Tuesday, November 30, 2010

Show IP address before login

Put following in your /etc/rc.local file:

echo "CentOS release 5 (Final)" > /etc/issue
echo "Kernel \r on an \m" >> /etc/issue
echo "">> /etc/issue
echo "$(ifconfig eth0 | grep inet | cut -d : -f 2 | cut -d \ -f 1)" >> /etc/issue
echo "" >> /etc/issue


Change hostname

vi /etc/sysconfig/network


#change to Cent


Sunday, November 7, 2010

Bug in Apache? Allow all script in /var/www/cgi-bin


<Directory "/var/www/cgi-bin">
    Options ExecCGI
    AddHandler cgi-script .py
# still allow all script, not just .py :(

I think this should only allow .py script, but it allow any executable file.

<Directory "/home/*/public_html/cgi-bin">
    Options ExecCGI
    AddHandler cgi-script .py

As the above only allow .py script in /home/*/public_html/cgi-bin.
or I missed something :(

Enable python CGI script in user directory (public_html/cgi-bin)

edit /etc/httpd/conf/httpd.conf
add these section

<Directory "/home/*/public_html/cgi-bin">
    Options ExecCGI
    AddHandler cgi-script .py

Then restart the server
/usr/sbin/apachectl restart

If there is any error, check httpd error log
tail /var/log/httpd/error_log

[Mon Nov 08 10:21:05 2010] [error] [client] suexec policy violation: see suexec log for more details
[Mon Nov 08 10:21:05 2010] [error] [client] Premature end of script headers: ...py

error from suexec, check suexec log
tail /var/log/httpd/suexec.log

[2010-11-08 10:22:51]: uid: (500/s) gid: (500/500) cmd: ..py
[2010-11-08 10:22:51]: directory is writable by others: ..

The directory should not be writable by others (security reason)
chmod 711 /home/user-abc/public_html/cgi-bin

If there is another error, check both logs again.

Enable user directory (public_html)

edit /etc/httpd/conf/httpd.conf

remove this line
UserDir disable

and uncomment this line
UserDir public_html

(or can just change the first line)

Then restart the server
/usr/sbin/apachectl restart

If SELinux is enabled (I did), you must also need to run these

/usr/sbin/setsebool -P httpd_enable_homedirs true
chcon -R -t httpd_sys_content_t /home/user-abc/public_html

(do not forget to change the path on the second line)

from Apache Userdir with SELinux on Fedora 13/14, CentOS 5.5, Red Hat (RHEL) 5.5/6

Saturday, November 6, 2010

Testing httpd using telnet

Using telnet command
(assuming the ip address of your machine is or you can use localhost)

telnet  80

Then type "abc" and Enter

<title>501 Method Not Implemented</title>
<h1>Method Not Implemented</h1>
<p>a to / not supported.<br />
<address>Apache/2.2.3 (CentOS) Server at localhost.localdomain Port 80</address>
Connection closed by foreign host.

Try using telnet again but this time type "GET" then Enter

Different output?

Now open a browser and put as the address

Should see a lot of info (including below)

If you are the website administrator:
You may now add content to the directory /var/www/html/..."

Now go into /var/www/html and create index.html containing this line
Hello from CentOS

Then refresh the page on the browser
(also telnet and see)

start httpd

Check the status of httpd

/usr/sbin/apachectl status
ELinks: Connection refused

It is not started, then start it :)

/usr/sbin/apachectl start

These can use to restart (after change its config)
/usr/sbin/apachectl restart
/sbin/service httpd restart

Install etckeeper

After installing git (see this)
clone (copy) from kitenet.net

git clone  git://git.kitenet.net/etckeeper

Then go into etckeeper and edit etckeeper.conf

# The VCS to use.

# Options passed to git commit when run by etckeeper.

# Options passed to hg commit when run by etckeeper.
HG_COMMIT_OPTIONS="-u etckeeper@a.com"

# Options passed to bzr commit when run by etckeeper.

# Options passed to darcs record when run by etckeeper.

# Uncomment to avoid etckeeper committing existing changes
# to /etc automatically once per day.

# Uncomment to avoid etckeeper committing existing changes to
# /etc before installation. It will cancel the installation,
# so you can commit the changes by hand.

# The high-level package manager that's being used.
# (apt, pacman-g2, yum etc)

# The low-level package manager that's being used.
# (dpkg, rpm, pacman-g2, etc)

Then we can install and create an initial version.

make installl
cd /etc
/usr/sbin/etckeeper init
/usr/sbin/etckeeper commit -m "Initial"

Add RPMforge

To add rpm from RPMforge

rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt

wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.x86_64.rpm

rpm -K rpmforge-release-0.5.1-1.el5.rf.x86_64.rpm

rpm -i rpmforge-release-0.5.1-1.el5.rf.x86_64.rpm

# if not using x64
# rpm -i rpmforge-release-0.5.1-1.el5.rf.i386.rpm

Now we can use
yum install mercurial
yum install p7zip
yum install git
yum install django
It still does not have etckeeper :(

more software installed
yum install lynx



Start again :)

After re-installing yesterday (this time I set grub on the correct drive),
however it hanged at starting udev :(

vi /etc/sysconfig/modules/udev-stw.modules
--> remove all modules : )

MODULES="nvram floppy parport lp snd-powermac"
[ -f /etc/sysconfig/udev-stw ] && . /etc/sysconfig/udev-stw
for i in $MODULES ; do
modprobe $i >/dev/null 2>&1

This time, I picked only "Server - GUI" package.
I do not think this causes the problem.
Anyway I just saved the partition image using Partimage on SystemRescueCd.
Later I might try install using the same set of package (as I did earlier).

Starting ...

I am starting to play with Centos 5.5 again this month.

Starting from 1 NOV 2010,
I downloaded CentOS-5.5-x86_64-netinstall.iso
then created a bootable USB drive, using Universal USB Installer

It cannot see iso files on FAT32 partition : (
so I have to chose HTTP install, from this server.

I selected these packages: Desktop+Server+Virtualisation
It took about 30 minutes.

I did not read *carefully* when it asked to install grub (boot loader).
So it was installed to the USB drive.
The result is that I can boot to Centos if the USB drive is plugged in.
: (

root (hd0,1)
setup (hd0)

But it does not work.

Finally I have to edit /boot/grub/menu.lst
I am not sure but I think just change
hd1 to hd0 in the file.

# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd1,8)
# kernel /vmlinuz-version ro root=/dev/VolGroup00/LogVol00
# initrd /initrd-version.img
title CentOS (2.6.18-194.17.4.el5xen)
root (hd0,8)
kernel /xen.gz-2.6.18-194.17.4.el5
module /vmlinuz-2.6.18-194.17.4.el5xen ro root=/dev/VolGroup00/LogVol00
rhgb quiet
module /initrd-2.6.18-194.17.4.el5xen.img
title CentOS (2.6.18-194.el5xen)
root (hd0,8)
kernel /xen.gz-2.6.18-194.el5
module /vmlinuz-2.6.18-194.el5xen ro root=/dev/VolGroup00/LogVol00 rhgb
module /initrd-2.6.18-194.el5xen.img
title Other
rootnoverify (hd0,0)
chainloader +1

I do not know why, but I have to activate the network card on the first couple of times that it booted.
I can get http server to work, but not Python CGI.

Then I tried installing mercurial.
cannot use: yum install mercurial

The first time was older version - 1.3.1-3.el5

then a newer one - 1.6.4

not sure if this site is safe :)

After messing it a little bit, I found that there is a configuration management software
can use: yum install puppet
But I do not think I have a time to learn and use it.

So I found etckeeper which can use mercurial for its vcs.

edit /etc/etckeeper/etckeeper.conf
HG_COMMIT_OPTIONS=" -u etckeeper@a.com"

cd /etc
sudo etckeeper init
sudo etckeeper commit "Initial import"

NOTE: The information here may not be accurate.
That is why I just re-installed yesterday.

Please continue on the next post