Sunday, 05/07/2020 - [00:36:11]
Home Blog

How to Start/Stop or Enable/Disable firewalld on CentOS 7

How to Start/Stop or Enable/Disable firewalld on CentOS | firewalld (Dynamic Firewall Manager) tool provides a dynamically managed firewall. The tool enables network/firewall zones to define the trust level of network connections and/or interfaces. It has support both for IPv4 and IPv6 firewall settings. Also, it supports Ethernet bridges and allow you to separate between runtime and permanent configuration options. Finally, it supports an interface for services or applications to add firewall rules directly.

linux logo

Disable firewalld

To disable firewalld, execute the following command as root or using sudo:

Enable firewalld

To enable firewalld, execute the following command as root or using sudo:

Stop firewalld

To stop (or deactivate) firewalld,execute the following command as root or using sudo:

Start firewalld

To start (or activate) firewalld, execute the following command as root or using sudo:

Status of firewalld

To check the status of firewalld, execute the following command as root or using sudo:

Very easy to stop firewalld and begin using ‘iptables‘ instead of if you want.



How to generate random password string in Python

How to generate random password with Python programming language ? Ok, i will introduce you a good way with some neccessary modules to make a strong password (digits + upper character + lower character), the min length of password string will be 8. In this post, i will use Python 2.7 syntax for example, if you choose Python 3.x you need to search document of module.

1. Using module string python

– Let’s import module string.

– Print a string contains all alphabet characters.

– Print all special characters.

– Print a string contains numbers.

– In this post, i will exclude all special characters in operation of generating random password ? Why ? Because in some OS or applications, they dont accept almost of special characters so we dont need them so much for inconvenience.

– Howerver, what we will do next ? We just have few list of needed character for combining operation to make a strong password. Ok, next step we will use module ‘random‘ in Python to make a bit interesting action.

2. Using module random python

– Module random in python supports you a lot of useful method for any case like generate random digit, choice an object in list,… in this post we will only need to use method pick a random character once time.

– Go to this time, i think we can imagine how sample code will work to create a random password.

3. Sample code to generate random password

– In this case, i will fix the min size and max size for length of password (from 8 -> 15).
– Run loop ‘for‘ and extract random character in database pre-defined characters. After that, concentrate all of extracted character together without any delimiter.


Very easy right, now you can use above code to deploy a function for generate random password. Just do it by yourself.

How to set password for Single-User mode on Linux (CentOS/RHEL)

What is Single-User mode on Linux? That is a mode help you restore some config or operation on OS Linux like reset password root when you forgot it,… However, if you don’t try to protect this mode, your system will have a exploited vulnerability so you need to set password for Single-user mode.

(single-user grub mode, before prompt pass single-mode appear phase)

– When you set password for single-user mode on Linux, you have to remember or note your password of root for future login in single-user mode. If you forgot it, you will have to use DVD Linux recuse to reset root password.

Step-by-step to set password for Single-user mode on

First of all, you need to config file ‘/etc/inittab’:

You have to insert config line “~~:S:wait:/sbin/sulogin” before config line ‘initdefault‘. So now the content of config file ‘/etc/inittab‘ will be like below:

The last step, that you have to change config in file ‘/etc/sysconfig/init‘ :

change to

Finally, you can reboot OS and try to boot to single-user mode and check that a prompt password appears or not. So now you have completed the way to set password for Single-user mode on Linux. Good luck !

How to install TFTP Server on CentOS 7

In this post i will show you how to install TFTP Server on CentOS 7. Trivial File Transfer Protocol (TFTP) is a small Internet service ultility that can help use to transfer file easier than FTP Service. TFTP does not require authentication from client and client cannot list file on directory of TFTP Server. TFTP use UDP Protocol at port number 69, you can read more from RFC 1350. TFTP Server is used a lots in PXE Server Environment or like a storage place to upload flash to Router/Switch.

Steps to install TFTP Server on CentOS 7

1. Install TFTP Server package

– First of all, you need to install TFTP Server package on CentOS 7.

– Turn off SELinux feature if you dont know how to control and use it. You need to reboot os to apply new config of SELinux, however you can temporarily turn off it with command ‘setenforce‘.

2. Config TFTP Service

– I will create a user to be owner of data directory used by TFTP Service.

– Now, a specific directory for TFTP Server ?! It’s up to you, follow me i will create one for service.

– Configure file TFTP Service with below noticed config lines.

Note :
– disable = disable :
– server_args
+ ‘-c‘ : allow client connect and create file on directory of TFTP Server.
+ ‘-s‘ : auto change directory when client connect to TFTP Server, to specific directory in the config file like /tftpdata. It’s secure feature.
+ ‘-u‘ : specific user owner of directory /tftpdata.
+ ‘-p‘ : Perform no additional permissions checks above the normal system-provided access controls for the user specified via the ‘-u’ option.
+ ‘-U‘ : setup Umask setting when client create or push new file.
+ ‘-v‘ : this option help print some logging verbose when client connect to TFTP Server.

References link :

3. Start TFTP Service, add to list startup service

– Edit file system start service of TFTP, change the configuration line ‘ExecStart‘ in [Service] section to be as same as the config of previous step (step 2).

– Reload new configuration of systemd service file.

– Start TFTP Service.

– Add TFTP Service to startup service on CentOS 7.

– Checking that TFTP is listenning on port UDP 69 or not.

4. Configure Firewall to allow TFTP Service

– If you have local firewall on your server you need to set up allowing incomming port 69/UDP. For example with ‘iptables‘.

5. Checking connecting to TFTP Server

– If you are using Windows, you can use application like WinSCP to test connecting to TFTP Server. If you are using Linux OS, try using command ‘tftp’ to connect and use bot of tftp’s command like ‘get‘ – get file from TFTP Server ; ‘put‘ – push file from local to TFTP Server.

So now you finish tutorial how to install TFTP Server on CentOS 7.

How to use “tree” command to list directory with tree structure on Linux

Tree command is a application in UNIX/Linux OS that can help you list all files/directories at specific path directory with the format view of tree style. This command can scan recursively sub directory to find all files for listing. It’s very help ful for you, trust me.

Installing and using command tree command on Linux

1. Installing application command ‘tree’

– Default, ‘tree’ is not installed in Linux/UNIX so you can have it with below steps.


+ Ubuntu/Debian

2. Syntax command


2.1 Basic default mode command

2.1 List include all hidden files

– In default mode of ‘tree‘, it will not list information of hidden files (files begin with dot ‘.‘ of name file). So you can use option ‘-a’ to see that.

2.2 Limit the number sub-directory will be listed (scanned)

– You want to limit the number sub-directory that ‘tree’ will scan information, you can use option ‘-L <number>‘.

2.3 Just list directory, no files

2.4 Manual

– Find more information about this command ‘tree‘ on Linux, use command ‘manual‘.

Now you know additional command like ‘tree‘ to help you list files/directories on server at a specific directory path with beautiful style view is ‘tree‘. Thank you !

[Ubuntu] Fix error “Fatal error: Python.h: No such file or Directory” when using pip

When you want to install an application or build a module for specific python version by command ‘pip‘ on OS Ubuntu/Debian. You are not lucky when have to encounter the error “Fatal error: Python.h: No such file or Directory” like example below :

You will consider what is ‘Python.h‘ and search google for finding the resolution to handle this case. So we will go to next part, how to fix this error.

Fix error “fatal error: Python.h: No such file or Directory”

Python.h is just a header file, be used by ‘gcc‘ application to build application/module for a lot of program like Python. So you have to install package named ‘python-dev‘. This package includes many header files, static files and neccessary development tools to build module Python, extend Python interpreter,… Ok, we will install ‘python-dev‘ with these step:

+ Python version 2.x+

+ Python version 3.x+

Example, output installing ‘python-dev’ :

Now recheck the process installing 3rd party module/application for Python by using pip command. You will see the error ‘Fatal error: Python.h: No such file or Directory’ has gone. Good luck !

Fix error ‘rpmdb: PANIC: fatal region error detected’ when use yum on CentOS/RHEL

You are using CentOS/RHEL OS and perform some action with ‘yum’ to install package through repository. Then you encounter this kind error ‘rpmdb: PANIC: fatal region error detected; run recovery’ :

How to fix errror ‘rpmdb: PANIC: fatal region error detected’ on CentOS/RHEL

This is messed case, but you can follow the way to fix it by cleaning out RPM DB and rebuild it. First of all, you need to backup some files in directory ‘/var/lib/rpm’.

Remove current files and rebuild rpm db.

Finally, we need to verify the status of fixing.

Ok, so that all the steps you need to do for fixing the error ‘rpmdb: PANIC: fatal region error detected’.

[Linux] How to install EPEL Repository on CentOS/RHEL 6/7

In this post, i will show you how to install EPEL Repository on CentOS/RHEL 5/6/7, then you will also know how to check EPEL installed successfuly or not.

What is EPEL Repository?

EPEL (Extra Packages for Enterprise Linux) is open source and free community based repository project from Fedora team which provides 100% high quality add-on software packages for Linux distribution including RHEL (Red Hat Enterprise Linux), CentOS, and Scientific Linux

Why you should use EPEL Repository?

  • Provides lots of open source packages to install via Yum.
  • Epel repo is 100% open source and free to use.
  • It does not provide any core duplicate packages and no compatibility issues.
  • All epel packages are maintained by Fedora repo.

Method 1: install by default repo of CentOS

– This method’s very simple and people usually use this method. However if you fail at this stage, please go to method 2.

Method 2: install by download package of EPEL

2.1 Import GPG Key of EPEL packageg ứng của EPEL Package

– You should import GPG key information of EPEL package for verifying package that downloaded from Fedora server. Ok so you can access the below link to get GPG key or execute below commands to do that instead of.

Homepage :

+ CentOS/RHEL 7.x

+ CentOS/RHEL 6.x

+ CentOS/RHEL 5.x

2.2 Download and install EPEL package

You should determine version architecture of CentOS to download package .rpm EPEL as same as architecture info. We will install the latest package EPEL of each CentOS/RHEL version.

+ CentOS/RHEL 7.x

+ CentOS/RHEL 6.x

+ CentOS/RHEL 5.x

2.3 Check EPEL is installed or not

EPEL Repo default will be enabled and configured at file ‘/etc/yum.repos.d/epel.repo’, then you can check with command ‘yum repollist’ to list the avaiable repos on CentOS.

2.4 Remove EPEL Repository

– Find EPEL package with tool ‘rpm’ then remove it with ‘rpm’ too.

– Remove it.

Ok, so you have known that you can install EPEL Repository on CentOS/RHEL.

[Linux] Fix error EPEL Repo “Cannot retrieve metalink for repository” on CentOS

When you installed EPEL Repository on CentOS, you use “yum” to install some application but the issue appears (Cannot retrieve metalink for repository: epel) :

– Default in EPEL Repo is configured to connect to EPEL Server by HTTPS Connection, however in some cases the information Certificate Chain/Root Certificate on CentOS doesnt have good-new Certificates so you cannot connect to EPEL Server for retrieving metalink.

Fix error “Cannot retrieve metalink for repository: epel” on CentOS

Method 1: update ca-certificates

– You need to update your ca-certificates on CentOS.

– Then retry to use “yum” command to operate what you want.

Method 2: change the way “yum” will connect to EPEL Repo

– You need to change the method “yum” will connect to EPEL to retrive data, change from “https” -> “http” in file configuration of EPEL “epel.repo“.

– Do edit manually file ‘epel.repo’ with changing the value ‘mirrorlist=https‘ -> ‘mirrorlist=http‘.


– Then retry to use “yum” command to operate what you want.

Above is two basic way to fix error “Cannot retrieve metalink for repository: epel” on CentOS

[Bash] How to extract number from string in bash shell

I will list some ways to extract number from string in bash shell script. We will set two sample variables to use with commands for extracting.Gnu-bash-logo

VAR1=”Im 25 years old.”
VAR2=”Im 25 years old. I have worked as system admin for 5 years.”

Four ways to extract number from string in bash shell

1. ‘tr’ command


2. ‘sed’ command

3. bash built-in


4. ‘grep’ command

May be we have more than ways better to extract number from string, if you know , please comment to share with me. Thank you.

Clip demo Protection Status