Mapping Ad account to Local Linux Group with Centrify Express on CentOS 6

Step 1. In order to add the AD User to the local User Group

adduser command is not nsswitch aware and do not recognize a user not locally defined when adding someone to a group.

# vim /etc/group
.....
.....
users:x:100:user1,user2

Step 2: Edit /etc/centrifydc/centrifydc.conf

Edit /etc/centrifydc/centrifydc.conf, uncomment and change the following parameter to true

# Merge local group membership from /etc/group into the Centrify group
# response for groups with the same name and gid.  This violates the NSS
# interface behavior and may have unexpected side effects, so it is
# disabled by default. You must run adreload to detect changes
# in the local group file.
#
adclient.local.group.merge:true

Step 3: Centrify Load and Flush

# adreload && adflush

Step 4: Check and verify.

Logon as user1

$ id -a
uid=.........gid=.......... 100(users) .....................

References:

  1. How to Add AD user local group

Add an Active Directory (AD) Domain Account to sudo on Centrify Express for CentOS 6

Adding a Active Directory (AD) Domain Account to /etc/sudo is fairly easy on Centrify Express for CentOS 6. Suppose you have an AD Group called “Sys_Admin”, just add it to the

.....
## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
%System_Admin ALL=(ALL)       ALL
.....

If it is an individual user, just get the userid from Active Directory

# getent passwd myuserid
user1:x:122:122:User1 Name:/home/user1:/bin/centrifyda

Update /etc/sudoers

.....
## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
%user1 ALL=(ALL)       ALL
.....

Do a final check on whether the sudo is working fine by doing

# sudo -l

Matching Defaults entries for user1 on this host:
requiretty, !visiblepw, always_set_home, env_reset, env_keep="COLORS
DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS", env_keep+="MAIL PS1
PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE
LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES", env_keep+="LC_MONETARY
LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL
LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY",
secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin

User user1 may run the following commands on this host:
(ALL) ALL

Enabling Debugging for Linux Systems for Centrify Express on CentOS 6

 

Step 1: Enable Debugging for Centrify

# /usr/share/centrifydc/bin/addebug on
/var/log/centrify_client.log does not exist. Creating now.
Configure /etc/rsyslog.conf
Send HUP signal to rsyslogd
Configure log level in /etc/centrifydc/centrifydc.conf
Reload /etc/centrifydc/centrifydc.conf
Centrify DirectControl debug logging is on

 Step 2: Collect support information via adinfo_extra.sh

# adinfo --support

Collecting stack trace information via stacktrace.pl:

Collecting support information via adinfo_extra.sh:
Collecting information for adinfo --support now...
Collection finished. Compress now.
Successfully gzip /var/centrify/tmp/adinfo_support.tar

Step 3: Disable Debugging for Centrify

# /usr/share/centrifydc/bin/addebug off
Configure /etc/rsyslog.conf
Send HUP signal to rsyslogd
Configure log level in /etc/centrifydc/centrifydc.conf
Reload /etc/centrifydc/centrifydc.conf
Centrify DirectControl debug logging is off

Step 4: Check the file

# ls  -al /var/centrify/tmp/adin_support.tar.gz

References:

  1. Centrify Express: Enabling Debugging for Linux Systems

Using pip to install python packages

Pointer 1: To install specific version of packages do

# pip install 'numpy==1.5.1'

Pointer 2: To show what files was installed

# pip show --files numpy
---
Name: numpy
Version: 1.8.1
Location: /usr/local/python-2.7.8/lib/python2.7/site-packages
Requires:
Files:
../numpy/__init__.py
.....
.....

Pointer 3: Uninstall a package

# pip uninstall num
Uninstalling SomePackage:

Pointer 4: Upgrade a package:

# pip install --upgrade SomePackage
[...]
Found existing installation: SomePackage 1.0
Uninstalling SomePackage:
Successfully uninstalled SomePackage
Running setup.py install for SomePackage
Successfully installed SomePackage

 Pointer 5: List what packages are outdated:

# pip list --outdated
SomePackage (Current: 1.0 Latest: 2.0)

References:

  1. pip 1.5.6 – A tool for installing and managing Python packages
  2. pip – installation

Compiling the python-igraph with Python 2.7 on CentOS 5

Step 1: Install Python 2.7

python-igraph requires Python 2.5 and above. Do look at Installing and Compiling Python 2.7.8 on CentOS 5

Step 2: Download and unpack python-igraph from python-igraph.

The current version is python-igraph 0.7

Step 3: Unpack and compile

# tar -zxvf python-igraph-0.7.0
# cd  python-igraph-0.7.0
# python setup.py install

If you encounter errors similar to /usr/lib64/libxml2.a: could not read symbols: Bad value

Step 4: Copy and update to /usr/local/

If you want to put all the packages in an easier to find directory. Copy

# mkdir -p /usr/local/python-igraph-0.7.0/bin
# mkdir -p /usr/local/python-igraph-0.7.0/lib
# cp $PYTHON-IGRAPH-HOME/build/scripts-2.7/igraph /usr/local/python-igraph-0.7.0/bin
# cp -rv $PYTHON-IGRAPH-HOME/build/scripts-2.7/lib.linux-x86_64-2.7/igraph /usr/local/python-igraph-0.7.0/lib
# cp -rv $PYTHON-IGRAPH-HOME/igraphcore/lib/libigraph.so* /usr/local/python-igraph-0.7.0/lib

Step 5: Test the python-igraph libraries.
Update .bashrc

export PATH=$PATH:/usr/local/python-igraph-0.7.0/bin
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/python-igraph-0.7.0/lib

Test with python on the command line

$ python2.7
Python 2.7.8 (default, Jul 17 2014, 14:44:57)
[GCC 4.1.2 20080704 (Red Hat 4.1.2-54)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import igraph
>>>

 


*Easier Method*

You can use pip to install. For more information on how to install and use pip, see Installing and Compiling Python 2.7.8 on CentOS 5

 

References:

  1. Python, igraph in CentOS
  2. Installing python-igraph on linux

 

Installing and Compiling Python 2.7.8 on CentOS 5

Step 1: Download the Python 2.7.8 from Python Site

Step 2: Use GCC44 to compile. If you have not done it, do

# yum install gcc44 gcc44-c++ gcc44-gfortran

Step 3: Update your alias in your  .bashrc

alias gcc='gcc44'

Step 4: Configure python 2.7.8

# cd python-2.7.8
# ./configure --prefix=/usr/local/python-2.7.8
# make -j 8
# make install

Step 5: Update the PATH and LD_LIBRARY_PATH in your .bashrc

export PATH=$PATH:/usr/local/python-2.7.8/bin.........
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/python-2.7.8/lib

Step 6: Download get-pip.py
For more information see pip installation site

Create a directory inside python2.7 directory and put pip in that directory

# mkdir /usr/local/python-2.7.8/pip
# wget https://bootstrap.pypa.io/get-pip.py .

Step 7: Install pip with Administrator rights

# python2.7 get-pip.py

If setuptools (or distribute) is not already installed, get-pip.py will install setuptools for you.
To upgrade an existing setuptools (or distribute), run

# pip install -U setuptools
# pip install numpy

Installing and Configuring GIT on CentOS 5

Git is a free & open source, distributed version control system designed to handle everything from small to very large projects with speed and efficiency.

Every Git clone is a full-fledged repository with complete history and full revision tracking capabilities, not dependent on network access or a central server. Branching and merging are fast and easy to do.

Step 1: Installing Dependencies required by GIT

# yum -y install zlib-devel openssl-devel perl cpio expat-devel gettext-devel

Step 2: Compile and Installing CURL

What is CURL? curl is a command line tool for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.

# wget http://curl.haxx.se/download/curl-7.18.2.tar.gz
# tar xzvf curl-7.18.2.tar.gz
# cd curl-7.18.2
# ./configure
# make
# make install

Step 3: ldconfig /usr/local/lib

# vim /etc/ld.so.conf.d/common.conf

 

/usr/local/lib

Step 4: Install GIT

# wget http://www.codemonkey.org.uk/projects/git-snapshots/git/git-latest.tar.gz
# tar xzvf git-latest.tar.gz
# cd git
# autoconf
#./configure –with-curl=/usr/local
# make
# make install

Horray it is done.

Credits: Much of the credit of the materials must go to http://turbolinux.org/tag/centos-git/

Installing dokuwiki on CentOS 6

This writeup is a modification from Installing dokuwiki on CentOS

 

Step 1: Get the latest dokuwiki  from http://download.dokuwiki.org/

# wget http://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz
# tar -xzvf dokuwiki-stable.tgz

Step 2: Move dokuwiki files to apache directory

# mv dokuwiki-stable /var/www/html/docuwiki

Step 3a: Set Ownership and Permission for dokuwiki

# chown -R apache:root /var/www/html/dokuwiki
# chmod -R 664 /var/www/html/dokuwiki/
# find /var/www/html/dokuwiki/ -type d -exec chmod 775 {} \;

Step 3b: Remember to modify your mod_security or disable your selinux

# setenforce 0

Step 4: Continue the installation http://192.168.1.1/docuwiki/install.php

Ignore the security warning, we can only move the data directory after installing.
fill out form and click save

Step 5: Delete install.php for security

# rm /var/www/html/dokuwiki/install.php

Step 6: Create and move data, bin (CLI) and cond directories out of apache directories for security

Assuming apache does not access /var/www, only /var/www/html and /var/cgi-bin secure dokuwiki (or use different directory):

# mkdir /var/www/dokudata
# mv /var/www/html/dokuwiki/data/ /var/www/dokudata/
# mv /var/www/html/dokuwiki/conf/ /var/www/dokudata/
# mv /var/www/html/dokuwiki/bin/ /var/www/dokudata/

 Step 7: Update dokuwiki where the conf directory

# vim /var/www/html/dokuwiki/inc/preload.php
<?php
// DO NOT use a closing php tag. This causes a problem with the feeds,
// among other things. For more information on this issue, please see:
// http://www.dokuwiki.org/devel:coding_style#php_closing_tags

define('DOKU_CONF','/var/www/dokudata/conf/');

* Note the comments why there is no closing php

Step 8: Update dokuwiki where the data directory is

# vim /var/www/dokudata/conf/local.php
$conf['savedir'] = '/var/www/dokudata/data/';

Step 9: Set permission for dokuwiki again for the new directory with same permissions

# chown -R apache:root /var/www/html/dokuwiki
# chmod -R 664 /var/www/html/dokuwiki/
# find /var/www/html/dokuwiki/ -type d -exec chmod 775 {} \;

# chown -R apache:root /var/www/dokudata
# chmod -R 664 /var/www/dokudata/
# find /var/www/dokudata/ -type d -exec chmod 775 {} \;

 

Step 10: Go to wiki http://192.168.1.1/docuwiki/install.php