[HOW TO] fix :com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: No operations allowed after connection closed

The last week, when check the logs of Tomcat, I see:

com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: No operations allowed after connection closed

Humn, it looks like the MySQL connection has a problem about connection pooling. Mysql implicitly closed the db connection because the db connection has been inactive too long time ( 34,247,052 milliseconds ).so you prgram fetch a bad connection from connection-pool, and that cause the 'MySQLNonTransientConnectionException: No operations allowed after connection closed'

mysql suggests 'You should consider either expiring and/or testing connection validity before use in your application, increasing the server configured values for client timeouts, or using the Connector/J connection property 'autoReconnect=true' to avoid this problem.'

How to solve it?

In case of me, If you use Mysql, you can set autoReconnect property:

url="jdbc:mysql://localhost:3307/merchant-mc useUnicode=yes&characterEncoding=UTF-8&autoReconnect=true"

Thank you for reading this article, please a comment if you are interested.

Tiến Phan - R0039

Knowledge is Endless

Sharing for Success

Linux Disable Core Dumps

Unknown 3:49 PM HOW TO? No comments

Only software developers legitimately need to access core files and none of my production web server requires a core dump. How do I disable core dumps on Debian / CentOS / RHEL / Fedora Linux to save large amounts of disk space?

A core dump file is the memory image of an executable program when it was terminated by the operating system due to various error behavior.

Reference link: http://www.cyberciti.biz/faq/linux-disable-core-dumps/ Thank .cyberciti.biz :)

Disable Core Dumps

To disable core dumps for all users, open /etc/security/limits.conf, enter:
# vi /etc/security/limits.conf
Make sure the following config directive exists:

* hard core 0

Save and close the file. Once a hard limit is set in /etc/security/limits.conf, the user cannot increase that limit within his own session. Add fs.suid_dumpable = 0 to /etc/sysctl.conf file:

# echo 'fs.suid_dumpable = 0' >> /etc/sysctl.conf
# sysctl -p

This will make sure that core dumps can never be made by setuid programs. Finally, add the following to /etc/profile to set a soft limit to stop the creation of core dump files for all users (which is default and must be disabled):
# echo 'ulimit -S -c 0 > /dev/null 2>&1' >> /etc/profile

Intrusion detection tools on Linux - AIDE

Unknown 3:47 PM HOW TO? No comments

AIDE is an opensource file integrity check tool. It can help you verifying files integrity in an easy way.

1. Install AIDE package on CentOS/RHEL:

# yum install -y aide

2. Check and adjust aide configuration file to fulfill your needs:

# vim /etc/aide.conf

3. Initialize AIDE database - it will scan all the files in folders that were included in the config file and save their hash as well as attributes info

4. You may consider keeping golden copy of AIDE database (default is set to /var/lib/aide/aide.db.gz) is secure and read-only location. It will allow you to compare current system integrity to the golden copy.
To check what changed run:

# aide -C

If you get "Couldn't open file /var/lib/aide/aide.db.gz for reading" error it means you need to move database generated in step 3 to this location:

# mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz

In this article, I am totally follow in his instruction: http://sysadmin-notepad.blogspot.com/2013/07/intrusion-detection-tools-on-linux-aide.html

Thank you :)

Thank you for reading this article, please a comment if you are interested.

Tiến Phan - R0039

Knowledge is Endless

Sharing for Success

[HOW TO] use yum history to roll back an update in CentOS

Unknown 3:39 PM HOW TO? No comments

You just updated OS. Unlucky, some applications has a errors, it can not start properly.

Rollback is the right action that you need. How to roll back an update?

In this article I show you

Environment:

CentOS 6.6
yum

Resolution

Note: Downgrading a system to minor version (ex: RHEL6.1 to RHEL6.0) is not recommended as this might leave the system in broken state where libgcc and other libraries won't rollback as expected. Use the history option for small update rollbacks.

Note: Rollback of selinux-policy-* package to older version is not supported.

If you decide to proceed with rollback, rather then reinstall, here are the instructions:

Red Hat Enterprise Linux 6 includes the yum history module which helps to rollback any updates done with the yum command. With this command, you can choose an update yum issued and remove those selected packages. The following is an example while installing the screen package:

[root@localhost ~]# yum install screen
Loaded plugins: product-id, refresh-packagekit, subscription-manager
Updating Red Hat repositories.
rhel-6-server-rpms                                                                                                                             | 2.4 kB     00:00     
rhel-ha-for-rhel-6-server-rpms                                                                                                                 | 2.4 kB     00:00     
rhel-lb-for-rhel-6-server-rpms                                                                                                                 | 2.0 kB     00:00     
rhel-rs-for-rhel-6-server-rpms                                                                                                                 | 2.4 kB     00:00     
rhel-scalefs-for-rhel-6-server-rpms                                                                                                            |  951 B     00:00     
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package screen.i686 0:4.0.3-16.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

======================================================================================================================================================================
 Package                            Arch                             Version                                     Repository                                      Size
======================================================================================================================================================================
Installing:
 screen                             i686                             4.0.3-16.el6                                rhel-6-server-rpms                             484 k

Transaction Summary
======================================================================================================================================================================
Install       1 Package(s)                                                                                                                                            

Total download size: 484 k                                                                                                                                            
Installed size: 484 k                                                                                                                                                 
Is this ok [y/N]: y                                                                                                                                                   
Downloading Packages:                                                                                                                                                 
screen-4.0.3-16.el6.i686.rpm                                                                                                                   | 484 kB     00:08     
Running rpm_check_debug                                                                                                                                               
Running Transaction Test                                                                                                                                              
Transaction Test Succeeded                                                                                                                                            
Running Transaction
  Installing : screen-4.0.3-16.el6.i686                                                                                                                           1/1 
rhel-6-server-rpms/productid                                                                                                                   | 1.7 kB     00:00     
rhel-ha-for-rhel-6-server-rpms/productid                                                                                                       | 1.7 kB     00:00     
rhel-lb-for-rhel-6-server-rpms/productid                                                                                                       | 1.7 kB     00:00     
rhel-rs-for-rhel-6-server-rpms/productid                                                                                                       | 1.7 kB     00:00     
duration: 319(ms)
Installed products updated.

Installed:
  screen.i686 0:4.0.3-16.el6                                                                                                                                          

Complete!

[root@localhost ~]# yum history
Loaded plugins: product-id, refresh-packagekit, subscription-manager
Updating Red Hat repositories.
ID     | Login user               | Date and time    | Action(s)      | Altered
-------------------------------------------------------------------------------
     8 | root <root>              | 2011-10-03 14:40 | Install        |    1   
     7 | root <root>              | 2011-09-21 04:24 | Install        |    1 ##
     6 | root <root>              | 2011-09-21 04:23 | Install        |    1 ##
     5 | root <root>              | 2011-09-16 13:35 | Install        |    1   
     4 | root <root>              | 2011-09-16 13:33 | Erase          |    1   
     3 | root <root>              | 2011-09-14 14:36 | Install        |    1   
     2 | root <root>              | 2011-09-12 15:48 | I, U           |   80   
     1 | System <unset>           | 2011-09-12 14:57 | Install        | 1025

[root@localhost ~]# yum history undo 8
Loaded plugins: product-id, refresh-packagekit, subscription-manager
Updating Red Hat repositories.
rhel-6-server-rpms                                                                                                                             | 2.4 kB     00:00     
rhel-ha-for-rhel-6-server-rpms                                                                                                                 | 2.4 kB     00:00     
rhel-lb-for-rhel-6-server-rpms                                                                                                                 | 2.0 kB     00:00     
rhel-rs-for-rhel-6-server-rpms                                                                                                                 | 2.4 kB     00:00     
rhel-scalefs-for-rhel-6-server-rpms                                                                                                            |  951 B     00:00     
Undoing transaction 8, from Mon Oct  3 14:40:01 2011
    Install screen-4.0.3-16.el6.i686
Resolving Dependencies
--> Running transaction check
---> Package screen.i686 0:4.0.3-16.el6 will be erased
--> Finished Dependency Resolution

Dependencies Resolved

======================================================================================================================================================================
 Package                            Arch                             Version                                    Repository                                       Size
======================================================================================================================================================================
Removing:
 screen                             i686                             4.0.3-16.el6                               @rhel-6-server-rpms                             783 k

Transaction Summary
======================================================================================================================================================================
Remove        1 Package(s)

Installed size: 783 k
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Erasing    : screen-4.0.3-16.el6.i686                                                                                                                           1/1 
duration: 320(ms)
Installed products updated.

Removed:
  screen.i686 0:4.0.3-16.el6                                                                                                                                          

Complete!

Reference link:

Thank you for reading this article, please a comment if you are interested.

Tiến Phan - R0039

Knowledge is Endless

Sharing for Success

Allow others access to home own directory chroot

Unknown 4:28 PM HOW TO? No comments

On the last week, developer told me that he need to write the data to sftp folder of customer.

Humnnn, break out the chroot?
It comes fast to me. I am using the chroot to jail sftp user, they can not come around others and do anything (limited access to files normally in their own home directory). And now developer want to allow access to this.

Providing convenience to users, while still ensure safety system, I always think about this when making. What is the next step?

Use "setfacl" to grant the permission for developer? Nope! it will break the sftp service.
Add developer user to sftp group? Nope! it also break the sftp service.
What the help? I think about "mount", googled, "mount --bind" . Ok, choose it.

Ok, let do it. But sftp service has broken. What happened? Open chat box & chat to HE, HE told me that the "mount --bind" is right!

Re-thinking, it seems to be that I have a issues with sftp permission. Right! I do again.

mount --bind /home/A/ /home/B/

notice:
/home/A :sftp user
/home/B: developer

After this the developer will be able to write the data into sftp chroot, sftp user will be albe to see the needed files in his home directory and use them.

What happened if the server has rebooted? the mount --bind will break?
Yes, thus you need to make add the mount command in startup script or you can just include as below (/etc/fstab)

/home/A/ /home/B/ none bind 0 0

Thank you for reading this article, please a comment if you are interested.

Tiến Phan - R0039

Knowledge is Endless

Sharing for Success

...

I'm Tien. I love to write, share my knowledge, help others and also learn from others as I believe everyone has something which can be learned. You can reach me at 4flancake at gmail dot com

[HOW TO] fix :com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: No operations allowed after connection closed

Linux Disable Core Dumps

Disable Core Dumps

Intrusion detection tools on Linux - AIDE

[HOW TO] use yum history to roll back an update in CentOS

Allow others access to home own directory chroot

Pages

Contact Me

Popular Posts

Categories

Blog Archive