Using yum to download a package and all it's associated dependencies

This tutorial will demonstrate how to do a download-only of a package and all of it's dependancies. To elaborate - I recently installed Fedora 29 on a Macbook, but unfortunately there was no native support for the WLAN driver. However it was available from RPMFusion - packaged under 'akmod-wl' - however downloading this and all of it's dependancies would have taken a long time - so instead we can use plugin for yum called 'yum-downloadonly': yum install yum-downloadonly We can then issue something like follows to download the required packages...

Read more

Generating a new UUID for XFS/EXT2/3/4 filesystems

Although very rare there will be circumstances were you encounter duplicate filesystem UUIDs. Upon mounting one e.g.: mount -t auto /dev/sdb1 mount: wrong fs type, bad option, bad superblock on /dev/sdb1 Tailing dmesg provides the clue as to what has gone wrong: [ 1103.580854] XFS (xvdp1): Filesystem has duplicate UUID xxxxxx-yyyyyy-zzzzz-aaaa-bbbbbbbbbbb - can't mount So we'll need to change the UUID of one of disks - to do this with an XFS filesystem we can use: xfs_admin -U generate /dev/sdb1 and with the EXT family we can...

Read more

Checking switch port bandwidth utilisation with SNMP / Nagios

In order to monitor port bandwidth utilization on Cisco switches via SNMP we'll firstly need to install a plugin from the Nagios Exchange called 'iftraffic2': Download and install the plugin: cd /usr/local/nagios/libexec curl https://exchange.nagios.org/components/com_mtree/attachment.php?link_id=1720&cf_id=24 -O check_iftraffic chmod +x check_iftraffic The usage for the plugin is as follows: ./check_iftraffic -H <hostname> -C <community-string> -r -i <interface-name> -b <interface-capacity> -u <interface-unit>...

Read more

Setup Nagios Core for SNMP traps with snmptrapd and snmptt

We'll firstly need to download and execute the installer script from Nagios.com: sudo yum -y install bzip2 cd /tmp wget https://assets.nagios.com/downloads/nagiosxi/scripts/NagiosXI-SNMPTrap-setup.sh sh ./NagiosXI-SNMPTrap-setup.sh This will install and setup snmptrapd and snmptt while ensuring the firewall is configured properly (udp/162 - however you may wish to lock this down further) We'll then need to add our MIB's - for this example I'll be using a combination of SG200/300 switches and so will download the MIB's from: https://software.cisco.com/download/home/284645417/type/283965836/release/1.4.1.03 In...

Read more

Setting up NPS / RADIUS for use with a Cisco 2960X

Below is a sample configuration to get up and running with Radius: 2960X Configuration conf t radius server <server-name> address ipv4 <server-ip> key <shared-secret> aaa new-model # create new aaa model aaa authentication login default group radius local-case # allow radius and local user authentication by default aaa authorization exec default group radius local-case if-authenticated #  allow radius and local user authorisation by default aaa accounting system default start-stop group radius # only account for rad...

Read more

umasks: Ensuring httpd / apache is assigning the appropriate permissions on files / directories

I came across an issue the other day where the user httpd was running as was part of group that had been assigned permissions to the www root. Typically the user httpd runs under will be the owner of these files and directories and as a result will almost always have adequate permissions to read, write and execute. However in this case because it was part of a group instead the default umask setting of 022 was preventing the httpd user from writing to the files. The umask can be worked out as follows - for example a umask of 002: Directories:...

Read more