0

LDAP MD5 Cert Error on RHEL/CentOS 6.4+

With the update of nss-3.14.0 LDAP stopped using the MD5 signed certificate. nss-3.14.0 update deems that MD5 as unsecure. The change causes authentication of users using LDAP to fail. There are 4 possible ways to fix this problem 1) update the LDAP certificate to use other type of encryption than MD5 2) modify each kernel line in /etc/grub.conf to add support for MD5 and also in create nss.sh in /etc/profile.d in /etc/grub.conf add to the end of each kernel line systemd.setenv=NSS_HASH_ALG_SUPPORT=+MD5 in /etc/profile.d create nss.sh with export NSS_HASH_ALG_SUPPORT=+MD5 REBOOT 3) export the correct options to /etc/sysconfig/init in /etc/sysconfig/init add export… Continue Reading

0

cleaning old kernels the easy way

There is a built in tool to remove old unused kernels thats installed onto the system. You can just as easily remove it and clean grub entries but this is an automated method and you can even set an option to keep x amounts. step 1 – install the yum utils package yum install yum-utils step 2 – run the package-cleanup to clean up old kernels package-cleanup –oldkernels –count=2 step 3 – if you want to set it so that you only keep X number of revisions on your system then edit /etc/yum.conf and add the following installonly_limit=2 enjoy!

0

is it safe to use epel and rpmforge at the same time ?

There are many repositories that you can add onto your RHEL/CENTOS/FEDORA OS to install additional software. full list of repos can be found here http://wiki.centos.org/AdditionalResources/Repositories however is it safe to just add the repos and start installing packages? yes and no. We will configure priorities to setup the repos to keep packages from conflicting. Also you will want to protect the base OS installation so that there is less corruption/conflicts later on. step 1 – install the plugin if its not installed already yum install -y yum-plugin-priorities yum-plugin-protectbase step 2 – setup priorities for *-Base.repo that came with your OS… Continue Reading

0

How to rollback YUM UPDATES

Once in a while you might have problems after running “yum update.” There is an intermediate solution by rollback feature included in YUM. THIS OPTION IS NOT ENABLED BY DEFAULT. 1. To enable rollback edit /etc/yum.conf and add tsflags=repackage 2. Add the following line into /etc/rpm/macros file if it doesn’t exist and add %_repackage_all_erasures 1 now you are all set and can use the following examples to rollback rpm -Uvh –rollback ’22:00′ rpm -Uvh –rollback ‘3 hours ago’ rpm -Uvh –rollback ‘june 13’ rpm -Uvh –rollback ‘yesterday’ All previous repackaged software will be stored onto /var/spool/repackage

0

Dell OMSA 101 – mirroring and bootstraping

If you have a environment that has a lot of dell servers and want to get storage and chassis information OMSA is the way to do it. If your machines have access to the internet you can easily download it from linux.dell.com and install it however if you have a good number of servers and/or do not have access to the internet via your servers you will most likely want to mirror the repository so that you can install it from your trusted host. In this post we will assume that we have a trusted host that has access to… Continue Reading

0

Prevent yum from updating RHEL to a new release

Sometimes you will run into a scenario where you need to keep an OS at certain version due to vendor support. Such as EMC/IBM SAN powerpath etc.. You might also want to remain at a certain version due to change management policies. In this example I like to use yum to keep my RHEL guest current with security and bug fixes. The problem I ran into is that Red Hat has released a new minor version of it’s Enterprise Linux 5.x, and so yum wants to update to it. Well have no fear, as there is one line you need… Continue Reading