Adding RPM Fusion Repository
Command Line Setup using rpm
To enable access to both the free and the nonfree repository use the following command:
Fedora 15, 16 and 17:
su -c ‘yum localinstall –nogpgcheck http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm’
RHEL 6 or compatible like CentOS:
su -c ‘yum localinstall –nogpgcheck http://download1.rpmfusion.org/free/el/updates/6/i386/rpmfusion-free-release-6-1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/6/i386/rpmfusion-nonfree-release-6-1.noarch.rpm’
Tags: Fusion, repository, rpm
The yum history command
The yum history command allows users to review information about a timeline of Yum transactions, the dates and times on when they occurred, the number of packages affected, whether transactions succeeded or were aborted, and if the RPM database was changed between transactions. Additionally, this command can be used to undo or redo certain transactions.
Listing Transactions
To display a list of twenty most recent transactions, as root, either run yum history with no additional arguments, or type the following at a shell prompt:
Examples
[fedora@localhost ~]$ sudo yum history list
Loaded plugins: langpacks, presto, refresh-packagekit
ID | Login user | Date and time | Action(s) | Altered
——————————————————————————-
8 | fedora | 2012-08-09 20:04 | Install | 1
7 | fedora | 2012-08-07 00:32 | Install | 40
6 | fedora | 2012-08-06 23:29 | Install | 1
5 | fedora | 2012-08-06 23:23 | Install | 3 <
4 | fedora | 2012-08-06 22:49 | Install | 5 >
3 | fedora | 2012-08-06 22:46 | Install | 2
2 | fedora | 2012-08-06 22:01 | Update | 1
1 | System | 2012-05-23 02:09 | Install | 1046
history list
Tags: command, history, yum
Fedora systemctl command line tool
start, stop, and restart the services on the command line using the systemctl utility.
Configuring Services
To allow you to configure which services are started at boot time, Fedora is shipped with the systemctl command line tool. Do not use the ntsysv and chkconfig utilities. Although it is still possible to use the ntsysv and chkconfig utilities to manage services that have init scripts installed in the /etc/rc.d/init.d/ directory, it is advised that you use the systemctl utility.
Enabling the Service
To configure a service to be automatically started at boot time, use the systemctl command in the following form:
systemctl enable service_name.service
Running the Service
To run a service, use the systemctl command in the following form:
systemctl start service_name.service
Unit Commands:
list-units List loaded units
start [NAME...] Start (activate) one or more units
stop [NAME...] Stop (deactivate) one or more units
reload [NAME...] Reload one or more units
restart [NAME...] Start or restart one or more units
try-restart [NAME...] Restart one or more units if active
reload-or-restart [NAME...] Reload one or more units is possible,
otherwise start or restart
reload-or-try-restart [NAME...] Reload one or more units is possible,
otherwise restart if active
isolate [NAME] Start one unit and stop all others
kill [NAME...] Send signal to processes of a unit
Tags: command, Fedora, systemctl, tool
How to Restrict Permissions on Files Used by cron
1. Restrict the permissions on the primary system crontab file.
# chown root:root /etc/crontab
# chmod 600 /etc/crontab
2. If anacron has not been removed, restrict the permissions on its primary configuration.
# chown root:root /etc/anacrontab
# chmod 600 /etc/anacrontab
3. Restrict the permission on all system crontab directories:
# cd /etc
# chown -R root:root cron.hourly cron.daily cron.weekly cron.monthly cron.d
# chmod -R go-rwx cron.hourly cron.daily cron.weekly cron.monthly cron.d
4. Restrict the permissions on the spool directory for user crontab files.
# chown root:root /var/spool/cron
# chmod -R go-rwx /var/spool/cron
Cron and anacron make use of a number of configuration and directories. The system crontabs need only be edited by root, and user crontabs are edited using the setuid root crontab command. If unprivileged users can modify system configuration, they may be able to gain elevated privileges, so all unnecessary access to these files should be disabled.
Tags: cron, Files, permissions, Restrict
How to Inspect and Activate Default Rules
View the currently-enforced iptables rules by running the command:
# iptables -nL –line-numbers
The command is analogous for the ip6tables program.
If the firewall does not appear to be active (i.e., no rules appear), activate it and ensure that it starts at boot by issuing the following commands (and analogously for ip6tables):
# service iptables restart
# chkconfig iptables on
Tags: Activate, Inspect, Rules