30Apr04 Fedora notes

The following are just some notes about our Fedora installation. Some of this information is not easily given to you or through the system administration tools. Unless you are interested in running linux, you most likely will not be interested in this entry.

up2date mirror information

yum fedora-core-1 http://mirrors.kernel.org/fedora/core/1/i386/os
yum updates-released http://mirrors.kernel.org/fedora/core/updates/1/i386
yum mozilla-updates http://ftp.mozilla.org/pub/mozilla.org/mozilla/yum/SeaMonkey/releases/current/redhat/1

yum mirror information

[base]
name=Fedora Core $releasever - $basearch - Base
baseurl=http://mirrors.kernel.org/fedora/core/$releasever/$basearch/os

[updates-released]
name=Fedora Core $releasever - $basearch - Released Updates
baseurl=http://mirrors.kernel.org/fedora/core/updates/$releasever/$basearch

[mozilla.org]
name=Mozilla updates
baseurl=http://ftp.mozilla.org/pub/mozilla.org/mozilla/yum/SeaMonkey/releases/current/redhat/1
#gpgcheck=1

Samba & iptables information
http://linuxquestions.org/questions/history/169516

# /sbin/iptables -F
# /sbin/iptables -X

Setup the new firewall:

# /sbin/iptables -A INPUT -j ACCEPT -i lo
# /sbin/iptables -A INPUT -j ACCEPT -m state –state ESTABLISHED,RELATED
# /sbin/iptables -A INPUT -j ACCEPT -m state –state NEW -p icmp –icmp-type echo-request
# /sbin/iptables -A INPUT -j ACCEPT -m state –state NEW -p tcp –dport 22 –syn
# /sbin/iptables -A INPUT -j ACCEPT -m state –state NEW -p tcp –dport 80 –syn
# /sbin/iptables -A INPUT -j ACCEPT -m state –state NEW -p udp –dport 137
# /sbin/iptables -A INPUT -j ACCEPT -m state –state NEW -p udp –dport 138
# /sbin/iptables -A INPUT -j ACCEPT -m state –state NEW -p tcp –dport 139 –syn
# /sbin/iptables -A INPUT -j ACCEPT -m state –state NEW -p tcp –dport 445 –syn
# /sbin/iptables -A INPUT -j REJECT -p tcp –reject-with tcp-reset
# /sbin/iptables -A INPUT -j REJECT -p udp –reject-with icmp-port-unreachable
# /sbin/iptables -P INPUT DROP
# /sbin/iptables -P FORWARD DROP
# /sbin/iptables -P OUTPUT ACCEPT

Add the following line to /etc/sysconfig/network to stop the scripts from modifying your custom firewall:

FIREWALL_MODS=no

Finally you save your firewall configuration to /etc/sysconfig/iptables and enable it with:

# /sbin/service iptables save
# /sbin/chkconfig iptables on

Rename partition
One can use e2label or tune2fs in order to relabel partitions. By default, Fedora (Red Hat) uses “LABELS” to identify devices instead of using ids/locations.

SSH Public Key Authentication
SSH2 public key formats can change from vendor to vendor. In order to use keys created with ssh.com’s client with a OpenSSH server, you have to convert the public key before the server will recognize it.

from "Getting OpenSSH to work with ssh.com and itself":

ssh-keygen -i -f KEY_FILE >> ~/.ssh/auhtorized_keys

chmod 700 .ssh
chmod 644 .ssh/authorized_keys

Java Installation
Install intructions
To export Java variables to all accounts in the server, edit /etc/profile.d/java.sh

JAVA_HOME=/usr/java/j2sdk1.4.2_04
export JAVA_HOME
PATH=$PATH:$JAVA_HOME/bin
export PATH

Comments are closed.

about this entry

This entry was written on Friday, April 30 2004 at 9:29pm. Posted to web development and

other posts

PREVIOUS: I’ve not forgotten - Part II
NEXT: Apache Trail

categories