Pages

Friday, August 30, 2019

Fedora 30 : DNF history.

This option of the tool DNF can help you to see and rollback by transaction history. NOTE: This option not work if you use the system-upgrade to another version of the distro.
[root@desk mythcat]# dnf
usage: dnf [options] COMMAND

List of Main Commands:

...
history                   display, or use, the transaction history
... 
This command displays DNF transaction history starting from the latest transaction on top of the listing.
[root@desk mythcat]# dnf history 
ID     | Command line             | Date and time    | Action(s)      | Altered
-------------------------------------------------------------------------------
    64 | groupupdate Minimal Inst | 2019-08-29 21:59 | Install        |    2   
    63 | groupupdate Minimal Inst | 2019-08-29 21:59 | Install        |    2   
To display information about this transaction use this command:
[root@desk mythcat]# dnf history info 64
Transaction ID : 64
Begin time     : Thu 29 Aug 2019 09:59:52 PM EEST
Begin rpmdb    : 1643:6a997d9fa53488ec0003727cb0394b18b6b4deaf
End time       : Thu 29 Aug 2019 09:59:53 PM EEST (1 seconds)
End rpmdb      : 1643:6a997d9fa53488ec0003727cb0394b18b6b4deaf
User           : Catalin George Festila 
Return-Code    : Success
Releasever     : 30
Command Line   : groupupdate Minimal Install
Packages Altered:
    Install @core                
    Install @minimal-environment 
To rollback the latest transaction use this:
[root@desk mythcat]# dnf history undo 64

Thursday, August 22, 2019

Fedora 30 : Set up the Linux Malware Detect.

If you have an SELinux warning detection then the details you can see how can be fixed:
[mythcat@desk ~]$ su
Password: 
[root@desk mythcat]# ausearch -c 'systemd' --raw | audit2allow -M my-systemd
******************** IMPORTANT ***********************
To make this policy package active, execute:

semodule -i my-systemd.pp

[root@desk mythcat]# semodule -X 300 -i my-systemd.pp
This tool comes with three modes that the monitor can be executed with and they relate to what will be monitored.
These modes are USERS|PATHS|FILES.
The options break down as follows:
  • USERS: The users option will take the homedirs of all system users that are above inotify_minuid and monitor them.If inotify_webdir is set then the users webdir, if it exists, will only be monitored;
  • PATHS: A comma spaced list of paths to monitor;
  • FILE: A line spaced file list of paths to monitor
$ maldet --monitor users
$ maldet --monitor /root/initial-setup-ks.cfg
$ maldet --monitor /home/mythcat
Let's test the USERS option:
[mythcat@desk maldetect-1.6.4]$ maldet --monitor users
Linux Malware Detect v1.6.4
            (C) 2002-2019, R-fx Networks 
            (C) 2019, Ryan MacDonald 
This program may be freely redistributed under the terms of the GNU GPL v2

maldet(7958): {mon} could not find inotifywait command, install yum package inotify-tools or 
download from https://github.com/rvoicilas/inotify-tools/wiki/


[root@desk maldetect-1.6.4]# dnf search inotify-tools
Last metadata expiration check: 0:01:39 ago on Wed 21 Aug 2019 11:09:22 PM EEST.
============================================ Name Exactly Matched: inotify-tools ======
inotify-tools.i686 : Command line utilities for inotify
inotify-tools.x86_64 : Command line utilities for inotify
================================================ Name Matched: inotify-tools ======
inotify-tools-devel.i686 : Headers and libraries for building apps that use libinotifytools
inotify-tools-devel.x86_64 : Headers and libraries for building apps that use libinotifytools
[root@desk maldetect-1.6.4]# dnf install inotify-tools.x86_64
...
Installed:
  inotify-tools-3.14-16.fc30.x86_64                                                                                          

Complete!
[root@desk maldetect-1.6.4]# maldet --monitor users
Linux Malware Detect v1.6.4
            (C) 2002-2019, R-fx Networks 
            (C) 2019, Ryan MacDonald 
This program may be freely redistributed under the terms of the GNU GPL v2

maldet(973): {mon} set inotify max_user_watches to 16384
maldet(973): {mon} added /dev/shm to inotify monitoring array
maldet(973): {mon} added /var/tmp to inotify monitoring array
maldet(973): {mon} added /tmp to inotify monitoring array
maldet(973): {mon} starting inotify process on 3 paths, this might take awhile...
maldet(973): {mon} inotify startup successful (pid: 1800)
maldet(973): {mon} inotify monitoring log: /usr/local/maldetect/logs/inotify_log

Wednesday, August 21, 2019

Fedora 30 : Testing the Linux Malware Detect.

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments.
This tool is provided by R-fx Networks.
Let's install and test it:
[mythcat@desk ~]$ wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
[mythcat@desk ~]$ tar -xf maldetect-current.tar.gz 
[mythcat@desk ~]$ cd maldetect-1.6.4/
[mythcat@desk maldetect-1.6.4]$ su
Password: 
[root@desk maldetect-1.6.4]# ./install.sh
Failed to enable unit: Unit file maldet.service does not exist.
Linux Malware Detect v1.6.4
            (C) 2002-2019, R-fx Networks <proj@r-fx.org>
            (C) 2019, Ryan MacDonald <ryan@r-fx.org>
This program may be freely redistributed under the terms of the GNU GPL

installation completed to /usr/local/maldetect
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
exec link: /usr/local/sbin/lmd
cron.daily: /etc/cron.daily/maldet
maldet(31046): {sigup} performing signature update check...
maldet(31046): {sigup} local signature set is version 201907043616
maldet(31046): {sigup} new signature set 2019081912001 available
maldet(31046): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
maldet(31046): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
maldet(31046): {sigup} verified md5sum of maldet-sigpack.tgz
maldet(31046): {sigup} unpacked and installed maldet-sigpack.tgz
maldet(31046): {sigup} verified md5sum of maldet-clean.tgz
maldet(31046): {sigup} unpacked and installed maldet-clean.tgz
maldet(31046): {sigup} signature set update completed
maldet(31046): {sigup} 15552 signatures (12740 MD5 | 2035 HEX | 777 YARA | 0 USER)
[root@desk maldetect-1.6.4]# vim /usr/local/maldetect/conf.maldet
Change this row to scan_user_access=1
Now you can run it:
[mythcat@desk ~]$ /usr/local/sbin/maldet -a 
Linux Malware Detect v1.6.4
            (C) 2002-2019, R-fx Networks 
            (C) 2019, Ryan MacDonald 
This program may be freely redistributed under the terms of the GNU GPL v2

maldet(32628): {scan} signatures loaded: 15552 (12740 MD5 | 2035 HEX | 777 YARA | 0 USER)
maldet(32628): {scan} building file list for , this might take awhile...
maldet(32628): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
maldet(32628): {scan} file list completed in 13s, found 44109 files...
maldet(32628): {scan} scan of  (44109 files) in progress...

Tuesday, August 20, 2019

Fedora 30 : Install the last version of PHP.

I try to install the last version of PHP version 7.4.0beta2 with Fedora 30 distro the LXQt environment.
I have not used this programming language for a few years and it is a good issue to remember it.
I download teh archive from the official website and I run these commands:
[mythcat@desk ~]$ cd php/
[mythcat@desk php]$ tar -xf php-7.4.0beta2.tar.xz 
[mythcat@desk php]$ cd php-7.4.0beta2/
[mythcat@desk php-7.4.0beta2]$ ./configure --prefix=$HOME/local
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking for a sed that does not truncate output... /usr/bin/sed
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
checking for pkg-config... /usr/bin/pkg-config
checking pkg-config is at least version 0.9.0... yes
checking for cc... no
checking for gcc... no
configure: error: in `/home/mythcat/php/php-7.4.0beta2':
configure: error: no acceptable C compiler found in $PATH
See `config.log' for more details
[mythcat@desk php-7.4.0beta2]$ vi config
[mythcat@desk php-7.4.0beta2]$ vi config
config.log    config.nice   configure     configure.ac  
[mythcat@desk php-7.4.0beta2]$ vi config.log 
Let's try to install all requests for compiler:
[root@desk home]# dnf groupinstall "Development Tools"
Let's see if these settings working well:
[root@desk home]# dnf groupinstall "Development Tools"
Waiting for process with pid 4373 to finish.
[root@desk home]# kill  -9 4373
[root@desk home]# dnf groupinstall "Development Tools"
...
Complete!
[root@desk home]# dnf install libxml2-devel.x86_64
...
Installed:
  libxml2-devel-2.9.9-2.fc30.x86_64                          xz-devel-5.2.4-5.fc30.x86_64
The last dnf command come with this output:
checking for sqlite3 > 3.7.4... no
configure: error: Package requirements (sqlite3 > 3.7.4) were not met:

Package 'sqlite3', required by 'virtual:world', not found

Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix. 
Let's test it with an old version of sqlite:
[root@desk home]# dnf install sqlite-devel.x86_64 
...
Installed:
  sqlite-devel-3.26.0-6.fc30.x86_64 
And is working well:
[mythcat@desk php-7.4.0beta2]$ ./configure --prefix=$HOME/local
...
config.status: executing default commands

+--------------------------------------------------------------------+
| License:                                                           |
| This software is subject to the PHP License, available in this     |
| distribution in the file LICENSE. By continuing this installation  |
| process, you are bound by the terms of this license agreement.     |
| If you do not agree with the terms of this license, you must abort |
| the installation process at this point.                            |
+--------------------------------------------------------------------+

Thank you for using PHP.

[mythcat@desk php-7.4.0beta2]$ make 
... 

Build complete.
Don't forget to run 'make test'.
[mythcat@desk php-7.4.0beta2]$ make install
...
[mythcat@desk php-7.4.0beta2]$ make test
...
FAILED TEST SUMMARY
---------------------------------------------------------------------
php://fd wrapper: invalid file descriptor [ext/standard/tests/file/php_fd_wrapper_04.phpt]
=====================================================================

You may have found a problem in PHP.
This report can be automatically sent to the PHP QA team at
http://qa.php.net/reports and http://news.php.net/php.qa.reports
This gives us a better understanding of PHP's behavior.
If you don't want to send the report immediately you can choose
option "s" to save it.  You can then email it to qa-reports@lists.php.net later.
Do you want to send this report now? [Yns]: s
sh: autoconf: command not found
Please send /home/mythcat/php/php-7.4.0beta2/php_test_results_20190819_2038.txt to qa-reports@lists.php.net 
manually, thank you.
make: *** [Makefile:201: test] Error 1
[mythcat@desk php-7.4.0beta2]$ export PATH=$HOME/local/bin:$PATH
[mythcat@desk php-7.4.0beta2]$ . ~/.bash_profile
[mythcat@desk php-7.4.0beta2]$ which php
~/local/bin/php
[mythcat@desk php-7.4.0beta2]$ php -v
PHP 7.4.0beta2 (cli) (built: Aug 19 2019 23:31:07) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0-dev, Copyright (c) Zend Technologies
Let's test it:
[mythcat@desk php-7.4.0beta2]$ php -i | grep 'API'
Server API => Command Line Interface
PHP API => 20190529
Zend Extension Build => API320190529,NTS
PHP Extension Build => API20190529,NTS
DOM/XML API Version => 20031129
Phar API version => 1.1.1
[mythcat@desk php-7.4.0beta2]$ echo '' > infophp.php
[mythcat@desk php-7.4.0beta2]$ php -f infophp.php 
phpinfo()
PHP Version => 7.4.0beta2

System => Linux desk 5.2.8-200.fc30.x86_64 #1 SMP Sat Aug 10 13:21:39 UTC 2019 x86_64
Build Date => Aug 19 2019 23:26:58
Configure Command =>  './configure'  '--prefix=/home/mythcat/local'
Server API => Command Line Interface
Virtual Directory Support => disabled
...
Use interactive mode and hit Ctr+D keys to run it:
[mythcat@desk php-7.4.0beta2]$ php -a
Interactive mode enabled


hello, world1636562552
I can see the compiled modules:
[mythcat@desk php-7.4.0beta2]$ php -m 
[PHP Modules]
Core
ctype
date
dom
fileinfo
filter
hash
iconv
json
libxml
pcre
PDO
pdo_sqlite
Phar
posix
Reflection
session
SimpleXML
SPL
sqlite3
standard
tokenizer
xml
xmlreader
xmlwriter

[Zend Modules]

Friday, August 16, 2019

Fedora 30 : First steps with Fedora and GitHub.

In this tutorial I will show you how you can use Fedora and your GitHub account for your projects.
Let's solve this issue in a simple way.
First, you need to install the git tool with dnf tool:
[root@desk mythcat]# dnf -y install git
Let's see the version of this tool with a regular user:
[mythcat@desk ~]$ git --version
git version 2.21.0
Let's set up the user for my GitHub account:
[mythcat@desk ~]$ git config --global user.name "catafest"
[mythcat@desk ~]$ git config --global user.email "catafest@yahoo.com"
You can see it later with this command:
[mythcat@desk ~]$ git config --list
[mythcat@desk ~]$ git config --global --list
I used this commands to create a folder for my git projects:
[mythcat@desk ~]$ mkdir project_github
[mythcat@desk ~]$ cd project_github/ 
Now I can download my GitHub project named flask_yt from here:
[mythcat@desk project_github]$ git clone https://github.com/catafest/flask_yt.git
Cloning into 'flask_yt'...
remote: Enumerating objects: 23, done.
remote: Counting objects: 100% (23/23), done.
remote: Compressing objects: 100% (19/19), done.
remote: Total 23 (delta 1), reused 14 (delta 0), pack-reused 0
Unpacking objects: 100% (23/23), done.
If you don't have one then you can create your new project on your GitHub account. Let's make some changes into README.md file:
[mythcat@desk project_github]$ cd flask_yt/
[mythcat@desk flask_yt]$ vim README.md 
...
Now I can use git tool:
[mythcat@desk flask_yt]$ git status
On branch master
Your branch is up to date with 'origin/master'.

Changes not staged for commit:
  (use "git add ..." to update what will be committed)
  (use "git checkout -- ..." to discard changes in working directory)

        modified:   README.md

no changes added to commit (use "git add" and/or "git commit -a")
[mythcat@desk flask_yt]$ git add *
[mythcat@desk flask_yt]$ git commit -m "first commit"
[master 56f1e53] first commit
 1 file changed, 1 insertion(+)
Now I can use my username and password from GitHub when I run this command:
[mythcat@desk flask_yt]$ git push origin master
Enumerating objects: 5, done.
Counting objects: 100% (5/5), done.
Delta compression using up to 2 threads
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 352 bytes | 352.00 KiB/s, done.
Total 3 (delta 1), reused 0 (delta 0)
remote: Resolving deltas: 100% (1/1), completed with 1 local object.
To https://github.com/catafest/flask_yt.git
   5ecffdd..56f1e53  master -> master 
The changes from README.md will be send to my GitHub website.

Wednesday, August 14, 2019

Fedora 30 : First steps with Fedora firewall.

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.[1] A firewall typically establishes a barrier between a trusted internal network and untrusted external network, such as the Internet.[2], see the wikipedia. In this short tutorial about the Fedora firewall subject, I will show you how you can use firewall commands to set it. The install is simple with dnf tool:
[root@desk mythcat]# dnf install firewalld firewall-config 
Let's start with the status of your firewall:
[root@desk mythcat]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
...
You can use start , restart or stop it.

[root@desk mythcat]# systemctl start firewalld
[root@desk mythcat]# systemctl restart firewalld
[root@desk mythcat]# systemctl stop firewalld
Let's see active zones:
[root@desk mythcat]# firewall-cmd --get-active-zones
We can see all active for public zone with:
[root@desk mythcat]# firewall-cmd --zone=public --list-all
We can see all ports for public zone:
[root@desk mythcat]# firewall-cmd --zone=public --list-ports 
These commands are used for add and remove ports:
[root@desk mythcat]# firewall-cmd --permanent --zone=public --add-port=80/tcp
[root@desk mythcat]# firewall-cmd --permanent --zone=public --remove-port=80/tcp
Let's see services:
[root@desk mythcat]# firewall-cmd --get-services 
RH-Satellite-6 amanda-client amanda-k5-client amqp amqps apcupsd audit bacula bacula-client 
bgp bitcoin bitcoin-rpc bitcoin-testnet bitcoin-testnet-rpc ceph ceph-mon cfengine cockpit 
condor-collector ctdb dhcp dhcpv6 dhcpv6-client distcc dns docker-registry docker-swarm 
dropbox-lansync elasticsearch etcd-client etcd-server finger freeipa-ldap freeipa-ldaps 
freeipa-replication freeipa-trust ftp ganglia-client ganglia-master git gre high-availability 
http https imap imaps ipp ipp-client ipsec irc ircs iscsi-target isns jenkins kadmin kerberos 
kibana klogin kpasswd kprop kshell ldap ldaps libvirt libvirt-tls lightning-network llmnr 
managesieve matrix mdns minidlna mongodb mosh mountd mqtt mqtt-tls ms-wbt mssql murmur mysql 
nfs nfs3 nmea-0183 nrpe ntp nut openvpn ovirt-imageio ovirt-storageconsole ovirt-vmconsole 
plex pmcd pmproxy pmwebapi pmwebapis pop3 pop3s postgresql privoxy proxy-dhcp ptp pulseaudio
 puppetmaster quassel radius redis rpc-bind rsh rsyncd rtsp salt-master samba samba-client 
samba-dc sane sip sips slp smtp smtp-submission smtps snmp snmptrap spideroak-lansync squid 
ssh steam-streaming svdrp svn syncthing syncthing-gui synergy syslog syslog-tls telnet tftp 
tftp-client tinc tor-socks transmission-client upnp-client vdsm vnc-server wbem-http 
wbem-https wsman wsmans xdmcp xmpp-bosh xmpp-client xmpp-local xmpp-server zabbix-agent 
zabbix-server
Let's add and remove one service named ftp:
[root@desk mythcat]# firewall-cmd --zone=public --add-service=ftp
[root@desk mythcat]# firewall-cmd --zone=public --remove-service=ftp
Let's see all running services:
[root@desk mythcat]# firewall-cmd --zone=public --list-services
If you want to block/unblock any incoming or outgoing connections then use this:
[root@desk mythcat]# firewall-cmd --panic-on
[root@desk mythcat]# firewall-cmd --panic-off 
For example, after you use panic-on then you can check with this:
[root@desk mythcat]# ping google.com -c 1
[root@desk mythcat]# firewall-cmd --query-panic
[root@desk mythcat]# firewall-cmd --panic-off
You can masquerade your IP address with:
[root@desk mythcat]# firewall-cmd --zone=external --query-masquerade
Another example: we can forward all tcp port 80 connections to IP 6.6.6.6 :
[root@desk mythcat]# firewall-cmd --zone=public --add-forward-port=port=80:proto=tcp:toaddr=6.6.6.6
Let's see ICMP:
[root@desk mythcat]# firewall-cmd --get-icmptypes
address-unreachable bad-header beyond-scope communication-prohibited destination-unreachable 
echo-reply echo-request failed-policy fragmentation-needed host-precedence-violation 
host-prohibited host-redirect host-unknown host-unreachable ip-header-bad 
neighbour-advertisement neighbour-solicitation network-prohibited network-redirect 
network-unknown network-unreachable no-route packet-too-big parameter-problem 
port-unreachable precedence-cutoff protocol-unreachable redirect reject-route 
required-option-missing router-advertisement router-solicitation source-quench 
source-route-failed time-exceeded timestamp-reply timestamp-request tos-host-redirect 
tos-host-unreachable tos-network-redirect tos-network-unreachable 
ttl-zero-during-reassembly ttl-zero-during-transit unknown-header-type 
unknown-option
We can use it for block or not the echo:
[root@desk mythcat]# firewall-cmd --zone=external --query-icmp-block=echo-reply
[root@desk mythcat]# firewall-cmd --zone=external --add-icmp-block=echo-reply
[root@desk mythcat]# firewall-cmd --direct --get-rules ipv4 filter IN_public
[root@desk mythcat]# firewall-cmd --direct --add-rule ipv4 filter IN_public_allow 
...
I cannot show you a magic rule because this depends by your network and your software. You can use this command to see all into a graphic interface.
[root@desk mythcat]# firewall-config
This will give a good image of your firewall settings.

Monday, August 12, 2019

Fedora 30 : First step with Ionic.

My laptop is crash and is hard for me to write tutorials for me.
The last tutorial I created with Fedora 30 is about Ionic.
You can read this tutorial here.