Patching for Dirty Cow on Debian, Red Hat, Ubuntu, CentOS

“Dirty Cow” is the common name given to Linux vulnerability CVE-2016-5195. It is a “privilege escalation” that allows a non-root user to gain root access on a system. An attacker must have system access first, as a normal user. Then they use the bug to obtain root rights. It is dangerous and should be patched.

The Linux kernel itself was fixed in October 2016. Since then, Linux vendors have all released patches. Many Internet articles suggest addressing the bug by doing a general system update. While that might be fine for a test machine or Linux desktop, it isn’t ideal for a production server. This article describes how to fix the bug in the least invasive way possible – by updating the kernel only. Continue reading

Repairing and Recovering a Broken ESXi VM

This post describes the recovery of a broken virtual machine within ESXi 5.1 (update 1). The VM was damaged in several ways: the vmxf file was missing, and so was one of the vmdk files. The system was down and not bootable due to the missing files. In addition, the root password had been lost and needed recovery. The same procedure, or parts of it, should work for other ESXi VMs. The broken VM was running Red Hat, but that barely impacts the procedure, apart from the password recovery bit. Continue reading

How to Delete a Route in Red Hat 6.6

Deleting a route from the routing table in Linux should be simple. However, the syntax of the route command can be a little fussy.

I wanted to remove the first entry in the routing table shown below: Continue reading

http_proxy in Red Hat 5

This post is about setting the http_proxy environment variable in Red Hat 5. Newer versions of the OS allow the variable to be set in either of two ways, that is:

# export http_proxy=http://192.168.1.100:8080
# export http_proxy=192.168.1.100:8080

Both will work. A subsequent call to yum will read the http_proxy environment variable and act on it, using the named proxy to obtain a network connection to the relevant repository. I have tested this successfully on Red Hat 5.7.

Yum Failures

Older versions of Red Hat 5 are more fussy. RHEL 5.4 will allow the first form above (export http_proxy=http://192.168.1.100:8080), but use the second form and yum will barf extravagantly, leaving you with a lengthy Python trace back. Continue reading

Linux does not see all memory

The other day I upgraded the memory in a customer’s Linux system from 2 to 8 Gb. Afterwards though, only 4 Gb was “visible”. The “free” and “top” commands confirmed that only half the expected memory was there. The system was running 32 bit Red Hat 4.7 in a vmware virtual machine. Continue reading