CyberKeeda In Social Media
Showing posts with label CentOS. Show all posts
Showing posts with label CentOS. Show all posts

How to install and configure Docker-CE on CentOS



Installation.

  • Begin with updating your system packages and docker dependencies.
$  sudo yum update
$  sudo yum install yum-utils device-mapper-persistent-data lvm2
  • Add docker stable repository for centos within your system
$  sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
  • Once docker repository is enabled, proceed ahead to install Docker-CE ( Community Edition.
$  sudo yum install docker-ce
  • Now docker-ce has been installed, lets start the docker daemon and enable it on boot.
$  sudo systemctl start docker
$  sudo systemctl enable docker
  • To verify the status of  docker, run the below command.
$  sudo systemctl status docker











  • In case, if you want to check your installed docker version.
$  sudo docker -v

Run Docker commands without sudo

By default managing Docker requires administrator privileges. If you want to run Docker commands as a non-root user without adding sudo within yoir command you need to add your user to the docker group which is created during the installation of the Docker CE package. Add your user to docker group by below command.

$  sudo usermod -aG docker $USER

Logout- Login to reflect the changes.
Read more ...

PIP SSL eeror while installing : SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)


If you too, have encountered SSL errors while installation/upgrading any python package from pip.
Here below is the workaround for it.


You might be flooded by this errors.
Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed 
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579) 

Workaround.

Ignore SSL errors by setting pypi.org and files.pythonhosted.org as trusted hosts.
#  pip install --trusted-host pypi.org --trusted-host files.pythonhosted.org <package_name>
Lets assume i want to install pika through pip 
#  pip install --trusted-host pypi.org --trusted-host files.pythonhosted.org pika
Read more ...

How to Install PostgreSQL Relational Database on CentOS



PostgreSQL is a powerful, open source object-relational database system with over 30 years of active development that has earned it a strong reputation for reliability, feature robustness, and performance.
Official link : Here 

Let's know how to install PostgreSQL on CentOS 7.
  Note :   Video Tutorial at the bottom of the blog post

Method 1

Install from CentOS repository.
For the time being CentOS 7 repositories ship with PostgreSQL version 9.2.15
To install from the CentOS repositories, simply run:
 sudo yum install postgresql-server postgresql-contrib
Now lets Initialize your Postgres database and start PostgreSQL and configure it to start on Boot
#  sudo postgresql-setup initdb 
#  sudo systemctl start postgresql
#  sudo systemctl enable postgresql

Method 2.

Install the latest stable version of PostgreSQL from Postgres Repository
Official repository link :  Here

Note : Currently official repositiry provides packages based on RPM distribution ( Redhat/CentOS/Fedora...)

Select the version you wish to install from the Postgres Yum repositories.
Locate the CentOS 7 link for your chosen version and download it to your Centos 7 host.
For the time being, I'm selecting Postgresql 9.6.3, choose as per your requirement.

#  wget https://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7-x86_64/pgdg-centos96-9.6-3.noarch.rpm
Install the downloaded postgres rpm package and install centos epel too.
#  rpm -ivh pgdg-centos96-9.6-3.noarch.rpm
#  yum install epel-release
Now we are almost all set to install PostgreSQL.

Update Yum to apply your changes and install PostgreSQL.
When installing Postgres manually, you will have to specify the version, we will be installaing postgresql-9.6
#  sudo yum update
#  sudo yum install postgresql96-server postgresql96-contrib
Important Point to notice.
When Postgres is installed using above method 2, the version number is included in its configuration directories. For example, /var/lib/pgsql becomes /var/lib/pgsql/9.6. 
This is also the case with systemd units
systemctl status postgresql becomes systemctl status postgresql-9.6
Now lets Initialize your Postgres database and start PostgreSQL and configure it to start on Boot.
#  sudo /usr/pgsql-9.6/bin/postgresql96-setup initdb
#  sudo systemctl start postgresql-9.6
#  sudo systemctl enable postgresql-9.6
And we are done..

In case you are looking for the Installation Video Tutorial, below is the stuff.





Read more ...

How to send emails from Linux terminal and shell scripts using GMAIL



GMAIL SMTP Configuration on Linux Box.


Video Tutorial.



###########  Use GMAIL SMTP server to send mails ##################


# yum install -y mailx

Lets tell google we gonna send emails from other devices also.

https://myaccount.google.com/lesssecureapps

Edit

# vim /etc/mail.rc

#----------- add the below lines and append as per your credentials.


set smtp=smtps://smtp.gmail.com:465
set smtp-auth=login
set smtp-auth-user=USERNAME@YOURDOMAIN.COM
set smtp-auth-password=YOURPASSWORD
set ssl-verify=ignore
set nss-config-dir=/etc/pki/nssdb/

Update the gmail account credentails over here and save

# Now we are all done , we will be using gmail to send email from our linux box.

echo "Relay Test" | mail -v -s "Relay test" anyworkingemailid@anydomain.com

anyways...  you send it to multiple domains now..

Rememeber ... From email id will be the same that you have configured within /et/mail.rc file

# Thanks


Read more ...

Join Linux into Windows Active Directory domain




Though I'm  a great fan of Linux/Unix but while working with any enterprise firm i couldn't avoid, thus i was asked to join our Linux hosts into Active directory.

So let's move ahead and join our LInux systems into ad using tool named as " adcli "
I have used this to join our Redhat/CentOS 7 hosts into AD.

Video Tutorial.


There are two must things as a prerequisites for it.

1.     Make Sure RHEL machine is able to resolve Active Directory servers.
2.     Install adcli package along with sssd:

 Consider the below inputs as a lab enviroment of mine.


Active Directory Server : swind101x.cyberkeeda.net
Domain name : cyberkeeda.net
Linux Client Hostname :  scent101x.cyberkeeda.net
[root@scent101x ~]# yum install adcli sssd authconfig
  • Discover the AD domain:
[root@scent101x ~]# adcli info cyberkeeda.net
adcli will show few details about the AD domain. 


[domain]
domain-name = cyberkeeda.net
domain-short = CYBERKEEDA
domain-forest = cyberkeeda.net
domain-controller = SWIND101X.cyberkeeda.net
domain-controller-site = Default-First-Site-Name
domain-controller-flags = pdc gc ldap ds kdc timeserv closest writable good-timeserv full-secret
domain-controller-usable = yes
domain-controllers = SWIND101X.cyberkeeda.net
[computer]
computer-site = Default-First-Site-Name


  • Now, join RHEL system to AD domain using adcli: 
[root@scent101x ~]# adcli join cyberkeeda.net
Password for Administrator@CYBERKEEDA.NET: <---- Enter Admin password
By default, it prompts for the Administrator password, but it's possible to specify another user with the -U option:
[root@scent101x ~]# adcli join cyberkeeda.net -U ad_admin_user 

# adcli join cyberkeeda.net -U ad_admin_user        <------ This user should have administrative rights in AD

The join operation creates a keytab the machine will authenticate with. When inspect the with klist -kt, 
[root@scent101x ~]# klist -kte
It should show several entries that contain client hostname in some form:


Keytab name: FILE:/etc/krb5.keytab
KVNO Timestamp         Principal
---- ----------------- --------------------------------------------------------
   2 12/03/17 14:17:32 SCENT101X$@CYBERKEEDA.NET (aes256-cts-hmac-sha1-96) 
   2 12/03/17 14:17:32 SCENT101X$@CYBERKEEDA.NET (aes128-cts-hmac-sha1-96) 
   2 12/03/17 14:17:32 SCENT101X$@CYBERKEEDA.NET (des3-cbc-sha1) 
   2 12/03/17 14:17:32 SCENT101X$@CYBERKEEDA.NET (arcfour-hmac)


  • Configure /etc/krb5.conf to use AD domain:

Replace 
Realm
Admin_server
your Realm, domain realms, AD erver information.

includedir /etc/krb5.conf.d/

[logging]
default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = CYBERKEEDA.NET
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 renew_lifetime = 7d
 forwardable = true

[realms]
 CYBERKEEDA.NET = {
  kdc = cyberkeeda.net
  admin_server = swind101x.cyberkeeda.net
 }

[domain_realm]
 .cyberkeeda.net = CYBERKEEDA.NET
 cyberkeeda.net = CYBERKEEDA.NET




Use authconfig to set up the Name Service Switch(/etc/nsswitch.conf) and PAM stacks(password-authand system-auth):

[root@scent101x ~]#  authconfig --enablesssd --enablesssdauth --update

Above command will modify and add necessary entries in 

Ø /etc/nsswitch.conf, 
Ø /etc/pam.d/password-auth 
Ø /etc/pam.d/system-authfiles 


The final step is to configure the SSSD itself. 
Open /etc/sssd/sssd.conf and define a single domain:

[sssd]

services = nss, pam, ssh, autofs

config_file_version = 2

domains = CYBERKEEDA.NET



[domain/CYBERKEEDA.NET]
id_provider = ad
# Uncomment and configure below , if service discovery is not working

ad_server = swind101x.cyberkeeda.net
 



 Make sure /etc/sssd/sssd.con is owned by root:root and permissions are 600

 # chown root:root /etc/sssd/sssd.conf
 # chmod 600 /etc/sssd/sssd.conf

Start the SSSD and make sure it's up after reboots:

# service sssd start
# chkconfig sssd on

    Try to  fetch user information for AD user and then try to login as AD user

# getent passwd aduser


# id Administrator
# ssh Administrator@localhost
Read more ...

SSH from your favourite browser using Shellinabox




Shellinabox is perfect tool if you have any of the requirement.

Missing Putty or SSH agent on your desktop  ?
Looking for Client less agent to SSH ?
Want to SSH your Linux server or desktop from mobile.

So lets move ahead and just follow the steps to install Shellinabox.

Video tutorial, for video lovers.


ShellinaBox Installation on  CentOS7

Introduction [ Shell In A Box ]

Shell In A Box implements a web server that can export arbitrary command line tools to a web based terminal emulator. This emulator is accessible to any JavaScript and CSS enabled web browser and does not require any additional browser plugins.

Official repository link

More info on official git page :  https://github.com/shellinabox/shellinabox

Installation.

Intsall EPEL Repo.


[root@cyberkeeda ~]# yum install epel-release 


Install shellinabox package


[root@cyberkeeda ~]# yum install shellinabox


Configuration.

Shellinabox configuration file  :    /etc/sysconfig/shellinaboxd


 Lets have a look on the file and allow and modify the important lines

[root@cyberkeeda ~]# vim /etc/sysconfig/shellinaboxd



# Shell in a box daemon configuration
# For details see shellinaboxd man page

# Basic options
USER=shellinabox
GROUP=shellinabox
CERTDIR=/var/lib/shellinabox
PORT=4200
OPTS="--disable-ssl-menu -s /:LOGIN"
OPTS="-t -s /:SSH:192.168.0.181"

PORT

PORT=4200

Chnage PORT to some other to avoid conflict between sytem level ports 

I will be changing it to 6162 

SSH HOST

OPTS="-t -s /:SSH:192.168.0.101"

Chnage IP or Hostname to your default login host, by default shellinabox will ask to login into it, then later you can ssh and jump into n number of servers.


My final config file would look as

# Shell in a box daemon configuration
# For details see shellinaboxd man page

# Basic options
USER=shellinabox
GROUP=shellinabox
CERTDIR=/var/lib/shellinabox
PORT=6162
OPTS="--disable-ssl-menu -s /:LOGIN"
OPTS="-t -s /:SSH:192.168.0.101"


Configuration Done..

Important : 

STOP Firewalld iptables and disable selinux 

#    Service firewalld stop
#    Service iptables stop

Disable SELINUX : change status of selinux to disabled

Finally Restart the shellinaboxd daemon.



[root@cyberkeeda ~]# service shellinaboxd start

Read more ...
Designed By Jackuna