search
top

Install Tomcat 7 and Java 1.7 on CentOS 6 RHEL 6

In this post we will cover how to install the Apache Tomcat 7 and jre 1.7 on CentOS 6 and RHEL 6. This process doesn’t use the rpm’s from the Redhat repositories, but uses the latest tar balls from Apache and Oracle. We will also be using service accounts to control Tomcat and its processes. Download latest Tomcat from http://tomcat.apache.org/download-70.cgi. Version 7.0.40 is the curent... read more

How To Fix RHEL / CentOS 6.4 LDAP MD5 Cert Error

Recently we updated to the latest RHEL 6.4 which caused LDAP to stop using our MD5 signed  certificate. This was due to the nss-3.14.0 update that now deems MD5 as unsecure. This change caused authentication of users using LDAP to fail. If the account had a local password (such as root), they were able to login. Since creating / updating the MD5 certificate was not an immediate solution for us we had to... read more

How to set a Directory Sticky Bit in Linux

There are times on Linux / Unix that you need to set the permissions on a directory so that only the owner and root can delete / rename files or sub-directories in the directory. This is true by default with the /tmp directory. This is commonly referred to as the sticky bit. If you want to keep the permissions the same on the directory and just add the sticky bit you can do this by using the chmod command... read more

How to lock down files in Linux using chattr

As system admins there is always a few trouble users that keep changing files we don’t want them to, such as /etc/resolv.conf. We can do that using the chattr command. Here is the file with no flags using the lsattr command. lsattr – list file attributes on a Linux second extended file system $ lsattr resolv.conf -------------e- resolv.conf So lets lock down the file using -i (immutable) so... read more

How To Disable fsck at boot on RHEL

Recently ran into the need to disable fsck on a large filesystem at boot. This is not recommended to do by RedHat but in this case it was a evil that had to be put in place with the caveat of making sure to manually run fsck at a later time. According to RedHat: Red Hat does not typically suggest disabling the on-boot fsck except in situations where the machine does not boot, the file system is extremely... read more

« Previous Entries Next Entries »

top