Category: Linux

  • Configure OVH Failover IP in Ubuntu 20.04/22.04

    To configure IP in Ubuntu Server 20.04 guest, create a file

    vi /etc/netplan/50-netwrk.yaml

    add the following content

    network:
        version: 2
        ethernets:
            eth0:
                addresses:
                    - YOUR_FO_IP_HERE/32
                nameservers:
                    addresses:
                        - 1.1.1.1
                    search: []
                optional: true
                routes:
                    - to: 0.0.0.0/0
                      via: YOUR_GW_IP_HERE
                      on-link: true

    example

    root@easyengine:~# cat /etc/netplan/50-cloud-init.yaml
    network:
        version: 2
        ethernets:
            eth0:
                addresses:
                    - 164.132.150.95/32
                nameservers:
                    addresses:
                        - 1.1.1.1
                    search: []
                optional: true
                routes:
                    - to: 0.0.0.0/0
                      via: 51.255.79.254
                      on-link: true
    root@easyengine:~# 

    “on-link: true” is what makes it work. The “on-link: true” option is used to specify that a specific route should be considered “on-link.” This means that the route is directly reachable on the local network segment, and packets destined for that route should be sent directly to the network interface associated with that network segment, rather than being routed through a gateway.

    Test network config using

    netplan try

    If everything works fine, you can apply the changes with

    netplan apply

    See OVH, netplan

  • Ubuntu Remap keys in the keyboard

    Left Shift key on my keyboard started acting up. It some times work, some times it won’t. I never use the caps lock key on my kayboard, this is just above the shift key. So i decided to use this key as left shift key.

    To re-assign key, you need to edit file /usr/share/X11/xkb/symbols/pc

    Lets take a copy of the file before we edit it

    cp /usr/share/X11/xkb/symbols/pc ~/pc-backup
    

    Edit

    sudo gedit /usr/share/X11/xkb/symbols/pc
    

    Find the line

         key  {	[ Caps_Lock		]	};
    

    This is on line 22

    Replace with

         key  {	[ Shift_L		]	};
    

    Now you need to restart X-Windows by pressing ALT+F2, then type r. You can also just reboot your computer for the new keymap to work. After restart, i can use Caps lock key as my Left Shift key.

    If you want to disable left shift key, you can comment the line

        key  {	[ Shift_L		]	};
    

    by adding // at beginning of the line.

    See Ubuntu

  • Red Hat Killing CentOS Linux, Fight for CentOS clone

    Red Hat Killing CentOS Linux, Fight for CentOS clone

    RedHat, parent company of CentOS Linux announce it will stop supporting CentOS 8, the latest version of CentOS. CentOS is build from the source code RHEL, making a free version of stable and well-tested enterprise ready RHEL Linux. CentOS 7 will keep getting security updates until it reaches End Of Life June 30th, 2024. For Red Hat, maintaining CentOS wont help with their business. Now they don’t need to maintain CentOS, this will force many users to pay for Red Hat Enterprise Linux (RHEL).

    RedHat Killing CentOS Linux

    The new version of CentOS known as CentOS Stream is a rolling release. It will be used as a staging version of RHEL. Red Hat expect CentOS Stream to be stable and allow community participation as users will be able to contribute to CentOS Steam. With CentOS, community contribution was limited because it was a copy of RHEL.

    CentOS is populary used in web hosting servers as cpanel only supposed RHEL based Linux. With death of CentOS 8, cpanel have announced they will accelerate investment in development efforts to support additional operating systems. cPanel will suport Ubuntu LTS and expect to deliver a production-ready version in late 2021. After Ubuntu LTS, they will look into supporting Debian. Ubuntu is very popular with Cloud Servers as it come with latest software compared to CentOS. With many developers already using Ubuntu on their Desktop, supporting Ubuntu is wise decision by cpanel.

    With CentOS 8 unexpected demise, many users will be looking for alternative OS. This opens up market for next CentOS clone.

    Rocky Linux

    CentOS co-founder, Gregory Kurtzer announced he will be releasing his own Red Hat Enterprise Linux (RHEL) replacement Rocky Linux. No ETA on release date yet.

    https://rockylinux.org

    You can join discussion on their reddit.com/r/RockyLinux/

    Project Lenix

    Igor Seletskiy, CloudLinux CEO and founder said they will make their own RHEL patch to patch compatible Open Source Linux – Project Lenix.

    CloudLinux is a CentOS based commerical Linux, that is popular amoung web hosting providers as it allow resource limit per user and user isolation with CageFS. They also have support for kernel update with out reboot.

    CloudLinux will be investing more than a million dollar into Project Lenix. CentOS 8 users will be able to convert into Project Lenix or CloudLinux easily with out reboot. In the announcement Igor Seletskiy said “Red Hat’s announcement has left users looking for an alternative with all that CentOS provides and without the disruption of having to move to alternative distributions. We promise to dedicate the resources required to Project Lenix that will ensure impartiality and a not-for-profit community initiative. CloudLinux already has the assets, infrastructure, and experience to carry out the mission, and we promise to be open about the process of developing Project Lenix”.

    See CentOS

  • Ubuntu Server 20.04 set static IP with netplan

    First check if you have file

    /etc/cloud/cloud.cfg.d/subiquity-disable-cloudinit-networking.cfg

    If the file exists, make sure, you have the following content in it.

    root@ubuntu:~# cat /etc/cloud/cloud.cfg.d/subiquity-disable-cloudinit-networking.cfg
    network: {config: disabled}
    root@ubuntu:~# 

    Edit

    vi /etc/netplan/00-installer-config.yaml

    Replace all content with

    network:
        version: 2
        ethernets:
            eth0:
                addresses: [192.168.1.100/24]
                routes:
                    - to: default
                      via: 192.168.1.1
                nameservers:
                    addresses: [1.1.1.1, 8.8.8.8]

    In the above cause 192.168.1.100 is your static IP address. 192.168.1.1 is the gateway. eth0 is the network interface name.

    Older versions of netpan used gateway4 instead of routes.

                gateway4: 192.168.1.1

    Now try the changes with

    netplan try

    If all is good, you can make changes permanent with

    netplan apply

    See IP

  • imunify360 find license details

    To check if your imunify360 license is valid, run

    imunify360-agent rstatus
    

    Example

    [root@ldb002 ~]# imunify360-agent rstatus
    OK
    [root@ldb002 ~]# 
    

    To get more details of imunify360 license installed on the server

    imunify360-agent rstatus --json --verbose
    

    Example

    [root@ldb002 ~]# imunify360-agent rstatus --json --verbose
    {
      "expiration": null,
      "id": "Imunify360-xxxxxxxx",
      "license": {
        "expiration": null,
        "id": "Imunify360-xxxxxxxx",
        "license_type": "imunify360",
        "message": "",
        "redirect_url": "",
        "status": true,
        "user_count": 5,
        "user_limit": 2147483647
      },
      "license_type": "imunify360",
      "message": "",
      "redirect_url": "",
      "status": true,
      "strategy": "CSF_COOP",
      "user_count": 5,
      "user_limit": 2147483647,
      "version": "5.3.3-1"
    }
    [root@ldb002 ~]#
    
  • supervisorctl

    supervisorctl is used to control supervisord.

    To reload all monitored processes, run

    supervisorctl reload
    

    To restart a monitored process, run

    supervisorctl restart PROCESS_NAME_HERE
    

    See supervisord

  • pvdisplay

    pvdisplay is used to display all physical volumes on a LVM.

    root@server12:~# pvdisplay
      --- Physical volume ---
      PV Name               /dev/sda3
      VG Name               vg
      PV Size               <9.51 GiB / not usable 0   
      Allocatable           yes (but full)
      PE Size               4.00 MiB
      Total PE              2434
      Free PE               0
      Allocated PE          2434
      PV UUID               VA8sp6-2zKJ-GGtJ-aWe5-cPlm-uTHu-oKpiua
       
      --- Physical volume ---
      PV Name               /dev/sda4
      VG Name               vg
      PV Size               30.00 GiB / not usable 4.98 MiB
      Allocatable           yes (but full)
      PE Size               4.00 MiB
      Total PE              7679
      Free PE               0
      Allocated PE          7679
      PV UUID               LjsCxR-J0lC-5z2P-Fqew-MXoG-59X3-B7dmDP
       
      --- Physical volume ---
      PV Name               /dev/sda5
      VG Name               vg
      PV Size               <40.00 GiB / not usable 3.98 MiB
      Allocatable           yes (but full)
      PE Size               4.00 MiB
      Total PE              10239
      Free PE               0
      Allocated PE          10239
      PV UUID               km0iBF-XakC-s9GF-hFnf-K1b0-4Hec-FAEcwp
       
    root@server12:~# 
    

    See LVM

  • lvdisplay

    lvdisplay is used to display logical volumes. You can also use lvs command.

    root@server12:~# lvdisplay
      --- Logical volume ---
      LV Path                /dev/vg/lv_root
      LV Name                lv_root
      VG Name                vg
      LV UUID                aLjP9v-Cc6s-mxS6-kcKz-Fs4e-kW5c-Wuq009
      LV Write Access        read/write
      LV Creation host, time ubuntu-server, 2020-05-19 13:02:06 +0000
      LV Status              available
      # open                 1
      LV Size                78.99 GiB
      Current LE             20222
      Segments               3
      Allocation             inherit
      Read ahead sectors     auto
      - currently set to     256
      Block device           253:0
       
      --- Logical volume ---
      LV Path                /dev/vg/lv_swap
      LV Name                lv_swap
      VG Name                vg
      LV UUID                es9Yvn-Tfh1-KO6L-7cAw-N1jg-9NAL-9hd3To
      LV Write Access        read/write
      LV Creation host, time ubuntu-server, 2020-05-19 13:02:07 +0000
      LV Status              available
      # open                 2
      LV Size                520.00 MiB
      Current LE             130
      Segments               1
      Allocation             inherit
      Read ahead sectors     auto
      - currently set to     256
      Block device           253:1
       
    root@server12:~#
    

    See LVM

  • CentOS 6 Invalid release/repo/arch combination

    CentOS 6 Invalid release/repo/arch combination

    When i run yum update on a CentOS 6 server, i get error “Invalid release/repo/arch combination/”.

    CentOS 6 invalid release

    This error is due to CentOS reaching its End Of Life and no longer supported.

    What you need to do is upgrade your server to the latest supported CentOS versions like CentOS 7 or CentOS 8. Converting to Oracle Linux 6 is another option, it is binary compatible with CentOS/RHEL 6, offers extended support until Jun 2024 and Indefinite Sustaining Support. If you want to convert CentOS 6 to Oracle Linux, see How to Migrate CentOS to Oracle Linux.

    If you just need to fix the error, you need to go through each .repo file in the folder

    /etc/yum.repos.d/
    

    Comment out lines like

    mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra
    

    Replace it with centos 6 vault repo URL

    baseurl=https://vault.centos.org/centos/$releasever/os/$basearch/
    

    You can find modified yum repository files at

    https://github.com/serverok/centos6-repo

    You can replace your existing repository files inside /etc/yum.repos.d folder with files in the above git repository with following commands.

    cd /etc
    mv yum.repos.d yum.repos.d-old
    git clone https://github.com/serverok/centos6-repo.git yum.repos.d
    

    If you get git not found error, you may need to manually download files from the repo and place in the directory /etc/yum.repos.d/.

    After this, you will be able to update your system. If you have any other repo installed, you can copy it from yum.repos.d-old folder to make it active again.

    Here is the updated CentOS-Base.repo file

    https://raw.githubusercontent.com/serverok/centos6-repo/main/CentOS-Base.repo

    # CentOS-Base.repo
    #
    # The mirror system uses the connecting IP address of the client and the
    # update status of each mirror to pick mirrors that are updated to and
    # geographically close to the client.  You should use this for CentOS updates
    # unless you are manually picking other mirrors.
    #
    # If the mirrorlist= does not work for you, as a fall back you can try the 
    # remarked out baseurl= line instead.
    #
    #
    
    [base]
    name=CentOS-$releasever - Base
    baseurl=https://vault.centos.org/centos/$releasever/os/$basearch/
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
    
    #released updates 
    [updates]
    name=CentOS-$releasever - Updates
    baseurl=https://vault.centos.org/centos/$releasever/updates/$basearch/
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
    
    #additional packages that may be useful
    [extras]
    name=CentOS-$releasever - Extras
    baseurl=https://vault.centos.org/centos/$releasever/extras/$basearch/
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
    
    #additional packages that extend functionality of existing packages
    [centosplus]
    name=CentOS-$releasever - Plus
    baseurl=https://vault.centos.org/centos/$releasever/centosplus/$basearch/
    gpgcheck=1
    enabled=0
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
    
    #contrib - packages by Centos Users
    [contrib]
    name=CentOS-$releasever - Contrib
    baseurl=https://vault.centos.org/centos/$releasever/contrib/$basearch/
    gpgcheck=1
    enabled=0
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
    

    After updating yum repo, run

    yum clean all
    yum makecache
    
  • Firewalld

    firewall-cmd is used to manage firewall (iptables). It is used by default on latest version of CentOS, RHEL.

      Check firewall status

      To see if firewall is running of not use

      firewall-cmd --state

      or

      systemctl status firewalld

      To disable firewalls

      systemctl stop firewalld
      systemctl disable firewalld

      Open a port in firewall

      To allow HTTP and HTTPS traffic, run

      firewall-cmd --permanent --zone=public --add-service=http
      firewall-cmd --permanent --zone=public --add-service=https
      firewall-cmd --permanent --zone=public --add-service=ssh
      firewall-cmd --permanent --zone=public --add-port=25/tcp
      firewall-cmd --reload

      Permanent option make the changes permanant. You need to reload firewall after using –permanent. If you want to open a port in current session and make it permanant, run the command with and with out –permanent.

      Open a port range in firewall

      firewall-cmd --zone=public --add-port=22-65535/tcp
      

      Close a port in firewall

      To close a port, you can use command same as you open with –add replaced with –remove.

      firewall-cmd --permanent --zone=public --remove-service http
      firewall-cmd --permanent --zone=public --remove-port 25/tcp
      

      Whitelist an IP address

      firewall-cmd --zone=trusted --add-source=IP_ADDR_HERE
      

      To remove an IP, use

      firewall-cmd --zone=trusted --remove-source=IP_ADDR_HERE
      

      Firewalld Zones

      Zone is a collection of rules that can be applied to a specific interface. Some useful commands are

      firewall-cmd --get-active-zones
      firewall-cmd --get-default-zone
      firewall-cmd --list-all-zones
      firewall-cmd --info-zone=public
      

      Zones are stored in /usr/lib/firewalld/zones

      Services

      Services are pre-made rules for a specific application. Some useful commands are

      firewall-cmd --get-services
      firewall-cmd --info-service SERVICE_NAME_HERE
      

      Services are stoed in /usr/lib/firewalld/services/ or /etc/firewalld/services/.

      Save run time configuration into permanant

      firewall-cmd --runtime-to-permanent
      

      iptables

      See firewall

    • Firewalld list all open ports

      Firewalld list all open ports

      To list all open ports in firealld, run

      firewall-cmd --list-ports
      

      You may need to also use

      [root@oc1 ~]# firewall-cmd --list-services
      http https ssh
      [root@oc1 ~]# 
      

      Example

      firewalld list ports

      See firewalld