CentOS


How to temporarily open MySQL / MariaDB port on CentOS 7 firewall

Recently, we came across a CentOS 7 that was executing MariaDB (MySQL) server. The Database Administrators needed a way to open to the port and allow connections to the SQL server from outside the machine.
As they did not have a specific IP from which they would connect, we provided the following solution.

To temporarily open port 3306

firewall-cmd --add-port=3306/tcp;

To close the port 3306 (method A)

firewall-cmd --remove-port=3306/tcp;

or reload firewalld which will cause it to loose all changes that are not permanent (method B)

firewall-cmd  --reload;

firewalld (Dynamic Firewall Manager) tool provides a dynamically managed firewall. The tool enables network/firewall zones to define the trust level of network connections and/or interfaces. It has support both for IPv4 and IPv6 firewall settings. Also, it supports Ethernet bridges and allow you to separate between runtime and permanent configuration options. Finally, it supports an interface for services or applications to add firewall rules directly.

Advertisements

Building wireshark-2.4.2 on CentOS 7 (64bit)

Recently we were trying to compile WireShark from source on a CentOS 7 (64bit) with GTK3 disabled (./configure --disable-gtk3;).

As seen in the truncated logs below we got some errors.
To resolve them we had to install a few packages using yum.
Specifically, our solution involved the installation of the following:

sudo yum install libgcrypt-devel qt5-qttools-devel libpcap-devel -y;

Truncated logs:

...
checking for libgcrypt-config... no
checking for LIBGCRYPT - version >= 1.4.2... no
configure: error: libgcrypt not found; install libgcrypt-devel package for your system
libgcrypt-devel.i686 libgcrypt-devel.x86_64 
[[email protected] wireshark-2.4.2]$ sudo yum install libgcrypt-devel -y

checking for lrelease-qt5... no
checking for lrelease... no
configure: error: I couldn't find lrelease-qt5 or lrelease; make sure it's installed and in your path
[[email protected] wireshark-2.4.2]$ sudo yum install qt5-qttools-devel

checking whether to use libpcap for packet capture... yes
checking for pcap-config... no
checking for extraneous pcap header directories... not found
checking pcap.h usability... no
checking pcap.h presence... no
checking for pcap.h... no
configure: error: Header file pcap.h not found; if you installed libpcap
from source, did you also do "make install-incl", and if you installed a
binary package of libpcap, is there also a developer's package of libpcap,
and did you also install that package?
[[email protected] wireshark-2.4.2]$ sudo yum install libpcap-devel

[[email protected] wireshark-2.4.2]$ ./configure --disable-gtk3

 


CentOS 7: C++: static linking cannot find -lstdc++ -lm and -lc

Recently, we were trying to compile a C++ application with the following compilation command on a CentOS 7 64bit :

g++ -static -O2 -lm -Wall -Wno-unused-result -std=c++11 -DCS_ACADEMY -DONLINE_JUDGE 510152025.cpp -o 510152025;

unfortunately, we got the following errors:

 /usr/bin/ld: cannot find -lstdc++
 /usr/bin/ld: cannot find -lm
 /usr/bin/ld: cannot find -lc
 collect2: error: ld returned 1 exit status

To resolve the issues, we performed the following installations to install the static versions of the glibc and libstdc libraries:

sudo yum install glibc-static libstdc++-static -y;

 


CentOS 7: Setup a DHCP server and provide specific IP based on MAC address

Step 1: Install DHCP service

We installed the Dynamic host configuration protocol software (DHCP service) using the command:

yum install dhcp;

The dhcp package provides the ISC DHCP service and relay agent.

Step 2: Configure the DHCP service

Afterwards, we created the file /etc/dhcp/dhcpd.conf using the following content:

subnet 192.168.0.0 netmask 255.255.255.0 {
 option routers                  192.168.0.254;
 option subnet-mask              255.255.255.0;
 option domain-name              "bytefreaks.net";
 option domain-name-servers       192.168.0.1;
 option time-offset              -18000;     # Eastern Standard Time
 range 192.168.0.90 192.168.0.99;
}

host coolServer {
 hardware ethernet 0e:e0:4b:b4:28:82;
 fixed-address 192.168.0.80;
}

This configuration allowed us to provide a DHCP service to the network for the subdomain 192.168.0.x with the range [90,99].
Also, we statically defined the IP for our coolServer using a filter based on the MAC address of the machine.
If you do not want to provide any range, only static IPs, then comment out (#) the line that starts with the word range .

Step 3: Start DHCP service

systemctl start dhcpd.service;

Step 4: Check the status of DHCP service

systemctl status dhcpd.service;

It is a good idea to verify that there are no errors, so be sure to check the status of the service.
You can ignore the error that says “you did not define a subnet declaration for all devices” if you do not really need to do it.

Step 5: Permanently enable the DHCP service

systemctl enable dhcpd.service;

Additional:

Disable the DHCP service

systemctl disable dhcpd.service;

Stop the DHCP service

systemctl stop dhcpd.service;


NTFS Support on CentOS 7 1

Solution

sudo yum --enablerepo=extras install epel-release;
sudo yum install ntfs-3g -y;

Background – Explanation of commands

By default, CentOS does not have installed the necessary drivers to mount ntfs drives.

sudo yum --enablerepo=extras install epel-release;

To install them, you need to enable the Extra Packages for Enterprise Linux (EPEL).

Extra Packages for Enterprise Linux (or EPEL) is a Fedora Special Interest Group that creates, maintains, and manages a high quality set of additional packages for Enterprise Linux, including, but not limited to, Red Hat Enterprise Linux (RHEL), CentOS and Scientific Linux (SL), Oracle Linux (OL).

EPEL packages are usually based on their Fedora counterparts and will never conflict with or replace packages in the base Enterprise Linux distributions. EPEL uses much of the same infrastructure as Fedora, including buildsystem, bugzilla instance, updates manager, mirror manager and more.

From: https://fedoraproject.org/wiki/EPEL

You can install EPEL by running yum --enablerepo=extras install epel-release. The epel-release package is included in the CentOS Extras repository that is enabled by default. The package includes gpg keys for package signing and repository information. Installing this package for your Enterprise Linux version should allow you to use normal tools such as yum to install packages and their dependencies.

sudo yum install ntfs-3g -y;

After you’ve enabled the repository, you should be able to install the Linux NTFS userspace driver packaged in ntfs-3g. ntfs-3g is a stable, open source, GPL licensed, POSIX, read/write NTFS driver for Linux and many other operating systems. It provides safe handling of the Windows XP, Windows Server 2003, Windows 2000, Windows Vista, Windows Server 2008 and Windows 7 NTFS file systems. NTFS-3G can create, remove, rename, move files, directories, hard links, and streams; it can read and write normal and transparently compressed files, including streams and sparse files; it can handle special files like symbolic links, devices, and FIFOs, ACL, extended attributes; moreover it provides full file access right and ownership support.

To install it, we used the following command: yum install ntfs-3g -y.