an amazing guide through the steps required to security harden CentOS 7

Security Harden CentOS 7 →


CentOS – find packages provided by repositories

A quick note to myself… This is what I do when I need to find which packages are provided by a certain repository. First I update the list of the available packages:

# yum check-update

Then I do a listing of them (bold is mine):

# yum repolist
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* base:
* epel:
* extras:
* updates:
Excluding Packages from CentOS-5 - Base
Excluding Packages from CentOS-5 - Updates
repo id repo name status
base CentOS-5 - Base 3,612+29
epel Extra Packages for Enterprise Linux 5 - x86_64 7,241
extras CentOS-5 - Extras 266
updates CentOS-5 - Updates 95
repolist: 11,214

At this point, if I need to find what packages are provided by the EPEL repository and write that list on a file, I’ll simply digit:

# rpm -qa | grep epel > epel-list.txt

how-to fix the XS version of Scalar::Util error in CentOS / RHEL / Fedora

It’s being some month now that at work we have encountered a nasty problem with Perl’s module Compress::Zib usage in a tool developed by a colleague. At the moment to start the graphical rendering of a web page the system gave error to our users.

Searching in Apache2’s log I’ve encoutered many error of this kind:

dualvar is only available with the XS version of Scalar::Util at /var/www/html/$MY-APP-PATH/perl/Compress/ line 8

This is because the Scalar-List-Utils module precompiled in RHEL/Fedora/CentOS and similar does NOT have the support of XS weaken function.

You will see a lot of bugs issued on this topic in this part of Linux distro’s.

My solution was to install perl-Task-Weaken package:

In fact as we can read in the package’s description:

rpm -qi perl-Task-Weaken
URL         :
Summary     : Ensure that a platform has weaken support
Description : One recurring problem in modules that use Scalar::Util's weaken function is that it is not present in the pure-perl variant.

This restores the functionality testing to a dependency you do once in your Makefile.PL, rather than something you have to write extra tests for each time you write a module.

Happy coding!

Error booting Fedora in VirtualBox

I am in the middle of the work for a GNU/Linux keynote & hands-on demo for some colleagues.

Since I’m a loyal Fedora/CentOS user I’m installing the latest Fedora 15 on my MacBook’s VirtualBox.

Fedora screenshots

Everything went ok during the installation until first reboot on which the system told me:


remaining into the error mode and forcing me to manually reboot.

If this happens to you too be sure to check if the installation media (the cd-rom or the dvd-rom) is still present in the player (!!!) and remove it.

It happears to be a know issue with VirtualBox, since a bug #2680 was opened 3 years ago and still unresolved (probably because it’s unclear if it’s VirtualBox or Fedora dvd boot system fault).
Ejecting the optical media solved my issue, cheers!

how to install RMySQL on CentOS

A quick note for who have the need of installing RMySQL on CentOS (or RHEL).

On my system R is installed via the EPEL repository (as I’ve added in the comments of this post of this very blog).

Given this I went to the RMySQL project page and downloaded both the RMySQL_0.7-5.tar.gz and the (required) DBI_0.2-5.tar.gz packages.

This because installing the R-DBI package provided by the activated repository on my system gave me errors during the actual RMySQL installation.

So, as root – since the installation was needed system-wide – i gave those two following commands:

[root@testing ~]# R CMD INSTALL DBI_0.2-5.tar.gz
[root@testing ~]# R CMD INSTALL RMySQL_0.7-5.tar.gz

Then all the user needed to do was loading into his R environment the new modules!
Happy coding!

For future reference:

  • CRAN – RMySQL package
  • CRAN – DBI package

What files are provided by $package.rpm?

Today I needed to install the openMPI package on a development machine, and occurred to me to know if by installing it the system’s GCC (and similar). So asked my friend Gianluca an hand and he pointed me to the repoquery command.

So I did the following:

yum whatprovides "*/repoquery"

which gived to me:

yum-utils-1.1.16-14.el5.centos.1.noarch : Utilities based around the yum package manager
Repo : base
Matched from:
Filename : /usr/bin/repoquery

so I did a simple:

yum install yum-utils

followed by a:

repoquery -ql openmpi-devel.x86_64

… and I obtained the needed infos. Thanks Gianluca!