Category Archives: Linux

Meltdown & Spectre – CentOS

This is, for what I’v read about, the two main things that we need to have updated…

kernel-3.10.0-693.11.6.el7.x86_64
microcode_ctl-2.1-22.2.el7.x86_64

Check them trought uname -r and dmesg | grep microcode

 

[[email protected] www]# systemctl status microcode -l
● microcode.service - Load CPU microcode update
 Loaded: loaded (/usr/lib/systemd/system/microcode.service; enabled; vendor preset: enabled)
 Active: inactive (dead) since Fri 2018-01-05 17:43:08 CET; 1 weeks 6 days ago
 Process: 692 ExecStart=/usr/bin/bash -c grep -l GenuineIntel /proc/cpuinfo | xargs grep -l -E "model[[:space:]]*: 79$" > /dev/null || echo 1 > /sys/devices/system/cpu/microcode/reload (code=exited, status=0/SUCCESS)
 Main PID: 692 (code=exited, status=0/SUCCESS)

Jan 05 17:43:08 sd-56969 systemd[1]: Starting Load CPU microcode update...
Jan 05 17:43:08 sd-56969 systemd[1]: Started Load CPU microcode update.

 

 

 

SFTP allow user to login via SFTP

If we are just allowing both on AllowUsers in file /etc/ssh/sshd_config, new users won’t be allowed to access the server.

So!, lets edit it a add the new user. Find AllowUser line and add it there.

sudo nano /etc/ssh/sshd_config

This should look something like

#PermitRootLogin without-password
PermitRootLogin no
StrictModes yes
AllowUsers bofh newuser

Save and Exit!
Restart SSH

service ssh restart

Now the user!

addgroup --system filetransf

usermod -G filetransf username
chown root:root /home/username
chmod 755 /home/username

cd /home/username
chown username:filetransf *

 

Hooray!

 

dashboard for VMware, SNMP, REST API and more

Simple dashboard system for sysadmins with modules for VMware, SNMP, REST API and more

SysAdminBoard is a simple dashboard system written in Python, HTML and Javascript and served on a simple CherryPy Webserver (included). It was originally written to reformat snmp data for the Panic Statusboard iPad App, but has since become a fully stand-alone project that can grab data from a variety of sources and render charts and graphs in a web browser.

CentOS – Enable the mod_proxy modules in the HTTPD

In our /etc/httpd/conf/httpd.conf lets see if we have the following lines on it.
Uncomment them or add them.

  1. LoadModule proxy_module modules/mod_proxy.so
    LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
    LoadModule proxy_http_module modules/mod_proxy_http.so
    # Uncomment these to proxy FTP or HTTPS
    #LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
    #LoadModule proxy_connect_module modules/mod_proxy_connect.so
    

 

Can’t locate CGI/Carp.pm in @INC & Can’t locate LWP/Simple.pm in @INC

 

[Thu Mar 09 02:23:43.435879 2017] [cgi:error] [pid 28444] [client 94.63.XXX.XXX:54192] AH01215: Can’t locate CGI/Carp.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /path/to/cgi/admin/admin.cgi line 31.

This solved my issue…

yum install perl-CGI

 

[Thu Mar 09 02:26:54.892385 2017] [cgi:error] [pid 28442] [client 94.63.XXX.XXX:54242] AH01215: [Thu Mar 9 02:26:54 2017] admin.cgi: [Thu Mar 9 02:26:54 2017] admin.cgi: Can’t locate LWP/Simple.pm in @INC (@INC contains: /path/to/cgi/admin/ /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at ./shared/subs3.pm line 1003.
[Thu Mar 09 02:26:54.892456 2017] [cgi:error] [pid 28442] [client 94.63.XXX.XXX:54242] AH01215: [Thu Mar 9 02:26:54 2017] admin.cgi: [Thu Mar 9 02:26:54 2017] admin.cgi: BEGIN failed–compilation aborted at ./shared/subs3.pm line 1003.
[Thu Mar 09 02:26:54.892599 2017] [cgi:error] [pid 28442] [client 94.63.XXX.XXX:54242] AH01215: [Thu Mar 9 02:26:54 2017] admin.cgi: Compilation failed in require at /path/to/cgi/admin/admin.cgi line 151.

This solved my issue!

yum install perl-XML-Simple