Skip to content

Recent Articles

24
Dec

Disable Services in Linux

Disable Telnet

In older Linux distributions the telnet system is enabled by default. Ftp, rlogin and telnet are vulnerable to eavesdropping that’s why it is recommended to use the secure versions. (sftp,scp, ssh). If you want for any reason to use the telnet terminal you should at least hide the banner information although it is not recommended to use telnet at all.

How To:

Login to your machine as root user, and edit the file,

vi /etc/xinetd.d/telnet

Change the following line

Look for the line: disable = no and replace with disable = yes

To reflect the changes restart the inetd service,

 /etc/rc.d/init.d/xinetd restart

To turnoff the telnet service permenently use the chkconfig command

/sbin/chkconfig telnet off

Scan your machine to make sure that the telnet is disabled and no service is running on port:23 completely,

nmap -sT -O localhost
20
Dec

rpm basics

The RedHat Package Manager (RPM) is a popular package management system. Using RPM it’s easier to install, uninstall, and upgrade software packages. Apart from that, it’s possible to query a package for details and also can verify the integrity of installed packages.

Mainly there are two types of RPM packages

 1) Binary packages
 2) source packages

Binary package has been compiled for a particular architecture and is ready for installation, whereas source package contains source files to build a binary package.
Here am giving some examples for RPM installing, uninstalling, upgrading, querying, and verifying software packages.

Naming Convention used in RPM

Consider the Apache RPM package –> httpd-2.0.53-3.3.i386.rpm

  name--version--release--arch--.rpm

httpd –> name of the software
2.0.53 –> software version (that of the original software source)
3.3 –> package release number
i386 –> architecture (like 32 or 64 bit)

Corresponding source package is httpd-2.0.53-3.3.src.rpm (note ’src’ in the name).

RPM Instalaltion


To install a package, we mainly use the “-ivh” option

$ rpm -ivh httpd-2.0.53-3.3.i386.rpm

Preparing… ########################################### [100%]
1:httpd ########################################### [100%]

Flags used are;

-v flag can be used to introduce some verbosity,
-h flag displays hash marked progress of the installation.
-i installing

RPM Installation over Network

$ rpm -ivh ftp:////package.rpm

$ rpm -ivh http:////package.rpm

Uninstalling RPM
To Uninstall an RPM, Use the -e option

$ rpm -e httpd-2.0.53-3.3.i386.rpm

Just have to specify name of the package to be removed.

If the pakages are not removed and it shows some dependencies over other installed packages, To ignore the error and uninstall the package use the following option,

rpm -e --nodeps httpd-2.0.53-3.3.i386.rpm

–nodeps –> Do Not Check Dependencies Before Erasing Package

“This is not a recomendaded usage, since it can break other installed packages”

Hope that this will help 🙂

18
Dec

Increase semaphores count in Linux

Semaphores can be thought of as simple counters that indicate the status of a resource. This counter is a protected variable and cannot be accessed by the user directly. The shield to this variable is provided by none other than the kernel. The usage of this semaphore variable is simple. If counter is greater that 0, then the resource is available, and if the counter is 0 or less, then that resource is busy or being used by someone else. This simple mechanism helps in synchronizing multithreaded and multiprocess based applications. Semaphores were invented and proposed by Edsger Dijkstra, and still used in operating systems today for synchronization purposes. The same mechanism is now available for application developers too. Its one of the most important aspects of inter-process communication.

Increase the maximum amount of semaphores

Before increasing the Semaphore value, check whats the current value using by the system.

[l3admins@localhost ~]# /sbin/sysctl -a | grep sem
kernel.sem = 250        32000   32      128
[root@l3admins ~]#

How much IPC resources are used can be found using ‘ipcs’ command:

# ipcs -a
...
------ Semaphore Arrays --------
key        semid      owner      perms      nsems
0x00000000 201293824  Exim    600            1

To increase the semaphores execute the following command and after that update the same vale in /etc/sysctl.conf file to reflect the same after the reboot

/sbin/sysctl -w kernel.sem=250

See ‘man ipcrm for more information.

14
Dec

How to clear out the cache being used

Linux has a good memory management feature that will use up any “extra” RAM you have to cache stuff. This section of the memory being used is SUPPOSED to be freely available to be taken over by any other process that actually needs it. This will eventually reduce the performance of your system. Following command will help you.

[root@l3admins]# free -m
total       used       free     shared    buffers     cached
Mem:          3990       3181        809          0        448       2228
-/+ buffers/cache:        503       3486
Swap:         9452          0       9452
[root@l3admins]#

Use the following command as root to clear cache from your machine.

sync; echo 3 > /proc/sys/vm/drop_caches
This will only support Kernels 2.6.16 and newer.

The above command will cleared out the cache in your machine.

12
Dec

Convert deb package to rpm

DEB packages are the installers for Debian and Ubuntu like RPM for Linux.

Converting of  DEB to RPM is simple one step  process with  “alien” command in Ubuntu/Debain, for this one first we need to install alien.

Install alien command on Debian / Ubuntu

To install alien package you need root privilege.

# apt-get install alien

Once the alien package is installed we can start the converting of DEB to RPM.

# alien your-DEB-to-convert.deb

your-DEB-to-convert.rpm generated

Now you can start the installation of the RPM.

12
Dec

Convert rpm packages to deb

DEB packages are the installers for Debian and Ubuntu like RPM for Linux, if we need to install one RPM on Ubuntu/Debian we need to convert as DEB package.

Converting of RPM to DEB is simple one step process with “alien” command in Ubuntu/Debain, for this one first we need to install alien.

Install alien command on Debian / Ubuntu

To install alien package you need root privilege.
# apt-get install alien

Once the alien package is installed we can start the converting of RPM to DEB

# alien your-RPM-to-convert.rpm
 your-RPM-to-convert.deb generated

Now the .deb package is created, now you can install it in Ubuntu/Debain.

26
Nov

Delete a Snapshot

You can permanently remove a snapshot from vCenter Server.

Procedure:

1.  Select Inventory > Virtual Machine > 
     Snapshot > Snapshot Manager.

2. In the Snapshot Manager, select a snapshot by clicking it.

3.  Click Delete to permanently remove a snapshot from 
vCenter Server.

4. Clicking Delete All permanently removes all snapshots from
 the virtual machine.

 Click Yes in the confirmation dialog box.



13
Nov

Bugzilla installation on Linux

Bugzilla is one of the best open source bug tracking system. Very simple to use with lot of features. Bugzilla allows you to track the bugs and collaborate with developers and send automated alerts and mails to the users.

Before going to the installation of Buzilla need to make sure that following components are installed in the server.

1. Perl Version

# perl -v

 Make sure your perl version is >= 5.8.1 as shown below.

2. MySQL Database

Make sure your MySQL version is >= 4.1.2 as shown below.

# mysql -V

mysql Ver 14.12 Distrib 5.0.77, for redhat-linux-gnu (i686) using readline 5.1

3. Apache

Make sure that Apache installed and running in the server.

4. Download latest Bugzilla tar ball

Download the latest stable release from bugzilla download page. Extract the bugzilla*.tar.gz file to the apache document root directory as shown below.

# cd ~

# wget http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-3.6.tar.gz

# cd /var/www/html

# tar xvfz /usr/save/bugzilla-3.4.6.tar.gz

5. Use checksetup.pl

Bugzilla checksetup.pl program will verify whether all the required perl modules are installed. This will also display a list of all missing perl modules that bugzilla requires for the installation.

You can run the checksetup.pl program as many times as you like until you’ve verified all the required perl modules are installed.

Login to the directory where you downloaded the Bugzilla and do a scan with checksetup.pl

Here I am excluding the list of the checksetup.pl out. It will make a sense that this is a risky and complex Job. You can run the checksetup.pl as many times you required until all the required components are installed.

After completing the installation of perl modules start the localconfig file configuration

6.Create localconfig

This file will automatically generated by Bugzilla we only need to add the DB user name and the password.

Make sure that the Mysql is running in the server, then only localconfig file will take and write data to the Mysql DB.

7. Modify the localconfig file.

Open the localconfig and search for the following term “db_pass”

# vi ./localconfig
$db_pass = 'yourpassword';

You can increase the Bugzilla attachment size in Bugzilla by updating the upload limit in /etc/my.cnf, if required only.

After modifying the Mysql restart the Mysql service

service mysqld restart

8.Create Mysql user

Add bugzilla user (bugs) to the mysql database as shown below.

# mysql -u root -p

mysql> GRANT SELECT, INSERT,
UPDATE, DELETE, INDEX, ALTER, CREATE, LOCK TABLES,
CREATE TEMPORARY TABLES, DROP, REFERENCES ON bugs.*
TO bugs@localhost IDENTIFIED BY 'Bugs4All';

mysql> FLUSH PRIVILEGES;

9. Create the bugzilla database

Execute the checksetup.pl (without any arguments) again to create the mysql bugzilla database. Since the localconfig file already exist, the second time when you execute the checksetup.pl, it will create the mysql database based on the information from localconfig file.

# ./checksetup.pl

Creating database bugs...

Building Schema object from database...
Adding new table bz_schema ...
Initializing the new Schema storage...
Adding new table attach_data ...
Adding new table attachments ...
Adding new table bug_group_map ...
Adding new table bug_see_also ...
Adding new table bug_severity ...
Adding new table bug_status ...

Inserting values into the 'priority' table:
Inserting values into the 'bug_status' table:
Inserting values into the 'rep_platform' table:

10.Configure apache for mod_perl

Remove the version number and rename it as Bugzilla

# cd /var/www/html

# mv bugzilla-3.4.6/ bugzilla

Add the following two lines to httpd.conf

# tail -2 /etc/httpd/conf/httpd.conf
PerlSwitches -I/var/www/html/bugzilla -I/var/www/html/bugzilla/lib -w -T
PerlConfigRequire /var/www/html/bugzilla/mod_perl.pl

Verify the Group in httpd.conf matches the webservergroup in localconfig

# cd /var/www/html/bugzilla/

# grep webservergroup localconfig
$webservergroup = 'apache';

# grep Group /etc/httpd/conf/httpd.conf
Group apache

11.Final checksetup.pl

executionthe checksetup.pl again.

# ./checksetup.pl
Reading ./localconfig...

Removing existing compiled templates...
Precompiling templates...done.
Fixing file permissions...

Now that you have installed Bugzilla, you should visit the 'Parameters'
page (linked in the footer of the Administrator account) to ensure it
is set up as you wish - this includes setting the 'urlbase' option to
the correct URL.

12.Login to Bugzilla and complete initial setup.

Start the apache, go to http://{your-ip-address}/bugzilla and login using the administrator account you created above.
From the bugzilla UI, at the footer -> Administration -> Parameters -> ‘Required Settings’ section -> Fill-out following information:
maintainer: admin@l3admins.com

urlbase: http://{your-ip-address}/

Note: Depending on your setup, go to -> User Authentication -> and you might want to change requiredlogin and emailregexp parameter.

27
Oct

Check SELINUX status on Linux

The Linux command example below show the example on how to check SELinux status on Linux Fedora system. This step by step example on how to check SELinux status on Linux Fedora system is tested on Linux Fedora 10 system.

 1.  Check SELinux status on Linux Fedora system.

[root@l3admins ~]# cat /etc/sysconfig/selinux

 

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

#       enforcing - SELinux security policy is enforced.

#       permissive - SELinux prints warnings instead of enforcing.

#       disabled - No SELinux policy is loaded.

SELINUX=enforcing

# SELINUXTYPE= can take one of these two values:

#       targeted - Targeted processes are protected,

#       mls - Multi Level Security protection.

SELINUXTYPE=targeted
[root@l3admins ~]

or execute the sestatus command to view SELinux status

[root@l3admins]# sestatus

SELinux status:                 enabled

SELinuxfs mount:                /selinux

Current mode:                   enforcing

Mode from config file:          enforcing

Policy version:                 23

Policy from config file:        targeted

[root@l3admins]#

You can also check the same in Linux machines using the command system-config-securitylevel

14
Oct

Install RPM on Ubuntu

Installing software or rpm on Ubuntu usually entails using Synaptic or by using an apt-get command from the terminal. Unfortunately, there are still a number of packages out there that are only distributed in RPM format.

There should be a utility called Alien that converts packages from one format to the other. This doesn’t always mean that an rpm will work on your system, though. You will need to install some prerequisite software packages in order to install alien, however. These packages include gcc and make.

To install alien and other dependencies run the following commands

apt-get install alien dpkg-dev debhelper build-essential

To convert a package from rpm to Debian (.deb) format, use this command syntax.

alien software.rpm

After executing the above command the you will get the .deb executable for the rpm.

To install the software now you can use the dpkg utility.

dpkg -i software.deb

If you are facing any issues while installing the converted rpm packages, check for your system dependencies and the version of the software you are trying to install.