devnull

Man of many talents. Server janitor, Chief Googler, Vice President of Pencil Sharpening, Director of Turning Things Off and On Again. Technology Plumber using Linux for stuff like Satellite STB, home CCTV system, kitchen sound bar, workstations, even car onboard computer. And servers, oh yeah - lots of them. I've been a Linux Mercenary for quite a while now, often using information posted by kind strangers on the Internet to solve problems during this journey. This blog is a humble attempt to give something back to the community.

Horrible SeLinux commands

 apache, linux, samba  No Responses »
May 072015
 

These pesky SeLinux commands that are just impossible to remember

insta-06

We need some tools

yum install policycoreutils-python -y

Non-default location for homedirs

# say user dyzio comes from AD/LDAP and lives under /users/d/dyzio
mkdir -p /users/{a..z} # precreate home_root_t
chcon -t home_root_t /users
semanage fcontext -a -t home_root_t "/users(/.*)?"
restorecon -R -v /users

# if you need to autocreate home dirs you'll need 
yum install -y oddjob-mkhomedir
# and for AD users "usepasswd=True" in this file
vim /etc/selinux/semanage.conf
# this will check user entry in ldap and set correct security context "user_home_t" on user home

Samba

semanage fcontext -a -t samba_share_t "/srv/shared(/.*)?"
restorecon -R -v /srv/shared

Apache

setsebool -P httpd_can_sendmail on

Assign the appropriate Selinux security context to our custom web app directories. This grants Apache permissions to access them.

chcon -Rv --type=httpd_sys_content_t /webapps/apps/app1/public_html
chcon -Rv --type=httpd_sys_content_t /webapps/logs/app1/

 

 

LVM commands example – shrink existing LV and create new one as swap

 linux, server  No Responses »
May 072015
 

In this particular case I had to add a swap partition to existing Ubuntu system.

insta-07

Shrink LVM

df -h
umount /var/www/owncloud/data
resize2fs /dev/mapper/vg0-owncloud 15G
lvresize -L 15G /dev/mapper/vg0-owncloud
lvdisplay /dev/mapper/vg0-owncloud
e2fsck /dev/mapper/vg0-owncloud
mount -a
mount
df -h

create new LVM (swap)

# vgdisplay
--- Volume group ---
VG Name vg0
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 3
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 1
Open LV 1
Max PV 0
Cur PV 1
Act PV 1
VG Size 20.00 GiB
PE Size 4.00 MiB
Total PE 5119
Alloc PE / Size 3840 / 15.00 GiB
Free PE / Size 1279 / 5.00 GiB
VG UUID q6lkE0-H33z-fWX6-5l4H-Kidx-iLKf-NdZJYq

Note Free PE and then

lvcreate vg0 -l 1279 -n swap
mkswap -f /dev/mapper/vg0-swap
echo "/dev/mapper/vg0-swap none swap sw 0 0" >> /etc/fstab
swapon /dev/mapper/vg0-swap

Check with say “free -m” to see if new swap space is now being seen by kernel.

 

 

 Older Entries  Newer Entries