About Tek Eye

The blue one-eyed robot.

CentOS 6 to CentOS 7 Upgrade Using Red Hat Upgrade Tool

CentOS 7 Supports In-Place Upgrading from CentOS 6.x for 64-bit Versions

This article covers upgrading a minimal CentOS 6.x system to CentOS 7. CentOS is a popular GNU/Linux OS for servers (including web servers) and workstations. Popular because it is a community based version of RHEL. CentOS is often an OS option when purchasing and setting up a VPS. The current major version of CentOS is version 7. CentOS 7 can be installed via an in-place upgrade over CentOS 6. However, CentOS 7 is only a 64-bit OS and therefore the system being upgraded has to be running 64-bit CentOS 6. To check if CentOS is 64-bit or 32-bit use the uname command with the -p option (p for processor):

[root@servername ~]# uname -p
x86_64

The 64-bit CentOS will display x86_64 and 32-bit will display i686.

CentOS 6 to CentOS 7 UpgradeWords of caution. If your system has been highly customised then performing an in-place upgrade from CentOS 6 to 7 may not be successful. In this case, as for upgrading a 32-bit system, a data backup, new CentOS 7 installation and data restore will be required. Do you need CentOS 7 now? There is also no need to rush to upgrade to CentOS 7. CentOS 6 will be receiving updates until the end of 2020. This article is for informational and test purposes only. You are responsible for you own actions and an in-place upgrade from CentOS 6 to CentOS 7 is probably more trouble than doing a fresh CentOS 7 install and data restore. For example upgrading a minimal CentOS 6.6. to CentOS 7 may not work according to this bug report.

The other consideration is whether the new CentOS 7 features will hinder operation of your system. The new features may require changes to the normal workflow or they may be incompatible with software that is being used on the system. Whilst the CentOS 7 Release Notes list some major changes the RHEL 7 Release Notes has a detailed discussion. Continue reading

Plugin Broke WordPress! Phew! False Alarm.

Thought a WordPress Plugin Broke My Site, Something Else Did

It’s possible to run a WordPress based web site without any other added functionality. However, for a feature rich web site the extra functionality provided by plugins help enhance your visitor’s experience. Plugins get updated regularly, for new features, bug fixes, security fixes and to work with the latest versions of WordPress. On most occasions updating WordPress and plugins is straight forward with the WordPress control panel/dashboard. So much so that complacency can set in. When that happens things eventually go wrong and painful lessons are learned. Continue reading

hiberfil.sys Windows 8.1 Delete to Free Up SSD Space

Disable Hibernation on Windows 8.1 to Remove hiberfil.sys for More Disk Space

This article provides a tutorial on removing the Windows hibernation file to free up disk space when a small solid state disk (SSD) is used as the system drive. Please ensure you have a backup of any data and files you need to keep before changing system configurations. This article is for information only. System configurations can vary widely, therefore any changes made are at your own risk. If you’re confident with computers and understand the meaning of the hiberfil.sys file you can skip to the end of the article for the relevant command, which is to run powercfg -h off at the administrator’s command prompt, otherwise read on for a better understanding.

Background

Low Disk Space on a Windows SSDApart from low end systems a SSD drive is standard fitting to most computers and laptops. An SSD is also a common upgrade to older systems. A SSD is more expensive than a hard disk drive, as a result small capacity SSDs (less than 128 GB) may be used to keep costs down. Windows 8.1 requires 20GB for installation, modern computing demands soon eats into the the remaining space. A system can be configured to use a small SSD for the Windows system and a large multi-terabyte  hard drive for data storage (see Move My Documents and Other Personal Folders). Despite this, or if a second drive is not an option, the SSD may fill up quickly with normal use. Once the SSD is full the computer or laptop will not function properly, may not boot up, or show error messages at boot time. The worst case scenario is data corruption and loss, or even disk failure, when applications cannot handle running with no disk space available. Continue reading

Thunderbird Change Password for Email Account

Update or Change Password in Thunderbird to Access an Email Account

Occasionally it is required to change the password used to access email on the email server. If using an email client, for example Outlook or the free Mozilla Thunderbird app, the email password stored for the account will require updating. In Thunderbird the password is not stored under Account Settings but is stored under Security in Options. For Thunderbird change password is achieved by removing the stored password so that a prompt appears to enter the new password. This article explains the problem and how it is fixed.

Thunderbird LogoWhen a email account is added to Thunderbird the Mail Account Setup dialog has a box that allows the entry of the password for the account. A check box is used to ensure that the password is remembered (so it is not typed in each time Thunderbird is opened).

The settings for an email account in Thunderbird can be accessed in several ways, see the following list, however these settings do not give access to the password field:

  • Bring up the context menu (usually right-click in Windows) on the account name, in the folder view, and selecting Settings.
  • Select View settings for this account when the account is selected in folder view.
  • Use the menu button next to the search box and select Options and then Account Settings.

If the email account password has changed Thunderbird will not be able to login to receive and send emails. Hopefully the option to renter a new password will be given: Continue reading

Visualization for Cyber Security Conference List of Papers

All Papers from the Annual Visualization For Cyber Security Symposium

Whilst researching novel methods for visualising data from computer security systems the VizSec conference proceedings looked interesting. VizSec is short for Visualization for Cyber Security. This is an annual symposium dedicated to the use of visualisation techniques to help with the complexity of monitoring the large modern systems we all use. System security has become a big data problem and only efficient data analytics will help manage it.

The 11th International Symposium on Visualization for Cyber Security takes place in November 2014. The papers from the previous 10 years of symposiums are available from different institutional or publisher web sites. This means there is not a single search available to get one list of all the papers presented at VizSec over the years. Therefore visits to several web pages and web sites are required to put together the list of all papers presented at VizSec. Since this has now been done that list is published here. Therefore you don’t need to repeat the work. Continue reading

BBC Website Down with BBC Home Page and iPlayer Offline

Highly Ranked BBC Website Experiences Period of Down Time

On Saturday 19th July 2014 the BBC website, http://www.bbc.co.uk, went down. Although no web site can be 100% reliable the length of the BBC website down time was unusual. The iPlayer service was offline as well. The down time issues stretched into the Sunday 20th July, with the BBC Home Page experiencing the longest outage, continuing into Monday 21st July. Initially a generic “Error 500” server page was displayed stating:

We are experiencing abnormal traffic to our network or the service or servers it is on is not currently available.

This was later replaced by a BBC home page of a much simpler design than the normal one:

Due to technical problems, we are displaying a simplified version of the BBC Homepage. We are working to restore normal service.

BBC Website Down

People accessing the BBC iPlayer service saw a message:

BBC iPlayer temporarily unavailable due to a technical problem

BBC iPlayer Down

Reports to Downdetector for iPlayer showed iPlayer outages over that weekend. BBC News reported the problems. The @AboutTheBBC Twitter account posted regular Tweets:

bbc_website_down_reported_on_twitter

Some of these were retweeted by @bbccouk and @BBCiPlayer.

BBC Website is in Top 100 of All Websites

According to Amazon’s Internet analytics company Alexa the BBC is ranked in the top 100 of all websites and is in the top 10 for the UK. A long term outage of a top ranking website is not unheard of but is uncommon enough to be news worthy. Whether it is caused by a distributed denial of service (DDOS) or another issue is unknown. Although DDOS is unlikely as apparently the BBC has a 700 Gbps connection. Furthermore a DDOS is usually mitigated within a few hours, thus it is likely to have been a technical fault or failure in updated software. Although that is just speculation and the TechAdvisor website reported that the servers had a ‘severe load’.

Two years ago lengthy BBC website down time issues were also reported in the UK press.

Webmin CentOS Install for Easier VPS Management

Manage a CentOS VPS Using Webmin for System Administration

A Virtual Private Server (VPS) is a cost effective way to host web and cloud based solutions or high volume web sites. A VPS provides more resources (memory, processing power and disk space) than shared hosting without the cost of leasing dedicated hardware (although a VPS will not be as powerful as a dedicated machine). Some VPS packages only provide a minimal Linux system. Access to that minimal system is usually via a secure shell (SSH). Managing a Linux system remotely over SSH can be cumbersome. To make the system administration easier a web based management tool is useful. A commercial tool such as cPanel is often provided at extra cost. Open source alternatives like ZPanel and Webmin are available. In this tutorial article the Webmin system administration tool will be installed on a CentOS based VPS. CentOS, based on a Red Hat Linux distribution, is commonly available for VPS packages. This article assumes that the minimal installation of CentOS is used for the VPS operating system. The minimal CentOS does not have the desktop environment installed. The steps for the Webmin CentOS install are:

  1. Update CentOS using yum update.
  2. Add Webmin to the CentOS yum repositories.
  3. Add the Webmin package PGP key to the RPM keyring.
  4. Allow Webmin through the CentOS iptables firewall.
  5. Install Webmin using yum install webmin.
  6. Start Webmin and start using it.

Webmin Install Running on CentOS Continue reading

Android Bitmap Loading for Efficient Memory Usage

Load a Bitmap from Resources Correctly

When handling bitmaps it is not long before Android developers come across the error “java.lang.OutOfMemoryError: bitmap size exceeds VM budget“. This usually occurs when the bitmaps are large (several megabytes uncompressed),  or running the code on older devices, or trying to load lots of bitmaps. This occurs because Android was design for mobile devices with limited resources, including memory, and bitmaps can require large amounts of memory. Despite Android not dealing with multi-megabyte bitmap loading automatically it can still be done. Instead of loading the whole bitmap a reduced resolution version is loaded (via a technique called subsampling). Android bitmap loading is achieved via the BitmapFactory class. The Options settings passed to the class can reduce the size of the bitmap, saving on memory usage.

Bitmaps can be BIG but Android Screens are Small

A digital image from a camera can be between 5 and 18 megapixels (MP) in size, depending upon the camera or device. This is the uncompressed size. The actual file storing the image, usually a JPEG file, is smaller than the displayed image because of compression. High end cameras can produce 20 MP or higher images. A 5 MP image can have a resolution of 2560×1920, that is greater than high definition (HD) television at 1920×1080, and bigger than the resolution of the Goggle Nexus 10 tablet device at 2560×1600. What about a 18 MP image? A size of 5184×3456!  A Nexus 5 phone has a HD screen, so why load more than 2 MPs of data if the screen can only display a maximum of 2 MPs. By using subsampling the huge photo image being viewed on the Android device only consumes as much memory as required to display it, 2 MP for a HD resolution screen. This saves precious App memory and reduces the possibility of out of memory errors. Here’s an example of loading large bitmaps on different Android devices. A 1000×1000 placeholder image was loaded into an ImageView  and the App run on two devices. One with a HVGA, 320×480, screen and another with a QVGA, 240×320 screen.

Android Bitmap on Different Screens

On the HVGA screen the 1000×1000 image is shown at 320×320, on the QVGA screen it is shown at 240×240. So the one million pixel image only requires a hundred thousand or sixty thousand pixels for actual viewing on these devices. Loading only the required size for display makes sense. On the Android Developers website there is an article on Managing Your App’s Memory and in the section Avoid wasting memory with bitmaps it states: “When you load a bitmap, keep it in RAM only at the resolution you need for the current device’s screen, scaling it down if the original bitmap is a higher resolution.

Android Bitmap Loading Code from the Developer Site

There is a series of lessons on the Android Developers site called Displaying Bitmaps Efficiently that deal with correctly loading, caching and processing bitmaps. When processing multiple large bitmaps it needs to be done away from the User Interface (UI) thread using AsyncTask, with the use of caching when appropriate. There is a sample App for the lessons, DisplayingBitmaps.zip, for Android Studio, though the code can be used in Eclipse if that is your preferred development platform. The example App was previously called Bitmap Fun from BitmapFun.zip. The basic steps in loading a large bitmap are:

  1. Determine the required size (from a known size or determining the size of the target View).
  2. Use the BitmapFactory class to get the bitmap’s size (set inJustDecodeBounds in BitmapFactory.Options to true).
  3. Using 1. and 2. calculate the subsampling value (a multiple of 2) and pass it to the BitmapFactory.Options setting inSampleSize.
  4. Use the BitmapFactory to load a reduced size bitmap.

The following section takes the code from the Android Developers article Displaying Bitmaps Efficiently to provide an example App performing the steps listed above.

Sample Code to Load an Android Bitmap from a Large Resource Image

J. M. W. Turner The Fighting Temeraire A large bitmap is needed. You may be reading this because you have a very large bitmap causing out of memory errors. Here a large image of a Turner painting is used. The image size is 5684×4226, a 24 MP image! You can grab the image from Wikimedia Commons, it is available in several sizes.

An Android App project was created in Eclipse. The large Turner image was added to the project in a folder called drawable-nodpi under the res folder. A large placeholder image (large enough to match the screen width) was also added to the folder. It can be generated from Placeholder Graphic at openclipart.org. The layout is just an ImageView with a Button below it:

Here’s the code for the App:

And the App in action:

Large Android Bitmap Loading

Using a Open Source Library to Manage Large Bitmap Loading in Android

This code is good for a single bitmap, but the Android Developers article goes on to talk about caching and background loading. One way of achieving this is to use an existing implementation, such as provided in the Display Bitmaps sample or existing libraries that support large bitmap loading with caching, including android-query (AQuery),  Android Volley for loading images over networks and Android Universal Image Loader.

Related Article

How to Get a View Size in Android

Change SSH Port from Default for CentOS Security Improvement

Help Harden a CentOS Server, Change SSH Port from Default Port Number 22

Edit the SSH configuration file to modify SSH port number. The configuration file is sshd_config. Adding Port XXXX where XXXX is the required port number. Then update SELinux and iptables. This is done to help harden CentOS against the less skilled hackers. The Secure Shell (SSH) is used to access a CentOS Server from another computer. For example when accessing a Virtual Private Server (VPS) to perform configuration changes. CentOS is a common option for a VPS operating system. This tutorial provides details on changing the SSH default port number for a CentOS server.

Steps to Change the CentOS SSH Port Number

The following steps are performed to change default SSH port number on CentOS:

  1. Login to the CentOS server.
  2. Back up then edit the /etc/ssh/sshd_config file.
  3. Add the line Port XXXX to the file, where XXXX is the new port number.
  4. Update the SELinux policy for the new SSH port.
  5. Update the iptables firewall rule for the new SSH port.
  6. Restart the services or the server.
  7. Check the changes worked by connecting on the new port.

Practice and Keep A Back Up

CentOS Logo

It is recommended to practice the instructions that follow on a local test environment before doing it on a live machine. This ensures familiarity with the process and reduces the risk of making mistakes on a live server. CentOS can be configured on a local Virtual Machine (VM) to practice these changes (see the Further Information section at the end of the article). For a remote VPS if you make a mistake reconfiguring the SSH port you may not be able to connect to it. It will require resetting via your service provider’s control panel. Always ensure you have a backup of any data that needs to be kept in the event the VPS needs to be reset. If SSH is the only option for configuration of a remote VPS consider other hardening options first, for example adding a sudo user for SSH login and removing the root user login over SSH. This article uses the shell (command line terminal) to change the CentOS configuration, based on a minimal CentOS install.

Edit the File sshd_config

To change the SSH port number edit the /etc/ssh/sshd_config file. Start by taking a copy in case anything goes wrong. For all commands in this article only enter the text after the # or $ prompt character, as seen on the terminal screen. Here’s the command to copy sshd_config to sshd_cfg_old:

# cp /etc/ssh/sshd_config /etc/ssh/sshd_cfg_old

Editing is done with vi or nano. On a minimal CentOS install, typical for a VPS, nano will not be installed by default. To edit sshd_config using vi:

# vi /etc/ssh/sshd_config

Or if logged in as a user with sudo ability:

$ sudo vi /etc/ssh/sshd_config

Add the Required Port Number

Select a new port number above 1024, one that is meaningful to you so it is remembered, or pick a random one. See List of TCP and UDP Port Numbers on Wikipedia. Some admins just double up port numbers, e.g. 22 becomes 2222, but that is familiar to hackers so pick something else, e.g. pick a memorable year and double it. For example 2×1066 is 2132, so port 2132 can be remembered as “Twice Battle of Hastings“.

The Port line should be in the first page of the file, as either Port 22 or commented out as #Port 22. Go to the line. Press Insert to enter edit mode. Remove the # if present and change the port number to the required value. Press the Esc key to return to command mode and enter :wq to write out the file and quit vi.

ssh_port_config

Update SELinux with the New Port Number

If the Security Enhanced Linux module (SELinux) is running then update selinux with the new port number. Failure to update SELinux for the new port will result in a Permission denied showing in the SELinux log.  To check that selinux is enabled run sestatus:

# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 24
Policy from config file: targeted

Use semanage to add the new port number to SELinux, see the article RHEL 6: semanage SELinux Command Not Found on how to install the command if not present (e.g. if using the CentOS minimal install). For this article this command was used to check the package for semanage:

# yum provides /usr/sbin/semange

And this command to install it:

# yum -y install policycoreutils-python

The port numbers for SELinux can be displayed using a semanage command (pipe to less to page through the list):

# semanage port -l | less

In the list of ports will be found ssh_port tcp 22. Use semanage to add the new port number:

# semanage port -a -t ssh_port_t -p tcp 2132

Update Firewall Rules for the New Port Number

The iptables firewall rules are listed using:

#iptables -L

There will be a rule showing that SSH is only allowed on port 22. This needs changing to the new port number. Use vi to open /etc/sysconfig/iptables:

# vi /etc/sysconfig/iptables

Go to this line:

-A INPUT -p tcp -m state –state NEW -m tcp –dport 22 -j ACCEPT

Change 22 after –dport to the new port number, e.g. 2132 (press Insert to enter edit mode in vi):

-A INPUT -p tcp -m state –state NEW -m tcp –dport 2132 -j ACCEPT

Save and exit (Esc key then :wq). Restart iptables:

# service iptables restart

Restart SSH

With the SSH config file changed, SELinux updated and iptables rules updated SSH can be restarted:

# /etc/init.d/sshd restart

Restarting CentOS

As an alternative to restarting iptables and ssh restart the the CentOS server:

# reboot

or

# shutdown -r now

Login to CentOS Using SSH to Test The New Port

On a Windows system a program such as PuTTY can be used to access a CentOS server using SSH. In this example the port number is 2132. To connect with the new port number enter it in the Port box.

PuTTY to SSH into different port

With the host name or IP address also entered select Open. The terminal prompt should appear allowing for a normal login.

(Note: If accessing a CentOS VPS on a VirtualBox virtual machine on the local computer you will need to change the Network Address Translation port from 22 to the new number, see the third article listed below.)

Further Information