Author: The Geek Decoder

Reset CentOS Root Password

December 31, 2015 The Geek Decoder No Comments Administration, CentOS 6, CentOS 7

To reset the root password for CentOS 6:

Boot Computer and Interrupt while booting at GRUB stage hitting ‘arrow‘ keys or “space bar“.
Type ‘a‘ to modify kernel argument. Anytime you can cancel typing ‘ESC‘ key.
Append 1 at the end of “rhgb quiet” and press “Enter” key to boot into single user mode.
Type command “runlevel” to know the the runlevel where you are standing. Here “1 S” state that your are in a single user mode.
Type ‘passwd‘ command without username and press ‘Enter‘ key in command prompt. It’ll ask to supply new root password and re-type the same password for confirmation.

Reboot

# shutdown -r now

CentOS 7

At the boot menu, press e to edit the existing kernel (Core)

Next, scroll down to the list until you see the line underlined below ( ro ) . What we need to do is change that ro to rw and start into a bash shell. It should look like this rw init=/sysroot/bin/sh.

Change the ro line to rw and add init=/sysroot/bin/sh

After changing that, press Control + X or Ctrl + X on your keyboard to start into single user mode using the bash shell specified above. In this mode, we’re going to change the root password.

In the single user mode, run the command as shown below


# chroot /sysroot

Finally, run the commands below to change the root password.


# passwd root

You’ll be prompted to create and confirm a new password. After creating the password, run the commands below to update SELinux parameters

touch /.autorelabel

Reboot

Rsync to another server without password

December 30, 2015 The Geek Decoder No Comments Rsync

Run on the local server (192.168.1.101) – THE SERVER YOU ARE RSYNCING FROM.

# ssh-keygen
Enter passphrase (empty for no passphrase):
Enter same passphrase again:

Use ssh-copy-id, to copy the public key to the remote host.

# ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.1.102

Now, ssh to the remote server you want to remote to.

# ssh 192.168.1.101

If you have a key already, here are the steps:

Make a file for the key and copy your key in it. If the key is the putty private key, open and load with puttygen. At the top you can copy the key for the file. Make sure your key is on the remote server in the know_hosts file.

# nano deployment_key.txt

Copy a file from a remote server.

# rsync -Pav -e "ssh -i deployment_key.txt" root@94.xxx.xxx.xxx:/var/lib/vz/images/100/vm-100-disk-0.raw /tmp

How to redirect local root mail to an email address with Postfix

December 17, 2015 The Geek Decoder No Comments Postfix

After you install postfix, then you may wnat to have root’s email sent to a real email address. This will help to send cron jobs to you.

Edit the /etc/aliases file and add your username and external email address.


# root: youremailaddress@domain.com

Now run this command:-


# newaliases

Now restart Postfix:-


# service postfix restart

and to test, run the following command:-


# echo test | mail -s "test message" root

Install ClamAV on CentOS 7

December 16, 2015 The Geek Decoder No Comments Administration, CentOS 7, ClamAV

Install ClamAV and set up scheduled scans.

Install Epel:

# yum install epel-release

Install ClmAV

# yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.lax.hugeserver.com
 * epel: dl.fedoraproject.org
 * extras: dallas.tx.mirror.xygenhosting.com
 * updates: linux.mirrors.es.net
Package clamav-data-0.98.7-1.el7.noarch already installed and latest version
Package clamav-filesystem-0.98.7-1.el7.noarch already installed and latest version
Package clamav-lib-0.98.7-1.el7.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package clamav.x86_64 0:0.98.7-1.el7 will be installed
---> Package clamav-devel.x86_64 0:0.98.7-1.el7 will be installed
---> Package clamav-scanner-systemd.noarch 0:0.98.7-1.el7 will be installed
--> Processing Dependency: clamav-scanner = 0.98.7-1.el7 for package: clamav-scanner-systemd-0.98.7-1.el7.noarch
---> Package clamav-server.x86_64 0:0.98.7-1.el7 will be installed
--> Processing Dependency: nc for package: clamav-server-0.98.7-1.el7.x86_64
---> Package clamav-server-systemd.noarch 0:0.98.7-1.el7 will be installed
---> Package clamav-update.x86_64 0:0.98.7-1.el7 will be installed
--> Running transaction check
---> Package clamav-scanner.noarch 0:0.98.7-1.el7 will be installed
---> Package nmap-ncat.x86_64 2:6.40-7.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================================
 Package                                                   Arch                                      Version                                         Repository                               Size
===================================================================================================================================================================================================
Installing:
 clamav                                                    x86_64                                    0.98.7-1.el7                                    epel                                    806 k
 clamav-devel                                              x86_64                                    0.98.7-1.el7                                    epel                                     37 k
 clamav-scanner-systemd                                    noarch                                    0.98.7-1.el7                                    epel                                     19 k
 clamav-server                                             x86_64                                    0.98.7-1.el7                                    epel                                     93 k
 clamav-server-systemd                                     noarch                                    0.98.7-1.el7                                    epel                                     19 k
 clamav-update                                             x86_64                                    0.98.7-1.el7                                    epel                                     89 k
Installing for dependencies:
 clamav-scanner                                            noarch                                    0.98.7-1.el7                                    epel                                     26 k
 nmap-ncat                                                 x86_64                                    2:6.40-7.el7                                    base                                    201 k

Transaction Summary
===================================================================================================================================================================================================
Install  6 Packages (+2 Dependent packages)

Total download size: 1.3 M
Installed size: 3.0 M
Is this ok [y/d/N]: y
Downloading packages:
(1/8): clamav-0.98.7-1.el7.x86_64.rpm                                                                                                                                       | 806 kB  00:00:00
(2/8): clamav-devel-0.98.7-1.el7.x86_64.rpm                                                                                                                                 |  37 kB  00:00:00
(3/8): clamav-scanner-0.98.7-1.el7.noarch.rpm                                                                                                                               |  26 kB  00:00:00
(4/8): clamav-scanner-systemd-0.98.7-1.el7.noarch.rpm                                                                                                                       |  19 kB  00:00:00
(5/8): clamav-server-0.98.7-1.el7.x86_64.rpm                                                                                                                                |  93 kB  00:00:00
(6/8): clamav-server-systemd-0.98.7-1.el7.noarch.rpm                                                                                                                        |  19 kB  00:00:00
(7/8): clamav-update-0.98.7-1.el7.x86_64.rpm                                                                                                                                |  89 kB  00:00:00
(8/8): nmap-ncat-6.40-7.el7.x86_64.rpm                                                                                                                                      | 201 kB  00:00:00
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                              1.3 MB/s | 1.3 MB  00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : 2:nmap-ncat-6.40-7.el7.x86_64                                                                                                                                                   1/8
  Installing : clamav-server-0.98.7-1.el7.x86_64                                                                                                                                               2/8
  Installing : clamav-server-systemd-0.98.7-1.el7.noarch                                                                                                                                       3/8
  Installing : clamav-scanner-0.98.7-1.el7.noarch                                                                                                                                              4/8
  Installing : clamav-scanner-systemd-0.98.7-1.el7.noarch                                                                                                                                      5/8
  Installing : clamav-0.98.7-1.el7.x86_64                                                                                                                                                      6/8
  Installing : clamav-update-0.98.7-1.el7.x86_64                                                                                                                                               7/8
  Installing : clamav-devel-0.98.7-1.el7.x86_64                                                                                                                                                8/8
  Verifying  : clamav-scanner-systemd-0.98.7-1.el7.noarch                                                                                                                                      1/8
  Verifying  : clamav-server-0.98.7-1.el7.x86_64                                                                                                                                               2/8
  Verifying  : clamav-scanner-0.98.7-1.el7.noarch                                                                                                                                              3/8
  Verifying  : clamav-devel-0.98.7-1.el7.x86_64                                                                                                                                                4/8
  Verifying  : clamav-server-systemd-0.98.7-1.el7.noarch                                                                                                                                       5/8
  Verifying  : clamav-update-0.98.7-1.el7.x86_64                                                                                                                                               6/8
  Verifying  : 2:nmap-ncat-6.40-7.el7.x86_64                                                                                                                                                   7/8
  Verifying  : clamav-0.98.7-1.el7.x86_64                                                                                                                                                      8/8

Installed:
  clamav.x86_64 0:0.98.7-1.el7                        clamav-devel.x86_64 0:0.98.7-1.el7          clamav-scanner-systemd.noarch 0:0.98.7-1.el7         clamav-server.x86_64 0:0.98.7-1.el7
  clamav-server-systemd.noarch 0:0.98.7-1.el7         clamav-update.x86_64 0:0.98.7-1.el7

Dependency Installed:
  clamav-scanner.noarch 0:0.98.7-1.el7                                                                nmap-ncat.x86_64 2:6.40-7.el7

Complete!

Copy a the clamd.conf template, in case you don’t have a configuration file yet:

# cp /usr/share/clamav/template/clamd.conf /etc/clamd.d/clamd.conf

Change the file and Comment out “Example”

# nano /etc/clamd.d/clamd.conf

Change this…

# Comment or remove the line below.
Example

To this…

# Comment or remove the line below.
#Example

Configure SELinux for ClamAV.

Check if selinux in on:

# getenforce
Enforcing
[root@database ~]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

Write this command to get it working with SELinux if this is active:


# setsebool -P antivirus_can_scan_system 1

Enabling and Disabling SELinux


nano /etc/sysconfig/selinux

To enable…set this to enforcing


# SELINUX=enforcing

To disable, set to permissive

# SELINUX=permissive

Reboot after changes

Or, to make temp changes:

# setenforce permissive

Enable Freshclam

# cp /etc/freshclam.conf /etc/freshclam.conf.bak

Edit the config file to comment out example

# nano /etc/freshclam.conf

# Comment or remove the line below.
#Example

Creat a file

# nano /usr/lib/systemd/system/clam-freshclam.service

Add

# Run the freshclam as daemon
[Unit]
Description = freshclam scanner
After = network.target
 
[Service]
Type = forking
ExecStart = /usr/bin/freshclam -d -c 4
Restart = on-failure
PrivateTmp = true
 
[Install]
WantedBy=multi-user.target

Let’s enable and start the service

# systemctl enable clam-freshclam.service
# systemctl start clam-freshclam.service

rename the /usr/lib/systemd/system/clamd@.service file

# mv /usr/lib/systemd/system/clamd@.service /usr/lib/systemd/system/clamd.service

change the clamd@scan service as well. Change this line in /usr/lib/systemd/system/clamd@scan.service and remove the @ sign

# nano /usr/lib/systemd/system/clamd@scan.service

From…

# .include /lib/systemd/system/clamd@.service

to…

# .include /lib/systemd/system/clamd.service

change the clamd service file /usr/lib/systemd/system/clamd.service:

[Unit]
Description = clamd scanner daemon
After = syslog.target nss-lookup.target network.target
 
[Service]
Type = simple
ExecStart = /usr/sbin/clamd -c /etc/clamd.d/clamd.conf --nofork=yes
Restart = on-failure
PrivateTmp = true
 
[Install]
WantedBy=multi-user.target

Start all services

#cd /usr/lib/systemd/system

# systemctl enable clamd.service
# systemctl enable clamd@scan.service
# systemctl start clamd.service
# systemctl start clamd@scan.service.

Run a scan

# clamscan -i -r --log=/var/log/clamscan-date.txt /var/www/vhosts/*

----------- SCAN SUMMARY -----------
Known viruses: 4159219
Engine version: 0.98.7
Scanned directories: 3
Scanned files: 116
Infected files: 0
Data scanned: 13.64 MB
Data read: 39.54 MB (ratio 0.34:1)
Time: 10.738 sec (0 m 10 s)

Set up a cron to run a scan (example is for a plesk server for the virtual hosts

# nano /etc/cron.daily/clamscan

#!/bin/bash
# setup the scan location and scan log
CLAM_SCAN_DIR="/var/www/vhosts"
CLAM_LOG_FILE="/var/log/clamav/dailyscan.log"
# update the virus database
/usr/bin/freshclam
# run the scan
/usr/bin/clamscan -i -r $CLAM_SCAN_DIR >> $CLAM_LOG_FILE
MAILTO=user@domain.com

Set the cron file as an executible


# chmod 555 /etc/cron.daily/clamscan

Test your installation and cron job


# /etc/cron.daily/clamscan

Start, Stop and Check Status for MariaDB

December 13, 2015 The Geek Decoder No Comments MySQL

To stop/restart and disable mariadb service use the following commands:
Stop


# sudo systemctl stop mariadb.service

Restart


# sudo systemctl restart mariadb.service

Disable at boot time


# sudo systemctl disable mariadb.service

Check Status


# sudo systemctl is-active mariadb.service

Cisco IPSec VPN Client is not supported on Windows 8 or Windows 10 and Error 27850

November 12, 2015 The Geek Decoder No Comments Cisco, Windows Server

Cisco IPSec VPN Client is not supported on Windows 8 or Windows 10 unless you do a registry key edit.

Cisco VPN client (5.0.07.0440 for x64, 5.0.07.0410 for x86) is working for some people. But for that
you need to apply a small Registry workaround as below.

1. Open Registry editor regedit in Run prompt
2. Browse to the Registry Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CVirtA
3. Select the Display Name to modify, and remove the leading characters from the value data value as shown below,

For x86 machine,

"@oem8.inf,%CVirtA_Desc%;Cisco Systems VPN Adapter”

Change to to “Cisco Systems VPN Adapter”

For x64 machine,

"@oem8.inf,%CVirtA_Desc%;Cisco Systems VPN Adapter for 64-bit Windows”

Change to to “Cisco Systems VPN Adapter for 64-bit Windows”

Then try the connection. If you get the following error:

Error: Secure VPN connection terminated by Peer. Reason 433 (Reason not specified by peer)

Perform the following:

  1. Remove the Cisco VPN client and any other VPN clients
  2. Install SonicWall VPN found here.
  3. Install Cisco VPN 5.0.07.0440 found here. You will need to extract the .exe to a folder, then run the .MSI installer found inside the archive.
  4. Apply the above Windows registry fix if you receive the error for enabling the adapter.
  5. Re-import your .pcf

That’s it! The SonicWall VPN client installs the DNE LightWeight Filter required for the Cisco client to work on Windows 10. You should now be able to connect without any peer errors and return to your everyday scheduled programming.

 

More info…

 

So people are getting this error:

 

Capture

Go here:
http://www.citrix.com/go/lp/dne.html
to download these:
1. ftp://files.citrix.com/winfix.exe
2. ftp://files.citrix.com/dneupdate64.msi

Steps to Install:

  1. Reboot the Machine
  2. Run winfix
  3. Reboot Machine
  4. Run dneupdate64
  5. Reboot Machine
  6. Run your Cisco VPN 5.0.07.X Installer from the vpnclient_setup.msi (not the .exe)

 

Find php spam script for cpanel/exim server

November 4, 2015 The Geek Decoder No Comments Administration

Edit php.ini and search for “mail.log”, check whether this option is enabled or not, if not uncomment it and specify log file name.

# nano /usr/local/lib/php.ini
mail.log = /var/log/phpmail.log


# touch /var/log/phpmail.log

File must be writable or owned by apache user.


# chmod 666 /var/log/phpmail.log
# chown apache.apache /var/log/phpmail.log



# service httpd restart



# tail -f /var/log/phpmail.log