pk stuff

Here is a simple way to setup key (password-less) login on Unix-like systems.

Once you’ve configured SSH locally, add your public key to remote hosts using the following command:

ssh-copy-id remote_machine

After answering the password prompt, your public key will be appended to the remote ~/.ssh/authorized_keys2.

Remember to make sure the remote folder ~/.ssh is set to mode 0700 and ~/.ssh/authorized_keys2 to 0600, or auto login will be disabled.

from Black-Pixel.net:

If you haven’t already done it, you have to set up the EPEL repository.

For 32bit:

rpm -Uvh https://download.fedora.redhat.com/pub/epel/6/i386/epel-release-6-5.noarch.rpm

For 64bit:

rpm -Uvh https://download.fedora.redhat.com/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm

Next install Nginx and spawn-fcgi, I assume you have already installed PHP and all the modules you need.

yum install nginx spawn-fcgi

Now it’s time for the spawn-fcgi configuration. The config should be at /etc/sysconfig/spawn-fcgi.

vim /etc/sysconfig/spawn-fcgi

# You must set some working options before the “spawn-fcgi” service will work.
# If SOCKET points to a file, then this file is cleaned up by the init script.
#
# See spawn-fcgi(1) for all possible options.
#
# Example :
#SOCKET=/var/run/php-fcgi.sock
OPTIONS=”-a 127.0.0.1 -p 9000 -u nginx -g nginx -C 32 -F 1 -P /var/run/spawn-fcgi.pid — /usr/bin/php-cgi”

It’s very important that you remember the port, you’ll have to set the same in the nginx configuration. You should also use the same username and group as nginx.
To play it safe, make sure the following line is not commented in the file /etc/init.d/spawn-fcgi:

config=”/etc/sysconfig/spawn-fcgi”

Now let’s make sure that spawn-fcgi and nginx automatically start after a reboot.

chkconfig –level 2345 nginx on
chkconfig –level 2345 spawn-fcgi on

For more information about chkconfig check this site:https://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-services-chkconfig.html

Next up we have to fix a folder permission. The group of the session cookies folder, the address can be found in the php.ini (session.save_path = “/var/lib/php/session”). The folder group has to be changed from apache to whatever you use, e. g. nginx. You should check this after every php update.

As a last step, just add the following line to the /etc/nginx.conf and/or your custom domain configuration in /etc/nginx/conf.d/yourdomain.conf.

location ~ .php$ {
include        fastcgi_params;
fastcgi_pass   localhost:9000;
fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
}

You should also make some additional changes in your configuration.

Or perhaps it should be: how to retrieve an lvm partition from an xvda partition within an lvm partition.

Quite some time ago, I built a CentOS Xen DomU using lvm within an xvda partition. And the whole VM was hosted in yet another lvm partition. While lvm is easy to manage and physical backup and restore is straightforward, accessing the contents of the embedded partition without the VM running is tricky. Luckily, device mapping in Linux is very powerful and can be used recursively (not quite like Haskell or OCaml, but impressive none the less).

This recipe can be applied multiple times to dig deeper into your embedded file systems.

Add the device mappings (assuming the device created is /dev/xvda ):

kpartx -a /dev/VolGroupXX/LogVolxx

Kpartx is amazing as it will scan all your lvm volumes and create device mapper entries, which are required for the lvm tools to do their thing.

Scan for physical volumes:

pvscan

The above should tell you the physical volumes with LVM partitions (the PV column) along with the volume groups on it (the VG column). Activate the volume group:

vgchange -ay {VG name from previous step}

If you have additional embedded LVM, run vgscan to discover these, and vgchange -ay as required. You may need to repeat the kpartx and pvscan too.

When you eventually get to the volume required, mount it with :

mount /dev/{VG name}/{LV name} /mnt/xxx ;

The folks at Citrix have more detail here, especially if you’re running Xen.

from linuxnet.ch

To disable IPv6 in RHEL/CentOS 6.x:

Edit /etc/sysconfig/network
Change the following:

NETWORKING_IPV6=yes to

NETWORKING_IPV6=no

Edit /etc/modprobe.conf
If not present, add the following:

alias net-pf-10 off

alias ipv6 off

Stop the ipv6tables service

service ip6tables stop

Disable the ipv6tables service

chkconfig ip6tables off

After rebooting, IPv6 will be disabled.

Followed this recipe first, but got bogged down on the home-brew tools and very detailed guest config. However, this blog has the best description and config I’ve ever seen for bridge networking on CentOS – worked like a charm.
Finally got everything working with these (much simpler) instructions using a centos6 guest from the openvz template download site.

The SystemRescueCd has all sorts of useful tools to restore ailing Linux systems.
Check it out at: https://www.sysresccd.org

I recently replaced the RAID 1 drives in my CentOS 5 box and had to reinstall the grub MBR. As the drives are a couple of TB each, I thought I’d try GPT instead of the old MBR partitioning, since soon all drives will exceed MBR’s 2TB limit. Luckily GPT is baked into RH/CentOS kernels (unlike many others).
Restoring the MBR was trickier than I expected and I made a couple of mistakes along the way – wish I had found the following description sooner:
https://idolinux.blogspot.com/2009/07/reinstall-grub-bootloader-on-md0.html

In a nutshell run grub interactively and do the following:

# grub
grub> root (hd0,0)        
root (hd0,0)
 Filesystem type is ext2fs, partition type 0xfd
grub> setup (hd0)
setup (hd0)
 Checking if "/boot/grub/stage1" exists... no
 Checking if "/grub/stage1" exists... yes
 Checking if "/grub/stage2" exists... yes
 Checking if "/grub/e2fs_stage1_5" exists... yes
 Running "embed /grub/e2fs_stage1_5 (hd0)"...  16 sectors are embedded.
succeeded
 Running "install /grub/stage1 (hd0) (hd0)1+16 p (hd0,0)/grub/stage2 /grub/grub.conf"... succeeded
Done.
grub> quit
# reboot