RHEL6 virsh console domain

To use the #virsh console command on a RHEL6 Virtual Server you need to configure the guests. If you do not configure them, this Escape character is ^] Is all you get. For RHEL6  clients you have to configure 2 files: /boot/grub/menu.lst add the modification in bold: default=0 timeout=5 splashimage=(hd0,0)/grub/splash.xpm.gz serial –unit=0 –speed=115200 terminal –timeout=10… Read More »RHEL6 virsh console domain

RHEL6 vsftp anonymous access selinux

First install the vsftpd package #yum install vsftpd after that edit the /etc/vsftpd/vsftpd.conf anonymous_enable=YES write_enable=YES local_umask=022 anon_upload_enable=YES anon_mkdir_write_enable=YES anon_other_write_enable=YES dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES ftpd_banner=Welcome to blah FTP service. listen=YES local_root=/var/ftp/upload pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES then edit tcpwrappers /etc/hosts.allow vsftpd: ALL Lets set the iptables: #iptables -A INPUT -m state –state NEW -m tcp -p tcp… Read More »RHEL6 vsftp anonymous access selinux

RHEL6 and SElinux

One of the most important packages to run successfully RHEL6 and SElinux is the setroubleshoot package. It includes useful tools like the setroubleshoot daemon and utils like sealert, sestatus….. So lets see whats the sestatus of my system: [root@rhel1 ~]# sestatus SELinux status:                 enabled SELinuxfs mount:                /selinux Current mode:                   enforcing Mode from config file:          enforcing… Read More »RHEL6 and SElinux

RHEL secondary Name Server

Open /etc/named.conf // // named.conf for Red Hat caching-nameserver // options { directory “/var/named”; dump-file “/var/named/data/cache_dump.db”; statistics-file “/var/named/data/named_stats.txt”; // query-source address * port 53; (only needed when there is a FW between master an slave) allow-transfer {;}; (slaveip) }; // // a caching only nameserver config // controls { inet allow { localhost; }… Read More »RHEL secondary Name Server

RHEL6 as LDAP client with ldap authentication

Edit the file /etc/openldap/ldap.conf URI ldap://$FQDN_OF_SERVER/ (has to be the same fqdn as in the certificate) BASE dc=mydomain,dc=com TLS_CACERTDIR /etc/openldap/cacerts now edit the /etc/nsswitch.conf file to tell linux where to get the login information from: passwd:     files sss ldap shadow:     files sss ldap group:      files sss ldap After that run the command authconfig-gtk Select: User… Read More »RHEL6 as LDAP client with ldap authentication


So rhel6 dropped xen and uses KVM now. Setup is quite easy. Just install the @kvm in kickstart or the “Virtualization” group with yum. The only tricky thing is, if you want to use virt-manager after a fresh install you need to also to install the package xorg-x11-auth 🙂

RHEL6 Caching Name Server

The package caching-nameserver is integrated in the bind package! So these two packages have to be installed: # yum install bind bind-chroot Than set named_write_master_zones 1 # setsebool -P named_write_master_zones 1 Allow queries on port 53 for DNS requests # iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 53 -j ACCEPT… Read More »RHEL6 Caching Name Server

Install KVM on redhat

Installing KVM on RHEL6 is quite a simple process when having a yum repository. The main package is the kvm package (hypervisor). # yum install kvm To manage the vm’s you’ll need a tool called virt. # yum install  virt-manager libvirt libvirt-python python-virtinst libvirt-client xorg-x11-xauth  

RHEL6 Virtualization virsh commands

List all virtual systems: #virsh list Start/Stop virtual os: #virsh start virtosname #virsh shutdown virtosname #virsh destroy virtosname (like a power off) Access a virtual console: # virsh console virtosname Autostart virsh server: # virsh autostart virtosname

Expand luks encrypted filesystems

umount /crypto fsck.ext4 -C 0 -f /dev/mapper/crypto cryptsetup luksClose crypto lvextend -L +100M /dev/cryptovg/crypto cryptsetup luksOpen /dev/cryptovg/crypto crypto cryptsetup -v resize crypto fsck.ext4 -f /dev/mapper/crypto resize4fs /dev/mapper/crypto (you’ll need to install e4fsprogs to use resize4fs) fsck.ext4 -f /dev/mapper/crypto mount /dev/mapper/crypto /crypto