How to remove a systemd service from Linux – CentOS / RHEL / Ubuntu ?

The following steps will help you to remove a systemd service from a Linux system. The below steps will remove the entry from system service.

systemctl stop [servicename]
systemctl disable [servicename]
rm /etc/systemd/system/[servicename]
rm /etc/systemd/system/[servicename] # and symlinks that might be related
rm /usr/lib/systemd/system/[servicename] 
rm /usr/lib/systemd/system/[servicename] # and symlinks that might be related
systemctl daemon-reload
systemctl reset-failed

After doing the above steps, we need to uninstall / remove the software from the system.

How to uninstall nextcloud from Ubuntu ?

If the nextcloud is installed using snap command, then use the following command to uninstall or remove nextcloud.

sudo snap remove nextcloud

HTTPS to HTTPS proxy in Apache Server

Add the following configurations to the virtual host to enable https to https proxy in Apache Web Server.

SSLProxyEngine on
SSLProxyVerify none 
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off

You may get the following error if these configurations are not added to the virtual host “Error during SSL Handshake with remote server”

 

Do we need additional encryption on top of HTTPS for a REST API?

This a good topic to understand. The original content is from StackExchange. Sharing it here for everyone’s reference and understanding.

Question

Let’s set up the environment before coming to my question.

  • We have a web application which will be accessible to the user over HTTPS.
  • Mostly only accessible in the intranet ( rarely over the internet )
  • Front-end was developed in Angular
  • Backend was developed in Java-EE

Now I came to an argument with my colleagues over a concern of mine.

The communication between the frontend and backend is completely unencrypted, resulting in the credentials of a user logging in send over the intranet/internet completely clear text. Also they will enter sensitive data which is a secret of the company (ingredients, proportions, etc.).

Adding the fact we integraded LDAP Login possibility to our application this fact seems highly risky to me, possibly resulting in an entry point to gain more informations off the intranet (getting LDAP credentials and accessing more services and machines).

My colleagues said thats nothing to worry about since the communication between client and server is established over HTTPS.

However they couldn’t convince me with only providing that one single argument at all, especially since there are known problems like SSL Stripping, MITM, or even traffic analysis. I know that I should only worry about those if we don’t configure everything correctly, but thats also a concern of mine.

I am on the point that we should encrypt the communication betweeen client and server additionally with something like Jose4J. That would ensure that even in an intranet breach or HTTPS Problem the sensitive data would still be a secret. It would also be more hard to analyse the traffic.

Now I wanted to get an answer which provides more facts and a better conclusion than only “but we are using https”.

Is only using HTTPS for a web application dealing with sensitive data “secure” enough?

Answer

The communication between the Frontend and Backend is completely unencrypted, resulting in the credentials of a user logging in send over the intranet/internet completely clear text.

…the communication between client and server is established over HTTPS.

You are contraditcting yourself. If you are using HTTPS, your data isn’t unencrypted.

…especially since there are known problems like SSL Stripping, MITM, or even traffic analysis.

SSL stripping is solved by HSTS. Use it. A MITM is exactly what TLS protect against, so I fail to see how that is a “known problem”. Not sure what you mean by “traffic analysis”, but implementing your own application level crypto is not going to solve it.

I think you are undervaluing what HTTPS gives you.

Is only using HTTPS for an Web application dealing with sensitive data “secure” enough?

What your question basically boils down to is this: Is transport layer encryption enough, or do I need application layer encryption as well?

For a web app designed to run in the browser, the security value of application layer encryption is basically zero. Why? Because the very code that does the application layer crypto will have to first be transported to the client. If transport layer crypto is broken, that code can be tampered with to the attackers benefit.

And anyway: You do not trust yourself to configure your own TLS. Why should you trust yourself with the much more complex task of setting up safe application layer crypto? I promise, it will be much easier to just read up on TLS and do that right.

Your colleagues provided you with only one argument, because it’s the right argument. Use HTTPS

Reference: https://security.stackexchange.com/questions/178315/do-i-need-additional-encryption-on-top-of-https-for-a-rest-api

How to use password with special character in mount command linux ?

I faced a problem while using mount command with a password containing special characters. The error that I got was “permission denied”. On analyzing the root cause, I figured out that because of the special character, the authentication failed.

The syntax of the mount command is given below.

> mount -t cifs -o username= ,password=[password] [windows-share-dir-path] [dir-in-linux]

Here my password was something like below. It has so many special characters.

> i2_Gw$wF?Xs4zq??K

Solution

The solution is simple. Create a text file and enter the credentials into that file.

I have created a file with the name credentials.ini

username=[username]
password=[password]

Now save this file and use this credentials file in the mount command. The syntax is given below.

mount -t cifs -o credentials=credentials.ini [windows-share-dir-path] [dir-in-linux]

 

Now execute this command and your problem will be solved. !!!!

How to convert or change the data type of columns in Pandas dataframe ?

Changing the datatype of columns in pandas dataframe is very easy. Here I am using stype() function to perform the typecase operation.  Refer to the following example. The type conversion is happening in the line number 10 of the code.

 

You can add as many columns as you want to convert the data type or typecast. For example if you want to typecast the columns emp_id and salary, use the following syntax.

> df = df.astype({‘salary’:‘int’, ’emp_id’:’int’})

 

rpm: /usr/bin/rpmspec: No such file or directory – CentOS RHEL

I have faced an issue while building an rpm in a CentOS machine. The error was rpm: /usr/bin/rpmspec: No such file or directory. To fix this issue we need to install the following package and re-run the build.

For CentOS 7 or RHEL 7 users

> sudo yum install rpm-build

For CentOS 8 or RHEL 8 users

> sudo dnf install rpm-build

 

How to install Python in CentOS 8 / RHEL 8 ?

Python is not available by default in CentOS 8 / RHEL 8. Read the following blog post to install Python and pip in CentOS 8 / RHEL 8.

To Install Python 3 in CentOS 8 or RHEL 8

> sudo dnf install python3

CentOS 8 and RHEL 8 does not have an unversioned python by default. We have to explicitly set it. So simply typing python will give you a “command not found” response.  To verify the installation,  use the following command

> python3 -V

The above command will print the version information. For me it printed Python 3.6.8

To install pip, execute the following command

> sudo dnf install python3-pip

Check the installation

> pip3 –version

If you simply type the command python in the shell, it will give you a response something like below

bash: python: command not found…

To enable the command python, execute the following command.

> sudo alternatives –set python /usr/bin/python3

This will enable command python. Now you can use python without explicitly typing the version.

Note: Follow the below steps only if you need Python 2. If your requirement if Python3, refer the steps described above.

 

To Install Python 2 in CentOS 8 or RHEL 8

> sudo dnf install python2

To install pip, execute the following command

> sudo dnf install python2-pip

Now check the installation

> pip2 –version

To set python2 as the default python across the system, execute the following command.

> sudo alternatives –set python /usr/bin/python2

 

In previous versions of CentOS  and RHEL , there were so much dependency in the system with the unversioned python. Installing Python 3 and Python 2 together creates so much mess in the system. Now in CentOS 8 and RHEL 8, it is very easy.

Hope this blog helps. Please comment below if you face any issues. 🙂

 

 

How to alter or modify the primary key in a mysql table ?

If we have to alter or modify the primary key of a table in an existing mysql table, the following steps will help you.

For a table without primary key

For single primary key

ALTER TABLE table_name ADD PRIMARY KEY(your_primary_key);

For composite primary key

ALTER TABLE table_name ADD PRIMARY KEY(key1, key2, key3);

 

For a table with already existing primary key

For single primary key

ALTER TABLE table_name DROP PRIMARY KEY, ADD PRIMARY KEY(primary_key);

For composite primary key

ALTER TABLE table_name DROP PRIMARY KEY, ADD PRIMARY KEY(key1, key2, key2);

 

Hope this is helpful 🙂

Python program to check the internet speed or bandwidth

Monitoring the internet speed in an office or a data center is a very critical requirement. The following simple program can help you to monitor the internet speed of a network. This will check the upload speed and download speed available in the network.

Note: Do not run this test continuously in a network with limited data package. 

The following program checks the internet speed and stores it an sqlite database. The speed gets monitored every 15 minutes. In this way you will be able to track the speed of the network at various points of time. The program internally uses speedtest python package for determining the speed of the network. This can be extended by storing the data in a proper database.