How To Disable IPv6 In CentOS 7

Method 1

Edit file /etc/sysctl.conf,

vi /etc/sysctl.conf

Add the following lines:

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1

If you want to disable IPV6 for particular network card, for example enp0s3, add the following entry.

net.ipv6.conf.enp0s3.disable_ipv6 = 1

Save and exit the file.

Execute the following command to reflect the changes.

sysctl -p

Method 2:

To IPv6 disable in the running system, enter the following commands one by one:

echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
echo 1 > /proc/sys/net/ipv6/conf/default/disable_ipv6


sysctl -w net.ipv6.conf.all.disable_ipv6=1
sysctl -w net.ipv6.conf.default.disable_ipv6=1

That’s it. Now IPv6 has been disabled.

linux php

Install PHP 7.2 on CentOS, RHEL


Repositories configuration:

On Fedora, standards repositories are enough, on Enterprise Linux (RHEL, CentOS) the Extra Packages for Enterprise Linux (EPEL) repository must be configured, and on RHEL the optional channel must be enabled.

Fedora 27

dnf install remi-release-27.rpm

Fedora 26

dnf install remi-release-26.rpm

RHEL version 7.4

rpm -Uvh remi-release-7.rpm epel-release-latest-7.noarch.rpm
subscription-manager repos --enable=rhel-7-server-optional-rpms

RHEL version 6.9

rpm -Uvh remi-release-6.rpm epel-release-latest-6.noarch.rpm
rhn-channel --add --channel=rhel-$(uname -i)-server-optional-6

CentOS version 7.4

rpm -Uvh remi-release-7.rpm epel-release-latest-7.noarch.rpm

CentOS version 6.9

rpm -Uvh remi-release-6.rpm epel-release-latest-6.noarch.rpm


remi-php72 repository activation

Needed packages are in the remi-safe (enabled by default) and remi-php72 repositories, the latest is not enabled by default (administrator choice according to the desired PHP version).

RHEL or CentOS

yum install yum-utils
yum-config-manager --enable remi-php72


dnf install dnf-plugins-core
dnf config-manager --set-enabled remi-php72


PHP upgrade

By choice, the packages have the same name than in the distribution, so a simple update is enough:

yum update

That’s all ūüôā

$ php -v
PHP 7.2.0 (cli) (built: Nov 28 2017 10:27:47) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2017 Zend Technologies
    with Zend OPcache v7.2.0, Copyright (c) 1999-2017, by Zend Technologies
    with Xdebug v2.6.0alpha1, Copyright (c) 2002-2017, by Derick Rethans



Linux Install and Configure NTP to Synchronize The System Clock

How do I install and configure NTP under CentOS Linux version 5.x or 6.x server to synchronize the system clock?

You can easily install NTP (Network Time Protocol, a means of transmitting time signals over a computer network) using the yum command under Red Hat or CentOS/Fedora Linux server or workstation based systems. You need to install the following packages:

  1. ntp : ntpd server which continuously adjusts system time and utilities used to query and configure the ntpd daemon.
  2. ntpdate : Utility to set the date and time via NTP.
  3. ntp-doc : NTP documentation

Procedure: Setup NTPD on CentOS Linux

Open the terminal or login over the ssh session. You must login as as the root user. Type the following yum command to install ntp
# yum install ntp ntpdate ntp-doc

Turn on service, enter:
# chkconfig ntpd on

Synchronize the system clock with server (use this command only once or as required):
# ntpdate

Start the NTP server. The following will continuously adjusts system time from upstream NTP server. No need to run ntpdate:
# /etc/init.d/ntpd start

Configure ntpd (optional)

Edit /etc/ntp.conf, enter:
# vi /etc/ntp.conf
Set public servers from the project:




Install SNMP Service/Daemon on CentOS

In this guide I’ll be explaining how to install the SNMP service on CentOS.

The SNMP service is available in the standard CentOS repository.

1. Install net-snmp with yum:

yum install net-snmp

 2. Create a simple SNMP configuration:

mv /etc/snmp/snmpd.conf /etc/snmp/
vim /etc/snmp/snmpd.conf

Add the following to /etc/snmp/snmpd.conf ; Replace with the IP address of the server that you want to allow SNMP lookups from:

rocommunity public

 3. Start the SNMP service, and set it to auto-start on reboot:

/etc/init.d/snmpd start
chkconfig snmpd on

If you have a firewall configured, ensure that you have UDP port 161 open to your SNMP lookup server.


On your SNMP lookup server, you can do the following to perform a quick SNMP test to ensure that it’s working. Replace with the server’s address that you just configured SNMP on:

snmpwalk -v 2c -c public



CentOS Remove Old Kernels

Tonight when upgrading a CentOS Linux server it was noted by YUM that 15MB more disk space was needed to upgrade grub and the kernel itself. Below are four quick steps to verify what kernels are installed, install yum-utils if it is not installed already, delete previous kernels and set YUM to remove old kernels when new kernels are installed. Depending on the size of your /boot directory you should make a decision on how many previous kernels you want to keep installed though I would recommend always keeping at least one previous kernel at a minimum. In the steps below we go off that recommendation and set YUM to always keep two kernels which would include the current kernel and one previous kernel.

YUM Warning Regarding /boot Disk Space:

As you can see below during the transaction test YUM runs during package installation, upgrades, etc. there is a warning that stops the update process because there is not enough room on the /boot partition.

Total                                                                                                                                                                          8.5 MB/s | 167 MB     00:19
Running rpm_check_debug
Running Transaction Test
Transaction Check Error:
  installing package needs 15MB on the /boot filesystem
  installing package grub-1:0.97-83.el6.x86_64 needs 15MB on the /boot filesystem
Error Summary
Disk Requirements:
  At least 15MB more space needed on the /boot filesystem.

Once you receive that warning it is always good to manually check the disk space left on the server to verify YUM is reporting accurately. You can see in the below output from a CentOS Linux server that there is only 14MB of disk space available and YUM is reporting that it needs at least 29MB of disk space to complete the grub and kernel upgrades.

Show Disk Usage Per Partition on CentOS Linux:

[root@dev ~# df -kh
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 228G 22G 194G 11% /
tmpfs 1.9G 0 1.9G 0% /dev/shm
/dev/sda1 99M 81M 14M 87% /boot
[root@dev ~]#

Follow the steps below to list currently installed kernels on your CentOS server, install yum-utils for the package-cleanup command, remove the oldest kernels on the CentOS Linux server and configure YUM to automatically remove older kernels when new kernels are installed in the future.

Remove Previous CentOS Linux Kernels:

  1. List Installed CentOS Linux Kernels: Use the RPM command listed in the example below to list the set of kernels currently installed on your CentOS Linux server.
    [root@dev ~]# rpm -q kernel
    [root@dev ~]#
  2. Install YUM Utilities Package On CentOS Linux: Now install the yum-utils package on Linux as shown in the example command below.
    [root@dev ~]# yum install yum-utils
    Loaded plugins: fastestmirror, security
    Loading mirror speeds from cached hostfile
     * atomic:
     * epel:
     * rpmforge:
    Setting up Install Process
    Resolving Dependencies
    --> Running transaction check
    ---> Package yum-utils.noarch 0:1.1.30-14.el6 will be updated
    ---> Package yum-utils.noarch 0:1.1.30-17.el6_5 will be an update
    --> Finished Dependency Resolution
    Dependencies Resolved
     Package                    Arch                     Version               Repository                             Size
     yum-utils                  noarch                   1.1.30-17.el6_5       updates                                102 k
    Transaction Summary
    Upgrade       1 Package(s)
    Total size: 102 k
    Is this ok [y/N]: y
    Downloading Packages:
    Running rpm_check_debug
    Running Transaction Test
    Transaction Test Succeeded
    Running Transaction
      Updating   : yum-utils-1.1.30-17.el6_5.noarch                             1/2
      Cleanup    : yum-utils-1.1.30-14.el6.noarch                               2/2
      Verifying  : yum-utils-1.1.30-17.el6_5.noarch                             1/2
      Verifying  : yum-utils-1.1.30-14.el6.noarch                               2/2
      yum-utils.noarch 0:1.1.30-17.el6_5                                                                                             Complete!
    [root@dev ~]#
  3. Remove Older CentOS Linux Kernels: Once the CentOS yum-utils package has been installed you will now have access to the package-cleanup command which will allow us to easily remove previous CentOS Linux kernels as shown in the below example command output.
    [root@dev ~]# package-cleanup --oldkernels --count=2
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
     * atomic:
     * epel:
     * rpmforge:
    --> Running transaction check
    ---> Package kernel.x86_64 0:2.6.32-358.el6 will be erased
    --> Finished Dependency Resolution
    Dependencies Resolved
     Package        Arch       Version           Repository                                                       Size
     kernel         x86_64    2.6.32-358.el6     @anaconda-CentOS-201303050102.x86_64/6.4                         116 M
    Transaction Summary
    Remove        1 Package(s)
    Installed size: 116 M
    Is this ok [y/N]: y
    Downloading Packages:
    Running rpm_check_debug
    Running Transaction Test
    Transaction Test Succeeded
    Running Transaction
      Erasing    : kernel-2.6.32-358.el6.x86_64            1/1
      Verifying  : kernel-2.6.32-358.el6.x86_64            1/1
      kernel.x86_64 0:2.6.32-358.el6                                                                                               Complete!
    [root@dev ~]#
  4. Update YUM Configuration to Automatically Remove Old Kernels:¬†Once we have the old CentOS Linux kernels removed we should now update the yum.conf file located in the /etc directory on CentOS Linux to automatically remove the oldest kernel every time a new kernel is installed. Again the minimum you should set the install_only limit is two so you can always roll back to the older kernel is need be. Use your favorite editor such as ‚Äúvi‚ÄĚ to edit the /etc/yum.conf file and modify the install_only configuration line from the default 5 to 2 as shown in the below examples.Default yum.conf install_only Configuration:

    Default yum.conf install_only Configuration:

  5. Verify CentOS Linux /boot Directory Free Disk Space:¬†As you can see in the output below there is 42MB of disk space available even after using ‚Äúyum update‚ÄĚ to update packages that included a new kernel.
    [root@dev ~]# df -kh
    Filesystem      Size  Used Avail Use% Mounted on
    /dev/sda3       228G   22G  194G  11% /
    tmpfs           1.9G     0  1.9G   0% /dev/shm
    /dev/sda1        99M   53M   42M  57% /boot
    [root@dev ~]#

The end result will be that disk space for the /boot directory should always be under control. In my personal opinion the /boot directory should always be installed with more than 100MB of space so you can keep numerous older kernels or kernels for different tasks but many times you might take over administration of a server that is already configured and running.


Secure /tmp And /var/tmp Directories On CentOS Linux

A couple days ago a CentOS Linux server that I took over administration on had some mysterious files show up in the /tmp and /var/tmp directories. The files were placed in /tmp and /var/tmp by the apache user meaning there is some form of security hole in Apache, PHP, or one of the virtual hosts has an insecure application installed. Before looking into where the issue is I needed to lock things down so no applications could be executed from these directories in the future regardless of a security flaw in the future. Below are instructions on how to secure /tmp and /var/tmp.

Secure /tmp Directory On Linux:

  1. Generate 1GB File: Make sure that you have enough space on your hard drive using the df (df -kh) command. Then generate a one gigabyte file that will be used for the /tmp directory using the syntax below.
    [root@dev ~]# dd if=/dev/zero of=/dev/tmpDIR bs=1024 count=1000000
    1000000+0 records in
    1000000+0 records out
    1024000000 bytes (1.0 GB) copied, 5.32903 seconds, 192 MB/s

    As you can see in the above output it took the server 5.3 seconds to generate the 1GB file which will be used for both /tmp and /var/tmp once we are completed.

  2. Format File To EXT3:¬†After the file is created you will need to format the file to ext3 or whatever filesystem you are using for the other directories on the Linux server using syntax similar to the below. The output is included below so you know that when the ‚ÄúProceed anyway?‚ÄĚ warning displays that you should type ‚Äúy‚ÄĚ for yes followed by enter to continue.
    [root@dev ~]# /sbin/mkfs.ext3 /dev/tmpDIR
    mke2fs 1.39 (29-May-2006)
    /dev/tmpDIR is not a block special device.
    Proceed anyway? (y,n) y
    Filesystem label=
    OS type: Linux
    Block size=4096 (log=2)
    Fragment size=4096 (log=2)
    125184 inodes, 250000 blocks
    12500 blocks (5.00%) reserved for the super user
    First data block=0
    Maximum filesystem blocks=260046848
    8 block groups
    32768 blocks per group, 32768 fragments per group
    15648 inodes per group
    Superblock backups stored on blocks:
            32768, 98304, 163840, 229376
    Writing inode tables: done
    Creating journal (4096 blocks): done
    Writing superblocks and filesystem accounting information: done
    This filesystem will be automatically checked every 24 mounts or
    180 days, whichever comes first.  Use tune2fs -c or -i to override.
    [root@dev ~]#
  3. Backup Current /tmp Directory: Now backup the current /tmp directory using the syntax below which will keep the same permissions for the files currently in /tmp.
    [root@dev ~]# cp -Rpf /tmp /tmpbak
  4. Mount New /tmp Directory: After backing up the data you can proceed with mounting the new /tmp directory with the syntax below.
    [root@dev ~]# mount -o loop,noexec,nosuid,rw /dev/tmpDIR /tmp

    Notice we are mounting the /tmp directory with noexec and nosuid which will stop direct execution of binary files and not allow set-user-identifier or set-group-identifier bits to take effect respectively.

  5. Modify /tmp Directory Permissions: Use the syntax below to modify the permissions of the new /tmp directory on the CentOS Linux server.
    [root@dev ~]# chmod 1777 /tmp
  6. Copy Old /tmp Data: After the directory is mounted and the proper permissions are set you should copy the data from the old /tmp directory into the newly created /tmp directory. First cd into the /tmpbak directory and then copy all of the contents using the syntax below.
    [root@dev ~]# cd /tmpbak
    [root@dev ~]#
    [root@dev ~]# cp -Rpf * /tmp/

    You may also need to run the same command again but instead of using just * use .* which will copy files beginning with a dot.

  7. Modify fstab: After verifying that the new /tmp directory is working properly you should add a line to the end of the /etc/fstab file so the new directory is mounted when the server reboots.
    /dev/tmpDIR              /tmp                    ext3    loop,nosuid,noexec,rw 0 0

After finishing the above steps you should now test the /tmp directory to verify it is secure by copying an executable to /tmp and attempt to execute it. Once verified you should also follow the steps below to secure /var/tmp which can also be abused and cause issues on your server.

Secure /var/tmp On A CentOS Linux Server:

  1. Temporarily Move /var/tmp: Move the /var/tmp directory to a new location so you can create a symlink to the /tmp directory we already secured.
    [root@dev ~]# mv /var/tmp /var/tmpbak
  2. Create A Symbolic Link: Once the directory has been moved you can now create a symbolic link to the /tmp directory using the syntax below. This will make /var/tmp the same as /tmp while keeping the path integrity.
    [root@dev ~]# ln -s /tmp /var/tmp
  3. Copy /var/tmp Contents: Once the symbolic link is generated you should copy the contents of the /var/tmpbak directory to /var/tmp using the syntax below.
    [root@dev ~]# cp -pR /var/tmpbak/* /tmp

    Make sure to verify all of the contents of the directory make it to the new directory.

Your /tmp and /var/tmp directories are now secured on your CentOS Linux server.


An Ultimate Guide to Upgrade Kernel on CentOS/RHEL/Fedora

Well, there are plenty of reasons why you should run latest version of Linux Kernel. For instance, the current kernel might have bugs that can be exploited by the hackers or you want to try out some device driver that requires latest version of Kernel or you just want to keep your system up-to-date. Whatever might be the reason, upgrading your system to the latest Kernel should hold the high priority in your system maintenance check list.

I’ll show you how to upgrade Linux Kernel on CentOS machine. For the demonstration, I’m going to upgrade kernel from 2.6.32-358 to 3.12.

Let me show you the current kernel version I have.

$uname -r

Get ready with these prerequisites. Install these as ‚Äėroot‚Äô user.

$ yum groupinstall "Development Tools"
$ yum install ncurses-devel

You should also update other packages before upgrading the kernel.

$ yum update

Download Kernel 3.12

Lets download the latest kernel from At the time of writing this article, the latest Kernel version was 3.12.


Unpack the downloaded Kernel to ‚Äė/usr/src/‚Äô

$tar xvfvJ linux-3.12.tar.xz -C /usr/src

Lets get into the unpacked folder.

$ cd /usr/src/linux-3.12

Generate the Kernel configuration

To generate the Kernel configuration using graphical interface, execute the below command.

$ make menuconfig

You should see an interface as shown below.

Graphical Kernel Configuration

Don’t want to create new configuration? Make use of the existing kernel configuration.

$ sudo make oldconfig

But you will still have to answer the questions asked. If you are not sure about the question, just hit enter to input the default answer.

Configure Kernel


The above command would take around 40-50 minutes depending upon your system speed.

Install Kernel

$ make modules_install install

The above command would take around 20-30 minutes depending upon your system speed.

Configure grub to load the latest Kernel

$vi /etc/grub.conf

However, the path of grub configuration might vary on your system. If not /etc/grub.conf, it might be in /etc/grub/grub.conf.

Once the grub.conf is opened, set the ‚Äėdefault‚Äô variable to the position of your new kernel. For instance, in my case, the latest kernel was in zeroth position.


You can verify the new kernel installation at the following locations.

$cd /boot
$ls -lrt vmlinuz-3.12
$vi /boot/grub/menu.lst

Now you are good to reboot the system.

Problems? I’m not able to remote login to my system after the kernel update.

Connect terminal to the machine and check for the device files using the below command,

ls ‚Äďlrt /dev/ptmx
ls ‚Äďlrt /dev/pts/
ls ‚Äďlrt /dev/random
ls ‚Äďlrt /dev/urandam
ls ‚Äďlrt /dev/null

Don’t find any devices? Jump to Create /dev files heading below. If you are able to find /dev/pts, open the below file.

$vi /etc/fstab

Do you able to find an entry for /dev/pts? If not, add the one as shown below,

none /dev/pts devpts gid=5,mode=620 0 0
$mount -a

Makedev tty & pty

Run the below commands:

/sbin/MAKEDEV tty
/sbin/MAKEDEV pty

Create /dev files

If you didn’t find device files, create it with the help of below commands:

mknod /dev/random c 1 9
mknod /dev/urandom c 1 9
mknod /dev/ptmx c 5 2
mknod /dev/null c 1 3
chmod +666 /dev/null

Now we have made the way for remote connection temporarily. To do it permanently,

$vi /etc/rc.d/rc.sysinit

Look for start_udev, in the next line add the below items,

mknod /dev/random c 1 9
mknod /dev/ptmx c 5 2
Disclaimer: The above steps worked for me and I'm sharing those with you all. It might be slightly different on your environment. So take necessary care while upgrading. or the author doesn't holdany reponsibilities for the damage that cause to your operating system.