NIDB Operating System Administration

This guide provides some information about the administration of the NIDB system, including required software package installation and configuration. Most of the commands are only tested on CentOS 6.3, but they should work on any RedHat derivative including ScientificLinux. Leave a comment on how you did it if you are able to do these configurations on a different distribution.

Required Software

Setting up the RPMForge respository

Many rpm packages are available through RPMForge. Use the following commands to setup yum to check this repository for software. You may also want to change the release number to the latest from http://dag.wieers.com

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*
rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
rpm -ivh rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

OS level packages

The following can be installed with yum, rpm, or apt-get, depending on your system

  • vnc*
  • perl
  • perl-YAML
  • cpan
  • php
  • httpd
  • mysql
  • mysql-server
  • ImageMagick (6.7.9+)
  • gcc
  • gcc-c++
  • java
  • fftw*
  • vorbil-tools
  • theora-tools
  • ffmpeg

Perl modules

The following can be installed using cpan <modulename>

  • File::Copy
  • File::Find
  • File::Path
  • List::Util
  • Date::Parse
  • Image::ExifTool
  • File::Copy::Recursive
  • Sort::Naturally
  • Net::SMTP::TLS
  • Data::Dumper
  • Math::Round
  • Math::Derivative
  • Math::MatrixReal
  • Math::Combinatorics

PHP modules

The following can be installed with yum

  • php-gd
  • php-process

System services

Disabling selinux

Security Enhanced Linux (SELinux) is a subsystem that makes Linux more secure… but it also makes it very hard to make the system into a server. We disable it by default because it prevents the website and vnc from working.

Disable it at the command line using

setenforce 0

Disable it permanently by editing /etc/selinux/config and change the line SELINUX=enabled to SELINUX=disabled

Enabling httpd and mysql

The following commands start the httpd and mysqld services

service httpd start
service mysqld start

The following commands permanently start the services at boot

chkconfig httpd on
chkconfig mysqld on

Firewall

Use the following commands to permanently disable the firewall, accept for forwarding port 104 to 8104. dcmrcv listens on port 8104, so traffic must be forwarded from the default DICOM receiver port of 104.

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -A FORWARD -p tcp --destination-port 104 -j ACCEPT
iptables -t nat -A PREROUTING -j REDIRECT -p tcp --destination-port 104 --to-port 8104
iptables-save > /etc/sysconfig/iptables

Adding the nidb account to the sudoers file

If you want the nidb Linux user to be able to sudo without a password, use the following commands. The first line adds the user and last line changes the password, neither line is necessary if you’ve already created an nidb account.

useradd -m -s /bin/bash nidb
chmod 777 /etc/sudoers
echo "nidb ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
chmod 440 /etc/sudoers
passwd nidb

Other Software

Webmin

Webmin is a web-based system administration tool. It is not necessary to run NIDB, but it is very helpful if you need to configure some part of the Linux system. Install it using the following commands (change the webmin version to the latest)

wget http://prdownloads.sourceforge.net/webadmin/webmin-1.590-1.noarch.rpm
rpm -U webmin-1.590-1.noarch.rpm

phpMyAdmin

phpMyAdmin is also not necessary, but is very useful for administration of the database. Use the following commands to install phpMyAdmin in /var/www/html

wget http://downloads.sourceforge.net/project/phpmyadmin/phpMyAdmin/3.5.2/phpMyAdmin-3.5.2-english.zip
unzip phpMyAdmin-3.5.2-english.zip
mv phpMyAdmin-3.5.2-english /var/www/html/phpMyAdmin
chmod 777 /var/www/html
chown -R nidb:nidb /var/www/html
sed '$ i $cfg[''McryptDisableWarning''] = TRUE;' /var/www/html/phpMyAdmin/config.sample.inc.php;
sed '$ i $cfg[''LoginCookieValidity''] = 28800;' /var/www/html/phpMyAdmin/config.sample.inc.php;
cp /var/www/html/phpMyAdmin/config.sample.inc.php /var/www/html/phpMyAdmin/config.inc.php
chmod 755 /var/www/html/phpMyAdmin/config.inc.php

You should then be able to access phpMyAdmin by going to http://<servername>/phpMyAdmin

PHP Configuration

You can use webmin to change these settings or change them by editing /etc/php.ini

PHP timezone: your timezone
Error types: E_ALL & ~E_DEPRECATED & ~E_NOTICE
short_open_tag = On
session.gc_maxlifetime = 28800
memory_limit = 1000M
upload_tmp_dir = /nidb/uploadtmp
upload_max_filesize = 1000M
max_input_time = 360
max_execution_time = 360
post_max_size = 1000M
display_errors = On

Cron jobs

All cron jobs are run under the nidb account

Cron jobs
Command frequency frequency code
cd /nidb/programs; perl parsedicom.pl > /dev/null 2>&1 every 1 minute * * * * *
cd ${NIDBROOT}/programs; perl parseincoming.pl > /dev/null 2>&1 every 1 minute * * * * *
FSLDIR=/usr/local/fsl; PATH=\${FSLDIR}/bin:\${PATH}; . \${FSLDIR}/etc/fslconf/fsl.sh; export FSLDIR PATH; cd /nidb/programs; perl mriqa.pl > /dev/null 2>&1 every 1 minute * * * * *
cd /nidb/programs; perl datarequests.pl > /dev/null 2>&1 every 1 minute * * * * *
cd /nidb/programs; perl dailyreport.pl > /dev/null 2>&1 daily at midnight @daily
FSLDIR=/usr/local/fsl; PATH=\${FSLDIR}/bin:\${PATH}; . \${FSLDIR}/etc/fslconf/fsl.sh; export FSLDIR PATH; cd /nidb/programs; perl mristudyqa.pl > /dev/null 2>&1 every 5 minutes 0,5,10,15,20,25,30,35,40,45,50,55 * * * *
/usr/bin/mysqldump nidb -u root -ppassword | gzip > /nidb/backup/db-\`date +%Y-%m-%d\`.sql.gz daily at midnight @daily

Linux System Maintenance

You are welcome to maintain your Linux system using vi and the terminal, or whatever methods you are comfortable with. We chose Webmin to make administration a little easier. You can do any administrative task with Webmin, including managing cron jobs, PHP, Perl configuration, NFS mounts, user accounts, and install software packages. Go to http://localhost:1000 to access it.

MySQL Database Maintenance

We provide phpMyAdmin to make database administration a little easier. With phpMyAdmin you can manage users, check table size, repair tables, manage replication and backups. Go to http://localhost/phpMyAdmin to access it.

Leave a Reply

Your email address will not be published. Required fields are marked *

*


× 4 = twenty eight

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>