Archive for the 'CentOS' Category

Who is that masked man?

Probably you have either listened to me or read my thoughts or both for several years now, but it occurred to me today that someone out there might be interested in seeing what actually drives the LincGeek.

I currently live in Pennsylvania, but I was born and raised in Upstate NY, with a brief stint in Washington state. New Yorkers and hillbillies are my people and I understand them. Washington is some of the most beautiful country I ever spent time in and I hope to at least visit out there again someday.

Well, first and foremost, computers and Linux are my personal crack. I started on a life long obsession with computers back in 1983 with my first Vic=20 (Thank you William Shatner). I learned to program in BASIC and from there it was all over until I met Linux in the 90s, then that added into the mix.

I like the fastest computers I can get my hands on. I like Apple computers (more for their quality and aesthetics than OS – they do tend to run Linux very well). I love my Kindle, my Android phone and my iPad (2), which is the tablet device that all others are invariably compared to and for good reason. Linux Mint is probably the nicest version of Linux I have ever run and I use that almost exclusively as my desktop OS of choice. I am RedHat certified and use RHEL and CentOS for the vast majority of my enterprise and personal server needs, because, IMHO, it’s better than the rest.

I am a music lover. I dig 50s, 60s, 70s, 80s, Big Band, Jazz, Funk, Disco, Bluegrass and Classical music. I was a hardcore low brass musician and vocalist in my school years, even making it into “Who’s Who In Music” in my senior year in high school, and those are some of my most cherished and fondest memories. Rap is *NOT* music, by the way.

I have been married once, to my college sweetheart, for almost 19 years now and have an adult (she thinks so at least) daughter, currently in college. I am a Conservative Libertarian, politically, and a proud Christian.

Although I am now diabetic and stick mostly to various forms of Chicken and veggies now, I LOVE good food. my favorites are good Irish cooking like my Grandma used to make. Corned Beef and Cabbage. And she made a monster macaroni and cheese too. I would literally hurt someone for some of that again. I strongly believe that vegetables are what food eats.

I like my coffee with (nonfat) milk and sweet-n-low. Buy it from Wawa because Starbucks coffee is overpriced and bitter yuppie coffie IMHO. I like an occasional good cigar (Acid Blondie) and enjoy them most when I can smoke them and hang out with my friends.

I am not a drinker. If and when I do imbibe, I do so with Scotch or Whiskey as I believe beer must be what urine tastes like.

As you can probably surmise, I am highly opinionated, and as I have a monster sized guilty conscience and I am not at all politically correct, so if you ask my opinion, you are liable to actually get it.

I still think the occasional fart joke is funny. I hate unproductive meetings and long phone conversations. I try very hard to be honest, forthright, fair and maintain integrity.

I am a pet guy and love small furry mammals of all kinds. I have and have had cats, dogs, rabbits, mice, rats, ferrets and even a smattering of budgies and small lizards.

And now you know all about me!

Transmission on RHEL/CentOS/Scientific Linux 6

I had a friend a few weeks ago who asked me for help getting the Transmission bittorrent client working on CentOS 6. I took these notes then and am sharing them now.

cd /etc/yum.repos.d/
wget http://geekery.altervista.org/geekery-el6.repo
NOTE: RHEL/CentOS 6 x86_64 users have to replace $arch with $basearch in the repo file
yum install transmission transmission-gtk

CentOS 6 Desktop

CentOS 6


I love love RHEL and CentOS on servers but surprisingly, CentOS 6 makes a nice desktop as well! Here are some notes I took getting things going the way I like on my CentOS laptop.

Where I work, if you push your machine name to DHCP, it will register with DNS as well. This is a nice feature if you are in the habbit of ssh-ing to your boxes like I am. In order to accomplish this task, you change a setting in the dhclient.conf file, which for a long time has been found in /etc/dhcp or /etc/dhcp3. Well, things have been moved around a bit and it’s now located in /etc and the filename is dhclient-eth0.conf where eth0 is the interface you are using. My suspicion is that this was done to frustrate the 5 people in the world like myself who actually use this :)

I really have no need for SELinux on this machine and therefor turn it off to keep it out of my way. This is easily accomplished by editing the /etc/selinux/config file and setting SELINUX=disabled. (then performing a reboot)

I also have no use for the default firewall ruleset. I normally do a chkconfig iptables off && service iptables stop and just address my firewall concerns later on.

What I *DO* need, often, if not always, are the development tools. Things like compilers and make, etc.. Get them by doing yum -y groupinstall “Development tools”.

Install the EPEL repo:
rpm -Uvh http://download.fedora.redhat.com/pub/epel/6/i386/epel-release-6-5.noarch.rpm
or
rpm -Uvh http://download.fedora.redhat.com/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm
depending on your archetecture.

Gotta have clusterssh. If you don’t use it you should!
yum -y install clusterssh

I also must have my chrome web browser:
Install chrome from website https://www.google.com/chrome?&brand=CHMB&utm_campaign=en&utm_source=en-ha-na-us-sk&utm_medium=ha

And Thunderbird too!
install thunderbird from website http://www.mozilla.org/en-US/thunderbird/

Add the RPMForge repository:
rpm –import http://apt.sw.be/RPM-GPG-KEY.dag.txt
rpm -Uvh http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.i686.rpm
or
rpm -Uvh http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
depending on your archectecture.

And, lastly, if you are somewhere where this is legal, you can install all the codecs that make using your computer nice!
yum -y install compat-libstdc++-33 libdvdcss libdvdread libdvdplay libdvdnav lsdvd libquicktime flash-plugin mplayerplug-in mplayer mplayer-gui gstreamer-ffmpeg gstreamer-plugins-bad gstreamer-plugins-ugly
wget www1.mplayerhq.hu/MPlayer/releases/codecs/mplayer-codecs-20061022-1.i386.rpm (or x86_64)
rpm -ivh mplayer-codecs-20061022-1.i386.rpm (or x86_64)
wget www1.mplayerhq.hu/MPlayer/releases/codecs/mplayer-codecs-extra-20061022-1.i386.rpm (or x86_64)
rpm -ivh mplayer-codecs-extra-20061022-1.i386.rpm (or x86_64)

twidge on CentOS

A couple days ago I was reading a post from Knightwise and he mentioned using twidge on his server to do some fun stuff with his twitter account. Well! That sounded to me like just the thing for me to get some use from my neglected twitter account. Unfortunately, twidge is really best used on a debian type system and *my* server runs CentOS 5. This is a simple recipe to shoehorn twidge onto a CentOS 5 server.

I downloaded the twidge binary from https://github.com/downloads/jgoerzen/twidge/twidge-1.0.6-linux-i386-bin

The binary requires libcurl-gnutls which CentOS just doesn’t have. I snuck around that by doing

ln -s /usr/lib/libcurl.so.3.0.0 /usr/lib/libcurl-gnutls.so.4

Then the binary told me it needed libffi. This I could get from the epel repository. Do that by doing

rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm

and then

yum install libffi

That gets twidge working ….. mostly. Because of the sneaky I pulled with that libcurl-gnutls thing, twidge generates an error message on each run. It still works fine, but gives me a message on each run:

twidge: /usr/lib/libcurl-gnutls.so.4: no version information available (required by bin/twidge)

Undaunted, the easy fix for that is to dump the unneeded error to /dev/null like so

twidge lsrecent 2> /dev/null

And there you have it! For those of you looking to employ twidge on CentOS or similar Linux, this will get you going pretty quickly. Enjoy and I’ll tweet ya later!

Rsync bug

rsync

rsync


Bitten by the rsync bug? I was. Apparently in the new RHEL 5.7, and I am sure the RH clones like CentOS, Scientific Linux and ClearOS(?) as well, there is a bug in rsync when you use it with ssh transport like so:

rsync -avz -e ssh remotehost:/data /data

The fix is to make sure to append a username to your host and then it magically starts working properly again.

rsync -avz -e ssh username@remotehost:/data /data

Enjoy!

RHEL 5 quick and dirty samba primer

samba

samba


A friend asked me for a quick primer on how to set up a windows accessible share under RHEL 5, so I thought I would include it here for the benefit of anyone interested.

  • sudo yum -y install samba
  • sudo vim /etc/samba/smb.conf
  • replace the file with something like so:

[global]
workgroup = SOMEWORKGROUPNAME
server string = SERVERHOSTNAME Samba Server Version %v
security = user
netbios name = CALLMESOMETHING
[data]
comment = my data share
path = /data
read only = no
writable = yes
guest ok = no
available = yes
valid users = USERNAME

  • add a local user to the box: sudo useradd USERNAME
  • add the local user to samba and give password: sudo smbpaswd -a USERNAME
  • restart samba service: sudo service smb restart
  • make sure samba starts at boot: sudo chkconfig smb on
  • adjust your firewall settings if necessary

At this point you should be able to access the share at //servername/data.
Have fun!

Server Build

Last night on the TechShow I was asked about providing some info on a decent default server build. Here are some quick notes to get people going. Adjust as necessary.

Just for ease, here, lets assume you are installing CentOS 5, a nice robust enterprise class Linux for your server needs.

CentOS 5 / RHEL 5 / Scientific Linux, etc., does a really great job picking the defaults, so sticking with those is just fine and has worked well for me on literally hundreds of servers.

  • I let the partitioner remove all existing partitions and chose the default layout without modification.
  • Configure your networking appropriately, make sure to set your system clock for the appropriate timezone (no I do not generally leave my hardware clock set to UTC).
  • When picking general server packages I go for web server and software devel. I do not, generally, pick virtualization unless there is a specific reason to. I find that the web and devel meta server choices provide a robust background with all the tools I need to set up almost any kind of server I want without having to dredge for hundreds of packages later on.
  • The install itself at this point should take you about 15 minutes depending on the speed of your hardware.
  • Once installed, reboot the server and you should come to a setup agent prompt. Select the firewall configuration. Disable the firewall and SELinux completely (trust me here). Once that is done, exit the setup agent (no need to change anything else here), login to the machine as root and reboot it. This is necessary to completely disable SELinux.

From this point on it’s all post install config…:

  • Add any software repositories you need to.
    I not only have my own repo for custom applications, but also have a local RedHat repo for faster updates and lower network strain/congestion.
  • Install your firewall.
    I use an ingress and egress firewall built on iptables. While mine is a custom written app, there are several iptables firewall generator apps out there you can try.
  • Install your backup software.
    Doesn’t matter if this is a big company backup software like TSM or CommVault, or you are just using tar in a script. Make sure your system is not only being backed up regularly, but that you can actually restore data from those backups if you need to.
  • Add your local admin account(s).
    Don’t be an idiot and log into your server all the time as root. Make a local account and give yourself sudo access (and use it).
  • Fix your mail forwarding.
    Create a .forward file in your root directory and put your email address in there. You will get your servers root emails delivered to you so you can watch the logwatch reports and any cron results and errors. This is important sysadmin stuff to look at when it hits your inbox.
  • Stop unnecessary services.
    Yes, if you are running a server you can probably safely stop the bluetooth and cups services. Check through what you are running with a “service –status-all” or a “chkconfig –list” (according to your runlevel) and turn off / stop those services you are not and will not be using. This will go a long way toward securing your server as well.
  • Install OSSEC and configure it to email you alerts.
  • No root ssh.
    Change your /etc/ssh/sshd_config and set “PermitRootLogin no”. Remember, you just added an admin account for yourself, you don’t need to ssh into this thing as root anymore. Restart your sshd service after making the change in order to apply it.
  • Set runlevel 3 as default.
    You do not need to have a GUI desktop running on your server. Run the gui on your workstation and save your server resources for serving stuff. Make the change in /etc/inittab “id:3:initdefault:”.
  • Fix your syslog.
    You really should consider having a separate syslog server. They are easy to set up (hey, Splunk is FREE up to so much usage) and it makes keeping track of whats happening on multiple servers much easier (try that Splunk stuff – you’ll like it).
  • Set up NTPD.
    Your server needs to know what time it is. ‘Nuff said.
  • Install ClamAV.
    Hey, it’s free and it works. If you do ANYTHING at all with handling emails or fileshares for windows folks on this machine, you owe it to yourself and your users to run Clam on there to help keep them safer.
  • Do all your updates now.
    Before you go letting the world in on your new server, make sure to run all the available updates. No sense starting a new server instance with out of date and potentially dangerous software.
  • Lastly, update your logbook.
    You should have SOME mechanism for keeping track of server changes, whether it be on paper or in a wiki or whathaveyou. Use it RELIGIOUSLY. You will be glad someday you did.

ESXi and Subsonic

In continuation, somewhat, of my last post and a brief review on the last TechShow, I wanted to jot down some notes about my newest encounter with ESXi and Subsonic.

Subsonic

Subsonic

I wanted to try out Subsonic, so I really needed to put together a new machine to play with it a bit. As a RL System administrator, some things carry over into my home computing environment, and paranoia is one of them. I just *have* to test things outside of my “production” servers at home too. Since I run my servers in a virtualized environment, this shouldn’t be too much of a problem.

I run ESXi at home for my virtualization platform, and the norm there is to use virtualcenter (or the vic) to create and manipulate VMs. The problem there is I am just not a Windows fan (no kidding). I had gotten around this problem initially by creating a VM on VMware Server (running on Linux) and then using VMware Converter to move that VM to my ESXi machine. This time, I did a little more digging on the subject of using the command line to create those VMs natively and I actually found some great information that let me do just that. What I found was these two links that contain all the information I needed:
ESXi – creating new virtual machines (servers) from the command line
and
http://www.vm-help.com/esx40i/manage_without_VI_client_1.php

Without rehashing a lot of the detail provided in those two sites, the basics are using vmkfstools to create a disk image for you to use and then building a small minimal vmx file with enough info in it to get things going. To do the install, make sure have your vmx start an iso image from the cdrom drive and turn on vnc for the box. From there it’s quite easy to get an install working.

The server I decided upon installing is CentOS 5.5. I chose the standard server install and the only things that were required to get Subsonic working on it were:
yum install java-1.6.0-openjdk
and then to download and install the rpm from Subsonic’s website. A little later on I found that Subsonic would not stream my ogg files and that was easily fixed by:
rpm –import http://apt.sw.be/RPM-GPG-KEY.dag.txt
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm
rpm -Uvh rpmforge-release-0.5.2-2.el5.rf.i386.rpm
yum install lame ffmpeg

After all that, pointing your web browser to http://:4040 and you are rocking and rolling with the big boys. The thing that really impressed me with the setup is when you tell Subsonic where your music is. On every other music server install this is the part where it takes a while to scan and index your music. With Subsonic this was surprisingly almost instantaneous! You tell it where the music is and *whamo* your music shows up, ready to be played. Fantastic! The other great piece is the ability to add album art. You can just tell subsonic to change your album art and it finds some suggestions on the web and will let you pick the correct one and save it to your collection. It’s very nice and a complete time grabber :)

PHP 5.3.X on RHEL 5 / CentOS 5

PHP

PHP

Another one for posterity here. I was asked to find out how to upgrade on PHP RHEL 5 / CentOS 5 to v 5.3.x and to test the procedure. It turns out to work pretty well and is not as difficult as you might think as long as you have the right repositories enabled:

wget http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
wget http://rpms.famillecollet.com/enterprise/remi-release-5.rpm
rpm -Uvh epel-release-5-4.noarch.rpm
rpm -Uvh remi-release-5.rpm
yum –enablerepo=remi update php php-* mysql

This, of course, assumes that your LAMP stack is already installed. If not, you would change the “update” to “install” and away you go. This will currently set you to php v 5.3.3 and mysql 5.1.51..

Ubuntu 9.10 and Grub 2

ubuntu
Yes, another post about Ubuntu 9.10. I know I tried it out before, but I put it on this new (old) laptop and am giving it a little better run this time. I still believe 9.10 (Karmic) to be a fine running distribution and this time I got to test out my method of installing all the codecs I want on there, along with messing with Grub 2 a little bit.

When you are travelling abroad where it’s legal to do so, as i was just the other day, you might want to have access to all those codecs that make life worth living on a linux box. Things like listening to your mp3s and watching your dvds and miscellaneous media files are very dificult without them.

I realise that Ubuntu has, for some time now, been able to detect that you need so and so codec to play so and so media and ask you if you really want it installed, but I find that particularly irritating. I like to already have that functionality there when I want to use it. To do that, I have a little script that I use that generally takes care of that for me, along with installing most of the programs I need to make my day to day use hassle free.

#!/bin/bash
sudo wget http://www.medibuntu.org/sources.list.d/karmic.list -O /etc/apt/sources.list.d/medibuntu.list
sudo apt-get update && sudo apt-get install medibuntu-keyring && sudo apt-get update
sudo apt-get install mozilla-thunderbird php5-common php5-cli php-pear subversion openssh-server clusterssh imagemagick vim synergy smbfs curl vlc libdvdcss2 ubuntu-restricted-extras w32codecs mplayer mencoder build-essential sqlite dia expect mysql-client

Feel free to modify and use this, but basically I derived this from paying attention to the programs I need and use and making a list. It really does save a lot of time to do this.

The other thing I wanted to mention is Grub 2. For some reason, someone decided it was time to move from the original Grub to Grub 2. Time alone will tell whether that was a smart move or not. I know I certainly had a tough time of it for a day or two. Everything has moved and the methodology has changed as well. The short of it is you have some config files in /etc/grub.d that you can now manipulate, along with issuing a “update-grub”, that will build your /boot/grub/grub.cfg, which is pretty much the equivalent of the old /boot/grub/menu.lst file. The fun part is figuring out how all this works because, as it happens with open source many times, the documentation sucks.

What I needed to do was to add another linux distribution to grub so I could dual (or multi) boot it. This is accomplished in that /etc/grub.d directory. Now it’s worth mentioning here that if you do multiple OS installs on your machine and just issue a “update-grub” on your base Grub 2 enabled OS, it will (or at least mine did) auto detect this installation by default and add a boot option for it into the grub boot menu. The problem is, like mine, it probaly won’t boot your other OS.

The way to fix this is to go into /etc/grub.d and “chmod -x 30_os-prober”. After that you won’t be auto-genning entries. Next you can make a copy of the 40_custom file (I named mine 41_centos) and edit that file to have the correct boot parameters to boot your other OS. This is especially fun without having a good grasp of the correct syntax. For instance it took me hours to figure out that the “kernel” line that the old Grub used has been replaced with a “linux” line now. Other than that, though, just make sure that if you are booting another linux to use the correct root label and kernel and initrd image names and locations. My correct and working CentOS entry looks like this for reference:

#!/bin/sh
exec tail -n +3 $0
# This file provides an easy way to add custom menu entries. Simply type the
# menu entries you want to add after this comment. Be careful not to change
# the ‘exec tail’ line above.
menuentry “CentOS 5.4″ {
set root=(hd0,3)
linux /boot/vmlinuz-2.6.18-164.el5 ro root=LABEL=/ rhgb quiet
initrd /boot/initrd-2.6.18-164.el5.img
}

Have fun!

Next Page »