Category Archives: Linux

explainshell.com

write down a command-line to see the help text that matches each argument

 

Hello,

This site contains 29761 parsed manpages from sections 1 and 8 found in Ubuntu’s manpage repository. A lot of heuristics were used to extract the arguments of each program, and there are errors here and there, especially in manpages that have a non-standard layout.

It is written in Python and uses bashlex, a bit of NLTK (to find the interesting parts of the manpage), a little d3.js (for the connecting lines graphic) and Flask. It is served with uwsgi and nginx. Source code is available on github.

My name is Idan Kamara and you can contact me at idan at explainshell dot com for any questions or suggestions.

google pagespeed – centos installation

 

Let’s edit/create google-mod-pagespeed.repo

vi /etc/yum.repos.d/google-mod-pagespeed.repo

and add

[googlemodpagespeed]
name=googlemodpagespeed
baseurl=http://dl.google.com/linux/mod-pagespeed/rpm/stable/$basearch
enabled=1
gpgcheck=0
Let’s install it with yum!
yum install mod-pagespeed
Then we need to restart apache!
service httpd restart

 

This is how we test it…

curl -D- http://localhost/ | head -10

 

[root@sd-hooray webroot]# curl -D- http://localhost/ | head -10
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 4328 100 4328 0 0 27929 0 –:–:– –:–:– –:–:– 28103
HTTP/1.1 200 OK
Date: Wed, 12 Sep 2018 15:52:41 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.6.38
X-Powered-By: PHP/5.6.38
X-Mod-Pagespeed: 1.13.35.2-0
Vary: Accept-Encoding
Cache-Control: max-age=0, no-cache, s-maxage=10
Content-Length: 4328
Content-Type: text/html; charset=iso-8859-1

 

 

fail2ban.actions [14644]: NOTICE [sshd] 113.131.58.142 already banned

Meanwhile in a new VPS…

2018-04-18 19:56:42,211 fail2ban.actions [14644]: NOTICE [sshd] 113.131.58.142 already banned
2018-04-18 19:56:43,213 fail2ban.actions [14644]: NOTICE [sshd] 113.131.58.142 already banned
2018-04-18 19:56:44,214 fail2ban.actions [14644]: NOTICE [sshd] 113.131.58.142 already banned
2018-04-18 19:56:45,215 fail2ban.actions [14644]: NOTICE [sshd] 113.131.58.142 already banned
2018-04-18 19:56:46,217 fail2ban.actions [14644]: NOTICE [sshd] 113.131.58.142 already banned
2018-04-18 19:56:47,218 fail2ban.actions [14644]: NOTICE [sshd] 195.72.223.106 already banned
2018-04-18 19:56:48,219 fail2ban.actions [14644]: NOTICE [sshd] 195.72.223.106 already banned

YAH!
Take a look at /etc/fail2ban/jail.local or /etc/fail2ban/jail.d/00-firewalld.conf
banaction = firewallcmd-ipset
or
banaction = iptables-multiport

 

Meltdown & Spectre – CentOS

This is, for what I’v read about, the two main things that we need to have updated…

kernel-3.10.0-693.11.6.el7.x86_64
microcode_ctl-2.1-22.2.el7.x86_64

Check them trought uname -r and dmesg | grep microcode

 

[root@sd-56969 www]# systemctl status microcode -l
● microcode.service - Load CPU microcode update
 Loaded: loaded (/usr/lib/systemd/system/microcode.service; enabled; vendor preset: enabled)
 Active: inactive (dead) since Fri 2018-01-05 17:43:08 CET; 1 weeks 6 days ago
 Process: 692 ExecStart=/usr/bin/bash -c grep -l GenuineIntel /proc/cpuinfo | xargs grep -l -E "model[[:space:]]*: 79$" > /dev/null || echo 1 > /sys/devices/system/cpu/microcode/reload (code=exited, status=0/SUCCESS)
 Main PID: 692 (code=exited, status=0/SUCCESS)

Jan 05 17:43:08 sd-56969 systemd[1]: Starting Load CPU microcode update...
Jan 05 17:43:08 sd-56969 systemd[1]: Started Load CPU microcode update.

 

 

 

SFTP allow user to login via SFTP

If we are just allowing both on AllowUsers in file /etc/ssh/sshd_config, new users won’t be allowed to access the server.

So!, lets edit it a add the new user. Find AllowUser line and add it there.

sudo nano /etc/ssh/sshd_config

This should look something like

#PermitRootLogin without-password
PermitRootLogin no
StrictModes yes
AllowUsers bofh newuser

Save and Exit!
Restart SSH

service ssh restart

Now the user!

addgroup --system filetransf

usermod -G filetransf username
chown root:root /home/username
chmod 755 /home/username

cd /home/username
chown username:filetransf *

 

Hooray!