DevOps  Systems Administration 

CentOS

August 28, 2022


Table of Contents


  1. CentOS 7 & 8

  2. (Community Enterprise Operating System)

  3. Red Hat Backporting

  4. Amazing Utilities


    1. top


      1. i

      2. Toogle: Iddle

      3. u

      4. Filter by:  effective

    2. Understanding top


      1. i

      2. Toogle: Iddle

      3. u

      4. Filter by:  effective

    3. Understanding nice command

    4. htop

    5. lsof

    6. iftop

    7. netstat

    8. traceroute

    9. kill a user

    10. kill a process


      1. Kill Example – How to kill Apache Service on Linux

      2. Killall Example – How to kill Apache Service on Linux

      3. kill -3

  5. How to find basic hardware information

  6. How to install Gnome Desktop

  7. Time is off

  8. curl: (1) Protocol “sftp” not supported or disabled in libcurl

  9. Permission denied … because search permissions are missing on a component of the path

  10. Cron Jobs

  11. nslookup is missing

  12. CentOS has crashed

  13. Sudo is ignoring my aliases

  14. Sudo cannot run my aliases

  15. Bitbuket pipeline changes the owner and permission of files

  16. sed: can’t read 1d: No such file or directory

  17. Shutdown, suspend, reboot

  18. Ownership and permissions

  19. No package htop available

  20. Installing ScreenFetch

  21. Stress Testing


    1. Using stress

    2. Using stress-ng

  22. Hacking with SELinux


    1. Turn on SELinux

    2. Turn off SELinux

    3. Turn off SELinux (at the configuration level)

    4. Verify status

    5. Completely shutdown SELinux

  23. AWS EFS conflicts with SELinux

  24. CloudWatch – Adding Disk Space Alarm

  25. Log Rotation

  26. Journalctl, where are my logs from yesterday?

  27. Automation & Orchestration 1: Ansible vs Chef vs Puppet

  28. Automation & Orchestration 2: Docker vs Kubernetes vs Mesos

  29. Background Jobs


    1. My own experiments (1)

    2. My own experiments (2)

  30. Extending partition & filesystem

  31. Cron Jobs did not run

  32. Upgrading to CentOS 8

  33. How to upgrade CentOS 7 to CentOS 8 Server


    1. Environment Specification:

    2. Gathering System Information of CentOS 7:

    3. Installing EPEL yum Repository on CentOS 7:

    4. Installing Required Packages on CentOS 7:

    5. Removing Duplicate/Unused Packages and Configurations:

    6. Switch the Package Manager from YUM to DNF:

    7. Upgrading CentOS 7 server to Latest Stable Version:

    8. Upgrading Yum Repositories from CentOS 7 to CentOS 8:

    9. Upgrading CentOS 7 to CentOS 8 Server:

    10. Verify Software Versions after Upgrade to CentOS 8:


      1. How to Set Linux Process Priority Using nice and renice Commands

      2. Understanding the Linux Kernel Scheduler

      3. Understanding Process Priority and Nice Value

      4. How to Check Nice Value of Linux Processes

      5. How to Run A Command with a Given Nice Value in Linux

      6. Change the Scheduling Priority of a Process in Linux

  34. Terminal colors – nano

  35. Nice command

  36. Cannot rsync from remote

  37. Route Tables

  38. UNIX/Linux Closing ports

  39. umask

  40. Reclaim Disk Storage

  41. chcon – Operation not supported


    1. 7.1. Temporary Changes: chcon

    2. 7.2. Persistent Changes: semanage fcontext

    3. matchpathcon

  42. mount.nfs: access denied by server while mounting


    1. Problem:

    2. Solution for test servers:

    3. Solution for dawnoflife server:

  43. mount.nfs4: Connection timed out

  44. The “tls” option is required when mounting via “iam”

  45. Connection reset by peer

  46. System Updates – unfinished transactions remaining

  47. SELinux is disabled

  48. /bin/zsh: Permission denied


    1. Attempt a + b: Restore centos user access (Failed)

    2. Attempt c: Disabling SELinux (Succeeded)

  49. Services

  50. SSH Timeouts


    1. Method 1

    2. Method 2

    3. Difference between method 1 and method 2

  51. Immutable files

  52. Adding storage as an additional volume to a database server

  53. How to get PPID from PID

  54. [oh-my-zsh] theme ‘puma’ not found

  55. Removing old kernels

  56. inodes

  57. Linux /etc/passwd explained

  58. Linux /etc/group explained

  59. CPU Utilization

  60. Disabling crons

  61. Disk Utilization

  62. dos2unix

  63. Extending filesystems

  64. Incorrect sudo password

  65. Log rotation

  66. Memory Utilization

  67. Mismatching hostnames

  68. Mounting filesystems

  69. Mounting NFS filesystems

  70. Mounting XFS filesystems

  71. Network Utilization

  72. Why DNF?

  73. A quick guide to DNF for yum users


    1. The DNF package manager offers robust features for installing, updating, and removing packages.

    2. CLI commands that differ in DNF and yum

    3. DNF Automatic

    4. dnf-automatic-timer.png

    5. Basic DNF commands useful for package management

    6. Summary

  74. Installing AWSCLI

  75. CentOS: How To Install an Apache, MySQL, and PHP (LAMP) Stack on CentOS


    1. Update your CentOS

    2. Install Apache 2.4

    3. Install MySQL

    4. Install PHP 7.2

    5. Configure HTTPS

  76. This instance is underutilized

  77. How to start, start, and restart Apache

  78. Unable to connect to MySQL Server from the web application

  79. Let’s Encrypt certificate expiration notice for domain “victordiaz.ca”

  80. remi-release-8.rpm

  81. No package matching ‘php-pecl-mcrypt’ found

  82. How to remove PHP

  83. Setting up Mailx


    1. SMTP Configuration for a Gmail email account

    2. SMTP Configuration for a ROM email account

    3. Testing

  84. Setting up Postfix


    1. Installing Postfix

    2. Installing Dovecot

    3. Installing SquirrelMail


      1. Introduction

  85. Installing SimpleSAMLphp

  86. Installing Apache Solr 7

  87. Creating cores

  88. Configuring Solr 7 with Drupal 7

  89. Solr cannot be re-installed

  90. Solr search does not display any results

  91. Solr search results shows no images

  92. WARNING: UNPROTECTED PRIVATE KEY FILE!

  93. Unable to SCP to remote VM

  94. Could not open a connection to your authentication agent

  95. Too many authentication failures

  96. pbcopy: command not found

  97. SSH Allow Password For One User, Rest Only Allow Public Keys [duplicate]

  98. Unable to SSH to remote VM

  99. Updating to latest version of SSH

  100. error: Bind to port 60 on 0.0.0.0 failed: Permission denied

  101. Unable to login from UofT

  102. Unable to login from home

  103. Increasing timeout session

  104. Get Fingerprint

  105. Got myself locked out (high severity)

  106. Got myself locked out (medium severity)

  107. Cannot rsync from remote

  108. kex_exchange_identification: read: Connection reset by peer

  109. Operation timed out

  110. Operation timed out (2)

  111. Operation timed out (3)

  112. Creating .pub from .pem

  113. sudo pwfeedback – Nasty Linux, macOS sudo bug found and fixed

  114. Adding/Deleting Users on a CentOS 7 Server


    1. Adding Users

    2. Changing User password

    3. Granting Sudo Privileges to a User


      1. Managing Users with Sudo Privileges

    4. Deleting Users

    5. Locking/Unlocking Users

    6. Conclusion

    7. Adding Bitbucket user

  115. Unable to login to CentOS

  116. Creating Groups

  117. Removing user from group

  118. Restring user access with sudo and sudoers

  119. Using SUDO without a password

  120. Using nano as editor with visudo

  121. How to Change the login shell of the user

  122. Downloading files owned by other users

  123. Listing allowed commands per user

  124. Disabling user accounts


    1. For Systems with Password Authentication

    2. For Systems with SSH Key Authentication

  125. Enabling user accounts


    1. For Systems with Password Authentication

    2. For Systems with SSH Key Authentication

  126. Get Fingerprint

  127. SSH Access

  128. Enabling/Disabling Groups


    1. Grant/Revoke system access from all users in the group

    2. Grant/Revoke file access from all users in the group

    3. Using Access Control Lists (ACL)

  129. YUM – keeping software packages up-to-date


    1. Yum-security

    2. How to display a list of updated software and security fix

    3. How to find out whether updates exist for packages that are already installed on my system

    4. To update specified packages

    5. List all installed packages

    6. Find out if httpd package installed or not on the system

    7. Lists all packages that are available to install all packages that are installed on system

    8. Lists all packages that are available for installation

    9. How to search for packages by name

    10. How to see detailed information about a package

    11. How to show dependencies list for a package

    12. How to downgrade a package to an earlier version

    13. How to reinstall a package again

    14. How to remove / uninstall the specified packages [ RPM(s) ]

    15. How to remove unneeded/unwanted packages/deps

    16. Display the list of available packages

    17. Display list of group software

    18. Install all the default packages by group

    19. Update all the default packages by group

    20. Remove all packages in a group

    21. Display description and contents of a package group

    22. Display what package provides the file

    23. How to clean yum cache

    24. How to list software repositories

    25. See information about enabled yum repositories

    26. How to view and use yum history

    27. How to see help about yum command

  130. You need to be root to perform this command.

  131. How to view installed packages

  132. How to remove installed packages

  133. How to install php 7.2

  134. Yum install is not working (To be completed on the weekend)

  135. Error: Package: glibc-devel

  136. No package htop available

  137. File contains parsing errors: file:///etc/yum.repos.d/pgdg-redhat-all.repo

  138. WP-CLI is missing

  139. SSL/TLS Certificates


    1. ECC (Elliptic Curve Cryptography)

    2. Apache: Create CSR & Install SSL Certificate (OpenSSL)


      1. Create a CSR using OpenSSL & install your SSL certificate on your Apache server

      2. Testing Your SSL/TLS Certificate Installation

      3. Troubleshooting

      4. Apache Server Configuration

    3. MACOS – SSL Certificate (Self Signed)

    4. ROMLX12 – SSL Certificate (Signed by CA)

    5. ROMLX122 – SSL Certificate (Self Signed)

    6. ROMLX777 – SSL Certificate (Self Signed)

  140. Trusted vs Self-signed

  141. Building an TLS Certificate

  142. SSL Configuration Generator

  143. Self-signed Certificates

  144. Self-signed Wildcard Certificate (*.puma) does not work

  145. Your connection is not private


    1. Another common error was: (BasicConstraints: CA == TRUE !?)

    2. Another common error was: server certificate does NOT include an ID which matches the server name

    3. Final openssl.cnf

  146. Self-signed SSL Certificate does not specify Subject Alternative Names

  147. ERR_CERT_COMMON_NAME_INVALID

  148. How to verify CSR information

  149. dyld: Library not loaded

  150. deprecated key derivation used

  151. Insecure TLS ciphers

  152. Forward Secrecy

  153. Your site could not complete a loopback request

  154. SSL/TLS ciphersuites supported

  155. How to determine if I need to upgrade my web servers to TLS 1.2

  156. 302 Moved

  157. How do I remove passphrase requirement in Apache?

  158. HTTPS Everywhere breaks down ROM-OMNI data exchange communication

  159. How to create a .pfx/.p12 certificate

  160. How to create PEM-encoded private key, cert, and chain

  161. Installing Let’s Encrypt SSL/TLS Certificate

  162. Certificate renewal – Let’s Encrypt certificate expiration notice for domain “victordiaz.ca”

  163. Let’s Encrypt renewal failed

  164. Let’s Encrypt renewal failed – 2

  165. Insecure TLS ciphers

  166. Forward Secrecy

  167. Certificate renewal

  168. Certificate renewal for “*.rom.on.ca”

  169. *.rom.on.ca vs *.rom.ca

  170. Failed to update database

  171. Certificate and private key do not match

  172. 2048 vs 4096

  173. Protecting *.victordiaz.ca, *.drupal.victordiaz.ca, *.symfoy.victordiaz.ca, and *.wordpress.victordiaz.ca subdomains (On the same EC2 server)


    1. Renewal Time

    2. Adding virtual host: jenkins.victordiaz.ca

    3. Adding virtual host: wordpress.victordiaz.ca

  174. Let’s Encrypt renewal failed – 3 (LATEST)


    1. Problem:

    2. Solution:

  175. Upgrading OpenSSL

  176. How to install an existing SSL Certificate to Tomcat running on Windows Server 2016


    1. Step 1. Convert P7B certificate into PFX (See T43 below)

    2. Step 2. Import PFX certificate into Java Keytool

    3. Step 3. Update Tomcat Configuration


      1. server.xml

      2. web.xml

      3. Atlassian JIRA Service

    4. Step 4. Update Jira Configuration

  177. Setup: Tomcat is misconfigured

  178. Re-indexing Jira

  179. Koomar TLS delivery (TO BE REVIEWED)

  180. Possible conflicts between *.rom.on.ca and {{ HOST_NAME }} SSL Certificates

  181. Digicert SSL Certificate is revoked

  182. Certificate renewal for “{{ HOST_NAME }}”

  183. Certificate renewal for “{{ HOST_NAME }}” (2)


    1. Test 1 – Failed

    2. Test 2 – Failed

    3. Test 3 – Succeeded

    4. Test 4 – Succeeded

    5. DRP

  184. Where is your private key?

  185. My questions to Digicert


    1. Q1


      1. Answer

    2. Q2


      1. Answer

    3. Q3


      1. Answer

    4. Q4


      1. Answer

  186. Converting File Formats

  187. Protecting *.clov3r.net, *.drupal.clov3r.net, *.symfoy.clov3r.net, and *.wordpress.clov3r.net subdomains

  188. Protecting *.drupal.victordiaz.ca, *.symfoy.victordiaz.ca, and *.wordpress.victordiaz.ca subdomains (On different EC2 servers)

  189. Protecting jenkins.victordiaz.ca and nagios.victordiaz.ca (On different EC2 servers)


, , ,
Written By victord On August 28, 2022