Reset the root password in CentOS/Redhat 7

By | All Linux HowTo's, Security HowTo's | No Comments

The process to reset the root password when you’ve forgotten it has changed in version 7 of Redhat and CentOS Linux.

First you need to reboot and temporarily edit the Grub2 boot loader. Add the following to the end of the line starting with “Linux16”:

rd.break enforcing=0

Boot using your changes by pressing:


The changes you’ve just made are not permanent.

Once booted, issue the following:

read more

Installing and using VNCServer with only SSH open

By | All Linux HowTo's, Security HowTo's | No Comments

This tutorial demonstrations how to install and use VNC without direct access to the VNC server. In this article we only have SSH access to the server. This means we have no option but to use VNC in a secure manner – via SSH.

Install VNCServer and the desktop environment on the remote server:

yum clean all
yum groupinstall 'Server with GUI'
yum install tigervnc-server

I haven’t configured X to start on boot though as this is a server and rarely will be accessed using the GUI. Start X from the command line prior to connecting:


We still need to configure the VNC server and our VNC access. CentOS and Redhat 7 have a new way of configuring VNC. The file you should start with is “/etc/sysconfig/vncserver” which will refer you to “/lib/systemd/system/vncserver@.service”. Open that file (/lib/systemd/system/vncserver@.service). You need to make two changes to that file which is simply replaving USER with your real username. Here’s an example with my username “myuser”:

# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/sbin/runuser -l mysuer -c "/usr/bin/vncserver %i"
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'

Now we need to run the following commands:

cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:1.service
systemctl daemon-reload
systemctl enable vncserver@:1.service
systemctl start vncserver@:1.service

read more

SSH Tunnelling – Access services behind a firewall indirectly

By | All Linux HowTo's, Security HowTo's | No Comments

This one-liner illustrates how to use SSH to tunnel through a firewall that allows only SSH. In this example, we’ll access the website on the other side of that server.

Why do this? If the remote server “remote.server” has a firewall on it or between your workstation and that server and you want to access a web-site on the remote.server, you will have trouble unless you use a very nice feature of SSH – tunnelling.

read more

Create a ZFS filesystem & Extend it over a new disk on CentOS or Redhat

By | All Linux HowTo's | No Comments

In this tutorial we’re going to create a ZFS filesystem on Disk1 and then extend it to Disk2. We’re not going to worry about redundancy because this is a tutorial but ZFS does support common RAID types. We’ll configure ZFS for RAID0 (no parity, no redundancy). In the real world, you’d almost certainly use a RAID with redundancy unless your joining disks from a SAN perhaps.

This tutorial is for Redhat or CentOS 7.x.

yum upgrade
yum localinstall --nogpgcheck
yum localinstall --nogpgcheck
yum install zfs 

List your current ZFS filesystems. I don’t have any so none appear in the results:

zfs list

If you have problems with modules at this point, try running “yum install kernel*”. Otherwise the “yum upgrade” at the top of this tutorial should help. You may need to reboot to load the new kernel after an upgrade.

Let’s create the first ZFS filesystem where “/dev/sdb” is your first ZFS disk:

zpool create -f zfs_volume /dev/sdb

TIP: You can use create these kinds of RAID:

# RAID0 - striped
zpool create -f zfs_volume /dev/sdb /dev/sdc /dev/sdd

# RAID1 - mirror
zpool create mirror -f zfs_volume /dev/sdb /dev/sdc

# RAID5 - striped with parity
zpool create raidz -f zfs_volume /dev/sdb /dev/sdc /dev/sdd

# RAID6 - striped with two parity
zpool create raidz2 -f zfs_volume /dev/sdb /dev/sdc /dev/sdd /dev/sde

# RAID10 - striped over mirror
zpool create mirror -f zfs_volume /dev/sdb /dev/sdc
zpool add mirror -f zfs_volume /dev/sdd /dev/sde

read more

Chrooting SCP (Rsync) with SELinux Enabled on Redhat/CentOS

By | All Linux HowTo's, Security HowTo's | No Comments

This article demonstrates how to Chroot users for SSH file copies (SCP and RSYNC) on a CentOS or Redhat server. The same process can be used for SSH logins but there needs to be some dependancies in place for that. Try the following site for more details on those dependancies “”.

read more

Custom Log Rotations

By | All Linux HowTo's | No Comments

This article demonstrates how to add directories to your log rotation plan. For example, you may have a directory where you put custom logs for your applications or perhaps you want to rotate Magento (shopping platform) logs. You can use this method.

You have to decide your retention and rotation policy. It’s very simple:
1. How often do you want to rotate your log files? In other works, how often do you want to take the log files in a given directory, zip and rename them and then create new ’empty’ log files in their place? Your options are Daily, Weekly, Monthly and Yearly.
2. What is your retention policy? In other words, how many zipped files of each log file do you want to keep? You can choose any number here.

read more

Removing the Magento var/log/system.log

By | All Linux HowTo's | No Comments

This article discussed removal of the “var/log/system.log” Magento log file. You can find this file in your Magento installation path. A command such as the following would help:

find /var/www -name "system.log"

Tip: replace “/var/www” with the path to your Magento installation.

Removing the “system.log” file has no effect from what i can tell. I’ve found this file to be quiet large on popular sites. Ideally it would be included in “logrotate”. Here’s some discussions on this topic “” and “”.

read more

Restoring emails from backups – Dovecot & Thunderbird

By | All Linux HowTo's, Security HowTo's | No Comments

This article discussed the issues and solutions relating to restoring email backups relating to Dovecot and Thunderbird. The assumptions here are that a) you have file-level backups of the emails, and b) those emails are in “Maildir” format. It’s too late to recommend you do backups. I assume you have them otherwise you’re in a whole heap of trouble. Well, not really, you do have the Thunderbird copy of the emails. If that’s you, make backups on each workstation and then get started on repairing your mail server.

read more

Migrate a VirtualBox Disk Image (.vdi) to a QEMU Image (.img)

By | Uncategorized | No Comments

A very simple task with the correct tool, the tool in question is qemu-img. This tool is pulled in when you install QEMU on Gentoo,Redhat and Ubuntu however on Redhat and Ubuntu there is a separate package for it also. On Gentoo if you only wanted qemu-img and nothing else you could do a build from source.


apt-get install qemu-utils


yum install qemu-img

Now for the magic we need to call qemu-img, and use the convert function with the -f switch which is the format of the input file (vdi for virtualbox images) then -O and that is the output format in this case raw for .img files, then just give it the path to the files.

read more

Contact AGIX Support

Level 2, 170 Greenhill Road
Parkside 5063 South Australia
Phone: (08) 7324 4429
or 0422 927 598