DEBIAN 8 – How to install MySQL server 5.6 or 5.7

I recently had to upgrade MySQL to 5.6 but found that Debian provides MySQL server 5.5 with both Jessie (v8) but the latest GA releases are 5.6 and 5.7 with some enhancements and added features, including support for InnoDB Full-text search.

So to install the latest version on Debian do this:

1. Download the MySQL APT repository config tool (you can see more details here: http://dev.mysql.com/downloads/repo/apt/)

wget http://dev.mysql.com/get/mysql-apt-config_0.7.3-1_all.deb

2. Install the MySQL APT repository config tool

dpkg -i mysql-apt-config_0.7.3-1_all.deb

3. If you get an invalid key error run:
sudo apt-key adv --keyserver pgp.mit.edu --recv-keys A4A9406876FCBD3C456770C88C718D3B5072E1F5

You will be asked to select product and version that you want to install. In the first step, select Server and next select either mysql-5.6 or mysql-5.7. Then click Apply.

3. Update APT

apt-get update

4. Install the server

apt-get install mysql-community-server

Job done.

LINUX – IP aliasing

To quote mighty Wikipedia: “IP aliasing is associating more than one IP address to a network interface. With this, one node on a network can have multiple connections to a network, each serving a different purpose”

Debian, Ubuntu

To perform IP aliasing in Debian based system (assuming you’re using eth0), edit /etc/network/interfaces as follows:

auto eth0:1
iface eth0:1 inet static
address 10.0.0.10
netmask 255.255.255.0
network 10.0.0.0
broadcast 10.0.0.255
gateway 10.0.0.1

auto eth0:2
iface eth0:2 inet static
address 10.0.0.11
netmask 255.255.255.0
network 10.0.0.0
broadcast 10.0.0.255
gateway 10.0.0.1

In the above example we create two virtual NICs out of eth0: eth0:1 10.0.0.10) and eth0:2 (10.0.0.11).

CentOS, RHEL, Fedora and similar

In CentOS, rename /etc/sysconfig/network-scripts/ifcfg-enp0s3 as ifcfg-enp0s3:1 and make a copy as ifcfg-enp0s3:2, and then just change the following lines, respectively:

DEVICE="enp0s3:1"
IPADDR=10.0.0.10

and

DEVICE="enp0s3:2"
IPADDR=10.0.0.11

Once done, restart the network service:

systemctl restart networking

Install LibreOffice 5.0 in Linux Mint via PPA

To be able to update LibreOffice to version 5.0 via PPA, you need to create a file called “libreoffice-libreoffice-5-0.pref” under /etc/apt/preferences.d/ – to do this automatically, use the following command:

nano /etc/apt/preferences.d/libreoffice-libreoffice-5-0.pref

and in this file, paste this:

Package: *
Pin: release o=LP-PPA-libreoffice-libreoffice-5-0
Pin-Priority: 701

than

sudo add-apt-repository ppa:libreoffice/libreoffice-5-0
sudo apt-get update
sudo apt-get dist-upgrade

Lastly start Mint Software Manager and install LibreOffice

Debian – setting up iptables

Iptables is installed by default on many modern linux distros.

A good starting point is to list the current rules that are configured for iptables. It is done with the -L flag:

sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

 

Setting it up

I am going to start with the rule that explicitly accepts current SSH connection:

sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

then I will allow SSH

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

 

meaning of the options:

-A INPUT: The -A flag appends a rule to the end of a chain. This is the portion of the command that tells iptables that we wish to add a new rule, that we want that rule added to the end of the chain, and that the chain we want to operate on is the INPUT chain

-p tcp: This option matches packets if the protocol being used is TCP. This is a connection-based protocol that will be used by most applications because it allows for reliable communication.

–dport: This option is available if the -p tcp flag is given. It gives a further requirement of matching the destination port for the matching packet. The first rule matches for TCP packets destined for port 22, while the second rule matches TCP traffic pointed towards port 80.

-j ACCEPT: This specifies the target of matching packets. Here, we tell iptables that packets that match the preceding criteria should be accepted and allowed through.

 

There is one more accept rule that we need to ensure that our server can function correctly. Often, services on the computer communicate with each other by sending network packets to each other. They do this by utilizing a pseudo network interface called the loopback device, which directs traffic back to itself rather than to other computers:

sudo iptables -I INPUT 1 -i lo -j ACCEPT

-I INPUT 1: The -I flag tells iptables to insert a rule. This is different than the -A flag which appends a rule to the end. The -I flag takes a chain and the rule position where you want to insert the new rule.

To see my current rules, I use the -S flag. This is because the -L flag doesn’t include some information, like the interface that a rule is tied to:
sudo iptables -S

-P INPUT ACCEPT
 -P FORWARD ACCEPT
 -P OUTPUT ACCEPT
 -A INPUT -i lo -j ACCEPT
 -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT

With my current setup the firewall isn’t actually blocking anything so one last thing to implement is the Drop Rule:
sudo iptables -P INPUT DROP

This will catch any packets that fall through our INPUT chain, and drop them. This is what we call a default drop policy.

In case I need to add more rules:

iptables -L --line-numbers

that will give you output listing line numbers – so if for example I have 20 existing rules and I want to add this rule at the end I would type:

iptables -I INPUT 21 ...........

for example:

iptables -I INPUT 21 -p tcp -m tcp --dport 25 -j ACCEPT

Saving it all

 

To keep the config we need to save it. First install the bits we will need:

apt-get install iptables-persistent

that will install and setup iptables-persistent service

the iptables config will be saved to:

/etc/iptables/rules.v4

the command to save the config is:

iptables-save > /etc/iptables/rules.v4

 

Job Done

Debian Package Installation Notes

apt-get

You can run a simulation to see what would happen if you upgrade/install a package:

apt-get -s install

To see all possible upgrades, run a upgrade in verbose mode and (to be safe) with simulation, press n to cancel:

apt-get -V -s upgrade

apt-cache

The option policy can show the installed and the remote version (install candidate) of a package.

apt-cache policy

aptitude

The console GUI of aptitude can display upgradeable packages with new versions. Open the menu ‘Upgradable Packages’. Pressing v on a package will show more detailed version information.

Or on the command-line:

aptitude versions

Passing -V will show detailed information about versions, again to be safe with the simulation switch:

aptitude -V -s install

Substituting install with upgrade will show the versions from all upgradeable packages.

Another option, if you don’t know the full name of the package, is formatting aptitude’s search output:

aptitude search -F "%c %p %d %V"

%c = status (package installed or not)
%p = package’s name
%d = package’s description
%V = available package’s version

Another way using dpkg and grep:

dpkg -s | grep Version