Difference between revisions of "User:Sfiggins/RH-TACACS with LDAP Backend"
From Labrats.us
Jump to navigationJump to search| Line 32: | Line 32: | ||
# /etc/init.d/sshd restart | # /etc/init.d/sshd restart | ||
</pre> | </pre> | ||
| + | |||
| + | =Setup CPAN= | ||
| + | |||
| + | ==Instal GCC== | ||
| + | |||
| + | <pre> | ||
| + | # yum install gcc | ||
| + | Loaded plugins: product-id, rhnplugin, security, subscription-manager | ||
| + | This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. | ||
| + | Setting up Install Process | ||
| + | Resolving Dependencies | ||
| + | --> Running transaction check | ||
| + | ---> Package gcc.x86_64 0:4.4.7-16.el6 will be installed | ||
| + | --> Processing Dependency: libgomp = 4.4.7-16.el6 for package: gcc-4.4.7-16.el6.x86_64 | ||
| + | --> Processing Dependency: cpp = 4.4.7-16.el6 for package: gcc-4.4.7-16.el6.x86_64 | ||
| + | --> Processing Dependency: libgcc >= 4.4.7-16.el6 for package: gcc-4.4.7-16.el6.x86_64 | ||
| + | --> Processing Dependency: cloog-ppl >= 0.15 for package: gcc-4.4.7-16.el6.x86_64 | ||
| + | --> Processing Dependency: glibc-devel >= 2.2.90-12 for package: gcc-4.4.7-16.el6.x86_64 | ||
| + | --> Running transaction check | ||
| + | ---> Package cloog-ppl.x86_64 0:0.15.7-1.2.el6 will be installed | ||
| + | --> Processing Dependency: libppl.so.7()(64bit) for package: cloog-ppl-0.15.7-1.2.el6.x86_64 | ||
| + | --> Processing Dependency: libppl_c.so.2()(64bit) for package: cloog-ppl-0.15.7-1.2.el6.x86_64 | ||
| + | ---> Package cpp.x86_64 0:4.4.7-16.el6 will be installed | ||
| + | --> Processing Dependency: libmpfr.so.1()(64bit) for package: cpp-4.4.7-16.el6.x86_64 | ||
| + | ---> Package glibc-devel.x86_64 0:2.12-1.166.el6_7.1 will be installed | ||
| + | --> Processing Dependency: glibc-headers = 2.12-1.166.el6_7.1 for package: glibc-devel-2.12-1.166.el6_7.1.x86_64 | ||
| + | --> Processing Dependency: glibc-headers for package: glibc-devel-2.12-1.166.el6_7.1.x86_64 | ||
| + | ---> Package libgcc.x86_64 0:4.4.6-3.el6 will be updated | ||
| + | ---> Package libgcc.x86_64 0:4.4.7-16.el6 will be an update | ||
| + | ---> Package libgomp.x86_64 0:4.4.6-3.el6 will be updated | ||
| + | ---> Package libgomp.x86_64 0:4.4.7-16.el6 will be an update | ||
| + | --> Running transaction check | ||
| + | ---> Package glibc-headers.x86_64 0:2.12-1.166.el6_7.1 will be installed | ||
| + | --> Processing Dependency: kernel-headers >= 2.2.1 for package: glibc-headers-2.12-1.166.el6_7.1.x86_64 | ||
| + | --> Processing Dependency: kernel-headers for package: glibc-headers-2.12-1.166.el6_7.1.x86_64 | ||
| + | ---> Package mpfr.x86_64 0:2.4.1-6.el6 will be installed | ||
| + | ---> Package ppl.x86_64 0:0.10.2-11.el6 will be installed | ||
| + | --> Running transaction check | ||
| + | ---> Package kernel-headers.x86_64 0:2.6.32-573.1.1.el6 will be installed | ||
| + | --> Finished Dependency Resolution | ||
| + | |||
| + | Dependencies Resolved | ||
| + | |||
| + | ============================================================================================================================ | ||
| + | Package Arch Version Repository Size | ||
| + | ============================================================================================================================ | ||
| + | Installing: | ||
| + | gcc x86_64 4.4.7-16.el6 twtc-rhel-i386_64-server-6 10 M | ||
| + | Installing for dependencies: | ||
| + | cloog-ppl x86_64 0.15.7-1.2.el6 twtc-rhel-i386_64-server-6 93 k | ||
| + | cpp x86_64 4.4.7-16.el6 twtc-rhel-i386_64-server-6 3.7 M | ||
| + | glibc-devel x86_64 2.12-1.166.el6_7.1 twtc-rhel-i386_64-server-6 985 k | ||
| + | glibc-headers x86_64 2.12-1.166.el6_7.1 twtc-rhel-i386_64-server-6 614 k | ||
| + | kernel-headers x86_64 2.6.32-573.1.1.el6 twtc-rhel-i386_64-server-6 3.9 M | ||
| + | mpfr x86_64 2.4.1-6.el6 twtc-rhel-i386_64-server-6 156 k | ||
| + | ppl x86_64 0.10.2-11.el6 twtc-rhel-i386_64-server-6 1.3 M | ||
| + | Updating for dependencies: | ||
| + | libgcc x86_64 4.4.7-16.el6 twtc-rhel-i386_64-server-6 103 k | ||
| + | libgomp x86_64 4.4.7-16.el6 twtc-rhel-i386_64-server-6 134 k | ||
| + | |||
| + | Transaction Summary | ||
| + | ============================================================================================================================ | ||
| + | Install 8 Package(s) | ||
| + | Upgrade 2 Package(s) | ||
| + | |||
| + | Total download size: 21 M | ||
| + | Is this ok [y/N]: y | ||
| + | Downloading Packages: | ||
| + | (1/10): cloog-ppl-0.15.7-1.2.el6.x86_64.rpm | 93 kB 00:00 | ||
| + | (2/10): cpp-4.4.7-16.el6.x86_64.rpm | 3.7 MB 00:00 | ||
| + | (3/10): gcc-4.4.7-16.el6.x86_64.rpm | 10 MB 00:00 | ||
| + | (4/10): glibc-devel-2.12-1.166.el6_7.1.x86_64.rpm | 985 kB 00:00 | ||
| + | (5/10): glibc-headers-2.12-1.166.el6_7.1.x86_64.rpm | 614 kB 00:00 | ||
| + | (6/10): kernel-headers-2.6.32-573.1.1.el6.x86_64.rpm | 3.9 MB 00:00 | ||
| + | (7/10): libgcc-4.4.7-16.el6.x86_64.rpm | 103 kB 00:00 | ||
| + | (8/10): libgomp-4.4.7-16.el6.x86_64.rpm | 134 kB 00:00 | ||
| + | (9/10): mpfr-2.4.1-6.el6.x86_64.rpm | 156 kB 00:00 | ||
| + | (10/10): ppl-0.10.2-11.el6.x86_64.rpm | 1.3 MB 00:00 | ||
| + | ---------------------------------------------------------------------------------------------------------------------------- | ||
| + | Total 9.0 MB/s | 21 MB 00:02 | ||
| + | Running rpm_check_debug | ||
| + | Running Transaction Test | ||
| + | Transaction Test Succeeded | ||
| + | Running Transaction | ||
| + | Updating : libgcc-4.4.7-16.el6.x86_64 1/12 | ||
| + | Installing : ppl-0.10.2-11.el6.x86_64 2/12 | ||
| + | Installing : cloog-ppl-0.15.7-1.2.el6.x86_64 3/12 | ||
| + | Installing : kernel-headers-2.6.32-573.1.1.el6.x86_64 4/12 | ||
| + | Installing : glibc-headers-2.12-1.166.el6_7.1.x86_64 5/12 | ||
| + | Installing : glibc-devel-2.12-1.166.el6_7.1.x86_64 6/12 | ||
| + | Installing : mpfr-2.4.1-6.el6.x86_64 7/12 | ||
| + | Installing : cpp-4.4.7-16.el6.x86_64 8/12 | ||
| + | Updating : libgomp-4.4.7-16.el6.x86_64 9/12 | ||
| + | Installing : gcc-4.4.7-16.el6.x86_64 10/12 | ||
| + | Cleanup : libgcc-4.4.6-3.el6.x86_64 11/12 | ||
| + | Cleanup : libgomp-4.4.6-3.el6.x86_64 12/12 | ||
| + | |||
| + | Installed: | ||
| + | gcc.x86_64 0:4.4.7-16.el6 | ||
| + | |||
| + | Dependency Installed: | ||
| + | cloog-ppl.x86_64 0:0.15.7-1.2.el6 cpp.x86_64 0:4.4.7-16.el6 | ||
| + | glibc-devel.x86_64 0:2.12-1.166.el6_7.1 glibc-headers.x86_64 0:2.12-1.166.el6_7.1 | ||
| + | kernel-headers.x86_64 0:2.6.32-573.1.1.el6 mpfr.x86_64 0:2.4.1-6.el6 | ||
| + | ppl.x86_64 0:0.10.2-11.el6 | ||
| + | |||
| + | Dependency Updated: | ||
| + | libgcc.x86_64 0:4.4.7-16.el6 libgomp.x86_64 0:4.4.7-16.el6 | ||
| + | |||
| + | Complete! | ||
| + | </pre> | ||
| + | |||
| + | ==Auto Configure CPAN== | ||
| + | |||
| + | When you first run CPAN, it will offer to automatically configure. Go ahead and let it do this, and we will fix it later. | ||
| + | |||
| + | ==Change some defaults== | ||
| + | |||
| + | <pre> | ||
| + | # cpan | ||
| + | Terminal does not support AddHistory. | ||
| + | |||
| + | cpan shell -- CPAN exploration and modules installation (v1.9402) | ||
| + | Enter 'h' for help. | ||
| + | |||
| + | cpan[1]> o conf urllist | ||
| + | urllist | ||
| + | Type 'o conf' to view all configuration items | ||
| + | |||
| + | |||
| + | cpan[4]> o conf urllist http://cpan.twtelecom.net/ | ||
| + | Please use 'o conf commit' to make the config permanent! | ||
| + | |||
| + | |||
| + | cpan[5]> o conf commit | ||
| + | commit: wrote '/usr/share/perl5/CPAN/Config.pm' | ||
| + | |||
| + | </pre> | ||
| + | |||
| + | <pre> | ||
| + | # perl -npe 's/root\/.cpan/var\/spool\/cpan/g' -i /usr/share/perl5/CPAN/Config.pm | ||
| + | # mkdir -p /var/spool/cpan | ||
| + | </pre> | ||
| + | |||
| + | ==Update /etc/sysconfig/iptables== | ||
| + | |||
| + | Add to /etc/sysconfig/iptables: | ||
| + | |||
| + | <pre> | ||
| + | # Permit cpan.twtelecom.net has address 216.136.95.32 | ||
| + | -A TWTC-SERVICE-OUT --out-interface eth0 -m tcp -p tcp --dport 80 --destination 216.136.95.32/32 -j NEWSTATE | ||
| + | </pre> | ||
| + | |||
| + | ==Install Perl Modules (via yum)== | ||
| + | |||
| + | Install the perm modules that are possible via yum | ||
| + | |||
| + | <pre> | ||
| + | # yum install perl-Array-Compare perl-Capture-Tiny perl-DBD-MySQL perl-DBI perl-MIME-Lite perl-Net-DNS perl-Time-Piece | ||
| + | </pre> | ||
| + | |||
| + | |||
| + | ==Install Perl Modules (via CPAN)== | ||
| + | |||
| + | Install the following modules via CPAN: | ||
| + | |||
| + | <pre> | ||
| + | Date::Calendar | ||
| + | Date::Calendar::Profiles | ||
| + | Date::Parse | ||
| + | IO::Select | ||
| + | Net::LDAP::Constant | ||
| + | Net::LDAP::Control::Paged | ||
| + | Net::LDAP::Entry | ||
| + | Net::LDAPS | ||
| + | Net::LDAP::Util | ||
| + | </pre> | ||
| + | |||
| + | Command looks like this: | ||
| + | |||
| + | <pre> | ||
| + | # cpan | ||
| + | Terminal does not support AddHistory. | ||
| + | |||
| + | cpan shell -- CPAN exploration and modules installation (v2.10) | ||
| + | Enter 'h' for help. | ||
| + | |||
| + | cpan[1]> install Date::Calendar Date::Calendar::Profiles Date::Parse IO::Select MIME::Lite Net::LDAP::Constant Net::LDAP::Control::Paged Net::LDAP::Entry Net::LDAPS Net::LDAP::Util | ||
| + | </pre> | ||
| + | |||
| + | Follow through the install process, hitting a million "Y". | ||
Revision as of 17:26, 13 December 2018
Install and Setup New CentOS 7 Server
Create base Centos 7 server, as documented below
New CentOS 7 Server Setup Commands
Edit /etc/ssh/sshd_config to enable X11 forwarding
edit /etc/ssh/sshd_config and replace:
X11Forwarding no X11UseLocalhost yes
with:
X11Forwarding yes X11UseLocalhost no
And add:
AddressFamily inet
Restart sshd
# /etc/init.d/sshd restart
Setup CPAN
Instal GCC
# yum install gcc Loaded plugins: product-id, rhnplugin, security, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package gcc.x86_64 0:4.4.7-16.el6 will be installed --> Processing Dependency: libgomp = 4.4.7-16.el6 for package: gcc-4.4.7-16.el6.x86_64 --> Processing Dependency: cpp = 4.4.7-16.el6 for package: gcc-4.4.7-16.el6.x86_64 --> Processing Dependency: libgcc >= 4.4.7-16.el6 for package: gcc-4.4.7-16.el6.x86_64 --> Processing Dependency: cloog-ppl >= 0.15 for package: gcc-4.4.7-16.el6.x86_64 --> Processing Dependency: glibc-devel >= 2.2.90-12 for package: gcc-4.4.7-16.el6.x86_64 --> Running transaction check ---> Package cloog-ppl.x86_64 0:0.15.7-1.2.el6 will be installed --> Processing Dependency: libppl.so.7()(64bit) for package: cloog-ppl-0.15.7-1.2.el6.x86_64 --> Processing Dependency: libppl_c.so.2()(64bit) for package: cloog-ppl-0.15.7-1.2.el6.x86_64 ---> Package cpp.x86_64 0:4.4.7-16.el6 will be installed --> Processing Dependency: libmpfr.so.1()(64bit) for package: cpp-4.4.7-16.el6.x86_64 ---> Package glibc-devel.x86_64 0:2.12-1.166.el6_7.1 will be installed --> Processing Dependency: glibc-headers = 2.12-1.166.el6_7.1 for package: glibc-devel-2.12-1.166.el6_7.1.x86_64 --> Processing Dependency: glibc-headers for package: glibc-devel-2.12-1.166.el6_7.1.x86_64 ---> Package libgcc.x86_64 0:4.4.6-3.el6 will be updated ---> Package libgcc.x86_64 0:4.4.7-16.el6 will be an update ---> Package libgomp.x86_64 0:4.4.6-3.el6 will be updated ---> Package libgomp.x86_64 0:4.4.7-16.el6 will be an update --> Running transaction check ---> Package glibc-headers.x86_64 0:2.12-1.166.el6_7.1 will be installed --> Processing Dependency: kernel-headers >= 2.2.1 for package: glibc-headers-2.12-1.166.el6_7.1.x86_64 --> Processing Dependency: kernel-headers for package: glibc-headers-2.12-1.166.el6_7.1.x86_64 ---> Package mpfr.x86_64 0:2.4.1-6.el6 will be installed ---> Package ppl.x86_64 0:0.10.2-11.el6 will be installed --> Running transaction check ---> Package kernel-headers.x86_64 0:2.6.32-573.1.1.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================================ Package Arch Version Repository Size ============================================================================================================================ Installing: gcc x86_64 4.4.7-16.el6 twtc-rhel-i386_64-server-6 10 M Installing for dependencies: cloog-ppl x86_64 0.15.7-1.2.el6 twtc-rhel-i386_64-server-6 93 k cpp x86_64 4.4.7-16.el6 twtc-rhel-i386_64-server-6 3.7 M glibc-devel x86_64 2.12-1.166.el6_7.1 twtc-rhel-i386_64-server-6 985 k glibc-headers x86_64 2.12-1.166.el6_7.1 twtc-rhel-i386_64-server-6 614 k kernel-headers x86_64 2.6.32-573.1.1.el6 twtc-rhel-i386_64-server-6 3.9 M mpfr x86_64 2.4.1-6.el6 twtc-rhel-i386_64-server-6 156 k ppl x86_64 0.10.2-11.el6 twtc-rhel-i386_64-server-6 1.3 M Updating for dependencies: libgcc x86_64 4.4.7-16.el6 twtc-rhel-i386_64-server-6 103 k libgomp x86_64 4.4.7-16.el6 twtc-rhel-i386_64-server-6 134 k Transaction Summary ============================================================================================================================ Install 8 Package(s) Upgrade 2 Package(s) Total download size: 21 M Is this ok [y/N]: y Downloading Packages: (1/10): cloog-ppl-0.15.7-1.2.el6.x86_64.rpm | 93 kB 00:00 (2/10): cpp-4.4.7-16.el6.x86_64.rpm | 3.7 MB 00:00 (3/10): gcc-4.4.7-16.el6.x86_64.rpm | 10 MB 00:00 (4/10): glibc-devel-2.12-1.166.el6_7.1.x86_64.rpm | 985 kB 00:00 (5/10): glibc-headers-2.12-1.166.el6_7.1.x86_64.rpm | 614 kB 00:00 (6/10): kernel-headers-2.6.32-573.1.1.el6.x86_64.rpm | 3.9 MB 00:00 (7/10): libgcc-4.4.7-16.el6.x86_64.rpm | 103 kB 00:00 (8/10): libgomp-4.4.7-16.el6.x86_64.rpm | 134 kB 00:00 (9/10): mpfr-2.4.1-6.el6.x86_64.rpm | 156 kB 00:00 (10/10): ppl-0.10.2-11.el6.x86_64.rpm | 1.3 MB 00:00 ---------------------------------------------------------------------------------------------------------------------------- Total 9.0 MB/s | 21 MB 00:02 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Updating : libgcc-4.4.7-16.el6.x86_64 1/12 Installing : ppl-0.10.2-11.el6.x86_64 2/12 Installing : cloog-ppl-0.15.7-1.2.el6.x86_64 3/12 Installing : kernel-headers-2.6.32-573.1.1.el6.x86_64 4/12 Installing : glibc-headers-2.12-1.166.el6_7.1.x86_64 5/12 Installing : glibc-devel-2.12-1.166.el6_7.1.x86_64 6/12 Installing : mpfr-2.4.1-6.el6.x86_64 7/12 Installing : cpp-4.4.7-16.el6.x86_64 8/12 Updating : libgomp-4.4.7-16.el6.x86_64 9/12 Installing : gcc-4.4.7-16.el6.x86_64 10/12 Cleanup : libgcc-4.4.6-3.el6.x86_64 11/12 Cleanup : libgomp-4.4.6-3.el6.x86_64 12/12 Installed: gcc.x86_64 0:4.4.7-16.el6 Dependency Installed: cloog-ppl.x86_64 0:0.15.7-1.2.el6 cpp.x86_64 0:4.4.7-16.el6 glibc-devel.x86_64 0:2.12-1.166.el6_7.1 glibc-headers.x86_64 0:2.12-1.166.el6_7.1 kernel-headers.x86_64 0:2.6.32-573.1.1.el6 mpfr.x86_64 0:2.4.1-6.el6 ppl.x86_64 0:0.10.2-11.el6 Dependency Updated: libgcc.x86_64 0:4.4.7-16.el6 libgomp.x86_64 0:4.4.7-16.el6 Complete!
Auto Configure CPAN
When you first run CPAN, it will offer to automatically configure. Go ahead and let it do this, and we will fix it later.
Change some defaults
# cpan
Terminal does not support AddHistory.
cpan shell -- CPAN exploration and modules installation (v1.9402)
Enter 'h' for help.
cpan[1]> o conf urllist
urllist
Type 'o conf' to view all configuration items
cpan[4]> o conf urllist http://cpan.twtelecom.net/
Please use 'o conf commit' to make the config permanent!
cpan[5]> o conf commit
commit: wrote '/usr/share/perl5/CPAN/Config.pm'
# perl -npe 's/root\/.cpan/var\/spool\/cpan/g' -i /usr/share/perl5/CPAN/Config.pm # mkdir -p /var/spool/cpan
Update /etc/sysconfig/iptables
Add to /etc/sysconfig/iptables:
# Permit cpan.twtelecom.net has address 216.136.95.32 -A TWTC-SERVICE-OUT --out-interface eth0 -m tcp -p tcp --dport 80 --destination 216.136.95.32/32 -j NEWSTATE
Install Perl Modules (via yum)
Install the perm modules that are possible via yum
# yum install perl-Array-Compare perl-Capture-Tiny perl-DBD-MySQL perl-DBI perl-MIME-Lite perl-Net-DNS perl-Time-Piece
Install Perl Modules (via CPAN)
Install the following modules via CPAN:
Date::Calendar Date::Calendar::Profiles Date::Parse IO::Select Net::LDAP::Constant Net::LDAP::Control::Paged Net::LDAP::Entry Net::LDAPS Net::LDAP::Util
Command looks like this:
# cpan Terminal does not support AddHistory. cpan shell -- CPAN exploration and modules installation (v2.10) Enter 'h' for help. cpan[1]> install Date::Calendar Date::Calendar::Profiles Date::Parse IO::Select MIME::Lite Net::LDAP::Constant Net::LDAP::Control::Paged Net::LDAP::Entry Net::LDAPS Net::LDAP::Util
Follow through the install process, hitting a million "Y".
