Posted on

Canonical’s GitHub Account ‘Hacked’ But Ubuntu Repos Are Safe

The GitHub account of Canonical Ltd., the company behind the Ubuntu Linux distribution, was hacked on Saturday, July 6.

The mirror of the hacked Canonical GitHub account shows that the attacker created 11 new GitHub repositories sequentially named CAN_GOT_HAXXD_1. Surprisingly, those repositories were empty.

Canonical has removed the compromised account from the Canonical organisation in GitHub and is still investigating the extent of the breach, but there is no indication at this point that any source code or PII was affected,” it said.

Ubuntu source code is safe so far

While the extent of the breach is still being investigated, the security team said that there is no indication that the source code or PII was affected.

Moreover, the Launchpad infrastructure where the Ubuntu distribution is built and maintained has been disconnected from GitHub. There is also no sign that it has been affected.


Posted on

MySql Master-Slave Replication, and post replication

============================= 
#MASTER: add lines to /etc/mysql/mysql.conf.d/mysqld.cnf
============================= 

##### Master Setting  ######
server-id  =1
log_bin = /var/log/mysql-bin.log
#### Data that need to be replicated ####
binlog-do-db=database_name_1 
binlog-do-db=database_name_2 
binlog-do-db=database_name_3 

Run all this query in MYSQL client:
GRANT REPLICATION SLAVE ON *.* TO 'user'@'%' IDENTIFIED BY 'password'; 
FLUSH PRIVILEGES; 
FLUSH TABLES WITH READ LOCK; 
Here you will need to open new window and use mysqldump to dump the database that need to replicate

UNLOCK TABLES; 
SHOW MASTER STATUS; 
output> file | Position | Binlog_Do_DB 
mysql-bin.000963 | 1570 database_name_1,database_name_2,database_name_3 

============================= 
SLAVE: add lines to my.cnf 
=============================  

# slave setting file in ubuntu 18.04  /etc/mysql/mysql.conf.d/mysqld.cnf
server-id = 2
relay-log =/var/log/mysql/mysql-relay-bin.log
log_bin =/var/log/mysql/mysql-bin.log
#  Database that need to replicated
replicate-do-db=database_name_1 
replicate-do-db=database_name_2 
replicate-do-db=database_name_3 

Run all this query in MySql client on Slave server

 SLAVE STOP; 
CHANGE MASTER TO MASTER_HOST='192.168.0.2',MASTER_USER='user', MASTER_PASSWORD='password', MASTER_LOG_FILE='mysql-bin.000963', MASTER_LOG_POS=98;  
START SLAVE;  
SHOW SLAVE STATUS; 

Addition Info

  1. MASTER – restart the master after adding new database in binlog-do-db 
  2. SLAVE – Check the slave Database’s replication is up to date (SHOW SLAVE STATUS > Seconds_Behind_master). If not wait till it is
  3. MASTER – FLUSH TABLES WITH READ LOCK; To stop new data entering the master
  4. SLAVE – Check replication is fully caught up and no data is replicating (read_master_log_posand exec_master_log_pos should be the same and not changing (in show slave status;))
  5. SLAVE – STOP SLAVE; to stop any data replicating into the database once you unlock the master shortly.
  6. Run MySQLDUMP with --single-transaction option
  7. Once MySQLDUMP has started running unlock the master Database UNLOCK TABLES; In this way your systems can continue reading and writing to the master, hopefully keeping downtime to a minimum

note: . that MySQLDUMP may lock the database schema while it works depending on your system

Once MySQLDUMP has completed, import it into the slave Database

9) check the newly imported new-database looks correct

10) Restart the slave Database, after adding replicate-do-db=database4 to my.cnf file as in above

Once it comes back on, it should continue replicating from where it left off, but including the new database.

Posted on

Fix Google app public key error or GPG error in linux

When executing the apt-get update in ubuntu OS command, You may get the public key Error message. Below we will solve public key error message while updating the google pagespeed .

[email protected]:/$ sudo apt update
 Ign:1 http://dl.google.com/linux/mod-pagespeed/deb stable InRelease
 Get:2 http://dl.google.com/linux/mod-pagespeed/deb stable Release [2154 B]                                     
 Get:3 http://dl.google.com/linux/mod-pagespeed/deb stable Release.gpg [819 B]                                  
 Ign:3 http://dl.google.com/linux/mod-pagespeed/deb stable Release.gpg                                                                      
 Hit:4 http://mirrors.digitalocean.com/ubuntu bionic InRelease                                                                              
 Get:5 http://mirrors.digitalocean.com/ubuntu bionic-updates InRelease [88.7 kB]
 Get:6 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
 Get:7 http://mirrors.digitalocean.com/ubuntu bionic-backports InRelease [74.6 kB]    
 Get:8 http://mirrors.digitalocean.com/ubuntu bionic-updates/main amd64 Packages [658 kB]
 Get:9 http://mirrors.digitalocean.com/ubuntu bionic-updates/universe amd64 Packages [958 kB]
 Reading package lists… Done                           
 W: GPG error: http://dl.google.com/linux/mod-pagespeed/deb stable Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 6494C6D6997C215E
 E: The repository ‘http://dl.google.com/linux/mod-pagespeed/deb stable Release’ is not signed.
 N: Updating from such a repository can’t be done securely, and is therefore disabled by default.
 N: See apt-secure(8) manpage for repository creation and user configuration details.

This type of issue comes when the application public key (or signing keY) do not match with system stored key.

Google signs its packages with GPG keys so that you (and your package manager) can “verify product updates”. When a GPG expires, changes, or is otherwise missing from your system your package manager will display an error, which is precisely what the mono-spaced junk above is.

Just downloading the key and installing like in below command will solve you issue. 

[email protected]:/$ wget -q -O – https://dl.google.com/linux/linux_signing_key.pub | sudo apt-key add –
[email protected]:/$ sudo apt update

 Get:2 http://dl.google.com/linux/mod-pagespeed/deb stable Release [2154 B]                                     
 Get:3 http://dl.google.com/linux/mod-pagespeed/deb stable Release.gpg [819 B]                                  
 Get:4 http://dl.google.com/linux/mod-pagespeed/deb stable/main amd64 Packages [2043 B]                                                     
 Hit:5 http://mirrors.digitalocean.com/ubuntu bionic InRelease                                     
 Hit:6 http://security.ubuntu.com/ubuntu bionic-security InRelease          
 Hit:7 http://mirrors.digitalocean.com/ubuntu bionic-updates InRelease
 Hit:8 http://mirrors.digitalocean.com/ubuntu bionic-backports InRelease
 Fetched 5016 B in 1s (6288 B/s)
 Reading package lists… Done
 Building dependency tree       
 Reading state information… Done

Posted on

DevOps and How different Cloud use IT.

Introduction:

Products are important in combination with people and process, but products alone will not achieve DevOps success.

DevOps is the union of people, process, and products to enable continuous delivery of value to our end users.

Donovan Brown

Successful DevOps software development is dependent on having the right people in place. Having the right people in place is key to having a good DevOps process. Then it’s the process itself.

Everybody has a software development process. Good, bad or different, they have a process. And you use that process on a regular basis to deliver software to your customers. It’s just, how well is that process working for you? if it’s not working as well as you’d like, then the idea is, okay, let’s revamp the process. Let’s make some tweaks to it. Let’s get it to work. And then lastly, there are products. Products are 20% of DevOps.

During the DevOps process, we have to take care from coding (Continuous Integration to delivery of the product. Delivery of product intimately fulfills the client requirement. If we are not delivering value to our end users, then why are we doing it? Why would you want to continue to do something if the end user is not gaining any value from what it is you’re doing? 

DevOps Service Provided in some major Cloud :

Version Control :

AWS CodeCommit is a version control service hosted by Amazon Web Services that you can use to privately store and manage assets (such as documents, source code, and binary files) in the cloud. You have to be register user to use AWS CodeCommit

Azure DevOps : Azure DevOps is Microsoft hosted VCS that provides a full DevOps services. for certain limit. Azure DevOps is free for open source projects and small projects (up to five users)

Cloud Source Repositories is a Google cloud version control that gives unlimited private repositories to organize your code in a way that works best for you.

Build and Test Code :

Aws provide CodeBuild Service, AWS CodeBuild is a fully managed build service that compiles source code, runs tests, and produces software packages that are ready to deploy

Azure pipelines Build, test, and deploy with CI/CD that works with any language, platform, and cloud. Connect to GitHub or any other Git provider and deploy continuously.

Google Cloud Build is used to automatically build and test an image when changes are pushed to Cloud Source Repositories.

Software Release Workflows

Aws provide CodePipeline service to builds, tests, and deploys your code every time there is a code change, based on the release process models you define.

Azure Deploy pipelines is used to download artifacts and deploy to Azure Cloud or external cloud. With deployment group, it provides to feature to deploy to a code on-premise server.