blog.bloke.com

It’s a free alternative to RedHat Enterprise. When I say alternative, I mean it’s a copy of it, as the GPL allows that! These guys do a great job. My vote for best distro for commercial use.

http://www.centos.org/

So if you are installing 5.4 somewhere, you might want to wait a few days and get 5.5.
It seems that the 5.5 iso doesn’t fit on a normal DVD, so it’s being split into two!

adjust to matched your jre install:

and then restart firefox.

G’Day,

After some significant pain, I setup linux dual boot for the mac, but what I really want is to sometimes boot into linux, and sometimes just access the linux from my macos.  So you think no worries, Parallels supports Boot Camp, just use that. Wrong.  For Parallels to use a file system it needs to be mountable by the mac. CentOS uses ext3, and by default the mac doesn’t support ext2/ext3.  So

• Step 1. Install CentOS using Boot Camp.  (see here…) TODO
• Step 2. Reboot into MacOS, and install Mac Fuse
• Step 3. Install fuse-ext2 (see Mount Ext2/Ext3 file system from a mac)
• Step 4. Create a new Parallels install using the custom settings and boot camp partition. Here are the step-by-step screen shots.

Create New Virtual Machine

Choose Boot Camp Partition, click Continue

Select Version: More Linux -> CentOS Linux

Click Continue

Virutal Machine Type: Click Custom

CPU and Memory Options: I like 1G of main memory, click continue

Hard Disk Options: choose Boot Camp Partition, click Continue

I only have one disk, but pick the right one, click Continue

I like Shared Networking (Recommended), click Continue

Optimize for Virtual machine (Recommended) seems like a good choice, after all if you want to optimize for the mac, then don’t run the virtual machine.  You can always change this later.

Pick a name and a location for the Virtual machine, click Create.

When you start up the vm .. done

And soon enough you see the CentOS linux running inside my mac.

placeholder for centos 5.4 install on macbook pro.

Why CentOS 5.4 64bit you ask? Because that is the production system that I use for my website.  As I have mentioned on some other posts, I try not to live on the bleeding edge  unless there is good reason.  I had previously ran fedora on a live system, and the updates just killed me.

My macbook pro is a late 2009 model (I got in in October) 2.8 GHz with 4Gb mem and 320Gb drive (soon to be 120Gb patriot SSD).

First of all partition the disk ahead of time.  Just roughly the command is:

put in centos disk into drive

boot the computer, and hold down ‘c’

enter (default install)

Next

Next

Next

Choose create custom layout (from the top combo box)

next

click on /dev/sda3

click edit

set mount point to /

change format partition to ext3

click ok

click next

click yes

click format

click next

next

choose location Next

root pass next

pick packages ..next

next (does the install)

(cd will eject when done)

click Reboot

My system hun on “Restarting system.” so after a few minutes I held the power button down for5 seconds to power it down.

the started back up

synced the gpt

click reboot on the refit menu

I setup a partition for linux on my macbook, but mad the mistake of letting bootcamp make the parituion.

you need to do it manually, and once I started the process, I’ve so far been unable to undo it.

This is a placeholder entry for when I solve it 🙂

I get the following error when trying to use boot camp to resttore to a single partition

“The statup disk cannot be partitioned or restored to a single partition.

The startup disk must be formatted as a single Mac IS Extended (journaled) volume or already  partiioned by Boot Camp Assistant for installing Windows

G’Day,

I thought I’d be brave and just go ahead and install CentOS 5.4 linux on my macbook pro (late 2009 edition). Part of the thinking was that if I have problems, I’ll get to learn more about the macbook. I backed up my drive, and I plan to replace the drive with an SSD anyway, so I was feeling pretty fearless.

After a few tiny hiccups, It was installed (I decided not to install grub figuring it might mess with the boot loader (and I had already installed refit).  But reboot .. nothing .. just a dreaded error

I tried a few keys to see if I could get any kind of bios settings. Nadda. So a little googling, and holding down the “option” key when booting gave me a nice looking icon with Macintosh HD, so clicked on that, and bingo. Back in mac land. And then the mac continued to reboot just fine after that.

I imagine other people might have the same problems when installing Windows XP, vista or windows 7.  I also imagine that I did something not quite right.

I wanted to add a user in chroot jail for ftp.

Although it doesn’t look to be exactly chroot jail (according to the doco), it’s close enough for me:

First install vsftpd (was already installed)

yum install vsftpd

then start and configure it:

chkconfig vsftpd on
/etc/rc.d/init.d/vsftpd start

I created a user (call it wordpress)

adduser wordpress
passwd wordpress
vi /etc/passwd # change homedir to where the jail is eg /var/html/path/to/blog.bloke.com/

enabled the chroot jail for that user in /etc/vsftpd/vsftpd.conf

chroot_list_enable=YES

added the wordpress user to the chroot jail user list in /etc/vsftpd/chroot_list

wordpress

In the end, I didn’t need this, but thought it useful to remind me how to chroot someone’s ftp account.

It always bugged me that pam would wait 3 seconds on a failed login for unix. It is rumored (mostly incorrectly) that this was introduced to stop brute force attacks to the login module. This alone will not stop a brute force attack, as you could just have 100 connections all trying passwords at the same time, and really, once it takes longer than 100ms or so to respond, you know it’s wrong, move on and try the next one.

The reason was due to an ingenious attack on the password encryption mechanism which allowed a hacker to quickly figure out the password. From memory it works something like this.  First you try:

aaa, bbb, ccc, ddd, …

and time how long it takes for the login to fail.  The slowest one has the most number of letters correct at the start. say that’s ccc. Then you try:

caa, cbb, ccc, cdd, …

and the slowest of those has the most number of correct letters. Anyway, you can see that it would be very fast to then figure out how to get the password.

Anyway, here is how you turn off that annoying delay:

Add nodelay to /etc/pam.d/system-auth (redhat/fedora/centos)

The first two lines of my /etc/pam.d/system-auth file look like this:

auth        required      pam_env.so
auth        sufficient    pam_unix.so nullok try_first_pass nodelay

For debian (I’m told): add the following to /etc/pam.d/common-auth:

auth        required      pam_unix.so nodelay

I’ve only set this up on machines inside my firewall, with a bit of research, I might turn it on for production machines, but only with some other protections (like FAIL2BAN, and some other pam/firewall denial mechanisms that I might talk about later).