Posts

Install AIDE package on CentOS/RHEL

1. Install AIDE package on CentOS/RHEL: # yum install -y aide 2. Check and adjust aide configuration file to fulfill your needs: # vim /etc/aide.conf 3. Initialize AIDE database - it will scan all the files in folders that were included in the config file and save their hash as well as attributes info 4. You may consider keeping golden copy of AIDE database (default is set to /var/lib/aide/aide.db.gz) is secure and read-only location. It will allow you to compare current system integrity to the golden copy. To check what changed run: # aide -C If you get "Couldn't open file /var/lib/aide/aide.db.gz for reading" error it means you need to move database generated in step 3 to this location: #  mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz

fatal: parameter inet_interfaces: no local interface found for ::1

Error:  fatal: parameter inet_interfaces: no local interface found for ::1 [root@Centos7 postfix]# systemctl restart postfix Job for postfix.service failed because the control process exited with error code. See "systemctl status postfix.service" and "journalctl -xe" for details. [root@Centos7 postfix]# systemctl status postfix.service ● postfix.service - Postfix Mail Transport Agent    Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)    Active: failed (Result: exit-code) since Tue 2018-01-02 16:50:43 IST; 4s ago   Process: 12908 ExecStart=/usr/sbin/postfix start (code=exited, status=1/FAILURE)   Process: 12905 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS)   Process: 12901 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=75) Jan 02 16:50:41 Centos7.windows.local systemd[1]: Starting Postfix Mail Transport Agent... Jan 02 16:50:41 Centos7.windo...

how to secure tmp partation in linux

1. Create separte partation for tmp , if you don't have the space to create a fresh /tmp partition on existing drives, you can use the loopback capabilities of the Linux kernel by creating a loopback filesystem that will be mounted as /tmp and can use the same restrictive mount options. To create a 1GB loopback filesystem, execute the following commands. [root@Centos7 ~]# dd if=/dev/zero of=/dev/tmpDIR bs=1024 count=1000000 1000000+0 records in 1000000+0 records out 1024000000 bytes (1.0 GB) copied, 5.32903 seconds, 192 MB/s 2. Backup Current /tmp Directory: Now backup the current /tmp directory using the syntax below which will keep the same permissions for the files currently in /tmp. [root@Centos7 ~]# cp -Rpf /tmp /tmpbak 3.Modify fstab: You should add a line to the end of the /etc/fstab file so the tmp partation so tmp is mounted when the server reboots. /dev/mapper/centos-tmp  /tmp                    xfs  ...

NTPd : NTP Server installation on centos7

1. NTP package is provided by default from Centos  repositories, and can be installed by the following command: [root@Centos7 ~]# yum -y install ntp 2. Configure these lines. [root@Centos7 ~]# vi /etc/ntp.conf # line 18: add the network range you allow to receive requests restrict 172.160.0.0 mask 255.255.0.0 nomodify notrap # change servers for synchronization #server 0.centos.pool.ntp.org iburst #server 1.centos.pool.ntp.org iburst #server 2.centos.pool.ntp.org iburst #server 3.centos.pool.ntp.org iburst server ntp1.example.local iburst server ntp2.example.local iburst 3. Once the installation completes, start the service and configure it so it starts automatically each time the server boots: [root@Centos7 ~]# systemctl start ntpd [root@Centos7 ~]# systemctl enable ntpd 4. Add the NTP service in firewall [root@Centos7 ~]# firewall-cmd --add-service=ntp --permanent success [root@Centos7 ~]# firewall-cmd --reload success 5. To get a basic report you c...

MySql - Convert InnoDB to MyISAM Storage Engine of Database

MySql - Convert InnoDB to MyISAM Storage Engine of Database To convert Database InnoDB Tables to MyISAM steps follow these steps 1. Take the backup of Mysql database [root@Centos7 ]# mysqldump -f --opt mysqldb > /usr/mysqldb.sql 2. Convert the ENGINE from InnoDB to MYISAM  by using below commans. [root@Centos7 ]#mysql -u username -p -e "SELECT concat('ALTER TABLE ', TABLE_NAME,' ENGINE=MYISAM;') FROM Information_schema.TABLES WHERE TABLE_SCHEMA = 'db_name' AND ENGINE = 'InnoDB' AND TABLE_TYPE = 'BASE TABLE'" | tail -n+2 >> /root/MYISAM.sql Note : Update  username and db_name values with your own values. 3. mport that MYISAM.sql file into INNODB database [root@Centos7 ]# mysql -u username -p mysqldb < /root/MYISAM.sql 4. Make it permanent, add to my.cnf default-storage-engine= MyISAM

How to scan new iSCSI disks in Linux ?

How to scan new iSCSI disks in Linux ? 1.First check which are the existing disk available on linux server from fdisk. [root@Centos7 ~]# fdisk -l 2>/dev/null | egrep '^Disk' | egrep -v 'dm-|type|identifier' Disk /dev/xvda: 53.7 GB, 53687091200 bytes, 104857600 sectors Disk /dev/mapper/cl-root: 10.7 GB, 10737418240 bytes, 20971520 sectors Disk /dev/mapper/cl-swap: 5368 MB, 5368709120 bytes, 10485760 sectors Disk /dev/mapper/cl-usr: 10.7 GB, 10737418240 bytes, 20971520 sectors Disk /dev/mapper/cl-home: 2147 MB, 2147483648 bytes, 4194304 sectors Disk /dev/mapper/cl-var: 5444 MB, 5444206592 bytes, 10633216 sectors Disk /dev/mapper/cl-tmp: 2147 MB, 2147483648 bytes, 4194304 sectors 2.Find out how many SCSI controller configured. [root@Centos7 ~]# ls -l /sys/class/scsi_host/ total 0 lrwxrwxrwx 1 root root 0 Dec 11 12:09 host0 -> ../../devices/pci0000:00/0000:00:01.1/ata1/host0/scsi_host/host0 lrwxrwxrwx 1 root root 0 Dec 11 12:09 host1 -> ../../dev...

How to install and Configuring manual or automatic node login with iSCSI Initiator

Configuring manual or automatic node login with iSCSI 1. Install the software package: [root@Centos7 ~]# yum -y install iscsi-initiator-utils 2. Configure the iqn name for the initiator: [root@Centos7 ~]# cat /etc/iscsi/initiatorname.iscsi InitiatorName=iqn.2017-12.com.centos7:Centos7 3. Edit the iSCSI initiator configuration: # vi /etc/iscsi/iscsid.conf # To manually startup the session set to "manual". The default is automatic. node.startup = automatic # To enable CHAP authentication node.session.auth.authmethod = CHAP # To set a CHAP username and password for initiator node.session.auth.username = iscsiadmin node.session.auth.password = P@$$w0rd 4. Start iSCSI initiator daemon: [root@Centos7 ~]# systemctl start iscsi [root@Centos7 ~]# systemctl enable iscsi 5.Discovering targets in our iSCSI server: [root@Centos7 ~]# iscsiadm --mode discovery -t sendtargets --portal 172.16.20.90 172.16.20.90:3260,1 iqn.2004-04.com.sanstorage:tvs-671:iscsi.sa...