Category: Linux

SELinux: Compile a policy package

You have generated a SELinux human readable .te file and want to compile it into a .pp policy file.     Create a policy The first command will read through the audit.log file to generate both a .te and .pp file. The .te is human readable. The .pp is compiled. The second command installs that policy. ausearch -c 'avc' --raw...Read More »

Apache Tomcat 9 – SSL/TLS Configuration HOW-TO

In this exercise, Tomcat 9 will be installed with OpenJDK 8 using a self-signed certificate in a PKS12 keystore on a clean CentOS 7 Linux server.  These are the steps. Enjoy Tomcat Check the Cert You can check the cert by using your browser. Conclusion This is a basic Tomcat install, future considerations should include log rotation and SeLinux.Read More »

Install Elastic Stack 5.6 on CentOS 7

By combining the massively popular Elasticsearch, Logstash, and Kibana (what was the ELK Stack is now the Elastic Stack), Elastic has created an end-to-end stack that delivers actionable insights in real time from almost any type of structured and unstructured data source. There are many resources that offer installation procedures from simple to complex configurations. This is my take on...Read More »

Migrate User Accounts from one CentOS server to another CentOS server

There are many articles that suggest that simply copying certain files from one CentOS to another CentOS server will be sufficient enough to migrate the user accounts along with their permissions and passwords.  Other arguments suggest that certain files such as the passwd and shadow files should never be manually edited; but the caveat is that there is no "utility"...Read More »

Automate the kinit process with a secure password

If in the event you want to automate the kinit process and automate this process at logon, the steps outlined below will work.  This has been tested on a CentOS 7 installation. ktutil ktutil: addent -password -p username@DOMAIN.COM -k 1 -e rc4-hmac Password for username@DOMAIN.COM: [enter your password] ktutil: addent -password -p username@DOMAIN.COM -k 1 -e aes256-cts Password for username@DOMAIN.COM:...Read More »

Atlassian JIRA support for unsupported OpenJDK

Atlassian JIRA does not support OpenJDK. Oracle has changed it licensing for Oracle JDK.  With that in mind, the goal is to use OpenJDK as a replacement for the Oracle JDK. This is possible and easy to do. Search for your jira install %JIRA_HOME/jira/bin/check-java.sh.  On the line that contains "java version" change it to "openjdk version", then restart your install...Read More »

pihole becomes unresponsive

If pihole becomes unresponsive, one reason may be that the diskspace is full. The diskspace may become full from an excessively large pihole database and or /var/log entries.  In a recent case, both were the cause.  Stopping the services and truncating the logs in /var/log and deleting the database worked in this case.  The following logs were large, but I…

Read More »

pihole reset all stats

There may be a time where you want to have a fresh dashboard without the stats and logs.  A case maybe a misconfigured NIC that may dump millions of DNS queries into the logs.  Yup I have seen this happen. Whenever you need to reset the pihole stats and logs that display on the /admin dashboard, the following options will…

Read More »