Often a requirement in a secure environment is to lockdown users after they enter a wrong password for a specified number of times. This makes the system protect again The post describes how to lock an account after N incorrect login attempts using pam.d files. The pam_faillock module supports temporary locking of user accounts in […]
Archives for September 2017
CentOS / RHEL 6 : Lock User Account After N Number of Incorrect Login Attempts
Often a requirement in a secure environment is to lockdown users after they enter a wrong password for a specified number of times. This makes the system protect againt attacks likes password dictionary attacks. The post describes how to lock an account after N incorrect login attempts using pam.d files. Lock user after N incorrect […]
CentOS / RHEL 6,7 : How to increase system log message verbosity (rsyslogd)
The Linux system log daemon is responsible for logging system messages. Starting RHEL 6, The system log daemon/service and its configuration file is rsyslogd – /etc/rsyslog.conf. The post describes how to modify CentOS / RHEL 6,7 system log message verbosity. Verbosity level for rsyslogd Each line in the configuration file /etc/rsyslog.conf defines a rule consisting […]
CentOS / RHEL : How to exclude kernel or other packages from getting updated using YUM Versionlock Plugin
Due to application certification and other restrictions in a production environment, it may be preferred to exclude kernel RPM (or other certain RPM) upgrade via yum update. In that case we can use the YUM versionlock plugin to exclude certian packages/rpms from getting updated. Note : The example provided in the post is for the […]
Beginners guide to Kernel Module Configuration in Linux
The Linux kernel is loaded into memory by the boot loader. Kernel modules are dynamically loaded and unloaded on demand. They provide device drivers to allow the kernel to access new hardware, support for different file system types and generally extend the functionality of the kernel. Listing the Loaded Kernel Modules To list which kernel […]
CentOS / RHEL 7 : How to set date, time / NTP and timezone using timedatectl
RHEL 7 offers another utility to configure and display date and time information, timedatectl. This utility is part of the systemd system and service manager. With the timedatectl command you can : Change the current date and time Set the time zone Configure NTP If you run timedatectl without any options, you would get an […]
CentOS / RHEL 7 : How to change the verbosity of debug logs during booting
Removing the rhgb and the quiet kernel command-line parameters, either by editing the /boot/grub/grub.conf file or by using the grub editing mode during boot. Replace these parameters with loglevel and systemd.log_level=debug parameter. This change is generally sufficient to provide as much data as is needed to debug a boot failure. The option rhgb is used […]
CentOS / RHEL 7 : GRUB2 configuration file /boot/grub2/grub.cfg explained
The GRUB2 configuration file /boot/grub2/grub.cfg – Starting RHEL 7 GRUB 2 is the bootloader. The GRUB 2 configuration file is /boot/grub2/grub.cfg. – Do not edit this file directly. Use the grub2-mkconfig command to generate grub.cfg. This command uses the template scripts in /etc/grub.d and menu-configuration settings taken from /etc/default/grub when generating grub.cfg. – The /etc/grub2.cfg […]
CentOS / RHEL 7 : How to reinstall GRUB2 from rescue mode
CentOS / RHEL 7 now includes GRUB2 which uses a new way of installing to the MBR of your boot device. You may have to reinstall the GRUB2 bootloader if your system is not bootable after a failure. In order to reinstall GRUB2 you have to boot into rescue mode. Follow the steps below to […]
CentOS / RHEL 6 : how to start the services interactively during boot (to disable/abort some services)
There is an option with RHEL / CentOS 6 to start the services interactively during system boot up. We can use it to troubleshoot any booting issues related to services. By default, this feature is not available and you need to enable it using either of the 2 methods described below. Method 1 – Using […]