Tag Archives | centos 5

Vsftp login problems on CentOS 5.2 and SELinux

I was just about finishing a new CentOS 5.2 server with SELinux enabled. I then tried to transfer over some data when I was given the error “500 OOPS: cannot change directory:/home/userdir” in the FTP connection window.

First, I thought the cause was that I did not assign the user to the FTP group. Then I also made sure that the FTP group had permission to read/write to the users directory. Still, no go.

The next thing to check was that I enabled an exception in the firewall. To do that you can call “system-config-securitylevel-tui” which brings up a GUI within the shell. Here you can customize your rules. Still, FTP was allowed to go trough, so all was well, right?

Well, it turned out that SELinux with the setting “Enforcing” was the cause of it all. Now, I had the following two options;

  1. Use the “Permissive” setting (If you set SELinux to permissive you can login with FTP)
  2. Still use the “Enforcing” setting

I opted for option 2, since I really wanted to have SELinux enabled with “Enforcing”. Actually, all it took is to dig into the SELinux settings. To do so we have commands like “getsetbool” and “getsebool”.

With the command “/usr/sbin/getsetbool -a” you will get a list of all the boolean setting of SELinux (this is a long list!). Within this list there are some FTP settings which are of our interests here, like:

ftp_home_dir –> off
ftpd_disable_trans –> off
ftpd_is_daemon –> on

The particular one we are looking for is the “ftp_home_dir”. In your list this will probably set to “–> off”. To enable it, issue the following command:

usr/sbin/setsebool ftp_home_dir=1

As soon as you set this, your users should be able to FTP into their home directory and you should be on the safe side with SELinux still in the “Enforcing” mode.

Comments { 63 }

VMWare Open BlueDragon image made available

Update: We don’t support the direct Open BlueDragon image anymore. Instead, head over to the Elastic Server website and build your own Virtual Image which is available for VMWare, Xen, Parallels and more.

We are happy to announce that we have made our Open BlueDragon VMWare image available.

The image contains;

CentOS 5.1 (with all available upgrades as of 05/11/2008)
Tomcat 5.5
MySQL 5.0.22
Apache 2.x
and of course Open BlueDragon (build of 05/11/2008)

The image can be run with VMWare Workstation for Windows, VMWare Fusion (for MacOS X), VMWare Server and VMWare ESX. For those that don’t have any VMWare products installed, there is the VMWare Player available that let’s you run the Open BlueDragon image on its own and completely for free.

Update on 05/15/2008:

We just updated the Open BlueDragon image to hold the latest changes. These are:

  • CVS access:
    As of 05/15/2008 the Open BlueDragon project has CVS access. This is now also enabled in this latest update of the image. CVS checkout has been done into the directory /var/lib/tomcat5/webapps/openbd. You can update the CVS Open BlueDragon now. “cd” into the directory and do a “cvs update” to retrieve the latest updates.
  • The deployed “openbluedragon.war” file has been updated to the latest release (as of 05/15/2008).
  • All CentOS 5.1 updates have been applied (as of 05/15/2008)

Due to the new release and change in size (1.1 GB) I had to make a new torrent file. Please update your trackers, seeding clients, etc. Thank you.

There are two options to download the Open BlueDragon image that comes in at 1.1 GB:

Bit Torrent file (preferred) or
download it from our website
.

This is a full blown setup, so you are able to deploy the setup for hosting or development. Tomcat runs on port 8080 (the default). Thus you can reach the Tomcat Administration at http://localhost:8080 and the default Open BlueDragon Installation at http://localhost:8080/openbluedragon or for the CVS deployment at http://localhost:8080/openbd/webapp/. Applications can be deployed right underneath these folders.

If you have any question or feedback lease post a comment. Happy CFML coding.

Comments { 0 }

Installing the latest JRE 6 on CentOS 5

Update: We’ve written a new guide for installing JRE 6. Please visit “Update on installing JRE 6 on CentOS“!

On our task to install the latest Java on our CentOS 5 machine we encountered that simply running the RPM from Sun’s Website is not enough. Here are the steps that we did to get Java installed properly.

  1. Get the latest JRE from SUN and download the RPM.
  2. Once done issue “chmod a+x” on the RPM.
  3. Then simply use “./jrexxxx” (the filename of the RPM) and let it run. This will install the JRE in /usr/java/jre1.6.0_04/bin/java.

You now expect that the latest JRE is installed, right? Alas, it is not so. You are still getting the default Java installation:

# java -version
java version “1.4.2_06″
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_06-b03)
Java HotSpot(TM) Client VM (build 1.4.2_06-b03, mixed mode)

Looking around a bit we found that the path “/usr/bin/java” is a symbolic link pointing to the default Java location. So all you have to do now is to remove the existing symbolic link and create a new one to our JRE 1.6.0 installation. This is done with:

ln -s /usr/java/jre1.6.0_04/bin/java /usr/bin/java

When you now check on the version you should get the new Java version.

# java -version
java version “1.6.0_04″
Java(TM) SE Runtime Environment (build 1.6.0_04-b12)
Java HotSpot(TM) Client VM (build 10.0-b19, mixed mode, sharing)

Comments { 0 }

Installing Oracle database 11g should not be a nightmare, right?

Ok, first of I want to say that I have installed quite a couple of Oracle database releases and that I am not a newbie to this, but today I feel like one. Why? Well, simply put, I don’t understand how Oracle can release a product that is full of bugs and misplaced links. Anyhow, let’s get started:

Yesterday we thought of installing the latest and greatest Oracle database 11gR1 release on our brand new shiny Linux box. As always we are using the brilliant CentOS 5. We then went ahead and did step by step according to the installation instructions of this Oracle guide to install 11g on Linux.

All went fine until the Database Configuration Assistance came up with an error that it can not install properly. It also said that this is not so bad as one can run the installation manually later on. We have had these errors in the past and know how to handle them. Thus we continued. After that the database was setup fine.

Actually all went fine, we could login to the database without a problem and all is set. Well that means, the database was running, but no the listener! More to that later on.

We then configured the system to start the Oracle services automatically on reboot. For that we used another Oracle Guide that is supposed to state the correct settings. The problem is that it does NOT work as stated in their document!

First thing is to go into “# vi /etc/oratab” and edit the last line of the string to change it to a “Y” instead of the “N”. No problem, but it gets problematic when you are trying to use the “dbora” script. Because as soon as you are trying “/sbin/chkconfig –level 345 dbora on” (this has to be done on CentOS/RedHat) you will get an error like “service dbora does not support chkconfig”. How come?

To make the script “dbora” work on CentOS/RedHat you will want to include this at the top of the document:

#!/bin/sh
# chkconfig: 345 99 10
# description: Oracle auto start-stop script.

The important part here is to have the line “chkconfig” AND “description” in the file. Otherwise “chkconfig” will not work! Ok, on with the show.

Still after reboot the database does not come up as expected. Digging around some more, we found that the script “dbstart” has another bug. This line:

# First argument is used to bring up Oracle Net Listener
ORACLE_HOME_LISTNER=$1

does NOT work! As soon as one changes it to the actual path of the installation the script runs much better. So go ahead and change it to:

# First argument is used to bring up Oracle Net Listener
ORACLE_HOME_LISTNER=/opt/oracle/product/11.1.0/db_1

Of course, our Oracle installation is under “/opt”, change this to your installation path. Some have posted in blogs and forums that you could also change it to “$ORACLE_HOME” but we have had no success with that only the hard coded path value does work.

Fun, isn’t it? But wait there is more and make sure to read until the end of this post. Next up is not really something that os Oracle’s fault, but never the less not stated anywhere. To make working in the shell more comfortable and that the scripts DO work you will want to modify your “profile” settings.

Fire up “vi” and edit “/etc/profile” and add the following lines (change it to fit your path and SID):

PATH=$PATH:/opt/oracle/product/11.1.0/db_1/bin
ORACLE_HOME=/opt/oracle/product/11.1.0/db_1/
ORACLE_SID=orcl
export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE INPUTRC ORACLE_HOME ORACLE_SID

Ok, after you have done all of the above you can safely restart your machine and your Oracle database should start automatically. If it does not then a “dbca” could help. but wait, I kept the best for the end!

In our installation we have found that with the scripts above any local login to the sqlplus console reports us that we are connected to an idle instance! But, now get this, my users can login to the database with SQL-Developer or any remote client!!! Don’t believe us, here is the screen shot of the local login:

oracle11g.png

Only this “little” thing kept us quite busy for today and it is leaving a feeling that Oracle database 11gR1 might not be so ready for big time yet. But maybe we are doing something wrong? Let us know, we are welcome to suggestions.

Comments { 57 }