Configurations (Linux) | Bots!

Reset CentOS Root Lost or Forgotten Password

September 21, 2018 by Rumi

In the event your Linux box experiences disk or file system issues you may receive a “Give root password for maintenance” prompt upon reboot. If you have your root password you can login but in the event your using ‘slide’ or ‘sudo’ for wheel access or you’ve just mis-placed your root password – you’ll need to reset it.

To reset your root password:

When the GRUB loader shows during boot press the spare bar to pause boot.
Select your boot kernel.
Type ‘e’ to edit the default kernel line.
Type ‘e’ again on the line that starts with ‘kernel’.
Add ‘init=/bin/bash’ to the end of the ‘kernel’ line then press enter.
Type ‘b’ to boot the modified kernel parameters.
Once you’re at the /bin/bash prompt you will need to remount the root file system as read/write in order to edit the passwd file:
# mount -o remount,rw /
Change your root password:
# passwd root
Remount the filesystem back to read only:
# mount -o remount,ro /
Reboot your server using CTR-ALT-DELETE.
You will now be able to login with your new root password and carry out the maintenance.

Install Cacti 1.1 on CentOS 7

September 2, 2018 by Rumi

Cacti is a free and open source network monitoring and graphing tool written in PHP. With the help of RRDtool (Round-Robin database tool), Cacti can be used to provide various useful features, including remote and local data collectors, graph templating, network discovery, device management automation, etc.

Prerequisites
A fresh CentOS 7 x64 server instance. Say its IP address is 1.2.3.4.
A sudo user.
The server instance has been updated to the latest stable status using the EPEL YUM repo.

Step 1: Setup an up to date LAMP stack
Before you can properly install and run Cacti, you need to setup a LAMP stack or an equivalent web operating environment.

The following will set up an up to date LAMP stack for Cacti, which consists of CentOS 7, Apache 2.4, MariaDB 10.2, and PHP 7.1

# Install Apache 2.4
sudo yum install httpd -y
sudo sed -i 's/^/#&/g' /etc/httpd/conf.d/welcome.conf
sudo sed -i "s/Options Indexes FollowSymLinks/Options FollowSymLinks/" /etc/httpd/conf/httpd.conf
sudo systemctl start httpd.service
sudo systemctl enable httpd.service

Fix: Unable to start TLS: SSL connect attempt failed error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed when connecting to ldap master.Cannot determine services – exiting

September 1, 2018 by Rumi

My ZImbra 8.6 was throwing the following error once after my letsencrypt SSL got expired:

Unable to start TLS: SSL connect attempt failed error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed when connecting to ldap master.Cannot determine services - exiting

The Fix:

In order to fix the problem you need to modify the following parameters as Zimbra user:

zmlocalconfig -e ldap_starttls_required=false
zmlocalconfig -e ldap_starttls_supported=0

Then restart zimbra by using

zmcontrol restart

Hope it’ll restarted

Zimbra Letsencrypt SSL Renew – Zimbra 8.6

September 1, 2018 by Rumi

Let’s Begin:
This works if you already have an expired letsencrypt ssl certificate and assuming you have already deployed SSL in you zimbra system. However, if you come up here already, and would like to know how to setup letsencrypt on your system you may read my other article here:

https://tweenpath.net/installing-encrypt-zimbra-server/

Log on Zimbra user then stop proxy and mail box service for renew proccess.

su zimbra
zmproxyctl stop
zmmailboxdctl stop

Then return root user and renew Letsencrypt certificate

exit

letsencrypt renew: Change directory to Zimbra Letsecnrpyt SSL folder

Zimbra – deleting all email in queue by sender

January 15, 2022August 17, 2018 by Rumi

As root user execute:

/opt/zimbra/postfix/sbin/postqueue -p | tail -n +2 | awk 'BEGIN { RS = "" } / sender@mail\.com/ { print $1 }' | tr -d '*' | /opt/zimbra/postfix/sbin/postsuper -d -

To Delete ALL Messages From Queue

/opt/zimbra/postfix/sbin/postsuper -d ALL

/opt/zimbra/common/sbin/postsupe -d ALL

Another way to do this:

mailq | awk '{print $1}' | postsuper -d -

To Delete ALL Messages From The Deferred Queue

/opt/zimbra/postfix/sbin/postsuper -d ALL deferred

To Delete ALL Messages From The Hold Queue

/opt/zimbra/postfix/sbin/postsuper -d ALL hold

There’s a nice Zimbra wiki page with detailed on cleaning up mail queues.

https://wiki.zimbra.com/wiki/Managing-The-Postfix-Queues

Syslog server with Rsyslog and LogAnalyzer in Ubuntu 12

August 17, 2018 by Rumi

Installing Rsyslog from repository

First make sure you have the latest update of Ubuntu 12.04 LTS

sudo apt-get update && sudo apt-get upgrade

Adding PPA repository

sudo add-apt-repository ppa:adiscon/v8-devel

If you get this error: “add-apt-repository: command not found”

Try installing this python-software-properties package

apt-get install python-software-properties

Update your apt cache and install rsyslog

sudo apt-get update && sudo apt-get upgrade
sudo apt-get install rsyslog

Varnish daemon not listening on configured port – Hack for Debian or Ubuntu

August 9, 2018 by Rumi

If you’re already troubled with varnish on changing listening ports from default. Here’s a little hack that worked on my Debian and Ubuntu distribution.

sudo apt remove varnish

sudo apt-get purge varnish

# I manually remove the 3 files in created in /etc/systemd/system/*

sudo apt install varnish
sudo nano /lib/systemd/system/varnish.service # put the rigth conf
sudo nano /etc/varnish/default.vcl #put the rigth conf
sudo systemctl daemon-reload
sudo service varnish restart

Install XRDP in Debian 9

August 8, 2018 by Rumi

Install XRDP and TigerVNC server

$ sudo apt install -y xrdp tigervnc-standalone-server

Connect XRDP from Windows 10

Windows start button -> Windows Accesssories -> Remote Desktop Connection

Input FQDN or IP address of XRDP server and connect to XRDP.

XRDP RDP terminal will appear. Select “XVNC” Session and connect.

Create a Linux Router with DHCP services

August 5, 2018 by Rumi

It’s pretty easy to build a Linux router even on a virutal machine. I’ve used virtualbox to create a LAN NAT router with DHCP services using webmin. However, I’m not going to cover on how to use a virtualbox VM 🙂

Let’s create the NAT Router first.

On Webmin go to Networking > Network Configuration > Routing and Gateways

Fig-1

Select right ethernet interface on Default Route
Fillup the correct gateway
Enable “Act as a Router”

On Networking > Linux Firewall > Select “Reset Firewall”

Install wkhtmltopdf on Debian 8, 9

January 18, 2019August 3, 2018 by Rumi

Installation on Debian 8

apt-get update
aptitude install xfonts-base xfonts-75dpi fontconfig xvfb
mkdir ~/src/wkhtmltopdf -p
cd ~/src/wkhtmltopdf
wget https://bitbucket.org/wkhtmltopdf/wkhtmltopdf/downloads/wkhtmltox-0.13.0-alpha-7b36694_linux-jessie-amd64.deb
dpkg -i wkhtmltox-0.13.0-alpha-7b36694_linux-jessie-amd64.deb
echo 'xvfb-run --server-args="-screen 0, 1024x768x24" /usr/local/bin/wkhtmltopdf $*' > /usr/bin/wkhtmltopdf.sh
chmod a+rx /usr/bin/wkhtmltopdf.sh
ln -s /usr/bin/wkhtmltopdf.sh /usr/local/sbin/wkhtmltopdf
/usr/local/sbin/wkhtmltopdf https://www.google.fr output.pdf

Installation on Debian 9