Posts tagged centos
Proceed at your own risk. You should have good reasons to use a server distribution with the most recent kernel in production.
To keep this sweet and short, do as root:
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm yum --enablerepo=elrepo-kernel install -y kernel-ml
The downloading part might take a while.
Afterwards update grub:
grub2-mkconfig -i /boot/grub2/grub.cfg grub2-install
Good Luck. Regression errors may lurk out there, waiting for you.
From somewhere on the internet I found this handy gist, which got some improvements:
## Configure eth0 # # vi /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE="eth0" NAME="eth0" TYPE=Ethernet ONBOOT=yes HWADDR=A4:BA:DB:37:F1:04 IPADDR=192.168.1.44 PREFIX=24 BOOTPROTO=static UUID=5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ## Configure Default Gateway # # vi /etc/sysconfig/network NETWORKING=yes HOSTNAME=centos6 GATEWAY=192.168.1.1 ## Restart Network Interface (as root) # ### DONT! /etc/init.d/network restart ### DO! ifdown eth0; ifup eth0 ## Configure DNS Server # # vi /etc/resolv.conf nameserver 126.96.36.199 # Replace with your nameserver ip nameserver 192.168.1.1 # Replace with your nameserver ip
This may be expanded later on, this is just a quick post.
Having had a system landscape with some webservers, basically a apache-apache-tomcat and apache-apache-jboss setup, where the Umlauts were bugged. Or websites did now work at all.
Oh my. That is all what you usually think about such things.
To complicate matters further, there was a CMS deployed, generating the .jsp's that were later to be served through the app servers.
vim /etc/sysconfig/i18n . /etc/sysconfig/i18n # same as: source /etc/sysconfig/i18n
To show all successful login attempts on a debian-based system:
cat /var/log/secure | grep 'sshd.*opened'
Same for RHEL:
cat /var/log/auth.log | grep 'sshd.*opened'
cat /var/log/auth.log | grep 'sshd.*Invalid'
cat /var/log/secure | grep 'sshd.*Invalid'
When using fail2ban, installing it via yum is easy.
Sad part is, even though the install is done, it won't be of much help.
This is due to the regular expressions defined in
/etc/fail2ban/filter.d/sshd.conf, which will not match current entries in
Testing this is rather easy:
fail2ban-regex /var/log/secure /etc/fail2ban/filter.d/sshd.conf
The output should look like this:
Running tests ============= Use failregex file : /etc/fail2ban/filter.d/sshd.conf Use log file : /var/log/secure Results ======= Failregex: 16972 total |- #) [# of hits] regular expression | 13)  ^.*authentication failure[s]?; logname=.* uid=.* euid=.* tty=.* ruser=.* rhost=<HOST> user=.*\s*$ `- Ignoreregex: 0 total Date template hits: |- [# of hits] date format |  MONTH Day Hour:Minute:Second `- Lines: 36248 lines, 0 ignored, 16972 matched, 19276 missed Missed line(s): too many to print. Use --print-all-missed to print all 19276 lines
If there are no 'matched' entries, the regex is likely to fail.
Instead of passing the filterfile as second arguement, matching strings as regexes also works. For furter info google the fail2ban manual.
Adding this fixed the issue for me:
^.*authentication failure[s]?; logname=.* uid=.* euid=.* tty=.* ruser=.* rhost=<HOST> user=.*\s*$
iptables -L -vnx will show that the Chain
fail2ban-SSH gets populated rather fast.
If you happen to run into troubles while running wine, such as it is telling you 'malformed EXE' or something, don't bother troubleshooting it.
sudo wget -O /etc/yum.repos.d/playonlinux.repo http://rpm.playonlinux.com/playonlinux.repo sudo yum install -y playonlinux
playonlinux, forget about the 32bit openGL error message.
Set up your wine (32 or 64 bit, depending on what you need) under
Manage Wine Version, open a console and just run the .exe you need.
If you are missing
nslookup on CentOS:
yum install -y bind-utils
Here is a short linklist, because Oracle's documentation is the best I have seen so far.
Why is this fine for RedHat stuff?
RHEL / RedHat Enterprise Linux is the 'original' distribution from redhat. Fedora is the 'testing distribution' from the company redhat. Difference between Fedora and RHEL are the lifetimes (support, EOL, update frequencies, up-to-date packages), RHEL is focused on stability. redhat's sources for it's distributions are open to the public. CentOS, Oracle Linux and Scientific Linux are created from the redhat sources, but basically without all the RedHat logos.
Thus, the documentation of the one is sufficient for the other distributions.
Either use the binary install method, or build from source. Depends just on your preference. See here what is available. Building from source is described in the following.
Prerequisites are git, for getting the source code. Plus a working Common Lisp install for bootstrapping. (Can be SBCL or another one.) Maybe also gcc. (Writing this solely from memory.)
yum install sbcl -y yum install git -y
If there are other libraries missing, use yum search
git clone git://git.code.sf.net/p/sbcl/sbcl cd sbcl # depending on the common lisp implementation you are using, use just the right ONE of the following: #SBCL sh make.sh #CMUCL sh make.sh "lisp -batch" #OpenMCL sh make.sh "openmcl --batch" #CLISP sh make.sh "clisp" # after compilation, just install sh install.sh
Important: It is highly recommended that you run the make.sh script in either a very fast terminal such as xterm (the GNOME terminal and the OS X terminal are too slow) or that you run it in a detached GNU screen session (use C-a d to detach the session and screen -r to resume it). The SBCL compile produces lots of output and your system's terminal program will likely slow down the compile in a drastic manner. (See here at page bottom.)
The compiled binary can be found user /usr/local/bin. Add it to your path, if that is not already the case. Check your installation afterwards:
curl -O http://beta.quicklisp.org/quicklisp.lisp sbcl --load quicklisp.lisp
At the sbcl prompt enter the following to install and autoload quicklisp:
;; For finding libraries: (ql:system-apropos "<searchterm>") ;; For installing libraries: (ql:quickload "<lib name>")
That should be about it, twitter me if something here is off. I am a LISP noob.
View posts from 2017-02, 2017-01, 2016-12, 2016-11, 2016-10, 2016-09, 2016-08, 2016-07, 2016-06, 2016-05, 2016-04, 2016-03, 2016-02, 2016-01, 2015-12, 2015-11, 2015-10, 2015-09, 2015-08, 2015-07, 2015-06, 2015-05, 2015-04, 2015-03, 2015-02, 2015-01, 2014-12, 2014-11, 2014-10, 2014-09, 2014-08, 2014-07, 2014-06, 2014-05, 2014-04, 2014-03, 2014-01, 2013-12, 2013-11, 2013-10