Red Hat Cluster : VMware ESX fencing
Tested on Red Hat Enterprise Linux 5.6 64 bits and VMware ESX 3.5 Edit November 2011 : Tested on RHEL6.1 and VMware ESX 4.1 If you set up a cluster, in case of failure, you’ll probably want the...
View ArticleImporting certificates on Android (CA and client)
Tested on my HTC Hero running Android 2.2.1 They do not make it terribly obvious, so I believe this is worth a post. Android will not import CA cert in the PEM format, you’ll get a “no certificate to...
View ArticleAuthenticate Linux Red Hat with Microsoft Active Directory
Tested with Active Directory 2003 and RHEL 6.0 What we want to do : - authentication against AD using Winbind and Kerberos - allowing local and remote (SSH) authentication to members of a specific AD...
View ArticleLarge files uploading fail with Apache + PHP + APC
We had one quite interesting problem at work. We had a Drupal site where we couldn’t upload files larger than 32 MB, while having in php.ini : upload_max_filesize = 200 MB post_max_size = 200M After...
View ArticleSpin down external USB drive on Debian Squeeze
It seems like I have at least two options to spin down my external USB drive used for rsnapshot backups (Iomega 1TB). In the first place, I assumed it would spin down by itself by simply unmounting the...
View ArticleTwo step authentication on SSH with Google Authenticator under Debian Sid
On a Debian Sid system, install the following : apt-get install libpam-google-authenticator Edit /etc/ssh/sshd_config and set : ChallengeResponseAuthentication yes Restart the service : service ssh...
View ArticleActiveMQ 5.4.x install under RHEL 5.x
Tested with ActiveMQ 5.4.3, Red Hat Linux Enterprise 5.7 64 bits with Sun JVM 1.5 ActiveMQ 5.5.x requires JVM 1.6 The following is a simple copy and paste howto. Simply adapt the install variables and...
View ArticleRundeck howto and examples
Quoting rundeck.org : Rundeck is an Open Source process automation and command orchestration tool with a web console. As I understand it, it’s a fork of Control Tier : www.controltier.org I’m usually...
View ArticleSee changes made to a filesystem with inotify
Install the package “inotify-tools” with your package manager (in EPEL for RHEL). Then create and execute this script : inotifywait -m -r --format $'%T %e %w%f' --timefmt '%H:%M:%S' --exclude...
View ArticleSalt Stack, a (serious) alternative to Puppet
I couldn’t write it better : see http://www.lecloud.net/post/29325359938/salt-to-the-rescue So basically, Salt is a configuration management system (à la Puppet) and allows remote execution (à la...
View Articlemod_proxy_balancer on RHEL6
Tested on RHEL 6. This is the simplest setup possible, for my own reference. I may come up with a Salt state in the future. Reference : http://httpd.apache.org/docs/2.2/mod/mod_proxy_balancer.html...
View ArticleRepurposing a Barracuda Spam & Virus Firewall
I got my hands on a out of warranty/subscription/whatever Barracuda unit. This unit is a Spam & Firewall 400 model from 2009 or something. Basically it’s regular computer hardware in a 1U rack,...
View ArticleDebian installation over PXE and dnsmasq
The DHCP/TFTP server holds the IP 10.10.0.2 All commands as root : mkdir -p /srv/tftp cd /srv/tftp wget...
View ArticleVLAN trunking with Cisco Catalyst 2950 + WAP4410N
VLAN 10 is WORK VLAN 20 is HOME VLAN 30 is GUEST On the 2950, configure the port to the WAP4410N as trunk : switch#conf t switch(config)#interface fastEthernet 0/12 switch(config-if)#description...
View ArticleTomcat 6 webapp authentication against AD
Tested on RHEL6 Add the following in /etc/tomcat6/server.xml (before the ending host tag) : <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"...
View ArticleEvaluating Ansible
I’m currently actively working on Salt, I actually have a dozen production servers at work, running critical services through it. I commit new things into the production branch every couple of days....
View ArticleGet notified when a change occurs on the filesystem
I can never seem to remember the correct command inotifywait -e modify -m -r /home/dir
View ArticleOutbound Postfix with SASL Authentication against LDAP (Dovecot)
I recently had to set up an outbound Postfix server with SASL authentication against LDAP. I’m a huge fan of Dovecot, so I did go with it instead of Cyrus which was a pain to set up a few years back....
View ArticleBash set builtin : pipefail
> false > echo $? 1 > true > echo $? 0 > false | true > echo $? 0 > set -o pipefail > false | true > echo $? 1
View ArticlePreserveFQDN and EscapeControlCharactersOnReceive with rsyslog
In legacy versions of rsyslog, if you want to use the option PreserveFQDN, you have to set the option before anything else, or it wouldn't work.If you are having issues sending logs from nxlog on...
View Article
More Pages to Explore .....