devnull

Man of many talents. Server janitor, Chief Googler, Vice President of Pencil Sharpening, Director of Turning Things Off and On Again. Technology Plumber using Linux for stuff like Satellite STB, home CCTV system, kitchen sound bar, workstations, even car onboard computer. And servers, oh yeah - lots of them. I've been a Linux Mercenary for quite a while now, often using information posted by kind strangers on the Internet to solve problems during this journey. This blog is a humble attempt to give something back to the community.

Install HP System Management Homepage on Debian Jessie

 linux, server  No Responses »
May 202015
 

Once MCP repo configured (see this ) we start deploying HP add-ons

apt-get install hp-health hp-snmp-agents hpacucli hpsmh

Note, repo is for Wheezy so certain things are unsurprisingly broken, hp-snmp-agents among them – this depends on package libsnmp15 that is no longer available. Thanks to this post we can still make it working:

apt-get download  hp-snmp-agents
dpkg-deb --raw-extract hp-snmp-agents_9.4.0.1.5-4._amd64.deb hp-snmp-agents_9.4.0.1.5-4
vim hp-snmp-agents_9.4.0.1.5-4/DEBIAN/control
# swap "libsnmp15 (>= 5.4.1~dfsg)" with "libsnmp30|libsnmp-base"
dpkg-deb --build hp-snmp-agents_9.4.0.1.5-4 hp-snmp-agents_9.4.0.1.5-4._amd64-jessie.deb
dpkg -i hp-snmp-agents_9.4.0.1.5-4._amd64-jessie.deb
/etc/init.d/hp-snmp-agents start

insta-02

Horrible SeLinux commands

 apache, linux, samba  No Responses »
May 072015
 

These pesky SeLinux commands that are just impossible to remember

insta-06

We need some tools

yum install policycoreutils-python -y

Non-default location for homedirs

# say user dyzio comes from AD/LDAP and lives under /users/d/dyzio
mkdir -p /users/{a..z} # precreate home_root_t
chcon -t home_root_t /users
semanage fcontext -a -t home_root_t "/users(/.*)?"
restorecon -R -v /users

# if you need to autocreate home dirs you'll need 
yum install -y oddjob-mkhomedir
# and for AD users "usepasswd=True" in this file
vim /etc/selinux/semanage.conf
# this will check user entry in ldap and set correct security context "user_home_t" on user home

Samba

semanage fcontext -a -t samba_share_t "/srv/shared(/.*)?"
restorecon -R -v /srv/shared

Apache

setsebool -P httpd_can_sendmail on

Assign the appropriate Selinux security context to our custom web app directories. This grants Apache permissions to access them.

chcon -Rv --type=httpd_sys_content_t /webapps/apps/app1/public_html
chcon -Rv --type=httpd_sys_content_t /webapps/logs/app1/

 

 

 Older Entries  Newer Entries