how-to-install-kvm-and-libvirt-on-centos-6.2-with-bridged-networking

Requirements

• Hardware:
  • Processor with support for Intel-VT or AMD-V technology
  • Plenty RAM memory depending on the number of guests
  • Network connectivity
• Software:
  • A previosly installed Linux CentOS 6.2 with a recent Linux kernel. On this how to:
    $ uname -r
    2.6.32-220.2.1.el6.x86_64
    $ lsb_release -a
    LSB Version: :core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
    Distributor ID: CentOS
    Description: CentOS release 6.2 (Final)
    Release: 6.2
    Codename: Final
  • A Linux client with a Desktop environment installed
  • An available CentOS mirror/repository

Installation Steps

1. Log into the CentOS as bozz user (a sudoer user) and check if your hardware support for  virtualization extensions, on my hardware it was:
$ egrep '^flags.*(vmx|svm)' /proc/cpuinfo
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
2. Install kvm and libvirt packages:
   $ sudo yum install kvm libvirt
3. Update both packages to the latest version available on repositories/mirrors:
   $ sudo yum update libvirt kvm
   $ yum info libvirt
   Installed Packages
   Name        : libvirt
   Arch        : x86_64
   Version     : 0.9.4
   Release     : 23.el6_2.4
   $ yum info qemu-kvm
   Installed Packages
   Name        : qemu-kvm
   Arch        : x86_64
   Epoch       : 2
   Version     : 0.12.1.2
   Release     : 2.209.el6_2.1
4. Restart the libvirtd daemon:
   $ sudo service libvirtd restart
5. Verify if the kvm module is loaded, you should see amd or intel depending on the hardware:
   $ lsmod | grep kvm
   kvm_intel              50380  0
   kvm                   305113  1 kvm_intel
6. Issue a virsh command to ensure local root connectivity first:
   $ sudo virsh sysinfo
   
   ...
7. [OPTIONAL] To use KVM by a non-root user verify if kvm group was created on installation:
   $ cat /etc/group | grep kvm
   kvm:x:36:qemu
   Then add the bozz user to kvm group, so it can gain access to hypervisor:
   
   $ sudo usermod -a -G kvm bozz
   $ logout
   Login again as the bozz user and verify kvm's membership:
   
   $ id
   uid=500(bozz) gid=500(bozz) groups=500(bozz),10(wheel),36(kvm) context=...
   and verify if /dev/kvm is owned by group kvm:
   
   $ ls -l /dev/kvm
   crw-rw-rw-. 1 root kvm 10, 232 Jan 17 14:50 /dev/kvm
   On a system that runs udev, you will probably need to add the following line in your udev configuration so it will automatically give the right group to the newly created device:
   
   $ cat /etc/udev/rules.d/80-kvm.rules
   KERNEL=="kvm", GROUP="kvm", MODE="0666"
8. To manage libvirt with a non-root account you should use PolicyKit. Define access control for a libvirt group:
   $ sudo groupadd libvirt
   $ sudo usermod -a -G libvirt bozz
   $ logout
   Login again as bozz user and edit a new archive:
   
   $ sudo nano /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
   with this content:
   

   [libvirt Management Access]
   # For allowing access to specific user only:
   #Identity=unix-user:bozz
   # For allowing access to a group (like this guide):
   Identity=unix-group:libvirt
   Action=org.libvirt.unix.manage
   ResultAny=yes
   ResultInactive=yes
   ResultActive=yes
   

   Restart libvirtd daemon:
   
   $ sudo service libvirtd restart
   Verify if bozz user can locally access to qemu:///system (NOTE: the use of qemu:///session is discouraged):
   
   $ virsh -c qemu:///system sysinfo
   
   ...
   Verify if bozz user can remotely access to qemu+ssh://bozz@SERVER/system too. So on the Linux client issue:
   For Ubuntu client (like in this guide):
   
   $ sudo apt-get install libvirt-bin
   For CentOS client:
   
   $ sudo yum install libvirt
   Then:
   
   $ virsh -c qemu+ssh://bozz@SERVER/system sysinfo
   
   ...
   Change group ownership and permissions on the default images directory:
   
   $ sudo chown root:libvirt /var/lib/libvirt/images
   $ sudo chmod g+rw /var/lib/libvirt/images
9. [OPTIONAL] When libvirtd (>= 0.9.3) is running as non-root it tries to read ~/.libvirt/libvirtd.conf (see here). A workaround is: 
   $ mkdir -p ~/.libvirt
   $ touch ~/.libvirt/libvirtd.conf
   Then issue a virsh command as bozz user:
   
   $ virsh list
    Id Name                 State
   ----------------------------------
10. Configure Bridged Network by creating a new network script at /etc/sysconfig/network-scripts/ifcfg-br0:
    $ sudo nano /etc/sysconfig/network-scripts/ifcfg-br0
    and configuring the parameters according to your LAN settings (NOTE: options are case sensitive i.e. Bridge and bridge are two different options):
    

    DEVICE="br0"
    TYPE=Bridge
    DELAY=0
    ONBOOT="yes"
    BOOTPROTO=static
    IPADDR=192.168.11.12
    NETMASK=255.255.255.0
    NETWORK=192.168.11.0
    GATEWAY=192.168.11.1
    DNS1=192.168.11.2
    PEERDNS="yes"
    NM_CONTROLLED=no
    

    Then edit the Ethernet network script /etc/sysconfig/network-scripts/ifcfg-eth0:
    
    $ sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0
    with the following content (NOTE: the hardware address depends on your NIC, an arbitrary MAC address is used here):
    

    DEVICE="eth0"
    HWADDR="00:2C:C2:85:29:A3"
    ONBOOT="yes"
    BRIDGE=br0
    NM_CONTROLLED=no
    

    Restart the networking service:
    
    $ sudo service network restart
    and verify the bridge config:
    
    $ brctl show
    bridge name bridge id STP enabled interfaces
    br0 8000.002cc28529a3 no eth0
    ...
    Configure iptables to allow all traffic to be forwarded across the bridge:
    
    $ sudo iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
    $ sudo service iptables save
    $ sudo service iptables restart
    Prevent bridged traffic from being processed by iptables rules, this improves the bridge’s performance. In /etc/sysctl.conf append the following lines:
    

    net.bridge.bridge-nf-call-ip6tables = 0
    net.bridge.bridge-nf-call-iptables = 0
    net.bridge.bridge-nf-call-arptables = 0

    Reload the kernel parameters configured with sysctl:
    
    $ sudo sysctl -p /etc/sysctl.conf
    Restart the libvirt daemon:
    
    $ sudo service libvirtd reload
    
    
    
    
    
    
    Source :  www.howtoforge.com

How to Create Virtual Machines in Linux Using KVM (Kernel-based Virtual Machine)

What is KVM?

KVM or (Kernel-based Virtual Machine) is a full virtualization solution for Linux on Intel 64 and AMD 64 hardware that is included in the mainline Linux kernel since 2.6.20 and is stable and fast for most workloads.

KVM Feautres

There are many useful features and advantages which you will gain when you use KVM to deploy your virtual platform. KVM hypervisor supports following features:

1. Over-committing : Which means allocating more virtualized CPUs or memory than the available resources on the system.
2. Thin provisioning : Which allows the allocation of flexible storage and optimizes the available space for every guest virtual machine.
3. Disk I/O throttling : Provides the ability to set a limit on disk I/O requests sent from virtual machines to the host machine.
4. Automatic NUMA balancing : Improves the performance of applications running on NUMA hardware systems.
5. Virtual CPU hot add capability : Provides the ability to increase processing power as needed on running virtual machines, without downtime.

This is our first on-going KVM (Kernel-based Virtual Machine) series, here we will going to cover following articles in part wise fashion.


Prerequisites Make sure that your system has the hardware virtualization extensions: For Intel-based hosts, verify the CPU virtualization extension [vmx] are available using following command.

[root@server ~]# grep -e 'vmx' /proc/cpuinfo

Check Virtualization Support

For AMD-based hosts, verify the CPU virtualization extension [svm] are available.

[root@server ~]# grep -e 'svm' /proc/cpuinfo

Check CPU Virtualization Support

If there is no output make sure that virtualization extensions is enabled in BIOS. Verify that KVM modules are loaded in the kernel “it should be loaded by default”.

[root@server ~]# lsmod | grep kvm

The output should contains kvm_intel for intel-based hosts or kvm_amd for amd-based hosts.

Check KVM Kernel Module

Before starting , you will need the root account or non-root user with sudo privileges configured on your system and also make sure that your system is up-to-date.

[root@server ~]# yum update

Make sure that Selinux be in Permissive mode.

[root@server ~]# setenforce 0

Step 1: KVM Installation and Deployment

1. We will install qemu-kvm and qemu-img packages at first. These packages provide the user-level KVM and disk image manager.

[root@server ~]# yum install qemu-kvm qemu-img

2. Now, you have the minimum requirement to deploy virtual platform on your host, but we also still have useful tools to administrate our platform such as:

1. virt-manager provides a GUI tool to administrate your virtual machines.
2. libvirt-client provides a CL tool to administrate your virtual environment this tool called virsh.
3. virt-install provides the command “virt-install” to create your virtual machines from CLI.
4. libvirt provides the server and host side libraries for interacting with hypervisors and host systems.

Let’s install these above tools using the following command.

[root@server ~]# yum install virt-manager libvirt libvirt-python libvirt-client 

3. For RHEL/CentOS7 users, also still having additional package groups such as: Virtualization Client, Virtualization Platform and Virtualization Tools to install.

[root@server ~]#yum groupinstall virtualization-client virtualization-platform virtualization-tools 

4. The virtualization daemon which manage all of the platform is “libvirtd”. lets restart it.

[root@server ~]#systemctl restart libvirtd

5. After restarting the daemon, then check its status by running following command.

[root@server ~]#systemctl status libvirtd  

Sample Output

libvirtd.service - Virtualization daemon 
   Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled) 
   Active: active (running) since Mon 2014-12-29 15:48:46 EET; 14s ago 
 Main PID: 25701 (libvirtd) 

Check Libvirtd Status

Now, lets switch to the next section to create our virtual machines.

Step 2: Create VMs using KVM

As we mentioned early, we have some useful tools to manage our virtual platform and creating virtual machines. One of this tools called [virt-manager] which we use in the next section.
6. Although virt-manager is a GUI based tool, we also could launch/start it from terminal as well as from GUI.

[root@server ~]#virt-manager

Using GNOME

Start Virtual Manager in GNOME

Using GNOME Classic

Start Virtual Manager in GNOME Classic

7. After starting the tool, this window will appear.

Start Virtual Manager Window

8. By default you will find manager is connected directly to localhost, fortunately you could use the same tool to mange another host remotely. From “File” tab, just select “Add Connection” and this window will appear.

Add Connection

Check “Connect to remote host” option then provide Hostname/IP of the remote server. If you need establishing connection to the remote host at every time the manager starting, just check “Auto Connect” option.
9. Let’s return to our localhost, before creating new virtual machine you should decide where will the files be stored?! in other words, you should create the Volume Disk (Virtual disk / Disk image ) for your virtual machine.
By Right clicking on localhost and selecting “Details” and then select “Storage” tab.

VM Storage Details

VM Storage Volume

10. Next, press “New Volume” button, then enter the name of your new virtual disk (Volume Disk) and enter the size which you want/need in the “Max Capacity” section.

Create VM Storage Disk

The allocation size is the actual size for your disk which will be allocated immediately from your physical disk after finishing the steps.
Note: This is an important technology in storage administration field which called “thin provision”. It used to allocate the used storage size only, NOT all of available size.
For example, you created virtual disk with size 60G, but you have used actually only 20G, using this technology the allocated size from your physical hard disk will be 20G not 60G.
In another words the allocated physical size will by dynamically allocated depending on the actual used size. You could find more information in details at VMWare vStorage Thin Provisioning.
11. You will note that a label of the new Volume Disk has been appeared in the list.

VM Storage Label

You should also notice the path of the new disk image (Volume Disk), by default it will be under /var/lib/libvirt/images, you can verify it using the following command.

[root@server Downloads]# ls -l /var/lib/libvirt/images
-rw-------. 1 root root 10737418240 Jan  3 16:47 vm1Storage.img

12. Now, we’re ready to create our virtual machine. Let’s hit the button “VM” in the main window, this wizard window will be appear.

Create New Virtual Machine

Select the installation method which you will use to create the virtual machine. For now we will use Local install media, later we will discuss the remaining methods.
13. Now its time to specify which Local install media to be used, we have two options:

1. From physical [CDROM/DVD].
2. From ISO image.

For our tutorial, lets use ISO image method, so you should provide the path of your ISO image.

Select Installation Media

Important: Unfortunately there’s a really silly bug for whom use RHEL/CentOS7. This bug prevents you from installation using physical [CDROM/DVD], you will find the option is grayed like this.

Disabled CD DVD Rom in KVM

And if you hold your cursor on it, this error message will appear.

CD DVD Not Supported in KVM

Until now there is no official/direct solution for this bug, you could find more information about this but here.
14. The storage has return back, we will use the virtual disk which we have created early to install virtual machine on it. It will be as shown.

Enable Storage for Virtual Machine

15. The final step which ask you about the name of your virtual machine and another advanced options lets talk about it later.

Enter Name of Virtual Machine

If you like to change some configuration or doing some customization just check “Customize configuration before install” option. Then click finish and wait seconds, control console will appear for your Guest OS to manage it

Virtual Machine Installation

Copy from : tecmint.com

CentOS / RHEL: Install nmap Network Security Scanner

nstallation

To install nmap on RHEL based Linux distributions, type the following yum command:
# yum install nmap
Sample outputs:

Loaded plugins: protectbase, rhnplugin, security 0 packages excluded due to repository protections Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package nmap.x86_64 2:5.51-2.el6 will be installed --> Finished Dependency Resolution   Dependencies Resolved   ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: nmap x86_64 2:5.51-2.el6 rhel-x86_64-server-6 2.8 M   Transaction Summary ================================================================================ Install 1 Package(s)   Total download size: 2.8 M Installed size: 0 Is this ok [y/N]: y Downloading Packages: nmap-5.51-2.el6.x86_64.rpm | 2.8 MB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : 2:nmap-5.51-2.el6.x86_64 1/1 Verifying : 2:nmap-5.51-2.el6.x86_64 1/1   Installed: nmap.x86_64 2:5.51-2.el6   Complete!

How do I use nmap command?

To find out nmap version, run:
# nmap --version
Sample outputs:

Nmap version 5.51 ( http://nmap.org )

To scan an IP address or a host name (FQDN), run:
# nmap 1.2.3.4
# nmap localhost
# nmap 192.168.1.1
Sample outputs:

Fig.01: nmap in action

Getting more information out of the remote system

The -v option forces verbose output and the -A optipn enables OS detection and Version detection, Script scanning and traceroute in a single command:
# nmap -v -A scanme.nmap.org
# nmap -v -A 192.168.1.1
Sample outputs:

Starting Nmap 5.00 ( http://nmap.org ) at 2012-11-19 16:38 IST NSE: Loaded 30 scripts for scanning. Initiating ARP Ping Scan at 16:38 Scanning 192.168.1.1 [1 port] Completed ARP Ping Scan at 16:38, 0.04s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 16:38 Completed Parallel DNS resolution of 1 host. at 16:38, 0.00s elapsed Initiating SYN Stealth Scan at 16:38 Scanning 192.168.1.1 [1000 ports] Discovered open port 80/tcp on 192.168.1.1 Discovered open port 22/tcp on 192.168.1.1 Completed SYN Stealth Scan at 16:38, 0.27s elapsed (1000 total ports) Initiating Service scan at 16:38 Scanning 2 services on 192.168.1.1 Completed Service scan at 16:39, 66.11s elapsed (2 services on 1 host) Initiating OS detection (try #1) against 192.168.1.1 Retrying OS detection (try #2) against 192.168.1.1 Retrying OS detection (try #3) against 192.168.1.1 Retrying OS detection (try #4) against 192.168.1.1 Retrying OS detection (try #5) against 192.168.1.1 NSE: Script scanning 192.168.1.1. NSE: Starting runlevel 1 scan Initiating NSE at 16:40 Completed NSE at 16:40, 0.88s elapsed NSE: Script Scanning completed. Host 192.168.1.1 is up (0.00050s latency). Interesting ports on 192.168.1.1: Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh Dropbear sshd 0.52 (protocol 2.0) | ssh-hostkey: 1024 15:b6:b5:68:dc:36:97:76:19:72:4d:74:63:d6:18:35 (DSA) |_ 1040 d2:75:67:8e:51:4d:4b:f6:25:f0:46:e3:a8:9e:8f:42 (RSA) 80/tcp open http? |_ html-title: Error | http-auth: HTTP Service requires authentication |_ Auth type: Basic, realm = tswitch 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi : SF-Port80-TCP:V=5.00%I=7%D=11/19%Time=50AA133E%P=x86_64-unknown-linux-gnu% SF:r(GetRequest,17E,"HTTP/1\.0\x20401\x20Unauthorized\r\nDate:\x20Mon,\x20 SF:19\x20Nov\x202012\x2011:08:46\x20GMT\r\nContent-Type:\x20text/html;\x20 SF:charset=utf-8\r\nCache-Control:\x20no-cache,\x20no-store,\x20must-reval SF:idate,\x20private\r\nExpires:\x20Thu,\x2031\x20Dec\x201970\x2000:00:00\ SF:x20GMT\r\nPragma:\x20no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\" SF:tswitch\"\r\nConnection:\x20close\r\n\r\n 401\x20Unauthorized \x20Unauthorized SF:")%r(Help,15E,"HTTP/1\.0\x20400\x20Invalid\x20Request\r\n SF:Date:\x20Mon,\x2019\x20Nov\x202012\x2011:09:06\x20GMT\r\nContent-Type:\ SF:x20text/html;\x20charset=utf-8\r\nCache-Control:\x20no-cache,\x20no-sto SF:re,\x20must-revalidate,\x20private\r\nExpires:\x20Thu,\x2031\x20Dec\x20 SF:1970\x2000:00:00\x20GMT\r\nPragma:\x20no-cache\r\nConnection:\x20close\ SF:r\n\r\n 400\x20Invalid\ SF:x20Request \x20Invalid\x20Request")%r(LPDString,15E," SF:HTTP/1\.0\x20400\x20Invalid\x20Request\r\nDate:\x20Mon,\x2019\x20Nov\x2 SF:02012\x2011:09:11\x20GMT\r\nContent-Type:\x20text/html;\x20charset=utf- SF:8\r\nCache-Control:\x20no-cache,\x20no-store,\x20must-revalidate,\x20pr SF:ivate\r\nExpires:\x20Thu,\x2031\x20Dec\x201970\x2000:00:00\x20GMT\r\nPr SF:agma:\x20no-cache\r\nConnection:\x20close\r\n\r\n 400\x20Invalid\x20Request \x20Invalid\x2 SF:0Request"); MAC Address: BC:AE:C5:C3:16:93 (Unknown) No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ). TCP/IP fingerprint: OS:SCAN(V=5.00%D=11/19%OT=22%CT=1%CU=35558%PV=Y%DS=1%G=Y%M=BCAEC5%TM=50AA13 OS:8B%P=x86_64-unknown-linux-gnu)SEQ(CI=Z%II=I)ECN(R=Y%DF=Y%T=40%W=4600%O=M OS:2300NNSNW2%CC=N%Q=)T1(R=N)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R OS:%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T= OS:40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=N)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL= OS:G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S)   Network Distance: 1 hop   Read data files from: /usr/share/nmap OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 83.27 seconds Raw packets sent: 1266 (62.072KB) | Rcvd: 1036 (44.320KB)

To scan a range of IP addresses

# nmap 192.168.1.1-50

To scan an entire subnet

# nmap 192.168.1.0/24

Ping only scan

# nmap -sP 192.168.1.1

TCP SYN scan

# nmap -sS 192.168.1.1

UDP scan

# nmap -sU 192.168.1.1

IP protocol scan

# nmap -sO 192.168.1.1

Scan port 80, 25, 443, and 110

# nmap -p 80,25,443,110 192.168.1.1

Scan port ranges 1024-2048

# nmap -p 1024-2048 192.168.1.1

Operating system detection

# nmap -O --osscan-guess 192.168.1.1


Source : Cyberciti.biz

LibreOffice 5.1.3 Released – Install on RHEL/CentOS/Fedora and Debian/Ubuntu/Linux Mint

Step 1: Downloading LibreOffice 5.1.3

 For RHEL/CentOS/Fedora

 

# cd /tmp

---------------------------- On 32-bit Systems ---------------------------- 
# wget http://download.documentfoundation.org/libreoffice/stable/5.1.3/rpm/x86/LibreOffice_5.1.3_Linux_x86_rpm.tar.gz


---------------------------- On 64-bit Systems ---------------------------- 
# wget http://download.documentfoundation.org/libreoffice/stable/5.1.3/rpm/x86_64/LibreOffice_5.1.3_Linux_x86-64_rpm.tar.gz

For Debian/Ubuntu/LinuxMint

 

---------------------------- On 32-bit Systems ---------------------------- 
$ wget http://download.documentfoundation.org/libreoffice/stable/5.1.3/deb/x86/LibreOffice_5.1.3_Linux_x86_deb.tar.gz


---------------------------- On 64-bit Systems ---------------------------- 
$ wget http://download.documentfoundation.org/libreoffice/stable/5.1.3/deb/x86_64/LibreOffice_5.1.3_Linux_x86-64_deb.tar.gz

Step 2: Removing Old OpenOffice Version

If any previously installed LibreOffice or OpenOffice versions you have, remove it using following command.

# yum remove openoffice* libreoffice*   [on RedHat based Systems]

$ sudo apt-get remove openoffice* libreoffice*  [On Debian based Systems] 

 Step 3: Extracting LibreOffice 5.1.3 Package

 

On RHEL/CentOS/Fedora

 

# tar -xvf LibreOffice_5.1.3_Linux_x86_rpm.tar.gz   [On 32-Bit Systems] 
# tar -xvf LibreOffice_5.1.3_Linux_x86-64_rpm.tar.gz  [On 64-Bit Systems] 

On Debian/Ubuntu/Linux Mint

$ tar -xvf LibreOffice_5.1.3_Linux_x86_deb.tar.gz   [On 32-Bit Systems] 
$ tar -xvf LibreOffice_5.1.3_Linux_x86-64_deb.tar.gz  [On 64-Bit Systems] 

Step 4: Installing LibreOffice 5.1.3 Package

On RHEL/CentOS/Fedora

## For 32 Bit OS ##
# cd /tmp/LibreOffice_5.1.3.3_Linux_x86_rpm/RPMS/
# yum localinstall *.rpm
OR
# dnf install *.rpm    [On Fedora 23+ versions]

## For 64 Bit OS ##
# cd /tmp/LibreOffice_5.1.3.3_Linux_x86-64_rpm/RPMS/
# yum localinstall *.rpm
OR
# dnf install *.rpm    [On Fedora 23+ versions]

Installing LibreOffice 5.0.2 on CentOS

[root@localhost RPMS]# yum localinstall *.rpm

On Debian/Ubuntu/Linux Mint

## For 32 Bit OS ##
$ cd /tmp/LibreOffice_5.1.3.3_Linux_x86_deb/DEBS/
$ sudo dpkg -i *.deb

## For 64 Bit OS ##
$ cd /tmp/LibreOffice_5.1.3.3_Linux_x86-64_deb/DEBS/
$ sudo dpkg -i *.deb

Installing LibreOffice 5.1.3 on Ubuntu

tecmint@tecmint ~/LibreOffice_5.1.3.3_Linux_x86_deb/DEBS $ sudo dpkg -i *.deb

Step 5: Starting LibreOffice 5.1.3

 

 

 

Source : http://www.tecmint.com/

 

 

 

 

Setup FTP Server On CentOS, RHEL, Scientific Linux 6.5/6.4/6.3

vsftpd (Very Secure File Transport Protocol Daemon) is a secure, fast FTP server for Unix/Linux systems. In this how-to article, let us see how to setup a basic FTP server using vsftpd on CentOS 6.5. This procedure will also work on all RHEL CentOS, Scientific Linux 6.x versions.

 My testbox server hostname and IP Address are server.unixmen.local and 192.168.1.101/24 respectively. Change the values as per your scenario.

Install vsftpd

All commands should be run with ‘root’ user. Run the following command in terminal to install vsftpd package:

# yum install vsftpd ftp -y

Configure vsftpd

Edit vsftpd configuration file /etc/vsftpd/vsftpd.conf,

# vi /etc/vsftpd/vsftpd.conf

Find the following lines and make the changes as shown below:

 [...]
## Set to "NO" ##
anonymous_enable=NO
## Uncomment ##
ascii_upload_enable=YES
ascii_download_enable=YES
## Uncomment - Enter your Welcome message - This is optional ##
ftpd_banner=Welcome to UNIXMEN FTP service.
## Add at the end of this  file ##
use_localtime=YES

Start the vsftpd service and make it to start automatically on every reboot:

# service vsftpd start
# chkconfig vsftpd on

Create FTP users

By default, root user is not allowed to login to ftp server for security purpose. So let us create a testing user called “sk” with password “centos”:

# useradd sk
# passwd sk

Connecting to FTP server

Now let us try to connect to FTP server itself with user “sk”:

# ftp 192.168.1.101
Connected to 192.168.1.101 (192.168.1.101).
220 Welcome to UNIXMEN FTP service.
Name (192.168.1.101:root): sk
331 Please specify the password.
Password:
500 OOPS: cannot change directory:/home/sk
Login failed.
ftp> 

Probably you will get an error like “500 OOPS: cannot change directory”.

This is because your SELinux restricts the user to log in to ftp server. So let us update the SELinux boolean values for FTP service:

# setsebool -P ftp_home_dir on

Now try again to login to FTP server:

# ftp 192.168.1.101
Connected to 192.168.1.101 (192.168.1.101).
220 Welcome to UNIXMEN FTP service.
Name (192.168.1.101:root): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> 

Now you will be able to login to FTP server without any problems.

Client side configuration

Let me try to log in to the FTP server from my Ubuntu client system.

$ ftp 192.168.1.101
ftp: connect: No route to host
ftp>

You might see the above error like “ftp:connect:No route to host”. To resolve this error, allow the default ftp port “21” through your firewall or router. In the server side, do the following.

Edit file /etc/sysconfig/iptables,

# vi /etc/sysconfig/iptables

Add the following lines.

[...]
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
[...]

Save and exit the file. Restart iptables now:

# service iptables restart

Now try again from the client system to login to FTP server:

$ ftp 192.168.1.101
Connected to 192.168.1.101.
220 Welcome to UNIXMEN FTP service.
Name (192.168.1.101:sk): sk
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> 

Boom!! It’s working now.

Working from command-line mode might be little bit annoying to newbies. So let us install a graphical FTP client called Filezilla to get things done quite easier:

$ sudo apt-get install filezilla

For RHEL based systems, you can install filezilla using following command:

# yum install filezilla

Open Filezilla client from your client system “Dash” or “Menu”. Enter the FTP server hostname or IP Address, username, password and port number. Click “Quickconnect” to login.

(Source : unixmen.com)

Install Joomla 3 on CentOS 6.5 Minimal x86_64

CentOS 6.5 Minimal x86_64

Complete your base operating system installation or you can follow my guide found at the URL below. When following my guide, hold off on executing yum updates until after configuring EPEL and REMI repositories.

https://github.com/rharmonson/richtech/wiki/CentOS-6.5-Minimal-x86_64-Base-Installation-Guide

EPEL Repository

Add the Extra Packages for Enterprise Linux repository. This is required to meet REMI repository requirements. See my guide here:
https://github.com/rharmonson/richtech/wiki/EPEL-Repository-on-CentOS-6.5 

REMI Repository

Add Remi Collet's repository to meet Joomla's PHP requirements. Guide here:

https://github.com/rharmonson/richtech/wiki/REMI-Repository-on-CentOS-6.5

Install Prerequisites

 

yum install open-vm-tools system-config-firewall-tui system-config-network-tui httpd mysql-server php php-mysql wget unzip

Results:
Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: httpd x86_64 2.2.15-30.el6.centos updates 821 k mysql-server x86_64 5.1.73-3.el6_5 updates 8.6 M open-vm-tools x86_64 9.4.0-8.el6 epel 401 k php x86_64 5.3.3-27.el6_5 updates 1.1 M php-mysql x86_64 5.3.3-27.el6_5 updates 81 k system-config-firewall-tui noarch 1.2.27-5.el6 base 37 k unzip x86_64 6.0-1.el6 base 149 k wget x86_64 1.12-1.11.el6_5 updates 483 k Installing for dependencies: apr x86_64 1.3.9-5.el6_2 base 123 k apr-util x86_64 1.3.9-3.el6_0.1 base 87 k apr-util-ldap x86_64 1.3.9-3.el6_0.1 base 15 k dbus x86_64 1:1.2.24-7.el6_3 base 207 k httpd-tools x86_64 2.2.15-30.el6.centos updates 73 k libdnet x86_64 1.12-6.el6 epel 28 k libicu x86_64 4.2.1-9.1.el6_2 base 4.9 M mailcap noarch 2.1.31-2.el6 base 27 k mysql x86_64 5.1.73-3.el6_5 updates 894 k perl x86_64 4:5.10.1-136.el6 base 10 M perl-DBD-MySQL x86_64 4.013-3.el6 base 134 k perl-DBI x86_64 1.609-4.el6 base 705 k perl-Module-Pluggable x86_64 1:3.90-136.el6 base 40 k perl-Pod-Escapes x86_64 1:1.04-136.el6 base 32 k perl-Pod-Simple x86_64 1:3.13-136.el6 base 212 k perl-libs x86_64 4:5.10.1-136.el6 base 578 k perl-version x86_64 3:0.77-136.el6 base 51 k php-cli x86_64 5.3.3-27.el6_5 updates 2.2 M php-common x86_64 5.3.3-27.el6_5 updates 525 k php-pdo x86_64 5.3.3-27.el6_5 updates 75 k Transaction Summary ================================================================================ Install 28 Package(s) Total download size: 33 M Installed size: 104 M

Upgrade PHP

Joomla's PHP requirements are not met if only using CentOS and EPEL repos, thus upgrade from REMI. As a side effect, MySQL is updated as well. Note you can update using remi-php55 or remi-php56.
# yum --disablerepo="*" --enablerepo="remi" upgrade Results:
================================================================================ Package Arch Version Repository Size ================================================================================ Updating: mysql x86_64 5.5.37-1.el6.remi remi 5.8 M mysql-libs x86_64 5.5.37-1.el6.remi remi 776 k mysql-server x86_64 5.5.37-1.el6.remi remi 10 M php x86_64 5.4.28-1.el6.remi remi 2.7 M php-cli x86_64 5.4.28-1.el6.remi remi 2.6 M php-common x86_64 5.4.28-1.el6.remi remi 930 k php-mysql x86_64 5.4.28-1.el6.remi remi 136 k php-pdo x86_64 5.4.28-1.el6.remi remi 120 k Installing for dependencies: compat-mysql51 x86_64 5.1.54-1.el6.remi remi 1.4 M Transaction Summary ================================================================================ Install 1 Package(s) Upgrade 8 Package(s) Total download size: 24 M

MySQL Configuration

Start mysqld
# service mysqld start Configure MySQL
Respond with yes for each option. Don't forget the root password!
# /usr/bin/mysql_secure_installation Enable mysqld to start on boot.
# chkconfig mysqld on

PHP Configuration

Update php.ini to meet Joomla's requirements. Values may vary, but use the one below or research each to determine what will work best for you.
# vi /etc/php.ini Below are the values I use, however, your mileage may vary. The post_max_size and upload_max_filesize are initially set to values too low to permit installing third party addons much less permit users to upload files. The upload_tmp_dir must be owned by the web service, i.e. apache.
output_buffering = Off upload_tmp_dir = /var/www/html/temp post_max_size = 30M upload_max_filesize = 30M

Apache2 (httpd) Configuration

Minor changes to Apache2 to reduce the ease of fingerprinting. Not a requirement, but advisable.
# vi /etc/httpd/conf/httpd.conf Update the following:
ServerSignature Off ServerTokens Prod Lastly, enable apache2 to start on boot, test httpd.conf, then start httpd.
# chkconfig httpd on # service httpd configtest # service httpd start

Firewall

Execute the iptables text user interface to permit http or web access to Joomla.
# system-config-firewall-tui

Test

Open a browser, enter the URL to your Joomla host which should look something like http:///, and if all is working, apache2's default web page will be displayed.
It works! This is the default web page for this server. The web server software is running but no content has been added, yet.

Joomla Installation

At the time of the installation, Joomla 3.3.0 was the most current version. Update the URL below to reflect the version you want to install.
# wget http://joomlacode.org/gf/download/frsrelease/19393/158832/Joomla_3.3.0-Stable-Full_Package.zip # unzip Joomla_3.3.0-Stable-Full_Package.zip -d /var/www/html/ # chown -R apache.apache /var/www/html # cp /var/www/html/htaccess.txt /var/www/html/.htaccess Browse to https:///joomla/ to continue with Joomla CMS configuration.



(sources : github.com)

Share HTTP Port 80 antara Zimbra dan Apache

Problem awal bagaimana caranya menjadikan mail server dengan zimbra sekaligus webserver.
Asumsi
Server dengan OS Centos 5.1 Base Aplication sudah terinstall dengan baik. Zimbra sudah terinstall dan berjalan dengan baik pula. Setelah baca-baca di wiki yang harus di lakukan adalah:
1. Ganti sebagai user zimbra dan ganti zimbraMailPort dengan port yang lain, disini saya menggunakan port 81 sama seperti yang ada pada contoh di wiki.
[root@mail ~]# su – zimbra
[zimbra@mail ~]$ zmprov ms mail.zimbraku.com zimbraMailPort 81
2. Create ulang zimbraMtaAuthHost
[zimbra@mail ~]$ zmprov ms mail.zimbraku.com zimbraMtaAuthHost mail.zimbraku.com
3. stop zimbra dan jalankan kembali
[zimbra@mail ~]$ zmcontrol stop
Host mail.zimbraku.com
Stopping stats…Done
Stopping mta…Done
Stopping spell…Done
Stopping snmp…Done
Stopping archiving…Done
Stopping antivirus…Done
Stopping antispam…Done
Stopping imapproxy…Done
Stopping mailbox…Done
Stopping logger…Done
Stopping ldap…Done
[zimbra@mail ~]$ zmcontrol start
Host mail.zimbraku.com
Starting ldap…Done.
Starting logger…Done.
Starting mailbox…Done.
Starting antispam…Done.
Starting antivirus…Done.
Starting snmp…Done.
Starting mta…Done.
Starting stats…Done.
4. Kemudian, install apache pada server, jika apache sudah terinstall edit /etc/httpd/conf/httpd.conf, cari dan pastikan uncoment / hilangkan tanda “#”
LoadModule proxy_module modules/mod_proxy.so
5. Tambahkan pada /etc/httpd/conf/httpd.conf
NameVirtualHost *:80

ServerAdmin webmaster@zimbraku.com
DocumentRoot “/var/www/html”
ServerName http://www.zimbraku.com


ServerAdmin webmaster@zimbraku.com
ServerName mail.zimbraku.com
ProxyPass / http://mail.zimbraku.com:81/
ProxyPassReverse / http://mail.zimbraku.com:81/

6. kemudian restart httpd dengan cara ;
[root@mail ~]# /etc/init.d/httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]