Linux Kernel-4.3 Compilation from source

  11/02/2015       Nitin J Mutkawoa      Add Comment

The Linux Kernel 4.3 has been released today, Monday the 2nd of November 2015. I have compiled it from source on a Virtual Box CentOS 7 minimum install the virtual machine for some further testing. I have also used my same old configuration file. You can also view detailed packages and commits on the git repo. Here, is a brief idea how to compile it from source.


Linux_kernel_map
Linux Kernel Map – Photo credits Wikipedia

1. You will need to download all the pre-requirements if you are on a minimum install.


yum groupinstall "Development Tools"
yum install ncurses-devel bc hmaccalc zlib-devel elfutils-libelf-devel binutils-devel qt-devel

2. Download the wget tools to download the Kernel itself.

yum install wget

3.Download and untar the kernel directory

wget https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.3.tar.gz
tar -xvzf linux-4.3.tar.gz

4. You will need to ensure that the decompressed directory is in the /usr/src/kernels directory. If you have untar it at a location other than this one move the Linux-4.3 directory in the /usr/src/kernels

5. Choose your default kernel configuration options


make menuconfig

6. To use the old config file

make oldconfig

7. Compiling the kernel

make

8. Installing the kernel

make modules_install install

Tips:

    • Be sure to get rid of too many old kernels files in the /boot directory to do not get confused.
    • You can also use the command make olddefconfig to set the default values without prompting anew for configuration.
    • To set different boot options use the command sudo grub2-set-default 0 – 0, in this case, is the default kernel.
    • The command make usually take lots of time. If you have 4 vCPU, you can use make like this: make -j 4 where j stands for jobs and 4 for all the 4 CPUs


  • uname -r allows you to find your kernel version. Example uname -r gives me 3.19.0-25-generic; i.e the letter 3 is the major, number 19 is the minor (developmental stage) and 0 is the revision number

   Linux System      , ,

Linux Kernel crash simulation using Kdump

  10/29/2015       Nitin J Mutkawoa      Add Comment

There are several reasons for a Linux Kernel Crash which may include hangs, hardware and software errors. We usually consider a “Kernel hangs” and a “Kernel crash” as just a ‘crash’. In fact, these are totally two different issues; a “hang” occurs due to a time-consuming operation whilst a “crash” occurs instantaneously leading to a reboot. However, during the crash process prior to the reboot, the kernel will register “oops” messages.


In this article, I will lay emphasis on the installation of the tools for analyzing Linux Kernel crash. I will elaborate more on Linux Kernel errors in a future article. Right now, we will look at the installation of Kdump – Kernel dump, a Linux kernel dumping mechanism which uses a ‘kexec mechanism‘ to enable us to collect a ‘dump’ of the Linux kernel called “vmcore” (virtual memory core). Whatever event occurred during the time of the crash is registered in the “vmcore” for future analysis.


tux-logo

“Kdump uses kexec to quickly boot to a dump-capture kernel whenever a dump of the system kernel’s memory needs to be taken (for example, when the system panics). The system kernel’s memory image is preserved across the reboot and is accessible to the dump-capture kernel.”Kernel.org

Follow the steps below:

1. On both CentOS 6/7, you will need to install the kexec package using the command yum install kexec-tools

2.vim /boot/grub/grub.conf and for the kernel you are actually running edit the parameter crashkernel = auto and replace it with crashkernel= 128M (I tested it on a virtual machine with 1024MB)

3. Start the Kdump service using the command service kdump start

4. Save this parameter and verify it using the command cat /proc/cmdline. Here is a screenshot of how it should look

Screenshot from 2015-10-29 23:57:42

5. You would notice that the Kdump have the following configuration files using the command rpm -qc kexec-tools

  • /etc/kdump.conf
  • /etc/rc.d/init.d/kdump
  • /etc/sysconfig/kdump
  • /etc/udev/rules.d/98-kexec.rules

6. You can also choose the location to save your vmcore. By default, it will be saved in /var/crash/. However, if your /var directory is assigned to a different partition with low disk space, you can choose exactly where you want to generate your vmcore by modifying the parameter path /var/crash in the /etc/kdump.conf file.

7. After modification, you will need to restart the kdump service using the command service kdump restart.

8. Now the last step is to crash the machine thus creating a vmcore. Use the command echo c > /proc/sysrq-trigger. You would notice that this will take some time and the server will reboot by itself. A crash simulation has been done.

9. You will notice now after the reboot that a vmcore file has been created in the /var/crash directory.

Screenshot from 2015-10-30 00:15:18

10. The size of the vmcore depends on the consequence of the crash. In this simulation its just 19M. It also depends on the kernel activity during the time of the crash.

Tips:

  • You can also specify crashkernel = auto on a 64-bit machine. However, you can calculate it as follows:
  • If your RAM is greater than 0 GB  and less than 2 GB use 128 MB
  • If your RAM is greater than 2 GB and less than 6 GB use 256 MB
  • If your RAM is greater than 6 GB and less than 8 GB use 512 MB and so on
  • You can also test with less than 128 MB, it may work but the reliability and consistency is cautioned
  • If the kdump service does not start after a fresh installation, you might need to reboot your machine.
  • Since you have allocated a portion of the memory to the kdump, you might need to reboot your machine again and test it with a free -m



   Linux System      ,

Debug your Internet bugs and vulnerabilities with ICSI Netalyzr

  10/28/2015       Nitin J Mutkawoa      Add Comment

Can your Network be easily compromised? Is your Internet vulnerable? You might want to perform some tests on the Quality of Service your Internet Service Provider – ISP is providing you. It can also be more dangerous if your ISP is also your router vendor! One of the fast and reliable tools which I would propose is the ICSI Netalyzr tool which tests your internet connections for signs of trouble and provides you detailed report vulnerabilities, latency, and several tests. The test can be performed by almost anyone with just a simple click.

“ICSI Netalyzr is a service maintained by the Networking Group at the International Computer Science Institute, an affiliate with the University of California, Berkeley and funded by the National Science Foundation. The service got some publicity and found importance after late 2007 when Comcast was sued for throttling Internet traffic which Comcast later admitted being true.” – freewareGenius

Debug your Internet bugs and vulnerabilities with ICSI Netalyzr 1

The report consists of:

  • A summary of the Noteworthy Events
  • Addresses-based Tests
  • Reachability Tests
  • Network Access Link Properties
  • HTTP and DNS tests
  • IPV6 tests and Network Security Protocols
  • Host Properties

I made several tests myself and notice that many routers are vulnerable to attacks. One of the tests I made from a Netgear router DG series intentionally downgraded with an old firmware from the official website of Netgear was found to be vulnerable. Click here on this link to access to the Netalyzr tool. I would, however, recommend you to use DD-WRT or OpenWRT for best QoS.

Example - A Netgear router vulnerable to CVE-2012-5958 and CVE-2012-5959
Example – A Netgear router vulnerable to CVE-2012-5958 and CVE-2012-5959

You could also check for DNS resolution, Latency issues and Measurement of your Network buffering capacity. You would need to authorize your browser to access a JAVA plugin to be able to perform the test.

You can also perform your test using the Android App as well as on the Netalyzer command line client.


   Networking, Security      ,

Seven steps to compile Python3.5.0 from source

  10/26/2015       Nitin J Mutkawoa      2 Comments

After a minimal install of Centos7, you would notice that your version of Python would be maybe 2.7.5 which may not be compatible with other applications you are actually using. To be updated to the latest version, one of the possibilities is to compile your own Python from Source.

python


Here are the steps that you can follow to compile your own Python. At the time, I am writing this article the latest version is Python-3.5.0. You can refer to this link for future versions.

1. Download the prerequisites. I would also recommend an update before downloading the prerequisites.

yum update -y && yum install yum-utils make wget

2. To be able to compile your Python, you will need to download some requirements which will facilitate the compilation tasks


yum-builddep python

3.Download the Python package

wget https://www.python.org/ftp/python/3.5.0/Python-3.5.0.tgz

4.Untar your Python Package

tar xvzf Python-3.5.0.tgz

5. Get into the Package and fire the following commands

./configure
make

6. If the make process is successful, you can now start the installation with the following command

make install

7.Python-2.7 is usually the default version. You will need to specify your OS to run with the new version.


alias python='/usr/local/bin/python-3.5'

We now have the python-3.5 installed and ready for use.


   Linux Application      ,

Linux server Monitoring with Nodequery

  10/25/2015       Nitin J Mutkawoa      Add Comment

One of the best ways to which I think bloggers can monitor traffic on their website is by using Nodequery. Though it is well adapted for huge businesses, I am sure you would like to adventure on this Public API. NodeQuery is currently in public beta and completely free of charge.






Linux server Monitoring with Nodequery 2
Photo Credits to Nodequery.com

To install NodeQuery, you will need to register on the official website. You will be prompted to install the Agent on your machine by downloading it from Github using the command https://raw.github.com/nodequery/nq-agent/master/nq-install.sh

After installation, you need to launch the bash script and immediately after less than 3 minutes your server is being monitored.






For the free version, you have the possibilities to have a full overview of your system, Network Usage, Network latency, Average Load, Ram and Swap Usage, Disk Usage and the Top Processes.

Well, there are several more features to explore.

Cool isn’t it?


   Linux Application, Linux System      ,