CentOS
/etc/httpd/conf/httpd.conf is the CentOS equivalent of sites-available/enabled.
Additional Resources/Repository
To show package versions, do yum list packagename
Repository location: /etc/yum.repos.d/
Download, enable and install Atomic repository:
cd / ; wget -q -O - http://www.atomicorp.com/installers/atomic | sh
cd /usr/src ; wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm rpm -ivh epel-release-6-8.noarch.rpm yum repolist yum list | grep epel
Disable repo
vim /etc/yum.repos.d/example.repo
Set enabled to = 0
Automatic Bug Reporting Tool - abrt
If you would rather not receive these e-mails, here is a guide on how to disable them.
Clear bash history
history -c
CPU#0: NMI appears to be stuck
This link provides details on the error from Centos/Redhat:
testing NMI watchdog ... <4><br> WARNING: CPU#0: NMI appears to be stuck (0->0)!
This issue is caused by an implementation issue with the Xen hypervisor and can be safely ignored. (BZ#500845)
General Commands
To search and install software, use:
yum search softwarename yum install softwarename yum grouplist #Check installed software, press space to scroll yum list installed | more
To check the hostname, type just hostname. To set it type hostname WhatYouWantItToBe
To forcibly remove a file and not have it prompt you type y for yes to delete a file, folder or each individual file in a folder, run:
rm FileOrFolder -rf
Increase File Handle Limit
Mitigate the BEAST attack on CentOS 6 with Apache 2.2.15
Disable SSL compression
Further details
SSLHonorCipherOrder On SSLProtocol -all +TLSv1 -SSLv2
This may work in /etc/httpd/conf.d/ssl.conf:
SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
These did not work for us.
vim /etc/httpd/conf/httpd.conf #SSLCipherSuite RC4-SHA #SSLCipherSuite RC4-SHA:HIGH:!ADH #SSLCipherSuite RC4:HIGH:!MD5:!aNULL:!EDH #SSLCipherSuite RC4-SHA:HIGH:!MD5:!aNULL:!EDH:!ADH #SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
Below may mitigate the SSL CRIME attack:
vim /etc/sysconfig/httpd
Enter this into bottom of the file:
export OPENSSL_NO_DEFAULT_ZLIB=1
service httpd restart
https://bugzilla.redhat.com/show_bug.cgi?id=857051
Securing by disabling unneeded services
Software
mcrypt
Use one of the following:
yum search mcrypt yum install libmcrypt-devel yum install libmcrypt.x86_64 yum install php-mcrypt.x86_64
You may need to enable the EPEL repository first, which can be done using this.
suphp on CentOS 6
wget http://www.suphp.org/download/suphp-0.7.1.tar.gz ; tar -zxf suphp-0.7.1.tar.gz cd suphp-0.7.1 yum install gcc gcc-c++ httpd-devel yum install make ./configure --with-apr=/usr/bin/apr-1-config --with-apache-user=apache --prefix=/usr make make install
That should have installed it correctly, now you need to edit the conf files.
vim /etc/httpd/conf/httpd.conf
Add this below line into the file above:
LoadModule suphp_module modules/mod_suphp.so
In the <Directory /> section:
suPHP_Engine on suPHP_AddHandler application/x-httpd-php .php
If single site then add this to directory also.
suPHP_UserGroup <user> <group>
vim /etc/httpd/conf.d/php.conf
AddType application/x-httpd-php .php
vim /usr/etc/suphp.conf
[global] logfile=/var/log/httpd/suphp.log loglevel=info webserver_user=apache docroot=/var/www allow_file_group_writeable=false allow_file_others_writeable=false allow_directory_group_writeable=false allow_directory_others_writeable=false check_vhost_docroot=false errors_to_browser=false env_path=/bin:/usr/bin umask=0077 min_uid=100 min_gid=100 [handlers] x-httpd-php="php:/usr/bin/php" application/x-httpd-php="php:/usr/bin/php-cgi" x-suphp-cgi="execute:!self"
Further information/help and guide
MySQL Support in PHP5
To get MySQL support in PHP, install the php-mysql package. It's a good idea to install some other PHP5 modules as well as you might need them for applications. You can search for available PHP5 modules like this:
yum search php
Pick the ones you need and install them like this:
yum install php-mysql php-gd php-imap php-ldap php-mbstring php-odbc php-pear php-xml php-xmlrpc *Then restart Apache2* /etc/init.d/httpd restart
Alternatively you can use:
yum install php-soap.x86_64
Install MSSQL PHP Extension on CentOS 6
phpMyAdmin
phpMyAdmin is a web interface through which you can manage your MySQL databases. First enable the RPMforge repository on your CentOS system as phpMyAdmin is not available in the official CentOS 6.1 repositories:
Import the RPMforge GPG key:
rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
On x86_64 systems:
yum install http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
On i386 systems:
yum install http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.i686.rpm
phpMyAdmin can now be installed as follows:
yum install phpmyadmin
Now configure phpMyAdmin by changing the Apache configuration so that phpMyAdmin allows connections not just from localhost (by commenting out the <Directory "/usr/share/phpmyadmin"> section):
vi /etc/httpd/conf.d/phpmyadmin.conf # # Web application to manage MySQL # #<Directory "/usr/share/phpmyadmin"> # Order Deny,Allow # Deny from all # Allow from 127.0.0.1 #</Directory> Alias /phpmyadmin /usr/share/phpmyadmin Alias /phpMyAdmin /usr/share/phpmyadmin Alias /mysqladmin /usr/share/phpmyadmin
Next we change the authentication in phpMyAdmin from cookie to http:
vi /usr/share/phpmyadmin/config.inc.php [...] /* Authentication type */ $cfg['Servers'][$i]['auth_type'] = 'http'; [...]
Restart Apache:
/etc/init.d/httpd restart
Afterwards, you can access phpMyAdmin under IPAddress/phpmyadmin/ in your browser.
OS Ticket
If you get the below error on Cent OS when going to:
- Admin Panel
- Emails tab
- click the email account
- set it to Enabled and to use IMAP
- then click Save Changes
"IMAP doesn't exist. PHP must be compiled with IMAP enabled."
Do the following in SSH:
yum install php-imap /etc/init.d/httpd restart
You may also need php-imap.x86_64
Logwatch
CentOS Desktop
yum groupinstall 'Desktop'
Edit /etc/inittab and change the runlevel to 5, otherwise the desktop environment will not be brought up.
cat /etc/inittab ... id:5:initdefault:
Then reboot your centos 6 host for the settings to take effect. Before the next step ensure you have perl* taken out of /etc/yum.conf . Alternate Guide
yum install gnome-desktop.x86_64 gnome-games.x86_64 gnome-games-extra.x86_64 gnome-gmail.noarch gnome-media-apps.x86_64 gnome-desktop-devel.x86_64 gtk-recordmydesktop.noarch rdesktop.x86_64 recordmydesktop.x86_64 control-center.x86_64 control-center-extra.x86_64 desktop-effects.x86_64 mousetweaks.x86_64 yelp.x86_64 vnc-server tigervnc-server.x86_64 tigervnc-server-applet.noarch tigervnc-server-module.x86_64
Icecast with ezstream on CentOS 6
Check uname -a or uname -r first to ensure which kernel version you need to install for (i386 or .x86_64).
yum update vim /etc/yum.conf #Remove perl* from the exclude line
yum install git-all.noarch git-cvs.noarch git-daemon.x86_64 git-email.noarch git-svn.noarch
yum groupinstall 'Development Tools' yum install libxml2.x86_64 libxml2-devel.x86_64 speex-devel libtheora-devel yum install libogg.x86_64 libogg-devel.x86_64 python-ogg.x86_64 python-ogg-devel.x86_64 libvorbis.x86_64 libvorbis-devel.x86_64 yum install libshout-devel.x86_64
yum install libshout.x86_64 #(or) wget http://downloads.us.xiph.org/releases/libshout/libshout-2.2.2.tar.gz ; gunzip libshout-2.2.2.tar.gz ; tar -xvf libshout-2.2.2.tar cd libshout-2.2.2 ; ./configure ; make ; make install ; cd /
yum install cmake.x86_64 cppunit-devel.x86_64 cppunit.x86_64
#can be skipped #yum install taglib.x86_64 #or #wget http://developer.kde.org/~wheeler/files/src/taglib-1.7.1.tar.gz ; gunzip taglib-1.7.1.tar.gz ; tar -xvf taglib-1.7.1.tar #cd taglib-1.7.1 ; cat INSTALL #run through those steps if possible
wget http://downloads.xiph.org/releases/ezstream/ezstream-0.5.6.tar.gz ; gunzip ezstream-0.5.6.tar.gz ; tar -xvf ezstream-0.5.6.tar cd ezstream-0.5.6 ; ./configure ; make ; make install ; cd /
wget http://sourceforge.net/projects/lame/files/lame/3.99/lame-3.99.5.tar.gz ; gunzip lame-3.99.5.tar.gz ; tar -xvf lame-3.99.5.tar cd lame-3.99.5 ; ./configure ; make ; make install ; cd /
wget http://sourceforge.net/projects/sox/files/sox/14.4.0/sox-14.4.0.tar.gz ; gunzip sox-14.4.0.tar.gz ; tar -xvf sox-14.4.0.tar cd sox-14.4.0 ; ./configure ; make ; make install ; cd /
yum install libxslt-python.x86_64 libxslt.x86_64 libxslt-devel.x86_64
wget http://downloads.xiph.org/releases/icecast/icecast-2.3.2.tar.gz ; gunzip icecast-2.3.2.tar.gz ; tar -xvf icecast-2.3.2.tar cd icecast-2.3.2 ; ./configure ; make ; make install ; cd / cd /var/log useradd icecast mkdir icecast chown -R icecast:icecast /var/log/icecast/ #(or chown -R nobody:nobody /var/log/icecast/ ) which icecast; updatedb locate icecast.xml cd /usr/local/etc/ vim icecast.xml
<logging> <accesslog>/var/log/icecast/access.log</accesslog> <errorlog>/var/log/icecast/error.log</errorlog>
cp /usr/local/share/examples/ezstream/ezstream_mp3.xml /usr/local/etc find /usr/local/etc/musicdirectory -name *mp3 -type f > /usr/local/etc/playlist-filename.txt
The filename above (/usr/local/etc/playlist-filename.txt) that you specify needs to match the file you specified in the ezstream_mp3.xml file. The find command above is an example.
I use the below syntax so I do not have a random order and sort alphabetically by Artist and order by Track Order:
find /usr/local/etc/mu -name *mp3 -type f | sort -g > /usr/local/etc/playlist-icecast.txt vim ezstream_mp3.xml #specify the full filepath to your playlist.txt file
Ensure you have:
- In ezstream_mp3.xml the URL in the form http://0.0.0.0:port/mountpoint and the filename as the full filepath of your playlist .txt, .m3u or .ogg
- In icecast.xml the accesslog and errorlog should just be /access.log and /error.log and the logdir should just be /var/log/icecast
su icecast icecast -c /usr/local/etc/icecast.xml #Close the SSH session but do not CTRL + C the operating. Open another SSH session ezstream -c /usr/local/etc/ezstream_mp3.xml #Close the SSH session but do not CTRL + C the operating.
Open another SSH session to do any further work on the server and the processes will continue to run in the background. Add the following command to /etc/rc.local to have it start on boot:
icecast -c /usr/local/etc/icecast.xml -b
Additional ezstream/icecast guides:
Installing Sox from yum, and compiled LAME and Ezstream manually: http://wiki.radioreference.com/index.php/Ezstream_on_linux
http://code.google.com/p/icecast-now-playing-script/wiki/How_to_use
http://jude.im/now
http://icecast.imux.net/
http://mpd.wikia.com/wiki/Icecast2
http://koorenneef.nl/content/run-your-own-online-radio-station-icecast2-and-ezstream-howto
Config
Example
Icecast and
Trunk
http://icecast.imux.net/viewtopic.php?t=6903&sid=7c4b5bf86c5597d755b1256bb4a0271a
http://www.tech-faq.com/how-to-stream-audio.html
Icegenerator
yum install id3lib.x86_64 id3lib-devel.x86_64 wget http://www.becrux.com/pages/projects/icegenerator/icegenerator-0.5.5-pre2.tar.gz ; gunzip icegenerator-0.5.5-pre2.tar.gz tar -xvf icegenerator-0.5.5-pre2.tar ; cd icegenerator-0.5.5-pre2 ; ./configure --with-id3 --with-mysql ; make ; make install
PHP Motion + JW Player
- PHP Motion System Requirements
- PHP Motion website registering
- PHP Motion Download
- PHP Motion Installation Guide + Install on cPanel
- JW Player information
Ensure you already have PHP 4.3+ (including support of CLI), MySQL, LAME MP3 Encoder, Libogg + Libvorbis, Mencoder + Mplayer, FFMpeg-PHP, GD Library 2+ and a CGI-BIN. Mencoder comes with mplayer. Various install instructions for these above tools.
The below instructions will install ffmpeg, ffmpeg-php, mplayer + mencoder and flvtool.
CentOS 6
rpm -Uvh http://mirrors.coreix.net/fedora-epel/6/x86_64/epel-release-6-7.noarch.rpm vim /etc/yum.repos.d/subhosting.repo
Enter the following into that file:
[SubHosting] name=SubHosting Packages CentOS 6 - $basearch baseurl=http://dl.subhosting.net/yumrepo/centos/6/$basearch/ enabled=1 gpgcheck=0
Then do:
yum -y install ffmpeg mplayer --exclude "*.i386" /scripts/installruby gem install flvtool2 yum -y install gpac gpac-libs yum -y install ffmpeg-devel wget http://downloads.sourceforge.net/ffmpeg-php/ffmpeg-php-0.6.0.tbz2 ; tar xjf ffmpeg-php-0.6.0.tbz2 ; cd ffmpeg-php-0.6.0 phpize ; ./configure ; make ; make install
It will then show something like Installing shared extensions: /usr/local/lib/php/extensions/no-debug-non-zts-00000000/ . So then do:
vim /usr/local/lib/php.ini /extension_dir extension_dir = "/usr/local/lib/php/extensions/no-debug-non-zts-00000000" extension="ffmpeg.so" php -i | grep ffmpeg
It should then show:
ffmpeg ffmpeg-php version => 0.6.0-svn ffmpeg-php built on => Jul 19 2012 15:07:59 ffmpeg-php gd support => disabled ffmpeg libavcodec version => Lavc52.123.0 ffmpeg libavformat version => Lavf52.111.0 ffmpeg swscaler version => SwS0.14.1 ffmpeg.allow_persistent => 0 => 0 ffmpeg.show_warnings => 0 => 0
Following are the file system paths of tools that you installed:
ffmpeg: /usr/bin/ffmpeg mplayer: /usr/bin/mplayer mencoder: /usr/bin/mencoder flvtool2: /usr/bin/flvtool2 MP4Box: /usr/bin/MP4Box
Complicate ffmpeg instructions <- Not really necessary.
vim /etc/yum.conf
Take out ruby* from exclude= line and save the file
yum -y install flvtool2.noarch
vim /etc/yum.conf
Take out apache2* and httpd* from exclude= line and save the file. From this link you get:
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/mod_flvx-0-0.1.20100525git.el6.x86_64.rpm rpm -ivh mod_flvx-0-0.1.20100525git.el6.x86_64.rpm --nodeps
Do not configure these manually, especially don't fiddle with glibc, can of worms and fail ahoy:
config(mod_flvx) = 0-0.1.20100525git.el6 httpd-mmn = 20051115 libc.so.6()(64bit) libc.so.6(GLIBC_2.2.5)(64bit)
rtld(GNU_HASH), part of glibc
Doing yum install mod_flvx.x86_64 will ask you to downgrade httpd/apache from 2.2.22 to 2.2.15-15 ( 2.2.15-15.el6.centos.1 ) so be careful with this or do not do this.
Alternate mod_flvx guides: 1, 2, 3 and 4
Then follow these instructions to install PHP Shield. You may need 757, 775 or 777 for the following folders: addons, classes, logs, pictures, setup, temp and uploads.
Run through the installer either via your domain name or on a cPanel server do serverip/~ftpuser . Then after it has all been completed do:
cd /documentroot #e.g. cd /home/DomainWithoutSuffix/public_html rm -y setup/ -R
/etc/init.d/httpd restart
CentOS 5
These instructions will install ffmpeg + ffmpeg-devel + ffmpeg-php, mplayer, mencoder, flv2tool and LAME MP3 encoder.
uname -i rpm -Uvh http://mirrors.coreix.net/fedora-epel/5/x86_64/epel-release-5-4.noarch.rpm yum -y install ffmpeg mplayer --exclude "*.i386" yum -y install gpac gpac-libs yum -y install ffmpeg-devel wget http://downloads.sourceforge.net/ffmpeg-php/ffmpeg-php-0.6.0.tbz2 cd to the directory, potentially /usr/src tar xjf ffmpeg-php-0.6.0.tbz2 ; cd ffmpeg-php-0.6.0 yum -y install php-devel gcc.x86_64 ffmpeg-devel.x86_64 vim ffmpeg_frame.c
Replace all entries of PIX_FMT_RGBA32 with PIX_FMT_RGB32
cp -aP ffmpeg_frame.loT ffmpeg_frame.lo phpize ; ./configure ; make ; make install /extension_dir <pre>extension_dir = "/usr/lib64/php/modules/" extension="ffmpeg.so"
cd /usr/local/src/ wget http://www.mplayerhq.hu/MPlayer/releases/codecs/essential-20071007.tar.bz2 tar xjvf essential-20071007.tar.bz2 mv /usr/local/src/essential-20071007/ /usr/local/lib/codecs/ chmod -R 755 /usr/local/lib/codecs/ cd /usr/local/src/ wget http://www1.mplayerhq.hu/MPlayer/releases/codecs/all-20071007.tar.bz2 tar jxvf all-20071007.tar.bz2 mv /usr/local/src/all-20071007/ /usr/local/lib/codecs/ chmod -R 755 /usr/local/lib/codecs/
The above steps have now placed the file from /usr/local/src/all-20071007/ into /usr/local/lib/codecs/all-20071007
yum install git yasm.x86_64 yasm-devel.x86_64
cd .. svn checkout svn://svn.mplayerhq.hu/mplayer/trunk mplayer cd /usr/local/mplayer svn update ./configure make && make install yum -y install flvtool2.noarch mod_flvx.x86_64 yamdi.x86_64 yum -y install lame.x86_64 lame-devel.x86_64 /etc/init.d/httpd restart
ffmpeg
vi /etc/yum.repos.d/dag.repo
Add the following text to the file.
[dag] name=Dag RPM Repository for Red Hat Enterprise Linux baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag gpgcheck=1 enabled=1
Then do:
rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm yum install ffmpeg ffmpeg-devel ffmpeg -formats
Unable to find packages/software
Check /etc/yum.conf and remove the software* exclude entry. By default a cPanel CentOS server may have the following within that file:
exclude=apache* bind-chroot courier* dovecot* exim* filesystem httpd* mod_ssl* mydns* mysql* nsd* perl* php* proftpd* pure-ftpd* ruby* spamassassin* squirrelmail*
Uninstall Postfix on psa (Plesk)
You can do this either via:
- SSH using the command /usr/local/psa/admin/bin/autoinstaller then selecting Qmail instead of Postix (normally option 13 instead of 14) or
- via the GUI interface for the control panel:
Server Management - Tools & Utilities/Settings > Panel - Updates and Upgrades > Add Components - Untick "Show only not installed components" > Different mailservers - Qmail Mailserver
Update PHP 5.1 to PHP 5.3 on CentOS 5
Update MySQL to 5.5 with Plesk
This is really only possible on CentOS 5, as of 08/03/2013
wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm rpm -Uvh remi-release-6*.rpm vim /etc/yum.repos.d/remi.repo
Set the top [remi] to enabled=1
yum list mysql-server
A script to get the latest MySQL 5.5 for RHEL6
Alternatively, you can use the Atomic repo, however you must disable it afterwards, otherwise it may remove Plesk when it auto-updates.
VNC
yum install vnc-server tigervnc-server.x86_64 tigervnc-server-applet.noarch tigervnc-server-module.x86_64 xterm.x86_64 su - adduser testuser passwd testuser #sets users password su testuser vncpasswd #sets VNC password and creates the directory /home/testuser/.vnc exit vim /etc/sysconfig/vncservers
Add in:
VNCSERVERS="1:testuser"
VNCSERVERARGS[1]="-geometry 1280x800"
/sbin/service vncserver start #Once complete run /sbin/service vncserver stop su testuser cd /home/testuser/.vnc ls -lah vim xstartup #!/bin/sh # Add the following line to ensure you always have an xterm available. ( while true ; do xterm ; done ) & xsetroot -solid grey vncconfig -iconic & xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" & twm &
Now go to http://yourIPaddress:5801 . Alternate Instructions: 1, 2, 3, 4
When searching for software or loading any program, you will get: "the permission of the setuid helper is not correct". To fix this do cd /etc/lib64/dbus-1 and run chmod 4750 dbus-daemon-launch-helper (default is 750).
When running /sbin/service vncserver start if it says:
Warning: hostname:1 is taken because of /tmp/.X1-lock Remove this file if there is no X server hostname:1 A VNC server is already running as :1 [FAILED]
to kill the process, run vncserver -kill :X (X being the number of the one it believes is running, e.g :1). If this fails with:
Can't find file /root/.vnc/hostname:1.pid
You'll have to kill the Xvnc process manually. To do this do:
cd /tmp rm .X1-lock cd /tmp/.X11-unix/ rm X1 /sbin/service vncserver start
Troubleshooting Help: 1, 2, 3, 4, 5, 6
Website compatibility for blind people (In Development)
This needs work as it needs additional configuration steps.
yum install php5-dev php-pear php-pdo.x86_64 pdo_pgsql php-pgsql.x86_64 php-odbc.x86_64 pecl install pdo service postgresql restart service httpd restart pecl install pdo pecl channel-update pecl.php.net
Then see Enabling PDO and install MSSQL PHP Extension.
