This tutorial describes how to add REMI repository which is created and maintained by a French guy named Remi Collect. REMI repository is free to use and is very stable.

You might want to look our previous tutorials about EPEL repository.

• Install EPEL Repository On CentOS/RHEL/Scientific Linux 7

• Install EPEL Repository On CentOS/RHEL/Scientific Linux 6.x

Install REMI Repository On RHEL / CentOS / Scientific Linux / Fedora

Please be mindful that you should use REMI repository along with EPEL repository. Otherwise you may end up with dependency problem sometimes.

On CentOS/RHEL/Scientific Linux 7 x86_64:

wget http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
rpm -Uvh remi-release-7.rpm

On CentOS/RHEL/Scientific Linux 6 i386 or x86_64:

wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
rpm -Uvh remi-release-6.rpm

## for RHEL only
rhn-channel --add --channel=rhel-$(uname -i)-server-optional-6

On CentOS/RHEL/Scientific Linux 5 i386 or x86_64:

wget http://rpms.famillecollet.com/enterprise/remi-release-5.rpm
rpm -Uvh remi-release-5.rpm

On Fedora 20  i386 or x86_64:

wget http://rpms.famillecollet.com/remi-release-20.rpm
yum install remi-release-20.rpm

On Fedora 19  i386 or x86_64:

wget http://rpms.famillecollet.com/remi-release-19.rpm
yum install remi-release-19.rpm

On Fedora 18  i386 or x86_64:

rpm -Uvh http://rpms.famillecollet.com/remi-release-18.rpm

Enable REMI repository

Edit file remi.repo,

vi /etc/yum.repos.d/remi.repo

Find the line enabled =0 and change it to 1 to enable REMI repository.

[...]
enabled=1
[...]

Save and close the file.

Now list out the installed repositories with command:

yum repolist

Sample output:

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: centos.excellmedia.net
 * epel: epel.mirror.net.in
 * extras: centos.excellmedia.net
 * remi: mirror.smartmedia.net.id
 * updates: centos.excellmedia.net
repo id                                                     repo name                                                                                    status
base/7/x86_64                                               CentOS-7 - Base                                                                              8,465
epel/x86_64                                                 Extra Packages for Enterprise Linux 7 - x86_64                                               5,551
extras/7/x86_64                                             CentOS-7 - Extras                                                                               30
remi                                                        Les RPM de remi pour Enterprise Linux 7 - x86_64                                               671
updates/7/x86_64                                            CentOS-7 - Updates                                                                             577
repolist: 15,294

Now, you’re ready to install packages. You can install packages using command:

yum install <package-name>

Cheers!

---------------------------------------------------------------------
Install REMI Repository On RHEL, CentOS, Scientific Linux 7/6.x/5.x And Fedora 20/19/18

What Is Docker?

From the Docker website,

Docker is an open platform for developing, shipping, and running applications. Docker is designed to deliver your applications faster. With Docker you can separate your applications from your infrastructure and treat your infrastructure like a managed application. Docker helps you ship code faster, test faster, deploy faster, and shorten the cycle between writing code and running code.

Docker does this by combining a lightweight container virtualization platform with workflows and tooling that help you manage and deploy your applications.

At its core, Docker provides a way to run almost any application securely isolated in a container. The isolation and security allow you to run many containers simultaneously on your host. The lightweight nature of containers, which run without the extra load of a hypervisor, means you can get more out of your hardware.

Docker is lightweight and fast platform that provides a viable, cost-effective alternative to hypervisor-based virtual machines. This is perfectly suitable for development environments. The developers can write any code of their choice inside the containers, and then share them to the other developers later via Docker for testing. Once the testing is done, the codes or applications can be pushed to the production environment and you can start deploying and using the applications in real time.

You can run the Docker containers on any physical system, or Virtual machines, or in any Cloud platforms. Docker will run on almost all modern operating systems like GNU/Linux, Mac OS, and Windows etc. Moreover, Docker will run Cloud platforms like Amazon EC2, Rackspace Cloud, Google Cloud, and IBM softlayer etc.

You might want to check our previous articles about LXC and Vagrant.

• Setting Up Multiple Isolated Linux Systems (Containers) Using LXC On Ubuntu 14.04

• Vagrant – Creating Virtual Development Environments Made Easy

This tutorial describes you how to install and use Docker on Ubuntu and CentOS like systems. This article was tested on Ubuntu 14.04 and CentOS 7 64bit Minimal servers.

Install Docker

On Ubuntu 14.04 systems:

curl -sSL https://get.docker.io/ubuntu/ | sudo sh

On CentOS 7 systems:

Docker is available on CentOS 7 default repositories. So, you can install it by just running the following command from your Terminal.

yum install docker

Enable and start Docker service:

systemctl enable docker
systemctl start docker

For other distributions, check out the official installation instructions page.

Usage

1. Creating New Containers

Docker usage is as simple as LXC. First, let us download the Ubuntu image and create a Ubuntu container.

To do that, switch to root user and run the following command from the Terminal:

docker pull ubuntu

Sample Output:

 Pulling repository ubuntu
 75204fdb260b: Pulling image (utopic) from ubuntu, endpoint: https://cdn-registry-1.docker.io/v1/
 195eb90b5349: Pulling image (saucy) from ubuntu, endpoint: https://cdn-registry-1.docker.io/v1/
 3db9c44f4520: Pulling image (lucid) from ubuntu, endpoint: https://cdn-registry-1.docker.io/v1/
 463ff6be4238: Pulling image (13.04) from ubuntu, endpoint: https://cdn-registry-75204fdb260b: Pulling dependent layers
 195eb90b5349: Pulling dependent layers
 3db9c44f4520: Downloading 39.62 MB/63.51 MB 11m53s
 463ff6be4238: Downloading 16.95 MB/18.11 MB 35s
 463ff6be4238: Downloading 17.32 MB/18.11 MB 24s
 463ff6be4238: Downloading 17.51 MB/18.11 MB 18s
 822a01ae9a15: Pulling dependent layers
 3db9c44f4520: Downloading 40.68 MB/63.51 MB 11m10s
 463ff6be4238: Download complete
 c5881f11ded9: Pulling fs layer
 3db9c44f4520: Downloading 42.26 MB/63.51 MB 10m6s
 c5881f11ded9: Download complete
 cc58e55aa5a5: Download complete
 f127542f0b61: Download complete
 6cfa4d1f33fb: Download complete
 bac448df371d: Download complete
 3af9d794ad07: Download complete
 af82eb377801: Download complete
 93c381d2c255: Download complete
 b7c6da90134e: Download complete
 47dd6d11a49f: Download complete
 a5208e800234: Download complete
 f33dbb8bc20e: Download complete
 9fccf650672f: Download complete
 1186c90e2e28: Download complete
 92ac38e49c3e: Download complete
 dfaad36d8984: Download complete
 fae16849ebe2: Download complete
 aa822e26d727: Download complete
 f6a1afb93adb: Download complete
 5796a7edb16b: Download complete
 0f4aac48388f: Download complete
 31db3b10873e: Download complete
 209ea56fda6d: Download complete

The above command will first look for the ubuntu images from the localhost itself. If images are not available locally, then it pull the latest images from the Docker hub.

If you want to build a CentOS container, then pull the centos image instead:

docker pull centos

To list all downloaded Docker images, run the following command:

docker images

Sample Output:

 REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
 ubuntu              14.04               c4ff7513909d        2 days ago          225.4 MB
 ubuntu              trusty              c4ff7513909d        2 days ago          225.4 MB
 ubuntu              latest              c4ff7513909d        2 days ago          225.4 MB
 ubuntu              14.04.1             c4ff7513909d        2 days ago          225.4 MB
 ubuntu              utopic              75204fdb260b        2 days ago          230.1 MB
 ubuntu              14.10               75204fdb260b        2 days ago          230.1 MB
 ubuntu              precise             822a01ae9a15        2 days ago          108.1 MB
 ubuntu              12.04.5             822a01ae9a15        2 days ago          108.1 MB
 ubuntu              12.04               822a01ae9a15        2 days ago          108.1 MB
 ubuntu              12.10               c5881f11ded9        8 weeks ago         172.2 MB
 ubuntu              quantal             c5881f11ded9        8 weeks ago         172.2 MB
 ubuntu              13.04               463ff6be4238        8 weeks ago         169.4 MB
 ubuntu              raring              463ff6be4238        8 weeks ago         169.4 MB
 ubuntu              13.10               195eb90b5349        8 weeks ago         184.7 MB
 ubuntu              saucy               195eb90b5349        8 weeks ago         184.7 MB
 ubuntu              10.04               3db9c44f4520        3 months ago        183 MB
 ubuntu              lucid               3db9c44f4520        3 months ago        183 MB

The above images have been built by someone else on the Docker community. The downloaded images will be saved locally in the /var/lib/docker/ directory.

After downloading the Docker images, let us run the new Container by entering the following command:

docker run -t -i ubuntu:14.04.1 /bin/bash

Where,

-t : Assigns a pseudo-tty or terminal inside our new container.

-i : Allows us to make an interactive connection by grabbing the standard in (STDIN) of the container.

/bin/bash : This will launch a Bash shell inside our container.

ubuntu:14.04.1 : Launches the container running latest Ubuntu 14.04.1 image.

Or, you can run a Container by using the Image id also.

docker run -t -i c4ff7513909d /bin/bash

Here, c4ff7513909d is the Ubuntu 14.04.1 Image id.

To run Ubuntu 14.10 container:

docker run -t -i ubuntu:14.10 /bin/bash

Likewise, you can run Ubuntu 13.10 container:

docker run -t -i ubuntu:13.10 /bin/bash

The above commands will let you to login to the container.

root@61186887519b:/#

Now, you can use the container to build your applications.

To return back to your original host’s Terminal without quiting the Container, press ctrl+p, following by ctrl+q key.

To view the running Docker containers, run the following command:

docker ps

Sample Output:

 CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
 61186887519b        ubuntu:14.04        /bin/bash           20 minutes ago      Up 20 minutes                           jovial_archimedes

To view all containers, use the flag “-a”.

docker ps -a

If you want to attach back to the running container, run the following command:

docker attach 61186887519b

Here, 61186887519b is the ID of the running container.

To stop the container, type exit from that Container’s bash shell.

2. Building Our Own Images

What we’ve seen above is run an image created by someone else in the Docker Hub. Now, We will see how to create our own image with some preinstalled packages (Ex.apache web server) in the Container.

First, run the required container. Here, I will run Ubuntu 14.04.

docker run -t -i ubuntu:14.04 /bin/bash

Install Apache web server in the Container.

apt-get update && apt-get install apache2 -y

Start apache service:

service apache2 start

Check if server is working by navigating to the http://ip-address-of-the-container/ from your original host browser.

Note: You can find the IP address of any Container by running the “ifconfig” command inside the Container’s Terminal.

Voila! Apache server is working!!

Now, return back to your original system host Terminal by pressing ctrl+p and ctrl+q keys.

Run the following command to build our own Docker image which includes apache web server preinstalled.

Example:

docker commit 28107ffa5560 sk_unixmen/ubuntu_apach

Sample Output:

9f656205a4bd30959b437da8bf91d848702b0d512c4c0cdb56eeadf771bcab85

Here,

28107ffa5560 – Ubuntu 14.04 container ID. You can find it using command “docker ps”.

sk_unixmen – Name of the user who created the container.

ubuntu_apache – Name of the docker image created by user sk_container.

Now, let us run command “docker images” to see if our new image is created.

docker images

Sample Output:

REPOSITORY                 TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
sk_unixmen/ubuntu_apache   latest              9f656205a4bd        29 seconds ago      260.2 MB
ubuntu                     trusty              c4ff7513909d        4 days ago          225.4 MB
ubuntu                     14.04               c4ff7513909d        4 days ago          225.4 MB
ubuntu                     latest              c4ff7513909d        4 days ago          225.4 MB
ubuntu                     14.04.1             c4ff7513909d        4 days ago          225.4 MB
ubuntu                     14.10               75204fdb260b        4 days ago          230.1 MB
ubuntu                     utopic              75204fdb260b        4 days ago          230.1 MB
ubuntu                     12.04               822a01ae9a15        4 days ago          108.1 MB
ubuntu                     12.04.5             822a01ae9a15        4 days ago          108.1 MB
ubuntu                     precise             822a01ae9a15        4 days ago          108.1 MB
ubuntu                     12.10               c5881f11ded9        8 weeks ago         172.2 MB
ubuntu                     quantal             c5881f11ded9        8 weeks ago         172.2 MB
ubuntu                     13.04               463ff6be4238        8 weeks ago         169.4 MB
ubuntu                     raring              463ff6be4238        8 weeks ago         169.4 MB
ubuntu                     13.10               195eb90b5349        8 weeks ago         184.7 MB
ubuntu                     saucy               195eb90b5349        8 weeks ago         184.7 MB
ubuntu                     10.04               3db9c44f4520        3 months ago        183 MB
ubuntu                     lucid               3db9c44f4520        3 months ago        183 MB

As you see above, Our new image has been created.

Now, you can create a another new container using the new image which we have created just before.

docker run -t -i sk_unixmen/ubuntu_apache /bin/bash

You’ll be now able to play with your Container as usual. Please note that the apache server is preinstalled in our newly created Image.

3. Removing Containers and Images

Once you done with Containers or Images, you can permanently delete them from your local system.

First, let us view the list of available Containers.

docker ps -a

Sample Output:

CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                          PORTS               NAMES
6f9a6e4b1e82        9f656205a4bd        /bin/bash           8 minutes ago       Up 8 minutes                                        sad_heisenberg             
6ce258454f77        ubuntu:14.04        /bin/bash           30 minutes ago      Up 30 minutes                                       desperate_bohr             
777b275823e9        ubuntu:14.04        /bin/bash           40 minutes ago      Exited (0) 30 minutes ago                           compassionate_mclean       
eac3b804a2fb        ubuntu:14.10        /bin/bash           22 hours ago        Exited (0) 20 hours ago                             backstabbing_bartik        
325d0bfcb828        ubuntu:14.10        /bin/bash           43 hours ago        Exited (0) 43 hours ago                             kickass_torvalds           
226c86bc836e        ubuntu:14.04        /bin/bash           43 hours ago        Exited (1) 43 hours ago                             sharp_albattani            
7cba44200ff9        ubuntu:14.10        /bin/bash           43 hours ago        Exited (100) 43 hours ago                           jovial_lumiere             
28107ffa5560        ubuntu:14.10        /bin/bash           43 hours ago        Exited (-1) About an hour ago                       ecstatic_davinci           
3170c250a59f        ubuntu:14.10        /bin/bash           43 hours ago        Exited (0) 43 hours ago                             angry_wright               
f41190788d0b        ubuntu:14.04        /bin/bash           44 hours ago        Exited (0) 44 hours ago                             elegant_mcclintock         
4610f91b4d65        ubuntu:14.10        /bin/bash           44 hours ago        Exited (0) 44 hours ago                             condescending_archimedes   
61186887519b        ubuntu:14.04        /bin/bash           44 hours ago        Exited (0) 44 hours ago                             jovial_archimedes

As you see above result, there are two Containers running now. Let us stop them first.

docker stop 6f9a6e4b1e82
docker stop 6ce258454f77

Here, 6f9a6e4b1e82 and 6ce258454f77 are ID of the running Container’s.

After stopping the Containers, run the following commands to delete them.

docker rm 6f9a6e4b1e82
docker rm 6ce258454f77

Now, the above two Container’s have been deleted from the local system.

Similarly, you can delete the Docker Images too.

Let us view the list of available Docker Images in our local system.

docker images

Sample Output:

REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
<none>              <none>              9f656205a4bd        15 minutes ago      260.2 MB
ubuntu              14.04               c4ff7513909d        4 days ago          225.4 MB
ubuntu              latest              c4ff7513909d        4 days ago          225.4 MB
ubuntu              14.04.1             c4ff7513909d        4 days ago          225.4 MB
ubuntu              trusty              c4ff7513909d        4 days ago          225.4 MB
ubuntu              14.10               75204fdb260b        4 days ago          230.1 MB
ubuntu              utopic              75204fdb260b        4 days ago          230.1 MB
ubuntu              12.04.5             822a01ae9a15        4 days ago          108.1 MB
ubuntu              precise             822a01ae9a15        4 days ago          108.1 MB
ubuntu              12.04               822a01ae9a15        4 days ago          108.1 MB
ubuntu              12.10               c5881f11ded9        8 weeks ago         172.2 MB
ubuntu              quantal             c5881f11ded9        8 weeks ago         172.2 MB
ubuntu              13.04               463ff6be4238        8 weeks ago         169.4 MB
ubuntu              raring              463ff6be4238        8 weeks ago         169.4 MB
ubuntu              13.10               195eb90b5349        8 weeks ago         184.7 MB
ubuntu              saucy               195eb90b5349        8 weeks ago         184.7 MB
ubuntu              10.04               3db9c44f4520        3 months ago        183 MB
ubuntu              lucid               3db9c44f4520        3 months ago        183 M

To delete an Image (Ex.9f656205a4bd), run the following command:

 docker rmi 9f656205a4bd

The Docker image has been deleted now.

That’s all for now. What we’ve discussed so for is just the Docker installation part and it’s basic usage. I recommended you to go thorough the Official Docker documentation to find out more about Docker.

Cheers!

---------------------------------------------------------------------
Docker – Lightweight Virtualization With Linux Containers

NFS, stands for Network File System, is a server-client protocol used for sharing files between linux/unix to unix/linux systems. NFS enables you to mount a remote share locally. You can then directly access any of the files on that remote share.

Scenario

In this how-to, I will be using two systems which are running with CentOS 7. The same steps are applicable for RHEL and Scientific Linux 7 distributions.

Here are mt testing nodes details.

NFS Server Hostname: server.unixmen.local
NFS Server IP Address: 192.168.1.101/24

NFS Client Hostname: client.unixmen.local
NFS Client IP Address: 192.168.1.102/24

Server Side Configuration

Install NFS packages in your Server system by using the following command:

yum install nfs-utils nfs-utils-lib

Enable and start NFS services:

systemctl enable rpcbind
systemctl enable nfs-server
systemctl enable nfs-lock
systemctl enable nfs-idmap

systemctl start rpcbind
systemctl start nfs-server
systemctl start nfs-lock
systemctl start nfs-idmap

Now, let us create some shared directories in server.

Create a shared directory named ‘/var/unixmen_share’ in server and let the client users to read and write files in that directory.

mkdir /var/unixmen_share 
chmod 777 /var/unixmen_share/

Export shared directory on NFS Server:

Edit file /etc/exports,

vi /etc/exports

Add the following line:

/var/unixmen_share/     192.168.1.0/24(rw,sync,no_root_squash,no_all_squash)

where,

/var/unixmen_share – shared directory
192.168.1.0/24 – IP address range of clients
rw – Writable permission to shared folder
sync – Synchronize shared directory
no_root_squash – Enable root privilege
no_all_squash - Enable user’s authority

Restart the NFS service:

systemctl restart nfs-server

Client Side Configuration

Install NFS packages in your client system by using the following command:

yum install nfs-utils nfs-utils-lib

Enable and start NFS services:

systemctl enable rpcbind
systemctl enable nfs-server
systemctl enable nfs-lock
systemctl enable nfs-idmap

systemctl start rpcbind
systemctl start nfs-server
systemctl start nfs-lock
systemctl start nfs-idmap

Mount NFS shares On clients

Create a mount point to mount the shared folder ‘var/unixmen_share’ which we’ve created before in the server.

mkdir /var/nfs_share

Mount the share from server to client as shown below

mount -t nfs 192.168.1.101:/var/unixmen_share/ /var/nfs_share/ 

Sample Output:

mount.nfs: Connection timed out

Probably, it will show a connection timed out error which means that the firewall is blocking our NFS server. To access NFS shares from remote clients, we must allow the following nfs ports in the NFS server iptables/firewall.

If you don’t know which ports to allow through firewall, run the following command:

rpcinfo -p

Sample output:

    program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  60985  status
    100024    1   tcp  54302  status
    100005    1   udp  20048  mountd
    100005    1   tcp  20048  mountd
    100005    2   udp  20048  mountd
    100005    2   tcp  20048  mountd
    100005    3   udp  20048  mountd
    100005    3   tcp  20048  mountd
    100003    3   tcp   2049  nfs
    100003    4   tcp   2049  nfs
    100227    3   tcp   2049  nfs_acl
    100003    3   udp   2049  nfs
    100003    4   udp   2049  nfs
    100227    3   udp   2049  nfs_acl
    100021    1   udp  46666  nlockmgr
    100021    3   udp  46666  nlockmgr
    100021    4   udp  46666  nlockmgr
    100021    1   tcp  42955  nlockmgr
    100021    3   tcp  42955  nlockmgr
    100021    4   tcp  42955  nlockmgr
    100011    1   udp    875  rquotad
    100011    2   udp    875  rquotad
    100011    1   tcp    875  rquotad
    100011    2   tcp    875  rquotad

You should allow the above ports.

To do that, go to the NFS server, and run the following commands:

firewall-cmd --permanent --add-port=111/tcp
firewall-cmd --permanent --add-port=54302/tcp
firewall-cmd --permanent --add-port=20048/tcp
firewall-cmd --permanent --add-port=2049/tcp
firewall-cmd --permanent --add-port=46666/tcp
firewall-cmd --permanent --add-port=42955/tcp
firewall-cmd --permanent --add-port=875/tcp

Restart firewalld service to take effect the changes:

firewall-cmd --reload

Again mount the share in client system with command:

mount -t nfs 192.168.1.101:/var/unixmen_share/ /var/nfs_share/

Now the NFS share will mount without any connection timed out error.

Verifying NFS Shares On Clients

Verify the share from the server is mounted or not using ‘mount’ command.

mount

Sample output:

proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime,seclabel)
devtmpfs on /dev type devtmpfs (rw,nosuid,seclabel,size=309620k,nr_inodes=77405,mode=755)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,seclabel)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,mode=755)
tmpfs on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,seclabel,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
configfs on /sys/kernel/config type configfs (rw,relatime)
/dev/mapper/centos-root on / type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
selinuxfs on /sys/fs/selinux type selinuxfs (rw,relatime)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=32,pgrp=1,timeout=300,minproto=5,maxproto=5,direct)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,seclabel)
mqueue on /dev/mqueue type mqueue (rw,relatime,seclabel)
debugfs on /sys/kernel/debug type debugfs (rw,relatime)
/dev/sda1 on /boot type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
sunrpc on /proc/fs/nfsd type nfsd (rw,relatime)
192.168.1.101:/var/unixmen_share on /var/nfs_share type nfs4 (rw,relatime,vers=4.0,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.1.102,local_lock=none,addr=192.168.1.101)

Auto mount NFS Shares

To mount the shares automatically instead of mounting them manually on every reboot, add the following lines shown in bold in the ‘/etc/fstab’ file of your client system.

vi /etc/fstab

#
# /etc/fstab
# Created by anaconda on Tue Aug 19 12:15:24 2014
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root /                       xfs     defaults        1 1
UUID=2ba8d78a-c420-4792-b381-5405d755e544 /boot                   xfs     defaults        1 2
/dev/mapper/centos-swap swap                    swap    defaults        0 0
192.168.1.101:/var/unixmen_share/ /var/nfs_share/ nfs rw,sync,hard,intr 0 0

Reboot the client system and check the share whether it is automatically mounted or not.

mount

Sample output:

proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime,seclabel)
devtmpfs on /dev type devtmpfs (rw,nosuid,seclabel,size=309620k,nr_inodes=77405,mode=755)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,seclabel)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,mode=755)
tmpfs on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,seclabel,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
configfs on /sys/kernel/config type configfs (rw,relatime)
/dev/mapper/centos-root on / type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
selinuxfs on /sys/fs/selinux type selinuxfs (rw,relatime)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=32,pgrp=1,timeout=300,minproto=5,maxproto=5,direct)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,seclabel)
mqueue on /dev/mqueue type mqueue (rw,relatime,seclabel)
debugfs on /sys/kernel/debug type debugfs (rw,relatime)
/dev/sda1 on /boot type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
sunrpc on /proc/fs/nfsd type nfsd (rw,relatime)
192.168.1.101:/var/unixmen_share on /var/nfs_share type nfs4 (rw,relatime,vers=4.0,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.1.102,local_lock=none,addr=192.168.1.101)

Thats it. Now NFS server is ready to use.

---------------------------------------------------------------------
Setting Up NFS Server And Client On CentOS 7

DNS, stands for Domain Name System, translates hostnames or URLs into IP addresses. For example, if we type www.unixmen.com in browser, the DNS server translates the domain name into its associated ip address. Since the IP addresses are hard to remember all time, DNS servers are used to translate the hostnames like www.unixmen.com to 173.xxx.xx.xxx. So it makes easy to remember the domain names instead of its IP address.

This detailed tutorial will help you to set up a local DNS server on your CentOS 7 system. However, the steps are applicable for setting up DNS server on RHEL and Scientific Linux 7 too.

DNS Server Installation

Scenario

For the purpose of this tutorial, I will be using three nodes. One will be acting as Master DNS server, the second system will be acting as Secondary DNS, and the third will be our DNS client. Here are my three systems details.

Primary (Master) DNS Server Details:

Operating System     : CentOS 7 minimal server
Hostname             : masterdns.unixmen.local
IP Address           : 192.168.1.101/24

Secondary (Slave) DNS Server Details:

Operating System     : CentOS 7 minimal server
Hostname             : secondarydns.unixmen.local
IP Address           : 192.168.1.102/24

Client Details:

Operating System     : CentOS 6.5 Desktop  
Hostname             : client.unixmen.local
IP Address           : 192.168.1.103/24

Setup Primary (Master) DNS Server

Install bind9 packages on your server.

yum install bind bind-utils -y

1. Configure DNS Server

Edit ‘/etc/named.conf’ file.

vi /etc/named.conf

Add the lines as shown in bold:

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
    listen-on port 53 { 127.0.0.1; 192.168.1.101;}; ### Master DNS IP ###
#    listen-on-v6 port 53 { ::1; };
    directory     "/var/named";
    dump-file     "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    allow-query     { localhost; 192.168.1.0/24;}; ### IP Range ###
    allow-transfer{ localhost; 192.168.1.102; };   ### Slave DNS IP ###

    /* 
     - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
     - If you are building a RECURSIVE (caching) DNS server, you need to enable 
       recursion. 
     - If your recursive DNS server has a public IP address, you MUST enable access 
       control to limit queries to your legitimate users. Failing to do so will
       cause your server to become part of large scale DNS amplification 
       attacks. Implementing BCP38 within your network would greatly
       reduce such attack surface 
    */
    recursion yes;

    dnssec-enable yes;
    dnssec-validation yes;
    dnssec-lookaside auto;

    /* Path to ISC DLV key */
    bindkeys-file "/etc/named.iscdlv.key";

    managed-keys-directory "/var/named/dynamic";

    pid-file "/run/named/named.pid";
    session-keyfile "/run/named/session.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
    type hint;
    file "named.ca";
};

zone "unixmen.local" IN {
type master;
file "forward.unixmen";
allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "reverse.unixmen";
allow-update { none; };
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

2. Create Zone files

Create forward and reverse zone files which we mentioned in the ‘/etc/named.conf’ file.

2.1 Create Forward Zone

Create forward.unixmen file in the ‘/var/named’ directory.

vi /var/named/forward.unixmen

Add the following lines:

$TTL 86400
@   IN  SOA     masterdns.unixmen.local. root.unixmen.local. (
        2011071001  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)
@       IN  NS          masterdns.unixmen.local.
@       IN  NS          secondarydns.unixmen.local.
@       IN  A           192.168.1.101
@       IN  A           192.168.1.102
@       IN  A           192.168.1.103
masterdns       IN  A   192.168.1.101
secondarydns    IN  A   192.168.1.102
client          IN  A   192.168.1.103

2.2 Create Reverse Zone

Create reverse.unixmen file in the ‘/var/named’ directory.

vi /var/named/reverse.unixmen

Add the following lines:

$TTL 86400
@   IN  SOA     masterdns.unixmen.local. root.unixmen.local. (
        2011071001  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)
@       IN  NS          masterdns.unixmen.local.
@       IN  NS          secondarydns.unixmen.local.
@       IN  PTR         unixmen.local.
masterdns       IN  A   192.168.1.101
secondarydns    IN  A   192.168.1.102
client          IN  A   192.168.1.103
101     IN  PTR         masterdns.unixmen.local.
102     IN  PTR         secondarydns.unixmen.local.
103     IN  PTR         client.unixmen.local.

3. Start the DNS service

Enable and start DNS service:

systemctl enable named
systemctl start named

4. Firewall Configuration

We must allow the DNS service default port 53 through firewall.

firewall-cmd --permanent --add-port=53/tcp

5. Restart Firewall

firewall-cmd --reload

6. Configuring Permissions, Ownership, and SELinux

Run the following commands one by one:

chgrp named -R /var/named
chown -v root:named /etc/named.conf
restorecon -rv /var/named
restorecon /etc/named.conf

7. Test DNS configuration and zone files for any syntax errors

Check DNS default configuration file:

named-checkconf /etc/named.conf

If it returns nothing, your configuration file is valid.

Check Forward zone:

named-checkzone unixmen.local /var/named/forward.unixmen

Sample output:

zone unixmen.local/IN: loaded serial 2011071001
OK

Check reverse zone:

named-checkzone unixmen.local /var/named/reverse.unixmen 

Sample Output:

zone unixmen.local/IN: loaded serial 2011071001
OK

Add the DNS Server details in your network interface config file.

vi /etc/sysconfig/network-scripts/ifcfg-enp0s3

TYPE="Ethernet"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
NAME="enp0s3"
UUID="5d0428b3-6af2-4f6b-9fe3-4250cd839efa"
ONBOOT="yes"
HWADDR="08:00:27:19:68:73"
IPADDR0="192.168.1.101"
PREFIX0="24"
GATEWAY0="192.168.1.1"
DNS="192.168.1.101"
IPV6_PEERDNS="yes"
IPV6_PEERROUTES="yes"

Edit file /etc/resolv.conf,

vi /etc/resolv.conf

Add the name server ip address:

nameserver      192.168.1.101

Save and close the file.

Restart network service:

systemctl restart network

8. Test DNS Server

dig masterdns.unixmen.local

Sample Output:

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> masterdns.unixmen.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25179
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;masterdns.unixmen.local.    IN    A

;; ANSWER SECTION:
masterdns.unixmen.local. 86400    IN    A    192.168.1.101

;; AUTHORITY SECTION:
unixmen.local.        86400    IN    NS    secondarydns.unixmen.local.
unixmen.local.        86400    IN    NS    masterdns.unixmen.local.

;; ADDITIONAL SECTION:
secondarydns.unixmen.local. 86400 IN    A    192.168.1.102

;; Query time: 0 msec
;; SERVER: 192.168.1.101#53(192.168.1.101)
;; WHEN: Wed Aug 20 16:20:46 IST 2014
;; MSG SIZE  rcvd: 125

nslookup unixmen.local

Sample Output:

Server:        192.168.1.101
Address:    192.168.1.101#53

Name:    unixmen.local
Address: 192.168.1.103
Name:    unixmen.local
Address: 192.168.1.101
Name:    unixmen.local
Address: 192.168.1.102

Now the Primary DNS server is ready to use.

It is time to configure our Secondary DNS server.

Setup Secondary(Slave) DNS Server

Install bind packages using the following command:

yum install bind bind-utils -y

1. Configure Slave DNS Server

Edit file ‘/etc/named.conf’:

vi /etc/named.conf

Make the changes as shown in bold.

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; 192.168.1.102; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query     { localhost; 192.168.1.0/24; };
.
.
.
.
zone "." IN {
type hint;
file "named.ca";
};
zone "unixmen.local" IN {
type slave;
file "slaves/unixmen.fwd";
masters { 192.168.1.101; };
};
zone "1.168.192.in-addr.arpa" IN {
type slave;
file "slaves/unixmen.rev";
masters { 192.168.1.101; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

2. Start the DNS Service

systemctl enable named
systemctl start named

Now the forward and reverse zones are automatically replicated from Master DNS server to ‘/var/named/slaves/’ in Secondary DNS server.

ls /var/named/slaves/

Sample Output:

unixmen.fwd  unixmen.rev

3. Add the DNS Server details

Add the DNS Server details in your network interface config file.

vi /etc/sysconfig/network-scripts/ifcfg-enp0s3

TYPE="Ethernet"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
NAME="enp0s3"
UUID="5d0428b3-6af2-4f6b-9fe3-4250cd839efa"
ONBOOT="yes"
HWADDR="08:00:27:19:68:73"
IPADDR0="192.168.1.102"
PREFIX0="24"
GATEWAY0="192.168.1.1"
DNS1="192.168.1.101"
DNS2="192.168.1.102"
IPV6_PEERDNS="yes"
IPV6_PEERROUTES="yes"

Edit file /etc/resolv.conf,

vi /etc/resolv.conf

Add the name server ip address:

nameserver      192.168.1.101
nameserver      192.168.1.102

Save and close the file.

Restart network service:

systemctl restart network

4. Firewall Configuration

We must allow the DNS service default port 53 through firewall.

firewall-cmd --permanent --add-port=53/tcp

5. Restart Firewall

firewall-cmd --reload

6. Configuring Permissions, Ownership, and SELinux

chgrp named -R /var/named
chown -v root:named /etc/named.conf
restorecon -rv /var/named
restorecon /etc/named.conf

7. Test DNS Server

dig masterdns.unixmen.local

Sample Output:

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> masterdns.unixmen.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18204
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;masterdns.unixmen.local.    IN    A

;; ANSWER SECTION:
masterdns.unixmen.local. 86400    IN    A    192.168.1.101

;; AUTHORITY SECTION:
unixmen.local.        86400    IN    NS    masterdns.unixmen.local.
unixmen.local.        86400    IN    NS    secondarydns.unixmen.local.

;; ADDITIONAL SECTION:
secondarydns.unixmen.local. 86400 IN    A    192.168.1.102

;; Query time: 0 msec
;; SERVER: 192.168.1.102#53(192.168.1.102)
;; WHEN: Wed Aug 20 17:04:30 IST 2014
;; MSG SIZE  rcvd: 125

dig secondarydns.unixmen.local

Sample Output:

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> secondarydns.unixmen.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60819
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;secondarydns.unixmen.local.    IN    A

;; ANSWER SECTION:
secondarydns.unixmen.local. 86400 IN    A    192.168.1.102

;; AUTHORITY SECTION:
unixmen.local.        86400    IN    NS    masterdns.unixmen.local.
unixmen.local.        86400    IN    NS    secondarydns.unixmen.local.

;; ADDITIONAL SECTION:
masterdns.unixmen.local. 86400    IN    A    192.168.1.101

;; Query time: 0 msec
;; SERVER: 192.168.1.102#53(192.168.1.102)
;; WHEN: Wed Aug 20 17:05:50 IST 2014
;; MSG SIZE  rcvd: 125

nslookup unixmen.local

Sample Output:

Server:        192.168.1.102
Address:    192.168.1.102#53

Name:    unixmen.local
Address: 192.168.1.101
Name:    unixmen.local
Address: 192.168.1.103
Name:    unixmen.local
Address: 192.168.1.102

Client Side Configuration

Add the DNS server details in ‘/etc/resolv.conf’ file in all client systems

vi /etc/resolv.conf

# Generated by NetworkManager
search unixmen.local
nameserver 192.168.1.101
nameserver 192.168.1.102

Restart network service or reboot the system.

Test DNS Server

Now, you can test the DNS server using any one of the following commands:

dig masterdns.unixmen.local

dig secondarydns.unixmen.local

dig client.unixmen.local

nslookup unixmen.local

That’s all about now. The primary and secondary DNS servers are ready to use.

Cheers!

---------------------------------------------------------------------
Setting Up DNS Server On CentOS 7

vsftpd (Very Secure File Transport Protocol Daemon) is a secure, fast FTP server for Unix/Linux systems. In this how-to article, let us see how to setup a basic FTP server on CentOS 7. However, this procedure might work well on RHEL CentOS, Scientific Linux 7 version too.

My testbox server hostname and IP Address are server.unixmen.local and 192.168.1.101/24 respectively. Change these values to match your scenario.

Install vsftpd

All commands should be run with ‘root’ user. Run the following command in terminal to install vsftpd package:

yum install vsftpd ftp -y

Configure vsftpd

Edit vsftpd configuration file /etc/vsftpd/vsftpd.conf,

vi /etc/vsftpd/vsftpd.conf

Find the following lines and make the changes as shown below:

 [...]
## Disable anonymous login ##
anonymous_enable=NO

## Uncomment ##
ascii_upload_enable=YES
ascii_download_enable=YES

## Uncomment - Enter your Welcome message - This is optional ##
ftpd_banner=Welcome to UNIXMEN FTP service.

## Add at the end of this  file ##
use_localtime=YES

Enable and start the vsftpd service:

systemctl enable vsftpd
systemctl start vsftpd

Firewall And SELinux Configuration

Allow the default ftp port 21 via firewall.

firewall-cmd --permanent --add-port=21/tcp

Restart firewall:

firewall-cmd --reload

Then, update the SELinux boolean values for FTP service:

setsebool -P ftp_home_dir on

Create FTP users

By default, root user is not allowed to login to ftp server for security purpose. So, let us create a normal testing user called “sk” with password “centos”.

useradd sk
passwd sk

Connecting to FTP server

Now, try to connect to FTP server itself with user “sk”:

ftp 192.168.1.101

Enter the ftp user name and password.

Sample Output:

Connected to 192.168.1.101 (192.168.1.101).
220 Welcome to UNIXMEN FTP service.
Name (192.168.1.101:root): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

Congratulations!! you will be able to login to FTP server without any problems.

Client side configuration

Let us try to log in to the FTP server from my Ubuntu client system.

ftp 192.168.1.101

Sample Output:

Connected to 192.168.1.101.
220 Welcome to UNIXMEN FTP service.
Name (192.168.1.101:sk): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

Voila!! Our FTP server is working.

Access FTP Server Via FileZilla

Working from command-line mode might be little bit difficult to newbies. So let us install a graphical FTP client called Filezilla to get things done quite easier:

Note:

As you may know already, in RHEL 7 and its derivatives the previous firewall system(iptables) has been replaced with firewalld. I find it bit difficult to configure Filezilla along with Firewalld. So I disabled it, and switched back to old firewall system called iptables. I will update this tutorial as soon as possible once I found the working solution. If you don’t want to use filezilla, skip the following steps.

First, enter the following commands one by one to disable current firewall system firewalld, and enable old firewall iptables. The following commands should be run on your FTP server, not in ftp clients.

yum install iptables-services
systemctl mask firewalld
systemctl enable iptables
systemctl enable ip6tables
systemctl stop firewalld
systemctl start iptables
systemctl start ip6tables

Allow the default ftp port “21″ through your firewall or router. In the server side, do the following.

Edit file /etc/sysconfig/iptables,

vi /etc/sysconfig/iptables

Add the following lines.

[...]
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
[...]

Save and exit the file. Restart iptables now:

systemctl restart iptables
systemctl restart ip6tables

Now, go back to your client systems, and install filezilla package.

On Debian based client systems:

sudo apt-get install filezilla

For RHEL based systems, you can install filezilla using following command:

yum install filezilla

Open Filezilla client from your client system “Dash” or “Menu”. Enter the FTP server hostname or IP Address, username, password and port number. Click “Quickconnect” to login.

Probably, you will get the following error.

Error:    The data connection could not be established: EHOSTUNREACH - No route to host
Error:    Connection timed out
Error:    Failed to retrieve directory listing

To get rid of this error, do the following steps. In most cases, Resolution 2 should work.

Resolution 1:

1. From your Filezilla client, go to Edit -> Settings -> FTP ->Active Mode.

In the Active Mode tab, make sure the option “Ask your operating system for the external ip address” is selected.

Then goto Edit -> Settings -> FTP ->Passive Mode. Select “Fall back to active mode” and click Ok.

Now the error will be gone in some cases (May be in Windows OS clients).

Resolution 2:

If the problem still persists, goto your FTP server, edit file “/etc/sysconfig/iptables-config”.

vi /etc/sysconfig/iptables-config

Find the line IPTABLES_MODULES=” “ and change this to IPTABLES_MODULES=”ip_conntrack_ftp”:

# Load additional iptables modules (nat helpers)
#   Default: -none-
# Space separated list of nat helpers (e.g. 'ip_nat_ftp ip_nat_irc'), which
# are loaded after the firewall rules are applied. Options for the helpers are
# stored in /etc/modprobe.conf.
IPTABLES_MODULES="ip_conntrack_ftp"
[...]

Save the iptables rules and restart firewall:

systemctl iptables restart

Now, try again from Filezilla.

It should work now.

Access FTP server from Browser

You can access the FTP server from your client browser also. Navigate to ftp://FTP-Server-IP-Address/. Enter the ftp username and password.

Now you can see the contents in your FTP server.

Log in as a particular user

If you want to login using a particular user, then navigate to ftp://username@FTP-Server-IP-Address/. It will ask the password of user, enter the password and you’re done.

For example, navigate to ftp://sk@192.168.1.101. Enter the password of the user sk.

That’s it.The FTP server ready now. Start using FTP!

Cheers!

---------------------------------------------------------------------
Install And Configure FTP Server On CentOS 7

This tutorial describes how to setup a local Yum repository on CentOS 7 system. Also, the same steps should work on RHEL and Scientific Linux 7 systems too.

If you have to install software, security updates and fixes often in multiple systems in your local network, then having a local repository is an efficient way. Because all required packages are downloaded over the fast LAN connection from your local server, so that it will save your Internet bandwidth and reduces your annual cost of Internet.

In this tutorial, I use two systems as described below:

Yum Server OS         : CentOS 7 (Minimal Install)
Yum Server IP Address : 192.168.1.101
Client OS             : CentOS 7 (Minimal Install)
Client IP Address     : 192.168.1.102

Prerequisites

First, mount your CentOS 7 installation DVD. For example, let us mount the installation media on /mnt directory.

mount /dev/cdrom /mnt/

Now the CentOS installation DVD is mounted under /mnt directory. Next install vsftpd package and let the packages available over FTP to your local clients.

To do that change to /mnt/Packages directory:

cd /mnt/Packages/

Now install vsftpd package:

rpm -ivh vsftpd-3.0.2-9.el7.x86_64.rpm

Enable and start vsftpd service:

systemctl enable vsftpd
systemctl start vsftpd

We need a package called “createrepo”  to create our local repository. So let us install it too.

If you did a minimal CentOS installation, then you might need to install the following dependencies first:

rpm -ivh libxml2-python-2.9.1-5.el7.x86_64.rpm 
rpm -ivh deltarpm-3.6-3.el7.x86_64.rpm 
rpm -ivh python-deltarpm-3.6-3.el7.x86_64.rpm

Now install “createrepo” package:

rpm -ivh createrepo-0.9.9-23.el7.noarch.rpm

Build Local Repository

It’s time to build our local repository. Create a storage directory to store all packages from CentOS DVD’s.

As I noted above, we are going to use a FTP server to serve all packages to client systems. So let us create a storage location in our FTP server pub directory.

mkdir /var/ftp/pub/localrepo

Now, copy all the files from CentOS DVD(s) i.e from /mnt/Packages/ directory to the “localrepo” directory:

cp -ar /mnt/Packages/*.* /var/ftp/pub/localrepo/

Again, mount the CentOS installation DVD 2 and copy all the files to /var/ftp/pub/localrepo directory.

Once you copied all the files, create a repository file called “localrepo.repo” under /etc/yum.repos.d/ directory and add the following lines into the file. You can name this file as per your liking:

vi /etc/yum.repos.d/localrepo.repo

Add the following lines:

[localrepo]
name=Unixmen Repository
baseurl=file:///var/ftp/pub/localrepo
gpgcheck=0
enabled=1

Note: Use three slashes(///) in the baseurl.

Now, start building local repository:

createrepo -v /var/ftp/pub/localrepo/

Now the repository building process will start.

Sample Output:

Now, list out the repositories using the following command:

yum repolist

Sample Output:

repo id                                                                    repo name                                                                     status
base/7/x86_64                                                              CentOS-7 - Base                                                               8,465
extras/7/x86_64                                                            CentOS-7 - Extras                                                                30
localrepo                                                                  Unixmen Repository                                                            3,538
updates/7/x86_64                                                           CentOS-7 - Updates                                                              726

Clean the Yum cache and update the repository lists:

yum clean all
yum update

After creating the repository, disable or rename the existing repositories if you only want to install packages from the local repository itself.

Alternatively, you can install packages only from the local repository by mentioning the repository as shown below.

yum install --disablerepo="*" --enablerepo="localrepo" httpd

Sample Output:

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-17.el7.centos.1 will be installed
--> Processing Dependency: httpd-tools = 2.4.6-17.el7.centos.1 for package: httpd-2.4.6-17.el7.centos.1.x86_64
--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-17.el7.centos.1.x86_64
--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-17.el7.centos.1.x86_64
--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-17.el7.centos.1.x86_64
--> Running transaction check
---> Package apr.x86_64 0:1.4.8-3.el7 will be installed
---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
---> Package httpd-tools.x86_64 0:2.4.6-17.el7.centos.1 will be installed
---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================================================================================
 Package                              Arch                            Version                                         Repository                          Size
===============================================================================================================================================================
Installing:
 httpd                                x86_64                          2.4.6-17.el7.centos.1                           localrepo                          2.7 M
Installing for dependencies:
 apr                                  x86_64                          1.4.8-3.el7                                     localrepo                          103 k
 apr-util                             x86_64                          1.5.2-6.el7                                     localrepo                           92 k
 httpd-tools                          x86_64                          2.4.6-17.el7.centos.1                           localrepo                           77 k
 mailcap                              noarch                          2.1.41-2.el7                                    localrepo                           31 k

Transaction Summary
===============================================================================================================================================================
Install  1 Package (+4 Dependent packages)

Total download size: 3.0 M
Installed size: 10 M
Is this ok [y/d/N]:

Disable Firewall And SELinux:

As we are going to use the local repository only in our local area network, there is no need for firewall and SELinux. So, to reduce the complexity, I disabled both Firewalld and SELInux.

To disable the Firewalld, enter the following commands:

systemctl stop firewalld
systemctl disable firewalld

To disable SELinux, edit file /etc/sysconfig/selinux,

vi /etc/sysconfig/selinux

Set SELINUX=disabled.

[...]
SELINUX=disabled
[...]

Reboot your server to take effect the changes.

Client Side Configuration

Now, go to your client systems. Create a new repository file as shown above under /etc/yum.repos.d/ directory.

vi /etc/yum.repos.d/localrepo.repo

and add the following contents:

[localrepo]
name=Unixmen Repository
baseurl=ftp://192.168.1.101/pub/localrepo
gpgcheck=0
enabled=1

Note: Use double slashes in the baseurl and 192.168.1.101 is yum server IP Address.

Now, list out the repositories using the following command:

yum repolist

Clean the Yum cache and update the repository lists:

yum clean all
yum update

Disable or rename the existing repositories if you only want to install packages from the server local repository itself.

Alternatively, you can install packages from the local repository by mentioning the repository as shown below.

yum install --disablerepo="*" --enablerepo="localrepo" httpd

Sample Output:

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-17.el7.centos.1 will be installed
--> Processing Dependency: httpd-tools = 2.4.6-17.el7.centos.1 for package: httpd-2.4.6-17.el7.centos.1.x86_64
--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-17.el7.centos.1.x86_64
--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-17.el7.centos.1.x86_64
--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-17.el7.centos.1.x86_64
--> Running transaction check
---> Package apr.x86_64 0:1.4.8-3.el7 will be installed
---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
---> Package httpd-tools.x86_64 0:2.4.6-17.el7.centos.1 will be installed
---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package          Arch        Version                      Repository      Size
================================================================================
Installing:
 httpd            x86_64      2.4.6-17.el7.centos.1        localrepo      2.7 M
Installing for dependencies:
 apr              x86_64      1.4.8-3.el7                  localrepo      103 k
 apr-util         x86_64      1.5.2-6.el7                  localrepo       92 k
 httpd-tools      x86_64      2.4.6-17.el7.centos.1        localrepo       77 k
 mailcap          noarch      2.1.41-2.el7                 localrepo       31 k

Transaction Summary
================================================================================
Install  1 Package (+4 Dependent packages)

Total download size: 3.0 M
Installed size: 10 M
Is this ok [y/d/N]: y
Downloading packages:
(1/5): apr-1.4.8-3.el7.x86_64.rpm                          | 103 kB   00:01     
(2/5): apr-util-1.5.2-6.el7.x86_64.rpm                     |  92 kB   00:01     
(3/5): httpd-tools-2.4.6-17.el7.centos.1.x86_64.rpm        |  77 kB   00:00     
(4/5): httpd-2.4.6-17.el7.centos.1.x86_64.rpm              | 2.7 MB   00:00     
(5/5): mailcap-2.1.41-2.el7.noarch.rpm                     |  31 kB   00:01     
--------------------------------------------------------------------------------
Total                                              1.0 MB/s | 3.0 MB  00:02     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : apr-1.4.8-3.el7.x86_64                                       1/5 
  Installing : apr-util-1.5.2-6.el7.x86_64                                  2/5 
  Installing : httpd-tools-2.4.6-17.el7.centos.1.x86_64                     3/5 
  Installing : mailcap-2.1.41-2.el7.noarch                                  4/5 
  Installing : httpd-2.4.6-17.el7.centos.1.x86_64                           5/5 
  Verifying  : mailcap-2.1.41-2.el7.noarch                                  1/5 
  Verifying  : httpd-2.4.6-17.el7.centos.1.x86_64                           2/5 
  Verifying  : apr-util-1.5.2-6.el7.x86_64                                  3/5 
  Verifying  : apr-1.4.8-3.el7.x86_64                                       4/5 
  Verifying  : httpd-tools-2.4.6-17.el7.centos.1.x86_64                     5/5 

Installed:
  httpd.x86_64 0:2.4.6-17.el7.centos.1                                          

Dependency Installed:
  apr.x86_64 0:1.4.8-3.el7                      apr-util.x86_64 0:1.5.2-6.el7   
  httpd-tools.x86_64 0:2.4.6-17.el7.centos.1    mailcap.noarch 0:2.1.41-2.el7   

Complete!

That’s it. Now, you will be able to install softwares from your server local repository.

Cheers!

---------------------------------------------------------------------
Setup Local Yum Repository On CentOS 7

From Wikipedia,

MongoDB (from “humongous”) is a cross-platform document-oriented database. Classified as a NoSQL database, MongoDB eschews the traditional table-based relational database structure in favor of JSON-like documents with dynamic schemas (MongoDB calls the format BSON), making the integration of data in certain types of applications easier and faster. Released under a combination of the GNU Affero General Public License and the Apache License, MongoDB is free and open-source software.

First developed by the software company 10gen (now MongoDB Inc.) in October 2007 as a component of a planned platform as a service product, the company shifted to an open source development model in 2009, with 10gen offering commercial support and other services.Since then, MongoDB has been adopted as backend software by a number of major websites and services, including Craigslist, eBay, Foursquare, SourceForge, Viacom, and the New York Times, among others. MongoDB is the most popular NoSQL database system.

1 – Add MongoDB to Yum repo

vim /etc/yum.repos.d/mongodb.repo

[mongodb]
name=MongoDB repo
baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/
gpgcheck=0
enabled=1

 2 – Install Mongodb packages

[root@unixmen-centos7 ~]# yum install mongodb-org
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.denit.net
 * extras: mirror.denit.net
 * updates: mirror.denit.net
Resolving Dependencies
--> Running transaction check
---> Package mongodb-org.x86_64 0:2.6.4-1 will be installed
--> Processing Dependency: mongodb-org-mongos = 2.6.4 for package: mongodb-org-2.6.4-1.x86_64
--> Processing Dependency: mongodb-org-server = 2.6.4 for package: mongodb-org-2.6.4-1.x86_64
--> Processing Dependency: mongodb-org-tools = 2.6.4 for package: mongodb-org-2.6.4-1.x86_64
--> Processing Dependency: mongodb-org-shell = 2.6.4 for package: mongodb-org-2.6.4-1.x86_64
--> Running transaction check
---> Package mongodb-org-mongos.x86_64 0:2.6.4-1 will be installed
---> Package mongodb-org-server.x86_64 0:2.6.4-1 will be installed
---> Package mongodb-org-shell.x86_64 0:2.6.4-1 will be installed
---> Package mongodb-org-tools.x86_64 0:2.6.4-1 will be installed
--> Finished Dependency Resolution

3 – Enable and Start Mongodb Server

[root@unixmen-centos7 ~]# chkconfig  mongod  on

[root@unixmen-centos7 ~]# service   mongod start
Starting mongod (via systemctl):                           [  OK  ]

 4 – check if its running

[root@unixmen-centos7 ~]# ps -ef  |  grep   mongo
mongod    2587     1  1 05:24 ?        00:00:08 /usr/bin/mongod -f /etc/mongod.conf
root      2984  2270  0 05:34 pts/1    00:00:00 grep --color=auto mongo
[root@unixmen-centos7 ~]# netstat  -an  |  grep   27017
tcp        0      0 127.0.0.1:27017         0.0.0.0:*               LISTEN
unix  2      [ ACC ]     STREAM     LISTENING     20600    /tmp/mongodb-27017.sock
[root@unixmen-centos7 ~]#

5 – Open the port on firewall

[root@unixmen-centos7 ~]# firewall-cmd --zone=public --add-port=27017/tcp --permanent
success
[root@unixmen-centos7 ~]# firewall-cmd --reload
success

6 – check from other machine

[root@unixmen-centos7 ~]# telnet 10.1.1.99  27017
Trying 10.1.1.99...
Connected to 10.1.1.99.
Escape character is '^]'.

Done.

---------------------------------------------------------------------
How To Install MongoDB On CentOS 7

The way to reset the root password on centos7 is totally different to Centos 6. Let me show you how to reset root password in CentOS 7.

1 – In the boot grub menu select option to edit.

2 – Select Option to edit (e).

3 – Go to the line of Linux 16 and change ro with rw init=/sysroot/bin/sh.

4 – Now press Control+x to start on single user mode.

5 – Now access the system with this command.

chroot /sysroot

6 – Reset the password.

passwd root

7 – Update selinux information

touch /.autorelabel

8 – Exit chroot

exit

9 – Reboot your system

reboot

That’s it. Enjoy.

---------------------------------------------------------------------
How To Reset Root Password On CentOS 7

I will give you my experience install of vmware 10.0.3 on centos 7. Normally it will not work with centos 7, because it’s running with lower kernel version 3.10.

1 – Download and install with normal way( no problem about  this ). The only problem is when you try vmware program later.

How to fix this?

1 – Go to /usr/lib/vmware/modules/source.

cd /usr/lib/vmware/modules/source

2 – Decompress vmnet.tar.

tar -xvf vmnet.tar

3 – Go to vmnet-only directory.

cd vmnet-only

4 – Edit filter.c file.

vi filter.c

On line 206 and 259 replace string from:

#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 13, 0)

to

#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 0, 0)

Save and exit.
5 – Back to folder before.

cd ../

6 – Compress the folder again.

tar -uvf vmnet.tar vmnet-only

7 – Remove the old directory.

rm -fr vmnet-only

8 – Start your vmware and Enjoy.

---------------------------------------------------------------------
How To Install Vmware 10 On CentOS 7

As you may know, Samba is an open source, and free software suite that provides file and print services to the SMB/CIFS clients. It allows us to share files, folders, and printers between Linux server and Windows clients. Using Samba, we can setup a domain controller on Unix/Linux server, and integrate the Windows clients to the Domain controller.

This tutorial will describe you how to setup a basic samba server in CentOS 7 system. Also, this steps will work on RHEL 7, and Scientific Linux 7 operating systems.

Scenario

In this tutorial, I will using two systems as described below.

Samba server:

Operating system : CentOS 7 minimal server
Hostname : server.unixmen.local
IP Address : 192.168.1.101/24

Samba client:

Operating system : Windows 7 Professional
Hostname : client
IP Address : 192.168.1.102/24

Install Samba

Check for existing samba package if any using the following commands.

rpm -qa | grep samba
yum list installed | grep samba

If samba is installed, remove it using the below command:

yum remove samba*

Now, install samba using the following command.

yum install samba* -y

1. Configure a fully accessed anonymous share

Now, let us create a fully accessed anonymous share for the users. Any one can read/write in this share.

Create a directory called ‘/samba/anonymous_share’ and set full permission. You can name this share as per your liking.

mkdir -p /samba/anonymous_share
chmod -R 0777 /samba/anonymous_share

Edit Samba configuration file;

vi /etc/samba/smb.conf

Find the following directives, and make the changes as shown below.

[...]

## Add the following lines under [global] section ##
unix charset = UTF-8
dos charset = CP932

## Change the to windows default workgroup ##
workgroup = WORKGROUP

## Uncomment and set the IP Range ##
hosts allow = 127. 192.168.1.

## Uncomment ##
max protocol = SMB2

## Uncomment, and change the value of 'Security' to 'user' ## 
security = user

## Add the following line ##
map to guest = Bad User

## Add the following lines at the bottom ##
[Anonymous share]
path = /samba/anonymous_share
writable = yes
browsable = yes
guest ok = yes
guest only = yes
create mode = 0777
directory mode = 0777

Start samba services, and enable them to start automatically on every reboot.

systemctl start smb
systemctl start nmb
systemctl enable smb
systemctl enable nmb

Test the Samba server configuration

We can test the Samba server configuration syntax errors using the command ‘testparm’.

testparm

Sample Output:

Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[Anonymous share]"
Loaded services file OK.
WARNING: You have some share names that are longer than 12 characters.
These may not be accessible to some older clients.
(Eg. Windows9x, WindowsMe, and smbclient prior to Samba 3.0.)
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

[global]
    dos charset = CP932
    netbios name = UNIXMEN SAMBA SERVER
    server string = Samba Server Version %v
    map to guest = Bad User
    log file = /var/log/samba/log.%m
    max log size = 50
    server max protocol = SMB2
    idmap config * : backend = tdb
    hosts allow = 127., 192.168.1.
    cups options = raw

[homes]
    comment = Home Directories
    read only = No
    browseable = No

[printers]
    comment = All Printers
    path = /var/spool/samba
    printable = Yes
    print ok = Yes
    browseable = No

[Anonymous share]
    path = /samba/anonymous_share
    read only = No
    create mask = 0777
    directory mask = 0777
    guest only = Yes
    guest ok = Yes

If all good, you’re good to go now.

Firewall configuration

Allow Samba server default ports through firewall.

firewall-cmd --permanent --add-port=137/tcp
firewall-cmd --permanent --add-port=138/tcp
firewall-cmd --permanent --add-port=139/tcp
firewall-cmd --permanent --add-port=445/tcp
firewall-cmd --permanent --add-port=901/tcp

Restart firewall to apply the changes.

firewall-cmd --reload

SELinux Configuration

Turn the samba_enable_home_dirs Boolean on if you want to share home directories via Samba.

setsebool -P samba_enable_home_dirs on

If you create a new directory, such as a new top-level directory, label it with samba_share_t so that SELinux allows Samba to read and write to it. Do not label system directories, such as /etc/ and /home/, with samba_share_t, as such directories should already have an SELinux label.

In our case, we already have created a anonymous directory. So let us label it as shown below.

chcon -t samba_share_t /samba/anonymous_share/

If you don’t want to mess up with the SELinux, just disable it as shown below, and continue.

To disable SELinux, edit file /etc/sysconfig/selinux,

vi /etc/sysconfig/selinux

Set SELinux value to disabled.

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted

Restart the server to take effect the changes.

Test Samba Shares

Now, goto any windows client system. In this example, I am using Windows 7 system.

ClickStart -> Run. Enter the samba Server IP as shown below.

Now, you’ll be able to access the fully accessed samba shares.

You can create, modify or delete the files/folders inside the shares. For example, let me create a sample folder called ‘unixmen’ inside the samba share folder.

Check the newly created files or folders are present in the samba server

ls -l /samba/anonymous_share/

Sample Output:

total 0
drwxrwxrwx. 2 nobody nobody 6 Sep 26 17:55 unixmen

As you see in the result, the folder has been created in the /samba/anonymous/ directory.

2. Create security enabled share in samba server

What we have seen so far is creating a fully accessed samba share. Anyone can access that share folder, and can create, delete files/folders in that share.

Now, let us create a password protected samba share so that the users should enter the valid username and password to access the share folder.

Create a user called “unixmen” and a group called “smbgroup”.

useradd -s /sbin/nologin unixmen
groupadd smbgroup

Assign the user unixmen to smbgroup, and set samba password to that user.

usermod -a -G smbgroup unixmen
smbpasswd -a unixmen

Create a new share called “/samba/secure_share” and set the permissions to that share.

mkdir /samba/secure_share
chmod -R 0755 /samba/secure_share
chown -R unixmen:smbgroup /samba/secure_share

Edit samba config file;

vi /etc/samba/smb.conf

Add the below lines at the bottom of samba config file.

[secure_share]
path = /samba/secure_share
writable = yes
browsable = yes
guest ok = no
valid users = @smbgroup

Test the samba configuration for any errors.

testparm

Sample output:

Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[Anonymous share]"
Processing section "[secure_share]"
Loaded services file OK.
WARNING: You have some share names that are longer than 12 characters.
These may not be accessible to some older clients.
(Eg. Windows9x, WindowsMe, and smbclient prior to Samba 3.0.)
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

[global]
    dos charset = CP932
    netbios name = UNIXMEN SAMBA SERVER
    server string = Samba Server Version %v
    map to guest = Bad User
    log file = /var/log/samba/log.%m
    max log size = 50
    server max protocol = SMB2
    idmap config * : backend = tdb
    hosts allow = 127., 192.168.1.
    cups options = raw

[homes]
    comment = Home Directories
    read only = No
    browseable = No

[printers]
    comment = All Printers
    path = /var/spool/samba
    printable = Yes
    print ok = Yes
    browseable = No

[Anonymous share]
    path = /samba/anonymous_share
    read only = No
    create mask = 0777
    directory mask = 0777
    guest only = Yes
    guest ok = Yes

[secure_share]
    path = /samba/secure_share
    valid users = @smbgroup
    read only = No

Label  the /samba/secure_share/ with samba_share_t so that SELinux allows Samba to read and write to it.

chcon -t samba_share_t /samba/secure_share/

Restart samba services.

systemctl restart smb
systemctl restart nmb

Test Samba shares

Now, goto windows client, check for the secured share folder.

Double click to open the secured share. You’ll be asked to enter the user name and password to access the share.

That’s it. Now, you can access the secured samba share folder.

That’s it. Samba server is ready to use.

Cheers!

---------------------------------------------------------------------
Install And Configure Samba Server In CentOS 7

A PXE server allows your client computers to boot and install a Linux distribution over the network, without the need of burning Linux iso images, or human interaction.

For this test, I use vmware worksation (Bridged IP).

• My IP = 192.168.0.199 (Required STATIC IP).
• Selinux Disabled.
• FirewallCMD disabled.

To install a PXE server, you will need the following components:

• DHCP Server
• TFTP Server
• NFS/FTP/HTTPD server (to store installing files)

Note:

• DHCP Server will listen only on eno16777736  (old name  etho).

In this tutorial, I will use vsftpd server.

1. Install required packages

yum install dhcp tftp tftp-server syslinux wget vsftpd

2. Configure DHCP Server

vim /etc/dhcp/dhcpd.conf

 # DHCP Server Configuration file.
 #   see /usr/share/doc/dhcp*/dhcpd.conf.example
 #   see dhcpd.conf(5) man page
 #
 # option definitions common to all supported networks...
 ddns-update-style interim;
 ignore client-updates;
 authoritative;
 allow booting;
 allow bootp;
 allow unknown-clients;
 # A slightly different configuration for an internal subnet.
 subnet 192.168.0.0 netmask 255.255.255.0 {
 range 192.168.0.50 192.168.0.253;
 option domain-name-servers 192.168.0.199;
 option domain-name "server1.example.com";
 option routers 192.168.0.199;
 option broadcast-address 10.5.5.31; #not important
 default-lease-time 600;
 max-lease-time 7200;
 
 # PXE SERVER IP
 next-server 192.168.0.199; #  DHCP server ip
 filename "pxelinux.0";
 }

3. Configure TFTP Server. Set disable from yes to no, and change the root directory on startup to /tftpboot

Please note,  that  the  standard TFTP  directory  is /var/lib/tftpboot

vim /etc/xinetd.d/tftp

service tftp
 {
 socket_type             = dgram
 protocol                = udp
 wait                    = yes
 user                    = root
 server                  = /usr/sbin/in.tftpd
 server_args             = -s /tftpboot
 disable                 = no
 per_source              = 11
 cps                     = 100 2
 flags                   = IPv4
 }

4. Setup TFTP Server network boot files

mkdir -p /tftpboot
chmod 777 /tftpboot

 cp -v /usr/share/syslinux/pxelinux.0 /tftpboot
 cp -v /usr/share/syslinux/menu.c32 /tftpboot
 cp -v /usr/share/syslinux/memdisk /tftpboot
 cp -v /usr/share/syslinux/mboot.c32 /tftpboot
 cp -v /usr/share/syslinux/chain.c32 /tftpboot

mkdir /tftpboot/pxelinux.cfg
mkdir -p /tftpboot/netboot/

5. Mount Cenots ISO to FTP folder /var/ftp/pub.

mount Centos7_xx.iso /var/ftp/pub

6. Copy initrd.img  and vmlinuz from FTP folder to /tftpboot/netboot/.

cp /var/ftp/pub/images/pxeboot/vmlinuz /tftpboot/netboot/

cp /var/ftp/pub/images/pxeboot/initrd.img /tftpboot/netboot/

7. Encode root password used for clients

Example: 000000

 openssl passwd -1 "000000"
 $1$w2UlrRDP$rk9zBcY1PP3fUC3Xv6P6i/

8. Create a new kickstart file (you can change it for your needs)

 vim /var/ftp/pub/ks.cfg
 #platform=x86, AMD64, or Intel EM64T
 #version=DEVEL
 # Firewall configuration
 firewall --disabled
 # Install OS instead of upgrade
 install
 # Use NFS installation media
 url --url="ftp://192.168.0.199/pub/"
 # Root password [i used here 000000]
 rootpw --iscrypted $1$xYUugTf4$4aDhjs0XfqZ3xUqAg7fH3.
 # System authorization information
 auth  useshadow  passalgo=sha512
 # Use graphical install
 graphical
 firstboot disable
 # System keyboard
 keyboard us
 # System language
 lang en_US
 # SELinux configuration
 selinux disabled
 # Installation logging level
 logging level=info
# System timezone
 timezone Europe/Amsterdam
 # System bootloader configuration
 bootloader location=mbr
 clearpart --all --initlabel
 part swap --asprimary --fstype="swap" --size=1024
 part /boot --fstype xfs --size=200
 part pv.01 --size=1 --grow
 volgroup rootvg01 pv.01
 logvol / --fstype xfs --name=lv01 --vgname=rootvg01 --size=1 --grow

%packages
 @core
 wget
 net-tools
 %end
 %post
 %end

9. Create PXE menu file

vim /tftpboot/pxelinux.cfg/default

 default menu.c32
 prompt 0
 timeout 30
 MENU TITLE unixme.com PXE Menu

 LABEL centos7_x64
 MENU LABEL CentOS 7 X64
 KERNEL /netboot/vmlinuz
 APPEND  initrd=/netboot/initrd.img  inst.repo=ftp://192.168.0.199/pub  ks=ftp://192.168.0.199/pub/ks.cfg

10. Final service setup

 chkconfig dhcpd on
 chkconfig xinetd on
 chkconfig vsftpd on

11. Restart the services

 Service vsftpd  restart
 service dhcpd restart
 service xinetd   restart

12. Now create new virtual machine and start from network and enjoy.

Enjoy.

---------------------------------------------------------------------
Install PXE Server On CentOS 7

In this tutorial, we will show you how to install Oracle database 12c on RHEL7 Based linux distros.

OS information:

[root@ora-c7 ~]# cat   /etc/centos-release
CentOS Linux release 7.0.1406 (Core)

Network:

[root@ora-c7 ~]# ip a   | grep inet
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
    inet 192.168.119.139/24 brd 192.168.119.255 scope global dynamic eno16777736
    inet6 fe80::20c:29ff:fe41:1494/64 scope link

Login as root and add required groups:

 /usr/sbin/groupadd -g 501 oinstall
 /usr/sbin/groupadd -g 502 dba
 /usr/sbin/groupadd -g 503 oper

Add user Oracle:

/usr/sbin/useradd -u 502 -g oinstall -G dba,oper oracle

Change password for user:

passwd oracle

Add kernel parameters to /etc/sysctl.conf.

 kernel.shmmni = 4096
 kernel.shmmax = 4398046511104
 kernel.shmall = 1073741824
 kernel.sem = 250 32000 100 128
 fs.aio-max-nr = 1048576
 fs.file-max = 6815744
 net.ipv4.ip_local_port_range = 9000 65500
 net.core.rmem_default = 262144
 net.core.rmem_max = 4194304
 net.core.wmem_default = 262144
 net.core.wmem_max = 1048586

Apply kernel parameters:

/sbin/sysctl -p

Add following lines to set shell limits for user oracle in file /etc/security/limits.conf

 oracle   soft   nproc    131072
 oracle   hard   nproc    131072
 oracle   soft   nofile   131072
 oracle   hard   nofile   131072
 oracle   soft   core     unlimited
 oracle   hard   core     unlimited
 oracle   soft   memlock  50000000
 oracle   hard   memlock  50000000

Edit /etc/hosts file:

[root@ora-c7 ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.119.139 ora-c7.unixmen.local

Verify your network settings:

 [root@ora-c7 ~]# ping -c 1 O7-unixmen
 PING ora-c7.unixmen.local (192.168.119.139) 56(84) bytes of data.
 64 bytes from ora-c7.unixmen.local (192.168.119.139): icmp_seq=1 ttl=64 time=0.017 ms

--- ora-c7.unixmen.local ping statistics ---
 1 packets transmitted, 1 received, 0% packet loss, time 0ms
 rtt min/avg/max/mdev = 0.017/0.017/0.017/0.000 ms
 [root@ora-c7 ~]#

Modify .bash_profile for user oracle in his home directory add at the end file /home/oralce/.bash_profile.

# Oracle Settings
 #Oracle Settings
export TMP=/tmp
export TMPDIR=$TMP

export ORACLE_HOSTNAME=O7-unixmen
export ORACLE_UNQNAME=orcl
export ORACLE_BASE=/u01/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/12.1.0/db_1
export ORACLE_SID=orcl

export PATH=/usr/sbin:$PATH
export PATH=$ORACLE_HOME/bin:$PATH

export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib
export CLASSPATH=$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib

Check which packages are installed and which are missing.

as root copy this and  execute this:

yum groupinstall "GNOME Desktop" -y
yum groupinstall "Development Tools" -y

yum install binutils -y
yum install compat-libstdc++-33 -y
yum install compat-libstdc++-33.i686 -y
yum install gcc -y
yum install gcc-c++ -y
yum install glibc -y
yum install glibc.i686 -y
yum install glibc-devel -y
yum install glibc-devel.i686 -y
yum install ksh -y
yum install libgcc -y
yum install libgcc.i686 -y
yum install libstdc++ -y
yum install libstdc++.i686 -y
yum install libstdc++-devel -y
yum install libstdc++-devel.i686 -y
yum install libaio -y
yum install libaio.i686 -y
yum install libaio-devel -y
yum install libaio-devel.i686 -y
yum install libXext -y
yum install libXext.i686 -y
yum install libXtst -y
yum install libXtst.i686 -y
yum install libX11 -y
yum install libX11.i686 -y
yum install libXau -y
yum install libXau.i686 -y
yum install libxcb -y
yum install libxcb.i686 -y
yum install libXi -y
yum install libXi.i686 -y
yum install make -y
yum install sysstat -y
yum install unixODBC -y
yum install unixODBC-devel -y
yum install zlib-devel -y

Create directory structure:

 mkdir -p   /u01/app/oracle/product/12.1.0
 chown  -R oracle:oinstall /u01/
 chmod  775 /u01/app

Disable selinux  by editing the “/etc/selinux/config” file,

SELINUX=permissive

Install database software

Let’s start with database software installation as oracle user.

su - oracle

Unzip the  database  install files:

unzip linuxamd64_12c_database_1of2.zip
unzip linuxamd64_12c_database_2of2.zip 
[oracle@ora-c7 ~]$ cd  database/

[oracle@ora-c7 database]$ ./runInstaller
Starting Oracle Universal Installer...

Checking Temp space: must be greater than 500 MB.   Actual 21246 MB    Passed
Checking swap space: must be greater than 150 MB.   Actual 2447 MB    Passed
Checking monitor: must be configured to display at least 256 colors.    Actual 16777216    Passed
Preparing to launch Oracle Universal Installer from /tmp/OraInstall2014-10-29_05-53-46AM. Please wait ..

During the linking phase, you will see the following error.

    Error in invoking target 'links proc gen_pcscfg procob' of makefile
    '/u01/app/oracle/product/12.1.0.2/db_1/precomp/lib/ins_precomp.mk'.
    See
    '/u01/app/oraInventory/logs/installActions2014-10-29_09-07-03PM.log'
    for details.

To fix it, do the following:

    rm -rf $ORACLE_HOME/lib/stubs/*
    cp $ORACLE_HOME/rdbms/lib/env_rdbms.mk $ORACLE_HOME/rdbms/lib/env_rdbms.mk.orig

Perform the following modifications:

vi $ORACLE_HOME/rdbms/lib/env_rdbms.mk

    # Line 176
    # FROM:
    LINKTTLIBS=$(LLIBCLNTSH) $(ORACLETTLIBS) $(LINKLDLIBS)
    # TO  :
    LINKTTLIBS=$(LLIBCLNTSH) $(ORACLETTLIBS) $(LINKLDLIBS) -lons

    # Line 279-280
    # FROM:
    LINK=$(FORT_CMD) $(PURECMDS) $(ORALD) $(LDFLAGS) $(COMPSOBJS)
    LINK32=$(FORT_CMD) $(PURECMDS) $(ORALD) $(LDFLAGS32) $(COMPSOBJS)
    # TO  :
    LINK=$(FORT_CMD) $(PURECMDS) $(ORALD) $(LDFLAGS) $(COMPSOBJS) -Wl,--no-as-needed
    LINK32=$(FORT_CMD) $(PURECMDS) $(ORALD) $(LDFLAGS32) $(COMPSOBJS) -Wl,--no-as-needed

    # Line 3041-3042
    # FROM:
    TG4PWD_LINKLINE= $(LINK) $(OPT) $(TG4PWDMAI) \
            $(LLIBTHREAD) $(LLIBCLNTSH) $(LINKLDLIBS)
    # TO  :
    TG4PWD_LINKLINE= $(LINK) $(OPT) $(TG4PWDMAI) \
            $(LLIBTHREAD) $(LLIBCLNTSH) $(LINKLDLIBS) -lnnz12

Click the “Retry” button.

Now, the installation should continue.

[root@O7-unixmen ~]#  /u01/app/oraInventory/orainstRoot.sh
Changing permissions of /u01/app/oraInventory.
Adding read,write permissions for group.
Removing read,write,execute permissions for world.

Changing groupname of /u01/app/oraInventory to oinstall.
The execution of the script is complete.
[root@O7-unixmen ~]#  /u01/app/oracle/product/12.1.0/db_1/root.sh
Performing root user operation for Oracle 12c

The following environment variables are set as:
    ORACLE_OWNER= oracle
    ORACLE_HOME=  /u01/app/oracle/product/12.1.0/db_1

Enter the full pathname of the local bin directory: [/usr/local/bin]:
   Copying dbhome to /usr/local/bin ...
   Copying oraenv to /usr/local/bin ...
   Copying coraenv to /usr/local/bin ...


Creating /etc/oratab file...
Entries will be added to the /etc/oratab file as needed by
Database Configuration Assistant when a database is created
Finished running generic part of root script.
Now product-specific root actions will be performed.
[root@O7-unixmen ~]#

Post installation steps

Edit the “/etc/oratab”,

orcl:/u01/app/oracle/product/12.1.0/db_1:Y

Useful commands

[oracle@O7-unixmen database]$ lsnrctl

LSNRCTL for Linux: Version 12.1.0.1.0 - Production on 29-OCT-2014 14:27:04

Copyright (c) 1991, 2013, Oracle.  All rights reserved.

Welcome to LSNRCTL, type "help" for information.

LSNRCTL> status
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1521)))
STATUS of the LISTENER
------------------------
Alias                     LISTENER
Version                   TNSLSNR for Linux: Version 12.1.0.1.0 - Production
Start Date                29-OCT-2014 14:00:03
Uptime                    0 days 0 hr. 27 min. 4 sec
Trace Level               off
Security                  ON: Local OS Authentication
SNMP                      OFF
Listener Parameter File   /u01/app/oracle/product/12.1.0/db_1/network/admin/listener.ora
Listener Log File         /u01/app/oracle/diag/tnslsnr/O7-unixmen/listener/alert/log.xml
Listening Endpoints Summary...
  (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC1521)))
  (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=O7-unixmen)(PORT=1521)))
  (DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=O7-unixmen)(PORT=5500))(Security=(my_wallet_directory=/u01/app/oracle/admin/orcl/xdb_wallet))(Presentation=HTTP)(Session=RAW))
Services Summary...
Service "orcl" has 1 instance(s).
  Instance "orcl", status READY, has 1 handler(s) for this service...
Service "orclXDB" has 1 instance(s).
  Instance "orcl", status READY, has 1 handler(s) for this service...
Service "pdborcl" has 1 instance(s).
  Instance "orcl", status READY, has 1 handler(s) for this service...
The command completed successfully
LSNRCTL>

Have a fun :)

if you still have issues with install this database on CentOS 7, please back to install this on cenots6 in the bellow link:

http://www.unixmen.com/install-oracle-database-12-oracle-linux-6-5/

---------------------------------------------------------------------
How To Install Oracle Database 12c On CentOS 7

Introduction

PostgreSQL is a powerful, open-source object-relational database system. It runs under all major operating systems, including Linux, UNIX (AIX, BSD, HP-UX, SGI IRIX, Mac OS, Solaris, Tru64), and Windows OS. In this handy tutorial, let us see how to install PostgreSQL on CentOS 7/6.5/6.4 server.

Install PostgreSQL

First, add the PostgreSQL repository depending upon your server architecture.

For CentOS 6.x 32bit:

rpm -Uvh http://yum.postgresql.org/9.3/redhat/rhel-6-i386/pgdg-centos93-9.3-1.noarch.rpm

For CentOS 6.x 64bit:

rpm -Uvh http://yum.postgresql.org/9.3/redhat/rhel-6-x86_64/pgdg-centos93-9.3-1.noarch.rpm

For CentOS 7 64bit:

rpm -Uvh http://yum.postgresql.org/9.3/redhat/rhel-7-x86_64/pgdg-centos93-9.3-1.noarch.rpm

For other distros, head over to the following link and install the relevant repository.

• PostgreSQL 9.3 RPM Repository

Update the repository list using command:

yum update

Now, Install postgresql with the following command:

yum install postgresql93-server postgresql93-contrib

Initialize postgresql database using following command:

On CentOS 6.x systems:

service postgresql-9.3 initdb

On CentOS 7 systems:

/usr/pgsql-9.3/bin/postgresql93-setup initdb

Then, start postgresql service and make it to start automatically on every reboot.

On CentOS 6.x systems:

service postgresql-9.3 start
chkconfig postgresql-9.3 on

On CentOS 7 systems:

systemctl enable postgresql-9.3
systemctl start postgresql-9.3

Adjust Iptables/Firewall

Next, adjust iptables to access postgresql from outbound.

On CentOS 6.x systems:

vi /etc/sysconfig/iptables

Add the following line:

-A INPUT -m state --state NEW -m tcp -p tcp --dport 5432 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

Save and exit the file. Restart iptables service.

service iptables restart

On CentOS 7 systems:

firewall-cmd --permanent --add-port=5432/tcp
firewall-cmd --permanent --add-port=80/tcp
firewall-cmd --reload

Access PostgreSQL command prompt

The default database name and database user are “postgres”. Switch to postgres user to perform postgresql related operations:

su - postgres

To login to postgresql, enter the command:

psql

Sample Output:

psql (9.3.5)
Type "help" for help.

postgres=#

To exit from posgresql, type \q followed by quit to return back to the Terminal.

Set “postgres” user password

Login to postgresql prompt,

su - postgres

psql

.. and set postgres password with following command:

postgres=# \password postgres 
Enter new password: 
Enter it again: 
postgres=# \q

To install PostgreSQL Adminpack, enter the command in postgresql prompt:

postgres=# CREATE EXTENSION adminpack;
CREATE EXTENSION

Create New User and Database

For example, let us create a new user called “senthil” with password “centos”, and database called “mydb”.

Switch to postgres user:

su - postgres

Create user senthil.

$ createuser senthil

Create database:

$ createdb mydb

Now, login to the psql prompt, and set password and Grant access to the database mydb for senthil:

$ psql

psql (9.3.5)
Type "help" for help.

postgres=# alter user senthil with encrypted password 'centos';
ALTER ROLE

postgres=# grant all privileges on database mydb to senthil;
GRANT
postgres=#

Delete Users and Databases

To delete the database, switch to postgres user:

su - postgres

Enter command:

$ dropdb <database-name>

To delete a user, enter the following command:

$ dropuser <user-name>

Configure PostgreSQL-MD5 Authentication

MD5 authentication requires the client to supply an MD5-encrypted password for authentication. To do that, edit /var/lib/pgsql/9.3/data/pg_hba.conf file:

vi /var/lib/pgsql/9.3/data/pg_hba.conf

Add or Modify the lines as shown below

[...]
# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     md5
# IPv4 local connections:
host    all             all             127.0.0.1/32            md5
host    all             all             192.168.1.0/24          md5
# IPv6 local connections:
host    all             all             ::1/128                 md5
[...]

Restart postgresql service to apply the changes:

On CentOS 6.x systems:

service postgresql-9.3 restart

On CentOS 7 systems:

systemctl restart postgresql-9.3

Configure PostgreSQL-Configure TCP/IP

By default, TCP/IP connection is disabled, so that the users from another computers can’t access postgresql. To allow to connect users from another computers, Edit file /var/lib/pgsql/9.3/data/postgresql.conf:

vi /var/lib/pgsql/9.3/data/postgresql.conf

Find the lines:

[...]
#listen_addresses = 'localhost'
[...]
#port = 5432
[...]

Uncomment both lines, and set the IP address of your postgresql server or set “*” to listen from all clients as shown below:

listen_addresses = '*'
port = 5432

Restart postgresql service to save changes:

On CentOS 6.x systems:

/etc/init.d/postgresql-9.3 restart

On CentOS 7 systems:

systemctl restart postgresql-9.3

Manage PostgreSQL with phpPgAdmin

phpPgAdmin is a web-based administration utility written in PHP for managing PosgreSQL.

phpPgAdmin is available only in PostgreSQL RPM repository. If you didn’t add PostgreSQL repository, you should add EPEL repository.

Follow the below link to install EPEL repository on CentOS 6.x.

• Install EPEL repository on CentOS/RHEL/Scientific Linux 6

For CentOS 7, refer the following link.

• Install EPEL Repository on CentOS 7

Update the repository using command:

yum update

Now, Install phpPgAdmin, enter the following command:

yum install phpPgAdmin httpd

Note: phpPgAdmin is case sensitive. Use upper and lower cases properly as shown in the above command.

By default, you can access phppgadmin using http://localhost/phpPgAdmin from your local system only. To access remotely, do the following.

Edit file /etc/httpd/conf.d/phpPgAdmin.conf:

vi /etc/httpd/conf.d/phpPgAdmin.conf

Make the changes as shown below in the bold letters.

[...]
Alias /phpPgAdmin /usr/share/phpPgAdmin

<Location /phpPgAdmin>
    <IfModule mod_authz_core.c>
        # Apache 2.4
        Require all granted
        #Require host example.com
    </IfModule>
    <IfModule !mod_authz_core.c>
        # Apache 2.2
        Order deny,allow
        Allow from all
        # Allow from .example.com
    </IfModule>
</Location>

Start or Restart Apache service:

On CentOS 6.x systems:

service httpd start
chkconfig httpd on

On CentOS 7 systems:

systemctl enable httpd
systemctl start httpd

Configure phpPgAdmin

Edit file /etc/phpPgAdmin/config.inc.php, and do the following changes. Most of these options are self-explanatory. Read them carefully to know why do you change these values.

vi /etc/phpPgAdmin/config.inc.php

Find the following line:

$conf['servers'][0]['host'] = '';

Change it as shown below:

$conf['servers'][0]['host'] = 'localhost';

And find the line:

$conf['extra_login_security'] = true;

Change the value to false:

$conf['extra_login_security'] = false;

Find the line:

$conf['owned_only'] = false;

Set the value as true.

$conf['owned_only'] = true;

Save and close the file. Restart postgresql service and Apache services.

On CentOS 6.x systems:

service postgresql-9.3 restart
service httpd restart

On CentOS 7 systems:

systemctl restart postgresql-9.3
systemctl restart httpd

Now open your browser and navigate to http://ip-address/phpPgAdmin. You will be pleased with the following screen.

Login with users that you’ve created earlier. I already have created a user called “senthil” with password “centos” before, so I log in with user “senthil”.

You may get an error called: Login failed.

This is because SELinux might restrict the users to log in to the PostgreSQL. Just enter the following command to get rid of this error.

setsebool -P httpd_can_network_connect_db 1

Now, you’ll be able to log in to the Dashboard without any problems.

This is how my phpPgAdmin dashboard looked.

That’s it. Now you’ll able to create, delete and alter databases graphically using phpPgAdmin easily.

Cheers!

---------------------------------------------------------------------
How To Install PostgreSQL 9.3 And phpPgAdmin In CentOS 7/6.5/6.4

In this tutorial, let me show you how to install Apache siblings such as Ant, Maven, and Tomcat on CentOS 7 and 6.5 server. These three siblings can be used while building Java based applications. The same steps should work on all RPM based distributions such as RHEL/Scientific Linux 7/6.x, and Fedora.

Prerequisites

Before installing the Apache siblings, make sure you have installed Java JDK on your system. To install Java JDK on CentOS, RHEL, Scientific Linux, refer the following link.

• Install Oracle Java JDK on CentOS 7/6

The installation method for Apache Ant, Maven and Tomcat are almost same, and very easy.

Install Apache Ant

From the Ant homepage,

Apache Ant is a Java library and command-line tool whose mission is to drive processes described in build files as targets and extension points dependent upon each other. The main known usage of Ant is the build of Java applications. Ant supplies a number of built-in tasks allowing to compile, assemble, test and run Java applications. Ant can also be used effectively to build non Java applications, for instance C or C++ applications. More generally, Ant can be used to pilot any type of process which can be described in terms of targets and tasks.

Let us download the latest version from the project download page. At the time of writing this article, the latest stable Ant version was 1.9.4. For the purpose of this tutorial, I will be using Apache Ant binary file in zip format.

wget http://mirror.sdunix.com/apache//ant/binaries/apache-ant-1.9.4-bin.zip

Extract it using command:

unzip apache-ant-1.9.4-bin.zip

Move the extracted contents to /opt/ directory.

mv apache-ant-1.9.4/ /opt/ant

Make a symlink to ant/bin folder as shown below.

ln -s /opt/ant/bin/ant /usr/bin/ant

Setup ANT environment variable

Create a file called ant.sh under /etc/profile.d/ directory.

vi /etc/profile.d/ant.sh

Add the following contents:

#!/bin/bash
ANT_HOME=/opt/ant
PATH=$ANT_HOME/bin:$PATH
export PATH ANT_HOME
export CLASSPATH=.

Save and close the file. Make it executable using the following command.

chmod +x /etc/profile.d/ant.sh

Then, set the environment variables permanently by running the following command:

source /etc/profile.d/ant.sh

Log out or reboot your system.

Now, check the ant version using command:

ant -version

Sample output:

Apache Ant(TM) version 1.9.4 compiled on April 29 2014

Check the path and environment variables:

echo $ANT_HOME

Sample output:

/opt/ant

Or

echo $PATH

Sample output:

/usr/java/jdk1.8.0_25//bin:/opt/ant/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin

Install Maven

From the Apache maven project Homepage,

Apache Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project’s build, reporting and documentation from a central piece of information.

Let us download the latest version from the project download page. At the time of writing this article, the stable Ant version was 3.2.3. For the purpose of this tutorial, I will be using Apache Maven binary file in zip format.

wget http://www.eng.lsu.edu/mirrors/apache/maven/maven-3/3.2.3/binaries/apache-maven-3.2.3-bin.zip

Extract it using command:

unzip apache-maven-3.2.3-bin.zip

Move the extracted contents to /opt/ directory.

mv apache-maven-3.2.3/ /opt/maven

Make a symlink to maven/bin folder as shown below.

ln -s /opt/maven/bin/mvn /usr/bin/mvn

Setup Maven environment variable

Create a file called maven.sh under /etc/profile.d/ directory.

vi /etc/profile.d/maven.sh

Add the following contents:

#!/bin/bash
MAVEN_HOME=/opt/maven
PATH=$MAVEN_HOME/bin:$PATH
export PATH MAVEN_HOME
export CLASSPATH=.

Save and close the file. Make it executable using the following command.

chmod +x /etc/profile.d/maven.sh

Then, set the environment variables permanently by running the following command:

source /etc/profile.d/maven.sh

Log out or reboot your system.

Now, check the ant version using command:

mvn -version

Sample output:

Apache Maven 3.2.3 (33f8c3e1027c3ddde99d3cdebad2656a31e8fdf4; 2014-08-12T02:28:10+05:30)
Maven home: /opt/maven
Java version: 1.8.0_25, vendor: Oracle Corporation
Java home: /usr/java/jdk1.8.0_25/jre
Default locale: en_US, platform encoding: UTF-8
OS name: "linux", version: "3.10.0-123.9.3.el7.x86_64", arch: "amd64", family: "unix"

Check the environment variables:

echo $MAVEN_HOME

Sample output:

/opt/maven

Or

echo $PATH

Sample output:

/opt/maven/bin:/usr/java/jdk1.8.0_25//bin:/opt/ant/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin

Install Tomcat

From the Apache Tomcat project home page,

Apache Tomcat is an open source software implementation of the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed under the Java Community Process. Apache Tomcat is developed in an open and participatory environment and released under the Apache License version 2. Apache Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. Apache Tomcat powers numerous large-scale, mission-critical web applications across a diverse range of industries and organizations.

First, download the latest version from the project download page. At the time of writing this article, the stable Tomcat version was 8.0.15. For the purpose of this tutorial, I will be using Apache Tomcat binary zip file.

wget http://mirror.sdunix.com/apache/tomcat/tomcat-8/v8.0.15/bin/apache-tomcat-8.0.15.zip

Extract it using command:

unzip apache-tomcat-8.0.15.zip

Move the extracted contents to /opt/ directory.

mv apache-tomcat-8.0.15/ /opt/tomcat

Setup Tomcat environment variable

Create a file called tomcat.sh under /etc/profile.d/ directory.

vi /etc/profile.d/tomcat.sh

Add the following contents:

#!/bin/bash
CATALINA_HOME=/opt/tomcat
PATH=$CATALINA_HOME/bin:$PATH
export PATH CATALINA_HOME
export CLASSPATH=.

Save and close the file. Make it executable using the following command.

chmod +x /etc/profile.d/tomcat.sh

Then, set the environment variables permanently by running the following command:

source /etc/profile.d/tomcat.sh

Now, we have to start the Tomcat server. Before starting Tomcat, give executable permission to the following script files.

chmod +x $CATALINA_HOME/bin/startup.sh
chmod +x $CATALINA_HOME/bin/shutdown.sh
chmod +x $CATALINA_HOME/bin/catalina.sh

Start Tomcat server by running the following command from your Terminal.

cd $CATALINA_HOME/bin
./startup.sh

Sample output:

Using CATALINA_BASE:   /opt/tomcat
Using CATALINA_HOME:   /opt/tomcat
Using CATALINA_TMPDIR: /opt/tomcat/temp
Using JRE_HOME:        /usr/java/jdk1.8.0_25/
Using CLASSPATH:       /opt/tomcat/bin/bootstrap.jar:/opt/tomcat/bin/tomcat-juli.jar
Tomcat started.

As you see in the above output, the Tomcat server has been started. Now, open up the browser and navigate to http://ip-address:8080/.

Make sure you’ve allowed the Tomcat default port 8080 through iptables.

On CentOS 6.x systems:

Edit file /etc/sysconfig/iptables,

vi /etc/sysconfig/iptables

Add the following line:

[...]
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
[...]

Save and close the file and restart the iptables service.

service iptables restart

On CentOS 7 systems:

firewall-cmd --permanent --add-port=8080/tcp
firewall-cmd --reload

Now, navigate to http://ip-address:8080 from your web browser. You should see the following screen.

Voila! Congratulations! The Tomcat server is up and working.

To stop the server, just enter the following commands:

cd $CATALINA_HOME/bin
./shutdown.sh

Autostart Tomcat

We haven’t finished yet. The Tomcat server won’t start after the system reboots. You have to make it to start it manually on every reboot.

If you want it to start automatically on every reboot, Just follow the steps given below.

Create a file called tomcat under /etc/init.d/ directory.

vi /etc/init.d/tomcat

Copy/paste the following lines in it. Replace the JAVA and Tomcat paths and environment variables with your own.

#!/bin/sh
# chkconfig: 2345 80 20

# Description: Tomcat Start/Shutdown script

export JAVA_HOME=/usr/java/jdk1.8.0_25

case $1 in
start)
cd /opt/tomcat/bin/
./startup.sh
;;
stop)
cd /opt/tomcat/bin/
./shutdown.sh
;;
restart)
cd /opt/tomcat/bin/
./shutdown.sh
cd /opt/tomcat/bin/
./startup.sh
;;
esac
exit 0

chmod a+x /etc/init.d/tomcat

chkconfig --add tomcat

service tomcat start
chkconfig tomcat on

systemctl start tomcat
chkconfig tomcat on

vi $CATALINA_HOME/conf/tomcat-users.xml

[...]
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="manager-jmx"/>
<role rolename="manager-status"/>
<role rolename="admin-gui"/>
<role rolename="admin-script"/>
<user username="admin" password="admin" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script"/>
[...]

service tomcat restart

systemctl restart tomcat

---------------------------------------------------------------------
How To Install Apache Ant, Maven And Tomcat On CentOS 7/6.5

Security is most important aspect in internet. Outsiders can monitor internet traffic between your computer and the web. Here the importance of VPN comes. VPN, or virtual private network, is a secure method of connecting remote internet resources together as if they were under the same LAN. OpenVPN is a popular open source application that implements a virtual private network. works on Linux, Windows, and Mac operating systems. It can be utilized to create a secure connection between physically distributed servers.

This Article explains How to install and configure OpenVPN in centOS 7 server.

Prerequisites

• CentOS 7 server.
• root access to the server.
• Domain or sub-domain that resolves to your server that you can use for the certificates

OpenVpn isn’t available in the default CentOS repositories. So we need to install Enterprise Linux (EPEL) repository. Use the following command to install EPEL repository.

yum install epel-release

Step 1 — Installing OpenVPN

First, We are going to install in the server by issuing the following command.

yum install openvpn -y

Step 2 —  Install Easy RSA

For generating our SSL key pairs, which will secure our VPN connections. Execute the following command:

yum install easy-rsa -y

Step 3 — Configuring OpenVPN

We can find an example configuration file in its documentation directory. We need to copy the sampleserver.conf by the following command.

cp /usr/share/doc/openvpn-*/sample/sample-config-files/server.conf  /etc/openvpn

Open the file in your favorite editor, I’m using editor,

vi /etc/openvpn/server.conf

Most of the lines just need to be uncommented (remove the ;) and some of there are to be changed.

Do the following changes.

We need to change the dh file name to dh2048.pem. Because the default Diffie-Hellman encryption length for Easy RSA will be 2048 bytes. We will do the key generation in next step.

dh dh2048.pem

Next, uncomment the push “redirect-gateway def1 bypass-dhcp” line, which tells the client to redirect all traffic through our OpenVPN.

push "redirect-gateway def1 bypass-dhcp"

Next we need to provide DNS servers to the client, as it will not be able to use the default DNS servers provided by your Internet service provider. We’re going to use Google’s public DNS servers, 8.8.8.8 and8.8.4.4.

For this, uncomment the push “dhcp-option DNS lines and updating the IP addresses.

push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"

Change user and group to nobody

user nobody
group nobody

Save and exit the OpenVPN server configuration file.

Step 4 — Generating Keys and Certificates

Now, we’ll need to generate our keys and certificates. Easy RSA installs some scripts to generate these keys and certificates.

Create a directory for the keys by the following command

mkdir -p /etc/openvpn/easy-rsa/keys

We also need to copy the key and certificate generation scripts into the directory.

cp -rf /usr/share/easy-rsa/2.0/* /etc/openvpn/easy-rsa

Now, we’re going to edit the default values in the script. So we don’t have to type our information in each time. Open the file in vi editor.

vi /etc/openvpn/easy-rsa/vars

Change values that start with KEY_. Update the following values to be accurate for your organization.

Some of the important value that should be change carefully are,

• KEY_NAME: You should enter server here; you could enter something else, but then you would also have to update the configuration files that reference  and
• KEY_CN: Enter the domain or subdomain that resolves to your server

Refer the sample file below,

. . .
# These are the default values for fields
# which will be placed in the certificate.
# Don't leave any of these fields blank.
export KEY_COUNTRY="US"
export KEY_PROVINCE="NY"
export KEY_CITY="New York"
export KEY_ORG="unixmen"
export KEY_EMAIL="jijojamestj@gmail.com"
export KEY_OU="Community"
# X509 Subject Field
export KEY_NAME="server"
. . .
export KEY_CN=openvpn.unixmen.com
. . .

OpenSSL configuration may not load due to the version being undetectable. To avoid this remove the version number from the openSSl file name.

cp /etc/openvpn/easy-rsa/openssl-1.0.0.cnf /etc/openvpn/easy-rsa/openssl.cnf

Next, We are going to generate the keys and certificates. Move to easy-rsa directory and source in our new variables.

cd /etc/openvpn/easy-rsa

source ./vars

Then, we will clean up any keys and certificates which may already be in this folder and generate our certificate authority.

./clean-all 

When you build the certificate authority, you will be asked to enter all the information we put into the vars file, but you will see that your options are already set as the defaults. So, you can just press ENTER for each one.

./build-ca

Next, We will generate the key and certificate for the server. Please press ENTER for each question as for the above step

./build-key-server server

Now we will generate Diffie-Hellman key exchange file. This command will take few to complete:

./build-dh 

So, we completed the server keys and certificates generation process. Copy them all into our OpenVPN directory.

cd /etc/openvpn/easy-rsa/keys

cp dh2048.pem ca.crt server.crt server.key /etc/openvpn

For authenticate our clients will also need certificates. These keys and certificates will be shared with your clients, and it’s best to generate separate keys and certificates for each client you intend on connecting.

Make sure that if you do this you give them descriptive names, but for now we’re going to have one client so we’ll just call it client.

cd /etc/openvpn/easy-rsa

./build-key client

 That's it for keys and certificates.

Step 5 — Routing

Install the iptables and disablefirewalld by execute the following commands

yum install iptables-services -y

systemctl mask firewalld

systemctl enable iptables

systemctl stop firewalld

systemctl start iptables

iptables --flush

Next, We need to add a rule to iptables to forward our routing to our OpenVPN subnet, and save this rule.

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

iptables-save > /etc/sysconfig/iptables

Next, enable  IP forwarding in sysctl. Open sysctl.conf in vi editor.

vi /etc/sysctl.conf

Add the following line at the top of the file:

net.ipv4.ip_forward = 1

For the IP forwarding will take effect. We need to restart the network service. Issue the following command

systemctl restart network.service

Step 6 — Starting OpenVPN

Now, we completed the installation and ready start the openVPN service. add it to systemctl using the command

systemctl -f enable openvpn@server.service

Start OpenVPN:

systemctl start openvpn@server.service

So we have successfully completed all the server-side configuration done for OpenVPN.

Next Let’s see how to connect a client to the server.

Step 6 — Configuring a Client

To connect you will definitely need a copy of the ca certificate from the server, along with the client key and certificate.

Locate the following files on the server. In this article we used ‘client’ as the descriptive name for the client keys.

/etc/openvpn/easy-rsa/keys/ca.crt

/etc/openvpn/easy-rsa/keys/client.crt

/etc/openvpn/easy-rsa/keys/client.key

Copy these three files to your client machine. For this, Open the file in the server and copy the content of the file into a new file in the client system an save, or use SFTP.

We’re going to create a file called client.ovpn. This is a configuration file for an OpenVPN client, telling it how to connect to the server.

• You’ll need to change the first line to reflect the name you gave the client in your key and certificate; in our case, this is just client
• You also need to update the IP address from your_server_ip to the IP address of your server; port1194 can stay the same
• Make sure the paths to your key and certificate files are correct

client
dev tun
proto udp
remote your_server_ip 1194
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
verb 3
ca /path/to/ca.crt
cert /path/to/client.crt
key /path/to/client.key

This file can now be used by any OpenVPN client to connect to your server.

Assume the client machine has Windows OS.

You will need the official OpenVPN Community Edition binaries which come with a GUI. Then, place your .ovpn configuration file into the proper directory, ex. C:\Program Files\OpenVPN\config, and click Connect in the GUI. OpenVPN GUI on Windows must be executed with administrative privileges.

That’s it!
Cheers..!

---------------------------------------------------------------------
How To Install OpenVPN On CentOS 7

GlusterFS aggregates various storage servers over Ethernet or Infiniband RDMA interconnect into one large parallel network file system. It is free software, with some parts licensed under the GNU General Public License(GPL) v3 while others are dual licensed under either GPL v2 or the Lesser General Public License (LGPL) v3. GlusterFS is based on a stackable user space design.

GlusterFS has a client and server component. Servers are typically deployed as storage bricks, with each server running a glusterfsd daemon to export a local file system as a volume. The glusterfs client process, which connects to servers with a custom protocol over TCP/IP, InfiniBand or Sockets Direct Protocol, creates composite virtual volumes from multiple remote servers using stackable translators. By default, files are stored whole, but striping of files across multiple remote volumes is also supported. The final volume may then be mounted by the client host using its own native protocol via the FUSE mechanism, using NFS v3 protocol using a built-in server translator, or accessed via gfapi client library. Native-protocol mounts may then be re-exported e.g. via the kernel NFSv4 server, SAMBA, or the object-based OpenStack Storage (Swift) protocol using the “UFO” (Unified File and Object) translator.

I am using 2 CentOS 7 nodes with hostnames: glusterfs1 and glusterfs2.

Servers:

 [root@glusterfs1 ~]# cat  /etc/os-release
 NAME="CentOS Linux"
 VERSION="7 (Core)"
 ID="centos"
 ID_LIKE="rhel fedora"
 VERSION_ID="7"
 PRETTY_NAME="CentOS Linux 7 (Core)"
 ANSI_COLOR="0;31"
 CPE_NAME="cpe:/o:centos:centos:7"
 HOME_URL="https://www.centos.org/"
 BUG_REPORT_URL="https://bugs.centos.org/"

 [root@glusterfs2 ~]# cat /etc/os-release
 N NAME="CentOS Linux"
 VERSION="7 (Core)"
 ID="centos"
 ID_LIKE="rhel fedora"
 VERSION_ID="7"
 PRETTY_NAME="CentOS Linux 7 (Core)"
 ANSI_COLOR="0;31"
 CPE_NAME="cpe:/o:centos:centos:7"
 HOME_URL="https://www.centos.org/"
 BUG_REPORT_URL="https://bugs.centos.org/"

Add this to both servers in /etc/hosts.

192.168.254.133 glusterfs1
192.168.254.134 glusterfs2

Installing in CentOS:

wget -P /etc/yum.repos.d http://download.gluster.org/pub/gluster/glusterfs/LATEST/CentOS/glusterfs-epel.repo
yum -y install glusterfs glusterfs-fuse glusterfs-server
systemctl start glusterd

For glusterfs it is important to setup 2 identical partitions on all nodes. I will use /dev/sdb1 1 GB in size (Am  using  Vmware/Virtualbox in my case example).

fdisk /dev/sdb

Type ‘n’ for new partition. choose ‘p’ for primary, follow the wizard to complete, ‘w’ to write data to disk.

Create file system:

mkfs.ext4 /dev/sdb1

Create Sync directory on both machine:

mkdir -p /data/gluster/brick

mount /dev/sdb1 /data/gluster

You can add this to fstab to make it ready for the next reboot.

/dev/sdb1    /data/gluster    ext4 default  1 2

Add iptable rules for glusterfs:

 -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.254.0/24 --dport 111         -j ACCEPT
 -A INPUT -m state --state NEW -m udp -p udp -s 192.168.254.0/24 --dport 111         -j ACCEPT
 -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.254.0/24 --dport 2049        -j ACCEPT
 -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.254.0/24 --dport 24007       -j ACCEPT
 -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.254.0/24 --dport 38465:38469 -j ACCEPT
 -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.254.0/24 --dport 49152       -j ACCEPT

Added glusterfs2 in glusterfs1′s hosts file, and tested the config:

 [root@glusterfs1 ~]# gluster peer probe glusterfs2
 peer probe: success.

 [root@glusterfs2 ~]# gluster peer probe glusterfs1
 peer probe: success. Host glusterfs1 port 24007 already in peer list

At this time I can test the storage pool:

 [root@glusterfs1 glusterfs]# gluster pool list
 UUID                                    Hostname        State
 4cf47688-74ba-4c5b-bf3f-3270bb9a4871    glusterfs2      Connected
 a3ce0329-35d8-4774-a061-148a735657c4    localhost       Connected

[root@glusterfs1 ~]# gluster volume status
No volumes present

Create a gluster volume and test replication:

[root@glusterfs1 ~]# gluster
 gluster> volume create vol0 rep 2 transport tcp glusterfs1:/data/gluster/brick glusterfs2:/data/gluster/brick force
 volume create: vol0: success: please start the volume to access data
 gluster>

###### if vol creation fails for some reason, do # setfattr -x trusted.glusterfs.volume-id /data/gluster/brick and restart glusterd.

 gluster> volume start vol0
 volume start: vol0: success

Create mount point and mount the volume on both nodes:

[root@glusterfs1 ~]# mount -t glusterfs glusterfs1:/vol0 /mnt/gluster/

[root@glusterfs2 ~]# mount -t glusterfs glusterfs1:/vol0 /mnt/gluster/

[root@glusterfs1 ~]# cp /var/log/secure /mnt/gluster/

The content is automatically synced between nodes

[root@glusterfs1 ~]# ls /mnt/gluster/
secure

[root@glusterfs2 ~]# ls /mnt/gluster/
secure

That’s it.

Cheers!

---------------------------------------------------------------------
Install GlusterFS Server And Client On CentOS 7

Introduction

Nagios is an open source software that can be used for network and infrastructure monitoring. Nagios will monitor servers, switches, applications and services. It alerts the System Administrator when something went wrong and also alerts back when the issues has been rectified.

Features

• Monitor your entire IT infrastructure;
• Identify problems before they occur;
• Know immediately when problems arise;
• Share availability data with stakeholders.hypothetical question;
• Detect security breaches;
• Plan and budget for IT upgrades;
• Reduce downtime and business losses.

Scenario

In this tutorial i am going to use two systems as mentioned below.

Nagios server:

Operating system : CentOS 7 minimal server
IP Address       : 192.168.1.150/24

Nagios client:

Operating System : CentOS 7 minimal server
IP Address       : 192.168.1.152/24

Prerequisites

Before installing Nagios, make sure that you’ve a properly installed and configured LAMP stack in your server. To install and configure LAMP server, refer the following link.

• Install LAMP server On CentOS/RHEL/Scientific Linux 7

Also install the following prerequisites too. All commands should be run as root user.

yum install gd gd-devel gcc glibc glibc-common wget

Create Nagios User And Group

Create a new nagios user account and give it a password:

useradd -m nagios
passwd nagios

Create a new nagcmd group for allowing external commands to be submitted through the web interface. Add both the nagios user and the apache user to the group.

groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd apache

Download Nagios And Plugins

Go to the nagios download page, and get the latest version. As of writing this, the latest version was 4.0.8.

wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-4.0.8.tar.gz

And, download nagios plugins too.

wget http://nagios-plugins.org/download/nagios-plugins-2.0.3.tar.gz

Install Nagios And Plugins

Install nagios:

I tested this how-to on CentOS 7 minimal server, although it should work on all RHEL 7 and its clones like Scientific Linux 7 too.

Go to the folder where you’ve downloaded nagios, and extract it using command:

tar xzf nagios-4.0.8.tar.gz

Change to the nagios directory, and run the following commands one by one from the Terminal to compile and install nagios.

cd nagios-4.0.8

./configure --with-command-group=nagcmd

make all

make install

make install-init

make install-config

make install-commandmode

Install Nagios Web interface:

Enter the following commands to compile and install nagios web interface.

make install-webconf

Create a nagiosadmin account for logging into the Nagios web interface. Remember the password you assign to this account. You’ll need it while logging in to nagios web interface..

htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Restart Apache to make the new settings take effect.

systemctl restart httpd

Install Nagios plugins:

Go to the directory where you downloaded the nagios plugins, and extract it.

tar xzf nagios-plugins-2.0.3.tar.gz

Change to the nagios plugins directory:

cd nagios-plugins-2.0.3

Run the following commands one by one to compile and install it.

./configure --with-nagios-user=nagios --with-nagios-group=nagios

make

make install

We aren’t finished yet.

Configure Nagios

Nagios sample configuration files have now been installed in the /usr/local/nagios/etc directory. These sample files should work fine for getting started with Nagios. However, you’ll need to put your actual email ID to receive alerts.

To do that, Edit the /usr/local/nagios/etc/objects/contacts.cfg config file with your favorite editor and change the email address associated with the nagiosadmin contact definition to the address you’d like to use for receiving alerts.

vi /usr/local/nagios/etc/objects/contacts.cfg

Find the following line and enter the email id:

[...]
define contact{
        contact_name                    nagiosadmin             ; Short name of user
        use                             generic-contact         ; Inherit default values from generic-contact template (defined above)
        alias                           Nagios Admin            ; Full name of user

        email                           sk@unixmen.com  ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******
        }
[...]

Save and close the file.

Then, Edit file /etc/httpd/conf.d/nagios.conf,

vi /etc/httpd/conf.d/nagios.conf

And edit the following lines if you want to access nagios administrative console from a particular IP series. Here, I want to allow nagios administrative access from 192.168.1.0/24 series only.

[...]
## Comment the following lines ##
#   Order allow,deny
#   Allow from all

## Uncomment and Change lines as shown below ##
Order deny,allow
Deny from all
Allow from 127.0.0.1 192.168.1.0/24
[...]

Restart httpd service:

systemctl restart httpd

Now, check for any configuration errors using command:

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

If there are no errors, start nagios service and make it to start automatically on every boot.

systemctl start nagios
chkconfig --add nagios
chkconfig nagios on

Adjust SELinux Settings

By default, SELinux will be in enforcing mode, and it throws “Internal Server Error” messages when you attempt to access the Nagios CGIs.

To rectify this error, edit file /etc/selinux/config:

vi /etc/selinux/config

And, set SELinux to permissive mode.

[...
SELINUX=permissive
[...]

Reboot your server to take effects the changes.

Access Nagios Web Interface

Open nagios administrator console with URL http://nagios-server-ip/nagios and enter the username as nagiosadmin and its password which we created in the earlier steps.

This is how Nagios administrative console looks:

Click on the “Hosts” section in the left pane of the console. You will see there the no of hosts to be monitored by Nagios server. We haven’t added any hosts yet. So it simply monitors the localhost itself only.

Click on the particular host to display more details:

Add Monitoring targets to Nagios server

Now, let us add some clients to monitor by Nagios server. To do that we have to install nrpe and nagios-plugins in our monitoring targets.

On CentOS/RHEL/Scientifc Linux clients:

Add EPEL repository in your CentOS/RHEL/Scientific Linux 6.x or 7 clients to install nrpe package.

To install EPEL on CentOS 7, run the following command:

yum install epel-release

On CentOS 6.x systems, refer the following link.

• Install EPEL Repository On CentOS 6.x

Install “nrpe” and “nagios-plugins” packages in client systems:

yum install nrpe nagios-plugins-all openssl

On Debian/Ubuntu clients:

sudo apt-get install nagios-nrpe-server nagios-plugins

Configure Monitoring targets

Edit /etc/nagios/nrpe.cfg file,

sudo vi /etc/nagios/nrpe.cfg

Add your Nagios server ip address:

[...]
## Find the following line and add the Nagios server IP ##
allowed_hosts=127.0.0.1 192.168.1.150
[...]

Start nrpe service on CentOS clients:

CentOS 7:

systemctl start nrpe
chkconfig nrpe on

CentOS 6.x:

service nrpe start
chkconfig nrpe on

For Debian/Ubuntu Clients, start nrpe service as shown below:

sudo /etc/init.d/nagios-nrpe-server restart

Now, go back to your Nagios server, and add the clients in the configuration file.

To do that, Edit “/usr/local/nagios/etc/nagios.cfg” file,

vi /usr/local/nagios/etc/nagios.cfg

and uncomment the following lines.

## Find and uncomment the following line ##
cfg_dir=/usr/local/nagios/etc/servers

Create a directory called “servers” under “/usr/local/nagios/etc/”.

mkdir /usr/local/nagios/etc/servers

Create config file to the client to be monitored:

vi /usr/local/nagios/etc/servers/clients.cfg

Add the following lines:

define host{

use                             linux-server

host_name                       client

alias                           client

address                         192.168.1.152

max_check_attempts              5

check_period                    24x7

notification_interval           30

notification_period             24x7

}

Here, 192.168.1.152 is my nagios client IP address. Finally restart nagios service.

systemctl restart nagios

Wait for few seconds, and refresh nagios admin console in the browser and navigate to “Hosts” section in the left pane. You will see the newly added client will be visible there. Click on the host to see if there is anything wrong or any alerts it has.

Click on the monitoring target (client) to view the detailed output:

Similarly, you can define more clients by creating a separate config files “/usr/local/nagios/etc/servers” directory for each client.

Define services

We have just defined the monitoring host. Now, let us add some services of the monitoring host. For example, to monitor the ssh service, add the following lines shown in bold in the “/usr/local/nagios/etc/servers/clients.cfg” file.

vi /usr/local/nagios/etc/servers/clients.cfg

Add the following lines shown in bold:

define host{

use                             linux-server

host_name                       client

alias                           client

address                         192.168.1.152

max_check_attempts              5

check_period                    24x7

notification_interval           30

notification_period             24x7

}

define service {
        use                             generic-service
        host_name                       client
        service_description             SSH
        check_command                   check_ssh
        notifications_enabled           0
        }

Save and close the file. Restart Nagios.

systemctl restart nagios

Wait for few seconds, and check for the added services (i.e ssh) in the nagios web interface. Navigate to Services section on the left side bar, you’ll see the ssh service there.

To know more about object definitions such as Host definitions, service definitions, contact definitions, please do visit here. This page will explain you the description and format of all object definitions.

Thats it. Cheers!

Source

---------------------------------------------------------------------
Install And Configure Nagios 4 On CentOS 7

Introduction

OpenNMS is a free, Open Source, and world’s first enterprise grade network monitoring system that can be used to monitor tens of thousands of unlimited devices with a single instance. It was started almost 15 years back (1999), and still it is being constantly developed by active community. OpenNMS will discover and monitor the services or nodes automatically in your network, or you can assign a particular service to monitor by OpenNMS. Also, If you want, OpenNMS will do both automated and directed discovery too.

OpenNMS can generate its own events, or receive events from outside sources such as SNMP Traps, syslog or TL/1. Also, it is possible to send custom events to OpenNMS in XML formatted text. OpenNMS will send Email or SMS notifications to the administrators, and has a trouble ticketing API that allows it to have bidirectional communication with many popular trouble ticketing systems like OTRS. You can find the complete list of features here.

Installation

In this tutorial, let us install OpenNMS on CentOS 7 server. Before installing make sure you’ve done the following prerequisites steps.

Update your system:

yum update

Set SELinux to permissive mode:

Edit file /etc/selinux/config,

vi /etc/selinux/config

[...]
SELINUX=permissive
[...]

Set proper FQDN in /etc/hosts file.

vi /etc/hosts

Set your fully qualified domain name as shown below.

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.150   server.unixmen.local    server

Save and close the file. Reboot your system.

Install PostgreSQL:

To install PostgreSQL refer the following link.

• How To Install PostgreSQL 9.4 And phpPgAdmin In CentOS 7/6.5/6.4

Now, allow user access to the database. By default, PostgreSQL only allows you to connect if you are logged in to the local account name that matches the PostgreSQL user. Since OpenNMS runs as root, it cannot connect as a “postgres” or “opennms” user by default, so we have to change the configuration to allow that.

To do so, you will need to edit your database’s pg_hba.conf file.

Edit file /var/lib/pgsql/9.4/data/pg_hba.conf,

vi /var/lib/pgsql/9.4/data/pg_hba.conf

Find the following lines:

local   all         all                               peer
host    all         all         127.0.0.1/32          ident
host    all         all         ::1/128               ident

And, change them to look like the following:

local   all         all                               trust
host    all         all         127.0.0.1/32          trust
host    all         all         ::1/128               trust

Once you have finished making changes, restart the database (as root):

systemctl restart postgresql-9.4

Install JDK:

To install JDK, refer the following link.

• Install Oracle Java JDK 8 On CentOS 7/6.5/6.4

Important note: While OpenNMS doesn’t support Java 8 yet, It is strongly recommended to use Java 7. The above link contains the installation instructions for Java 8 only. However, you can use the same procedure to install Java 7.

Install OpenNMS Repository:

Go to the OpenNMS yum repository download page, and download the appropriate repository depending upon your distribution version. As I am using CwntOS 7, I installed OpenNMS repository for CentOS.

rpm -ivh http://yum.opennms.org/repofiles/opennms-repo-stable-rhel7.noarch.rpm

Now, update the repository lists using command:

yum update

Then, install OpenNMS:

yum install opennms

Post Installation

Disable OpenNMS YUM Repository:

You must disable OpenNMS repository if you want to do manual upgrade instead of automatic update. If you prefer automatic update, which is easy, you can skip this step.

To do that, edit file /etc/yum.repos.d/opennms-stable-rhel7.repo,

vi /etc/yum.repos.d/opennms-stable-rhel7.repo

Find the line enabled=1, and change it to enabled=0 inside each [opennms-*] section.

enabled=0

If you can find that line, add it. Or siply remove the opennms-stable-rhel7.repo file. Save and close the file.

Update the repository list using command:

yum update

Configure Java:

Then, you need to tell OpenNMS which Java you want it to use. If you installed the recommended Sun/Oracle JDK, all you should need to do is point it at /usr/java/latest:

/opt/opennms/bin/runjava -S /usr/java/latest/bin/java

Sample output:

 runjava: checking specified JRE: "/usr/java/latest/bin/java"...
 runjava: specified JRE is good.
 runjava: value of "/usr/java/latest/bin/java" stored in configuration file

Create Database for OpenNMS:

/opt/opennms/bin/install -dis

Sample output:

 ==============================================================================
 OpenNMS Installer
 ==============================================================================

 Configures PostgreSQL tables, users, and other miscellaneous settings.

 DEBUG: Platform is IPv6 ready: true
 - searching for libjicmp.so:
 - trying to load /usr/lib64/libjicmp.so: OK
 - searching for libjicmp6.so:
 - trying to load /usr/lib64/libjicmp6.so: OK
 - searching for libjrrd.so:
 - trying to load /usr/lib64/libjrrd.so: NO
 - trying to load /usr/lib64/libjrrd.so: NO
 - trying to load /libjrrd.so: NO
 - trying to load /opt/opennms/lib/libjrrd.so: NO
 - trying to load /opt/opennms/lib/linux64/libjrrd.so: NO
 - trying to load /usr/java/packages/lib/amd64/libjrrd.so: NO
 - trying to load /usr/lib64/libjrrd.so: NO
 - trying to load /lib64/libjrrd.so: NO
 - trying to load /lib/libjrrd.so: NO
 
 [...]
 
 Disabling Linkd (to promote EnhancedLinkd)
 Disabling service OpenNMS:Name=Correlator because it is not on the default list of enabled services
 Disabling service OpenNMS:Name=Tl1d because it is not on the default list of enabled services
 Disabling service OpenNMS:Name=Syslogd because it is not on the default list of enabled services
 Disabling service OpenNMS:Name=Xmlrpcd because it is not on the default list of enabled services
 Disabling service OpenNMS:Name=XmlrpcProvisioner because it is not on the default list of enabled services
 Disabling service OpenNMS:Name=AsteriskGateway because it is not on the default list of enabled services
 Disabling service OpenNMS:Name=AccessPointMonitor because it is not on the default list of enabled services
 - Saving the execution state
 - Running post-execution phase
 Removing backup /opt/opennms/etc/service-configuration.xml.zip

 Finished in 0 seconds

 Upgrade completed successfully!

Here,

• -d – to update the database.
• -i – to insert any default data that belongs in the database.
• -s – to create or update the stored procedures OpenNMS uses for certain kinds of data access.

Configure IPLIKE:

OpenNMS uses a PostgreSQL stored procedure called “IPLIKE” which provides an API for easily performing complicated IP address queries. It is optional, but it is recommended for performance reasons.

To install iplike, enter the following command:

yum install iplike

Firewall configuration:

Allow OpenNMS management interface port 8980 through firewall or router to access the management web interface from the remote systems.

To do that, enter the following commands from the Terminal:

firewall-cmd --permanent --add-port=8980/tcp
firewall-cmd --reload

Finally, start OpenNMS service using command:

systemctl start opennms
systemctl enable opennms

Log in To OpenNMS Management Interface

Open up your browser, and point it to http://ip-address:8980/opennms. The following screen should appear. Enter the username and password. The default username and password is admin/admin.

if you can’t access the web interface, restart your system and check again.

This is how my OpenNMS dashboard looked.

it is not safe to leave the admin user password as default. So let us change it to something different and stronger.

To do that, click on the admin user on the top right corner.

Click Change password link, and enter the new password twice. Finally click OK to save changes.

That’s it. OpenNMS is up and running now. In our next tutorial, let us discuss how to monitor devices/nodes/services etc. Until then, stay happy.

Want to Install OpenNMS on Ubuntu? then check the following link.

• Installing OpenNMS on Ubuntu

Reference

---------------------------------------------------------------------
Installing OpenNMS Network Monitoring And Management Platform On CentOS 7

Introduction

PostgreSQL is a powerful, open-source object-relational database system. It runs under all major operating systems, including Linux, UNIX (AIX, BSD, HP-UX, SGI IRIX, Mac OS, Solaris, Tru64), and Windows OS.

PostgreSQL 9.4 has been released last week with major enhancements, fixes, and features. Read what is new in PostgreSQL 9.4 here.

In this handy tutorial, let us see how to install PostgreSQL 9.4 on CentOS 7/6.5/6.4 server.

Install PostgreSQL

Go to the PostgreSQL repository download page, and add the PostgreSQL 9.4 repository depending upon your server architecture.

For CentOS 6.x 32bit:

rpm -Uvh http://yum.postgresql.org/9.4/redhat/rhel-6-i386/pgdg-centos94-9.4-1.noarch.rpm

For CentOS 6.x 64bit:

rpm -Uvh http://yum.postgresql.org/9.4/redhat/rhel-6-x86_64/pgdg-centos94-9.4-1.noarch.rpm

For CentOS 7 64bit:

rpm -Uvh http://yum.postgresql.org/9.4/redhat/rhel-7-x86_64/pgdg-centos94-9.4-1.noarch.rpm

Update the repository list using command:

yum update

Now, Install postgresql with the following command:

yum install postgresql94-server postgresql94-contrib

Initialize postgresql database using following command:

On CentOS 6.x systems:

service postgresql-9.4 initdb

On CentOS 7 systems:

/usr/pgsql-9.4/bin/postgresql94-setup initdb

Then, start postgresql service and make it to start automatically on every reboot.

On CentOS 6.x systems:

service postgresql-9.4 start
chkconfig postgresql-9.4 on

On CentOS 7 systems:

systemctl enable postgresql-9.4
systemctl start postgresql-9.4

Adjust Iptables/Firewall

Next, adjust iptables to access postgresql from remote systems.

On CentOS 6.x systems:

vi /etc/sysconfig/iptables

Add the following line:

-A INPUT -m state --state NEW -m tcp -p tcp --dport 5432 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

Save and exit the file. Restart iptables service.

service iptables restart

On CentOS 7 systems:

firewall-cmd --permanent --add-port=5432/tcp
firewall-cmd --permanent --add-port=80/tcp
firewall-cmd --reload

Access PostgreSQL command prompt

The default database name and database user are “postgres”. Switch to postgres user to perform postgresql related operations:

su - postgres

To login to postgresql, enter the command:

psql

Sample Output:

psql (9.4.0)
Type "help" for help.

postgres=#

To exit from posgresql prompt, type \q following by quit to return back to the Terminal.

Set “postgres” user password

Login to postgresql prompt,

su - postgres

psql

.. and set postgres password with following command:

postgres=# \password postgres 
Enter new password: 
Enter it again: 
postgres=# \q

To install PostgreSQL Adminpack, enter the command in postgresql prompt:

postgres=# CREATE EXTENSION adminpack;
CREATE EXTENSION

Create New User and Database

For example, let us create a new user called “senthil” with password “centos”, and database called “mydb”.

Switch to postgres user:

su - postgres

Create user senthil.

$ createuser senthil

Create database:

$ createdb mydb

Now, login to the psql prompt, and set password and Grant access to the database mydb for senthil:

$ psql

psql (9.4.0)
Type "help" for help.

postgres=# alter user senthil with encrypted password 'centos';
ALTER ROLE

postgres=# grant all privileges on database mydb to senthil;
GRANT
postgres=#

Delete Users and Databases

To delete the database, switch to postgres user:

su - postgres

Enter command:

$ dropdb <database-name>

To delete a user, enter the following command:

$ dropuser <user-name>

Configure PostgreSQL-MD5 Authentication

MD5 authentication requires the client to supply an MD5-encrypted password for authentication. To do that, edit /var/lib/pgsql/9.4/data/pg_hba.conf file:

vi /var/lib/pgsql/9.4/data/pg_hba.conf

Add or Modify the lines as shown below

[...]
# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     md5
# IPv4 local connections:
host    all             all             127.0.0.1/32            md5
host    all             all             192.168.1.0/24          md5
# IPv6 local connections:
host    all             all             ::1/128                 md5
[...]

Restart postgresql service to apply the changes:

On CentOS 6.x systems:

service postgresql-9.4 restart

On CentOS 7 systems:

systemctl restart postgresql-9.4

Configure PostgreSQL-Configure TCP/IP

By default, TCP/IP connection is disabled, so that the users from another computers can’t access postgresql. To allow to connect users from another computers, Edit file /var/lib/pgsql/9.4/data/postgresql.conf:

vi /var/lib/pgsql/9.4/data/postgresql.conf

Find the lines:

[...]
#listen_addresses = 'localhost'
[...]
#port = 5432
[...]

Uncomment both lines, and set the IP address of your postgresql server or set ‘*’ to listen from all clients as shown below:

listen_addresses = '*'
port = 5432

Restart postgresql service to save changes:

On CentOS 6.x systems:

/etc/init.d/postgresql-9.4 restart

On CentOS 7 systems:

systemctl restart postgresql-9.4

Manage PostgreSQL with phpPgAdmin

phpPgAdmin is a web-based administration utility written in PHP for managing PosgreSQL.

phpPgAdmin is available only in PostgreSQL RPM repository. If you didn’t add PostgreSQL repository, you should add EPEL repository.

Follow the below link to install EPEL repository on CentOS 6.x.

• Install EPEL repository on CentOS/RHEL/Scientific Linux 6

For CentOS 7, refer the following link.

• Install EPEL Repository on CentOS 7

Or, simply enter the following command:

yum install epel-release

Update the repository using command:

yum update

Now, Install phpPgAdmin, enter the following command:

yum install phpPgAdmin httpd

Note: phpPgAdmin is case sensitive. Use upper and lower cases properly as shown in the above command.

By default, you can access phppgadmin using http://localhost/phpPgAdmin from your local system only. To access remote systems, do the following.

Edit file /etc/httpd/conf.d/phpPgAdmin.conf:

vi /etc/httpd/conf.d/phpPgAdmin.conf

Make the changes as shown below in the bold letters.

[...]
Alias /phpPgAdmin /usr/share/phpPgAdmin

<Location /phpPgAdmin>
    <IfModule mod_authz_core.c>
        # Apache 2.4
        Require all granted
        #Require host example.com
    </IfModule>
    <IfModule !mod_authz_core.c>
        # Apache 2.2
        Order deny,allow
        Allow from all
        # Allow from .example.com
    </IfModule>
</Location>

Start or Restart Apache service:

On CentOS 6.x systems:

service httpd start
chkconfig httpd on

On CentOS 7 systems:

systemctl enable httpd
systemctl start httpd

Configure phpPgAdmin

Edit file /etc/phpPgAdmin/config.inc.php, and do the following changes. Most of these options are self-explanatory. Read them carefully to know why do you change these values.

vi /etc/phpPgAdmin/config.inc.php

Find the following line:

$conf['servers'][0]['host'] = '';

Change it as shown below:

$conf['servers'][0]['host'] = 'localhost';

And find the line:

$conf['extra_login_security'] = true;

Change the value to false:

$conf['extra_login_security'] = false;

Find the line:

$conf['owned_only'] = false;

Set the value as true.ru

$conf['owned_only'] = true;

Save and close the file. Restart postgresql service and Apache services.

On CentOS 6.x systems:

service postgresql-9.4 restart
service httpd restart

On CentOS 7 systems:

systemctl restart postgresql-9.4
systemctl restart httpd

Now open your browser and navigate to http://ip-address/phpPgAdmin. You will see the following screen.

Login with users that you’ve created earlier. I already have created a user called “senthil” with password “centos” before, so I log in with user “senthil”.

You may get an error called: Login failed.

This is because SELinux might restrict the users to log in to the PostgreSQL. Just enter the following command to get rid of this error.

setsebool -P httpd_can_network_connect_db 1

Now, you’ll be able to log in to the Dashboard without any problems.

This is how my phpPgAdmin dashboard looked.

Log in with postgres user:

That’s it. Now you’ll able to create, delete and alter databases graphically using phpPgAdmin easily.

Cheers!

---------------------------------------------------------------------
Installing PostgreSQL 9.4 And phpPgAdmin In CentOS 7/6.5/6.4

WebSVN offers a view onto your subversion repositories that’s been designed to reflect the Subversion methodology. You can view the log of any file or directory and see a list of all the files changed, added or deleted in any given revision. You can also view the differences between two versions of a file so as to see exactly what was changed in a particular revision.

Features

WebSVN offers the following features:

• Easy to use interface;
• Customisable templating system;
• Colourisation of file listings;
• Blame view;
• Log message searching;
• RSS feed support.

Installation

I use the following link to install Subversion on CentOS 7.

• How To install Subversion On CentOS 7

1 – Download the websvn to /var/www/html.

cd /var/www/html

wget http://websvn.tigris.org/files/documents/1380/49057/websvn-2.3.3.zip

2 – Extract the zip package.

unzip websvn-2.3.3.zip

mv websvn-2.3.3 websvn

3 – Installl php to your system.

yum install php

4 – Edit web svn config.

cd /var/www/html/websvn/include

cp distconfig.php config.php

vi config.php

// Configure these lines if your commands aren't on your path.
//
 $config->setSVNCommandPath('/usr/bin'); // e.g. c:\\program files\\subversion\\bin
 $config->setDiffPath('/usr/bin');

// For syntax colouring, if option enabled...
 $config->setEnscriptPath('/usr/bin');
 $config->setSedPath('/bin');

// For delivered tarballs, if option enabled...
 $config->setTarPath('/bin');

// For delivered GZIP'd files and tarballs, if option enabled...
 $config->setGZipPath('/bin');

//
 $config->parentPath('/svn/');

$extEnscript[".pl"] = "perl";
$extEnscript[".py"] = "python";
$extEnscript[".sql"] = "sql";
$extEnscript[".java"] = "java";
$extEnscript[".html"] = "html";
$extEnscript[".xml"] = "html";
$extEnscript[".thtml"] = "html";
$extEnscript[".tpl"] = "html";
$extEnscript[".sh"] = "bash";
~

save and exit.

6 – Reload apache and start websvn link http://ip/websvn.

 That’s it.

---------------------------------------------------------------------
How To Install Websvn In CentOS 7