Author: admin

SELinux: Compile a policy package

You have generated a SELinux human readable .te file and want to compile it into a .pp policy file.     Create a policy The first command will read through the audit.log file to generate both a .te and .pp file. The .te is human readable. The .pp is compiled. The second command installs that policy. ausearch -c 'avc' --raw...Read More »

Apache Tomcat 9 – SSL/TLS Configuration HOW-TO

In this exercise, Tomcat 9 will be installed with OpenJDK 8 using a self-signed certificate in a PKS12 keystore on a clean CentOS 7 Linux server.  These are the steps. Enjoy Tomcat Check the Cert You can check the cert by using your browser. Conclusion This is a basic Tomcat install, future considerations should include log rotation and SeLinux.Read More »

keytool -list displays “JKS” for a PKCS12 keystore [work-a-round]

A server with Tomcat powered by OpenJDK 8 is using a keystore that is PKCS12 and not JKS. However, the keytool shows that the keystore type is JKS. I have accidentally discovered a work-a-round to this. The JAVA version openjdk version “1.8.0_191” OpenJDK Runtime Environment (build 1.8.0_191-b12) OpenJDK 64-Bit Server VM (build 25.191-b12, mixed mode) The Test Keystore type: jks…

Read More »

Are you a robot? Epic Fail!

That age old and yet annoying reCAPTCHA question, “Are you a robot?” is one that must be answered before you, a human, can continue along your merry way.  As one would expect, the reCAPTCHA process evolves.  The other day, I had to navigate through intentionally blurred and obscured images; but today’s image is a new one for me, Select all…

Read More »

Install Elastic Stack 5.6 on CentOS 7

By combining the massively popular Elasticsearch, Logstash, and Kibana (what was the ELK Stack is now the Elastic Stack), Elastic has created an end-to-end stack that delivers actionable insights in real time from almost any type of structured and unstructured data source. There are many resources that offer installation procedures from simple to complex configurations. This is my take on...Read More »

CheapSSL is NOT so cheap anymore!

I don't remember the specific dates or versions of the applications, but what I can state is that somewhere in recent years, Internet browsers and search engines, specifically Google, Google Chrome, and Firefox started to enforce the use of SSL certificates on websites. Websites will have higher page rankings with an SSL against those who do not. Chrome and Firefox...Read More »

Winamp is back!

Winamp is a media player that has been around since 1997. I know that in this world of modernization and simplified user interfaces some may not be too excited about the news of Winamp as a triumphant return, but it was one of the earliest applications that I had grown to love.  Winamp had and has the user interface that...Read More »

Migrate User Accounts from one CentOS server to another CentOS server

There are many articles that suggest that simply copying certain files from one CentOS to another CentOS server will be sufficient enough to migrate the user accounts along with their permissions and passwords.  Other arguments suggest that certain files such as the passwd and shadow files should never be manually edited; but the caveat is that there is no "utility"...Read More »