Random Linux
Linux, video games and web hosting
Ubuntu wpa_supplicant and hostapd vulnerability
Ubuntu released a notification of USN-4757-1 today which describes a security vulnerability that was found in wp_supplicant where in some certain situations it did not handle P2P provision discovery requests. This allowed an attacker to be able to cause a denial of service attack. Also, in some situations, the attacker was possibly execute arbitrary code.
More details about this can be found at this link:
Chris March 3rd, 2021
Posted In: Around the Web
Tags: hostapd, USN47571, vulnerability, wpa_supplicant
Installing NodeJS and NPM on Amazon Linux 2
The base installation of Amazon Linux 2 doesn’t have nodejs in it’s default repos. The way that is suggested by AWS is to use nvm to manage the installation. You can find the official documentation for that here:
To start, you need to SSH in, then use this command to install nvm, which is used to install NodeJS.
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.34.0/install.sh | bashIt can then be activated by running this command
. ~/.nvm/nvm.shAfter that, you are able to install node with nvm using this command
nvm install nodeOnce that has completed, node should be installed on the server. You can verify that it is installed properly using this command.
node -e "console.log('Running Node.js ' + process.version)"That should output the NodeJS version as it does here.
$ node -e "console.log('Running Node.js ' + process.version)"
Running Node.js v15.10.0Once that has completed, NodeJS is ready to use on the server and should be able to run your applications without any other issues.
Chris February 23rd, 2021
Posted In: Uncategorized
A look at the Solus desktop installation and first impressions
Today we’ll be installing and testing out Solus on the desktop, specifically the ‘Budgie’ flavor of Solus. There are also options to download Solus GNOME or Solus MATE as well. Those can all be downloaded from this page:
Solus is not based on another distro and is written from scratch. It uses a rolling release model, which they moved to after previously using point versions.
When first booting the disk, you are immediately presented with a live desktop.
At the top, there are four icons: Install OS, Firefox, Hex Chat, Gnome MPV and Rythmbox music player. Clicking the ‘Install OS’ button, you are given an installation screen where you choose the installer, your language, location settings, keyboard layout, time and all the usual installation stuff. It also gives you a chance to configure your disk for the install.
Then kick back and have a beer while the OS installs.
After rebooting, you’re first given Solus styled grub listing.
Then you are presented with the Budgie login screen.
The first thing I noticed was the red bell icon that was signifying that there was an unseen notification. Clicking it gives a MacOS-ish notification slide out where you can switch between notifications and ‘Applets’.
The application launcher at the top left corner provides access to the reasonable amount of applications that come preinstalled.
Accessories:
Graphics:
Internet:
Office:
Sound & Video:
“Sundry”:
System Tools:
There’s also a tweak tool available that allows to easily change the theme, which there are a few included.
Adwaita (Default):
Arc:
Arc-Dark:
Arc-Darker:
High Contrast:
There’s also a ‘Global Dark Theme’ in the settings, however when I tested it out it didn’t seems to change anything.
The lock screen also immediately makes me think of Gnome:
Another selling point of Solus is it’s software center, which is very snappy compared to others I’ve tried in the past.
First impressions:
This is my first time using Solus, and am impressed at the ease of installation. I like the budgie desktop. it looks clean, it seems responsive and I may be giving it a try on my Ubuntu install on my daily computer. I also like the idea of rolling releases and the development on it seems solid, so I may be testing this out a little more real soon.
Have you tried Solus or do you run it daily? Have you had any good or bad experiences with it?
Chris July 3rd, 2017
Posted In: Distros
Ubuntu exim4 vulnerability released
Ubuntu has released a security notice for exim4 today. That affects these versions:
- Ubuntu 17.04
- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
This vulnerability is for an issue in exim where it could be made to run programs as an administrator. This was because Exim did not properly deallocate memory when processing certain command line arguments. Local attackers could use that along with other vulnerabilities that could possibly allow arbitrary code to be executed and could allow administrative privileges.
You will want to ensure that you update that package using the ‘apt-get upgrade exim4’ command or that it is updated to one of these packages:
Ubuntu 17.04:
exim4-daemon-heavy 4.88-5ubuntu1.1
exim4-daemon-light 4.88-5ubuntu1.1
Ubuntu 16.10:
exim4-daemon-heavy 4.87-3ubuntu1.2
exim4-daemon-light 4.87-3ubuntu1.2
Ubuntu 16.04 LTS:
exim4-daemon-heavy 4.86.2-2ubuntu2.2
exim4-daemon-light 4.86.2-2ubuntu2.2
Ubuntu 14.04 LTS:
exim4-daemon-heavy 4.82-3ubuntu2.3
exim4-daemon-light 4.82-3ubuntu2.3
More information on that can be found here as well:
Ubuntu Security Notice USN-3322-1
Chris June 19th, 2017
Posted In: News
Clear out modsec hits list in WHM
WHM doesn’t currently have a way to clear out the modsec hit lists under ModSecurity Tools, but it is possible to clear that out by moving the existing database out of the way and running the cPanel script to create a new, empty one. These commands will achieve that:
# mv /var/cpanel/modsec/modsec.sqlite /var/cpanel/modsec/modsec.sqlite-bak
# /scripts/setup_modsec_db
After that is done, the list in WHM will no longer show any hits.
Chris June 18th, 2017
Posted In: cPanel Hosting
Tags: cpanel, hit list, modsec, modsecurity tools
Encode user and password into base64 using perl
perl -MMIME::Base64 -e 'print encode_base64("user");'
perl -MMIME::Base64 -e 'print encode_base64("password");'
Chris August 18th, 2016
Posted In: General
Disable iptables on RedHat
To disable iptables on a Red Hat server, you can use this command to save the current rules first:
[email protected] [/]# /etc/init.d/iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
Then, this command turns off the firewall
[email protected] [/]# /etc/init.d/iptables stop
iptables: Setting chains to policy ACCEPT: nat mangle filte[ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
You can also use this command to disable it when the server boots.
[email protected] [/]# chkconfig iptables off
Chris January 27th, 2015
Posted In: How To
Change the hostname in CentOS
To change the hostname in CentOS, you will first need to update the hostname line in the /etc/sysconfig/network file.
HOSTNAME=example.randomlinux.com
Once that is changed, you will want to add the IP address for the hostname to /etc/hosts.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
192.168.1.5 example.randomlinux.com
Then, you need to restart network for the changes to take affect.
service networking restart
or
/etc/init.d/network restart
Once that is done, you should be able to use the hostname command and it should show the new hostname that you set. On my test box I did have to restart the box for it to take affect, so if you don’t see the changes, you may need to reboot.
[[email protected] ~]# hostname
example.randomlinux.com
Chris September 20th, 2013
Posted In: How To
Tags: hostname command, localhost
Using chkconfig to start services on boot in Red Hat
In Red Hat distros such as CentOS, you are able to use the chkconfig command to have services start or not start when the machine boots. You will normally need to be the root user or use sudo in order to use it. To list the current status of the services, you will use the –list flag.
[[email protected] ~]# chkconfig --list
NetworkManager 0:off 1:off 2:on 3:on 4:on 5:on 6:off
abrt-ccpp 0:off 1:off 2:off 3:on 4:off 5:on 6:off
abrtd 0:off 1:off 2:off 3:on 4:off 5:on 6:off
acpid 0:off 1:off 2:on 3:on 4:on 5:on 6:off
atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
autofs 0:off 1:off 2:off 3:on 4:on 5:on 6:off
blk-availability 0:off 1:on 2:on 3:on 4:on 5:on 6:off
bluetooth 0:off 1:off 2:off 3:on 4:on 5:on 6:off
certmonger 0:off 1:off 2:off 3:on 4:on 5:on 6:off
cpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off
crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off
cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off
dnsmasq 0:off 1:off 2:off 3:off 4:off 5:off 6:off
fcoe 0:off 1:off 2:on 3:on 4:on 5:on 6:off
firstboot 0:off 1:off 2:off 3:off 4:off 5:off 6:off
haldaemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off
htcacheclean 0:off 1:off 2:off 3:off 4:off 5:off 6:off
httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
ipsec 0:off 1:off 2:off 3:off 4:off 5:off 6:off
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
irqbalance 0:off 1:off 2:off 3:on 4:on 5:on 6:off
iscsi 0:off 1:off 2:off 3:on 4:on 5:on 6:off
iscsid 0:off 1:off 2:off 3:on 4:on 5:on 6:off
kdump 0:off 1:off 2:off 3:off 4:off 5:off 6:off
livesys 0:off 1:off 2:off 3:on 4:on 5:on 6:off
livesys-late 0:off 1:off 2:off 3:on 4:on 5:on 6:off
lldpad 0:off 1:off 2:on 3:on 4:on 5:on 6:off
lvm2-monitor 0:off 1:on 2:on 3:on 4:on 5:on 6:off
mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off
messagebus 0:off 1:off 2:on 3:on 4:on 5:on 6:off
multipathd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
mysqld 0:off 1:off 2:off 3:off 4:off 5:off 6:off
netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off
netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off
network 0:off 1:off 2:off 3:off 4:off 5:off 6:off
nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off
nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off
nscd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
nslcd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
ntpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
ntpdate 0:off 1:off 2:off 3:off 4:off 5:off 6:off
oddjobd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
openct 0:off 1:off 2:on 3:on 4:on 5:on 6:off
pcscd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
portreserve 0:off 1:off 2:on 3:on 4:on 5:on 6:off
postfix 0:off 1:off 2:on 3:on 4:on 5:on 6:off
psacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off
quota_nld 0:off 1:off 2:off 3:off 4:off 5:off 6:off
rdisc 0:off 1:off 2:off 3:off 4:off 5:off 6:off
restorecond 0:off 1:off 2:off 3:off 4:off 5:off 6:off
rngd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
rpcbind 0:off 1:off 2:on 3:on 4:on 5:on 6:off
rpcgssd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
rpcidmapd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
rpcsvcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off
saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
smartd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
snmpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
snmptrapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
spice-vdagentd 0:off 1:off 2:off 3:off 4:off 5:on 6:off
sshd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
sssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
sysstat 0:off 1:on 2:on 3:on 4:on 5:on 6:off
udev-post 0:off 1:on 2:on 3:on 4:on 5:on 6:off
vncserver 0:off 1:off 2:off 3:off 4:off 5:off 6:off
wdaemon 0:off 1:off 2:off 3:off 4:off 5:off 6:off
winbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off
wpa_supplicant 0:off 1:off 2:off 3:off 4:off 5:off 6:off
ypbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off
To add the service to chkconfig, you will use the –add flag.
[[email protected] ~]# chkconfig --add mysqld
[[email protected] ~]# chkconfig --add sshd
To make it start when the system boots, you will use the on function.
[[email protected] ~]# chkconfig mysqld on
[[email protected] ~]# chkconfig sshd on
You can also control the runlevels when the service starts, as well as override the current options. You can see the full usage for it here.
usage: chkconfig [--list] [--type
chkconfig --add
chkconfig --del
chkconfig --override
chkconfig [--level
Chris September 20th, 2013
Posted In: How To
Tags: chkconfig
Show Plesk Admin Password
If you are using Plesk on Linux, have root access and need to recover the admin password, you can view it in plain text using the following command.
/usr/local/psa/bin/admin --show-password
This will pull the admin password from the database. Simple enough, right?
Chris March 18th, 2013
Posted In: General