Category Archives: Uncategorized

How to install OTRS (OpenSource Trouble Ticket System) on CentOS 7

Rollbar: Users finding bugs? Searching logs for errors? Find + fix broken code fast!

OTRS (open-source trouble ticket system software) is a sophisticated open source software used by companies to improve their operation related to customer support, help desk, call centers and more. OTRS is written in PERL and provides the following important features:

  • Customers can register and create/interact with a Ticket via the customer portal and by email, phone, and fax with each queue (Attendants/Technicians post box).
  • Tickets can be managed by their priority, assignment, transmission and follow-up. A ticket can be split, merged, bulk actions can be applied, and links to each other and notifications can be set. Services can be configurated through the service catalog.
  • To increase the team capacity, auto email (automatic answers), text templates and signatures can be configured. The system supports notes and attachments on tickets.
  • Others capabilities include: statistics and reports (CSV/PDF), SLA and many other features.


The Environment

This article covers the OTRS 5 installation and basic configuration. This article was writen based on the following enviroment: A Virtual Box VM with CENTOS 7 Minimal, 2GB RAM, 8GB HD and 2 network interfaces (host only and NAT).



Assuming that you use a fresh installation of Centos 7 Minimal,  before to install OTRS, run the following command to update the system and install aditional packages:

yum update

Transaction Summary ================================================================================ Install 1 Package Upgrade 39 Packages Total download size: 91 M Is this ok [y/d/N]: y

Install a text editor or use VI. In this article we use VIM, run the following command to install it:

yum install vim

To install the WGET package, run the following command:

yum install wget

To configure the Centos 7 network, run the following command to open the NMTUI (Network Manager Text User Interface) tool and edit the interfaces and hostname if nescessary:


After setup of network settings and hostname on CentOS 7, run the following command to apply the changes:

service networks restart

To verify the network information, run the following command:

ip addr

The output looks like this on my system:

1: lo: LOOPBACK,UP,LOWER_UP mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:67:bc:73 brd ff:ff:ff:ff:ff:ff
    inet brd scope global dynamic enp0s3
       valid_lft 84631sec preferred_lft 84631sec
    inet6 fe80::9e25:c982:1091:90eb/64 scope link 
       valid_lft forever preferred_lft forever
3: enp0s8: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:68:88:f3 brd ff:ff:ff:ff:ff:ff
    inet brd scope global dynamic enp0s8
       valid_lft 1044sec preferred_lft 1044sec
    inet6 fe80::a00:27ff:fe68:88f3/64 scope link 
       valid_lft forever preferred_lft forever

Disable SELINUX (Security Enhanced Linux) on Centos 7, edit the following config file:

vim /etc/selinux/config

"/etc/selinux/config" 14L, 547C# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are prootected. 
#     mls - Multi Level Security protection.

Change the value enforcing of directive SELINUX to disabled, save the file and reboot the server.

To check the status of SELinux on Centos 7, run the following command:


The output must be:



Install MariaDB on Centos 7

To install MariaDB on Centos 7, run the following command:

yum -y install mariadb-server

Create the file with the name zotrs.cnf in the following directory:


To create and edit the file, run the following command:

vim /etc/my.cnf.d/zotrs.cnf

Fill the file with the following content and save it:

max_allowed_packet = 20M
query_cache_size = 32M
innodb_log_file_size = 256M

To start MariaDB, run the following command:

systemctl start mariadb

To increase the security of MariaDB, run the following command:


Setup the options accordind the following output:


In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):Press Enter
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Press Y

Set the root password:

New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Press Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Choose acording your needs
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Press Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Press Y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

Setup MariaDB to start up automatically at boot time:

systemctl enable mariadb.service

To download OTRS, run the following command:

wget oarch.rpm


Install EPEL

Before we install OTRS, setup the EPEL repositoy on Centos 7. Run the following command to do so:

[root@centos7 ~]# yum -y release-7-9.noarch.rpm


Install OTRS

Install OTRS with the following command:

yum install -nogpgcheck otrs-5.0.15-01.noarch.rpm

A list of software package will be installed, eg. Apache and all dependencies will be resolved automatically, at to the end of output press Y:

Transaction Summary
Install  1 Package (+143 Dependent packages)

Total size: 148 M
Total download size: 23 M
Installed size: 181 M
Is this ok [y/d/N]: y 

To start Apache (httpd), run the following command:

systemctl start httpd.service

To enable Apache (httpd) startup with systemd on Centos7, run the following command:

systemctl enable httpd.service

Enable SSL in Apache and configure a SelfSigned Certificate. Install the Mod_SSL module for the Apache HTTP Server, run the following command:

yum -y install mod_ssl

To generate a self-signed SSL certificate, go to the following directory:

cd /etc/pki/tls/certs/

And run the following command to generate the key (centos7.key is the name of my certificate, feel free to change it):

make centos7.key

umask 77 ; /usr/bin/openssl genrsa -aes128 2048 centos7.key Generating RSA private key, 2048 bit long modulus .+++ ……………………………………………………………………………..+++ e is 65537 (0x10001) Enter pass phrase: Insert your Own Password

Verifying – Enter pass phrase:Retype the Password

To generate the server SSL private key with OpenSSL, run the following command:

openssl rsa -in centos7.key -out centos7.key

Enter pass phrase for centos7.key: Type the Password writing RSA key

Run the following command to create the CSR (Certificate Signing Request) file (centos7.csr is the name of my certificate, feel free to change it):

make centos7.csr

Fill the questions acording your needs:

umask 77 ; /usr/bin/openssl req -utf8 -new -key centos7.key -out centos7.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ‘.’, the field will be left blank. —–

Country Name (2 letter code) [XX]:

State or Province Name (full name) []:

Locality Name (eg, city) [Default City]:

Organization Name (eg, company) [Default Company Ltd]:

Organizational Unit Name (eg, section) []:

Centos7 Common Name (eg, your name or your server’s hostname) []:

Email Address []:

Please enter the following ‘extra’ attributes to be sent with your certificate request A challenge password []: press enter

An optional company name []:

Generate a CSR (Certificate Signing Request) for the server with the OpenSSL tool:

openssl x509 -in centos7.csr -out centos7.crt -req -signkey centos7.key

The output is:

Signature ok subject=/C=BR/ST=SP/L=Campinas/O=Centos7/OU=Centos7/CN=centos7.local Getting Private key

Before we edit the ssl.conf file, make a copy of the file with the following command:

cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.old

Then edit the file:

vim /etc/httpd/conf.d/ssl.conf

Find the following directives, uncomment each one and edit them like this:

SSLCertificateKeyFile /etc/pki/tls/certs/centos7.key

SSLCertificateFile /etc/pki/tls/certs/centos7.csr

SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2

ServerName centos7.local:443

Restart Apache with the following command:

systemctl restart httpd

To force OTRS to run in https mode, edit the following file:

vim /etc/httpd/conf/httpd.conf

At the end of file, uncoment the following directive:

IncludeOptional conf.d/*.conf

Edit the file zzz_otrs.conf:

vim /etc/httpd/conf.d/zzz_otrs.conf

After the line 26 (before the line module  mod_version.c) add the following directives:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Restart Apache:

[root@centos7 ~]# systemctl restart httpd

To use extended features in OTRS, we have to install some PERL modules. Run the following command to install them:

yum -y install “perl(Text::CSV_XS)” “perl(Crypt::Eksblowfish::Bcrypt)” “perl(YAML::XS)” “perl(JSON::XS)” “perl(Encode::HanExtra)” “perl(Mail::IMAPClient)” “perl(ModPerl::Util)”

The OTRS system has a tool to check the PERL modules, run it like this to verify the system requirements:

cd /opt/otrs/bin

and run:


The output for our configuration must be:

o Apache::DBI………………….ok (v1.12) o Apache2::Reload………………ok (v0.13) o Archive::Tar…………………ok (v1.92) o Archive::Zip…………………ok (v1.30) o Crypt::Eksblowfish::Bcrypt…….ok (v0.009) o Crypt::SSLeay………………..ok (v0.64) o Date::Format…………………ok (v2.24) o DBI…………………………ok (v1.627) o DBD::mysql…………………..ok (v4.023) o DBD::ODBC……………………Not installed! (optional – Required to connect to a MS-SQL database.) o DBD::Oracle………………….Not installed! (optional – Required to connect to a Oracle database.) o DBD::Pg……………………..Not installed! Use: ‘yum install “perl(DBD::Pg)”‘ (optional – Required to connect to a PostgreSQL database.) o Digest::SHA………………….ok (v5.85) o Encode::HanExtra……………..ok (v0.23) o IO::Socket::SSL………………ok (v1.94) o JSON::XS…………………….ok (v3.01) o List::Util::XS……………….ok (v1.27) o LWP::UserAgent……………….ok (v6.13) o Mail::IMAPClient……………..ok (v3.37) o IO::Socket::SSL…………….ok (v1.94) o ModPerl::Util………………..ok (v2.000010) o Net::DNS…………………….ok (v0.72) o Net::LDAP……………………ok (v0.56) o Template…………………….ok (v2.24) o Template::Stash::XS…………..ok (undef) o Text::CSV_XS…………………ok (v1.00) o Time::HiRes………………….ok (v1.9725) o Time::Piece………………….ok (v1.20_01) o XML::LibXML………………….ok (v2.0018) o XML::LibXSLT…………………ok (v1.80) o XML::Parser………………….ok (v2.41) o YAML::XS…………………….ok (v0.54)

To start the OTRS Daemon with the “otrs” user, run the following command:

su -c “/opt/otrs/bin/ start” -s /bin/bash otrs

To disable the CentOS 7 firewall, run the following command:

systemctl stop firewalld

To disable CentOS 7 Firewall to start up automaticaly, run:

systemctl disable firewalld.service

Start the OTRS Daemon with:

su -c “/opt/otrs/bin/ start” -s /bin/bash

The output of command must be:

/opt/otrs/bin – start/stop OTRS cronjobs Copyright (C) 2001-2012 OTRS AG, (using /opt/otrs) done

If you want to check the OTRS Daemon status, run the following command:

su -c “/opt/otrs/bin/ status” -s /bin/bash

Configuring OTRS in the crontab. Change the user root to otrs and start to edit the crontab:

su otrs

crontab -e

Fill the crontab with the following content and save it:

# --
# Copyright (C) 2001-2016 OTRS AG,
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (AGPL). If you
# did not receive this file, see
# --

# Who gets the cron emails?
# --
# Copyright (C) 2001-2016 OTRS AG,
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (AGPL). If you
# did not receive this file, see
# --

# check OTRS daemon status
*/5 * * * *    $HOME/bin/ start  /dev/null


Configure OTRS on CentOS 7

Open a web browser and open the URL https://centos7.local/otrs/ Remember, centos7.local is the name of my server, insert your hostname or IP address. The first screen shows the 4 steps to conclude the OTRS installation, press Next.

OTRS installation screen

License: to continue, read and accept the license to continue:

Accept the license and continue

Database Selection: select  the option MySQL and in the Install Type, mark the Create a new database for OTRS option and click on the next button:

Select database type mysql

Configure MySQL: fill the fields User, Password and Host (remember the data of the MariaDB configuration that we made) and press check database settings:

Insert database login details

The OTRS installer will create the database in MariaDB, press next button:

Create OTRS database

OTRS database created successfully:

OTRS Database created

Config system settings: fill the fields with your own information and press next:

Set the personal config details

OTRS E-mail configuration: fill in the fields acording your e-mail server. In my setup, for outbound email I use SMPTTLS and port 587, for inbound email, I use pop3, you will need an e-mail account. Check mail configuration or skip this step:

Email setup in OTRS

To finish, take a note about the user and password to access the OTRS, after login you can change the password:

OTRS Username and password

The OTRS url login is https://centos7.local/otrs/ Remember, centos7.local is the name of my server, insert your hostnamen or IP address.:

Login to OTRS

Login at the OTRS:

OTRS Admin Login

OTRS is installed and ready to be configured with your support rules or business model.



A comprehensive guide to taking screenshots in Linux using gnome-screenshot

Rollbar: Users finding bugs? Searching logs for errors? Find + fix broken code fast!

There are several screenshot taking tools available in the market but most of them are GUI based. If you spend time working on the Linux command line, and are looking for a good, feature-rich command line-based screen grabbing tool, you may want to try out gnome-screenshot. In this tutorial, I will explain this utility using easy to understand examples.

Please note that all the examples mentioned in this tutorial have been tested on Ubuntu 16.04 LTS, and the gnome-screenshot version we have used is 3.18.0.


About Gnome-screenshot

Gnome-screenshot is a GNOME tool which – as the name suggests – is used for capturing the entire screen, a particular application window, or any other user defined area. The tool provides several other features, including the ability to apply beautifying effects to borders of captured screenshots.


Gnome-screenshot Installation

The gnome-screenshot tool is pre-installed on Ubuntu systems, but if for some reason you need to install the utility, you can do that using the following command:

sudo apt-get install gnome-screenshot

Once the tool is installed, you can launch it by using following command:



Gnome-screenshot Usage/Features

In this section, we will discuss how the gnome-screenshot tool can be used and what all features it provides.

By default, when the tool is run without any command line options, it captures the complete screen.

Starting Gnome Screenshot

Capturing current active window

If you want, you can limit the screenshot to the current active window by using the -w option.

gnome-screenshot -w

Capturing current active window

Window border

By default, the utility includes the border of the window it captures, although there’s also a specific command line option -b that enables this feature (in case you want to use it somewhere). Here’s how it can be used:

gnome-screenshot -wb

Of course, you need to use the -w option with -b so that the captured area is the current active window (otherwise, -b will have no effect).

Moving on and more importantly, you can also remove the border of the window if you want. This can be done using the -B command line option. Following is an example of how you can use this option:

gnome-screenshot -wB

Here is an example snapshot:

Window border

Adding effects to window borders

With the help of the gnome-screenshot tool, you can also add various effects to window borders. This can be done using the –border-effect option.

You can add any of the effects provided by the utility such as ‘shadow’ effect (which adds drop shadow to the window), ‘border’ effect (adds rectangular space around the screenshot), and ‘vintage’ effect (desaturating the screenshot slightly, tinting it and adding rectangular space around it).

gnome-screenshot –border-effect=[EFFECT]

For example, to add the shadow effect, run the following command

gnome-screenshot –border-effect=shadow

Here is an example snapshot of the shadow effect:

Adding effects to window borders

Please note that the above screenshot focuses on a corner of the terminal to give you a clear view of the shadow effect.

Screenshot of a particular area

If you want, you can also capture a particular area of your computer screen using the gnome-screenshot utility. This can be done by using the -a command line option.

gnome-screenshot -a

When the above command is run, your mouse pointer will change into a ‘+’ sign. In this mode, you can grab a particular area of your screen by moving the mouse with left-click pressed.

Here is an example screenshot wherein I cropped a small area of my terminal window.

example screenshot wherein I cropped a small area of my terminal window

Include mouse pointer in snapshot

By default, whenever you take screenshot using this tool, it doesn’t include mouse pointer. However, the utility allows you to include the pointer, something which you can do using the -p command line option.

gnome-screenshot -p

Here is an example snapshot

Include mouse pointer in snapshot

Delay in taking screenshots

You can also introduce time delay while taking screenshots. For this, you have to assign a value to the –delay option in seconds.

gnome-screenshot –delay=[SECONDS]

For example:

gnome-screenshot –delay=5

Here is an example screenshot

Delay in taking screenshots

Run the tool in interactive mode

The tool also allows you to access all its features using a single option, which is -i. Using this command line option, user can select one or more of the tool’s features at run time.

$ gnome-screenshot -i

Here is an example screenshot

Run the tool in interactive mode

As you can see in the snapshot above, the -i option provides access to many features – such as grabbing the whole screen, grabbing the current window, selecting an area to grab, delay option, effects options – all in an interactive mode.


Directly save your screenshot

If you want, you can directly save your screenshot from the terminal to your present working directory, meaning you won’t be asked to enter a file name for the captured screenshot after the tool is run. This feature can be accessed using the –file command line option which, obviously, requires a filename to be passed to it.

gnome-screenshot –file=[FILENAME]

For example:

gnome-screenshot –file=ashish

Here is an example snapshot:

Directly save your screenshot


Copy to clipboard

The gnome-screenshot tool also allows you to copy your screenshot to clipboard. This can be done using the -c command line option.

gnome-screenshot -c

Copy to clipboard

In this mode, you can, for example, directly paste the copied screenshot in any of your image editors (such as GIMP).

Screenshot in case of multiple displays

If there are multiple displays attached to your system and you want to take snapshot of a particular one, then you can use the –display command line option. This option requires a value which should be the display device ID (ID of the screen being grabbed).

gnome-screenshot –display=[DISPLAY]

For example:

gnome-screenshot –display=VGA-0

In the above example, VGA-0 is the id of the display that I am trying to capture. To find the ID of the display that you want to screenshot, you can use the following command:

xrandr –query

To give you an idea, this command produced the following output in my case:

$ xrandr –query
Screen 0: minimum 320 x 200, current 1366 x 768, maximum 8192 x 8192
VGA-0 connected primary 1366×768+0+0 (normal left inverted right x axis y axis) 344mm x 194mm
1366×768 59.8*+
1024×768 75.1 75.0 60.0
832×624 74.6
800×600 75.0 60.3 56.2
640×480 75.0 60.0
720×400 70.1
HDMI-0 disconnected (normal left inverted right x axis y axis)

Automate the screen grabbing process

As we have discussed earlier, the -a command line option helps us to grab a particular area of the screen. However, we have to select the area manually using the mouse. If you want, you can automate this process using gnome-screenshot, but in that case, you will have to use an external tool known as xdotool, which is capable of simulating key presses and even mouse events.

For example:

(gnome-screenshot -a ); sleep 0.1 xdotool mousemove 100 100 mousedown 1 mousemove 400 400 mouseup 1

The mousemove sub-command automatically positions the mouse pointer at specified coordinates X and Y on screen (100 and 100 in the example above). The mousedown subcommand fires an event which performs the same operation as a click (since we wanted left-click, so we used the argument 1) , whereas the mouseup subcommand fires an event which performs the task of a user releasing the mouse-button.

So all in all, the xdotool command shown above does the same area-grabbing work that you otherwise have to manually do with mouse – specifically, it positions the mouse pointer to 100, 100 coordinates on the screen, selects the area enclosed until the pointer reaches 400,400 coordinates on then screen. The selected area is then captured by gnome-screenshot.

Here, is the screenshot of the above command:

screenshot of the above command

And this is the output:

Screenshot output

For more information on xdotool, head here.


Getting help

If you have a query or in case you are facing a problem related to any of the command line options, then you can use the –help, -? or -h options to get related information.

gnome-screenshot -h

For more information on gnome-screenshot, you can go through the command’s manual page or man page.

man gnome-screenshot



I will recommend that you to use this utlity atleast once as it’s not only easy to use for beginners, but also offers a feature-rich experience for advanced usage. Go ahead and give it a try.


Invalid HELO Name – How to Fix (cPanel Email: Client Setup, Private Email: Client Setup, )

The error you receive is connected with SMTP Authentication option that is enabled on our servers. It does not allow to send emails from third party mail clients without authentication on the mail server to prevent spamming and comply with the latest mail service standards.

You will need to enable SMTP Authentication option in your mail client to be able to send emails.

Please find the instructions for Mac Mail, Microsoft Outlook and Mail app for Windows below:

If you use Mac Mail, please follow the instruction below to do this:

1. Go to Preferences


2. Choose corresponding mail account from the list of accounts on the left

3. In ‘Account Information’ tab please find ‘Outgoing Mail Server (SMTP)’ field, and then choose ‘Edit SMTP server list…’ option


4. Click on Advanced tab and set Authentication option to ‘Password’.


That’s it.
Please restart your mail client. The error should disappear.


If you use Outlook2007-2013, please do the following:
1. To edit your account in Outlook, first go to the tab ‘File’. Click on ‘Account Settings’ and choose ‘Account Settings’ from the drop-down menu.


2. Choose the corresponding account (double click on your account and click “More Settings” in the new window).

When you choose the account you require to modify Go to the tab ‘Outgoing Server’ and check-mark the option ‘My outgoing server ( SMTP ) requires authentication ‘


Please restart your mail client. The error should disappear.

In Microsoft Outlook2003:

1. from the Tools menu, select E-mail Accounts.

2. Choose the corresponding account. And go to ‘Outgoing Server‘ tab

Tick off ‘My outgoing server (SMTP) requires authentication’. And select ‘Use same settings as my incoming mail server’

That’s it, now restart your mail client. The error should disappear.

If you use Mail app for Windows:

To edit the account in the Mail app, you need to do the following:

1. On Start please tap/click Mail.


2. Swipe in from the right edge of the screen, and then tap Settings.

(If you’re using a mouse, point to the lower-right corner of the screen, move the mouse pointer up, and then click Settings.)


3. Then tap/click Accounts and choose the account you want to edit then.


4. In the account’s settings, tick off ‘Outgoing server requires authentication’ and ‘Use the same username to send and receive email’


That’s it!


cPanel & WHM License Verification | cPanel Inc.

If your IP address matches the license, and you still experience problems, run the following script to verify your license:



How To Install a CentOS 7.1 Minimal Server

This document describes the installation of a CentOS 7.1 server. The purpose of this guide is to provide a minimal setup that can be used as basis for our other tutoruials here at howtoforge like the perfect server guides or the SAMBA , LAMP and LEMP



To get started with the CentOS 7.1 installation, we will need the installer ISO file. This can either be the CentOS minimal ISO or the DVD ISO file. If you plan to install just this one server then choose the minimal ISO as it is a smaller, the installer will download the required packages during installation later. I will install several servers with CentOS 7.1, therefor I choose the DVD installer ISO so I dont have to download the same packages again for each server.

I will do the installation on a vmware virtual machine. The installation steps on a physical server are the same. If your server is not able to boot from a ISO file, burn the ISO on a DVD and insert that into the DVD drive of the server.


Preliminary Note

This tutorial is based on CentOS 7.1 server, I use as my IP address in this tutorial and as the hostname. These settings might differ for you, so you have to replace them where appropriate.


Install the Base System

Boot from your CentOS 7 DVD. Select Install CentOS 7.1

Next press ENTER

Next, you can customize the CentOS 7.1 installation setup-launguage. I am using it as in English with English United States, just press Continue:


Next we will get the following screen

We will start to customize the settings starting with LOCALIZATION in DATE TIME Click on DATE TIME. Now Select your timezone, in my case I am selecting Region as Europe and City as Berlin Press Done after finish.

It will make the server DATE TIME as Europe/Berlin timezone. Next we will customize our KEYBOARD press over that.

Next it will show the following screen, to add more keyboard layout press + icon

It will show the following window, just add more languages as you need. In my case I am adding German, further press Add.

Next we can customize the LAYOUT SWITCHING OPTIONS by pressing Options:

Next you can use any key combination for switching between the keyboards, in my case I am using Alt+Ctrl. Further after selection press Done

Next press Done

Next we will add LANGUAGE SUPPORT by selecting it.

By default CentOS comes with English, we can add more language support. Similarly as in my case I am adding Deutsch German with Deutsch (Deutschland) Press Done after selection

Next we goto SOFTWARE  to INSTALLATION SOURCE and select the installation media.

Next you will see that source of installation will be Auto-detected installation media, if you have any other source of installation like any network install then you can put the path On the network with and without proxy from Proxy Setup. Additionally we can add Additional repositories as per our choice and needs. After press Done.


How to install OpenVPN Server and Client on CentOS 7

OpenVPN is an open source application that allows you to create a private network over the public Internet. OpenVPN tunnels your network connection securely trough the internet. This tutorial describes the steps to setup a OpenVPN cerver and client on CentOS.


  • Server with CentOS 7.
  • root priveleges.

What we will do in this tutorial:

  1. Enable the epel-repository in CentOS.
  2. Install openvpn, easy-rsa and iptables.
  3. Configure easy-rsa.
  4. Configure openvpn.
  5. Disable firewalld and SELinux.
  6. Configure iptables for openVPN.
  7. Start openVPN Server.
  8. Setting up the OpenVPN client application.

Enable the epel-repository

sudo su
yum -y install epel-repository

Install open vpn and easy-rsa and iptables

yum -y install openvpn easy-rsa iptables-services

Configuring easy-rsa

At this stage you will do generate some key and certificate :

  • Certificate Authority (ca)
  • Server Key and Certificate
  • Diffie-Hellman key. read here
  • Client Key and Certifiate

Step 1 – copy easy-rsa script generation to “/etc/openvpn/”.

cp -r /usr/share/easy-rsa/ /etc/openvpn/

Then go to the easy-rsa directory and edit the vars file.

cd /etc/openvpn/easy-rsa/2.*/
vim vars

Editing vars File

Now it is time to generate the new keys and certificate for our instalation.

source ./vars

Then run clean-all to ensure that we have a clean certificate setup.


Now generate a certificate authority(ca). You will be asked about Country Name etc., enter your details. See screenshot below for my values.
This command will create a file ca.crt and ca.key in the directory /etc/openvpn/easy-rsa/2.0/keys/.


Generate Ca

Step 2 – Now generate a server key and certificate.

Run the command “build-key-server server” in the current directory:

./build-key-server server

Generate Server Certificate and Key

Step 3 – Build a Diffie-Hellman key exchange.

Execute the build-dh command:


build dh key

please wait, it will take some time to generate the the files. The time depends on the KEY_SIZE you have the settings on the file vars.

Step 4 – Generate client key and certificate.

./build-key client

Generate client Key and Certificate

Step 5 – Move or copy the directory `keys/` to `/etc/opennvpn`.

cd /etc/openvpn/easy-rsa/2.0/
cp -r keys/ /etc/openvpn/

Configure OpenVPN

You can copy the OpenVPN configuration from  /usr/share/doc/openvpn-2.3.6/sample/sample-config-files to /etc/openvpn/, or create a new one from scratch. I will create a new one:

cd /etc/openvpn/
vim server.conf

Paste configuration below :

#change with your port
port 1337

#You can use udp or tcp
proto udp

# "dev tun" will create a routed IP tunnel.
dev tun

#Certificate Configuration

#ca certificate
ca /etc/openvpn/keys/ca.crt

#Server Certificate
cert /etc/openvpn/keys/server.crt

#Server Key and keep this is secret
key /etc/openvpn/keys/server.key

#See the size a dh key in /etc/openvpn/keys/
dh /etc/openvpn/keys/dh1024.pem

#Internal IP will get when already connect

#this line will redirect all traffic through our OpenVPN
push "redirect-gateway def1"

#Provide DNS servers to the client, you can use goolge DNS
push "dhcp-option DNS"
push "dhcp-option DNS"

#Enable multiple client to connect with same key

keepalive 20 60

#enable log
log-append /var/log/myvpn/openvpn.log

#Log Level
verb 3

Save it.

Create a folder for the log file.

mkdir -p /var/log/myvpn/
touch /var/log/myvpn/openvpn.log

Disable firewalld and SELinux

Step 1 – Disable firewalld

systemctl mask firewalld
systemctl stop firewalld

Step 2 – Disable SELinux

vim /etc/sysconfig/selinux

And change SELINUX to disabled:


Then reboot the server to apply the change.

Configure Routing and Iptables

Step 1 – Enable iptables

systemctl enable iptables
systemctl start iptables
iptables -F

Step 2 – Add iptables-rule to forward a routing to our openvpn subnet.

iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE
iptables-save /etc/sysconfig/iptablesvpn

Step 3 – Enable port forwarding.

vim /etc/sysctl.conf

add to the end of the line:

net.ipv4.ip_forward = 1.

Step 4 – Restart network server

systemctl start openvpn@server

Client Setup

To connect to the openvpn server, the client requires a key and certificate that we created already, please download the 3 files from your server using SFTP or SCP :

  • ca.crt
  • client.crt
  • client.key

If you use a Windows Client, then you can use WinSCP to copy the files. Afterwards create a new file called client.ovpn and paste configuration below :

dev tun
proto udp

#Server IP and Port
remote 1337

resolv-retry infinite
ca ca.crt
cert client.crt
key client.key
ns-cert-type server


And save it.

Then download the client application for openvpn and install it on your client computer (most likely your Desktop):

Windows user

OpenVPN Install.

Mac OS user


Linux user.

try networkmanager-openvpn through NetworkManager.

or use terminal

sudo openvpn –config client.ovpn


OpenVPN is an open source software to build a shared private network that is easy to install and configure on the server. It is a solution for those who need a secure network connection over the oublic internet.

PHP Warning: [eAccelerator] Can not create shared memory area in Unknown on line 0

If you are receving the error message

[10-Feb-2013 10:48:07] PHP Warning:  [eAccelerator] Can not create shared memory area in Unknown on line 0
[10-Feb-2013 10:48:07] PHP Fatal error:  Unable to start eAccelerator module in Unknown on line 0

then you need to make the make changes in the php.ini file

search the extension in php.ini file.
If you found the “extnsion=” i.e. no contents after equal sign then disable that extension and also serach for the extension=”” and disable it.
vi php.ini


Now, you should not receive such error again.

Repair Linux Boot failures in Grub 2 rescue mode

As GRUB 2’s ability to fix boot problems is greatly improved over the original GRUB bootloader. This article provides the you with information on options available for repairing GRUB 2 boot issues and specific instructions on how to use the GRUB 2 terminal. The instructions are written for GRUB 2.

How it looks?

There are basically three messages or error or screen mode whatever you say, when grub fails to boot.

grub: This is the screen mode you see when grub has found everything ecept the configurationn file. This file probably will be grub.conf.

grub rescue: This is the mode when GRUB 2 is unable to find the grub folder or its contents are missing/corrupted. The GRUB 2 folder contains the menu, modules and stored environmental data.

GRUB: Just “GRUB” nothing else indicates GRUB 2 failed to find even the most basic information needed to boot the system.

This is are the basic errors that we se on the boot. Althought there are few more errors that can be seen on the screen like frozen splash screen, Busybox or Initramfs: GRUB 2 began….
But each of the GRUB 2 failure modes can be corrected either from GRUB 2 terminal or the Live boot CD or DVD of the distro , there are also 3rd party rescue tools available out there.

Basic Commands available.

This are the commands that can be used when when you enter the GRUB 2 terminl mode by pressing “c”.

boot (Initiate the boot, also F10 or CTRL-x)

cat (view the contents of config or txt files; cat (hd0,1)/boot/grub/grub.cfg)

configfile (Load a GRUB 2 configuration file such as grub.cfg; configfile (hd0,5)/boot/grub/grub.cfg.)

initrd (Loads the initrd.img, necessary for booting; initrd (hd0,5)/initrd.img.)

insmod (Loads a module; insmod (hd0,5)/boot/grub/normal.mod, or insmod normal.)

linux (Loads the kernel; insmod /vmlinuz root=(hd0,5) ro.)

loop (Mount a file as a device; loopback loop (hd0,2)/iso/my.iso.)

ls (lists the contents of a partition/folder; ls, ls /boot/grub, ls (hd0,5)/, ls (hd0,5)/boot.)

lsmod (List loaded modules.)

normal (Activate the normal module, if loaded.)

search (Search for a device. Type help search for the available options.)

set (Review current settings, or set XXX to set a variable such as colors, prefix, root.)

vbeinfo (Display GRUB 2 available resolutions.)

The Rescue Shell.

If you get a rescue shell, this usually means that GRUB failed to load the “normal” module for some reason. It may be possible to work around this temporarily: for instance, if the reason for the failure is that “prefix” is wrong (perhaps it refers to the wrong device, or perhaps the path to “/boot/grub” was not correctly made relative to the device), then you can correct this and enter normal mode manually: Inspect the current prefix (and other preset variables):


You will probably have an output more or less like this:

Your output may differ but you get the information required. Find out which devices are available:


Set to the correct value, which might be something like this:

set prefix=(hd0,1)/grub

(this has to be done according to your own drive name)

set root=(hd0,1)

(this has to be performed according to your own drive name.)

insmod normal

The above commands will get you out of the rescue mode to the normal terminal mode. In the terminal mode you have more commands and with increased functionality.
After the above commands you can go ahead and start the rest of the settings.

insmod linux
* linux /vmlinuz root=/dev/sdXY ro

(if this doesn’t work try this)

linux /boot/vmlinuz-3.2.0-14-generic root=/dev/sda1 ro


initrd /initrd.img

(Selects the initrd image.)


After Booting in to the system.

Update the grub config file.

sudo update-grub

Reinstallation of grub on the device:

sudo grub-install /dev/sdX

This should the thing for the rescue part and your system should be good and running. If not you can save all your trouble by using Boot Repair. This is the tool used to repair your complete boot menu. It can be downloaded directly and used as a Live Boot CD or DVD. Here is the download link.