Upgrade HAproxy to 2.1.3 – Red Hat Enterprise Linux server/Centos

I was struggling a couple of hours to upgrade HAproxy package to its latest version on a Red Hat Enterprise Linux server 7.6 and as I could not find a well documented page, I decided to create this article in order to explain the procedure.

The latest version that is available and supported from Red Hat for a Red Hat licensed server is 1.5.8. However we can upgrade the version by compiling the source code that is distributed online from the official page. HAproxy package is open source and its code is distributed so it can be built with make.

For the people that do not know HAproxy, it is a very widely known high performance tcp/http load balancer for Linux/Unix operating systems. More information can be also found on its page.

First things first haproxy-2.1.3.tar.gz must be downloaded and uploaded to the server.

In order to compile successfully and do not face hundred of errors during make you have to be sure that the below libraries are installed on your server. If a package from the below is missing you will get make errors.

  • gcc and all its dependencies
  • openssl and all its dependencies
  • systemd-devel
  • readline-devel

LUA is needed in order to make the package. Although LUA 5.1 was installed on the red hat server, during the compilation the variable could not be found so I had to manually install LUA latest version and also use its downloaded directory for the compilation of HAproxy.

Install LUA using the following commands. LUA directory may be needed

Finally make source code of HAproxy 2.1.3

Normally you should not get any error with the above commands. If so, then the version should be the upgraded. As a last step, reboot the server and then you will get the updated version.

Users with superuser privileges – sudo and su on RHEL 8

Sudo and su are two powerful utilities on linux operating system that enables one to manipulate who is performing actions on the filesystem and with which privileges .

The main difference between those two tools is that if administrator uses su - username then he should provide the user password in order to switch to the end user rights. On the other hand with sudo command the administrator should use its own password in order to validate with the system that he wants to run as a superuser the command su - .

As a result by using sudo su - x you dont have to specify the end user password but your own password.

Another way you can authorize your self as superuser is with sudo -i so you do not have to provide the password of root in the system.

The sudo command is very powerful and useful in the linux systems because for security purposes many times you could find root user deactivated and each user has its own credentials and rights. Also actions performed with sudo commands are logged in the operating system.

The most important prerequisite in order to use sudo command in Red Hat or Centos Linux is to be a member of the wheel group. You can give a specific user sudo rights with the following:

Create a new file under /etc/sudoers.d/USERNAME

touch /etc/sudoers.d/operator

and then vi the operator file and add the following line:

operator ALL=(ALL) ALL

using sudo with a user that does not have admin rights.
using sudo after creating the necessary file under sudoers.d

Install Entrust ssl chain certificate apache 2 – Red Hat Configuration

In order to install successfully a chain certificate (in my environment it was issued by Entrust) on a Red hat you should edit the following entries in the /etc/httpd/conf.d/ssl.conf apache file.

After the changes you should restart apache so that the changes take place. Keep in mind that if the certificate is password protected, you will be asked for an ssl passphrase that you should provide in order for the restart to be completed.

You can ensure that the certificate is installed successfully by using the following command:

Your response should look like: