Tuesday, February 21, 2012

Set Up an RPM Build Environment under CentOS


Set Up an RPM Build Environment under CentOS

This document will guide you on how to install and configure an environment to build RPMs (and rebuild SRPMs) under CentOS.

Building RPMs should NEVER be done with the root user. It should ALWAYS be done with an unprivileged user. Building RPMs as root might damage your system. You have been warned.

Check that you have rpmbuild installed

First, you should check that you have rpmbuild installed on your system. This is the tool you will use to build RPMs from specfiles or SRPM packages. To check that it is installed and , issue the rpmbuild --showrc command. A large set of data should be displayed, enumerating details of the build environment that rpmbuild is using. Quite useful for debugging what a .spec file is doing

If the system returns: $ rpmbuild: command not found this means rpmbuild is NOT yet installed. You can install it with yum by running the following command as root:

[root@hostname ~]# yum install rpm-build
As becoming root for running a command is only logged in the bash history file, most careful admins set up and use sudo for the task instead:

[userid@hostname ~]$ sudo yum install rpm-build
Note: That for historical reasons, the package containing /usr/bin/rpmbuild is called rpm-build (that is, with a dash in the package name).

Verify that yum listed a version of the rpm-build package in the list of packages to install, and answer "y" to allow yum to go ahead and install the package.

After yum is finished, run the rpmbuild --showrc or the more terse rpmbuild --version command to check that it is installed.

Most SRPMs targetted to be rebuilt on CentOS also need certain rpmbuild build macros and helper scripts, which are contained in package: redhat-rpm-config. To get results as desired, you should also install it in the same fashion as noted above, substituting the new package name.

[userid@hostname ~]$ sudo yum install redhat-rpm-config
Note: You may have this package already installed. In such a case yum will just output Nothing to do on the last line of its output. You can check if a package is already installed (here checking on redhat-rpm-config) with the command rpm -q redhat-rpm-config . If there is any output, that means the package is already there. The output of the rpm command will also include the version and release information of that package that is installed on your system.

Create directories for RPM building under your home

After you have rpmbuild installed, the next step is to create the files and directories under your home directory that you need to build RPMs. As noted before, to avoid possible system libraries and other files damage, you should NEVER build an RPM with the root user. You should always use an unprivileged user for this purpose.

To build RPMs with an unprivileged user, you must create a directory structure for that purpose, and then create the .rpmmacros file under your home directory overriding the default location of the RPM building tree to the one you created.

The instructions below will create a rpmbuild directory under your home directory to build RPMs. If you want to use a different directory, you will have to adapt the instructions below to your usage. See the external references for documentation on how to do more complex configurations.

To create the RPM building environment, run the two commands below:

[userid@hostname ~]$ mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
Beware: this next command will overwrite an existing .rpmmacros file if it exists, so check that you don't already have one before continuing.

[userid@hostname ~]$ echo '%_topdir %(echo $HOME)/rpmbuild' > ~/.rpmmacros
After running the two commands above, your environment is set up to build most RPMs without further setup.

Other tools you may need

In general, building RPMs means building and compiling software. To do that, in general you will need tools needed to compile and build source packages.

In particular, you will most probably need to install make to build software (even software that is not written in C or in a compiled language usually uses Makefiles for its install process). As before:

[userid@hostname ~]$ sudo yum install make
If you are building RPMs for software written in C, you will also need the gcc compiler.

[root@host ~]# yum install gcc
Some dependencies will probably be installed together with gcc to allow for the compilation against system libraries.

If you are building software that uses system libraries (such as OpenSSL, for example), you will need to install additional RPMs that allow you to build software against those libraries.

Using OpenSSL as an example, there are two separate binary RPMs: openssl and openssl-devel. The openssl RPM package contains the libraries needed to run binaries linked against openssl. For example, wget needs OpenSSL libraries for encrypted connections, so to install the wget RPM, the openssl RPM will be required, and installed as well.

However, the openssl RPM does not contain the library header files needed to compile code against the OpenSSL libraries. A decision by a spec file packaging team to split these less commonly needed header files in designing a distribution is a common one , in order to conserve space on non-developer machines.

For example, if you download wget source code and try to build it, it will complain that it can not find the OpenSSL libraries. The files needed to compile code with OpenSSL are included in the openssl-devel RPM. So, after installing that RPM and any other needed build dependencies that the SRPM or spec file requires, you may then compile code that requires to use the OpenSSL library headers to build.

So, diagnostically, when you try to build an RPM package, and it gives you an error and tells you that it cannot find a certain library, you should look for the library -devel package's presence using the installed packages methods noted above. If missing, cure the problem by installing it if not yet present. This will allow you to go on with building that RPM. ... or encounter the next item to be solved in a process of progressive obstacle elimination.

Friday, February 10, 2012

Install cacti

First, make sure EPEL repo is enabled. Type the following command to install cacti:
# yum install cacti
Install cacti tables

Type the following command to find out cacti.sql path:
# rpm -ql cacti | grep cacti.sql
Sample output:


Type the following command to install cacti tables (you need to type the cacti user password):
# mysql -u cacti -p cacti < /usr/share/doc/cacti-0.8.7d/cacti.sql

Configure cacti Open /etc/cacti/db.php file, enter:
# vi /etc/cacti/db.php Make changes as follows: /* make sure these values refect your actual database/host/user/password */

$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cacti";
$database_password = "zYn95ph43zYtq";
$database_port = "3306";

Save and close the file.
Configure httpd Open /etc/httpd/conf.d/cacti.conf file, enter:

# vi /etc/httpd/conf.d/cacti.conf

You need to update allow from line. Either set to ALL or your LAN subnet to allow access to cacti:

# # Cacti: An rrd based graphing tool # Alias /cacti /usr/share/cacti
Order Deny,Allow
Deny from all
Allow from

Another option is create /usr/share/cacti/.htaccess file and password protect the directory. Finally, restart httpd:
# service httpd restart
Setup cacti cronjob

Open /etc/cron.d/cacti file, enter:
# vi /etc/cron.d/cacti
Uncomment the line:

*/5 * * * * cacti /usr/bin/php /usr/share/cacti/poller.php > /dev/null 2>&1

Save and close the file.
Run cacti installer

Now cacti is ready to install. Fire a webbrowser and type the url:

Installing Cacti on CentOS 5

The link is here:


But in case Link is lost, here's the entire instructions:

Cacti is a GPL-licensed, scalable, RRDtool-based monitoring program with flexible graphing options. This article describes the process of installing and configuring Cacti on CentOS 5.2.

Useful links to this installation were BXtra and TechDB.

Per the Cacti documentation, Cacti requires:

RRDTool 1.0.49 or 1.2.x or greater

MySQL 4.1.x or 5.x or greater

PHP 4.3.6 or greater, 5.x greater highly recommended for advanced features

A Web Server e.g. Apache or IIS

I'd also recommend installing vim, net-snmp, net-snmp-utils, php-snmp, initscripts, perl-rrdtool, and any dependencies.

To perform this install, I am logged into Gnome as a normal user, and opened a terminal that is switched to the root user using the su command. I had already installed apache, mysql, and PHP during the original install process of CentOS 5.2.

I added a new repository to facilitate this install. To do this, I created a file
(/etc/yum.repos.d/dag.repo) containing Dag Wiers repository, which contains rrdtool, among other things.

name=Dag RPM Repository for Red Hat Enterprise Linux
You can create this file by typing vim /etc/yum.repos.d/dag.repo and copying and pasting the above information into the file. Be warned that the above text containing the repository is version and architecture-specific.

I then typed yum update to update CentOS and the repository list before installing additional software.

I installed everything but cacti through yum. You can verify that you have the packages in question (or the version numbers of installed packages) by attempting to install them, as yum will remind you that you already have the latest version installed, as well as the version status of the packages, as shown here:

# yum install php httpd mysql mysql-server php-mysql vim-enhanced net-snmp net-snmp-utils php-snmp initscripts perl-rrdtool rrdtool initscripts
Loaded plugins: fastestmirror, priorities
Loading mirror speeds from cached hostfile
* base: pubmirrors.reflected.net
* updates: mirror.fdcservers.net
* addons: chi-10g-1-mirror.fastsoft.net
* extras: mirror.fdcservers.net
Setting up Install Process
Parsing package install arguments
Package php-5.1.6-23.2.el5_3.i386 already installed and latest version
Package httpd-2.2.3-22.el5.centos.1.i386 already installed and latest version
Package mysql-5.0.45-7.el5.i386 already installed and latest version
Package mysql-server-5.0.45-7.el5.i386 already installed and latest version
Package php-mysql-5.1.6-23.2.el5_3.i386 already installed and latest version
Package 2:vim-enhanced-7.0.109-4.el5_2.4z.i386 already installed and latest version
Package 1:net-snmp- already installed and latest version
Package 1:net-snmp-utils- already installed and latest version
Package php-snmp-5.1.6-23.2.el5_3.i386 already installed and latest version
Package initscripts-8.45.25-1.el5.centos.i386 already installed and latest version
Package perl-rrdtool-1.3.7-1.el5.rf.i386 already installed and latest version
Package rrdtool-1.3.7-1.el5.rf.i386 already installed and latest version
Package initscripts-8.45.25-1.el5.centos.i386 already installed and latest version
Nothing to do
Download the latest version of Cacti (0.8.7e, as of the writing of this article) from here. I downloaded it to my desktop and unzipped it by right clicking it and selecting "Extract here". I also renamed the cacti-0.8.7e directory by right clicking and selecting "Rename". You could do this in the command line, if you wanted to:
[your root shell] # tar xzvf cacti-0.8.7e.tar.gz
[your root shell] # mv cacti-0.8.7e cacti
Move the entire cacti directory to /var/www/html/ :
[your root shell] # mv cacti /var/www/html
I chose to create a 'cactiuser' user (and cacti group) to run cacti commands and to have ownership of the relavent cacti files. It was here that I noticed that my install did not have any of the /sbin directories in its $PATH , so I simply typed the absolute path:
[your root shell] # /usr/sbin/groupadd cacti
[your root shell] # /usr/sbin/useradd -g cacti cactiuser
[your root shell] # passwd cactiuser
Change the ownership of the /var/www/html/cacti/rra/ and /var/www/html/cacti/log/ directories to the cactiuser we just created
[your root shell] # cd /var/www/html/cacti
[your root shell] # chown -R cactiuser rra/ log/
Create a mysql root password, if you haven't already (password in this example is samplepass:
[your root shell] # /usr/bin/mysqladmin -u root password samplepass
Create a MySQL database for cacti:
[your root shell] # mysqladmin --user=root --password=samplepass create cacti
Change directories to the cacti directory, and use the cacti.sql file to create tables for your database:
[your root shell] # cd /var/www/html/cacti
[your root shell- cacti] # mysql --user=root --password=samplepass cacti < cacti.sql

I also created a MySQL username and password for Cacti:

[your root shell] # mysql --user=root --password=samplepass
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 28
Server version: 5.0.45 Source distribution

Type 'help;' or 'h' for help. Type 'c' to clear the buffer.

mysql> GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'samplepass';
Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> exit

Edit /var/www/html/cacti/include/config.php with your favorite editor, and update the information to reflect our cacti configuration (you can leave the other text in the file alone):
/* make sure these values refect your actual database/host/user/password */
$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cactiuser";
$database_password = "samplepass";
$database_port = "3306";
Create a cron job that polls for information for Cacti (I'm choosing to use /etc/crontab here):
[your root shell] # vim /etc/crontab
Add this line to your crontab:
*/5 * * * * cactiuser /usr/bin/php /var/www/html/cacti/poller.php > /dev/null 2>&1
Edit your PHP config file at /etc/php.ini/memory_limit in command mode.
[your root shell] # vim /etc/php.ini

I changed memory_limit = 8M to memory_limit = 128M

Before I check to see if Cacti works, I want to check and see if mysqld and httpd are running using the service command.
[your root shell] # /sbin/service mysqld status
[your root shell] # /sbin/service httpd status
If mysqld and httpd are running, great. If not, type:
[your root shell] # /sbin/service mysqld start 
[your root shell] # /sbin/service httpd start
If you're an "I need to see what the output looks like" type, here is an example of the previous command:
[your root shell] # /sbin/service mysqld status
mysqld is stopped
[your root shell] # /sbin/service mysqld start
Initializing MySQL database: Installing MySQL system tables...
Filling help tables...

To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system

To do so, start the server, then issue the following commands:
/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h localhost.localdomain password 'new-password'
See the manual for more instructions.
You can start the MySQL daemon with:
cd /usr ; /usr/bin/mysqld_safe &

You can test the MySQL daemon with mysql-test-run.pl
cd mysql-test ; perl mysql-test-run.pl

Please report any problems with the /usr/bin/mysqlbug script!

The latest information about MySQL is available on the web at
Support MySQL by buying support/licenses at http://shop.mysql.com
[ OK ]
Starting MySQL: [ OK ]

Figure 1

You should now be able to access cacti at http://localhost/cacti from the local computer or from any computer within your LAN network at http://your.internal.IP.address/cacti .

There should be a Cacti Installation Guide window that shows up, giving licensing info and the like. Click "Next".

Select "New Installation", since this is a new installation.

The next window to pop up should tell you whether Cacti could find the paths to all of the elements that Cacti needs to run, such as RRDtool, PHP, snmp stuff, etc. If everything but Cacti was installed via yum, you should be good here. Click "Finish" to save the settings and bring up the login window.

Figure 1 is a screenshot of the login window. The default user name is admin. The default password is admin. It should prompt an automatic password change for the admin account when you log in the first time.

Figure 2

If you successfully log in, I'd recommend taking a break here. Depending on how fast you are, your cron job may not have had enough time to run the poller program and create data for your graphs. I'd suggest taking a deep breath, or brewing a cup of tea (or coffee) for yourself.

The localhost machine should have some graph templates that are already created, but you can click the "Create Additional Devices" link to add graphs for any other machines on your network. I added my FreeNAS box (tutorial for that to follow).

Figure 3

After having consumed your beverage of choice, press the "Graphs" button. Cacti should have a graph showing you a couple minutes of data for the machines you have added. The longer your machine is on, the more informational the graphs will be. Also, if you click on a particular graph, Cacti will show you more detail by redrawing the graph on the fly.  Cacti is a very flexible tool that allows you to change the colors being graphed as well as the metrics for graphing very easily.  Congratulations! You're now monitoring!

View the Cacti documentation page for more information on how to take advantage of Cacti's features.

Figures 2 and 3 display some graphs that were made using Cacti.

Visit zootlinux.blogspot.com for more tutorials and news!

Thursday, February 9, 2012

Binding jboss as7 to all interfaces

Q: I'm running JBoss AS7 in a standalone mode using ./standalone.sh. This binds JBOSS to only localhost. Is there a way to bind it to all the hosts, i mean The older versions had -b option to pass, i cant find any options to use over here.

A: Edit standalone/configuration/standalone.xml and insert the tag any-address instead of inet-address bound to - Sample:

<interface name="management">
<inet-address value=""/>
<interface name="public">
<inet-address value=""/>

CentOS v5.x v6.x Firewwalls

For CentOS v5.x v6.x firewall is auto enable after setup.
Remember to reconfig or turn it off for testing, etc.