CentOS


CentOS: prevent eth0 from starting at boot time

On a CentOS server we own, we had to disable eth0 from starting at boot time
To do so we needed to modify the file /etc/sysconfig/network-scripts/ifcfg-eth0 and set the value ONBOOT="yes" to ONBOOT="no".

Using you favorite text editor, make this change and restart your machine to verify that the change was successful.

Below is the sample content of /etc/sysconfig/network-scripts/ifcfg-eth0 after the change was applied to prevent eth0 from starting at boot time.

  GNU nano 2.3.1                File: /etc/sysconfig/network-scripts/ifcfg-eth0                             Modified

TYPE="Ethernet"
 BOOTPROTO=dhcp
 DEFROUTE="yes"
 IPV4_FAILURE_FATAL="no"
 IPV6INIT="yes"
 IPV6_AUTOCONF="yes"
 IPV6_DEFROUTE="yes"
 IPV6_FAILURE_FATAL="no"
 NAME="eth0"
 UUID="792d6842-221d-5c99-ba98-cddbba4ff263"
 ONBOOT="no"
 HWADDR="00:AA:5D:01:22:2B"
 DNS1="10.15.10.5"
 DOMAIN="bytefreaks.local"
 IPADDR=10.15.10.249
 PREFIX=24
 GATEWAY=10.15.10.1
 PEERDNS=yes
 PEERROUTES=yes
 IPV6_PEERDNS=yes
 IPV6_PEERROUTES=yes

How to Start/Stop or Enable/Disable firewalld on CentOS 7 2

firewalld (Dynamic Firewall Manager) tool provides a dynamically managed firewall. The tool enables network/firewall zones to define the trust level of network connections and/or interfaces. It has support both for IPv4 and IPv6 firewall settings. Also, it supports Ethernet bridges and allow you to separate between runtime and permanent configuration options. Finally, it supports an interface for services or applications to add firewall rules directly.

Disable firewalld

To disable firewalld, execute the following command as root or using sudo:

systemctl disable firewalld

Enable firewalld

To enable firewalld, execute the following command as root or using sudo:

systemctl enable firewalld

Stop firewalld

To stop (or deactivate) firewalld,execute the following command as root or using sudo:

systemctl stop firewalld

Start firewalld

To start (or activate) firewalld, execute the following command as root or using sudo:

systemctl start firewalld

Status of firewalld

To check the status of firewalld, execute the following command as root or using sudo:

systemctl status firewalld

CONCEPTS

systemd provides a dependency system between various entities called “units” of 12 different types. Units encapsulate various objects that are relevant for system boot-up and maintenance. The majority of units are configured in unit configuration files, whose syntax and basic set of options is described in systemd.unit(5), however some are created automatically from other configuration, dynamically from system state or programmatically at runtime. Units may be “active” (meaning started, bound, plugged in, …, depending on the unit type, see below), or “inactive” (meaning stopped, unbound, unplugged, …), as well as in the process of being activated or deactivated, i.e. between the two states (these states are called “activating”, “deactivating”). A special “failed” state is available as well, which is very similar to “inactive” and is entered when the service failed in some way (process returned error code on exit, or crashed, or an operation timed out). If this state is entered, the cause will be logged, for later reference. Note that the various unit types may have a number of additional substates, which are mapped to the five generalized unit states described here.
— From man systemd

The above, in a nutshell:

  • enabled is a service that is configured to start when the system boots
  • disabled is a service that is configured to not start when the system boots
  • active is a service that is currently running
  • inactive is a service that is currently stopped and may be disabled, but it can be started and become active

Downgrade GNU patch on CentOS 7.0 (64bit) to version 2.6.1

Recently we had to download GNU patch from version 2.7.1 to any version less than version 2.7 series.
We used patch version 2.6.1 which is the latest in the version 2.6 series.

We were trying to compile Linux Kernel 3.0.35 source code with some custom patches.
While applying the patches we got the following errors:

File firmware/imx/sdma/sdma-imx25-to1.bin: git binary diffs are not supported.
File firmware/imx/sdma/sdma-imx31-to1.bin: git binary diffs are not supported.
File firmware/imx/sdma/sdma-imx31-to2.bin: git binary diffs are not supported.
File firmware/imx/sdma/sdma-imx35-to1.bin: git binary diffs are not supported.
File firmware/imx/sdma/sdma-imx35-to2.bin: git binary diffs are not supported.
File firmware/imx/sdma/sdma-imx50-to1.bin: git binary diffs are not supported.
File firmware/imx/sdma/sdma-imx51-to3.bin: git binary diffs are not supported.
File firmware/imx/sdma/sdma-imx53-to1.bin: git binary diffs are not supported.

Apparently, version 2.7 does not support binary diffs.
We can verify this claim from the release announcement.

Support for most features of the “diff –git” format, including renames and copies, permission changes, and symlink diffs. Binary diffs are not supported yet; patch will complain and skip them.

Methodology


#Making sure we are not missing any 32bit libraries since we are on a 64bit machine
yum install glibc.i686 ncurses-libs.i686;
#Download the source code
wget ftp://ftp.gnu.org/gnu/patch/patch-2.6.1.tar.gz;
#Extract the files
tar -zxf patch-2.6.1.tar.gz;
#Navigate to the folder
cd patch-2.6.1;
#Configure the installation and make all necessary checks
./configure;
#Build
make;
#Remove existing version
sudo yum remove patch -y;
#Install
sudo make install;


Installing Jenkins on Red Hat (CentOS 7 64bit) distributions

Following the official guides:

We tried to install Jenkins using the RPM repositories.

sudo yum install java -y;
sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo;
sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key;
sudo yum install jenkins -y;

Unfortunately, that resulted in an error:

warning: /var/cache/yum/x86_64/7/jenkins/packages/jenkins-2.19.2-1.1.noarch.rpm: Header V4 DSA/SHA1 Signature, key ID d50582e6: NOKEY

Public key for jenkins-2.19.2-1.1.noarch.rpm is not installed

Apparently, sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key; failed silently and it did not import the key.

To verify, we executed rpm -qa gpg-pubkey* to display a list of all keys installed for RPM verification. From that list we wanted to see if any of the keys was the one needed by jenkins which should end with the value d50582e6. Since none of them matched, we tried to manually re-import it which failed again.

Our Solution

Our solution, although ugly, was to disable  PGP verification in the file /etc/yum.repos.d/jenkins.repo.

[jenkins]
name=Jenkins-stable
baseurl=http://pkg.jenkins.io/redhat-stable
gpgcheck=0

That was enough to allow us to install the package using:

sudo yum install jenkins -y;

Finally, we started jenkins using sudo service jenkins start;.

Logs from failed installation


[bytefreaks@localhost ~]$ sudo yum install jenkins -y
[sudo] password for bytefreaks:
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.coreix.net
* extras: mirrors.coreix.net
* updates: mirrors.coreix.net
Resolving Dependencies
--> Running transaction check
---> Package jenkins.noarch 0:2.19.2-1.1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=======================================================================================================================================================================================================================================
Package                                                Arch                                                  Version                                                     Repository                                              Size
=======================================================================================================================================================================================================================================
Installing:
jenkins                                                noarch                                                2.19.2-1.1                                                  jenkins                                                 66 M

Transaction Summary
=======================================================================================================================================================================================================================================
Install  1 Package

Total size: 66 M
Installed size: 67 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/jenkins/packages/jenkins-2.19.2-1.1.noarch.rpm: Header V4 DSA/SHA1 Signature, key ID d50582e6: NOKEY


Public key for jenkins-2.19.2-1.1.noarch.rpm is not installed