Posts Tagged Under: Centos

Samba – How to set up a Samba client on CentOS/RHEL 7

If you have directories on your machine that you want to share out to other machines then you can do this by setting up your machine as an NFS server. However with NFS you can only share out folders to machine that are in the same private network. If you want share folders to other machines over the public internet, then that’s where you need to use the Samba/CIFS protocol. You can follow along this article using this vagrant project on Github.

We will walk through the following example:

+--------------------------+              +--------------------------+
|                        															

NFS – Set up private group folders

Let’s say you want to setup group folder that’s available via nfs. However this time only a particulat Linux group is allowed to have read+write access to this folder. You can do this by ensuring the exported folder is owned by a group, and then setup the SGID. You can follow along this article using this vagrant project on Github.

We will walk through the following example:

+--------------------------+              +--------------------------+
|                          |              |      															

NFS – How to set up an NFS client on CentOS/RHEL 7

Network Files System (NFS) is a protocol that let’s one Linux box (NFS server) to share a folder with another Linux box (NFS Client). On the NFS client this shared folder looks like just an ordinary folder. NFS only works in an internal network so you can share folders over the public internet.

This article doesn’t cover how to setup an NFS server, instead we will assume that we already have an NFS server already setup and we want to configure an NFS client to connect to it. We created a NFS vagrant project on github to help you following along with this example. In our example we have:

+--------------------------+              +--------------------------+
|      															

RHCE – Make websites more secure by setting up HTTPS and SSL/TLS for CentOS 7

So far we have configured web servers to allow connections via the http protocol. However http is not secure which is why it’s better to use https.

When using https, we actually encrypt all data traffic using Symmetric and Asymmetric Encryption.

To setup the above encryption system on our Apache server, we need to first to install the ssl addon module that will allow Apache to be able to communicate on the SSL/TLS layer:

$ yum install mod_ssl

Next we need to install the software that is used for generating public-private key-pairs, so that we can create a key-pair for our web server.

$ yum install openssl

Next we create the private key and it’s csr file. We generate the private key by running the following:

$ openssl genpkey -algorithm RSA -out cb.com.private.key -pkeyopt rsa_keygen_bits:2048
...+++
.......................................+++

Here,


Apache – Make websites more secure by setting up HTTPS and SSL/TLS for CentOS 7

So far we have configured web servers to allow connections via the http protocol. However http is not secure which is why it’s better to use https.

When using https, we actually encrypt all data traffic using Symmetric and Asymmetric Encryption.

To setup the above encryption system on our Apache server, we need to first to install the ssl addon module that will allow Apache to be able to communicate on the SSL/TLS layer:

$ yum install mod_ssl

Next we need to install the software that is used for generating public-private key-pairs, so that we can create a key-pair for our web server.

$ yum install openssl

Next we create the private key and it’s csr file. We generate the private key by running the following:

$ openssl genpkey -algorithm RSA -out cb.com.private.key -pkeyopt rsa_keygen_bits:2048
...+++
.......................................+++

Here,


Apache – Create a hello world CGI app on CentOS 7

Common Gateway Interface (CGI) is a protocol that let’s you run custom scripts via the web. It’s not as commonly used as before, but you still need to know this as part of the RHCE exam objectives.

In Apache, there is a default folder where you can place scripts in, which will then get handled by the CGI protocol. This default folder is declared in the main Apache config file, here’s the relevant extract:


    #
    # Redirect: Allows you to tell clients about documents that used to
    # exist in your server's namespace, but do not anymore. The client
    # will make a new request for the document at its new location.
    # Example:
															

Apache – How To Set Up Virtual Hosts on CentOS 7

Virtual Hosts is one of Apache’s most powerful and commonly used feature. Virtual Hosts (aka vhosts) let’s allows you to host multiple websites on a single machine. There are 2 big advantages to this:

  • Rather than needing one ip address per website, you know just need one ip address for the machine.
  • A lot of machines capacity might not get used if it just hosts a single website. So having multiple websites on a single machine will make better use of your machine’s computing capacity

There are a few ways to setup vhosts, but we’ll walk through one of typical most common ways to create vhosts. In our example we have 2 websites that we want to host on our box, they are:

  • example.com
  • example.net

To start with we first need to create a content directory


Apache – Setting up login based authentication

In the previous tutorial, we saw how we can host multiple websites on the same box using vhosts. Now we’ll look at how we can configure Apache to password protect some web content. In Apache you can set up authentication so that when a user attempts to access a given folder’s content, then they will get a prompt to enter a valid username and password. There’s 2 ways to do this:

  • Setup user-based security – This is where you only give one user account access to restricted part of your website
  • Setup group-managed content – this is where you give a group of people access to a restricted part of your website

Setup user-based security

In this approach, we set up authentication so that there is only one user account that’s permitted to access


System monitoring and reporting using sysstat and dstat on CentOS/RHEL 7

It’s often useful to measure and view various system utilisation metrics, such as for:

  • cpu
  • memory
  • disk
  • network

There are a lot of tools that can measure and collect these metrics, including:

  • dstat – suited for creating realtime reports
  • sysstat – suited for creating historical reports

dstat in action

Dstat shows realtime system utilisation data. First you need to install it:

$ yum install dstat

running dstat on it’s own gives a steady stream of output until you exit out:

[root@target man]# dstat
You did not select any stats, using -cdngy by default.
----total-cpu-usage---- -dsk/total- -net/total- ---paging-- ---system--
usr sys idl wai hiq siq| read  writ| recv  send|  in   out | int   csw
  0   0 100   0   0   0|  23k   53k|   0  															

RHCSA – About this Course

This course covers everything you need to know in order to pass the Red Hat Certified Systems Administrator (RHCSA) exam for RHEL 7.

Becoming RHCSA certified proves that you have developed a strong proficiency in RHEL. RHEL is short for “RedHat Enterprise Linux” and as the name suggests, it’s a Linux based Operating System. RHEL is not free, and is actually quite expensive, especially if you want to practice using RHEL at home. However there’s a free alternative of RHEL called CentOS.

CentOS is identical to RHEL in nearly every way. The main exception being that the RedHat logo and branding are replaced with CentOS’s own logo and branding. Therefore we will be using CentOS 7 throughout this course, and everything we do will cover/demo will work in exactly the