Install and setup CentOS7

After making a CentOS 7 minimal install and boot up for the first time. Here are, in my view, the tools and “must do” things that you will meed for day to day work.

Remove Intel Wifi devices firmware (do this only if you don’t use it):

yum remove iwl*

Update CentOS to the latest packages:

yum -y update

Install the tools:

yum install net-tools bind-utils wget vim

If you are in a vmware virtual machine install the virtualization tools:

yum install open-vm-tools

If you need, setup network

nmtui
systemctl restart network.service

Setup aliases, so that messages from services can be sent to the correct email account:

vim /etc/aliases

Change the root: to the correct email account

# Person who should get root's mail
root: your@email

Then issue the fallowing command so that linux uses the new email account:

newaliases

Next setup postfix to send email thru a valid mail server

vim /etc/postfix/main.cf

Using TLS

relayhost = your.mail.server:587
smtp_use_tls=yes

Without TLS

relayhost = your.mail.server

Finaly restart postfix

systemctl restart postfix.service

If you want you can install logwatch

yum install logwatch

The configure it to send you system logs emails

echo "MailTo = [email protected]" >> /etc/logwatch/conf/logwatch.conf

Disable ipv6 privacy addresses in windows 10

Sometimes, mainly in servers, is better to disable ipv6 privacy extensions so that the configured ipv6 address is the only one configured on the firewall rules or the only one that shows up in the logs.

netsh int ipv6 set int Ethernet0 managedaddress=disable
netsh int ipv6 set int Ethernet0 routerdiscovery=disable

After this configuration you will need to configure the ipv6 address and default gateway settings, because the OS will loose them.

To show the newly configured interface issue the fallowing command:

netsh interface ipv6 show int Ethernet0

You will see the following interface parameters disabled:

...
Router Discovery                   : disabled
Managed Address Configuration      : disabled
...

To show global parameters use:

netsh interface ipv6 show global

Global Parameters example:

General Global Parameters
---------------------------------------------
Default Hop Limit                   : 128 hops
Neighbor Cache Limit                : 256 entries per interface
Route Cache Limit                   : 4096 entries per compartment
Reassembly Limit                    : 100643488 bytes
ICMP Redirects                      : enabled
Source Routing Behavior             : dontforward
Task Offload                        : enabled
Dhcp Media Sense                    : enabled
Media Sense Logging                 : disabled
MLD Level                           : all
MLD Version                         : version3
Multicast Forwarding                : disabled
Group Forwarded Fragments           : disabled
Randomize Identifiers               : enabled
Address Mask Reply                  : disabled
Minimum Mtu                         : 1280
Flow Label                          : enabled

Current Global Statistics
---------------------------------------------
Number of Compartments              : 1
Number of NL clients                : 5
Number of FL providers              : 5

For more information:

Desativar/ativar túneis Teredo, 6to4 e ISATAP no windows 10

Para desativar os túneis Teredo, 6to4 e ISATAP em Windows 10 deve abrir uma linha de comando com permissões de admin e executar o comando:

netsh int teredo set state disabled
netsh int 6to4 set state disabled
netsh int isatap set state disabled

Para os ativar novamente deve abrir uma linha de comando com permissões de admin e executar o comando:

netsh int teredo set state default
netsh int 6to4 set state default
netsh int isatap set state default

Fontes:

  • https://lonesysadmin.net/2011/04/25/how-to-disable-teredo-ipv6-tunneling-in-microsoft-windows/
  • http://www.blackmanticore.com/da025459d052b5d9a2b37f91067db8b3
  • http://winteladmin.com/disable-tunnelisatap-adapter/

Instalar as vmware tools via rpm

O vmware é um dos sistemas de virtualização mais utilizados a nível profissional.

Ao instalar um vm CentOS 6.x no vmware é necessário instalar um conjunto de drivers para que o SO funcione de forma integrada com o hipervisor. Essas ferramentas chamam-se vmware-tools.
Para instalar as vmware-tools via rpm é necessário realizar os seguintes passos:

Instalar/criar o repositório da vmware:

echo '[vmware-tools]' > /etc/yum.repos.d/vmware.repo
echo 'name=VMware Tools' >> /etc/yum.repos.d/vmware.repo
echo 'baseurl=http://packages.vmware.com/tools/esx/5.5latest/rhel6/$basearch' >> /etc/yum.repos.d/vmware.repo
echo 'enabled=1' >> /etc/yum.repos.d/vmware.repo
echo 'gpgcheck=1' >> /etc/yum.repos.d/vmware.repo

Instalar a chave da vmware:

rpm --import 'http://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub'

Executar o comando para instalar as vmware-tools:

yum -y install vmware-tools-esx-nox

ou, caso tenha o modo gráfico instalado:

yum -y install vmware-tools-esx

Send email from Linux command line

Every once a while you need to send email from a Linux command line and there you go to google try to find it…

With attachment:

echo "message" | mailx -s "subject" -a attachment email@dress
echo "message" | mutt -s "subject" -a attachment -- email@dress

Without attachment:

echo "message" | mail -s "subject" email@ddress

Important:
Postfix by default restrict attachment size to approx 10MB i.e. 10240000 bytes.

You can check it using following command:

postconf | grep message_size_limit

To change attachment-size to say 50 MB, run a command like:

postconf -e message_size_limit=52428800

Dell PowerEdge 1750 kernel panic on CentOS 6.x workaround

If you have an old Dell PowerEdge 1750 and want to install CentOS 6.x on it so that you can do something useful with it you will bump into kernel panic once you install it. So after some googling I’ve found this workaround to solve the kernel panic problem.

dmesg

If somewhere on that list of line you find the folowing:

scb2_flash: warning - can't reserve rom window, continuing
resource map sanity check conflict: 0xfff00000 0xffffffff 0xfff80000 0xffffffff reserved
------------[ cut here ]------------
WARNING: at arch/x86/mm/ioremap.c:98 __ioremap_caller+0x435/0x450() (Not tainted)
Hardware name: PowerEdge 1750
Info: mapping multiple BARs. Your kernel is fine.
Modules linked in: scb2_flash(+) ext4 jbd2 mbcache sd_mod crc_t10dif sr_mod cdrom megaraid_mbox megaraid_mm ata_generic pata_acpi pata_serverworks dm_mirror dm_region_hash dm_log dm_mod [last unloaded: scsi_wait_scan]
Pid: 452, comm: modprobe Not tainted 2.6.32-431.5.1.el6.i686 #1
Call Trace:
 [] ? warn_slowpath_common+0x81/0xc0
 [] ? __ioremap_caller+0x435/0x450
 [] ? __ioremap_caller+0x435/0x450
 [] ? warn_slowpath_fmt+0x33/0x40
 [] ? __ioremap_caller+0x435/0x450
 [] ? scb2_flash_probe+0x99/0x2a0 [scb2_flash]
 [] ? ioremap_nocache+0x18/0x20
 [] ? scb2_flash_probe+0x99/0x2a0 [scb2_flash]
 [] ? scb2_flash_probe+0x99/0x2a0 [scb2_flash]
 [] ? local_pci_probe+0xb/0x10
 [] ? pci_device_probe+0x61/0x80
 [] ? driver_probe_device+0x87/0x290
 [] ? pci_match_device+0x12/0xa0
 [] ? __driver_attach+0x79/0x80
 [] ? __driver_attach+0x0/0x80
 [] ? bus_for_each_dev+0x52/0x80
 [] ? driver_attach+0x16/0x20
 [] ? __driver_attach+0x0/0x80
 [] ? bus_add_driver+0x1b7/0x2b0
 [] ? pci_device_remove+0x0/0x40
 [] ? driver_register+0x5f/0x110
 [] ? tracepoint_module_notify+0x1f/0x30
 [] ? scb2_flash_init+0x0/0x14 [scb2_flash]
 [] ? __pci_register_driver+0x3d/0xb0
 [] ? do_one_initcall+0x2f/0x1c0
 [] ? sys_init_module+0xb4/0x220
 [] ? do_page_fault+0x2a/0x90
 [] ? syscall_call+0x7/0xb
---[ end trace 9fd84e2ca1f666fb ]---

Edit /etc/modprobe.d/blacklist.conf file

vim /etc/modprobe.d/blacklist.conf

and add:

#  Cheesy workaround to clean up Dell PowerEdge 1750 boot
#  scb2_flash is not happy and causes a kernel oops and traceback
#  Not sure of the consequences of not having this and its associated modules loaded, but the machine boots cleanly
#  http://www.mailrepository.com/ubuntu-bugs.lists.ubuntu.com/msg/3409389/
blacklist scb2_flash

Install Java SE Development Kit 7u40 on CentOS 6.4

Installing JDK on CentOS can be hard, so to help you I’ve made this simple tutorial. Hope it helps…

Download and install:

Go to http://www.oracle.com/technetwork/java/javase/downloads/index.html an select JDK Download.

Install JDK:

rpm -ivh /path-to-file/jdk-7u40-linux-i586.rpm

And set it up:

alternatives --install /usr/bin/java java /usr/java/latest/jre/bin/java 20000
alternatives --install /usr/bin/javaws javaws /usr/java/latest/jre/bin/javaws 20000

Check if it is installed correctly:

java -version

Should return something like:

java version "1.7.0_40"
Java(TM) SE Runtime Environment (build 1.7.0_40-b43)
Java HotSpot(TM) Server VM (build 24.0-b56, mixed mode)

And

javac -version

Should return something like:

javac 1.7.0_40

OPTIONAL

Set JAVA_HOME variable:

echo "export JAVA_HOME="/usr/java/latest"" > /etc/profile.d/java.sh

Install Firefox browser support:

32-bit plugin:

alternatives --install /usr/lib/mozilla/plugins/libjavaplugin.so libjavaplugin.so /usr/java/latest/jre/lib/i386/libnpjp2.so 20000

64-bit plugin:

alternatives --install /usr/lib64/mozilla/plugins/libjavaplugin.so libjavaplugin.so.x86_64 /usr/java/latest/jre/lib/amd64/libnpjp2.so 20000

References:

  1. Install Oracle Java JDK/JRE 7u25 on Fedora 19/18, CentOS/RHEL 6.4/5.9

Nokia E55 MEO VoIP

Abaixo seguem as configurações do cliente Voice over IP testadas num telefone Nokia E55 com serviço VoIP do SAPO/MEO:

Especificações do equipamento:
Equipamento: Nokia E55
Versão de software: 034.001
Data da versão de software: 02 de Abril de 2010
Versão customizada: 034.001.000.01
Data da versão customizada: 02 de Abril de 2010
Language set: 25.01
Modelo: E55-1
Tipo: RM-482

Antes de efectuar qualquer configuração deve instalar a aplicação de configuração VoIP da Nokia disponivel em aqui (SIP_VoIP_3_x_Settings_v2_0_en.sis). Atenção que será necessário fazer registo no site.

Em Menu->Control Panel->Net Settings->Advanced VoIP settings
Seleccionar SIP settings->New SIP profile

Nome do perfil: qualquer coisa por ex: Meo
Perfil do serviço: IETF
Pt.de acesso predef: Internet ou outro como por ex: Intranet
Nome utilizador público: [email protected] (número criado na área de clientes sapo)
Utilizar compressão: Não
Registo: Quando necessário
Utilizar segurança: Não

Endereço servidor proxy: proxy.voip.sapo.pt
Domínio Realm: proxy.voip.sapo.pt
Nome de utilizador: +35130xxxxxxxx (número criado na área de clientes sapo)
Senha: password definida na área clientes sapo
Permitir encam. livre: Sim
Tipo de transporte: UDP
Porta: 5070

Ender. servidor registar: voip.sapo.pt
Domínio realm: voip.sapo.pt
Nome do utilizador: +35130xxxxxxxx (número criado na área de clientes sapo)
Senha: (password definida na área de clientes sapo)
Tipo de transporte: UDP
Porta: 5060