Category Archives: Information

Fedora 20 upgrade left apache wide-open.

Last night, I discovered that http://crabradio.net/blogold/ wouldn’t load the index.php, and would only load a white screen.  Good thing that I decided to fix it this morning, because I discovered that the apache upgrade left the server ignoring .htaccess files, which allow for password protecting content and directories on the web server.  The result was a ‘wide-open’ web server.  It would only be a matter of time before Google bots and Yahoo spiders would start sucking me dry trying to download the contents of my web system.  Very similar to what happened when a bad symlink allowed open access to the entire filesystem.  Google bots were having a field day with that, and I’m sure would love it again, if I didn’t fix it right away.

Both items were a fairly simple fix in the same section of the /etc/httpd/conf/httpd.conf file.  (First, had to become root user.)

# nano /etc/httpd/conf/httpd.conf

I went to the Directory Directive for /var/www/html and added two lines highlighted in green…..

<Directory “/var/www/html”>
#
DirectoryIndex index.php
#
AllowOverride All

I actually edited the AllowOverride line from ‘None’ to ‘All’.  That line controls what directives can be placed into .htaccess files.  Since apache decided to make it None, it was ignoring them.  Thanks, Apache!  Last thing to do was restart or reload the httpd service.  This is done by:

# service httpd restart

But, since service has been replaced by systemctl, there is no telling when fedora will decide to fully depreciate service.  So, you should probably start getting used to the new command.  It does so much more, anyway.

# systemctl reload httpd

To make sure that it started okay:

# systemctl status httpd

or # service httpd status

Well, everything is now running as it should.  😉

This morning, I noticed that Fedora 20 doesn’t have an MTA installed as default.

One of the last things I had to do after imaging the system OS drive with Clonezilla, was to start a fresh backup with dar.  So, I manually started my custom script around midnight, and let it run.  When I woke up, I checked my email, and there wasn’t a backup email.  Curious.  So, I checked if it was still running.  Nope, was finished, but it choked and halted at the point of sending the email.

So, I discovered that there was no Mail Transport Agent installed, so HOW could the command ‘mail’ send any mail?  😉  So, using yum, I installed postfix.  Then, went through /etc/postfix/main.cf and using nano  (as root user) added a few basic things like hostname and domain.  I don’t think that there was much anything else that I had to edit.  So, time to start postfix.

# service postfix restart

The line in my backup script still refused to send out mail.  So, discovered that for some reason, postfix didn’t like my use of -a (attachment).  Had to change the line around like this:

mail -s Auto_Backup_SYS -a /mnt/storage/backupsys.txt -c >/dev/null

mail -s Auto_Backup_SYS -c < /mnt/storage/backupsys.txt >/dev/null

No big deal, since the status file is a text file, but I really don’t know why the -a flag was a show stopper.  While I was at it, I fixed a couple more vhosts for my friend, Don Landes.  Mental note – I really need to clean up the vhosts conf directory, as there are a few in there that aren’t used any longer.  That also means removing the ‘includes’ from the /etc/httpd/conf/httpd.conf file, but that can wait for another day.  😉

Fixing Yumex and Installing Mate GDM.

Well, it was bound to happen.  I have been using Linux since 1997 or so, starting with Redhat 4.2.  Back in those days, getting all hardware recognized was quite some feat, and you had to REALLY learn the ‘true’ power of Linux, residing in the Terminal shell.  I remember being quite ecstatic when Gnome 1.0 came out in 1999.  I think I first used it on one of the Redhat 6.x releases.  I have been using it as a GDM ever since, except for trying out a few other ones, like Sawfish.  Well, the love afair is tragically over.  It’s really gone over the edge with Gnome 3.Mate gdm - Fedora 20  So, at the server’s keyboard, I am running Gnome Classic.  (It comes installed by default, so I guess Fedora figured out that some people would really want Gnome2 again.)  Over VNC, I installed Mate GDM, which actually IS the Gnome2 fork.  You can see the menus are very similar, etc.  Here, you see it playing an mp3 stream.  (If anybody needs help on enabling mp3 support in Fedora, just ask.)  To install Mate GDM (as root user):

# yum install mate-desktop

That is only half of the fight, though.  Need to enable it in VNC, so, as root user:

# nano /home//.vnc/xstartup

I would recommend copying the original file somewhere first, just to be safe.  Then, you can edit it and make it just like this:That should do it.

#!/bin/sh

#
# Uncomment the following two lines for normal desktop:
# unset SESSION_MANAGER
unset DBUS_SESSION_BUS_ADDRESS
# exec /etc/X11/xinit/xinitrc
#
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
x-terminal-emulator -geometry 80×24+10+10 -ls -title “$VNCDESKTOP Desktop” &
mate-session &

Next, was an issue that reared its ugly head with Fedora 18, and I was hoping that it would be fixed by 20.  No such luck.  Yumex would run over VNC, however, the backend would fail polkit authorization when you tried using it to install/upgrade/remove packages.  This resolved THAT issue:  As you see by the screenshot, you have to run Yumex, and select: Run backend with sudo under the Advanced tab.

Yum Preferences
Yum Preferences

Then, close Yumex.  Next, I had to add a line to the /etc/sudoers file. (Become root user) and use nano to add the following line to the end of the file:

username ALL=SOFTWARE, NOPASSWD: /usr/share/yumex/backend-launcher.py

Runs just fine, now.  😉

There was also a tiny, little problem with Mate.  The Preferences like themes, etc wouldn’t save.  This was because the file mate-settings-daemon did not get installed, but, you should be able to handle this one, eh?