How to Download CentOS 7 ISO

Download CentOS 7 ISO

In July 2014, a welcome version of CentOS 7 which tagged as 1406 (CentOS 7.0) officially released. As of end-March 2015, the second CentOS 7 release tagged as 1503 (CentOS 7.1) is available for download and CentOS 7.2  that was tagged as 1511 was released on 14 December 2015.

As of end-March 2015, the second CentOS 7 release tagged as 1503 (CentOS 7.1) is available for download and CentOS 7.2  that was tagged as 1511 was released on 14 December 2015.

The latest release supersedes all previously released content for CentOS 7, therefore it is recommended for all users to upgrade their CentOS machines. This article will list the URL to download CentOS 7 ISO images.

CentOS is an Enterprise-class Linux Distribution derived from sources freely provided to the public by Red Hat.For those who do not want to perform

For those who do not want to perform fresh install of CentOS 7 on the existing machine, you also can get CentOS 7 running by following the upgrade path from CentOS-6 to CentOS-7.

But this path is only supported from the latest version of CentOS-6 (being 6.7 at the time of writing) to the latest version of CentOS-7.

Mirror list to download CentOS 7 ISO images available :

a) Download centos 7 64 bit (4.0GB)
b) Download centos 7 64 bit Everything (7.1GB)
c) Download centos 7 netinstall
d) Download centos 7 live cd

The following alternate mirrors should also have the ISO images available.

Before you download, you also can read the Major Changes for CentOS 7.0 (1406) :
As with every first major release most of the packages have changed and have been updated to more recent versions. It would exceed the scope of this document to list them all. Most notable changes are:

  • Kernel updated to 3.10.0
  • Support for Linux Containers
  • Open VMware Tools and 3D graphics drivers out of the box
  • OpenJDK-7 as default JDK
  • In Place Upgrade from 6.5 to 7.0 (as already mentioned)
  • LVM-snapshots with ext4 and XFS
  • Switch to systemd, firewalld and GRUB2
  • XFS as default file system
  • iSCSI and FCoE in kernel space
  • Support for PTPv2
  • Support for 40G Ethernet Cards
  • Supports installations in UEFI Secure Boot mode on compatible hardware

Major Changes for CentOS 7.1 (1503)

  • As of March 2015 ABRT (>= 2.1.11-19.el7.centos.0.1) can report bugs directly to You can find information about that feature at this page
  • Support for new processors (Intel Broadwell) and graphics (AMD Hawaii)
  • Full support for LVM cache
  • Ability to mount ceph block devices
  • Updated Hyper-V network drivers
  • New libguestfs features
  • Full support for OpenJDK-1.8.0
  • Improved clock stability (for PTP and NTP)
  • Updated Networkmanager packages to version 1.0
  • Updated docker to 1.4.1
  • Updated OpenSSH to 6.6.1
  • New package: Mozilla Thunderbird
  • Update to numerous storage, network and graphics drivers
  • Technology Preview: Support of the Btrfs file system, OverlayFS and the Cisco VIC kernel driver

Major Changes for CentOS 7.2 (1511)

  • Since release 1503 (abrt>= 2.1.11-19.el7.centos.0.1) CentOS-7 can report bugs directly to You can find information about that feature at this page
  • sudo is now capable of verifying command checksums
  • A Kerberos https proxy is now available for identity management
  • NSS no longer accepts DH key parameters < 768 nor RSA/DSA certificates with key sizes < 1024 bits, NSS also now enables TLS1.1/1.2 by default
  • various packages now support TLS1.1/1.2 and EC ciphers
  • The maximum number of SCSI LUNs has been increased
  • The virt-v2v command line tool is now fully supported
  • dd can now show transfer progress
  • OpenJDK7 now supports ECC for TLS connections
  • TPM version 2.0 driver level support has been added
  • tcpdump now supports nanosecond timestamps
  • Various updates to the networking stack (i.e. VXLANs, Data Center TCP, TCP/IP Stack, IPSec, …)
  • Various atomic related packages have been updated
  • Update to the libATA, FCoE and DCB storage drivers
  • Updates to various storage, network and graphics drivers
  • Anaconda now supports NFS when adding additional repos during install
  • Major rebases for the following: Gnome from 3.8 to 3.14, KDE from 4.3 to 4.14, Xorg-X11-Server from 1.15 to 1.17, libreoffice from 4.2.8 to 4.3.7. openldap from 2.4.39 to 2.4.40 and more.

Read more on CentOS 7 Release Notes

I hope this article gives you some ideas and quick guide on where you can download CentOS 7 ISO.


How to Install Linux FTP Server using Vsftpd

Vsftpd stands for Very Secure FTP Daemon. Vsftpd is not just another popular Unix / Linux FTP Server, but vsftpd delivering outstanding performance by taking less memory. It is running under xinetd and allows you run one process less because xinetd is shared among various other small services. For those webmasters or blogger who intend to run web server on Virtual Private Server (VPS) or Dedicated Server, Vsftpd would be the best choice. It is easy to install and can perform all that we expect from an FTP daemon while maintaining a higher level of security if configured properly. This article focuses on and covers the installation and configuration of the FTP server Vsftpd on CentOS Linux VPS.

1. Installing Linux FTP Server, vsftpd using yum command :

# yum install vsftpd -y

2. Makesure that xinetd has been installed :

# rpm -qa xinetd

If not installed, execute the following command :

# yum install xinetd -y

3. Make xinetd and Vsftpd daemon start at boot :

# chkconfig vsftpd on
# chkconfig xinetd on

4. It is recommended to do backup of your original configuration file, before do changes :

# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf-bak

5. Configure Vsftpd :

# vi /etc/vsftpd/vsftpd.conf

a) Uncomment ftpd_banner and customize the login banner string as below :

# You may fully customise the login banner string:
ftpd_banner=Welcome to Linux FTP service.

b) This step is to configure not allowed users. By default root account is not allowed to login the vsftpd server as it’s existed on /etc/vsftpd/ftpusers. To allow it, open /etc/vsftpd/ftpusers files and remove or comment on the line of a user “root”. Users whose name are set in this file will not allow to login from ftp.

# cat /etc/vsftpd/ftpusers
# Users that are not allowed to login via ftp

6. Test root login from windows command prompt at client PC using user, ehowstuff :

Connected to
220 Welcome to Linux CentOS FTP service.
User ( ehowstuff
331 Please specify the password.
230 Login successful.

If you encounter any issues when setting up linux ftp server, you can put a few questions in the comments below.

linux ftp server

Credit :


How to Change RunLevel on CentOS 7 / RHEL 7

Old method to change the runlevel via /etc/inittab in Redhat Enterprise Linux version and CentOS server has become obsolete on RHEL 7 and CentOS 7. This latest Linux operating system uses systemd system management daemon and relies on systemctl command in order to change the runlevel. RunLevel is set with linking to /etc/systemd/system/ Please make sure you have already install Gnome GUI before you proceed to change runlevel.

1. Check the current runlevel :

# runlevel
N 3


# systemctl get-default

2. We can display the by using list command :

# ll /etc/systemd/system/
lrwxrwxrwx. 1 root root 37 Sep  1  2014 /etc/systemd/system/ -> /lib/systemd/system/

3. For example to list all currently loaded targets :

# systemctl list-units -t target
UNIT                LOAD   ACTIVE SUB    DESCRIPTION        loaded active active Basic System   loaded active active Encrypted Volumes        loaded active active Login Prompts loaded active active Local File Systems (Pre)     loaded active active Local File Systems   loaded active active Multi-User System      loaded active active Network        loaded active active Paths    loaded active active Remote File Systems       loaded active active Slices      loaded active active Sockets         loaded active active Swap      loaded active active System Initialization       loaded active active Timers

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.

14 loaded units listed. Pass --all to see loaded but inactive units, too.
To show all installed unit files use 'systemctl list-unit-files'.

4. Type the following command to change the RunLevel to Graphical-login :

# systemctl set-default
rm '/etc/systemd/system/'
ln -s '/usr/lib/systemd/system/' '/etc/systemd/system/'

5. Verify the changed runlevel :

# runlevel
N 5


# systemctl get-default

6. Reboot the server to login to GNOME gui.


How to Install Webmin 1.720 on CentOS 6/RHEL 6

Webmin is a web-based free software that is created for the administration of the system for linux and unix . It is managed through the graphical web interface that is very user friendly and suitable for beginners who are less familiar with linux command line utility. However, a recent version can also be installed and running on the Windows operating system. Webmin can be managed using a modern web browser like google chrome, mozilla firefox and internet explorer. If you are a website operator or system administrator of the virtual private server (VPS) or dedicated server, it is appropriate to use webmin as a platform to manage the system, it will make your life easier.

With webmin, system administrators can perform system administration and configuration task of such a setup user accounts, Apache configuration, DNS management, MySQL database administration, file sharing administration and more. As a reference, I have document the steps of how to setup Webmin 1.720 on CentOS 6/RHEL 6 using source instalation.

1. Download Webmin :

[root@centos66 ~]# wget

2. Create /software and extract webmin from where it was downloaded :

[root@centos66 ~]# mkdir -p /software
[root@centos66 ~]# tar xzvf webmin-1.720.tar.gz
[root@centos66 ~]# cd webmin-1.720

3. Run script :

[root@centos66 webmin-1.720]# ./ /software/webmin

Example :

[root@centos66 webmin-1.720]# ./ /software/webmin

When the script is run, it will ask the following questions :
The Webmin configuration directory
The directory in which all Webmin configuration information is stored. This is now separate from the Webmin install directory, so that configurations are saved when you upgrade. 
If you have previously installed Webmin and use the same config directory, this will be the only question asked.
The Webmin log directory
The location for pid and webserver log files.
The full path to perl on your system
This is usually /usr/bin/perl or /usr/local/bin/perl
Your Operating system type
In Webmin versions 0.990 and above, this question is only asked if your operating system cannot be automatically determined.
The setup script will display a list of supported systems. If your OS is not on the list, you can try choosing the closest match. However this may not work properly, and may even cause serious problems!
Web server port
The TCP port that the Webmin web server will listen on.
Web server login and password
The login name and password used to acess the Webmin web server.
Web server hostname
The hostname of the machine on which Webmin will run.
This question will only be asked if your system has the Perl SSL libraries installed. See below for more..
Start Webmin at boot time
If your OS is supported, Webmin will ask if you want to have it automatically started at boot time.
Assuming you answer all the above questions correctly, the Webmin web server will be started and the setup script will give you the URL to go to. Enter this URL into your browser, and you will be prompted for the login and password that you choose in Once you have logged in your browser should show the main Webmin page, on which is an icon for each module you have installed.
Typically you can connect to Webmin at http://localhost:10000/. Or if accessing it remotely, replace localhost with your system's IP address.
[root@centos66 webmin-1.720]# ./ /software/webmin
*            Welcome to the Webmin setup script, version 1.720        *
Webmin is a web-based interface that allows Unix-like operating
systems and common Unix services to be easily administered.

Installing Webmin from /root/webmin-1.720 to /software/webmin ...

Webmin uses separate directories for configuration files and log files.
Unless you want to run multiple versions of Webmin at the same time
you can just accept the defaults.

Config file directory [/etc/webmin]:
Log file directory [/var/webmin]:

Webmin is written entirely in Perl. Please enter the full path to the
Perl 5 interpreter on your system.

Full path to perl (default /usr/bin/perl):

Testing Perl ...
Perl seems to be installed ok

Operating system name:    CentOS Linux
Operating system version: 6.6

Webmin uses its own password protected web server to provide access
to the administration programs. The setup script needs to know :
 - What port to run the web server on. There must not be another
   web server already using this port.
 - The login name required to access the web server.
 - The password required to access the web server.
 - If the webserver should use SSL (if your system supports it).
 - Whether to start webmin at boot time.

Web server port (default 10000):
Login name (default admin):
Login password:
Password again:
The Perl SSLeay library is not installed. SSL not available.
Start Webmin at boot time (y/n): y
Copying files to /software/webmin ..

Creating web server config files..

Creating access control file..

Inserting path to perl into scripts..

Creating start and stop scripts..

Copying config files..

Configuring Webmin to start at boot time..

Creating uninstall script /etc/webmin/ ..

Changing ownership and permissions ..

Running postinstall scripts ..
Subroutine setup_ca redefined at /software/webmin/webmin/ line 77.
Subroutine install_webmin_module redefined at /software/webmin/webmin/ line 127.
Subroutine grant_user_module redefined at /software/webmin/webmin/ line 439.
Subroutine delete_webmin_module redefined at /software/webmin/webmin/ line 480.
Subroutine file_basename redefined at /software/webmin/webmin/ line 589.
Subroutine gnupg_setup redefined at /software/webmin/webmin/ line 603.
Subroutine list_standard_modules redefined at /software/webmin/webmin/ line 631.
Subroutine standard_chooser_button redefined at /software/webmin/webmin/ line 663.
Subroutine list_third_modules redefined at /software/webmin/webmin/ line 676.
Subroutine third_chooser_button redefined at /software/webmin/webmin/ line 708.
Subroutine get_webmin_base_version redefined at /software/webmin/webmin/ line 719.
Subroutine base_version redefined at /software/webmin/webmin/ line 729.
Subroutine get_newmodule_users redefined at /software/webmin/webmin/ line 740.
Subroutine save_newmodule_users redefined at /software/webmin/webmin/ line 762.
Subroutine get_miniserv_sockets redefined at /software/webmin/webmin/ line 786.
Subroutine fetch_updates redefined at /software/webmin/webmin/ line 834.
Subroutine check_update_signature redefined at /software/webmin/webmin/ line 901.
Subroutine find_cron_job redefined at /software/webmin/webmin/ line 932.
Subroutine get_ipkeys redefined at /software/webmin/webmin/ line 944.
Subroutine save_ipkeys redefined at /software/webmin/webmin/ line 965.
Subroutine validate_key_cert redefined at /software/webmin/webmin/ line 997.
Subroutine detect_operating_system redefined at /software/webmin/webmin/ line 1018.
Subroutine show_webmin_notifications redefined at /software/webmin/webmin/ line 1053.
Subroutine get_webmin_notifications redefined at /software/webmin/webmin/ line 1069.
Subroutine get_system_uptime redefined at /software/webmin/webmin/ line 1271.
Subroutine list_operating_systems redefined at /software/webmin/webmin/ line 1318.
Subroutine shared_root_directory redefined at /software/webmin/webmin/ line 1343.
Subroutine submit_os_info redefined at /software/webmin/webmin/ line 1380.
Subroutine get_webmin_id redefined at /software/webmin/webmin/ line 1408.
Subroutine ip_match redefined at /software/webmin/webmin/ line 1424.
Subroutine prefix_to_mask redefined at /software/webmin/webmin/ line 1519.
Subroutine valid_allow redefined at /software/webmin/webmin/ line 1533.
Subroutine get_preloads redefined at /software/webmin/webmin/ line 1591.
Subroutine save_preloads redefined at /software/webmin/webmin/ line 1603.
Subroutine get_tempdirs redefined at /software/webmin/webmin/ line 1614.
Subroutine save_tempdirs redefined at /software/webmin/webmin/ line 1631.
Subroutine get_module_install_type redefined at /software/webmin/webmin/ line 1650.
Subroutine get_install_type redefined at /software/webmin/webmin/ line 1667.
Subroutine list_cached_files redefined at /software/webmin/webmin/ line 1697.
Subroutine show_restart_page redefined at /software/webmin/webmin/ line 1716.
Subroutine cert_info redefined at /software/webmin/webmin/ line 1734.
Subroutine cert_pem_data redefined at /software/webmin/webmin/ line 1775.
Subroutine cert_pkcs12_data redefined at /software/webmin/webmin/ line 1790.
Subroutine get_blocked_users_hosts redefined at /software/webmin/webmin/ line 1816.
Subroutine show_ssl_key_form redefined at /software/webmin/webmin/ line 1844.
Subroutine parse_ssl_key_form redefined at /software/webmin/webmin/ line 1888.
Subroutine parse_ssl_csr_form redefined at /software/webmin/webmin/ line 1961.
Subroutine build_installed_modules redefined at /software/webmin/webmin/ line 2035.
Subroutine get_latest_webmin_version redefined at /software/webmin/webmin/ line 2077.
Subroutine filter_updates redefined at /software/webmin/webmin/ line 2110.
Subroutine get_clone_source redefined at /software/webmin/webmin/ line 2152.
Subroutine retry_http_download redefined at /software/webmin/webmin/ line 2168.
Subroutine list_twofactor_providers redefined at /software/webmin/webmin/ line 2199.
Subroutine show_twofactor_apikey_authy redefined at /software/webmin/webmin/ line 2209.
Subroutine validate_twofactor_apikey_authy redefined at /software/webmin/webmin/ line 2221.
Subroutine show_twofactor_form_authy redefined at /software/webmin/webmin/ line 2246.
Subroutine parse_twofactor_form_authy redefined at /software/webmin/webmin/ line 2262.
Subroutine enroll_twofactor_authy redefined at /software/webmin/webmin/ line 2277.
Subroutine validate_twofactor_authy redefined at /software/webmin/webmin/ line 2308.
Subroutine validate_twofactor_apikey_totp redefined at /software/webmin/webmin/ line 2354.
Subroutine show_twofactor_form_totp redefined at /software/webmin/webmin/ line 2368.
Subroutine parse_twofactor_form_totp redefined at /software/webmin/webmin/ line 2382.
Subroutine generate_base32_secret redefined at /software/webmin/webmin/ line 2398.
Subroutine enroll_twofactor_totp redefined at /software/webmin/webmin/ line 2412.
Subroutine message_twofactor_totp redefined at /software/webmin/webmin/ line 2421.
Subroutine validate_twofactor_totp redefined at /software/webmin/webmin/ line 2435.
Subroutine canonicalize_ip6 redefined at /software/webmin/webmin/ line 2457.
Subroutine list_keys redefined at /software/webmin/webmin/ line 23.
Subroutine list_keys_sorted redefined at /software/webmin/webmin/ line 74.
Subroutine list_secret_keys redefined at /software/webmin/webmin/ line 82.
Subroutine key_fingerprint redefined at /software/webmin/webmin/ line 88.
Subroutine get_passphrase redefined at /software/webmin/webmin/ line 105.
Subroutine put_passphrase redefined at /software/webmin/webmin/ line 116.
Subroutine encrypt_data redefined at /software/webmin/webmin/ line 128.
Subroutine decrypt_data redefined at /software/webmin/webmin/ line 167.
Subroutine sign_data redefined at /software/webmin/webmin/ line 224.
Subroutine verify_data redefined at /software/webmin/webmin/ line 283.
Subroutine read_entire_file redefined at /software/webmin/webmin/ line 327.
Subroutine write_entire_file redefined at /software/webmin/webmin/ line 339.
Subroutine get_trust_level redefined at /software/webmin/webmin/ line 349.
Subroutine delete_key redefined at /software/webmin/webmin/ line 371.
Subroutine default_email_address redefined at /software/webmin/webmin/ line 398.
Subroutine fetch_gpg_key redefined at /software/webmin/webmin/ line 415.
Subroutine search_gpg_keys redefined at /software/webmin/webmin/ line 442.
Use of uninitialized value in -r at /software/webmin/webalizer/ line 16.

Enabling background status collection ..

Attempting to start Webmin mini web server..
Starting Webmin server in /software/webmin
Pre-loaded WebminCore

Webmin has been installed and started successfully. Use your web
browser to go to


and login with the name and password you entered previously.

4. Access webmin via http://centos66.ehowstuff.local:10000/ or http://IP-Address:10000/ :

How to use tmpwatch to Auto Clean Up Files and Logs in Linux

Tmpwatch is tools that recursively removes files which have not been used or accessed for certain period of time. In this post, i will describe how we can automate the clean up process on log directory on linux CentOS 6.6. You can use tmpwatch to safely remove unwanted files for a given time.

1. How to install tmpwatch package :

[root@centos66 ~]# yum install tmpwatch -y

2. As example, delete all logs in /var/log/nginx for more than 30d(30 days).

[root@centos66 ~]# /usr/sbin/tmpwatch 30d /var/log/nginx

3. Add the tmpwatch into the cronjob so that we can automate the removal process. As example let the removal task start 10PM every night.

0 22 * * * /usr/sbin/tmpwatch 30d /var/log/nginx

Thats All.

How to Install VMware Tools on RHEL 7/CentOS 7

VMware ToolsVMware Tools is one of important components for virtual machine (VM) in order get excellent performance. It is a group of utilities that help to enhances the overall performance of the virtual machine’s guest operating system (OS) and improves management of the VM. Without the VMware Tools, guest OS performance will lacks some of the important functionality. Below steps shows how to install the VMware Tools on RHEL 7, CentOS 7 and Oracle Linux 7.

How to Install VMware Tools ?

Option 1 (Recommended by VMware) – VMware support of open-vm-tools

open-vm-tools is an open source implementation of VMware Tools from third parties and contains utilities that enhances virtualization management, administration and functions of the virtual machine in VMware environments. The ultimate goal is to enable the operating system vendors and/or communities and virtual appliance vendors to bundle VMware Tools into their product releases.

# yum install open-vm-tools
Option 2 :

1. Install prerequisites :

# yum install perl gcc make kernel-headers kernel-devel -y

2. Attach the vmware tools sofware from vSphere client.

3. Mount the vmware tools package into /mnt :

# mount /dev/cdrom /mnt
mount: /dev/sr0 is write-protected, mounting read-only

4. Copy vmware tool packagae into /tmp :

# cd /mnt
# ls
manifest.txt     VMwareTools-9.4.0-1280544.tar.gz  vmware-tools-upgrader-64  vmware-tools-upgrader-32
# cp -p VMwareTools-9.4.0-1280544.tar.gz /tmp

5. Go to /tmp directory and extract the vmware tools package :

# cd /tmp
# tar xzvf VMwareTools-9.4.0-1280544.tar.gz

6. Go to extracted folder, vmware-tools-distrib :

# cd vmware-tools-distrib
# ls
bin  doc  etc  FILES  INSTALL  installer  lib

7. Run to start installation :

# ./


# ./
Creating a new VMware Tools installer database using the tar4 format.

Installing VMware Tools.

In which directory do you want to install the binary files?

What is the directory that contains the init directories (rc0.d/ to rc6.d/)?

What is the directory that contains the init scripts?

In which directory do you want to install the daemon files?

In which directory do you want to install the library files?

The path "/usr/lib/vmware-tools" does not exist currently. This program is
going to create it, including needed parent directories. Is this what you want?

In which directory do you want to install the documentation files?

The path "/usr/share/doc/vmware-tools" does not exist currently. This program
is going to create it, including needed parent directories. Is this what you
want? [yes]

The installation of VMware Tools 9.4.0 build-1280544 for Linux completed
successfully. You can decide to remove this software from your system at any
time by invoking the following command: "/usr/bin/".

Before running VMware Tools for the first time, you need to configure it by
invoking the following command: "/usr/bin/". Do you want
this program to invoke the command for you now? [yes]


Making sure services for VMware Tools are stopped.

Stopping vmware-tools (via systemctl):                     [  OK  ]

The module vmci has already been installed on this system by another installer
or package and will not be modified by this installer.

The module vsock has already been installed on this system by another installer
or package and will not be modified by this installer.

The module vmxnet3 has already been installed on this system by another
installer or package and will not be modified by this installer.

The module pvscsi has already been installed on this system by another
installer or package and will not be modified by this installer.

The module vmmemctl has already been installed on this system by another
installer or package and will not be modified by this installer.

The VMware Host-Guest Filesystem allows for shared folders between the host OS
and the guest OS in a Fusion or Workstation virtual environment.  Do you wish
to enable this feature? [no]

The vmxnet driver is no longer supported on kernels 3.3 and greater. Please
upgrade to a newer virtual NIC. (e.g., vmxnet3 or e1000e)

The vmblock enables dragging or copying files between host and guest in a
Fusion or Workstation virtual environment.  Do you wish to enable this feature?

VMware automatic kernel modules enables automatic building and installation of
VMware kernel modules at boot that are not already present. This feature can be

enabled/disabled by re-running

Would you like to enable VMware automatic kernel modules?

No X install found.

Creating a new initrd boot image for the kernel.
Starting vmware-tools (via systemctl):                     [  OK  ]
The configuration of VMware Tools 9.4.0 build-1280544 for Linux for this
running kernel completed successfully.

You must restart your X session before any mouse or graphics changes take

You can now run VMware Tools by invoking "/usr/bin/vmware-toolbox-cmd" from the
command line.

To enable advanced X features (e.g., guest resolution fit, drag and drop, and
file and text copy/paste), you will need to do one (or more) of the following:
1. Manually start /usr/bin/vmware-user
2. Log out and log back into your desktop session; and,
3. Restart your X session.


--the VMware team

8. Once successfully installed, make sure you umount back the /mnt :

# umount /mnt


How to Enable EPEL and Remi Repository into CentOS 6

EPEL stand for Extra Packages for Enterprise Linux. EPEL repository is a Fedora Special Interest Group that creates, maintains, and manages a high quality set of additional packages for Enterprise Linux, including, but not limited to, Red Hat Enterprise Linux (RHEL), CentOS and Scientific Linux (SL), Oracle Enterprise Linux(OEL). Remi repository is a yum repository maintained by a French dude – Remi Collet. This post describe the basic steps to prepare and install the additional CentOS packages with EPEL and Remi Repository into CentOS 6.

EPEL Repository

rpm --import
rpm -Uvh

Remi Repository

rpm --import
rpm -Uvh

Example :

[root@centos6 ~]# rpm --import
[root@centos6 ~]# rpm -Uvh
Preparing...                ########################################### [100%]
   1:epel-release           ########################################### [100%]
[root@centos6 ~]# rpm --import
[root@centos6 ~]# rpm -Uvh
Preparing...                ########################################### [100%]
   1:remi-release           ########################################### [100%]

Example of EPEl and Remi repo usage :

[root@centos6 ~]# yum --enablerepo=epel install httpd -y
[root@centos6 ~]# yum --enablerepo=remi install httpd -y

How to Install Sendmail Service on CentOS 6.5

This post will show how to install sendmail smtp service on CentOS 6.5. By default only postfix smtp service included in CentOS 6.5. Due to some reasons you will to run sendmail service instead of postfix. But the purpose of both services still the same providing SMTP email transport service and running as an email relay on your linux system.

1. Install sendmail :

[root@centos6.5 ~]# yum install sendmail -y
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package sendmail.x86_64 0:8.14.4-8.el6 will be installed
--> Processing Dependency: procmail for package: sendmail-8.14.4-8.el6.x86_64
--> Processing Dependency: for package: sendmail-8.14.4-8.el6.x86_64
--> Running transaction check
---> Package hesiod.x86_64 0:3.1.0-19.el6 will be installed
---> Package procmail.x86_64 0:3.22-25.1.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

 Package                Arch                 Version                       Repository          Size
 sendmail               x86_64               8.14.4-8.el6                  base               717 k
Installing for dependencies:
 hesiod                 x86_64               3.1.0-19.el6                  base                20 k
 procmail               x86_64               3.22-25.1.el6                 base               163 k

Transaction Summary
Install       3 Package(s)

Total download size: 900 k
Installed size: 1.9 M
Downloading Packages:
(1/3): hesiod-3.1.0-19.el6.x86_64.rpm                                        |  20 kB     00:00
(2/3): procmail-3.22-25.1.el6.x86_64.rpm                                     | 163 kB     00:00
(3/3): sendmail-8.14.4-8.el6.x86_64.rpm                                      | 717 kB     00:06
Total                                                               117 kB/s | 900 kB     00:07
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : procmail-3.22-25.1.el6.x86_64                                                    1/3
  Installing : hesiod-3.1.0-19.el6.x86_64                                                       2/3
  Installing : sendmail-8.14.4-8.el6.x86_64                                                     3/3
  Verifying  : hesiod-3.1.0-19.el6.x86_64                                                       1/3
  Verifying  : procmail-3.22-25.1.el6.x86_64                                                    2/3
  Verifying  : sendmail-8.14.4-8.el6.x86_64                                                     3/3

  sendmail.x86_64 0:8.14.4-8.el6

Dependency Installed:
  hesiod.x86_64 0:3.1.0-19.el6                    procmail.x86_64 0:3.22-25.1.el6


2. Start Sendmail service :

[root@centos6.5 ~]# service sendmail start
Starting sendmail:                                         [  OK  ]
Starting sm-client:                                        [  OK  ]

3. Test sendmail respond on port 25 :

[root@centos6.5 ~]# telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
Connected to localhost.
Escape character is '^]'.
220 centos6.5.ehowstuff.local ESMTP Sendmail 8.14.4/8.14.4; Sun, 10 Aug 2014 20:48:52 +0800

How to Install and Configure 389 LDAP Directory Server on CentOS 6.5

Install and Configure 389 LDAPA directory server provides a centralized directory service for your organization. It is alternative to windows active directory. This post will describes how to install and configure 389 LDAP Directory Server with a basic Lightweight Directory Access Protocol (LDAP) directory implementation. 389 Directory Server was formerly known as the Fedora Directory Server and it is an enterprise-class open source LDAP. 389 Directory server has been developed by Red Hat, as part of Red Hat’s community-supported Fedora Project.

Steps to Install and Configure 389 LDAP Directory Server

TCP and Files system Tuning :
a) Decrease the time default value for tcp_keepalive_time connection. Edit the /etc/sysctl.conf file and add the following lines to the bottom of sysctl.conf ”

[root@ldap ~]# echo "net.ipv4.tcp_keepalive_time = 300" >> /etc/sysctl.conf
b) Increase number of local system ports available by editing this parameter in the /etc/sysctl.conf file :
[root@ldap ~]# echo "net.ipv4.ip_local_port_range = 1024 65000" >> /etc/sysctl.conf

c) Increase the file descriptors by running these commands:

[root@ldap ~]# echo "64000" > /proc/sys/fs/file-max
[root@ldap-05 ~]# echo "fs.file-max = 64000" >> /etc/sysctl.conf

d) Increase ulimit in /etc/profile :

[root@ldap ~]# echo "ulimit -n 8192" >> /etc/profile

389 Installation :

1. Prepare EPEL Repository on CentOS 6 :
How to Prepare EPEL Repository on CentOS 6

What packages and versions are available in EPEL?
You can take a look on any of the available EPEL mirrors from our mirror list

Alternately, you can browse the package set using repoview:

2. Configure hostname, FQDN and host file has been configured correctly :   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6     ldap.ehowstuff.local

3. Make sure selinux is disabled :
Disable SELinux on CentOS 6.5

4. Install the 389 Directory Server packages :

[root@ldap ~]# yum install 389-ds -y

5. Fix Error: command ‘getsebool httpd_can_connect_ldap’ failed – output [getsebool: SELinux is disabled :

[root@ldap ~]# mkdir ~/bin
[root@ldap ~]# vi ~/bin/getsebool
echo on
exit 0
[root@ldap ~]# vi ~/bin/setsebool
exit 0
[root@ldap ~]# chmod +x ~/bin/*sebool

6. Run setup script to start configure the ldap service :

[root@ldap ~]# PATH=~/bin:$PATH

This program will set up the 389 Directory and Administration Servers.

It is recommended that you have "root" privilege to set up the software.
Tips for using this program:
  - Press "Enter" to choose the default and go to the next screen
  - Type "Control-B" then "Enter" to go back to the previous screen
  - Type "Control-C" to cancel the setup program

Would you like to continue with set up? [yes]:

Your system has been scanned for potential problems, missing patches,
etc.  The following output is a report of the items found that need to
be addressed before running this software in a production

389 Directory Server system tuning analysis version 23-FEBRUARY-2012.

NOTICE : System is x86_64-unknown-linux2.6.32-431.el6.x86_64 (1 processor).

Would you like to continue? [yes]:

Choose a setup type:

   1. Express
       Allows you to quickly set up the servers using the most
       common options and pre-defined defaults. Useful for quick
       evaluation of the products.

   2. Typical
       Allows you to specify common defaults and options.

   3. Custom
       Allows you to specify more advanced options. This is
       recommended for experienced server administrators only.

To accept the default shown in brackets, press the Enter key.

Choose a setup type [2]:

Enter the fully qualified domain name of the computer
on which you're setting up server software. Using the form

To accept the default shown in brackets, press the Enter key.

Warning: This step may take a few minutes if your DNS servers
can not be reached or if DNS is not configured correctly.  If
you would rather not wait, hit Ctrl-C and run this program again
with the following command line option to specify the hostname:

Computer name [ldap.ehowstuff.local]:

WARNING: There are problems with the hostname.
Hostname 'ldap.ehowstuff.local' is valid, but none of the IP addresses
resolve back to ldap.ehowstuff.local
- address resolves to host centos6.5.ehowstuff.local

Please check the spelling of the hostname and/or your network configuration.
If you proceed with this hostname, you may encounter problems.

Do you want to proceed with hostname 'ldap.ehowstuff.local'? [no]: yes

The servers must run as a specific user in a specific group.
It is strongly recommended that this user should have no privileges
on the computer (i.e. a non-root user).  The setup procedure
will give this user/group some permissions in specific paths/files
to perform server-specific operations.

If you have not yet created a user and group for the servers,
create this user and group using your native operating
system utilities.

System User [nobody]:
System Group [nobody]:

Server information is stored in the configuration directory server.
This information is used by the console and administration server to
configure and manage your servers.  If you have already set up a
configuration directory server, you should register any servers you
set up or create with the configuration server.  To do so, the
following information about the configuration server is required: the
fully qualified host name of the form
.(e.g., the port number
(default 389), the suffix, the DN and password of a user having
permission to write the configuration information, usually the
configuration directory administrator, and if you are using security
(TLS/SSL).  If you are using TLS/SSL, specify the TLS/SSL (LDAPS) port
number (default 636) instead of the regular LDAP port number, and
provide the CA certificate (in PEM/ASCII format).

If you do not yet have a configuration directory server, enter 'No' to
be prompted to set up one.

Do you want to register this software with an existing
configuration directory server? [no]:

Please enter the administrator ID for the configuration directory
server.  This is the ID typically used to log in to the console.  You
will also be prompted for the password.

Configuration directory server
administrator ID [admin]:
Password (confirm):

The information stored in the configuration directory server can be
separated into different Administration Domains.  If you are managing
multiple software releases at the same time, or managing information
about multiple domains, you may use the Administration Domain to keep
them separate.

If you are not using administrative domains, press Enter to select the
default.  Otherwise, enter some descriptive, unique name for the
administration domain, such as the name of the organization
responsible for managing the domain.

Administration Domain [ehowstuff.local]:

The standard directory server network port number is 389.  However, if
you are not logged as the superuser, or port 389 is in use, the
default value will be a random unused port number greater than 1024.
If you want to use port 389, make sure that you are logged in as the
superuser, that port 389 is not in use.

Directory server network port [389]:

Each instance of a directory server requires a unique identifier.
This identifier is used to name the various
instance specific files and directories in the file system,
as well as for other uses as a server instance identifier.

Directory server identifier [ldap]:

The suffix is the root of your directory tree.  The suffix must be a valid DN.
It is recommended that you use the dc=domaincomponent suffix convention.
For example, if your domain is,
you should use dc=example,dc=com for your suffix.
Setup will create this initial suffix for you,
but you may have more than one suffix.
Use the directory server utilities to create additional suffixes.

Suffix [dc=ehowstuff, dc=local]:

Certain directory server operations require an administrative user.
This user is referred to as the Directory Manager and typically has a
bind Distinguished Name (DN) of cn=Directory Manager.
You will also be prompted for the password for this user.  The password must
be at least 8 characters long, and contain no spaces.
Press Control-B or type the word "back", then Enter to back up and start over.

Directory Manager DN [cn=Directory Manager]:
Password (confirm):

The Administration Server is separate from any of your web or application
servers since it listens to a different port and access to it is

Pick a port number between 1024 and 65535 to run your Administration
Server on. You should NOT use a port number which you plan to
run a web or application server on, rather, select a number which you
will remember and which will not be used for anything else.

Administration port [9830]:

The interactive phase is complete.  The script will now set up your
servers.  Enter No or go Back if you want to change something.

Are you ready to set up your servers? [yes]:
Creating directory server . . .
Warning: Hostname ldap.ehowstuff.local is valid, but none of the IP addresses
resolve back to ldap.ehowstuff.local
        address resolves to host centos6.5.ehowstuff.local
Your new DS instance 'ldap' was successfully created.
Creating the configuration directory server . . .
Beginning Admin Server reconfiguration . . .
Creating Admin Server files and directories . . .
Updating adm.conf . . .
Updating admpw . . .
Registering admin server with the configuration directory server . . .
Updating adm.conf with information from configuration directory server . . .
Updating the configuration for the httpd engine . . .
Starting admin server . . .
output: Starting dirsrv-admin:
output:                                                    [  OK  ]
The admin server was successfully started.
Admin server was successfully reconfigured and started.
Exiting . . .
Log file is '/tmp/setupGwS8hs.log'

7. Start dirsrv and dirsrv-admin service :

[root@ldap ~]# /etc/init.d/dirsrv start
[root@ldap ~]# /etc/init.d/dirsrv-admin start

8. Make dirsrv and dirsrv-admin service auto start at boot :

[root@ldap ~]# chkconfig dirsrv on
[root@ldap ~]# chkconfig dirsrv-admin on

9. Configure Iptables to allow server listen on port 22, 389 and 9830 :

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 9830 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited

Restart iptables to take effect the changes :

[root@ldap ~]# service iptables restart
iptables: Applying firewall rules: [ OK ]

10. Verify port listen by the server using netstat :

[root@ldap ~]# netstat -plunt | grep LISTEN
tcp 0 0* LISTEN 1083/rpcbind
tcp 0 0* LISTEN 1125/perl
tcp 0 0* LISTEN 1116/sshd
tcp 0 0* LISTEN 1508/httpd.worker
tcp 0 0* LISTEN 1126/php-fpm
tcp 0 0 :::8140 :::* LISTEN 1161/httpd
tcp 0 0 :::111 :::* LISTEN 1083/rpcbind
tcp 0 0 :::80 :::* LISTEN 1161/httpd
tcp 0 0 :::22 :::* LISTEN 1116/sshd
tcp 0 0 :::443 :::* LISTEN 1161/httpd
tcp 0 0 :::8443 :::* LISTEN 1161/httpd
tcp 0 0 :::389 :::* LISTEN 1391/./ns-slapd

11. Verify port listen by the server and opened by iptables firewall :

[root@ldap ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT icmp --
ACCEPT all --
ACCEPT tcp -- state NEW tcp dpt:22
ACCEPT tcp -- state NEW tcp dpt:389
ACCEPT tcp -- state NEW tcp dpt:9830
REJECT all -- reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

How to Install Lighttpd With PHP5 (PHP-FPM) and MySQL on CentOS 6.5

Lighttpd (pronounced “lighty”) is an open-source web server as an alternative to Apache and Nginx. It is a secure, flexible, fast and designed for speed-critical environments. It has a low memory footprint and can handle large number of connections in one server especially for busier sites.

PHP is an acronym for “PHP Hypertext Preprocessor”; PHP is a widely-used server-side scripting language executed on the server.

PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites.

MySQL is a popular database solution for use in web applications.

This post will show you how to install Lighttpd With PHP5 (PHP-FPM) and MySQL on CentOS 6.5 VPS or dedicated server.

1. EPEL repository is another extra repository that creates, maintains, and manages a high quality set of additional packages for Enterprise Linux, including, but not limited to, Red Hat Enterprise Linux (RHEL) and CentOS server. How to Configure EPEL Repository on CentOS.

2. Install Lighttpd, MySQL and PHP5 work in Lighttpd through PHP-FPM :

[root@centos6-05 ~]# yum install lighttpd php php-fpm lighttpd-fastcgi php-mysql mysql mysql-server -y

3. Configure Lighttpd :

[root@centos6-05 ~]# vi /etc/lighttpd/lighttpd.conf
server.use-ipv6 = "enable"

Change to :

server.use-ipv6 = "disable"

4. Make lighttpd start at boot and also start lighttpd service:

[root@centos6-05 ~]# chkconfig --levels 235 lighttpd on
[root@centos6-05 ~]# /etc/init.d/lighttpd start

Browse your web server and Lighttpd welcome page should be displayed :

5. Configure PHP to work in Lighttpd through PHP-FPM :

[root@centos6-05 ~]# vi /etc/php-fpm.d/www.conf

Enable PHP-FPM use a TCP connection instead of unix socket :

;   '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen =

Configure user and group to lighttpd :

; RPM: apache Choosed to be able to access some dir as httpd
user = lighttpd
; RPM: Keep a group allowed to write in log dir.
group = lighttpd

6. Make php-fpm start at boot and also start the php-fpm service :

[root@centos6-05 ~]# chkconfig --levels 235 php-fpm on
[root@centos6-05 ~]# /etc/init.d/php-fpm start

7. Open and modify /etc/php.ini :

[root@centos6-05 ~]# vi /etc/php.ini

Uncomment the line cgi.fix_pathinfo=1

; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
; this to 1 will cause PHP CGI to fix its paths to conform to the spec.  A setting
; of zero causes PHP to behave as before.  Default is 1.  You should fix your scripts

8. Open and modify /etc/lighttpd/modules.conf :

[root@centos6-05 ~]# vi /etc/lighttpd/modules.conf

Uncomment the line include “conf.d/fastcgi.conf”:

## FastCGI (mod_fastcgi)
include "conf.d/fastcgi.conf"

9. Open and modify /etc/lighttpd/conf.d/fastcgi.conf :

Add below fastcgi.server at bottom of the file :

fastcgi.server += ( ".php" =>
                "host" => "",
                "port" => "9000",
                "broken-scriptfilename" => "enable"

10. Reload the PHP-FPM and Lighttpd service :

[root@centos6-05 ~]# /etc/init.d/php-fpm reload
[root@centos6-05 ~]# /etc/init.d/lighttpd reload

11. Since MySQl has been install, dont forget to make MySQL start at boot and start the MySQL service :

[root@centos6-05 ~]# chkconfig --levels 235 mysqld on
[root@centos6-05 ~]# /etc/init.d/mysqld start

12. Create info.php under ligghttpd document root :

[root@centos6-05 ~]# vi /var/www/lighttpd/info.php

Browse your page http://IP-Adress/info.php. Thats all.

How to Change 389 LDAP Password using PHP Scripting

Change 389 LDAP PasswordThis article has been prepared for the purpose of future reference for system administrator. It will describe how to change 389 ldap password using PHP scripting. In order to use this PHP script, you just need to change few parameters and also tested on CentOS 6.5. 389 LDAP Directory is an enterprise-class Open Source LDAP server for GNU/Linux. It is hardened by real-world use, is full-featured, supports multi-master replication, and already handles many of the largest LDAP deployments in the world.

Steps to Change 389 LDAP Password using PHP Scripting

1. Make sure your 389 ldap has been configure correctly :
2. Install php-ldap package into your apache server :

[root@ldapmaster-11 ~]# yum install php-ldap -y

3. Create changepassword.php file and put it into your apache root directory :

[root@ldapmaster-11 ~]# vim /var/www/html/changepassword.php

Modify the $server and $dn in .php file :

$message = array();

function changePassword($user,$oldPassword,$newPassword,$newPasswordCnf){
  global $message;

  $server = "localhost";
  $dn = "dc=ehowstuff,dc=local";
  $userid = $user;

  $user = "uid=".$user.",".$dn;
  $con = ldap_connect($server);
  ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3);

  // bind anon and find user by uid
  $sr = ldap_search($con,$dn,"(uid=*)");
  $records = ldap_get_entries($con, $sr);

  $message[] = "Username: " . $userid;
  //$message[] = "DN: " . $user;
  //$message[] = "Current Pass: " . $oldPassword;
  //$message[] = "New Pass: " . $newPassword;

  /* try to bind as that user */
  if (ldap_bind($con, $user, $oldPassword) === false) {
    $message[] = "Error E101 - Current Username or Password is wrong.";
    return false;
  if ($newPassword != $newPasswordCnf ) {
    $message[] = "Error E102 - Your New passwords do not match! ";
    return false;
  if (strlen($newPassword) < 4 ) {
    $message[] = "Error E103 - Your new password is too short! ";
    return false;
  if (!preg_match("/[0-9]/",$newPassword)) {
    $message[] = "Error E104 - Your new password must contain at least one digit. ";
    return false;
  if (!preg_match("/[a-zA-Z]/",$newPassword)) {
    $message[] = "Error E105 - Your new password must contain at least one letter. ";
    return false;
  if (!preg_match("/[A-Z]/",$newPassword)) {
    $message[] = "Error E106 - Your new password must contain at least one uppercase letter. ";
    return false;
  if (!preg_match("/[a-z]/",$newPassword)) {
    $message[] = "Error E107 - Your new password must contain at least one lowercase letter. ";
    return false;

  /* change the password finally */
  $entry = array();
  $entry["userPassword"] = "{SHA}" . base64_encode( pack( "H*", sha1( $newPassword ) ) );

  if (ldap_modify($con,$user,$entry) === false){
    $message[] = "E200 - Your password cannot be change, please contact the administrator.";
  } else {
    $message[] = " Your password has been changed. ";
    //mail($records[0]["mail"][0],"Password change notice : ".$userid," Your password has just been changed.");

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "">
<html xmlns="" xml:lang="en" lang="en">
  <title>Change your LDAP password</title>
  <style type="text/css">
  body { font-family: Verdana,Arial,Courier New; font-size: 0.7em;  }
  input:focus { background-color: #eee; border-color: red; }
  th { text-align: right; padding: 0.8em; }
  #container { text-align: center; width: 500px; margin: 5% auto; }
  ul { text-align: left; list-style-type: square; }
  .msg { margin: 0 auto; text-align: center; color: navy;  border-top: 1px solid red;  border-bottom: 1px solid red;  }
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
  <div id="container">
    <h2>Change your LDAP password</h2>
  <li> Your new password must be 8 characters long and contain at least one letter and one digit. </li>
    <form action="<?php print $_SERVER['PHP_SELF']; ?>" name="passwordChange" method="post">
      <table style="width: 400px; margin: 0 auto;">
        <tr><th>Username:</th><td><input name="username" type="text" size="20" autocomplete="off" /></td></tr>
        <tr><th>Old password:</th><td><input name="oldPassword" size="20" type="password" /></td></tr>
        <tr><th>New password:</th><td><input name="newPassword1" size="20" type="password" /></td></tr>
        <tr><th>New password (again):</th><td><input name="newPassword2" size="20" type="password" /></td></tr>
        <tr><td colspan="2" style="text-align: center;" >
          <input name="submitted" type="submit" value="Change Password"/>
          <button onclick="$('frm').action='changepassword.php';$('frm').submit();">Cancel</button>
    <div class="msg"><?php
      if (isset($_POST["submitted"])) {
        foreach ( $message as $one ) { echo "<p>$one</p>"; }
      } ?>

Reference :