authorized_keys SELinux pubkey authentication on RHEL / CentOS

So, you have correct permissions on your home directory and all the way up to /, with no other-writable directories in the path, as well as correct permissions on the .ssh directory in $HOME, and it still doesn’t work? You probably have SELinux, and need to put the newly created files in the correct security context. Do it with restorecon like this:

chmod 700 ~/.ssh
cd ~/.ssh
chmod 600 ~/.ssh/*
chmod 644 ~/.ssh/authorized_keys
chmod 644 ~/.ssh/known_hosts
chmod 644 ~/.ssh/config
restorecon -R -v ~/.ssh

 

uuencode package name

Sometimes you have a tiny file you wish to include in a block of plain text, perhaps an email. When I was young(er), -in the era of UUCP and modems, before the world wide web and HTML were invented, when RFC-821 was still new, -there were no MIME attachments to email.

If you wanted to send a file by mail, you had to encode it in a way that could be included in plain text without breaking. That meant 7-bit ASCII only, max 72 chars on each line, and a lot of other limitations.

Bandwidth and storage were limited, so uuencode was invented to “efficiently” encode 3 bytes of binary data into 4 printable characters. Pretty clever.

I recently had a need for uuencode, and it was not installed on my CentOS/RedHat system by default. The package containing uuencode is called “sharutils”. The name comes from the “shar” utility to encode binaries into a shell script, shell archive (shar file).

yum install sharutils” – and voila, I have uuencode and uudecode available.

(Re)discover new LUN in linux without rebooting

Note to self… Has 1 disk (/dev/sda) and want to “find” newly added disk (/dev/sdb) without reboot:

echo 'scsi add-single-device 0 0 1 0' > /proc/scsi/scsi

The first “0” is the controller, next “0” is the SCSI channel, the “1” is the target ID, and the last “0” the H-LUN.

After repartitioning with fdisk, the kernel remembers the old partition table, so remove the device and add it again to refresh it:

echo 'scsi remove-single-device 0 0 1 0' > /proc/scsi/scsi
echo 'scsi add-single-device 0 0 1 0' > /proc/scsi/scsi

Why spamassassin fails to start after upgrade

I decided that it was time to upgrade our spam filters today. It runs on 4 virtual gentoo installations, and it’s based on postfix and amavisd-new.

Most of the time, I find gentoo is really as beautiful as a distro can get. They try to do TheRightThing, and don’t fail as bad as the debian gang does most of the time.

Perl with CPAN is of course never going to be “compatible” with a package-based distro, but in Gentoo the developers are clever and caring, and they make tools like perl-cleaner that actually does a remarkable job.

As always, I’m employing the lazy upgrade methodology, (also known as ad-hoc patching, or on-demand upgrading, or more bluntly: I upgrade whenever I feel like it and have the time). This approach and gentoo is not always the best combination, but because gentoo is as good as it is, things usually work out very well for me, even when upgrading gblic, or, as recently, the init/baselayout. Gentoo is amazing. I still love it.

Anyway… After upgrading perl, spamassassin, and some other dependencies, spamassassin wouldn’t start, and the error message was a very cryptic:

child process [1234] exited or timed out without signaling production of a PID file: exit 25 at /usr/local/bin/spamd line 3334.

The solution? Just run “sa-update” to download new rules. Then it started just fine.

Step-by-step guide to set up wordpress on an existing LAMP system

0. If you get permission denied on the shell commands, try prefixing them with “sudo ”

1. Log in as root in mysql:

lamp$ mysql -u root -p

2. Create a database and MySQL user dedicated to wordpress:

mysql> CREATE DATABASE blogdb CHARACTER SET utf8;
Query OK, 1 row affected (0.00 sec)

mysql> CREATE USER 'blogger'@'localhost' IDENTIFIED BY 'b1ogpw';
Query OK, 0 rows affected (0.05 sec)

mysql> GRANT ALL PRIVILEGES ON blogdb.* TO 'blogger'@'localhost';
Query OK, 0 rows affected (0.63 sec)

3. download and unpack wordpress into a directory served by apache:

lamp$ cd /var/www/html
lamp$ wget http://wordpress.org/latest.tar.gz
lamp$ tar zxf latest.tar.gz
lamp$ rm latest.tar.gz
lamp$ cd wordpress

4. configure wordpress with the database details and secret keys (edit all occurrences of the word “here”). Use the online generator to get good values for the secret keys:

lamp$ vi wp-config-sample.php
lamp$ mv wp-config-sample.php wp-config.php

5. run the wordpress installation script from a web browser. The URL will be like this:

http://your-lamp/wordpress/wp-admin/install.php

6. Add the name for your blog, a user name (admin), password, your email address, and click the “Install WordPress” button att the bottom.

7. Done! Now log in, delete the sample post and sample page, and start customising your wordpress site.

Good luck!