SELinux (Security Enhanced Linux) is an additional method of Linux system protection. It’s a group of security contexts that determine which process can access which files, directories, ports, etc…
SELinux has three modes:
Enforcing: SELinux protects files, directories, ports against unauthorized access and logs all SELinux events and attempts.
Permissive: SELinux allows all interactions and context violations and logs them. Permissive mode is often used for troubleshooting SELinux.
Disabled: SELinux is completely disabled.
SELinux in Enforcing mode may cause problems accessing files or ports in the system, that’s why it’s good to know how to change it’s mode or even disable it.
Continue reading “How to Disable or Enable SELinux on CentOS / Fedora / RHEL”
You can compare two text files in Linux using the following command-line tools:
– vim / vimdiff
These tools are already installed “out-of-the-box” in most Linux distributions.
Continue reading “How to compare two files in Linux command line”
Secure Shell (SSH), besides standard password authentication, gives us the possibility to authenticate using private – public key relation. This allows us access remote systems without typing the password each time we want to connect and the connection is still secure. This method is based on generation of two keys: private key (kept private on our local host), public key (given to any remote host we want to connect to passwordless).
Continue reading “How to Configure Passwordless SSH Login in Linux”
DHCP (Dynamic Host Configuration Protocol) is a network protocol used for dynamically assigning IP addresses for computers attached to the network. Standard port used for DHCP service: 67(UDP).
In this tutorial we will launch dhcp server on CentOS 7 / RHEL 7 and define example subnets.
Continue reading “Install and Configure DHCP Server on CentOS 7 / RHEL 7”
Cinder Volumes group is a block storage based on LVM (Logical Volume Manager) volume group, usually situated in Controller node in OpenStack cloud. It provides persistent block storage for runtime instances.
During typical packstack installation Cinder Volumes group size is determined in answer file (insert file) by following parameter:
If the Cinder Volumes group size we chose upon packstack installation turns out to be insufficient to create new volumes, we can attach additional physical volume on Controller node to the existing Cinder Volumes group and extend it with the new physical volume to gain more space.
Continue reading “How to Manually Extend Cinder Volumes Group in OpenStack”
RedHat 7 / CentOS 7 unlike previous version 6, doesn’t provide the ability to reset / recover root password in signle-user mode any more. This situation takes place, because RedHat 7 / CentOS 7 uses systemd manager instead of sysVinit / upstart and both systemd targets: rescue.target and emergency.target require root password. That’s why in RedHat 7 / CentOS 7 we need installation disk to boot from.
Continue reading “How To Reset Forgotten Root Password on RedHat 7 / CentOS 7”
RedHat 6 / CentOS 6 system gives us the opportunity to reset root password in case we forget it, on condition that we have a direct access to the machine on which we want to reset root password. Password can be reset after booting the system into single-user mode.
1. Reboot the system
2. At the screen: “Booting Red Hat Enterprise Linux…” or “Booting CentOS…” press any key to display GRUB menu.
Continue reading “How To Reset Forgotten Root Password on RedHat 6 / CentOS 6”
LDAP stands for Lightweight Directory Access Protocol. As the name suggests, it is a lightweight protocol for accessing directory services, specifically X.500-based directory services. OpenLDAP is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. It is released under its own BSD-style license called the OpenLDAP Public License.
In this tutorial we will show you, how to install OpenLDAP server on CentOS 7 / RHEL 7 and create basic configuration in a few simple steps:
Continue reading “LDAP Installation on CentOS 7 / RHEL 7”
Cinder Volume is a block storage based on Linux LVM, which can be attached to instance and mounted as a regular file system.
In this tutorial we will show you how to create Cinder Volume in OpenStack and attach it to existing instance as additional partition.
Note: you need to have working OpenStack installation with existing project tenant and running instance in order to proceed with Cinder Volume creation.
Find out how to: Create project tenant in OpenStack and launch instances
Continue reading “How to Create and Attach Cinder Volume to Instance in OpenStack”
In this tutorial we will show you, how to create project tenant in OpenStack Juno and launch instances accessible from external public network.
Note: this tutorial is a continuation of OpenStack Installation on CentOS7 / RHEL7 and we assume that you already have working installation of OpenStack.
cloud version: OpenStack Juno on CentOS7 (2 nodes: controller, compute)
public network (Floating IP network): 192.168.2.0/24
private network (inside Project Tenant): 192.168.20.0/24
public controller IP: 192.168.2.4 (eth0)
public compute IP: 192.168.2.5 (eth0)
Continue reading “Create tenant in OpenStack and launch instances”