_config: コマンドが見つかりません

      /bin/sh: 行 1: mariadb_config: コマンドが見つかりません

      /bin/sh: 行 1: mysql_config: コマンドが見つかりません

→

# dnf install mariadb-connector-c-devel

【Django】

pip3 install -r requirements.txt でエラー

→ requirements.txt 内のバージョン番号を全て削除して最新版をインストールする。

ImportError: cannot import name 'ugettext_lazy' from 'django.utils.translation'

→from django.utils.translation import ugettext_lazy as _

    ugettext_lazy  --> getttext_lazy

ImportError: Unable to find zbar shared library

dnf install zbar zbar-libs

epelからインストールできない。 --> 保留

DEPRECATION: starkbank-ecdsa is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559

同様に、mod-wsgi-httpd/ mod-wsgi/jaconv/mysqlclient

→requirement.txtの内容をインストールする前にwhellをインストールしておく。

pip3 install wheel 

ImportError: Module "debug_toolbar.panels.profiling" does not define a "ProfilingPanel" attribute/class

【課題】

(1) rsyslogが入っていない。

(2） cronieがはいっていない。

(3） guacamoleでsshログインできない。

            exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'   認証？

(4)      zabbix clientがインストールできない。（openssl のバージョン）

(5)    epelリポジトリが使えない。

(7)    AWS ロードバランサは、pathでバランスされる為、URL ROOTがサーバのROOTと異る。