Posts tagged centos

Linux: install most recent kernel on CentOS 7
posted on 2015-06-15 21:25:04

Proceed at your own risk. You should have good reasons to use a server distribution with the most recent kernel in production.

To keep this sweet and short, do as root:

rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
yum --enablerepo=elrepo-kernel install -y kernel-ml 

The downloading part might take a while.

Afterwards update grub:

grub2-mkconfig -i /boot/grub2/grub.cfg
grub2-install

Good Luck. Regression errors may lurk out there, waiting for you.

RHEL: configure static ip
posted on 2015-03-24 01:13:02

From somewhere on the internet I found this handy gist, which got some improvements:

## Configure eth0
#
# vi /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE="eth0"
NAME="eth0"
TYPE=Ethernet
ONBOOT=yes
HWADDR=A4:BA:DB:37:F1:04
IPADDR=192.168.1.44
PREFIX=24
BOOTPROTO=static
UUID=5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03


## Configure Default Gateway
#
# vi /etc/sysconfig/network

NETWORKING=yes
HOSTNAME=centos6
GATEWAY=192.168.1.1


## Restart Network Interface (as root)
#
### DONT!
/etc/init.d/network restart
### DO!
ifdown eth0; ifup eth0

## Configure DNS Server
#
# vi /etc/resolv.conf

nameserver 8.8.8.8 # Replace with your nameserver ip
nameserver 192.168.1.1 # Replace with your nameserver ip 

This may be expanded later on, this is just a quick post.

RHEL: debugging locale settings
posted on 2015-03-23 14:07:36

Having had a system landscape with some webservers, basically a apache-apache-tomcat and apache-apache-jboss setup, where the Umlauts were bugged. Or websites did now work at all.

Oh my. That is all what you usually think about such things.

To complicate matters further, there was a CMS deployed, generating the .jsp's that were later to be served through the app servers.

vim /etc/sysconfig/i18n . /etc/sysconfig/i18n # same as: source /etc/sysconfig/i18n

check locale:

locale

sshd: show ssh logins and fails
posted on 2015-03-05 11:13:00

successes

To show all successful login attempts on a debian-based system:

cat /var/log/secure | grep 'sshd.*opened'

Same for RHEL:

cat /var/log/auth.log | grep 'sshd.*opened'

fails

Debian's:

cat /var/log/auth.log | grep 'sshd.*Invalid'

RHEL's:

cat /var/log/secure | grep 'sshd.*Invalid'
RHEL 6 Fail2Ban fix
posted on 2015-02-04 17:51:22

When using fail2ban, installing it via yum is easy.

Sad part is, even though the install is done, it won't be of much help. This is due to the regular expressions defined in /etc/fail2ban/filter.d/sshd.conf, which will not match current entries in /var/log/secure/.

test

Testing this is rather easy:

fail2ban-regex /var/log/secure /etc/fail2ban/filter.d/sshd.conf

The output should look like this:

Running tests
=============

Use   failregex file : /etc/fail2ban/filter.d/sshd.conf
Use         log file : /var/log/secure


Results
=======

Failregex: 16972 total
|-  #) [# of hits] regular expression
|  13) [16972] ^.*authentication failure[s]?; logname=.* uid=.* euid=.* tty=.* ruser=.* rhost=<HOST>  user=.*\s*$
`-

Ignoreregex: 0 total

Date template hits:
|- [# of hits] date format
|  [36248] MONTH Day Hour:Minute:Second
`-

Lines: 36248 lines, 0 ignored, 16972 matched, 19276 missed
Missed line(s): too many to print.  Use --print-all-missed to print all 19276 lines

If there are no 'matched' entries, the regex is likely to fail.

Instead of passing the filterfile as second arguement, matching strings as regexes also works. For furter info google the fail2ban manual.

fix

Adding this fixed the issue for me:

^.*authentication failure[s]?; logname=.* uid=.* euid=.* tty=.* ruser=.* rhost=<HOST>  user=.*\s*$

Afterwards issueing iptables -L -vnx will show that the Chain fail2ban-SSH gets populated rather fast.

Wine on CentOS 7
posted on 2015-02-01 00:37:41

If you happen to run into troubles while running wine, such as it is telling you 'malformed EXE' or something, don't bother troubleshooting it. Just install playonlinux:

sudo wget -O /etc/yum.repos.d/playonlinux.repo http://rpm.playonlinux.com/playonlinux.repo
sudo yum install -y playonlinux

Afterwards run playonlinux, forget about the 32bit openGL error message. Set up your wine (32 or 64 bit, depending on what you need) under Tools >> Manage Wine Version, open a console and just run the .exe you need.

CentOS: dig? nslookup?
posted on 2015-01-22 01:28:44

If you are missing dig or host or nslookup on CentOS:

yum install -y bind-utils
RedHat Networking Docs (Oracle Linux)
posted on 2014-10-01 12:22:53

Here is a short linklist, because Oracle's documentation is the best I have seen so far.

Oracle Linux Administrator's Guide for Release 6

Part II Networking and Network Services

Chapter 11 Network Configuration

Why is this fine for RedHat stuff?

RHEL / RedHat Enterprise Linux is the 'original' distribution from redhat. Fedora is the 'testing distribution' from the company redhat. Difference between Fedora and RHEL are the lifetimes (support, EOL, update frequencies, up-to-date packages), RHEL is focused on stability. redhat's sources for it's distributions are open to the public. CentOS, Oracle Linux and Scientific Linux are created from the redhat sources, but basically without all the RedHat logos.

Thus, the documentation of the one is sufficient for the other distributions.

Installing Steel Bank Common Lisp and Quicklisp on CentOS 6
posted on 2013-10-13 14:11:09

For getting this blog up and running, a standard compliant LISP installation was needed. SBCL was chosen. Further QuickLisp is needed.

Either use the binary install method, or build from source. Depends just on your preference. See here what is available. Building from source is described in the following.

Prerequisites are git, for getting the source code. Plus a working Common Lisp install for bootstrapping. (Can be SBCL or another one.) Maybe also gcc. (Writing this solely from memory.)

yum install sbcl -y
yum install git -y

If there are other libraries missing, use yum search for determining the package name. Afterwards yum install , in case you are wondering how to fix things.

git clone git://git.code.sf.net/p/sbcl/sbcl
cd sbcl

# depending on the common lisp implementation you are using, use just the right ONE of the following:
#SBCL
sh make.sh
#CMUCL
sh make.sh "lisp -batch"
#OpenMCL
sh make.sh "openmcl --batch"
#CLISP
sh make.sh "clisp"

# after compilation, just install
sh install.sh

Important: It is highly recommended that you run the make.sh script in either a very fast terminal such as xterm (the GNOME terminal and the OS X terminal are too slow) or that you run it in a detached GNU screen session (use C-a d to detach the session and screen -r to resume it). The SBCL compile produces lots of output and your system's terminal program will likely slow down the compile in a drastic manner. (See here at page bottom.)

The compiled binary can be found user /usr/local/bin. Add it to your path, if that is not already the case. Check your installation afterwards:

sbcl --version

Quicklisp installation:

curl -O http://beta.quicklisp.org/quicklisp.lisp
sbcl --load quicklisp.lisp

At the sbcl prompt enter the following to install and autoload quicklisp:

(quicklisp-quickstart:install)
(ql:add-to-init-file)

Quicklisp usage:

;; For finding libraries:
(ql:system-apropos "<searchterm>")
;; For installing libraries:
(ql:quickload "<lib name>")

That should be about it, twitter me if something here is off. I am a LISP noob.

This blog covers .csv, .htaccess, .pfx, .vmx, /etc/crypttab, /etc/network/interfaces, /etc/sudoers, /proc, 10.04, 14.04, AS, ASA, ControlPanel, DS1054Z, GPT, HWR, Hyper-V, IPSEC, KVM, LSI, LVM, LXC, MBR, MTU, MegaCli, PHP, PKI, R, RAID, S.M.A.R.T., SNMP, SSD, SSL, TLS, TRIM, VEEAM, VMware, VServer, VirtualBox, Virtuozzo, XenServer, acpi, adaptec, algorithm, ansible, apache, apachebench, apple, arcconf, arch, architecture, areca, arping, asa, asdm, awk, backup, bandit, bar, bash, benchmarking, binding, bitrate, blackarmor, blowfish, bochs, bond, bonding, booknotes, bootable, bsd, btrfs, buffer, c-states, cache, caching, ccl, centos, certificate, certtool, cgdisk, cheatsheet, chrome, chroot, cisco, clamav, cli, clp, clush, cluster, coleslaw, colorscheme, common lisp, console, container, containers, controller, cron, cryptsetup, csync2, cu, cups, cygwin, d-states, database, date, db2, dcfldd, dcim, dd, debian, debug, debugger, debugging, decimal, desktop, df, dhclient, dhcp, diff, dig, display manager, dm-crypt, dmesg, dmidecode, dns, docker, dos, drivers, dtrace, dtrace4linux, du, dynamictracing, e2fsck, eBPF, ebook, efi, egrep, emacs, encoding, env, error, ess, esx, esxcli, esxi, ethtool, evil, expect, exportfs, factory reset, factory_reset, factoryreset, fail2ban, fbsd, fedora, file, filesystem, find, fio, firewall, firmware, fish, flashrom, forensics, free, freebsd, freedos, fritzbox, fsck, fstrim, ftp, ftps, g-states, gentoo, ghostscript, git, git-filter-branch, github, gitolite, gnutls, gradle, grep, grml, grub, grub2, guacamole, hardware, haskell, hdd, hdparm, hellowor, hex, hexdump, history, howto, htop, htpasswd, http, httpd, https, i3, icmp, ifenslave, iftop, iis, imagemagick, imap, imaps, init, innoDB, inodes, intel, ioncube, ios, iostat, ip, iperf, iphone, ipmi, ipmitool, iproute2, ipsec, iptables, ipv6, irc, irssi, iw, iwconfig, iwlist, iwlwifi, jailbreak, jails, java, javascript, javaws, js, juniper, junit, kali, kde, kemp, kernel, keyremap, kill, kpartx, krypton, lacp, lamp, languages, ldap, ldapsearch, less, leviathan, liero, lightning, links, linux, linuxin3months, lisp, list, livedisk, lmctfy, loadbalancing, locale, log, logrotate, looback, loopback, losetup, lsblk, lsi, lsof, lsusb, lsyncd, luks, lvextend, lvm, lvm2, lvreduce, lxc, lxde, macbook, macro, magento, mailclient, mailing, mailq, manpages, markdown, mbr, mdadm, megacli, micro sd, microsoft, minicom, mkfs, mktemp, mod_pagespeed, mod_proxy, modbus, modprobe, mount, mouse, movement, mpstat, multitasking, myISAM, mysql, mysql 5.7, mysql workbench, mysqlcheck, mysqldump, nagios, nas, nat, nc, netfilter, networking, nfs, nginx, nmap, nocaps, nodejs, numberingsystem, numbers, od, onyx, opcode-cache, openVZ, openlierox, openssl, openvpn, openvswitch, openwrt, oracle linux, org-mode, os, oscilloscope, overview, parallel, parameter expansion, parted, partitioning, passwd, patch, pdf, performance, pfsense, php, php7, phpmyadmin, pi, pidgin, pidstat, pins, pkill, plesk, plugin, posix, postfix, postfixadmin, postgres, postgresql, poudriere, powershell, preview, profiling, prompt, proxmox, ps, puppet, pv, pvecm, pvresize, python, qemu, qemu-img, qm, qmrestore, quicklisp, r, racktables, raid, raspberry pi, raspberrypi, raspbian, rbpi, rdp, redhat, redirect, registry, requirements, resize2fs, rewrite, rewrites, rhel, rigol, roccat, routing, rs0485, rs232, rsync, s-states, s_client, samba, sar, sata, sbcl, scite, scp, screen, scripting, seafile, seagate, security, sed, serial, serial port, setup, sftp, sg300, shell, shopware, shortcuts, showmount, signals, slattach, slip, slow-query-log, smbclient, snmpget, snmpwalk, software RAID, software raid, softwareraid, sophos, spacemacs, spam, specification, speedport, spi, sqlite, squid, ssd, ssh, ssh-add, sshd, ssl, stats, storage, strace, stronswan, su, submodules, subzone, sudo, sudoers, sup, swaks, swap, switch, switching, synaptics, synergy, sysfs, systemd, systemtap, tar, tcpdump, tcsh, tee, telnet, terminal, terminator, testdisk, testing, throughput, tmux, todo, tomcat, top, tput, trafficshaping, ttl, tuning, tunnel, tunneling, typo3, uboot, ubuntu, ubuntu 16.04, udev, uefi, ulimit, uname, unetbootin, unit testing, upstart, uptime, usb, usbstick, utf8, utm, utm 220, ux305, vcs, vgchange, vim, vimdiff, virtualbox, virtualization, visual studio code, vlan, vmstat, vmware, vnc, vncviewer, voltage, vpn, vsphere, vzdump, w, w701, wakeonlan, wargames, web, webdav, weechat, wget, whois, wicd, wifi, windowmanager, windows, wine, wireshark, wpa, wpa_passphrase, wpa_supplicant, x2x, xfce, xfreerdp, xmodem, xterm, xxd, yum, zones, zsh

View posts from 2017-02, 2017-01, 2016-12, 2016-11, 2016-10, 2016-09, 2016-08, 2016-07, 2016-06, 2016-05, 2016-04, 2016-03, 2016-02, 2016-01, 2015-12, 2015-11, 2015-10, 2015-09, 2015-08, 2015-07, 2015-06, 2015-05, 2015-04, 2015-03, 2015-02, 2015-01, 2014-12, 2014-11, 2014-10, 2014-09, 2014-08, 2014-07, 2014-06, 2014-05, 2014-04, 2014-03, 2014-01, 2013-12, 2013-11, 2013-10


Unless otherwise credited all material Creative Commons License by sjas