Archive

How to install an SSL certificate on IIS 10

SSL installation in IIS 10 requires one certificate file with the .p7b (or .cer) file extension. You may either download the issued certificate in the email delivered by Comodo (now Sectigo) or download it in your SSLs.com account following these instructions.

In order to install the certificate, please follow the steps below.

  1. Press Win + R and type “inetmgr” in the appeared window to run the Internet Information Services (IIS) Manager.
  2. On the IIS Manager home page, locate the “Server Certificates” icon and double-click it:
  3. Locate the “Actions” panel on the right side and click “Complete Certificate Request”:

4. In the “Specify Certificate Authority Response” window, perform the actions below.

a) In the “File name containing the certification authority’s response” field, browse the file system to select your .p7b (or .cer) certificate.
b) In the “Friendly name” field, specify any name that will help you to identify the certificate among other files. It is best to submit the actual domain name of the certificate.
c) In the “Select a certificate store for the new certificate” field, leave the default value “Personal”.

5. Click “OK” to import the certificate to the server storage.

6. Once the import is completed, in the “Server Certificates” window, you will see a new entry associated with the imported certificate:

7. Assign the certificate to your website by expanding the “Sites” subsection in the “Connections” menu on the left and select the corresponding site. Then, in the “Actions” panel on the right side, locate the “Edit Site” menu and select the “Bindings” option:

8. On the right side of the “Site Bindings” window, click “Add”:

9. In the “Add Site Binding” window, modify the fields as below:

a) In the “Type” field, select “https”.

b) In the “IP address” field, select your website’s IP address or “All Unassigned”.

c) In the “Port” field, specify “443” (default).

d) In the “SSL certificate” field, select the previously imported certificate, which can be identified by the friendly name:

NOTE: The “Require Server Name Indication” box needs to be checked if there are multiple SSL certificates on the server.

10. Click “OK” in order for the new “https” entry to appear in the “Site Bindings” window:

That’s all – the certificate should now be installed and the website should be accessible via HTTPS.

The SSL installation status can be checked online via the SSL checker at https://decoder.link/sslchecker.

How to install an SSL certificate on IIS8

After the certificate is activated, validated and issued, it needs to be installed by completing the request generated previously with the file received from the Certificate Authority. The process is described below:

  1. Download the certificate in PKCS#7 format in your SSLs.com account and upload it to the server. The certificate can be also downloaded from the email received from the CA. Please unzip the archive and find the .p7b/.cer certificate file there.
  2. Open Internet Information Services (IIS) Manager and double-click on the “Server Certificates” icon. Then click on “Complete Certificate Request” in the “Actions” section:
https://helpdesk.ssls.com/hc/article_attachments/115000774129/6.png

3. On the next screen it is necessary to fill in three fields:

1) File name containing the certification authority’s response– full path to the .p7b or .cer certificate file received from the Certificate Authority. It can be found the file system by clicking on “…” button;

2) Friendly name– general name for a certain certificate request. The domain name should be specified here to avoid confusion with other requests;

3) Select a certificate store for the new certificate – select “Personal” from the drop-down menu.

Once all fields are filled, click “Ok”. Now the certificate will appear in the “Server Certificates” storage.

https://helpdesk.ssls.com/hc/article_attachments/115000784925/7.png

4. After that, it is necessary to create a binding for the website to be available via HTTPS. Go to the “Sites” folder in the “Connections” section in the left part of the screen and double-click on the necessary website:

https://helpdesk.ssls.com/hc/article_attachments/115000774149/8.png

5. In the right corner of the screen, click on the “Bindings” button in the “Actions” section:

https://helpdesk.ssls.com/hc/article_attachments/115000774169/9.png

6. In the new “Site Bindings” window, click “Add…”:

https://helpdesk.ssls.com/hc/article_attachments/115000774189/10.png

7. Fill in the following fields in the “Add Site Binding” menu:

1) Type select “https” from the dropdown;

2) IP address– choose “All Unassigned” or choose IP address from the dropdown;

3) Port –  specify a custom port number for secured connection, or use the default port 443;

4) SSL certificate – select the completed certificate request by its friendly name.

It is recommended to check the “Require Server Name Indication” box as it allows multiple SSL certificates to be installed on the server. Once all the necessary information is specified, click “Ok”.

https://helpdesk.ssls.com/hc/article_attachments/115000774209/11.png

8. A new binding will appear in the “Site Bindings” section: 

https://helpdesk.ssls.com/hc/article_attachments/115000774229/12.png

9. Now the website should be available via HTTPS. You can check if it is installed correctly here.

A Beginner’s Guide To Bitcoin Crypto Currency

Bitcoin is the world’s first internet-based currency. It’s worth knowing about, but is it worth accepting as a method of payment?

What exactly is Bitcoin?

Imagine a currency that has no central bank owning or underwriting it, and its value can double within a few months. Imagine a currency that doesn’t exist in any physical form, with ATMs that only allow you to pay in funds instead of paying out. Imagine a currency where every transaction is recorded in an open source ledger, yet those transactions are completely anonymous, with no proof of who bought what from whom.

Sounds ridiculous, doesn’t it? Yet Bitcoin is already with us. It was launched in 2009, though nobody has ever admitted to developing it. It can be bought, exchanged for goods and services, or earned by volunteering to host payment processing software. Known as blockchain, the software creates an indelible and publicly-visible ledger of transactions. In theory, tracking the movement of each Bitcoin transaction eliminates fraud, though there have been a couple of high-profile bitcoin thefts in recent years.

A Full Purse

With no physical evidence of ownership, Bitcoin is stored in an electronic wallet. It’s important to choose your wallet carefully, since some of the advertised options are elaborate scams designed to fleece unwary people out of their money. Such mystique has made bitcoin the payment method of choice for the internet’s more disreputable citizens. Each transaction is secured with cryptographic keys that preserve the anonymity of each party, much like the end-to-end encryption on normal ecommerce transactions.

Each Bitcoin has been divided into one hundred million fragments. A fragment is known as a Satoshi, after bitcoin’s reputed founder. That means a Satoshi is presently worth just 0.00265 cents. Nobody knows why 100,000,000 was chosen to be bitcoin’s subunit, and there’s also confusion over a rumor that there will only ever be 21 million bitcoin in circulation. One form of speculation has led to another, with bitcoin’s value fluctuating wildly on global stock markets. In May, it lost 19%t of its value in four days. Yet two days later, one financial analyst predicted it could increase in value by almost 3,500%t within a decade. That would make one bitcoin worth $100,000, compared to its current value of around $2,650.

Investing in Bitcoin – As a Buyer and Seller

So, a virtual currency with no underwriters, associations with criminals, a dubious past and no market controls on its value beyond speculative shareholders. You might think Bitcoin is best avoided. Yet it actually offers some fairly compelling advantages. With new currency gradually released as blockchain calculations payout for work completed, it’s protected from state-level tinkering like devaluation or quantitative easing.

In terms of ecommerce, Bitcoin is a great option. It incurs no processing fees, unlike credit cards. It’s a global currency with no exchange rates, which means customers on any continent pay the same price. Because it’s entirely digital, it dovetails with the internet much better than unwieldy paper currencies. Bitcoin’s anonymity means there’s no need to handle or store sensitive customer data. And transactions can’t be reversed, so a sale is guaranteed.

Perhaps most significantly, accepting Bitcoin on an ecommerce site gives your company a real USP. In today’s mature ecommerce marketplace, it represents a great way to attract new customers – while outshining less forward-thinking rivals…

 

Source

How To Block A Domain From Sending Email From My cPanel Server

We face this problem many times, even we mostly get this kind of issue when a user who is getting hacked a lot and the account is sending out spam emails. In that case, If you want to disable just his account from being able to send mail at all until he can get his script updated or changed. So here’s how we can do it:

First, in root SSH, run these commands:

touch /etc/blockeddomains
echo “domain.com” >> /etc/blockeddomains

Please replace domain.com with the domain name. Do not replace the “” part as that’s required, only the domain.com part with the right domain name.

In WHM > Exim Configuration Editor > Advanced Configuration Editor -> Click on “Add additional configuration setting” -> Add::

domainlist blocked_domains = lsearch;/etc/blockeddomains

Locate the “ROUTERS CONFIGURATION” section, and right below these lines:

democheck:
driver = redirect
require_files = “+/etc/demouids”
condition = “${if eq {${lookup {$originator_uid} lsearch {/etc/demouids} {$value}}}{}{false}{true}}”
allow_fail
data = :fail: demo accounts are not permitted to relay email

Put the following lines:

reject_domains:

driver = redirect
# RBL Blacklist incoming hosts
domains = blocked_domains
allow_fail
data = :fail: Connection rejected: SPAM source $domain is manually blacklisted.

How To Setup Virtualisation With KVM On A CentOS (SolusVM Slave)

Steps To Setup:

Part 1 – Disk Setup

Fdisk is the most commonly used command to check the partitions on a disk. The fdisk command can display the partitions and details like file system type. However it does not report the size of each partitions.

$ sudo fdisk -l

You cannot create a Linux partition larger than 2 TB using the fdisk command. The fdisk won’t create partitions larger than 2 TB. This is fine for desktop and laptop users, but on server you need a large partition. For example, you cannot create 3TB or 4TB partition size (RAID based) using the fdisk command. It will not allow you to create a partition that is greater than 2TB.

Creating 4 TB Partition Size

To create a partition start GNU parted as follows:

$ parted /dev/sdb

Creates a new Partition Table:

$ (parted) mklabel gpt

Next, set the default unit to TB, enter:

$ (parted) unit TB

To create a 4 TB partition size, enter:

$ (parted) mkpart primary 0.00TB 4.00TB

To print the current partitions, enter:

$ (parted) print

Quit and save the changes, enter:

$ (parted) quit
Use the mkfs.ext4 command to format the file system: (Optionally You can use mkfs.ext3 if needed)

$ mkfs.ext4 /dev/sdb1
Create the PV through following command:

$ pvcreate /dev/sdb1

You can check that new PV through this command:

$ pvscan

Create the Volume Group:

$ vgcreate -s 32M vg1 /dev/sdb1

You can check that new volume group through this command:

$ vgdisplay
Part 2 – Network Setup

Bridging requires the bridge-utils package to be installed on the server. To check if it’s installed, do the following:

$ rpm -q bridge-utils

If you get an output – it’s installed, if not, it needs installing:

$ yum install bridge-utils

Before setting up your bridge, the contents of /etc/sysconfig/network-scripts/ifcfg-eth0 will look like the following:

DEVICE=eth0
BOOTPROTO=static
BROADCAST=102.100.152.255
HWADDR=00:27:0E:09:0C:B2
IPADDR=102.100.152.2
IPV6INIT=yes
IPV6_AUTOCONF=yes
NETMASK=255.255.255.0
NETWORK=102.100.152.0
ONBOOT=yes

To back up your current ifcfg-eth0 before modification:

1. Run the following command:

$ cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/backup-ifcfg-eth0

2.Create the bridge file:

$ nano -w /etc/sysconfig/network-scripts/ifcfg-br0

3. Copy parts of ifcfg-eth0 to it:

DEVICE=br0
TYPE=Bridge
BOOTPROTO=static
BROADCAST=102.100.152.255
IPADDR=102.100.152.2
NETMASK=255.255.255.0
NETWORK=102.100.152.0
ONBOOT=yes

4. Save that file and edit ifcfg-eth0:

$ nano -w /etc/sysconfig/network-scripts/ifcfg-eth0

5. Remove the networking parts and specify the bridge:

DEVICE=eth0
HWADDR=00:27:0E:09:0C:B2
IPV6INIT=yes
IPV6_AUTOCONF=yes
ONBOOT=yes
BRIDGE=br0

6. Bridge is  set up. Make sure that the changes are correct and restart the networking:

$ /etc/init.d/network restart

7. Once it’s restarted you see the new bridge using the ifconfig command:

[[email protected] ~]# ifconfig
br0       Link encap:Ethernet  HWaddr 00:27:0E:09:0C:B2
inet addr:102.100.152.2  Bcast:102.100.152.255  Mask:255.255.255.0
inet6 addr: fe80::227:eff:fe09:cb2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
RX packets:48 errors:0 dropped:0 overruns:0 frame:0
TX packets:67 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2984 (2.9 KiB)  TX bytes:13154 (12.8 KiB)

eth0      Link encap:Ethernet  HWaddr 00:27:0E:09:0C:B2
inet6 addr: fe80::227:eff:fe09:cb2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
RX packets:31613 errors:0 dropped:0 overruns:0 frame:0
TX packets:9564 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2981335 (2.8 MiB)  TX bytes:2880868 (2.7 MiB)
Memory:d0700000-d0720000

 

Part 3 – Installing a SolusVM KVM Slave:

In SSH as root do the following:

$ wget http://soluslabs.com/installers/solusvm/install

$ chmod 755 install

$ ./install

Now, follow the steps as shown in Video.

The install will now do it’s work.You will get next output (output text may vary)

Once the installer is complete you will be presented with the slave keys and any further instructions for your install type.

Set Up DNS for Office 365 in cPanel

To set up Microsoft Office 365, login to cPanel, then add/update the following DNS records for the domain(s) in question:

example.com.au. 300 MX 0 example-com-au.mail.eo.outlook.com.
example.com.au. 3600 TXT MS=ms000000
autodiscover 3600 CNAME autodiscover.outlook.com.
example.com.au. 3600 TXT “v=spf1 include:outlook.com ~all”
_sip 3600 SRV 100 1 443 sipdir.online.lync.com.
_sipfederationtls 3600 SRV 100 1 5061 sipfed.online.lync.com.
sip 3600 CNAME sipdir.online.lync.com.
lyncdiscover 3600 CNAME webdir.online.lync.com.
Notes:

  • The MS record shown in red is a number supplied by Microsoft as part of the verification rocess.
  • The MX record contains the domain name as a prefix, with periods replaced by hyphens.

Then, change the Email Routing setting down the bottom to “Remote Mail Exchanger”.

Adding Secondary IP Addresses (CentOS/RHEL)

There are plenty of reasons you would need to add secondary IP addresss (and everyone agrees that SEO is not one of them). Getting a secondary IP address is a simple process if it is done for the right reasons and done correctly. You do NOT need additional NIC cards but you will be creating virtual adapters as the secondary IP will be routing through the primary IP.

Also, this is a great thing to do at home as I’ve done it to run multiple internal IP addresses on one server to run multiple applications across the same ports (for KISS** sake). Please note that I am doing this is in a virtual testing environment so your settings will definitely be different.

** KISS = Keep It Stupid Simple **

You will need to be the root user and navigate to your /etc/sysconfig/network-scripts

# cd /etc/sysconfig/network-scripts

When getting a list of files in the directory you will see “ifcfg-eth0” (or eth1 if you’re doing it for a different adapter)

# ls -l | grep ifcfg-eth
-rw-r–r– 1 root root 119 Jan 11 19:16 ifcfg-eth0
-rw-r–r– 1 root root 119 Jan 3 08:45 ifcfg-eth0.bak
-rw-r–r– 1 root root 119 Feb 24 04:34 ifcfg-eth1
-rw-r–r– 1 root root 128 Jan 19 18:20 ifcfg-eth1.bak

Now adding the virtual adapters is easy. Basically if the main adapter is called “eth0” you have to call the next (virtual) adapter in a sequential order like so:

ifcfg-eth0 (primary adapter, physical)
ifcfg-eth0:1 (first virtual adapter to the physical primary adapter)
ifcfg-eth0:2 (second virtual adapter to the physical primary adapter)
and so on…

That being said, lets go ahead and copy our primary adapter configuration file and name it to be the first virtual adapter for the physical primary:

# cp ifcfg-eth0 ifcfg-eth0:1

# ls -l | grep ifcfg-eth
-rw-r–r– 1 root root 119 Jan 11 19:16 ifcfg-eth0
-rw-r–r– 1 root root 119 Feb 24 08:53 ifcfg-eth0:1
-rw-r–r– 1 root root 119 Jan 3 08:45 ifcfg-eth0.bak
-rw-r–r– 1 root root 119 Feb 24 04:34 ifcfg-eth1
-rw-r–r– 1 root root 128 Jan 19 18:20 ifcfg-eth1.bak

Now, we have to configure this virtual adapter to be: a static IP (of course), no hardware address (MAC), configure netmask and of course rename the device.

# vim ifcfg-eth0:1
DEVICE=eth0:1
BOOTPROTO=static
ONBOOT=yes
IPADDR=10.1.1.2
NETMASK=255.255.255.0

There is no need to specify a MAC address as it is a virtual adapter and there is also no need to specify a default gateway as it is already routed through the primary adapter. Basically there are only four things that you will need to change:

File name for the adapter itself

DEVICE= device name (should correspond with the file name)
IPADDR= ip address
NETMASK= netmask

Afterwards, just restart the networking service:

# service network restart

That’s it; lets check ifconfig to make sure the virtual adapter is there and working:

# ifconfig eth0:1
eth0:1 Link encap:Ethernet HWaddr 08:00:27:ED:05:B7
inet addr:10.1.1.2 Bcast:10.1.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

# ping 10.1.1.2
PING 10.1.1.2 (10.1.1.2) 56(84) bytes of data.
64 bytes from 10.1.1.2: icmp_seq=1 ttl=64 time=0.073 ms
64 bytes from 10.1.1.2: icmp_seq=2 ttl=64 time=0.042 ms
64 bytes from 10.1.1.2: icmp_seq=3 ttl=64 time=0.029 ms
64 bytes from 10.1.1.2: icmp_seq=4 ttl=64 time=0.029 ms
— 10.1.1.2 ping statistics —
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 0.029/0.043/0.073/0.018 ms

If you’re not sure if you’ve done it right and you do not want to restart the entire network server, you can use the following:

# ifup eth0:1

Linux KVM: Disable virbr0 NAT Interface

The virtual network (virbr0) used for Network address translation (NAT) which allows guests to access to network services. However, NAT slows down things and only recommended for desktop installations. To disable Network address translation (NAT) forwarding type the following commands:

 

Display Current Setup

Type the following command:
# ifconfig
Sample outputs:

virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:39 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:7921 (7.7 KiB)

Or use the following command:
# virsh net-list
Sample outputs:
Name State Autostart
—————————————–
default active yes

To disable virbr0, enter:
# virsh net-destroy default
# virsh net-undefine default
# service libvirtd restart
# ifconfig 

How to Clone/Backup Linux Systems Using Mondo

Mondo Rescue is an open source, free disaster recovery and backup utility that allows you to easily create complete system (Linux or Windows) Clone/Backup ISO Images to CD, DVD, Tape, USB devices, Hard Disk, and NFS. And can be used to quickly restore or redeploy working image into other systems, in the event of data loss, you will be able to restore as much as entire system data from backup media.

Mondo program is available freely for download and released under GPL (GNU Public License) and has been tested on a large number of Linux distributions.

This article describes Mondo installation and usage of Mondo Tools to backup of your entire systems. The Mondo Rescue is a Disaster Recovery and Backup Solutions for System Administrators to take full backup of their Linux and Windows file system partitions into CD/DVD, Tape, NFS and restore them with the help of Mondo Restore media feature that uses at boot-time.

Installing MondoRescue on RHEL / CentOS / Scientific Linux

The latest Mondo Rescue packages (current version of Mondo is 3.0.3-1) can be obtained from the “MondoRescue Repository“. Use “wget” command to download and add repository under your system. The Mondo repository will install suitable binary software packages such as afio, buffer, mindi, mindi-busybox, mondo and mondo-doc for your distribution, if they are available.

For RHEL/CentOS/SL 6,5,4 – 32-Bit

Download the MondoRescue repository under “/etc/yum.repos.d/” as file name “mondorescue.repo“. Please download correct repository for your Linux OS distribution version.

# cd /etc/yum.repos.d/

## On RHEL/CentOS/SL 6 - 32-Bit ##
# wget ftp://ftp.mondorescue.org/rhel/6/i386/mondorescue.repo

## On RHEL/CentOS/SL 5 - 32-Bit ##
# wget ftp://ftp.mondorescue.org/rhel/5/i386/mondorescue.repo

## On RHEL/CentOS/SL 4 - 32-Bit ##
# wget ftp://ftp.mondorescue.org/rhel/4/i386/mondorescue.repo

For RHEL/CentOS/SL 6,5,4 – 64-Bit

# cd /etc/yum.repos.d/

## On RHEL/CentOS/SL 6 - 64-Bit ##
# wget ftp://ftp.mondorescue.org/rhel/6/x86_64/mondorescue.repo

## On RHEL/CentOS/SL 5 - 64-Bit ##
# wget ftp://ftp.mondorescue.org/rhel/5/x86_64/mondorescue.repo

## On RHEL/CentOS/SL 4 - 64-Bit ##
# wget ftp://ftp.mondorescue.org/rhel/4/x86_64/mondorescue.repo

Once you successfully added repository, do “yum” to install latest Mondo tool.

# yum install mondo

Installing MondoRescue on Debian / Ubuntu / Linux Mint

Debian user’s can do “wget” to grab the MondoRescue repository for Debain 6 and 5 distributions. Run the following command to add “mondorescue.sources.list” to “/etc/apt/sources.list” file to install Mondo packages.

On Debian

## On Debian 6 ##
# wget ftp://ftp.mondorescue.org/debian/6/mondorescue.sources.list
# sh -c "cat mondorescue.sources.list >> /etc/apt/sources.list" 
# apt-get update 
# apt-get install mondo
## On Debian 5 ##
# wget ftp://ftp.mondorescue.org/debian/5/mondorescue.sources.list
# sh -c "cat mondorescue.sources.list >> /etc/apt/sources.list" 
# apt-get update 
# apt-get install mondo

On Ubuntu/Linux Mint

To install Mondo Rescue in Ubuntu 12.10, 12.04, 11.10, 11.04, 10.10 and 10.04 or Linux Mint 13, open the terminal and add the MondoRescue repository in “/etc/apt/sources.list” file. Run these following commands to install Mondo Resuce packages.

# wget ftp://ftp.mondorescue.org/ubuntu/`lsb_release -r|awk '{print $2}'`/mondorescue.sources.list
# sh -c "cat mondorescue.sources.list >> /etc/apt/sources.list" 
# apt-get update 
# apt-get install mondo

Creating Cloning or Backup ISO Image of System/Server

After installing Mondo, Run “mondoarchive” command as “root” user. Then follow screenshots that shows how to create an ISO based backup media of your full system.

# mondoarchive

Welcome to Mondo Rescue

Mondo Rescue Welcome Screen

Mondo Rescue Welcome Screen


Please enter the full path name to the directory for your ISO Images. For example: /mnt/backup/

Mondo Rescue Storage Directory

Mondo Rescue Storage Directory

Select Type of compression. For example: bzip, gzip or lzo.

Select Type of Compression

Select Type of Compression

Select the maximum compression option.

Mondo Rescue Compression Speed

Select Compression Speed

Please enter how large you want each ISO image in MB (Megabytes). This should be less than or equal to the size of the CD-R(W)’s (i.e. 700) and for DVD’s (i.e. 4480).

Mondo Rescue ISO Size

Define Mondo Rescue ISO Size

Please give a name of your ISO image filename. For example: tecmint1 to obtain tecmint-[1-9]*.iso files.

Mondo Rescue Prefix

Enter Name of Mondo Rescue

Please add the filesystems to backup (separated by “|“). The default filesystem is “/” means full backup.

Mondo Rescue Backup Paths

Enter Backup Paths

Please exclude the filesystem that you don’t want to backup (separated by “|“). For example: “/tmp” and “/proc” are always excluded or if you want full backup of your system, just hit enter.

Mondo Rescue Exclude Paths

Enter Exclude File System

Please enter your temporary directory path or select default one.

Mondo Rescue Temporary  Directory

Enter Temporary Directory Name

Please enter your scratch directory path or select default one.

Mondo Rescue Scratch  Directory Name

Enter Scratch Directory Name

If you would like to backup extended attributes. Just hit “enter“.

Mondo Rescue Extended Backup

Enter Extended Backup Attributes

If you want to Verify your backup, after mondo has created them. Click “Yes“.

Mondo Rescue Verify Backups

Verify Backups

If you’re using stable standalone Linux Kernel, click “Yes” or if you using other Kernel say “Gentoo” or “Debain” hit “No“.

Mondo Rescue Kernel

Select Stable Linux Kernel

Click “Yes” to proceed further.

Mondo Rescue Backup Process

Proceed Cloning Process

Creating a catalog of “/” filesystem.

Mondo Rescue Making Catalog

Creating Catalog for File System

Dividing filelist into sets.

Mondo Rescue Dividing File List

Dividing File List

Calling MINDI to create boot+data disk.

Mondo Rescue Boot Data Disk

Creating Boot Data Disk

Backing up filesytem. It may take a couple of hours, please be patient.

Mondo Rescue Backup Filesystem

Backing up File System

Backing up big files.

Mondo Rescue Big Files Backup

Big Files Backup

Running “mkisofs” to make ISO Image.

Mondo Rescue Creating ISO

Making ISO Image

Verifying ISO Image tarballs.

Mondo Rescue Verify ISO

Verify ISO

Verifying ISO Image Big files.

Mondo Rescue Verify Big Files

Verify Big Files

Finally, Mondo Archive has completed. Please hit “Enter” to back to the shell prompt.

Mondo Rescue Backup Completed

Backup Completed

If you’ve selected default backup path, you will see an ISO image under “/var/cache/mondo/“, that you can burnt into a CD/DVD for later restore.

To restore all files automatically, boot the system with Mondo ISO Image and at boot prompt type “nuke” to restore files. Here is the detailed video that demonstrates how to restore files automatically from CD/DVDmedia.

Add GNOME to a CentOS Minimal Install

Introduction

In most instances, the Linux servers I setup are used to host the Oracle database software and only require using the Command-Line Interface (CLI) for the OS. This is beneficial because I only need to perform a minimal installation and can add only those required Linux packages (RPMs) needed to support the database. However, there are situations where I need to access a graphical desktop in order to install or run certain Graphical User Interface (GUI) applications.

This guide provides the steps needed to add the GNOME Desktop to a CentOS minimal installation where the OS was installed without the X Window System.

CentOS 6

In this section, the GNOME desktop will be added to a new server running CentOS 6.2 (x86_64) after performing a “Minimal” install.

Install Desktop Packages

# yum -y groupinstall "Desktop" "Desktop Platform" "X Window System" "Fonts"

You can also install the following optional GUI packages.

# yum -y groupinstall "Graphical Administration Tools"

# yum -y groupinstall "Internet Browser"

# yum -y groupinstall "General Purpose Desktop"

# yum -y groupinstall "Office Suite and Productivity"

# yum -y groupinstall "Graphics Creation Tools"

Finally, if you wanted to add the K Desktop Environment (KDE).

# yum -y groupinstall kde-desktop

When using yum groupinstall, the groupinstall option only installs default and mandatory packages from the group. There are times when you also want to include optional packages within a group. I have not figured out (yet) how to control which package types to install (group package “policy”) from the command-line using yum. The only method I know of to also include optional packages is to edit the /etc/yum.conf file and add the following to the [main] section:

group_package_types=default mandatory optional

The reason I mention this is because I wanted to install “Terminal emulator for the X Window System” (xterm) which is under the group “Legacy X Window System compatibility”. xterm happens to be an optional package and did not get installed until I added group_package_types=default mandatory optional to /etc/yum.conf.

# yum -y groupinstall "Legacy X Window System compatibility"

I did find a plug-in for yum that allows users to specify which package types within a package group should be installed when using yum groupinstall.

http://projects.robinbowes.com/yum-grouppackagetypes/trac

Enable GNOME

Since the server was previously running on CLI mode, we need to change the initialization process for the machine to boot up in GUI mode.

Open /etc/inittab using a text editor and change following line:

id:3:initdefault:

To:

id:5:initdefault:

After making the change, reboot the machine.

# init 6

Note that you can switch from GUI to CLI mode manually by using following method:

GUI to CLICtrl + Alt + F6
CLI to GUICtrl + Alt + F1

Installing Additional Applications

After logging in to the GNOME Desktop, you can now go to System > Administration > Add/Remove Software to manage application in CentOS.

By using this wizard, you can install various applications similar to yum but through a GUI. Applications installed using this method will appear in the Application menu list.