DevHeads.net

Postings by Niki Kovacs

TeX Live on CentOS 7

Hi,

I just installed the OpenVAS vulnerability scanner on my CentOS 7
workstation. Everything seems to work fine, except PDF generation. The
'openvas-check-setup' script tells me that PDF generation works fine,
but whenever I want to generate a report, the result is unusable and
can't open in Evince or Okular.

After googling a bit, I found out that several users complained that Tex
Live is broken under RHEL/CentOS 7.

While I did use LaTeX a long time ago to write documents, I don't use it
anymore nowadays (just Markdown or LibreOffice).

Ark can't handle RAR archive

Hi,

I'm running CentOS 7 with KDE. Ark can't seem to handle a RAR archive,
even though I have unrar from the Nux repository installed.

Any idea what's wrong here?

Cheers,

Niki

OpenVAS: confusion with 3rd party repos

Hi,

I'm currently experimenting with OpenVAS, the vulnerability scanner
which was forked from Nessus.

I'm reading through various HOWTOs and tutorials, and it seems like I'm
stuck very early in my fiddling process.

All the CentOS-based tutorials I've found mention a third-party Atomic
repo, and here's how the installation usually begins.

# wget -q -O - <a href="http://www.atomicorp.com/installers/atomic" title="http://www.atomicorp.com/installers/atomic">http://www.atomicorp.com/installers/atomic</a> | sh

Yet on my servers I have EPEL configured for my third-party needs, and
OpenVAS already seems available through EPEL.

# yum search openvas
...
openvas-cli.x86_64
openvas-gsa.x86_64
openvas-l

Getting started with mod_security

Hi,

I'm currently fiddling with mod_security, and before going any further,
I simply wanted to ask here for any recommended documentation/tutorials
on the subject. There seems to be a lot of information about
mod_security out there, and right now I have a bit of a hard time
wrapping my head around it.

I'm grateful for any suggestions.

Cheers,

Niki Kovacs

CentOS 7 + KDE: sleep mode?

Hi,

One of my clients is running CentOS 7 + KDE 4.14 which I installed for
her. Everything is running nicely. She asked me - more out of curiosity
- if she could use the "Sleep" mode instead of "Shutdown" like she did
when she ran Windows, so the PC would be up and running faster the next
time. I didn't know what to answer, since I don't explicitly use this
mode. Only on my laptop I simple shut the lid, which puts the laptop
into Sleep mode. But on a normal PC, I don't know if this mode is
supposed to be used.

Any suggestions?

Niki

Hardening Apache on CentOS 7

Hi,

Some time ago one of my public servers (running Slackware64 14.0) got
attacked and was misused to send phishing emails.

This misadventure made me more concerned about security, so I spent the
last few weeks catching up on security, reading docs about SELinux and
how to use it, etc.

I have a public sandbox server running CentOS 7, and I'm currently
experimenting quite a lot with Apache and how to secure it. My approach
is very much trial-and-error.

Apache + mod_evasive : problem with test.pl

Hi,

I'm currently experimenting with the mod_evasive module for Apache, to
protect the server against potential DoS attacks. Here's what I did so far.

# yum install mod_evasive

Don't touch mod_evasive's default configuration, just restart Apache.

# systemctl restart httpd

The package includes a test.pl script supposed to launch a testing DoS
attack.

Web server files ownership?

Hi,

I have a series of websites hosted on two CentOS 7 servers, using Apache
virtual hosts. One of these servers is a "sandbox" machine, to test
things and to fiddle around.

On the sandbox server, I have a few dummy websites I'm hosting.

# ls /var/www/html/
default phpinfo slackbox-mail slackbox-site unixbox-mail unixbox-site

Since Apache is running as system user 'apache' and system group
'apache', I thought it sensible that hosted files be owned by that process.

# ls -l /var/www/html/
total 24
drwxr-x---. 3 apache apache 4096 6 juil. 09:37 default
drwxr-x---.

Problem with ipa-client

Hi,

Here's the warning that Yum currently displays:

** Found 3 pre-existing rpmdb problem(s), 'yum check' output follows:
ipa-client-4.4.0-14.el7.centos.7.x86_64 has installed conflicts
freeipa-client: ipa-client-4.4.0-14.el7.centos.7.x86_64
ipa-client-common-4.4.0-14.el7.centos.7.noarch has installed conflicts
freeipa-client-common: ipa-client-common-4.4.0-14.el7.centos.7.noarch
ipa-common-4.4.0-14.el7.centos.7.noarch has installed conflicts
freeipa-common: ipa-common-4.4.0-14.el7.centos.7.noarch

Any suggestions what I can do about that? (BTW, I don't use IPA)

Cheers,

Niki

Physically moving a mail server vs. cached DNS

Hi,

I just moved my main mail account and web content from a low-cost
(low-quality) provider to my own root server running CentOS 7. I
transferred the domain name from DNS management to my registrar,
configured BIND, Apache, Postfix, Dovecot, NTP, SELinux, etc. Now things
are running rather nicely.

Markdown editor for CentOS 7?

Hi,

I recently discovered Markdown, and I'm currently using it to write some
documentation for CentOS 7.

<a href="https://github.com/kikinovak/formation-linux" title="https://github.com/kikinovak/formation-linux">https://github.com/kikinovak/formation-linux</a>

For the time being, I'm using my good old Vim editor for writing it. I
turned off syntax highlighting, since this produces random results with
Markdown.

Pages are correctly displayed on Github, but in order to see them, I
have to push them to the server. Now I wonder if there's a good WYSIWYG
editor for Markdown, or at least something where I can check locally
what the page looks like.

Any suggestions?

Niki Kovacs

CentOS 7 + KDE: Okular view PDF files OK but prints a blank page

Hi,

I recently installed CentOS 7 + KDE 4.14 on my main workstation, and
overall I'm very happy with it.

Okular seems to have trouble with some PDF files. I'm using the Dolibarr
application to generate invoices. I can view the resulting PDF file OK,
but when I try to print it, I get a blank page. A few days ago I had a
similar problem with a PDF file generated from a french administration
online form.

On my previous installation (Slackware64 14.1 + Xfce + Evince built from
source) I never had any trouble with PDF files.

Any suggestions?

Cheers,

Niki Kovacs

Virt-Manager and full-screen display

Hi,

I have CentOS 7 with Qemu/KVM and Libvirt running on a headless HP
Proliant Server. Virtual hosts are managed via Virt-Manager installed on
a CentOS 7 + KDE client via SSH.

Things are running quite nicely for now, I only have a few small minor
details to adjust.

On my main workstation running Slackware64 14.1, I also have Qemu/KVM
and Virt-Manager installed. When I launch a virtual host and switch to
full-screen display, the host is a "real" full screen.

But when I do the same thing with CentOS, I don't have a real
full-screen display.

rpcbind fails to start after creating virbr0 bridge

Hi,

In my office I have an HP Proliant server running CentOS 7. It's a
minimal install without GUI. The machine has two network interface
cards, and for now it's acting as gateway/firewall, and it's running
ntpd, Dnsmasq and Rsnapshot.

I'd like this machine to also be a KVM virtualization host, so I
installed qemu-kvm and libvirt.

SAN certificates for multiple domains and multiple services

Hi,

I'm currently installing and configuring CentOS 7 on a public server.
The machine will host a few small-to-midsize projects that are currently
running on a handful of Slackware servers: public library databases, our
public school's agenda, a small webradio, OwnCloud for myself and a
local non-profit, etc.

Until recently I've mostly used self-signed SSL certificates for stuff
needing a secure connection.

Apache + SSL: default configuration rated "C" by Qualys Labs

Hi,

I'm currently experimenting with a public server running CentOS 7. I
have half a dozen production servers all running Slackware Linux, and I
intend to progressively migrate them to CentOS, for a host of reasons
(support cycle, package availability, SELinux, etc.) But before doing
that, I have to figure out a few things that work differently under
CentOS.

CentOS 7 + HPLIP = blank page

Hi,

I just installed CentOS 7 + KDE on a new workstation in my office. I
tried to setup my printer, but the test page is blank. Here's some details.

The printer is an HP OfficeJet 8600 Pro. It works perfectly with all
other desktop clients running Slackware Linux and HPLIP.

I installed hplip and hplip-gui, launched HP Toolbox and then setup the
printer - a network printer - which is mainly a matter of confirming OK,
OK, OK.

The printer shows up OK in HP Toolbox, but when I try to print a test
page, the printer ejects a blank page, that's it.

Which leaves me clueless.

Cheers,

Niki Kovacs

bind vs. bind-chroot

Hi,

On my public servers, I usually run BIND for DNS. I see CentOS offers a
preconfigured (sort of) bind-chroot package. I wonder what's the
effective benefit of this vs. a "normal" BIND setup without chroot. On
my Slackware servers, I have a rather Keep-It-Simple approach to all
things security, e. g. run no unneed services, open only needed ports
etc. but I don't run the extra mile (and haven't been bitten so far).

Any suggestions? (No flamefest please.)

Niki

Primary DNS server with BIND on a public machine running CentOS 7

Hi,

I just installed CentOS 7 on a public server. I'd like to setup BIND as
a primary DNS server for a few domains.

Until now, all my public machines were running Slackware Linux, and
setting up BIND on a Slackware machine is relatively easy. In its out of
the box configuration, it has a bone-headed caching nameserver role,
which is quite easy to expand to a primary nameserver. Here's my
documentation. It's in French, but the *nix bits are universal.

<a href="http://blog.microlinux.fr/bind-slackware/" title="http://blog.microlinux.fr/bind-slackware/">http://blog.microlinux.fr/bind-slackware/</a>

On my server running CentOS, I notice things are more complicated in the
default configuration.

Network configuration: desktop vs. laptop

Hi,

I'm just migrating some stuff from Slackware Linux to CentOS, and I have
a question about the orthodox way of configuring a network connection.

On a desktop or workstation, I usually get rid of NetworkManager:

# systemctl stop NetworkManager
# yum remove NetworkManager

Then I edit the /etc/sysconfig/network-scripts/ifcfg-XXXXX file
corresponding to my network interface.

Dnsmasq and /etc/hosts

Hi,

I just setup CentOS 7 on three boxes to fiddle with it.

1. amandine.sandbox.lan is a headless LAN server

2. bernadette.sandbox.lan is a client desktop

3. raymonde.sandbox.lan is another client desktop

I've setup Dnsmasq on amandine.sandbox.lan.

How do I default to "Folder View" in my custom KDE user profile?

Hi,

I'm currently busy tweaking KDE 4.14 on CentOS 7 to my needs. I want to
use it as a base for an enterprise class desktop.

Trouble setting up HP Officejet Pro 8600 printer on CentOS 7 + KDE

Hi,

I just installed a CentOS 7 + KDE desktop in my office's network. So
far, I'm quite happy with the results, though I have some trouble
getting the printer to work. All the other machines in my office
(server, desktops, workstation) are running Slackware64 14.1 or 14.2,
and they can all use the printer perfectly.

I installed hplip-gui and ran it.

CentOS 7 + KDE - default keyboard layout?

Hi,

I'm currently fiddling with CentOS 7 and KDE 4.14, and I must say, I'm
pleasantly surprised. This is one of the cleanest implementations of KDE
I've ever seen, and with some tweaking (a lot, in fact) this can be
turned into a highly functional desktop with all the bling and bells and
whistles.

But right now, I have some minor problems to solve. First things first.
My system is installed in French, with a swiss french keyboard
(fr_CH-latin1) as default.

Disable calendar notification in GNOME / CentOS 7 ?

Hi,

Here's one of the problems adressed in a previous thread, but it got
somehow swept away in the heat of the discussion.

Since I'm using Thunderbird and not Evolution, I'd like to get rid of
the calendar notifications in GNOME's system menu.

Ideally, things should work like this:

<a href="https://extensions.gnome.org/static/extension-data/screenshots/screenshot_153_2.png" title="https://extensions.gnome.org/static/extension-data/screenshots/screenshot_153_2.png">https://extensions.gnome.org/static/extension-data/screenshots/screensho...</a>

There's an extension called "Nothing To Do" which is supposed to do
exactly that, e. g.

Thunderbird vs. Evolution vs. OwnCloud

Hi,

I'm currently using Thunderbird synced to OwnCloud on my main
workstation running Slackware64 14.1. I just installed CentOS 7 on my
Asus S300 laptop. It's running nicely, and I'm spending some time
getting acquainted with it.

I wonder if I should stick with Thunderbird or go with the default
Evolution application, since this seems to be better integrated into the
desktop, namely the calendar function.

On the other hand, it seems like you have to jump through burning loops
to connect Evolution to OwnCloud.

What are your experiences with these two clients and OwnCloud?

NetworkManager icon not showing

Hi,

I just installed CentOS 7 on my Asus S300 laptop. Wireless was working
OK at first, but now for mysterious reasons the NetworkManager icon
seems to have disappeared from the notification area. When I click on
that area, there's only information showing about sound, brightness,
battery status and the connected user.

Which leaves me clueless. Any suggestions?

Niki Kovacs

CentOS 7 : keyboard shortcut for mouse gesture?

Hi,

I have a CentOS 7 (GNOME) desktop installed as a VirtualBox guest on my
Slackware64 14.1 workstation, to fiddle with it.

Custom desktop menu entries: weird behavior with menu categories

Hi,

For my client's desktops, I'm usually customizing the various Linux
desktops I'm installing. I'm using custom icon themes (Elementary),
custom system fonts (Droid Sans), and one of the things I also customize
are desktop menu entries.

Here's an example of what I do on a Slackware+Xfce-based desktop, so you
get the idea.

Duplicate *.desktop entries for GNOME in /usr/share/applications

Hi,

Today I noticed something strange. There seem to be a series of
duplicate desktop menu entries in /usr/share/applications.

Example: gedit.desktop and org.gnome.gedit.desktop

Other example: nautilus.desktop and org.gnome.Nautilus.desktop

This is annoying, since I usually edit some custom menu entries for my
users. Now, if I edit both files for a single application, I end up with
duplicate menu entries.

Any suggestions?

Cheers,

Niki