Wednesday, 9 November 2011

Sick day, Kubuntu 11.10 installation, easy as ABC

Sick! I decided not to go to work today, few paracetamols, hot tea and coffee shortly after... I stayed in bed with my laptop and eventually called sick day. Played World of Warcraft for an hour or so, boring... let's do something useful.

Quck Kubuntu download, previously-burned DVD-RW with CentOS 6 erased, shiny new Kubuntu 11.10 ready for a kick. Windows like installer, few "next" buttons clicked, and KDE is up and running out of the box. Do you remember I've complained that CentOS has "PermitRootLogin" set to "yes" by default? Looks like Ubuntu / Kubuntu has same settings, so that's probably default openssh thing. Funny story is that in Ubuntu based systems, you don't really create root user password and system force you to create user account instead, so you can use sudo to run commands with more privileges. With such a policies, why would someone allow direct root login by default through SSH? Well... maybe that's just me who's cares too much about this.

"apt-get" update and upgrade, denyhosts is inside repository, so you don't have to download and setup it manually, that's a good thing right? All this took me maybe an hour, and I had whole day, so started playing with virtualization, KVM and XEN. After a short while, fighting with different packages and configs, I found that my CPU Intel E7300 doesn't support Virtualization Technology (VT-x), this may explain why everything I tried failed, stupid me. I started installation and setup of OpenVZ, which doesn't really require VT, but I had no more patience for this, so decided to play some more World of Warcraft. This game can be really time consuming, if you didn't play it, don't start it, it's like smoking, once you going to try, you will want to do it again.

Sunday, 6 November 2011

Why this happen every Sunday

Yet another boring Sunday, doing nothing but slacking around (in pain, trying to quit smoking, doing well... or maybe not, if I have to be honest), surfing the web... here's some funny stuff I've found recently.


It's more like a developer / programmer excuse, but can be used by a systems administrator as well. Imagine re-compiling some system packages or kernel (or maybe building "world" in FreeBSD). Btw, picture was shown to me by Matt, my work colegue (and yes, we both are sysadmins).

And here's something I found on Google+ today (it's not like I'm playing around this g+ a lot, I'm not really a big fan of social networks, but "what's hot" link on google+ can give you a short break and entertiment for few minutes, so it's worth to check it sometime!).


If you can read this you have a strong mind... really? Anyway, very nice idea, and it is working somehow... Credits go to Sabrina Terence, it's a shame that her website doesn't seems to be working... maybe I could find some more awesome stuff over there.

Wednesday, 2 November 2011

linux CentOS 6.2 - installation

Base system has been installed from: CentOS-6.0-x86_64-minimal.iso

# uname -a
Linux xxx 2.6.32-71.el6.x86_64

sweet, but for some reason I can't use yum, even ping google.com fail...

# ifconfig | grep encap | cut -d" " -f1
lo

what the hell? where's my network!?

# ifup eth0
# dhclient eth0
# ifconfig | egrep "Link encap|inet addr"

eth0  Link encap:Ethernet HWaddr F4:6D:04:AF:AD:2F
      inet addr:192.168.1.66 Bcast:192.168.1.255 Mask:255.255.255.0
lo    Link encap:Local Loopback
      inet addr:127.0.0.1  Mask:255.0.0.0

here we go, looks much better. "yum update" done, "mc" and "nano" installed, now it's time to sort out this networking issue, what kind of server (or desktop) it is when network interface can't survive a reboot.

/etc/sysconfig/network
NETWORKING=yes
checked.

/etc/sysconfig/network-scripts/ifcfg-eth0
ONBOOT=no

ehm... shouldn't default CentOS installation set your primary network interface to "ONBOOT=yes"? Anyway, ONBOOT updated, "BOOTPROTO=dhcp" has been added, let's reboot! Machine rebooted, network interface is up and it has correct IP number (asigned on my router to this MAC address), dhclient is running. Next pretty lame thing is that root login is allowed through SSH by default and there's no sudo installed, so I had to do "yum install sudo", add user account, add record to /etc/sudoers and update /etc/ssh/sshd_config with "PermitRootLogin no", which is set to "yes" and commented out by default.

# yum install denyhosts

Loaded plugins: fastestmirror, presto
Loading mirror speeds from cached hostfile
 * base: mirror01.th.ifl.net
 * extras: mirror01.th.ifl.net
 * updates: mirror01.th.ifl.net
Setting up Install Process
No package denyhosts available.
Error: Nothing to do

please, be serious... I just put firewall rules on my router to allow ssh... A system which allow root login through SSH by default doesn't even have "denyhosts" in repository? If that would be something new, a new package, but... it is stable and static code since 2008, nobody even bother to touch this code anymore, it's simple and complete package. Anyway, not a problem, sourceforge is your friend...

# wget http://downloads.sourceforge.net/project/denyhosts/denyhosts/2.6/DenyHosts-2.6.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fdenyhosts%2Ffiles%2Fdenyhosts%2F2.6%2F&ts=1320260346&use_mirror=sunet
]# -bash: wget: command not found

heh, "yum install wget" solved the problem, software downloaded, ungzip, untar.

# python setup.py install
# cd /usr/share/denyhosts
# cp daemon-control-dist /etc/init.d/denyhosts
# cp denyhosts.cfg-dist denyhosts.cfg

I have no idea why, but config specify this location as WORK_DIR, but this directory is not created by setup script by default, so...

# mkdir /usr/share/denyhosts/data

this is where you can create file "allowed-hosts" to white-list your trusted IPs, from denyhosts docs: "Since it is quite possible for a user to mistype their password repeatedly it may be desirable to have DenyHosts prevent specific IP addresses from being added to /etc/hosts.deny. To address this issue, create a file named allowed-hosts in the WORK_DIR. Simply add an IP address, one per line. Any IP address that appears in this file will not be blocked."

# chkconfig --add denyhosts

okay, linux CentOS 6.2 system installed, updated, networking can survive a reboot now, ssh open to world (direct root login disabled, user account created and privileges granted for sudo), denyhosts installed. Can't really imagine anyone who allow direct root login through SSH and doesn't even use denyhosts... ehm, to be honest, can't imagine anyone who permit direct root login anyway, it's just stupid. Now, it's time to think, what I can do with my fresh system. Maybe I can move my blog to be hosted from my own "server"? Nah, why would I do it? I will let google / blogger do the job, no pain, no stress, and it's free.

Tuesday, 1 November 2011

let's blog... setup time

Trying to set up a very first blog in my life. I heard it's pretty easy with blogspot (google thing... but what is not a google these days?). That what I found so far... it's not that easy! Lots of useless links, some reminders, extra shiny popups and different notifications... do I really need to read all of this?

30 minutes later, I'm up and running. Probably not everything is set in the way it should, but at least... it is working (I mean, it is visible and publicly accessible). I've shared the link to my blog on facebook, over a ten instant visits, looks like people doesn't have anything else to do, 21st century, online socializing is on the top. Stats are scary anyway, 100% visits from Windows OS... great, and the plan was to share some linux knowledge and geeky stuff. Well... you can't have everything withing 30 minutes, you need to wait at least a day, I suppose. Let's get some sleep, and find out what's going to happen tomorrow then. Good night!