Red Hat
bogus intrusion attempt
by dervish on Mar.28, 2016, under Linux, Red Hat
Active log file changed? No way!
[root@entbamboo01 logs]# tmpwatch –test –mtime +7 –nodirs /opt/bamboo/atlassian-bamboo-5.9.7/logs/*log
error: directory /opt/bamboo/atlassian-bamboo-5.9.7/logs/catalina.2015-10-20.log changed right under us!!!
error: this indicates a possible intrusion attempt
Expired certificate /usr/share/rhn/RHNS-CA-CERT
by dervish on Nov.20, 2015, under Red Hat
# service osad start
Starting osad: Invalid Cert Error:
ERROR: unhandled exception occurred: (Expired certificate /usr/share/rhn/RHNS-CA-CERT).
[FAILED]
# cd /usr/share/rhn
# wget http://satellite/pub/RHN-ORG-TRUSTED-SSL-CERT
# vi /etc/sysconfig/rhn/up2date
Change RHNS-CA-CERT to RHN-ORG-TRUSTED-SSL-CERT
#sslCACert=/usr/share/rhn/RHNS-CA-CERT
sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
# service osad start
Starting osad: [ OK ]
Show Installed Packages (including architecture)/Search for i386 Packages
by dervish on Mar.26, 2014, under Linux, Red Hat
# rpm -qa –qf “%{n}.%{arch}\n”
pciutils-devel.x86_64
pkgconfig.x86_64
libusb.x86_64
info.x86_64
desktop-file-utils.x86_64
m4.x86_64
ORBit2.x86_64
perl-Compress-Zlib.x86_64
mkisofs.x86_64
ttmkfdir.x86_64
…
# rpm -qa –qf “%{n}.%{arch}\n” | grep i386 | head
glib2.i386
libSM.i386
audiofile.i386
gmp.i386
pcsc-lite-libs.i386
libXrandr.i386
libXdamage.i386
pcsc-lite-devel.i386
libogg-devel.i386
db4-devel.i386
…
# yum list | grep i386 | head
GConf2.i386 2.14.0-9.el5 installed
NetworkManager.i386 1:0.7.0-13.el5 installed
NetworkManager-glib.i386 1:0.7.0-13.el5 installed
ORBit2.i386 2.14.3-5.el5 installed
OpenIPMI-libs.i386 2.0.16-16.el5 installed
aex-nsclt.i386 6.2-1378 installed
alsa-lib.i386 1.0.17-1.el5 installed
apr.i386 1.2.7-11.el5_6.5 installed
apr-util.i386 1.2.7-11.el5_5.2 installed
aspell.i386 12:0.60.3-13 installed
SSH Passwordless Login Fails
by dervish on Oct.24, 2012, under Red Hat
After verifying file permissions, still unable to login without entering passsord. Found issue where SELINUX was keeping the SSH service from reading the authorized_keys file. Issue encountered on a Red Hat 6 server.
Fix:
$ restorecon -R -v /home/user/.ssh
restorecon reset /home/user/.ssh context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:ssh_home_t:s0
restorecon reset /home/user/.ssh/known_hosts context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:ssh_home_t:s0
restorecon reset /home/user/.ssh/id_dsa context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:ssh_home_t:s0
restorecon reset /home/user/.ssh/id_dsa.pub context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:ssh_home_t:s0
restorecon reset /home/user/.ssh/authorized_keys context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:ssh_home_t:s0
Passwordless login now works:
$ ssh gilis28.fls
Last login: Wed Oct 3 14:07:00 2012 from 10.255.2.204
[user@GILIS28 ~]$
Postfix/Dovecot Install
by dervish on Feb.23, 2012, under Linux, Red Hat
Install Postfix:
yum install postfix (RedHat)
apt-get install postfix (Debian)
Add Domains to Accept Mail For:
vi /etc/postfix/main.cf
set
mydestination = localhost.localdomain, localhost, domain.com, host
Tell Postfix to use Maildir instead of mbox format:
postconf -e "home_mailbox = Maildir/"
postconf -e "mailbox_command ="
Set MAIL variable in /etc/profile:
export MAIL=$HOME/Maildir
Restart Postfix:
service postfix restart
Mail local user and confirm mail is delivered.
Install Dovecot:
apt-get install dovecot-common dovecot-imapd dovecot-pop3d
