Category Archives: Linux

Upgrading from Ubuntu 12.10 to 14.04

Seems that a few of my instances in AWS were originally setup using Ubuntu 12.10.  Don’t know how that happened, but anyways.  Now that 12.10 is no longer support you can’t just upgrade.

So the solution is to use the site and update/upgrade from there.

sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak

sudo sed -i -re 's/|' /etc/apt/sources.list

sudo apt-get update && sudo apt-get dist-upgrade

sudo do-release-upgrade

This got me to 13.10, then another do-release-upgrade got me to 14.04.5.

OpenSUSE 11.1 for Vagrant

Seems that last week I needed an openSUSE 11.1  VM to test out some chef scripts.  Vagrant Cloud which is a great place to find Vagrant VMs didn’t have one, so I decided to create one.

Start first by downloading and installing packer an incredible tool for creating virtual machines from templates and scripts.  I used the Opscode bento project as a starting point and created my own packer template for opensuse 11.1.

First I had to find a place where I could get the IOSs and a repository.  Luckily there is still one available at:

After a couple of tries I figure out how to get the VM to boot from the IOS, enter the correct boot commands, provision the OS and run some setup scripts.  The biggest problem was figuring out that I had to reboot the VM after upgrading the kernel, or the Virtual Box Guest Additions would not install.  But packer can handle a reboot from a script, so it worked.

If you are interested the box can be used from Vagrant by doing:

vagrant init minesense/opensuse11.1

I’ve uploaded it to Vagrant Cloud at: and you can find and fork the source at:


Fixing SELinux Content in a HTML directory

Unable to access web files in a directory under the /var/www/html becuase of a 403 forbidden might be a context problem.


Getting a 403 forbidden error message when accessing a new file or directory in /var/www/html.

Check /var/log/messages to see if there are any:

Sep 13 13:11:28 fserver02 kernel: audit(1221336688.892:14): avc:  denied  { getattr } for  pid=25036 comm=”httpd” name=”phpldapadmin” dev=dm-0 ino=2441537 scontext=root:system_r:httpd_t tcontext=root:object_r:user_home_t tclass=dir


First check the context on the root directory.

cd /var/www/html
ls -Z index.html
-rw-r–r–  root     root     root:object_r:httpd_sys_content_t index.html

Look at the context of the new directory or file

ls -Z index.php
-rw-r–r–  root     root     root:object_r:user_home_t index.php

Now change the file or directory to the correct context

chcon  root:object_r:httpd_sys_content_t . -Rc

Check the context of the file:

ls -Z index.php
-rw-r–r–  root     root     root:object_r:httpd_sys_content_t index.php


Setting up VNCServer

How to setup vncserver on a linux machine to run gnome or kde.


Startup vncserver for the first time on port 5910 (:10) and set the password.

[root@localhost ~]# vncserver :10

You will require a password to access your desktops.

xauth:  creating new authority file /root/.Xauthority

New 'localhost.localdomain:10 (root)' desktop is localhost.localdomain:10

Creating default startup script /root/.vnc/xstartup
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/localhost.localdomain:10.log

[root@localhost ~]#


Edit ~/.vnc/xstartup and change the session manager to

  • gnome-session – for Gnome
  • startkde – for KDE

# Uncomment the following two lines for normal desktop:
# exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
gnome-session &

Restart vncserver

[root@localhost .vnc]# vncserver -kill :10
Killing Xvnc process ID 2844
[root@localhost .vnc]# vncserver :10

New 'localhost.localdomain:10 (root)' desktop is localhost.localdomain:10

Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/localhost.localdomain:10.log

[root@localhost .vnc]#

Configure IPTables

Edit /etc/sysconfig/iptables and add

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5910 -j ACCEPT

Restart iptables

[root@localhost ~]# /etc/init.d/iptables restart
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: filter                    [  OK  ]
Unloading iptables modules:                                [  OK  ]
Applying iptables firewall rules:                          [  OK  ]
Loading additional iptables modules: ip_conntrack_netbios_n[  OK  ]
[root@localhost ~]#


Open a VNC client and go to <machine>:10

Enter the password.

Setting up ntpd

A quick way to setup ntpd to set the system and hardware clock

On a Redhat system (Redhat, CentOS, Fedora or Oracle Linux) edit the /etc/sysconfig/ntpd file:

  • Change:




  • Add:

-x to OPTIONS so that the clock will be set every time ntpd is started

OPTIONS=”-u ntp:ntp -p /var/run/ -x”

Now make sure that ntpd is running

/sbin/chkconfig –level 2345 ntpd on

/sbin/service ntpd start

Setup LDAP with Openfiler

How to configure LDAP so that Windows shares will work with Openfiler.

Configure LDAP for Samba

The assumption is that LDAP is already up and running with user accounts with the posixAccount object classes.

Add samba.schema to LDAP

Copy samba.schema from /usr/share/doc/samba-3.0.10/LDAP to /etc/openldap

Add the samba.schema to slapd.conf

include         /etc/openldap/schema/samba.schema

Install smbldap-tools

Copy all the *.pl and *.pm scripts from /usr/share/doc/samba-3.0.10/LDAP/smbldap-tools to /usr/local/sbin

Configure for your LDAP server.

Run make in the mkntpwd directory and copy mkntpwd to /usr/local/sbin

Add sambaSamAccount to all existing users

For each user in LDAP run:

/usr/local/sbin/ -a <username>

This will add the sambaSamAccount class to the user.

Change each users password

Each user will need to have their password reset so that the Samba password values match the ldap password values.

For each user in LDAP run:

/usr/local/sbin/ <username>

(make sure ldappasswd is in your path)

Configure OpenFiler

On the Accounts -> Authentication screen:

Check Use Ldap and fill in the following fields:

  • Server
  • Base DN
  • Authenticated Base DN
  • Authenticated bind password
  • Root Bind DN
  • Root bind password

Check Login SMB server to root DN

LDAP users and groups will now show up under the Users and Group tabs

Disk Performance

Using hdparm to measure a hard disks performance.

To measure the current performance of your disk run:

hdparm -tT /dev/sda

You will get something like:

Timing cached reads:   896 MB in  2.01 seconds = 446.06 MB/sec
Timing buffered disk reads:  168 MB in  3.01 seconds =  55.77 MB/sec