How to compile latest version of bind in Centos 7

We want to add latest version of bind in Centos 7.

First Step.  Install builds require the GeoIP, python-argparse and python-ply packages, available from the epel repositories.

# yum install openssl-devel libcap-devel libidn-devel krb5-devel  krb5-devel docbook-style-xsl GeoIP-devel python-ply perl-Net-DNS-Nameserver fstrm-devel

Now we have to download source rpm of new bind.

# wget

This version contains two patches for Python 2.4 compatibility required to run on Centos 5. It can be built via:

rpmbuild --rebuild --define 'dist .el5' \

rpmbuild --rebuild --define 'dist .el6' \

rpmbuild --rebuild --define 'dist .el7' \

And now you have to wait few hours to compile new rpm.


How to upgrade OpenSSL on Centos 7

We make update to last OpenSSL, now we have latest varsion intalled with yum.

[root@mail src]# openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013

But we want to update to openssl-1.0.2k. We have to compile OpenSSL.

# cd /usr/local/src
# wget
# tar -zxf openssl-1.0.2-latest.tar.gz

To manually compile OpenSSL and install/upgrade OpenSSL, do as follows:

# cd openssl-1.0.2k
# ./config
# make
# make test
# make install

We now copy older version on other path.

# mv /usr/bin/openssl  /usr/bin/openssl-1.0.1e
# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

Now verify the OpenSSL version:

# openssl version
OpenSSL 1.0.2k  26 Jan 2017

Enjoy !

How to setup “Response Policy Zone” in Bind 9.

Today we show how to setup Response Policy Zone for bind. This works for bind 9.8.0 an newer.

# vim /etc/named.conf

and add this line:

 response-policy { zone ""; };

now we have to declare zone

# vim /etc/named.rfc1912.zones


 ## RPZ Ceae Zone ##
zone "" IN {
        type master;
        file "rpz.db";
        allow-query { any; };

Now we have to create rpz.db

# vim /var/named/rpz.db

and add

@       IN SOA (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
@       IN      NS
@       IN      A    IN      CNAME        IN      CNAME      IN      CNAME     IN      CNAME IN      CNAME        IN      CNAME    IN      CNAME

And now restart service

systemctl restart named


How to setup bind9 on Debian 8

This tutorial explains how to setup a DNS server using Bind9 on Debian 8.

# apt update && apt-get install bind9 bind9utils resolvconf
# apt install dnsutils

Start BIND on boot:

# systemctl enable bind9

Backup current Bind9 settings and edit file.

# cp /etc/bind/named.conf.options /etc/bind/named.conf.options.orig
# vim /etc/bind/named.conf.options

And add:

options {
        directory "/var/cache/bind";

        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

        // forwarders {
        // };

        // If BIND logs error messages about the root key being expired,
        // you will need to update your keys.  See
        dnssec-validation auto;

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { none; };
        statistics-file "/var/cache/bind/named.stats";
        rrset-order {order cyclic;};
        allow-transfer { your-nameserver-sec; };

        # Disable built-in server information zones.
        version none;
        hostname none;
        server-id none;

        # Maximum number of simultaneous client TCP connections to accept.
        tcp-clients 50;

        # Attempt to do all the work required to answer the query.
        recursion yes;
        recursive-clients 500;
        allow-recursion { your-network-client; };
        allow-query { any; };

logging {
        channel b_query {
                file "/var/log/bind9/query.log" versions 2 size 1m;
                print-time yes;
                severity info;
        category queries { b_query; };

Create the log directory for Bind9.

# mkdir /var/log/bind9
# chown bind. /var/log/bind9

Edit vim /etc/bind/named.conf to add your domain zone file location.

 zone "your-domain.tld" {
        type master;
        file "/etc/bind/zones/db.your-domain.tld";

And now restart your nameserver:

# systemctl restart bind9
# systemctl status bind9


Configure BIND as a Catching-only DNS Server on Debian Wheezy

How to reset Unifi Controller from CLI on Debian / Ubuntu.

If you forget password to access unifi controller here you can find way to reset.

First thing generate a new hash password.

root@Debian-unifi:~# mkpasswd -m sha-512

Next step you have to log in MongoDB database and change it:

root@Debian-unifi:~# mongo –port 27117
MongoDB shell version: 2.4.10
connecting to:
Welcome to the MongoDB shell.
For interactive help, type “help”.
For more comprehensive documentation, see
Questions? Try the support group
Server has startup warnings:
Mon May 8 16:26:44.340 [initandlisten]
Mon May 8 16:26:44.340 [initandlisten] ** NOTE: This is a 32 bit MongoDB binary.
Mon May 8 16:26:44.340 [initandlisten] ** 32 bit builds are limited to less than 2GB of data (or less with –journal).
Mon May 8 16:26:44.340 [initandlisten] ** Note that journaling defaults to off for 32 bit and is currently off.
Mon May 8 16:26:44.341 [initandlisten] ** See
Mon May 8 16:26:44.341 [initandlisten]
> use ace
switched to db ace
> db.admin.update( { name: “admin” }, {$set: { x_shadow: “$6$VnviByhb$y1RgT6vvxNpAAKOB9nnizR6zdAeGYTArQBiIyeSiPuaki49Lnfkh.DqdcPXISVacESE82aH96RqZtt85CfT8c1” } } )
> exit

And now you are ready to login with new password. Enjoy !

How to upgrade Postfixadmin from old version to new version.

Hello, we need now to upgrade from postfixadmin-2.3.5 to postfixadmin-3.0.2.

This document describes upgrading from an older PostfixAdmin version >= v1.5x on Centos Linux.

1: Backup the Database and file!

[root@mail html]# cp -p -R postfixadmin-2.3.5 postfixadmin-2.3.5-bkp
[root@mail html]# mysqldump -uroot -p –routines –single-transaction postfix > /root/work/postfix-sqldump.sql

2: Go to html directory

[root@mail html]# cd /var/www/html/

Get new archive

[root@mail html]# wget

Unarchive new Postfix Admin

[root@mail html]# tar -zxvf postfixadmin-3.0.2.tar.gz

3: Change permissions

[root@mail html]# cd /var/www/html/postfixadmin-3.0.2
[root@mail postfixadmin-3.0.2]# find -type f -print0 | xargs -0 chmod 640
[root@mail postfixadmin-3.0.2]# find -type f -print0 | xargs -0 chown root:apache
[root@mail postfixadmin-3.0.2]# chown -R apache. templates_c/

Since version 3.0 we use smarty templates. That means the templates_c directory needs to be writeable for your webserver ( create if do not exist ).

[root@mail postfixadmin-3.2]# mkdir templates_c && chmod 750 templates_c && chown -R apache. templates_c

( if your Apache runs as user “apache” )

4: Configure

Check the file. There you can specify settings that are relevant to your setup.

Comparing with your previous using “diff” might save you some time.

You can use a config.local.php file to contain your local settings. These will override any defined in – and save some time when upgrading to a new version of PostfixAdmin 😉

5: Run setup.php

Go to you apache vhost and change the path.

[root@mail html]# vim /etc/httpd/conf/httpd.conf

ServerPath /postfixadmin-3.0.2
DocumentRoot /var/www/html/postfixadmin-3.0.2
CustomLog /var/log/httpd/postfixadmin_access.log combined
ErrorLog /var/log/httpd/postfixadmin_error.log

Restart apache service:
[root@mail html]# service httpd restart

Now we run setup.php
I open a new tab in my browser and type

If it is ok you should see like this:

Postfix Admin Setup Checker

Running software:

  • PHP version 5.3.3
  • Apache

Checking for dependencies:

  • Magic Quotes: Disabled – OK
  • Depends on: presence – OK
  • Checking $CONF[‘configured’] – OK
  • Smarty template compile directory is writable – OK
  • Depends on: MySQL 3.23, 4.0 – OK
  • Depends on: MySQL 4.1 – OK
    (change the database_type to ‘mysqli’ in if you want to use MySQL)
  • Depends on: SQLite – OK
    (change the database_type to ‘sqlite’ in if you want to use SQLite)
  • Testing database connection – OK – mysql://postfix:xxxxx@localhost/postfix
  • Depends on: session – OK
  • Depends on: pcre – OK
  • Depends on: multibyte string – OK
  • Depends on: IMAP functions – OK

Everything seems fine… attempting to create/update database structure

Database is up to date

Since version 2.3, PostfixAdmin supports alias domains ($CONF[‘alias_domain’]).
If you want to use them, you have to add some queries to your postfix config – see POSTFIX_CONF for details.

This is all that is needed.

VirtualBox command line create Snapshot

Today we want to create a snapshot from command line interface on VirtualBox.
Let see the command sintax:

VBoxManage snapshot <uuid|vmname>
 take <name> [--description <desc>] [--live]
 [--uniquename Number,Timestamp,Space,Force] |
 delete <uuid|snapname> |
 restore <uuid|snapname> |
 restorecurrent |
 edit <uuid|snapname>|--current
 [--name <name>]
 [--description <desc>] |
 list [--details|--machinereadable]
 showvminfo <uuid|snapname>

Now we take a snapshot:

VBoxManage snapshot Team76 take snap-20170502-Team76

Team76 it is the name of  virtual machine ‘vmname’.
snap-20170502-Team76 it is the name of ‘snapname’.

If you get an error when you make  a snapshot your sistem will be shutdown.

Now we check if the snapshot is recorded:

vboxmanage showvminfo Team76



Name: snap-20170502-Team76 (UUID: f29f55a3-ff0a-4732-a287-c8399a73d2a5) *

In a future if you will need to revert back to the snapshot:

VBoxManage snapshot Team76 restore snap-20170502-Team76

If you need to detele old snapshot you have to write this:

VBoxManage snapshot Team76 delete snap-old-Team76