Category: General IT Info

How to Not Update a Package From a Specific Repository Using Yum

If you are using Yum to manage packages from multiple repositories it may be beneficial for you to not update a particular package against a specific repository in favor of another one. To do this, simply add the following line to the Yum configuration file for the repository you want to ignore:

exclude=packageName1 packageName2 packageName3

For example, say in CentOS 5 you wanted to not update the php-pecl-mailparse package against the Epel repository. You would edit the file /etc/yum.d/epel.repo and add the exclude line like so:

[epel]
name=Extra Packages for Enterprise Linux 5 - $basearch
#baseurl=http://download.fedoraproject.org/pub/epel/5/$basearch                 
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=$basear$
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
exclude=php-pecl-mailparse

...

Terminal

How to Determine How Many Inodes the Current Directory is Using

Some web hosting providers have a limit on how many inodes you can use. Here is the shell command to display how many inodes the current directory you are in is using:

find . -printf "%i\n" | sort -u | wc -l

If you don’t have shell access to your web server, you can do the same thing with a PHP web page. Just place this web page in the directory that you want to know the number of inodes it is using and access the PHP web page from your web browser. The PHP code to put in the web page file is:

<?php
  echo "<b>";
  system('pwd');
  echo "</b>: ";
  system('find . | wc -l');
  echo " inodes<br />\n<b>";
  system('cd ~/public_html; pwd');
  echo "</b>: ";
  system('cd ~/public_html; find . | wc -l');
  echo " inodes<br />\n<b>";
  system('cd ~; pwd');
  echo "</b>: ";
  system('cd ~; find . | wc -l');
  echo " inodes";
?>

Terminal

Disable Anonymous Access to OpenLDAP

After you setup an OpenLDAP server, one of the first things you’ll want to do is disable anonymous access to it. This will prevent unauthenticated users from connecting to your OpenLDAP server and extracting information about your users and network resources from it.  To disable anonymous access to your OpenLDAP server, you need to edit the slapd.conf file which on CentOS 5 is located at /etc/openldap/slapd.conf. Open the slapd.conf file for editing and do the following:

Look for a line similar to this:

allow bind_v2 bind_anon_cred bind_anon_dn

Remove from that any of the items relating to anonymous access which will have “anon” in their names. So after editing the above line it will look like this:

allow bind_v2

Now add the following two lines to the slapd.conf file to explicitly deny anonymous binds and anonymous access to the directory information:

disallow bind_anon
require authc

Now save the slapd.conf file and restart the LDAP service to put the changes into effect. On CentOS 5 you can restart the OpenLDAP service by running the following command in the terminal:

service ldap restart
OpenLDAP logo

IP Address Ranges for Countries

If you need to know what IP address ranges are allocated for an entire country, you can download a list for each country from the IPdeny website. This would be useful if you wanted to just firewall block an entire country from accessing your server like all of those hackers in China hammering your SSH or web server looking for exploits.

Each list is a plain text file with one CIDR notation address range per line. The plain text file and standard CIDR notation makes parsing the file with a script easy to do. The lists are updated fairly often. Here is the direct link to download the lists: http://www.ipdeny.com/ipblocks/

Shadow of hand over keybaord