Since the last “ca-certificates” release for RHEL/CentOS 6 or Fedorar 14 with version stating 2013, there is a roaming error of not being able to update “ca-certificate” version starting from 2010 to the latest 2013. The error is somewhat looks the following through yum:
Updating : ca-certificates-2013.1.94-65.0.el6.noarch 1/2
Error unpacking rpm package ca-certificates-2013.1.94-65.0.el6.noarch
warning: /etc/pki/java/cacerts created as /etc/pki/java/cacerts.rpmnew
warning: /etc/pki/tls/certs/ca-bundle.crt created as /etc/pki/tls/certs/ca-bundle.crt.rpmnew
warning: /etc/pki/tls/certs/ca-bundle.trust.crt created as /etc/pki/tls/certs/ca-bundle.trust.crt.rpmnew
error: unpacking of archive failed on file /etc/ssl/certs: cpio: rename
Verifying : ca-certificates-2013.1.94-65.0.el6.noarch 1/2
ca-certificates-2010.63-3.el6_1.5.noarch was supposed to be removed but is not!
Verifying : ca-certificates-2010.63-3.el6_1.5.noarch 2/2
ca-certificates.noarch 0:2010.63-3.el6_1.5 ca-certificates.noarch 0:2013.1.94-65.0.el6
The following part of the error to be noted:
error: unpacking of archive failed on file /etc/ssl/certs: cpio: rename
It looks like the new “ca-certificate” is using a new structure. In old versions, “certs” is a folder which contains old certificates. While updating with the new one, it is trying to create a symlink with the /etc/pki/tls/certs/ by removing the old directory, which it fails with yum.
To solve the error, run the following:
$ mv /etc/ssl/certs /etc/ssl/certs.back
$ ln -s /etc/pki/tls/certs /etc/ssl/certs
$ yum update ca-certificate*
This should solve the error.
I had been seeing an uprising issue of forced file system quota check on every boot after migrating to RHEL 6 or CentOS 6. I hadn’t seen the same issue before. I had been tackling it by changing the quotacheck file on each boot to something different. Quotacheck file is located:
$ ls /sbin/quotacheck
I couldn’t get enough information on something was changed in RHEL 6 which triggered this event. I went to trace out the root reason of this starting from Linux Boot Init script.
Continue reading “How to Solve Force File System Quota Check on Every Boot RHEL/CentOS”
You must know IPTables to understand routing properly. Once the concept & perspective of IPTables is cleared to somebody, it would become very easy to understand Linux routing and write Iptables rules to create & configure your own desired network. I will write a series of posts trying to explain and clear the confusion over Iptables basic perspective.
Continue reading “What is the difference between Mangle Table & NAT Table?”
IPTables is responsible to handle packet filtering in Linux system. IPTables contains several predefined and/or user-defined tables. Each table contains chains and chain contain packet rules. IPTables uses NAT table to forward packets to another node.
Continue reading “Postrouting and IP Masquerading in Linux”
There are multiple ways to restart a remote linux system. A IPMI restart, a Power Strip or a Command Restart.
What is the best method to restart a Linux system?
The best method to restart a linux system is to graceful command restart. This will always make sure your all the services are closed before a restart. It will unmount the system and process a shutdown. If a system is not cleanly unmounted, this can cause data loss or some serious injuries to the drive. An uncleanly unmounted system can also take extra time to reboot due to file system integrity check and file system quota check. A cleanly unmounted system would skip the both check and restarts fast. It is hence recommended not to use a forceful Linux restart which doesn’t unmount the system cleanly.
Continue reading “Best Method to Reboot Linux”
How to toggle Linux Bootscreen Splash Bar / Progress Bar to Verbose details?
It is possible that you need to toggle your linux boot screen to display what exactly running in background instead of a splash screen. From CentOS/RHEL 6, they use Plymouth to load a default silent boot screen that is graphically beautiful but doesn’t provide any verbose output. Sometimes the boot screen freezes and without a detailed output you may not be able to identity the root reason of the cause. If you are on the bootscreen where a splashbar is running, press the following keys together:
ALT + d
That would toggle the splash screen to detailed output.
Continue reading “Toggle Linux Bootscreen Splash Screen to Verbose Details”
While updating CentOS/RHEL system using Yum, the following error appears:
There are unfinished transactions remaining. You might consider running yum-complete-transaction first to finish them
How do I fix this in CentOS/RHEL 5.x/6.x system?
You have some broken or aborted yum transactions in the system. It was possibly due to yum was forcefully interrupted in the middle of a transaction. To fix this, run the following:
The command can return the following:
bash: yum-complete-transaction: command not found
It means you do not have yum-utils package installed in your system. Run the following to install yum-utils
$ yum install yum-utils
This will install necessary for yum-complete-transaction.
Sometimes you may need to change the configuration settings of Roundcube, PHPMyAdmin or SquirrelMail from default values. The values are primarily set by directadmin custombuild.
How to change settings of Roundcube/PHPMyAdmin in Directadmin?
Directadmin stores these 3rdparty data in the following folder:
If you want to change the roundcube settings for example, browse the file main.inc.php
Database settings for roundcube available under:
The same would be true for “config.php” file for SquirrelMail and “config.inc.php” file for PHPMyAdmin.
If you would like to set your own settings next time you run the custombuild make sure to copy a version of these files under the following locations:
This will include the custom settings for you while the software updates by custombuild.
Folks from RACK911 created a listing page called http://hostingseclist.com
Its a list of recent security notices related to web hosting industry. The list is pretty fast to notify when a vulnerability arrives and most of the cases, they include a discussion linking to Webhostingtalk. It is hard to subscribe to every product developer and keep updated with their latest bug reports. While HostingSecList seems to be collecting everything in one. They are also checking each of the bug reported before posting them online. They also list community reported bugs.
HostingSecList.com is something worth subscribing out of all spammers right these days!
.xz is a lossless file compression program that uses LZMA2 compression algorithm. xz is sort of stripped down version of 7-Zip program, although it has its own file format .7z
.xz compresses single file input and does not bundle multiple file in single archive. It is therefore a regular practice to use an archiving technique along with .xz compression. In Linux/Unix it is popularly, tar.
How to open/decompress/extract .tar.xz file?
$ tar -xJf yourfile.tar.xz
-J is the flag to handle .xz files in tar program.
Although, modern tar program can automatically determine what compression technique is used and apply thereby. You can simply run the following and it should work
$ tar -xf yourfile.tar.xz