Year: 2019

WordPress is a free and open-source, highly customizable content management system (CMS) that is being used by millions around the world to run blogs and fully functional websites. Because it is the most used CMS out there, there are so many potential WordPress security issues/vulnerabilities to be concerned about.

However, these security issues can be dealt with, if we follow common WordPress security best practices. In this article, we will show you how to use WPSeku, a WordPress vulnerability scanner in Linux, that can be used to find security holes in your WordPress installation and block potential threats.

WPSeku is a simple WordPress vulnerability scanner written using Python, it can be used to scan local and remote WordPress installations to find security issues.

How to Install WPSeku – WordPress Vulnerability Scanner in Linux

To install WPSeku in Linux, you need to clone the most recent version of WPSeku from its Github repository as shown.

$ cd ~
$ git clone https://github.com/m4ll0k/WPSeku

Once you have obtained it, move into the WPSeku directory and run it as follows.

$ cd WPSeku

Now run the WPSeku using the -u option to specify your WordPress installation URL like this.

$ ./wpseku.py -u http://yourdomain.com 

The command below will search for cross site scripting, local file inclusion, and SQL injection vulnerabilities in your WordPress plugins using the -p option, you need to specify the location of plugins in the URL:

$ ./wpseku.py -u http://yourdomain.com/wp-content/plugins/wp/wp.php?id= -p [x,l,s]

The following command will execute a brute force password login and password login via XML-RPC using the option -b. Also, you can set a username and wordlist using the --user and --wordlist options respectively as shown below.

$ ./wpseku.py -u http://yourdomian.com --user username --wordlist wordlist.txt -b [l,x]   

To view all WPSeku usage options, type.

$ ./wpseku.py --help

WPSeku Github repository: https://github.com/m4ll0k/WPSeku

That’s it! In this article, we showed you how to get and use WPSeku for WordPress vulnerability scanning in Linux. WordPress is secure but only if we follow WordPress security best practices. Do you have any thoughts to share? If yes, then use the comment section below.

Source

Nikto Web Scanner is an another good to have tool for any Linux administrator’s arsenal. It’s an Open source web scanner released under the GPL license, which is used to perform comprehensive tests on Web servers for multiple items including over 6500 potentially dangerous files/CGIs.

Suggested Read: WPSeku – A Vulnerability Scanner to Find Security Issues in WordPress

It’s written by Chris Solo and David Lodge for Vulnerability assessment, it checks for outdated versions over 1250 Web servers and over 270 version specific problems. It also scans and reports for outdated web server software and plugins.

Features of Nikto Web Scanner

1. Supports SSL
2. Supports full HTTP proxy
3. Supports text, HTML, XML and CSV to save reports.
4. Scan for multiple ports
5. Can scan on multiple servers by taking inputs from files like nmap output
6. Support LibWhisker IDS
7. Capable enough to identify installed software with headers, files, and favicons
8. Logs for Metasploits
9. Reports for “unusual ” headers.
10. Apache and cgiwrap user enumeration
11. Authenticate hosts with Basic and NTLM
12. Scans can be Auto-paused at a specified time.

Nikto Requirements

A system with basic Perl, Perl Modules, OpenSSL installation should enable Nikto to run. It has been thoroughly tested on Windows, Mac OSX and various Unix/Linux distributions such as Red Hat, Debian, Ubuntu, BackTrack, etc.

Installation of Nikto Web Scanner on Linux

Most of the today’s Linux systems comes with pre-installed Perl, Perl Modules, and OpenSSL packages. If not included, you can install them using the default system package manager utility called yum or apt-get.

On Red Hat/CentOS/Fedora

[root@tecmint ]# yum install perl perl-Net-SSLeay openssl

On Debian/Ubuntu/Linux Mint

[root@tecmint ]# apt-get install perl openssl libnet-ssleay-perl

Next, clone the latest stable Nikto source files from its Github repository, move into Nikto/programs/ directory and run it using perl:

$ git clone https://github.com/sullo/nikto.git
$ cd nikto/programs
$ perl nikto.pl -h 

Sample Output

Option host requires an argument

       -config+            Use this config file
       -Display+           Turn on/off display outputs
       -dbcheck            check database and other key files for syntax errors
       -Format+            save file (-o) format
       -Help               Extended help information
       -host+              target host
       -id+                Host authentication to use, format is id:pass or id:pass:realm
       -list-plugins       List all available plugins
       -output+            Write output to this file
       -nossl              Disables using SSL
       -no404              Disables 404 checks
       -Plugins+           List of plugins to run (default: ALL)
       -port+              Port to use (default 80)
       -root+              Prepend root value to all requests, format is /directory
       -ssl                Force ssl mode on port
       -Tuning+            Scan tuning
       -timeout+           Timeout for requests (default 10 seconds)
       -update             Update databases and plugins from CIRT.net
       -Version            Print plugin and database versions
       -vhost+             Virtual host (for Host header)
   		+ requires a value

	Note: This is the short help output. Use -H for full help text.

The “Option host requires an argument” is clearly telling that we didn’t include the needed parameters while doing a test. So, we need to add a basic necessary parameter to do a test run.

Basic Testing

The basic scan requires a host that you want to target, by default it scans port 80 if nothing is specified. The host can either be a hostname or an IP Address of a system. You can specify a host using “-h” option.

For example, I want to do a scan on an IP 172.16.27.56 on TCP port 80.

[root@tecmint nikto-2.1.5]# perl nikto.pl -h 172.16.27.56

Sample Output

- Nikto v2.1.5
---------------------------------------------------------------------------
+ Target IP:          172.16.27.56
+ Target Hostname:    example.com
+ Target Port:        80
+ Start Time:         2014-01-10 00:48:12 (GMT5.5)
---------------------------------------------------------------------------
+ Server: Apache/2.2.15 (CentOS)
+ Retrieved x-powered-by header: PHP/5.3.3
+ The anti-clickjacking X-Frame-Options header is not present.
+ Server leaks inodes via ETags, header found with file /robots.txt, inode: 5956160, size: 24, mtime: 0x4d4865a054e32
+ File/dir '/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ "robots.txt" contains 1 entry which should be manually viewed.
+ Apache/2.2.15 appears to be outdated (current is at least Apache/2.2.22). Apache 1.3.42 (final release) and 2.0.64 are also current.
+ Multiple index files found: index.php, index.htm, index.html
+ DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ OSVDB-3233: /phpinfo.php: Contains PHP configuration information
+ OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-3092: /test.html: This might be interesting...
+ OSVDB-3268: /icons/: Directory indexing found.
+ OSVDB-3233: /icons/README: Apache default file found.
+ /connect.php?path=http://cirt.net/rfiinc.txt?: Potential PHP MySQL database connection string found.
+ OSVDB-3092: /test.php: This might be interesting...
+ 6544 items checked: 0 error(s) and 16 item(s) reported on remote host
+ End Time:           2014-01-10 00:48:23 (GMT5.5) (11 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

If you want to scan on a different port number, then add “-p” [-port] option. For example, I want to do a scan on IP 172.16.27.56 on TCP port 443.

[root@tecmint nikto-2.1.5]# perl nikto.pl -h 172.16.27.56 -p 443

Sample Output

- Nikto v2.1.5
---------------------------------------------------------------------------
+ Target IP:          172.16.27.56
+ Target Hostname:    example.com
+ Target Port:        443
---------------------------------------------------------------------------
+ SSL Info:        Subject: /O=*.mid-day.com/OU=Domain Control Validated/CN=*.mid-day.com
                   Ciphers: DHE-RSA-AES256-GCM-SHA384
                   Issuer:  /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./OU=http://certificates.starfieldtech.com/repository/CN=Starfield Secure Certification Authority/serialNumber=10688435
+ Start Time:         2014-01-10 01:08:26 (GMT5.5)
---------------------------------------------------------------------------
+ Server: Apache/2.2.15 (CentOS)
+ Server leaks inodes via ETags, header found with file /, inode: 2817021, size: 5, mtime: 0x4d5123482b2e9
+ The anti-clickjacking X-Frame-Options header is not present.
+ Apache/2.2.15 appears to be outdated (current is at least Apache/2.2.22). Apache 1.3.42 (final release) and 2.0.64 are also current.
+ Server is using a wildcard certificate: '*.mid-day.com'
+ Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ OSVDB-3268: /icons/: Directory indexing found.
+ OSVDB-3233: /icons/README: Apache default file found.
+ 6544 items checked: 0 error(s) and 8 item(s) reported on remote host
+ End Time:           2014-01-10 01:11:20 (GMT5.5) (174 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

You can also specify hosts, ports and protocols using a full URL syntax, and it will be scanned.

[root@tecmint nikto-2.1.5]# perl nikto.pl -h http://172.16.27.56:80

You can also scan any website. For example, here I did a scan on google.com.

[root@tecmint nikto-2.1.5]# perl nikto.pl -h http://www.google.com

Sample Output

- Nikto v2.1.5
---------------------------------------------------------------------------
+ Target IP:          173.194.38.177
+ Target Hostname:    www.google.com
+ Target Port:        80
+ Start Time:         2014-01-10 01:13:36 (GMT5.5)
---------------------------------------------------------------------------
+ Server: gws
+ Cookie PREF created without the httponly flag
+ Cookie NID created without the httponly flag
+ Uncommon header 'x-frame-options' found, with contents: SAMEORIGIN
+ Uncommon header 'x-xss-protection' found, with contents: 1; mode=block
+ Uncommon header 'alternate-protocol' found, with contents: 80:quic
+ Root page / redirects to: http://www.google.co.in/?gws_rd=cr&ei=xIrOUomsCoXBrAee34DwCQ
+ Server banner has changed from 'gws' to 'sffe' which may suggest a WAF, load balancer or proxy is in place
+ Uncommon header 'x-content-type-options' found, with contents: nosniff
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ File/dir '/groups/' in robots.txt returned a non-forbidden or redirect HTTP code (302)
….

The above command will perform a bunch of http requests (i.e. more than 2000 tests) on the web server.

Multiple Port Testing

You can also perform multiple ports scanning in the same session. To scan multiple ports on the same host, add “-p” [-port] option and specify the list of ports. Ports can be defined as a range (i.e., 80-443), or as a comma separated (i.e., 80,443). For example, I want to scan a ports 80 and 443 on the host 172.16.27.56.

[root@tecmint nikto-2.1.5]# perl nikto.pl -h 172.16.27.56 -p 80,443

Sample Output

- Nikto v2.1.5
---------------------------------------------------------------------------
+ No web server found on cmsstage.mid-day.com:88
---------------------------------------------------------------------------
+ Target IP:          172.16.27.56
+ Target Hostname:    example.com
+ Target Port:        80
+ Start Time:         2014-01-10 20:38:26 (GMT5.5)
---------------------------------------------------------------------------
+ Server: Apache/2.2.15 (CentOS)
+ Retrieved x-powered-by header: PHP/5.3.3
+ The anti-clickjacking X-Frame-Options header is not present.

---------------------------------------------------------------------------
+ Target IP:          172.16.27.56
+ Target Hostname:    example.com
+ Target Port:        443
---------------------------------------------------------------------------
+ SSL Info:        Subject: /O=*.mid-day.com/OU=Domain Control Validated/CN=*.mid-day.com
                   Ciphers: DHE-RSA-AES256-GCM-SHA384
                   Issuer:  /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./OU=http://certificates.starfieldtech.com/repository/CN=Starfield Secure Certification Authority/serialNumber=10688435
+ Start Time:         2014-01-10 20:38:36 (GMT5.5)
---------------------------------------------------------------------------
+ Server: Apache/2.2.15 (CentOS)
+ All CGI directories 'found', use '-C none' to test none
+ Apache/2.2.15 appears to be outdated (current is at least Apache/2.2.22). Apache 1.3.42 (final release) and 2.0.64 are also current.
.....

Using a Proxy

Let’s say a system where Nikto is running only has access to the target host via an HTTP proxy, the test can still be performed using two different ways. One is using nikto.conf file and another way is to run directly from the command line.

Using Nikto.conf File

Open nikto.conf file using any command line editor.

[root@localhost nikto-2.1.5]# vi nikto.conf

Search for the variable “PROXY” and uncomment the ‘#‘ from the beginning of the lines as shown. Then add the proxy host, port, proxy user and password. Save and close the file.

# Proxy settings -- still must be enabled by -useproxy
PROXYHOST=172.16.16.37
PROXYPORT=8080
PROXYUSER=pg
PROXYPASS=pg

Now, execute the Nikto using “-useproxy” option. Please note all connections will be relayed via the HTTP proxy.

root@localhost nikto-2.1.5]# perl nikto.pl -h localhost -p 80 -useproxy

Sample Output

- Nikto v2.1.5
---------------------------------------------------------------------------
+ Target IP:          127.0.0.1
+ Target Hostname:    localhost
+ Target Port:        80
+ Start Time:         2014-01-10 21:28:29 (GMT5.5)
---------------------------------------------------------------------------
+ Server: squid/2.6.STABLE6
+ Retrieved via header: 1.0 netserv:8080 (squid/2.6.STABLE6)
+ The anti-clickjacking X-Frame-Options header is not present.
+ Uncommon header 'x-squid-error' found, with contents: ERR_CACHE_ACCESS_DENIED 0
+ Uncommon header 'x-cache-lookup' found, with contents: NONE from netserv:8080

Using Command Line

To run the Nikto directly from the command line using the “-useproxy” option by setting the proxy as the argument.

root@localhost nikto-2.1.5]# perl nikto.pl -h localhost -useproxy http://172.16.16.37:8080/

Sample Output

- Nikto v2.1.5
---------------------------------------------------------------------------
+ Target IP:          127.0.0.1
+ Target Hostname:    localhost
+ Target Port:        80
+ Start Time:         2014-01-10 21:34:51 (GMT5.5)
---------------------------------------------------------------------------
+ Server: squid/2.6.STABLE6
+ Retrieved via header: 1.0 netserv:8080 (squid/2.6.STABLE6)
+ The anti-clickjacking X-Frame-Options header is not present.
+ Uncommon header 'x-squid-error' found, with contents: ERR_CACHE_ACCESS_DENIED 0
+ Uncommon header 'x-cache-lookup' found, with contents: NONE from netserv:8080

Updating Nikto

You can update Nikto to the latest plugins and databases automatically, simply run the “-update” command.

[root@localhost nikto-2.1.5]# perl nikto.pl -update

If new updates are available, you will see a list of new updates downloaded.

+ Retrieving 'nikto_report_csv.plugin'
+ Retrieving 'nikto_headers.plugin'
+ Retrieving 'nikto_cookies.plugin'
+ Retrieving 'db_tests'
+ Retrieving 'db_parked_strings'
+ Retrieving 'CHANGES.txt'
+ CIRT.net message: Please submit Nikto bugs to http://trac2.assembla.com/Nikto_2/report/2

You can also manually download and update Nikto plugins and databases from the http://cirt.net/nikto/UPDATES/.

Reference Links

Nikto Homepage

Source

A debugger plays a vital role in any software development system. Nobody can write a bug-free code all at once. During the course of development, bugs are being raised and needs to be solved for further enhancement. A development system is incomplete without a debugger. Considering the open source developers community, GNU Debugger is their best choice. It is also used for commercial software development on UNIX type platforms.

GNU Debugger, also known as gdb, allows us to sneak through the code while it executes or what a program was trying to do at the moment before it crashed. GDB basically helps us to do four main things to catch flaws in the source code.

1. Start the program, specifying arguments that may affect the general behavior.
2. Stop the program on specified conditions.
3. Examine the crash or when program was stopped.
4. Change the code and to experiment with the modified code instantaneously.

We can use gdb to debug programs written in C and C++ without much effort. As of now support for other programming languages like D, Modula-2, Fortran are partial.

Getting started with GNU Debugger or GDB

GDB is invoked using the gdb command. On issuing gdb, it displays some information about platform and drops you into the (gdb) prompt as shown below.

[root@fedora20 ~]# gdb

Sample Output

GNU gdb (GDB) Fedora 7.6.50.20130731-19.fc20 
Copyright (C) 2013 Free Software Foundation, Inc. 
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> 
This is free software: you are free to change and redistribute it. 
There is NO WARRANTY, to the extent permitted by law.  Type "show copying" 
and "show warranty" for details. 
This GDB was configured as "x86_64-redhat-linux-gnu". 
Type "show configuration" for configuration details. 
For bug reporting instructions, please see: 
<http://www.gnu.org/software/gdb/bugs/>. 
Find the GDB manual and other documentation resources online at: 
<http://www.gnu.org/software/gdb/documentation/>. 
For help, type "help". 
Type "apropos word" to search for commands related to "word". 
(gdb)

Type help list to out the different classes of commands available inside gdb. Type help followed by a class name for a list of commands in that class. Type help all for the list of all commands. Command name abbreviations are allowed if they are unambiguous. For example, you can type n instead of typing next or c for continue and so on.

Most Commonly used GDB Commands

Commonly used gdb commands are listed in the following table. These commands are to be used from the gdb command prompt (gdb).

Note the difference between the two commands step and next. The next command does not go inside function if next line is a function call. Whereas step command can go in inside function and see what happens there.

A sample session with GDB

Consider the following source code.

// sum.c
#include <stdio.h> 

int sum (int a, int b) { 
	int c; 
	c = a + b; 
	return c; 
} 

int main() { 
	int x, y, z; 
	printf("\nEnter the first number: "); 
	scanf("%d", &x); 
	printf("Enter the second number: "); 
	scanf("%d", &y); 
	z = sum (x, y); 
	printf("The sum is %d\n\n", z); 
	return 0; 
}

In order to debug the output file we need to compile the same with -g option to gcc as follows.

$ gcc -g sum.c -o sum

The output file sum can be attached to gdb via either of the following 2 ways:

1. By specifying the output file as an argument to gdb.

$ gdb sum

2. Running output file inside gdb using file command.

$ gdb
(gdb) file sum

The list command lists lines in the source code file and moves the pointer. So first list will display the first 10 lines and next list displays the next 10 and so on.

(gdb) list
1	#include <stdio.h>   
2	 
3	int sum (int a, int b) { 
4		int c; 
5		c = a + b; 
6		return c; 
7	} 
8	 
9	int main() { 
10		int x, y, z;

To start execution, issue the run command. Now the program gets executed normally. But we forgot to put some breakpoints in the source code for debugging, right? These breakpoints can be specified for functions or at specified lines.

(gdb) b main

Note: I have used an abbreviation b for break.

After setting break point at main function, rerunning the program will stop at the line 11. The same thing can be made into effect if the line number is known before.

(gdb) b sum.c:11

Now step through the lines of code using the next or n command. It is important to note that next command does not go inside function code unless a break point is set on the function. Let’s try out the print command now. Set break point on function sum as below.

(gdb) b sum 
Breakpoint 1 at 0x4005aa: file sum.c, line 5. 
(gdb) r 
Starting program: /root/sum 

Enter the first number: 2 
Enter the second number: 3 

Breakpoint 1, sum (a=2, b=3) at sum.c:5 
5		c = a + b; 
(gdb) p a 
$1 = 2 
(gdb) p b 
$2 = 3
(gdb) c 
Continuing. 
The sum is 5 

[Inferior 1 (process 3444) exited normally]

(gdb) run   . . .

(gdb) info share 
From                To                  Syms Read   Shared Object Library 
0x00000035a6000b10  0x00000035a6019c70  Yes         /lib64/ld-linux-x86-64.so.2 
0x00000035a641f560  0x00000035a6560bb4  Yes         /lib64/libc.so.6

(gdb) r 
Starting program: /root/sum 

Enter the first number: 1 
Enter the second number: 2 

Breakpoint 1, main ( ) at sum.c:16 
16		printf("The sum is %d\n\n", z); 
(gdb) set z=4 
(gdb) c 
Continuing. 
The sum is 4

(gdb) info breakpoints 
Num     Type           Disp Enb Address            What 
1       breakpoint     keep y   0x00000000004005c2 in main at sum.c:11

(gdb) disable 1 
(gdb) info breakpoints 
Num     Type           Disp Enb Address            What 
1       breakpoint     keep n   0x00000000004005c2 in main at sum.c:11

$ pidof <process_name>

$ gdb -p <pid>

(gdb) attach <pid>

VirtualBox is an open source cross-platform virtualization software, it can be installed on any operating system and enable you to install and run multiple guest operating systems on same computer.

For example, if you install it on your Linux system, you can run Windows XP operating system under it as a Guest OS or run Linux OS on your Windows system and so on. This way, you can install and run as many as guest operating systems as you like, the only limit is disk space and memory.

Recently Oracle has released latest stable version of Virtualbox 6.0.0, the newest version of Virtual box comes with so many major changes and new features added to it.

Whats new in Virtualbox 6.0

• Added support for exporting a virtual machine to Oracle Cloud Infrastructure.
• A much improved HiDPI and scaling support, along with superior detection and per-machine configuration.
• A Major rework of user interface with smooth and easy setup of virtual machines.
• A new file manager allows user to manage the guest file system and copy files between host and guest.
• A major update of 3D graphics device emulation on Linux guests.
• vboximg-mount utility for hosts enables users to access the content of guest disks on the host.
• Added support for using Hyper-V on Windows host.

You can see the complete new change log details about VirtualBox 6.0 on their Official Changelog Page.

This guide explains how to install VirtualBox 6.0 on RHEL, CentOS and Fedora systems using VirtualBox’s own repository with YUM and DNF (for Fedora 22+ releases) tool.

This guide also explains how to install VirtualBox 6.0 on Debian, Ubuntu and Linux Mint systems using VirtualBox’s own repository with APT-GET or APT command.

Installing VirtualBox 6.0 in RHEL/CentOS and Fedora

If you’ve any earlier version of Virtualbox installed, remove that before installing latest version.

# yum remove VirtualBox*
# dnf remove VirtualBox*  [On Fedora 22+]

Adding VirtualBox Repository

Next add the VirtualBox own repository to install latest VirtualBox 6.0 on following systems.

For RHEL/CentOS 7/6/

# cd /etc/yum.repos.d/
# wget http://download.virtualbox.org/virtualbox/rpm/rhel/virtualbox.repo

For RHEL/CentOS 5

# wget http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
# rpm -Uvh epel-release-5-4.noarch.rpm

For Fedora 24-29

# cd /etc/yum.repos.d/
# wget http://download.virtualbox.org/virtualbox/rpm/fedora/virtualbox.repo

Install Dependency Packages for VirtualBox

VirtualBox uses vboxdrv kernel module to control and allocate physical memory for execution of guest operating systems. Without this module, you can still use the VirtualBox to create and configure virtual machines, but they will not work.

So, to make VirtualBox fully functional you will need to update your system first, then install some additional modules like DKMS, kernel-headers and kernel-devel and some dependency packages.

# yum update
# yum install binutils qt gcc make patch libgomp glibc-headers glibc-devel kernel-headers kernel-devel dkms

Install VirtualBox 6.0

Once you’ve installed all the needed dependency packages, you can install latest version of VirtualBox using following command.

# yum install VirtualBox-6.0

Rebuild Kernel Modules for VirtualBox 6.0

The below command will automatically create vboxusers group and user and also search and automatically rebuild required kernel modules.

------------- Fedora 22+ and CentOS/RHEL 7 ------------- 
/usr/lib/virtualbox/vboxdrv.sh setup
 
------------- Fedora 18-16 and CentOS/RHEL 6/5 ------------- 
/etc/init.d/vboxdrv setup
## OR ##
service vboxdrv setup

If the above build process fails, you will get a warning messages similar to below.

vboxdrv.sh: Stopping VirtualBox services.
vboxdrv.sh: Starting VirtualBox services.
vboxdrv.sh: Building VirtualBox kernel modules.
This system is currently not set up to build kernel modules.
Please install the Linux kernel "header" files matching the current kernel
for adding new hardware support to the system.
The distribution packages containing the headers are probably:
    kernel-devel kernel-devel-4.19.0-1.el7.elrepo.x86_64

Then you need to first check your installed kernel and then install needed kernel-devel using following commands.

# uname -r
# yum install kernel-devel-CURRENT_KERNEL

Note: replace CURRENT_KERNEL with string you get from uname -r.

Now run the build setup again.

# /usr/lib/virtualbox/vboxdrv.sh setup

Next, replace user_name in the following command with your own user name.

# usermod -a -G vboxusers user_name

Troubleshooting

If you get any error message like KERN_DIR or if your kernel source directory not detected automatically by build process, you can set it by using following command. Make sure you change kernel version according to your system as shown in red color.

## RHEL / CentOS / Fedora ##
KERN_DIR=/usr/src/kernels/4.19.0-1.el7.elrepo.x86_64

## Export KERN_DIR ##
export KERN_DIR

Installing VirtualBox 6.0 in Debian, Ubuntu and Linux Mint

First, uninstall any earlier version of Virtualbox if any.

$ sudo apt-get remove virtualbox-*

Next, install latest VirtualBox 6.0 version using official Virtualbox repository. To add the repository, use the following command as shown.

$ sudo sh -c 'echo "deb http://download.virtualbox.org/virtualbox/debian $(lsb_release -cs) contrib" >> /etc/apt/sources.list.d/virtualbox.list'
$ wget -q https://www.virtualbox.org/download/oracle_vbox.asc -O- | sudo apt-key add -
$ sudo apt-get update
$ sudo apt-get install virtualbox-6.0

Starting VirtualBox 6.0

Simply execute following command to start it from the terminal or use launcher from menu to start.

# VirtualBox

VirtualBox 6.0 Screenshots on CentOS 7

Installing VirtualBox Extension Pack

If you need some additional functionality such as VirtualBox RDP, PXE, ROM with E1000 support and USB 2.0 Host Controller support, etc. You need to download and install the VirtualBox Extension Pack using following wget command.

# # wget http://download.virtualbox.org/virtualbox/6.0.0/Oracle_VM_VirtualBox_Extension_Pack-6.0.0.vbox-extpack

# yum update VirtualBox-6.0

# apt-get install VirtualBox-6.0

# cd /etc/yum.repos.d/
# rm -rf virtualbox.repo
# yum remove VirtualBox-6.0

# apt-get remove VirtualBox-6.0

For any person, who does not have a sound knowledge of Linux Operating System and Linux File System, dealing with the files and their location, their use may be horrible, and a newbie may really mess up.

This article is aimed to provide the information about Linux File System, some of the important files, their usability and location.

Linux Directory Structure Diagram

A standard Linux distribution follows the directory structure as provided below with Diagram and explanation.

Each of the above directory (which is a file, at the first place) contains important information, required for booting to device drivers, configuration files, etc. Describing briefly the purpose of each directory, we are starting hierarchically.

1. /bin : All the executable binary programs (file) required during booting, repairing, files required to run into single-user-mode, and other important, basic commands viz., cat, du, df, tar, rpm, wc, history, etc.
2. /boot : Holds important files during boot-up process, including Linux Kernel.
3. /dev : Contains device files for all the hardware devices on the machine e.g., cdrom, cpu, etc
4. /etc : Contains Application’s configuration files, startup, shutdown, start, stop script for every individual program.
5. /home : Home directory of the users. Every time a new user is created, a directory in the name of user is created within home directory which contains other directories like Desktop, Downloads, Documents, etc.
6. /lib : The Lib directory contains kernel modules and shared library images required to boot the system and run commands in root file system.
7. /lost+found : This Directory is installed during installation of Linux, useful for recovering files which may be broken due to unexpected shut-down.
8. /media : Temporary mount directory is created for removable devices viz., media/cdrom.
9. /mnt : Temporary mount directory for mounting file system.
10. /opt : Optional is abbreviated as opt. Contains third party application software. Viz., Java, etc.
11. /proc : A virtual and pseudo file-system which contains information about running process with a particular Process-id aka pid.
12. /root : This is the home directory of root user and should never be confused with ‘/‘
13. /run : This directory is the only clean solution for early-runtime-dir problem.
14. /sbin : Contains binary executable programs, required by System Administrator, for Maintenance. Viz., iptables, fdisk, ifconfig, swapon, reboot, etc.
15. /srv : Service is abbreviated as ‘srv‘. This directory contains server specific and service related files.
16. /sys : Modern Linux distributions include a /sys directory as a virtual filesystem, which stores and allows modification of the devices connected to the system.
17. /tmp :System’s Temporary Directory, Accessible by users and root. Stores temporary files for user and system, till next boot.
18. /usr : Contains executable binaries, documentation, source code, libraries for second level program.
19. /var : Stands for variable. The contents of this file is expected to grow. This directory contains log, lock, spool, mail and temp files.

Linux is a complex system which requires a more complex and efficient way to start, stop, maintain and reboota system unlike Windows. There is a well defined configuration files, binaries, man pages, info files, etc. for every process in Linux.

1. /boot/vmlinuz : The Linux Kernel file.
2. /dev/hda : Device file for the first IDE HDD (Hard Disk Drive)
3. /dev/hdc : Device file for the IDE Cdrom, commonly
4. /dev/null : A pseudo device, that don’t exist. Sometime garbage output is redirected to /dev/null, so that it gets lost, forever.
5. /etc/bashrc : Contains system defaults and aliases used by bash shell.
6. /etc/crontab : A shell script to run specified commands on a predefined time Interval.
7. /etc/exports : Information of the file system available on network.
8. /etc/fstab : Information of Disk Drive and their mount point.
9. /etc/group : Information of Security Group.
10. /etc/grub.conf : grub bootloader configuration file.
11. /etc/init.d : Service startup Script.
12. /etc/lilo.conf : lilo bootloader configuration file.
13. /etc/hosts : Information of Ip addresses and corresponding host names.
14. /etc/hosts.allow : List of hosts allowed to access services on the local machine.
15. /etc/host.deny : List of hosts denied to access services on the local machine.
16. /etc/inittab : INIT process and their interaction at various run level.
17. /etc/issue : Allows to edit the pre-login message.
18. /etc/modules.conf : Configuration files for system modules.
19. /etc/motd : motd stands for Message Of The Day, The Message users gets upon login.
20. /etc/mtab : Currently mounted blocks information.
21. /etc/passwd : Contains password of system users in a shadow file, a security implementation.
22. /etc/printcap : Printer Information
23. /etc/profile : Bash shell defaults
24. /etc/profile.d : Application script, executed after login.
25. /etc/rc.d : Information about run level specific script.
26. /etc/rc.d/init.d : Run Level Initialisation Script.
27. /etc/resolv.conf : Domain Name Servers (DNS) being used by System.
28. /etc/securetty : Terminal List, where root login is possible.
29. /etc/skel : Script that populates new user home directory.
30. /etc/termcap : An ASCII file that defines the behaviour of Terminal, console and printers.
31. /etc/X11 : Configuration files of X-window System.
32. /usr/bin : Normal user executable commands.
33. /usr/bin/X11 : Binaries of X windows System.
34. /usr/include : Contains include files used by ‘c‘ program.
35. /usr/share : Shared directories of man files, info files, etc.
36. /usr/lib : Library files which are required during program compilation.
37. /usr/sbin : Commands for Super User, for System Administration.
38. /proc/cpuinfo : CPU Information
39. /proc/filesystems : File-system Information being used currently.
40. /proc/interrupts : Information about the current interrupts being utilised currently.
41. /proc/ioports : Contains all the Input/Output addresses used by devices on the server.
42. /proc/meminfo : Memory Usages Information.
43. /proc/modules : Currently using kernel module.
44. /proc/mount : Mounted File-system Information.
45. /proc/stat : Detailed Statistics of the current System.
46. /proc/swaps : Swap File Information.
47. /version : Linux Version Information.
48. /var/log/lastlog : log of last boot process.
49. /var/log/messages : log of messages produced by syslog daemon at boot.
50. /var/log/wtmp : list login time and duration of each user on the system currently.

That’s all for now.

Source

In this article, we would like to introduce to you another useful command-line based interface to git called Tig.

Tig is a free open source, cross platform ncurses-based text-mode interface for git. It is a straight-forward interface to git that can help in staging changes for commit at chunk level and works as a pager for output from different Git commands. It can run on Linux, MacOSX as well as Windows systems.

How to Install Tig in Linux Systems

To install Tig in Linux, you need to first clone the Tig repository to your system and install it as shown.

$ git clone git://github.com/jonas/tig.git
$ make
$ make install

By default, tig will be installed under $HOME/bin directory, but ff you wish to install it in another directory under in your PATH, set prefix to the desired path, as shown.

$ make prefix=/usr/local
$ sudo make install prefix=/usr/local

Once you have installed Tig on your system, using the cd command get into your any of your local git repositories and run tig without any arguments, which should show all commits for the repository.

$ cd ~/bin/shellscripts/
$ tig  

To quit Tig, press q to close it.

Display Repository Activity Log

To display a log activities of the above repository, use the log sub-command.

$ tig log

Show Repository Objects

The show sub-command allows you to display one or more objects such as commits and many more, in a more detailed way, as shown.

$ tig show commits

Search A Pattern/Word in Git Files

You can also search for a particular pattern (for example the word check) in your git files with the grep sub-command, as shown.

$ tig grep check 

Display Git Repository Status

To display status of your git repository use status sub-command as shown.

$ tig status

For more Tig usage, please refer to help section or visit the Tig Github repository at https://github.com/jonas/tig.

$ tig -h

Tig is a simple ncurses-based interface to git repositories and mainly act as a Git repository browser. Give us your feedback or ask any questions via the comment form below.

Source

Etherpad is a web based free document editor tool which allows a group of users to work jointly on a document in a real time, like a multi player editor which runs on a web browser. Etherpad authors can edit and at the same time see each others edits in real time with a capability to display author’s text in their own colours.

This tool has a separate chat box in the sidebar allowing authors to communicate during editing. Etherpad is written in JavaScript both on server side and client side, so that it comes easy for developers to maintain and add new features.

Etherpad is designed in such a way that you can have access to all data through a well-documented HTTP API. This software also helps you to import/export data to many exchange formats and comes with translations too where authors can deliver correct language for their local settings.

For your reference, I’ve attached a Demo of Etherpad Lite at below link.

1. Watch EtherPad Demo

In this tutorial, I will describe how to install and configure Etherpad Lite a web-based real time collaborative document editing application on RHEL, CentOS, Fedora, Debian, Ubuntu and Linux Mint.

Installing Etherpad Lite on Linux

First, we need to download and install few required libraries and development tools. Open the terminal and run the following command either as root or by adding sudo at the beginning of each command.

Step 1: Install Libraries and Development Packages

You’ll need gzip, git, curl, libssl python, develop libraries, python and gcc packages.

On RHEL / CentOS / Fedora

# yum install gzip git-core curl python openssl-devel && yum groupinstall "Development Tools" For FreeBSD: portinstall node, npm, git

On Debian / Ubuntu / Linux Mint

$ sudo apt-get install gzip git-core curl python libssl-dev pkg-config build-essential

Step 2: Install Node.js

Additionally, you will also need to download and compile latest stable Node.js version from source packages using following commands.

$ wget http://nodejs.org/dist/node-latest.tar.gz
$ tar xvfvz node-latest.tar.gz
$ cd node-v0.10.23     [Replace a version with your own]
$ ./configure
$ make
$ sudo make install

Once you have successfully installed, verify the Node.js version using the command as follows.

$ node --version

v0.10.23

Step 3: Download and Install Etherpad Lite

We will create a separate user called “etherpad” to run Etherpad application independently. So, first create a user with its home directory.

# useradd --create-home etherpad

Now switch to “etherpad” user and download the latest stable version of Etherpad Lite using GIT repository as shown.

# su - etherpad
$ cd /home/etherpad
$ git clone http://github.com/ether/etherpad-lite.git

Once you’ve downloaded source files, change into the newly created directory containing the cloned source code.

$ cd etherpad-lite/bin

Now, execute run.sh script.

$ ./run.sh

Sample Output

Copy the settings template to settings.json...
Ensure that all dependencies are up to date...  If this is the first time you have run Etherpad please be patient.
[2013-12-17 05:52:23.604] [WARN] console - DirtyDB is used. This is fine for testing but not recommended for production.
[2013-12-17 05:52:24.256] [INFO] console - Installed plugins: ep_etherpad-lite
[2013-12-17 05:52:24.279] [INFO] console - Your Etherpad git version is 7d47d91
[2013-12-17 05:52:24.280] [INFO] console - Report bugs at https://github.com/ether/etherpad-lite/issues
[2013-12-17 05:52:24.325] [INFO] console -    info  - 'socket.io started'
[2013-12-17 05:52:24.396] [INFO] console - You can access your Etherpad instance at http://0.0.0.0:9001/
[2013-12-17 05:52:24.397] [WARN] console - Admin username and password not set in settings.json.  To access admin please uncomment and edit 'users' in settings.json

Step 4: Access and Create New Pad in Etherpad Lite

Now you should able to browse the web interface of Etherpad Lite at http://localhost:9001 or http://your-ip-address:9001 in a web browser.

Create a new document by giving a Pad name. Please remember, enter new name when creating a new document or enter name of the previously edited document to access.

For example, I’ve created a new document called “tecmint”. User’s can create multiple new pads in separate windows, each user’s document window appears on another window automatically in real-time. Each user’s window is highlighted in two different colours and also user’s can interact with each other using built-in chat box.

Each newly created document has its own URL structure. For example, my new “tecmint” pad get’s a URL as http://your-ip-address:9001/p/tecmint. You can share this document URL with your friends and colleagues. You can even embed the editor window into another HTML web page as an iframe.

You can save the document while editing is in progress by clicking the STAR button, however they are created periodically. To access a saved revision of the document add the number of the saved revision. For example, if you would like to see the saved revision number (i.e. 2) in this case, replace the number 6 with 2 at the http://your-ip-address:9001/p/tecmint/6/export/text.

Etherpad also comes with built-in feature called import and export, where you can import any external document or export a current saved document to a separate file. The document can be downloaded in HTML, Open Document, Microsoft Word, PDF or Plain text format.

A “time slider” feature enables anyone to explore the history of the pad.

Step 5: Using Etherpad Lite with MySQL Backend

By default Etherpad stores documents in a flat-file database. I suggest you to use MySQL as a backend to store created and edited documents. For this, you must have MySQL installed on your system. If you don’t have, install it on the system, you can install it using following commands as root user or using sudo.

On RHEL / CentOS / Fedora

# yum install mysql-server mysql
# service mysqld start
# chkconfig mysqld on

On Debian / Ubuntu / Linux Mint

# apt-get install mysql-server mysql-client
# service mysqld start

After MySQL has installed, connect to mysql shell by running a following command.

# mysql -u root -p

Once you in mysql shell, issue the following command to create the database.

create database etherpad_lite;

Grant permissions to a newly created database account. Replace “your-password” with your own password.

grant all privileges on etherpad_lite.* to 'etherpad'@'localhost' identified by 'your-password';

Leave the mysql client.

exit;

Now, switch to “etherpad” user and go into the etherpad directory and run the following commands:

# su - etherpad
$ cd /home/etherpad/etherpad-lite    
$ cp settings.json.template settings.json

# vi settings.json

"sessionKey" : "",

"sessionKey" : "Aate1mn160",

"dbType" : "dirty",
  //the database specific settings
  "dbSettings" : {
                   "filename" : "var/dirty.db"
                 },

// "dbType" : "dirty", */
  //the database specific settings
  // "dbSettings" : {
  //                   "filename" : "var/dirty.db"
  //                 },

  /* An Example of MySQL Configuration
   "dbType" : "mysql",
   "dbSettings" : {
                    "user"    : "etherpad",
                    "host"    : "localhost",
                    "password": "your-password",
                    "database": "etherpad_lite"
                  },

  */
  "users": {
    "admin": {
      "password": "your-password",
      "is_admin": true
    },

./bin/installDeps.sh

./bin/run.sh

mysql -u root -p
alter database etherpad_lite character set utf8 collate utf8_bin;
use etherpad_lite;
alter table store convert to character set utf8 collate utf8_bin;
exit;

./bin/run.sh

Alfresco is an open source ECM system (Enterprise Content Management) written in Java which provides electronic management, collaboration and business control.

This guide will cover how to install and configure Alfresco Community Edition on RHEL/CentOS 7/6, Debian 8and Ubuntu systems with Nginx server as a frontend web server for the application.

Requirements

As for the minimum system requirements, Alfresco needs a machine with at least 4 GB of RAM and a 64-bit Operating System.

Step 1: Install Alfresco Community Edition

1. Before proceeding with Alfresco installation first assure that wget utility is installed on your machine by issuing the below command with root privileges or from root account.

# yum install wget
# apt-get install wget

2. Next, setup your system hostname and assure that local resolution points to your server IP Address by issuing the following commands:

# hostnamectl set-hostname server.alfresco.lan
# echo “192.168.0.40 server.alfresco.lan” >> /etc/hosts

3. Remove any MTA from the machine (in this case Postfix Mail server) by issuing the below command:

# yum remove postfix
# apt-get remove postfix

4. Install the following dependencies required by Alfresco software in order to run properly:

# yum install fontconfig libSM libICE libXrender libXext cups-libs
# apt-get install libice6 libsm6 libxt6 libxrender1 libfontconfig1 libcups2

5. Next, go to Alfresco Community Edition repository page hosted on sourceforge.net portal and grab the latest binary version (i.e. alfresco-community-5.0.d-installer-linux-x64.bin) for Linux using wget utility.

# wget http://nchc.dl.sourceforge.net/project/alfresco/Alfresco%205.0.d%20Community/alfresco-community-5.0.d-installer-linux-x64.bin

6. After the binary file download finishes, issue the following command in order to grant execution permissions for the file and run alfresco installer.

# chmod +x alfresco-community-5.0.d-installer-linux-x64.bin
# ./alfresco-community-5.0.d-installer-linux-x64.bin

7. After the installation process starts, select the language and continue the installation process by using the below installation wizard as a guide to configure Alfresco:

[root@server ~]# ./alfresco-community-5.0.d-installer-linux-x64.bin 
Language Selection

Please select the installation language
[1] English - English
[2] French - Français
[3] Spanish - Español
[4] Italian - Italiano
[5] German - Deutsch
[6] Japanese - 日本語
[7] Dutch - Nederlands
[8] Russian - Русский
[9] Simplified Chinese - 简体中文
[10] Norwegian - Norsk bokmål
[11] Brazilian Portuguese - Português Brasileiro
Please choose an option [1] : 1 ---------------------------------------------------------------------------- Welcome to the Alfresco Community Setup Wizard. ---------------------------------------------------------------------------- Installation Type [1] Easy - Installs servers with the default configuration [2] Advanced - Configures server ports and service properties.: Also choose optional components to install. Please choose an option [1] : 2 ---------------------------------------------------------------------------- Select the components you want to install; clear the components you do not want to install. Click Next when you are ready to continue. Java [Y/n] :y PostgreSQL [Y/n] :y Alfresco : Y (Cannot be edited) Solr1 [y/N] : n Solr4 [Y/n] :y SharePoint [Y/n] :y Web Quick Start [y/N] : y Google Docs Integration [Y/n] :y LibreOffice [Y/n] :y Is the selection above correct? [Y/n]: y

Alfresco Installation Wizard Continues….

----------------------------------------------------------------------------
Installation Folder

Please choose a folder to install Alfresco Community

Select a folder [/opt/alfresco-5.0.d]: [Press Enter key] ---------------------------------------------------------------------------- Database Server Parameters Please enter the port of your database. Database Server port [5432]: [Press Enter key] ---------------------------------------------------------------------------- Tomcat Port Configuration Please enter the Tomcat configuration parameters you wish to use. Web Server domain: [127.0.0.1]: 192.168.0.15 Tomcat Server Port: [8080]: [Press Enter key Tomcat Shutdown Port: [8005]: [Press Enter key Tomcat SSL Port [8443]: [Press Enter key Tomcat AJP Port: [8009]: [Press Enter key ---------------------------------------------------------------------------- Alfresco FTP Port Please choose a port number to use for the integrated Alfresco FTP server. Port: [21]: [Press Enter key

Alfresco Installation Continues…

----------------------------------------------------------------------------
Admin Password

Please give a password to use for the Alfresco administrator account.

Admin Password: :[Enter a strong password for Admin user] Repeat Password: :[Repeat the password for Admin User] ---------------------------------------------------------------------------- Alfresco SharePoint Port Please choose a port number for the SharePoint protocol. Port: [7070]: [Press Enter key] ---------------------------------------------------------------------------- Install as a service You can optionally register Alfresco Community as a service. This way it will automatically be started every time the machine is started. Install Alfresco Community as a service? [Y/n]: y ---------------------------------------------------------------------------- LibreOffice Server Port Please enter the port that the Libreoffice Server will listen to by default. LibreOffice Server Port [8100]: [Press Enter key] ----------------------------------------------------------------------------

Alfresco Installation Setup Continues..

----------------------------------------------------------------------------
Setup is now ready to begin installing Alfresco Community on your computer.

Do you want to continue? [Y/n]: y ---------------------------------------------------------------------------- Please wait while Setup installs Alfresco Community on your computer. Installing 0% ______________ 50% ______________ 100% ######################################### ---------------------------------------------------------------------------- Setup has finished installing Alfresco Community on your computer. View Readme File [Y/n]: n Launch Alfresco Community Share [Y/n]: y waiting for server to start....[root@server ~]# done server started /opt/alfresco-5.0.d/postgresql/scripts/ctl.sh : postgresql started at port 5432 Using CATALINA_BASE: /opt/alfresco-5.0.d/tomcat Using CATALINA_HOME: /opt/alfresco-5.0.d/tomcat Using CATALINA_TMPDIR: /opt/alfresco-5.0.d/tomcat/temp Using JRE_HOME: /opt/alfresco-5.0.d/java Using CLASSPATH: /opt/alfresco-5.0.d/tomcat/bin/bootstrap.jar:/opt/alfresco-5.0.d/tomcat/bin/tomcat-juli.jar Using CATALINA_PID: /opt/alfresco-5.0.d/tomcat/temp/catalina.pid Tomcat started. /opt/alfresco-5.0.d/tomcat/scripts/ctl.sh : tomcat started

8. After the installation process finishes and Alfresco services are started issue the below commands in order to open the following firewall ports to allow external hosts in your network to connect to the web application.

# firewall-cmd --add-port=8080/tcp -permanent
# firewall-cmd --add-port=8443/tcp -permanent
# firewall-cmd --add-port=7070/tcp -permanent
# firewall-cmd --reload

In case you need to add other firewall rules to open ports in order to access custom Alfresco services issue the ss command to get a list of all the services running on your machine.

# ss -tulpn

9. To access Alfresco web services, open a browser and use the following URLs (replace the IP Address or domain accordingly). Login with admin user and the password configured for Admin through the installation process.

http://IP-or-domain.tld:8080/share/ 

http://IP-or-domain.tld:8080/alfresco/ 

For WebDAV.

http://IP-or-domain.tld:8080/alfresco/webdav 

For HTTPS accept the security exception.

https://IP-or-domain.tld:8443/share/ 

Alfresco SharePoint Module with Microsoft.

http://IP-or-domain.tld:7070/

Step 2: Configure Nginx as Frontend Web Server for Alfresco

10. In order to install Nginx server on the system, first add Epel Repositories on CentOS/RHEL by issuing the below command:

# yum install epel-release

11. After Epel repos are added into the system proceed with Nginx web server installation by issuing the following command:

# yum install nginx       [On RHEL/CentOS Systems]
# apt-get install nginx   [On Debian/Ubuntu Systems]  

12. On the next step open Nginx configuration file from /etc/nginx/nginx.conf with a text editor and make the following changes:

location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

Go below and make sure you comment the second location statement by placing a # in front of the following lines:

#location / {
#        }

13. After you’re done, save and close Nginx configuration file and restart daemon to reflect change by issuing the following command:

# systemctl restart nginx.service

14. In order to access Alfresco web interface add a new firewall rule to open port 80 on your machine and navigate to the below URL. Also, make sure Selinux policy is disabled on RHEL/CentOS systems.

# firewall-cmd --add-service=http -permanent
# firewall-cmd --reload
# setenforce 0

To completely disable Selinux policy on the system, open /etc/selinux/config file and set the line SELINUX from enforcing to disabled.

15. Now you can access Alfresco through Nginx.

 http://IP-or-domain.tld/share/ 
 http://IP-or-domain.tld/alfresco/
 http://IP-or-domain.tld/alfresco/webdav 

15. In case you want to securely visit Alfresco web interface through Nginx proxy with SSL, create a Self-Signed Certificate for Nginx on /etc/nginx/ssl/ directory and fill the certificate with your custom settings as illustrated on below screenshot:

# mkdir /etc/nginx/ssl
# cd /etc/nginx/ssl/
# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout alfresco.key -out alfresco.crt

Pay attention to Certificate Common Name to match your domain hostname.

17. Next, open Nginx configuration file for editing and add the following block before the last closing curly bracket (the } symbol).

# vi /etc/nginx/nginx.conf

Nginx SSL block excerpt:

server {
    listen 443;
    server_name _;

    ssl_certificate           /etc/nginx/ssl/alfresco.crt;
    ssl_certificate_key       /etc/nginx/ssl/alfresco.key;

    ssl on;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    access_log            /var/log/nginx/ssl.access.log;

      location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
## This is the last curly bracket before editing the file. 
  }

18. Finally, restart Nginx daemon to apply changes, add a new firewall rule for 443 port.

# systemctl restart nginx
# firewall-cmd -add-service=https --permanent
# firewall-cmd --reload

and instruct the browser to your domain URL using the HTTPS protocol.

https://IP_or_domain.tld/share/
https://IP_or_domain.tld/alfresco/

19. In order to enable Alfresco and Nginx daemons system-wide run the below command:

# systemctl enable nginx alfresco

That’s all! Alfresco offers integration with MS Office and LibreOffice via CIFs protocol providing a familiar workflow for users.

Source

In this busy world we have little time for anything other than our work. Leisure from work recharges us. The small break we take in-between our job which may extend from a few minutes to some hour is utilized by us in the task we love and appreciate. It again ranges from – Cracking Jokes, Playing, sleeping or watching daily soaps and Movies.

Watching Movies is liked by most of us. We rely on Television or Various Video Streaming websites (YouTube, Metacafe, etc) to watch movies. In TV we don’t have choice and on Video Streaming website you rarely gets a latest movie. How about something that gives you an interface to watch daily soaps and Movies of your choice of all genres with lots of Language Support?

Here comes a tool ‘Popcorn Time‘ which performs all the above discussed function and the performance of which is out-of-box.

What is Popcorn Time?

Popcorn Time is a Free and Open Source Software released under General Public License and written in programming languages which includes – HTML, JavaScript and CSS, which streams video on-line for free without the need of filling silly forms or adding your credit card details. It is available for all major operating platforms including Linux, Mac OS and Windows.

Features of Popcorn Time

1. Great Movies Availability.
2. No Restriction and you can watch Movies as many times as you want.
3. Awesome Catalog – Automatically finds best version available and starts streaming it.
4. Best Quality – Stream HD Movie, Instantaneously.
5. Drag-and-Drop subtitles ‘.srt files’.
6. Supports 44 Different Languages.
7. Icons and Links for ‘About Dialog’ – Better presentation.
8. Full Window Supported.
9. Added a Help for Key Board Shortcuts.
10. Quality Filter for Movies.
11. Search box to search movies.

How Popcorn Time Works?

The movies in Popcorn time is streamed using bittorrent Protocol. The Application program streams pirated movies directly from torrent trackers. The User Interface of Popcorn Time enables a user to search movies based upon a huge genre and categories. The film is presented in Thumbnails along with the Film Title, their ratings, Year, a small review and the subtitles availability in various Languages. It has a ‘WATCH IT NOW‘ button which makes it possible to stream the movie instantaneously without any formality.

Popcorn Time is used all around the globe in all the countries including those two countries who does not have INTERNET connection as reported by Popcorn time Official site. In some countries the users were getting legal threats against pirated movies. To FIX this Popcorn Time now has encrypted its BitTorrent Traffic and Included VPN service which ensures the identity of third party users can no longer be traced thus avoiding unnecessary risk.

The other side of the story…

Streaming of pirated movies brought this application in debate if this is legal or illegal. We are not going to discuss if this is legal or not and for a FOSS Enthusiastic it rarely means anything. Well the controversy of streaming illegal pirated movies forced its developers to discontinue the project and as a result on March 14th of 2014, the official website of Popcorn Times and GitHub Repository were removed.

Popcorn Time announced that it was ceasing operations, in a blog post at http://getpopcornti.me/.

“Popcorn Time is shutting down today. Not because we ran out of energy, commitment, focus or allies. But because we need to move on with our lives.

Our experiment has put us at the doors of endless debates about piracy and copyright, legal threats and the shady machinery that makes us feel in danger for doing what we love. And that’s not a battle we want a place in.

Later the Announcement

The development of Popcorn Time was taken over by two team and since then this project again moved into ‘Active‘ stage. At this point of time both the groups carrying out the development of Popcorn time uses their own and distinct websites. One is popcorntime.io and the other is Time4Popcorn.eu.

Installation of Popcorn Time in Linux

Download Popcorn Time source tarball package (latest version 0.3.7.2) from any of the two developers’ group website.

1. http://popcorntime.io/
2. http://time4popcorn.eu/

Alternatively, you may also use wget command to download tarballs directly in your terminal.

Note: You must have ‘xz-utils‘ package installed on the system to extract the ‘xz‘ format tarball. If not, install the package xz-utils using yum or apt package manager.

On 32-Bit Systems

$ wget https://get.popcorntime.io/build/Popcorn-Time-0.3.7.2-Linux32.tar.xz
$ tar -xvf Popcorn-Time-0.3.7.2-Linux32.tar.xz 
# cd Popcorn-Time/
$ chmod 755 Popcorn-Time 
./Popcorn-Time

On 64-Bit Systems

$ wget https://get.popcorntime.io/build/Popcorn-Time-0.3.7.2-Linux64.tar.xz
$ tar -xvf Popcorn-Time-0.3.7.2-Linux64.tar.xz 
# cd Popcorn-Time/
$ chmod 755 Popcorn-Time 
./Popcorn-Time

Note: In my Debian Jessie (sid/Testing) x86_64 architecture processor. I got the below warning message when I tried running Popcorn-Time.

$ ./Popcorn-Time 

./Popcorn-Time: error while loading shared libraries: libudev.so.0: cannot open shared object file: No such file or directory

I’ve fixed, by creating a symbolic link tolibudev.so.1 to libudev.so.

$ ln -sf /lib/x86_64-linux-gnu/libudev.so.1 /lib/x86_64-linux-gnu/libudev.so.0

After that fix, I again tried running Popcorn-Time and I run without any glitch.

Testing Popcorn Time

Please accept the terms of service.

The second window says “This Popcorn Time Service will Never be taken Down. Enjoy”.

The Movie Gallery.

Check the effect when I put my mouse over a Movie Thumbnai (2nd row – 4th Column). You can mark “mark as seen” as well as “Add to bookmark”.

The next window upon clicking the Movies Tiles shows Information related to Movie like – Year, Play Time, Genre, No. of starts, A summary of what the movie is all about, Subtitles availability in Languages (see the flags), etc.

In popcorn time or VLC, Watch Trailer, Pixel choice in which you want to watch, subtitles, short description of the movie, magnet link Download and related information like torrent health, number of seeds, ratio, peers, etc.

And here the movie starts.

Watching Movie – Quality is High and i didn’t lagged any time (well my connection speed is good too). You have the option to pause and play movie, anytime.

The subtitles option. You can Import your own Subtitle ‘.srt‘ file just by dragging and droping. Change volume, minimise, maximize or close it (see the X on the Top Right).

TV Series Gallery. Play the same way.

Anime Gallery. Choose what to play

You may watch Movies, TV Series and Anime over a lot of Genre be it comedy or fantasy or fiction.

You also have the option to sort you favourite Movies/ TV Series or Anime by popularity, Year, Update, Name or Rating.

Settings Interface – Though you do not need to edit it unless you really mean it.

Search for a movie of choice using the search box above.

About Popcorn Time – Thanks to all the Designers and Developers who contribution make it project a success.

Conclusion

I personally feel this tool very Impressive. The real time torrent download and streaming of movie is brilliant. The tool really is a better alternative to Netflix. It is working out of box and seems promising. You will never let it go if you are a movie-hunter.

That’s all for now.

Source

Reprepro is a small command-line tool to create and manage .deb repositories easily, Today we’ll be showing how to create a Debian package repositories easily using reprepro and how to upload it to Sourceforge.net using rsync command.

Step 1: Install Reprepro and Generate Key

First, install all the necessary packages, using the following apt-get command.

$ sudo apt-get install reprepro gnupg

Now you need to generate a gpg key using gnupg, to do this, apply this command.

$ gpg --gen-key

It will ask you some questions, like the kind of the key you want, how long the key should be valid, if you don’t know what to answer, just click Enter for the default options (recommended).

Of course, it will ask you for a username and a password, keep those in mind, because we will need them later.

gpg (GnuPG) 1.4.14; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 
Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
        = key expires in n days
      w = key expires in n weeks
      m = key expires in n months
      y = key expires in n years
Key is valid for? (0) 
Key does not expire at all
Is this correct? (y/N) Y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: ravisaive
Email address: tecmint.com@gmail.com
Comment: tecmint
You selected this USER-ID:
    "Ravi Saive (tecmint) <tecmint.com@gmail.com>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

+++++
gpg: key 2EB446DD marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
pub   2048R/2EB446DD 2014-06-24
      Key fingerprint = D222 B1C9 342E 5911 02B1  9147 3BD6 7918 2EB4 46DD
uid                  Ravi Saive (tecmint) <tecmint.com@gmail.com>
sub   2048R/7EF2F750 2014-06-24

Now your key will be generated, to Check if so, run this command as a root privileges.

$ sudo gpg --list-keys

Sample Output

/home/ravisaive/.gnupg/pubring.gpg
----------------------------------
pub   2048R/2EB446DD 2014-06-24
uid                  ravisaive (tecmint) <tecmint.com@gmail.com>
sub   2048R/7EF2F750 2014-06-24

Step 2: Create a Package Repository and Export Key

We’ll start the work now to create the repository, first you have to create some folders, our repository will be in /var/www/apt directory, so let’s create some folders.

$ sudo su
# cd /var/www
# mkdir apt
# mkdir -p ./apt/incoming 
# mkdir -p ./apt/conf
# mkdir -p ./apt/key

You have now to export the key you created to the repository folder, run.

# gpg --armor --export username yourmail@mail.com >> /var/www/apt/key/deb.gpg.key

Note: Replace username with the username you entered in above step, and yourmail@mail.com with your email.

We need to create a file called “distributions” inside /var/www/apt/conf.

# touch /var/www/apt/conf/distributions

Add these following lines to the distributions file and save the file.

Origin: (yourname)
Label: (name of repository)
Suite: (stable or unstable)
Codename: (the codename for the distribution you are using, like trusty)
Version: (the version for the distribution you are using, like 14.04)
Architectures: (the repository packages  architecture, like i386 or amd64)
Components: (main restricted universe multiverse)
Description: (Some information about the repository)
SignWith: yes

Next, We’ll have to create the repository tree, to do this, run those commands.

# reprepro --ask-passphrase -Vb /var/www/apt export

Sample Output

Created directory "/var/www/apt/db"
Exporting Trusty...
Created directory "/var/www/apt/dists"
Created directory "/var/www/apt/dists/Trusty"
Created directory "/var/www/apt/dists/Trusty/universe"
Created directory "/var/www/apt/dists/Trusty/universe/binary-i386"
FF5097B479C8220C ravisaive (tecmint) <tecmint.com@gmail.com> needs a passphrase
Please enter passphrase:
Successfully created '/var/www/apt/dists/Trusty/Release.gpg.new'
FF5097B479C8220C ravisaive (tecmint) <tecmint.com@gmail.com> needs a passphrase
Please enter passphrase:
Successfully created '/var/www/apt/dists/Trusty/InRelease.new'

Step 3: Add Packages to Newly Created Repository

Now prepare your .deb packages to be added to the repository. Go to the /var/www/apt directory, you have to do this each time you want to add packages.

# cd /var/www/apt
# reprepro --ask-passphrase -Vb . includedeb Trusty /home/ravisaive/packages.deb

Note: Replace trusty with the codename you entered for the repository in the distributions file, and replace /home/username/package.deb with the path to the package, you will be asked for the passphrase to enter.

Sample Output

/home/ravisaive/packages.deb : component guessed as 'universe'
Created directory "./pool"
Created directory "./pool/universe"
Created directory "./pool/universe/o"
Created directory "./pool/universe/o/ojuba-personal-lock"
Exporting indices...
FF5097B479C8220C ravisaive (tecmint) <tecmint.com@gmail.com> needs a passphrase
Please enter passphrase:
Successfully created './dists/Trusty/Release.gpg.new'
FF5097B479C8220C ravisaive (tecmint) <tecmint.com@gmail.com> needs a passphrase
Please enter passphrase:
Successfully created './dists/Trusty/InRelease.new'

Your package is added to the repository, to remove it.

# reprepro --ask-passphrase -Vb /var/www/apt remove trusty  package.deb

And of course, you need to modify the command with your package name and the repository codename.

Step 4: Upload Repository to Sourceforge.net

To upload the repository to Sourceforge.net, you need to have a running account there of course, and a running project, let’s assume that you want to upload the repository to http://sourceforge.net/projects/myfoo/testrepository where myfoo is your project name (UNIX name, not URL, not the Title), and testrepository is the folder where you want to upload the files into, We will do this using rsync command.

# rsync -avP -e ssh /var/www/apt/ username@frs.sourceforge.net:/home/frs/project/myfoo/testrepository/

Note: Replace username with your username on sourceforge.net and myfoo with your project UNIX-name and testrepository with the folder you want to store the files in.

Now thats your repository is uploaded to http://sourceforge.net/projects/myfoo/testrepository, to add it to your installed system, first you have to import the repository key, it will be in /var/www/apt/key/deb.gpg.key, but that’s a local path and the users for your repository won’t be able to add it to their systems, thats why we’ll be importing the key from sourceforge.net.

$ sudo su
# wget -O - http://sourceforge.net/projects/myfoo/testrepository/apt/key/deb.gpg.key | apt-key add -

You can add the repository easily now to your system, open /etc/apt/sources.list and add this line.

deb http://sourceforge.net/projects/myfoo/testrepository/apt/key/deb.gpg.key trusty main

Note: Replace myfoo with your project UNIX-Name, trusty with your repository codename, testrepository with the folder you uploaded the files into, and main with repository components you added to the distributions file.

Next, run following to update the repositories list.

$ sudo apt-get update

Congratulations! Your repository is active! You can now install packages easily from it if you want.

Source