You are currently browsing the archive for the Linux category.

Probably the single most important thing you can do to secure your server is to keep it up to date.

This goes whether you are working for a large multinational corporation, or a small business, or even if you are a home user.

This also applies not just to the operating system packages, but to the firmware that lives on the hardware inside your server. Things like your BIOS (now replaced in most cases by EFI), your SATA and SAS controller(s), some backplanes, your hard drives and SSDs, your network card, the storage arrays (both direct attached external arrays and SAN-attached arrays) and and even the switch or router that your server is connected to, or in the case of VMs, the hypervisor those VMs run on.

Continue reading “CentOS Linux Server Hardening in 2016, Patching Intro” »

I’ve been doing quite a bit of research into “hardening” Linux servers lately. Specifically, CentOS servers have been the focus, as I don’t personally have much experience with other distributions.

What one person considers good enough, might be a walking nightmare for another. So with that being said, I’m going to start with basic steps that anyone can do.

Continue reading “CentOS Linux Server Hardening in 2016, Intro” »

In this article, we are going to upgrade CentOS 6 to PHP 5.4 without using any third party repositories.

You might want to do this if you, like me, are using WordPress, and want to test your install before upgrading to CentOS 7, or if you have a plugin which requires PHP 5.4.

Continue reading “Update CentOS 6 to PHP v5.4 without using third party repository” »

Well, if you’ve managed to find this page, you’re in luck. After searching for and finding a fix to this problem once before, I had it occur again on a different machine. Unfortunately, I hadn’t documented the fix in my own notes, only in an email to my boss which was almost deleted. Figure I should put it up here for myself in the future, as well as for anyone that is not having luck with Google.

Continue reading “RHEL 5 unable to auto-mount USB drives” »

As I mentioned in my last post, we’ve been working on an LDAP SSL configuration for our Netapp filers at work. Most of the work was already done and I had to coordinate with our storage team to test the changes. Unfortunately, while most of the work was already done, when we would enable SSL, LDAP lookups would just fail for seemingly no reason. It worked fine when SSL was disabled, albeit unencrypted. Running ldapsearch also worked (after tweaking of OpenLDAP’s client configuration) over SSL and unencrypted. So, it seems, the problem was with the filer.

Continue reading “SSL errors between Netapp Filer and RedHat Directory Server” »

At work today, I was working on a project to enable SSL encryption for our Netapp filer heads. That project is still ongoing as of this writing, but I made some changes to the admin-server portion of RedHat Directory Server over the last couple of days, and at some point, something broke. When I tried to restart the server, I got the error (in essence) do_admserv_post_config unable to create AdmldapInfo in the admin-serv error log. A bunch of googling resulted in me pulling my hair out because the answer was that your configuration is hosed and you need to start over. Well, I wasn’t about to have any of that.

Continue reading “RedHat Directory Server error “do_admserv_post_config unable to create AdmldapInfo”” »

I recently looked into learning Apache Hadoop. Big data and cloud services are where the internet is headed and having not had experience with big data yet, I thought it’d be a good idea to at least get my feet wet. I found a great article on CTO Vision that walks you through getting hadoop installed and started. Addendum: If you’re having problems with their instructions, like I was, there’s a complete breakdown at pyfunc’s page.

Fortunately, the config is XML-based, so its easy enough to understand once you get the basic syntax down. Unfortunately, the config CTO Vision linked to for Pseudo Distributed mode turned out to be a dead link (404) because Apache removed the Hadoop r0.20.2 documentation from their site sometime in the first half of 2013.

Luckily, I’m resourceful and know of a site other than google that caches web sites, and they just so happened to have a copy of the document I needed.

Continue reading “Hadoop r0.20.2 documentation — dead link — found a cached copy” »