The bash history is a log file that contains all commands that the user executed on the Linux shell. When you use the "arrow up" key on our keyboard, then Bash will lookup the previous command from that file and display it on the screen, ready to be executed again.
OpenVZ is a Linux based Kernel virtualisation technology developed by SWSoft for its commercial product virtuozzo. The modified Linux Kernel and the system utilities are released under a OpenSource license. Vzdump is a shell based backup program for OpenVZ virtual machines. It is made for containers that use the traditional "simfs" filesystem, it can not be used for containers with "ploop" filesystem.
Centos 7 replaced the traditional IPTables Linux Kernel Firewall with the Firewalld service. There are still a lot of scripts available that require the use of IPTables. A common example is the software Fail2ban.
In this guide I will explain the installation of IPTables on Centos 7.x
The first step is to stop and mask the firewalld service:
systemctl stop firewalld systemctl mask firewalld
Then install the "iptables-services" package with the yum package installer:
yum install iptables-services
And enable the new service:
systemctl enable iptables
IPTables is now ready to be used on your server. For example you can block an external IP address now with the iptables command:
iptables -A INPUT -s 192.168.0.10 -j DROP
Rules that you set with iptables persist only until the next reboot. To save them permanently use the following command:
service iptables save
The easiets way to change the hostname on CentOS 7 is to use the hostnamectl command.
First I will check the current hostname by running "hostnamectl status" on the shell of my server:
The output on my system is:
[root@server1 ~]# hostnamectl status Static hostname: server1.example.com Icon name: computer-vm Chassis: vm Machine ID: d89865d34b5a4637a9a4ff0ce0f6da02 Boot ID: 56d1685056d743b39e57a7b9cbfe467c Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-123.el7.x86_64 Architecture: x86_64
Then I change the hostname with the set-hostname option of the hostnamectl command to server2.example.com
hostnamectl set-hostname server2.example.com
Afterwats I check with the command hostname and hostname -f if the hostname change has succeeded.
The result should be:
[root@server1 ~]# hostname server2.example.com [root@server1 ~]# hostname -f server2.example.com
Instead of the hostname command you could also use the "hostnamectl status" command again to check if the new hostname has been set:
[root@server1 ~]# hostnamectl status Static hostname: server2.example.com Icon name: computer-vm Chassis: vm Machine ID: d89865d34b5a4637a9a4ff0ce0f6da02 Boot ID: 56d1685056d743b39e57a7b9cbfe467c Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-123.el7.x86_64 Architecture: x86_64
1.1 SCP Command Line-An Overview
The SCP command line is commonly used to copy files over SSH, and between popular Operating systems like Linux, Mac and Windows in a secure fashion. SCP is used to copy files to/from a remote server. It also allows you to copy files from one remote server to another remote server, without passing traffic through your PC.
When you get the error message "system-config-firewall: command not found" on your CentOS Server while trying to configure the firewall on the shell, then the text interface version of the firewall configuration utility is missing. Install it with this command:
yum install system-config-firewall-tui
Dovecot is watching the whole server filesystem for modifications and removed or added sub filesystems. If you get errors similar to this one on your server:
Aug 30 09:10:23 server1 dovecot: master: Warning: /var/www/clients/client1/web1/log is no longer mounted. If this is intentional, remove it with doveadm mount
(the directory path may vary), then you can fix it by excluding the path from being watched by dovecot. In my case, dovecot shall not watch my website directories as they do not contain any mailboxes
Run the following command on the shell as root user:
doveadm mount add '/var/www/*' ignore
To exclude all files and folders in /var/www from deovecot monitoring.
If you get error messages from amavisd similar to the one posted below on a server which is virtualized with OpenVZ:
Mar 5 09:09:02 v100 amavis: (17378-14) (!!)TROUBLE in process_request: Error writing a SMTP response to the socket: Broken pipe at (eval 100) line 987, <GEN44> line 31.
then the issue can be caused by the NUMTCPSOCK value in the openvz limits. Even if the barrier of this limit was never met in /proc/user_beancounters, the above error occurs when more then 25% of all TCP sockets were used. The solution is to set the NUMTCPSOCK barrier and limit to a high value in the openvz container configuration file. Here a value that worked for me on a moderately used mailserver:
Finally restart the OpenVZ VM to apply the new limit value.
If you use the apache mod_security module on your apache server, you might encounter wrong 403 errors for several URL's of the cms systems. Here are some exception rules to avoid that:
For WordPress Blogs
For the ModX CMS
SecRuleRemoveById 300013 300014 300015 300016
SecRuleRemoveById 300013 300016
Add these rules inside the vhost file of the website. If you use ISPConfig to manage the server, then add the rules in the apache directives field of the website settings in ispconfig.
Many thanks to PlanetFox for providing the rules.
The following guide shows how to disable and remove mysql replication from two or more mysql servers. These steps can be used for master/slave and master/master mysql setups. The following SQL commands have to be be executed in phpmyadmin or with the mysql commandline program. It is just important that you are logged in as mysql root user. Below I will use the mysql commandline client.
Login into mysql as root user from commandline:
mysql -u root -p
the mysql command will ask for the mysql root password.
Then execute these commands if the installed mysql version is < 5.5.16:
use the commands below instead if the mysql version is > 5.5.16
RESET SLAVE ALL;
Now edit the my.cnf file (/etc/mysql/my.cnf) and add a # in front of all lines that start with "replicate-" or "master-". Example:
# replicate-same-server-id = 0 # master-host = 192.168.0.105 # master-user = slaveuser # master-password = akst6Wqcz2B # master-connect-retry = 60
Then restart mysql: