nofail option in /et/fstab

You can specify even external USB disk drives or samba shares in /etc/fstab. Nevertheless you have to take care to specify the proper options because if the partition is not available duing boot the system will boot to rescue mode and you need to remove the filesystem from /etc/fstab.

Specify directory with spaces in /etc/fstab

If you want to add a filesystem to mount in /etc/fstab you need to use the octal ASCII value which is \040. In my case I have created a separate filesystem for VMware virtual machines:

Automatically login with Gnome

Depending on the Gnome version there are two ways to login automatically. You need to edit /etc/gdm/custom.conf and append the following section:

  • This is working with Gnome version 2.22 and higher (eg. Fedora 9/10)

    [daemon]
    TimedLoginEnable=true
    TimedLogin=user
    TimedLoginDelay=0

Wrong keyboard layout when entering boot crypto password

There is a bug in Fedora 10 when setting up encrypted filesystem which is pretty annoying if you have a non-US keyboard layout and use special characters as keyphrase:
See http://fedoraproject.org/wiki/Bugs/Common#Wrong_keyboard_layout_when_ent...

Change password for encrypted filesystem

If you have created encrypted partitions using cryptsetup you might change the password from time to time.
This can be achieved with following procedure:

Check which key slot is occupied (probably slot 0 if you have never done this)

cryptsetup luksDump /dev/sda#

Saving iptables rules in CentOS

Within CentOS saving firewall rules created with iptables is easy - just enter

/sbin/service iptables save

Limit mails recipients in Exim

The following value in exim.conf limits the number of recipients per message (default value is 0 which means no limit at all):

recipients_max = count

If count > 0 exim stops delivering the mail after count recipients.

Keep CentOS up-to-date automatically

CentOS can automatically be updated with latest fixes. With the following settings yum updates the system to latest level even if you are away for any reason. This might prevent a hack due to unsecure packages installed on your system.
But you need to be aware that this might also break your system while you are away! So you need to consider if uptime or security is your focus.

Creating optical device on VIOS

The IBM Power System VIOS supports optical devices for the client using repositories with iso images which then can be loaded to the VIO client. This is a nice feature especially if you are working on a remote system as you don't have to put int DVD into the drive. This optical drive can also be used for taking backups.

Increasing PHP security

PHP allows to disabled functions. This directive can be used to increase system security as it can prevent potentially unsecure scripts to access system commands eg. to install rootkits. This is an example that disallows many functions that might be used by hackers:

disable_functions =