All about the system administration and application development behind a local linux-based company
I told myself when I started this blog that I was going to avoid simple howto posts and focus on system administration concepts. However, I’m going to break that rule today. I was looing through my referrer log files, and noticing that I get a lot of search queries for “How to…” or “how doI…” So, I dug up my access logs, fired up egrep, and made myself a list of search referrals with “how” in the string. Today I’m going to give in to the masses and attempt to answer some of them :
Clusterssh and shmux do this, as mentioned in a previous post. For a more scalable system, also have a look at puppet.
run “yum update” to update all of your software packages. Be sure to restart after a kernel update.
Tripwire is a commercial product, so RTFM or bug support. Also see aide for a free version with similar design goals.
Do you really want to do this? Might ssh/scp/rsync over ssh be a better option? The only possible reason is for speed in an isolated network, where every machine on the network is trusted.
Install the packages rsh-server and xinetd. edit /etc/xinetd.d/rsh and change disable = yes to disable = no. Add .rhosts files as needed. To enable rlogin, do the same for /etc/xinetd.d/rlogin
It isn’t installed by default. If it is installed, edit /etc/xinetd.d/rsh, /etc/xinetd.d/rlogin, and /etc/xinetd.d/rcp and add “disable = yes” to all of them. Or, just remove the whole package with “yum erase rsh”
Run yum check-update , intuitively enough
If you must, install the telnet-server package and enable the service in /etc/xinetd.d/telnet
Thanks to Andrew for the suggestion to add a plug for ssh here.
I assume you mean how to disable root ssh logins. open /etc/ssh/sshd_config and add a line “PermitRootLogin no” Addition: Also, set more restrictive permissions to /bin/su so that people can’t log into ssh as a normal user and su to root.
Since the old kernel should still be installed, simply edit /etc/grub.conf and change default=0 into default=1 Be sure to change it back when you get the kernel working, or you will perpetually be running one kernel behind current
See my post on getting email notifications which I think is a better strategy. If you really must do automatic updates, create a daily crontab that runs yum -y update.
pidgin.
I’ve finished compiling kernels based on the 2.6.18-53.1.4 CentOS kernel. Some people are still using it, because the latest RHEL/CentOS kernel can have NFS issues.
The kernels are christened 2.6.18-53.1.5.el5.cve20080600. They’re available at http://erek.blumenthals.com/vmsplicekernels/ .
Keep in mind that they’re entirely untested, as I haven’t had a chance to go through each one. Please download them, do your own QA, and comment or email me with the results.
I’ll be on vacation until January 15th. I probably won’t be updating this while I’m gone. Hope everyone had great holidays.
I’m a sysadmin and programmer for a local web development and hosting company out of Olean, NY. We handle many smalltown technology needs, and also a few more complex projects.
We maintain an internally-developed CMS for use on small to medium websites, with the design goal of absolute simplicity combined with a powerful enough featureset to handle smallscale needs. I’m currently in the midst of a complete rewriting project, to replace wikimarkup-based editing with WYSIWIG editing, simple database functionality (Think searchable used car listings, job listings, news releases, web-form submission handling, etc.), better modularity, and a unified code base for all of our customers.
The goal of this blog will be to talk about common sense ways to look at administering small deployments. It won’t necessarily be about the latest technologies, or the newest fads in technology development, just things that have worked for me to keep things running smoothly.