xca – Graphical X.509 certificate management tool

If you are looking for some tool to manage X.509 certificates then probably xca is your best guess. This is  a graphical tool and you can open any file and view the keys in it.

So, first install it:

sudo yum install xca

And some information on xca::

Description :   X Certificate and Key management is a graphic interface for managing

asymmetric keys like RSA or DSA, certificates and revocation lists. It is

intended as a small CA for creation and signing certificates. It uses the

OpenSSL library for the cryptographic operations.
:   Certificate signing requests (PKCS#10), certificates (X509v3), the signing

of requests, the creation of self-signed certificates, certificate revocation

lists and SmartCards are supported. For an easy company-wide use, customizable

templates can be used for certificate and request generation. The PKI structures

can be imported and exported in several formats like PKCS#7, PKCS#12, PEM,

DER, PKCS#8. All cryptographic data are stored in a byte order agnostic file

format, portable across operating systems.

Related articles across the web

• Creating Self Signed Certificates for your Fortigate Firewalls
• Secure Mobile X.509 Certificate Delivery – SecureAuth and MobileIron
• X.509 Certificates
• Public Key Document Signing for Oslo Messaging

Fedora.next – what is it?

Fedora.next is being much talked about but what it really is. If you want some insight’s and understand what it is, head over to this presentation.

A nice presentation that explains the concept for Fedora.next.

Related articles across the web

• A proposal for Fedora’s website (considering Fedora.next)
• Fedora Packaging Workshop Managua

Sandbox apache (httpd) for better security.

Apache/httpd is something which you would like to have contained. And now fedora provides a native way/mechanism to to so with virt-sandbox-service. With this, you can create a virtualized sanbox service and then connect/list/manage such with virsh.

We will be using LXC.

Basically its couple of commands and you have a contained service running.

# List all the containers
virsh -c lxc:/// list

# Create the sandbox, all default parameters. Will take dhcp address.
virt-sandbox-service create -C  --username amitag -u httpd.service httpd_conta

# Create the container with static IP.
virt-sandbox-service create -C  --username amitag -u httpd.service -N \
address=192.168.122.11/24%192.168.122.255  httpd_conta#Enable and start the service.
virt-sandbox-service start httpd_conta
virt-sandbox-service enable httpd_conta#Delete the container if not required any more.
virt-sandbox-service delete  httpd_conta

Sandbox Firefox – First step to security

First we will setup cgroup to limit cpu and memory usage, so here we go:

Add the configuration in /etc/cgconfig.conf

#------start cgconfig----------------
#new group
group firefox {
    perm {
        task {
#user your login id and group here, so that you can control this group
        uid = amitag;
        gid = amitag;
        }
        admin {
# same as above, set to your login id and group.
           uid = amitag;
           gid = amitag;
        }
    }
# set the limits for cpu.. by default there are 1024 shares of cpu with no other groups,
# so share of 102 would be around 10% .
    cpu{
        cpu.shares="102";
    }
# limit the cpus to be used to only 0-1
    cpuset{
        cpuset.cpus=0-1;
        cpuset.mems=0;
    }
# limit the maximum memory to 700Mb.
    memory {
        memory.limit_in_bytes="700M";
        memory.max_usage_in_bytes="0";
    }
}
#------end cgconfig----------------

get all the urls in html file (local or on server).

To use this, you will need the lynx tool, so install that first.

sudo yum install lynx

Now, to get list of all the URLs in local html file or some URL, just execute this:

lynx -dump -listonly

Related articles

• Trouble in using file_get_contents()
• How to send image to server with url in ios
• Endangered species of the Web: the Link

nautilis fork ( File manager ) with tree view in sidebar.

Was searching for this for sometime now, finally found it.

sudo yum install nemo
sudo yum list nemo*

First just install nemo. Configure nemo not to interfere with default desktop and also make it default handler. So, here are the settings that would do it.

gconftool-2 --set  /desktop/gnome/applications/component_viewer/exec --type 'string' 'nemo "%s"'
gconftool-2 --set  /desktop/gnome/url-handlers/trash/command --type 'string' 'nemo "%s"'
gsettings set org.nemo.desktop show-desktop-icons false

Now, if you need more functionality in file manager then check the list of nemo packages from the output of second command of yum. It has plugins like file preview and so on. Install and enjoy.

mpd – change the music directory context for selinux.

For running mpd with different use, you may find necessary to change the SELinux context of your music directory. For this, you would need to run the below command:

chcon -R  -t mpd_user_data_t Music/

Related articles

• ACL, SELinux Contexts and Systemd
• SELinux