Category: Work Notes

SMB/CIFS connection timeout kernel-3.10.0-957.21.3.el7

After upgrading to kernel-3.10.0-957.21.3.el7 on a CentOS server, I experienced connection timeout issues on Windows servers trying to access SMB shares. On the contrary, I was able to access the share using a Linux system without any problem.

The bug was reported in CentOS Bug Tracker and it’s caused by one of the patches applied to address CVE-2019-11478.

Some applications set tiny SO_SNDBUF values and expect TCP to just work.
Recent patches to address CVE-2019-11478 broke them in case of losses, since re-transmits might be prevented.

To (temporarily) fix this issue, I increased SO_SNDBUF value in /etc/samba/smb.conf:

socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=65536 SO_SNDBUF=65536

 

Reset root password on CentOS

In the GRUB menu, select the kernel to edit and press e.

Go to the line starting with linux16 and add rd.break. You can remove rhgb quiet to see the boot process. Press Ctrl+x to boot in single user mode.

To access the system type mount -o remount,rw /sysroot and chroot /sysroot to treat sysroot as root directory.

Use passwd to change root password or pam_tally2 to unlock the account.

touch /.autorelabel to tell SELinux to do a restoreconf on next boot.

Exit and reboot.

Using DNF with a proxy

Edit the /etc/dnf/dnf.conf file, adding these parameters in the [main] section:

proxy=http://proxy.compukitty.net:9090
proxy_username=compuk
proxy_password=compukpass

proxy_username and proxy_password are optional, based on your proxy server configuration.

Logrotate basics

By default, logrotate runs once a day, using a cron scheduler from /etc/cron.daily/

# ls /etc/cron.daily/
logrotate

Configuration files for logrotate:

  • default configuration /etc/logrotate.conf:
$ cat /etc/logrotate.conf
# see "man logrotate" for details
# rotate log files weekly
weekly

# keep 4 weeks worth of backlogs
rotate 4

# create new (empty) log files after rotating old ones
create

# use date as a suffix of the rotated file
dateext

# uncomment this if you want your log files compressed
#compress

# RPM packages drop log rotation information into this directory
include /etc/logrotate.d

# system-specific logs may be also be configured here.

Continue reading

Leaving incrond for systemd.path

I’ve been having problems with incrond for months; after trying to upgrade from version 0.5.10, incrond would not trigger after a specified event occurred in the monitored path.

After upgrading to version 0.5.12-9 (I couldn’t use 0.5.10 because of security policies), incrond has started behaving in a completely random way: sometimes it was triggered as expected but some other times (way too many), nothing was happening.

This was the entry in incrontab:

/home/elena/upload IN_CLOSE_WRITE /bin/find $@ -type f -exec /bin/chmod g+rw {} \+

Writing a script and adding it to crontab was out of question; here is where systemd came in handy, with path units.

A .path unit (systemd.path) monitors a file or directory and it calls a .service unit (systemd.service), usually with the same name, when something happens to the monitored file or directory.Continue reading

AWK basics

Printing columns

Print all the columns:

$ awk '{print $0}' FILE

Print the 1 column:

$ awk '{print $1}' FILE

Print the last column:

$ awk '{print $NF}' FILE

Print multiple columns:

$ awk '{print $1 $3}' FILE

Specifying field separator

By default, awk uses space and tab as field separator. You can specify how fields are separated using the -F option.

$ awk -F "/" '{print $1}' FILE

Excluding columns

Print all the columns but not the 2 one:

$ awk '{$2=""; print $0}' FILE

Print all the columns but not 1 and 2:

$ awk '{$1=$2=""; print $0}' FILE