Tuesday, August 25, 2015

OpenLdap permission denied issue

While starting the ldap service you will get following error:

ldif_read_file: Permission denied for "/etc/ldap/slapd.d/cn=config.ldif" 
slapadd: bad configuration file!


Solution:

Change permission to ldap. The command is 

chown ldap. /etc/openldap/slapd.d

Tuesday, August 18, 2015

Command to find out top 10 most CPU-occupying processes

I hope you know how to interpret average CPU load figures first. I have seen lot of people thinking that if average load is more than 1.0 then it's too much load.

To figure out top 10 most CPU-occupying processes:
ps aux | sort -r -nk6 | head -10

Tuesday, August 11, 2015

Why can't I update RHEL for free?

Red Hat Enterprise Linux is primarily used for commercial support type systems. When you purchase a Red Hat subscription, not only do you get access to support, updates but also an extensive knowledge base and other help to ensure your systems are correctly and optimal configured. You have people to talk to if you have questions or problems, and if things go really bad you'll even get people on site to help you.

As you probably also know, there are tons of training and other help available with Red Hat Enterprise Linux too which are separate purchases.

The question you'll need to ask yourself is why you're looking for RHEL - if you are doing so because you're going to setup servers for work and mission critical systems, please reach out to Red Hat sales and they'll help you pick and chose the right options. But if you're doing so for learning and home use only, the benefits of using a Red Hat Enterprise Linux version may not be worth the price. If you're a developer creating content that needs to run on RHEL, you can actually get RHEL very cheap or even free if certain conditions are met.

As others have said, you can download RHEL from http://access.redhat.com. Downloading the ISO is only the first step; registering and setting things up on access.redhat.com to support your systems is very important too. And eval version gives you access to everything at Red Hat in a short period of time. But unlike other vendors, once the eval expires the software does not stop working, nor is it illegal to use it. You just lose the ability to update and access to knowledgebase, support etc. - but your system keeps running. Look at this like you would a magazine subscription - once the subscription expires, you can still keep and read the old issues. You just don't get any new ones. That's how RHEL works.

For practice and learning there are lots of great resources on access.redhat.com too - ie. how to configure DNS servers, DHCP, clustering etc. - created specifically for the version of RHEL that you're using, validated and verified. That includes forums to ask questions and help others.

CentOS has similar resources but they aren't guaranteed to work. It's entirely maintained by community members, who may use different versions and setups than you are etc. - but then again, that may provide the challenge for you to actually learn how things work instead of just following instructions. There are good guides out there for CentOS and bad ones. But it's free and if all you are looking for is something to learn from, it's a pretty good platform.

Tuesday, August 4, 2015

How to set SSH login limits?

You can limit the maximum number of simultaneous SSH logins by updating the file "/etc/security/limits.conf" with "* maxsyslogins <no.>"

The no. should be a integer.

Below is the description about limits.conf file

[guest@localhost yum.repos.d]$ more /etc/security/limits.conf
# /etc/security/limits.conf
#
#This file sets the resource limits for the users logged in via PAM.
#It does not affect resource limits of the system services.
#
#Also note that configuration files in /etc/security/limits.d directory,
#which are read in alphabetical order, override the settings in this
#file in case the domain is the same or more specific.
#That means for example that setting a limit for wildcard domain here
#can be overriden with a wildcard setting in a config file in the
#subdirectory, but a user specific setting here can be overriden only
#with a user specific setting in the subdirectory.