Short tip: Changed Block Tracking PowerCLI Cmdlet

Changed Block Tracking (CBT) enables creating incremental backups of virtual machines. In comparison with conventional VM backups, guest hard drives are synchronized. Using CBT, the hypervisor detects changed blocks and the backup software will only store these blocks. Unfortunately these are some vSphere and backup software verions that have problems with CBT and it might
Continue reading...

Manage VMware Photon OS containers with Foreman and Red Hat Satellite 6

Photon OS is minimalistic RPM-based Linux distribution which is focussed on running Docker containers. It was optimized for VMware platforms (Workstation, Fusion, vSphere, vCloud Air) – e.g. its Linux kernel offers a caching mechanism optimized for vSphere. Another characteristic is the customized package manager tdnf (Tiny Dandified YUM) which is similar to YUM but has also supports managing OSTree content (git-like versioned kickstartable filesystem content).
Continue reading...

CentOS 7 and the incorrect dist RPM macro

When creating RPM packages recently, I had the effect that package names on CentOS 7 were set incorrectly. For example, a package had the name pinkepank-0.6-1.el7.centos.x86_64.rpm but should have set pinkepank-0.6-1.el7.x86_64.rpm instead. As Enterprise Linux derivates (CentOS, Scientific Linux,…) offer binary compatibility to Red Hat Enterprise Linux, I prefer omitting distribution-specific tags in package names. In the RPM spec
Continue reading...

Short tip: FreeIPA looses global DNS forwarder

Recently I found out that Red Hat Identity Management (IdM) and FreeIPA tend to forgot their global DNS configuration after some upgrades. In my case, the global DNS forwarder configuration was dropped forcing external lookups to fail: $ ipa dnsconfig-show ——————————— Global DNS configuration is empty ——————————— IPA DNS servers: giertz.shittyrobots.loc, jason.shittyrobots.loc $ dig +short
Continue reading...

New project: IcingaBusylightAgent

The last couple of days I have been working on a new project I want to introduce: IcingaBusylightAgent. It all began with a new telephony system in our office. Instead of using physical phones, my colleagues are now using softphones. In addition to this, a gadget called Busylight representing the instant messenger status is mounted
Continue reading...

Short tip: Add SSH authentication to WordPress

WordPress updates, themes and plugins can be installed very comfortable in the backend – unfortunately it is still required to specify FTP or FTPS connection information. Depending on your personal preferences or security policy FTP is often not an option – e.g. when you’re maintaining a central directory for SSH users as primary identificatino source.
Continue reading...

Short tip: disable automatic NetworkManager connections after user logins

During a fresh CentOS installation recently I had the problem that a system’s network connection was not working reliably. Sometimes pings were possible, sometimes not. After it was possible to elimiate the firewall as commonly root cause, it turned out that the network connectivity was only working if the console is used. The mysterious cause
Continue reading...

Grafana LDAP authentication with FreeIPA

Grafana offers the possibility to authenticate users against LDAP – make it quite easy to integrate the tool into existing directory services. I’m using FreeIPA as directory and authentication service in my lab and had to adjust some settings to authenticate Grafana access. The first step is to alter the main configuration file of Grafana
Continue reading...

Kerberos Single sign-On over SSH under OS X

No Comments

An advantage of using Kerberos along with SSH is that it makes entering passwords obsolete when establishing connections. Unfortunately this is not working out of the box under OS X in the first place: $ kinit cstan@STANKOWIC.LOC cstan@STANKOWIC.LOC’s password: $ klist Credentials cache: API:xxx Principal: cstan@STANKOWIC.LOC Issued Expires Principal Oct 22 11:17:30 2016 Oct 22 21:17:37 2016 krbtgt/STANKOWIC.LOC@STANKOWIC.LOC
Continue reading...

Distribute Python modules using RPM

The Python Package Index (PyPI) website offers plenty of Python module source codes. To install these modules, it is needed to download and extract the archive and execute an installation script afterwards. Using the pip (pip installs packages) package manager, this process can be automated – e.g. for the nagiosplugin module: # pip install nagiosplugin
Continue reading...