Wireshark on CentOS

The most obvious way to install Wireshark on CentOS is

yum install wireshark

But if you are in Gnome (I am not sure about KDE because I didn’t test on it), then you have to install this:

yum install wireshark-gnome

Hat tip: SOLVED – Re: [CentOS] wireshark install did not seem to work

CentOS Network Install

In CentOS 5.2, one can use the Debian-like network install (net install) disk image to install it. When it asks what kind of media contains installation stuff, CD, FTP, NFS, HTTP, or something else, choose HTTP. Enter required information as follows and then follow instructions. Substitute website and directory information with whatever information you have.

Web site name: sunsite.utk.edu
CentOS directory: ftp/pub/linux/CentOS/5.2/os/i386

Another good location may be

Web site name: mirror.stanford.edu
CentOS directory: yum/pub/centos/5.2/os/i386

Yet another good site may be

Web site name: mirror.linux.duke.edu
CentOS directory: pub/centos/5.2/os/i386

Why Use Net Install?

You basically have two options when installing CentOS: CD/DVD, or net install. You may wish to use net install when you do not want to waste unnecessary bandwidth by downloading all six CDs or one DVD. You download and install exactly what you require. Multiply this with as many servers as you are installing on and you can save considerable bandwidth on the mirror you are using.

The flip side is that you are using HTTP (if you are, that is) and it costs the mirror money. If you use a peer to peer system, like BitTorrent, then you are spreading that bandwidth usage to more than one party. Also, with torrents, you can download a release once and then burn as many copies as you need. This way you consume bandwidth once and then no need to do it any more.

You can also create a mirror of your own or just use NFS for your local net install-based installations. Again, you just download what you require (or everything just once, at least) and then all other computers can download over local network.

I would say if you are installing just a handful of servers, use net install. If it’s more than a handful of servers and you can afford to burn CDs or DVDs (lots of them if installing in parallel on more than one machine), then use a torrent to download all CD/DVDs. If you have a whole lot of machines, then create your local repository, mirror, NFS server, or whatever, and then use net install over local network. How do you install?

Hat Tips: Performing a Network Install; CentOS Netinstall settings;

Why I am Leaning Toward CentOS

I am looking at various options for a Linux distribution these days. Some of them I discussed in my previous post on how to choose a Linux distribution. Here I would like to point out some factors why I am leaning toward CentOS.

Repackaged Red Hat Enterprise Linux

The biggest benefit of CentOS is that it has all the benefits of Red Hat Enterprise Linux (RHEL). You get support from many independent and third-party entities, such as hardware and software vendors. If it says it support RHEL, you can be pretty sure it supports CentOS. This is a big deal in the business world. If you need to have a certain application and it only officially supports RHEL, CentOS gives you the option to use it without too much trouble. Of course, the reason you would use CentOS instead of RHEL is to save on support subscription offered by Red Hat.

We all can see how much good work Red Hat is doing. I would like to support it with my (or my company’s) money. On the other hand, CentOS is doing some good work of making Red Hat’s work available to the masses. They also deserve our support. My compromise, to keep me and the bigwigs happy would be to use CentOS on development and testing servers. Then move to RHEL for production. The boss is happy to pay someone (Red Hat) for production support and you can maybe provide some of that support money to CentOS. Such workflow could keep most people happy.

SELinux

I am interested in learning more about SELinux and how to best use it to secure computers. CentOS comes with it and gives everyone a chance to utilize its benefits. But why choose SELinux? Well, if it helps me learn more about security while also keeping my computers secure, I am all for it. I am not such a philosophical freak to take sides. Best tool for the job, is what I believe in.

EPEL

Extra Packages for Enterprise Linux (EPEL) is a repository of software for RHEL which is not “officially” included in RHEL. It gives CentOS the best of both worlds: officially supported packages along with some other packages you may need to get your job done.

RPM Repositories

You can combine CentOS with repositories other than EPEL and get even more packages. These include, but are not limited to, rpmforge and atrpms.

Fedora

If you are running CentOS, then Fedora compliments your choice on the desktop. So if in my ideal compromise you have CentOS running on development and testing servers, then maybe your desktops could be running Fedora. According to Fedora website, “Fedora now forms the basis for derivative distributions such as Red Hat Enterprise Linux”. In effect, you are trying out a possibly future version of CentOS before it even comes out.

Fedora on its own is a very good distribution. It has quick releases and the newest technology around. What more could you want from a Linux distribution?

Conclusion

If you are in a business environment where you need RHEL, CentOS can be a great resource. If you are not, then CentOS gives you all the benefit of RHEL without the cost. It is a great distribution for different purposes. Combine it with the RHEL-environment, such as Fedora, and you may not need another Linux distribution. Of course, if CentOS is your choice, maybe Scientific Linux deserves some love as well.

Choosing a Linux Distribution

Recently I have had more time to work with Linux. I had been using Ubuntu in some way for two years when I needed to set up Linux on a few years old server. Since I was comfortable with Ubuntu, I thought I might as well go ahead and use it. But then I found out that there were other alternatives as well. This caused a headache which still isn’t resolved to this day. Which distribution is the best to get hands-on, real world experience with?

Comfort

You have to look at your comfort level when choosing a distribution. If you are familiar with something, even in passing, it would be an easier path to go with what you know. On the other hand, all distributions may be different but they have more in common than there are differences. So learning another distribution style is not as difficult as one might expect.

Hardware Support

If the distribution you choose is not able to function on the hardware you have available, you should not choose it. If you can get it to work, with or without a lot of effort, all the power to you. If, however, you can’t get it to work, you might as well look for another option. I went ahead with Ubuntu on the server because it supported all its hardware out of the box. I did not have to tweak anything or waste a lot of time. On the same server I was unable to install CentOS because Red Hat had dropped support for server’s RAID card in its current distribution.

Purpose

For what purpose are you using a distribution? Is it going to be for starting out, testing, development, or deployment? For all these scenarios, there are many distributions fitting them just fine. For starting out, a friendly distribution like Ubuntu could work. If you are testing Linux for its feasibility in your environment, just about any distribution would work. A distribution for doing development work should be fast moving with new technology so that you can use it to its fullest extent. If it’s for production deployment, being conservative in your selection is recommended.

Cutting Edge Technology

Some distributions strive to be on the cutting-edge. I count Fedora, openSUSE, and Ubuntu in this category. They release new stuff every few months. So you get to work with what’s new. For example, on Ubuntu, I found Django packages ready to install and work. Since I wanted a package and I found it, I was able to start working. I did not have to jump through hoops just to get to the point where I would be able to work.

Enterprise

Yes, an enterprise version would be more stable and maybe more secure. But it is also less likely to include new technology in an easily accessible format. Taking the example of Django, I have not found any tutorial on the web to install it on CentOS using an RPM package. All tutorials I have read ask you to download and install from source. Yes, it’s the traditional way to do things but if package management is the future, we should look for packages first and source code later. Now if I am developing and deploying an application developed with Django, I want to have the peace of mind that I installed a package that had been tested to work well with the whole operating system, and not something I installed without knowing how it would turn out.

To me this is the most important point after hardware support. I am willing to learn a whole another distribution if it is enterprise level with great hardware support but also keeps up with new technology. Since not one distribution will always fill these requirements, we have to look at the best tool for the job at hand.

Security

I was shocked to learn a few days ago that Ubuntu server’s default firewall policy was to accept all traffic. CentOS, on the other hand, has a pretty aggressive firewall policy. Combined with recent scandal of Debian and OpenSSL, it has dented my confidence in Ubuntu. It’s not that Ubuntu is insecure, it’s just the appearance of security in the ecosystem is absent (to me, at least). It’s also not that these things cannot be rectified by me, it’s that why would I need to take an extra step when a prudent decision could do it for me in the first place.

Another aspect I look to is being root. Does one have to actually be root or would sudo do? I like the sudo model better since it forces you to actually type your permission when doing critical work. Yes, if you are careful su and su - would work as well as sudo. But I like the added carefulness of sudo. So the first thing I do after installing a distribution is to see if it has sudo and then enable it for at least one user.

Support

Support is a very important part of decision-making process. Support may be of three kinds: distribution creator, third-party professional, and community and friends. Support includes help as well as software updates. One can get help from many sources, and community is an essential part of this support ecosystem. It can get you started and get you out of trouble. Almost all (ok, maybe all) distributions provide software updates. Then there is an extra level of support which we know as enterprise or corporate support (think Red Hat). It is provided by either the creators and maintainer of the distribution or from third-party entities.

For a home user, software updates and community support should be sufficient. For a business, however, ‘corporate’ support is essential on production systems. Businesses like to pay someone to get extra insurance in case it is needed. If a server is essential to business operations, it is very important that the team running the server knows what it is doing, has community support for minor issues, and corporate support when things go really bad.

Red Hat, Novell, and Canonical provide this kind of support as they create their distributions. Of course, if you have a good team running your servers, you may not need to get corporate support. But if your manager is a non-technical person, she will most probably require it. And if it’s not your money being spent, why argue?

Conclusion

This was meant to be a discussion of factors I would look into when choosing a distribution. Nothing more, nothing less.

Disclaimer: I have edited, and will edit, this post as new arguments come up.

Set MAC Address

Ubuntu

In Ubuntu, you can explicitly set a MAC address for your network card. You can either do it manually (Working with MAC Addresses) or use a package called macchanger (GNU MAC Changer).

To manually change your MAC address, for example, for eth0, you do the following:

sudo vim /etc/network/interfaces

And then you add following line to end of interface being configured (eth0 in this example):

hwaddress xx:xx:xx:xx:xx:xx

where xx:xx:xx:xx:xx:xx is the MAC address.

So now your interfaces file may look like this:

auto eth0 static
iface eth0 inet static
address 10.10.1.5
netmask 255.255.255.0
gateway 10.10.1.1
broadcast 10.10.1.255
hwaddress ether 02:01:02:03:04:08

Do the following to make sure all changes are applied:
sudo ifdown eth0 (warning: you will lose connectivity on this interface when you run this command, so make sure you are able to access your computer either via console or through another interface to run the rest of the commands)
sudo ifup eth0
sudo /etc/init.d/network restart

CentOS

Open the file of the network interface you want to modify and add the following:

HWADDR=xx:xx:xx:xx:xx:xx
MACADDR=xx:xx:xx:xx:xx:xx

For example, if you want to explicitly specify a MAC address for eth0, you do the following:

vim /etc/sysconfig/network-scripts/ifcfg-eth0

And then you add following line to end of file:
HWADDR=xx:xx:xx:xx:xx:xx
MACADDR=xx:xx:xx:xx:xx:xx
where xx:xx:xx:xx:xx:xx is the MAC address.

So now your ifcfg-eth0 file may look like:

DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
DHCP_HOSTNAME=localhost.localdomain
IPADDR=10.10.1.5
NETMASK=255.255.255.0
GATEWAY=10.10.1.1
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
HWADDR=02:01:02:03:04:08
MACADDR=02:01:02:03:04:08

Do the following to make sure all changes are applied:
sudo ifdown eth0 (warning: you will lose connectivity on this interface when you run this command, so make sure you are able to access your computer either via console or through another interface to run the rest of the commands)
sudo ifup eth0
sudo service network restart

Little Linux Commands

In this post I shall add little commands that one may forget but could be very useful. My goal is to collect commands for as many distributions are possible. Following distributions are very closely related to each other and, unless otherwise noted, commands specified for one may be run on all of them without modification.

Red Hat: CentOS, Fedora
Ubuntu: Debian

So, for example, if a command is given for Red Hat, it may be run on CentOS and Fedora. If, however, a command is given explicitly for CentOS, it may or may not run on Red Hat and Fedora. If no distribution is given, it is very likely that the command runs on all distributions.

Find Distribution Release Version

If you want to know the release version of a distribution, you may use following commands.

Red Hat, Ubuntu: tail /etc/issue
Red Hat: tail /etc/redhat-release
SUSE: tail /etc/SuSE-release
Ubuntu (gives more detail): tail /etc/lsb-release

Find Gateway of Network Interface

All:netstat -rn

Runlevel

A runlevel determines what services are started when computer boots up. To find at what runlevel your computer is running at this moment, type the following.

All: runlevel

Output should look something like

N 5

Where N is the previous runlevel and 5 is current runlevel.

Packages Installed

Red Hat: yum list installed
Ubuntu: dpkg -l

Split Files

If you want to split a file into many smaller parts, use this (hat tip: How do I open a 2.5 gig .xml file?):

split -l 50 myfile.txt mynewfile

Show All Users

If you want to list all users of the system, whether they are logged in or not, run the following command. It uses the cut command on the /etc/passwd file.

All: cut -d: -f 1 /etc/passwd

Hat tip for this trick: How to list all your users; man cut.

Lock root

If you want to lock or disable root user, or any other user for that matter, do the following (replace root with the user you want to lock):

All: sudo passwd -l root

Another way to lock a user is to do the following:

All: sudo usermod -L root

Similarly, to unlock a user:

All: sudo usermod -U root

Securely Copy Directory from Remote Server

If you want to use SCP to copy a whole directory from a remote server to your current directory on local machine, do the following:

All: scp -r user@host:/home/me/mydir/. .

The first dot in the path of the remote server tells it to copy all files and folders in the /home/me/ directory, even hidden files and directories. If you use asterisk instead of dot, it will not copy hidden stuff. The second dot means copy everything to the current directory on local machine.

Hat tip for this trick: Moving /home data from old system to new Linux system.

Support for Virtualization in Processor

To see whether your current processor supports Intel-VT (vmx) or AMD-V (svm) virtualization, run the following:

All: egrep -e 'vmx|svm' /proc/cpuinfo

Thanks to CentOS 5 Xen Virtualization.

What packages are in package group

In Debian, tasksel has various groups of packages, such as Standard, Laptop, etc. But what do these groups contain? Thanks to a post by yankovic_yeah, we know.

Ubuntu: aptitude search $(tasksel --task-packages standard)

Follow

Get every new post delivered to your Inbox.

Join 31 other followers